Attacks, Threats, and Vulnerabilities
Hackers Release Data Trove From Belarus in Bid to Overthrow Lukashenko Regime (Bloomberg) Pilfered data includes lists of alleged police informants and information on government spies.
‘An enormously valuable trove’: America’s race against Afghan data (POLITICO) Having seized Kabul, the Taliban can tap into government databases and communications data to go after U.S. allies who don’t get out.
ALTDOS hacking group wreaks havoc across Southeast Asia (The Record by Recorded Future) For the past eight months, a cybercrime group calling itself ALTDOS has been wreaking havoc across Southeast Asia, hacking companies left and right, in order to pilfer their data and ransom it back or sell it on underground forums.
From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits (The Citizen Lab) We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).
New iOS Zero-Click Exploit Defeats Apple 'BlastDoor' Sandbox (SecurityWeek) The University of Toronto's Citizen Lab finds a new iOS zero-click exploit in an iPhone surveillance campaign targeting bloggers, activists and dissidents in Bahrain.
OpenSSL Vulnerability Can Be Exploited to Change Application Data (SecurityWeek) The OpenSSL Project has patched a high-severity vulnerability that could allow an attacker to change an application’s behavior or cause the app to crash.
Q&A: The (Semi) Secret World of Scalping (PerimeterX) It’s easy to underestimate how far scalpers have come. Check out this short Q&A to learn why scalping bots pose more of a threat to your business than ever.
Hackers Could Increase Medication Doses Through Infusion Pump Flaws (Wired) It would take a determined hacker to break into the vulnerable B. Braun products, but the impact could be devastating.
Emerging Ransomware Groups: AvosLocker, Hive, HelloKitty, LockBit 2.0 (Unit42) Emerging ransomware groups to watch, according to Unit 42 researchers: AvosLocker, Hive Ransomware, HelloKitty and LockBit 2.0.
Fresh Phish: Fake Mandatory Covid-19 Vaccine Form (INKY) Phishers are always shifting their tactics, adapting to the changing environment like chameleons in the forest. They have been surfing people’s anxieties over the evolving coronavirus news for more than a year now, moving from one phase to the next with their campaigns.
As Delta Variant Spreads, COVID-19 Themes Make Resurgence In Email Threats (Proofpoint) Proofpoint researchers observed an increase in COVID-19 related threats since late June 2021. Threat actors are taking advantage of the increased interest and infection spread related to the Delta variant. Proofpoint researchers observed high-volume COVID-19 related campaigns from malware including RustyBuer, Formbook, and Ave Maria.
That email asking for proof of vaccination might be a phishing scam (Washington Post) As the pandemic continues, cybercriminals are capitalizing on each new anxiety.
This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto (CyberNews) We uncovered a network of wallet addresses used by scammers to store and cash out millions in cryptocurrencies.
How a gaming mouse can get you Windows superpowers! (Naked Security) When a helpful feature (that you probably didn’t need) turns into an exploitable vulnerability…
Data breach exposes California college student requests for COVID vaccine exemptions (The Mercury News) Personal information from students at a California college who requested a religious exemption from the COVID-19 vaccine has been posted online after an apparent data breach.
Chico State provides statement about COVID-19 vaccination data breach (KHSL News) A data breach at Chico State University exposed personal information of students who requested COVID-19 vaccination religious exemptions.
Is T-Mobile’s data breach going to hurt subscriber metrics? (FierceWireless) Wireless industry analysts shared their take on what impact the breach could have on customers staying or switching to T-Mobile. Consensus: Not much.
Details Disclosed for Zoom Exploit That Earned Researchers $200,000 (SecurityWeek) Researchers have disclosed the technical details of a zero-click Zoom exploit that earned them $200,000 at a hacking competition.
Scammers steal $2.3 million from small US town (The Record by Recorded Future) The Town of Peterborough, New Hampshire, said it lost $2.3 million after scammers tricked town employees into sending large payments to the wrong accounts.
Security Patches, Mitigations, and Software Updates
Hitachi ABB Power Grids TropOS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Low attack complexity
Vendor: Hitachi ABB Power Grids
Equipment: TropOS
Vulnerabilities: Injection, Inadequate Encryption Strength, Missing Authentication for Critical Function, Improper Authentication, Improper Validation of Integrity Check Value, Improper Input Validation
2.
Hitachi ABB Power Grids Utility Retail Operations and CSB Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.7
ATTENTION: Exploitable remotely
Vendor: Hitachi ABB Power Grids
Equipment: Retail Operations and Counterparty Settlement Billing (CSB)
Vulnerability: Insufficiently Protected Credentials
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to access database credentials, shut down the product, and access or alter system data.
Delta Electronics TPEditor (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Delta Electronics
Equipment: TPEditor
Vulnerability: Heap-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow for arbitrary code execution.
Advantech WebAccess/SCADA (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Advantech
Equipment: WebAccess/SCADA
Vulnerabilities: Open Redirect, Relative Path Traversal
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-168-03 Advantech WebAccess/SCADA that was published June 17, 2021, to the ICS webpage on us-cert.cisa.gov.
Trends
AppSec State Flash: Hackers Have It Easy! (NTT) Increasing Window of Exposure in critical industries like Utilities, Retail, and other high-profile sectors increases the risk for both supply chain type and ransomware exploits for organizations.
New Data-Driven Study Reveals 40% of SaaS Data Access is Unmanaged, Creating Significant Insider and External Threats to Global Organizations (PR Newswire) DoControl today announced a new report, Quantifying the Immense Risk of Unmanaged SaaS Data Access, which highlights how the vast amounts of...
HVAC Industry Needs to Prevent Ransomware from Entering Systems (Air Conditioning, Heating, & Refrigeration News) HVAC engineers and contractors need to become more aware of cybersecurity, and top management needs to support these efforts as well.
For cheaper insurance, Americans are surprisingly open to companies tracking Fitbits, grocery receipts, & much more (Breeze) The way insurance companies underwrite & price policies is changing, and data is at the center of that change. For cheaper insurance, Breeze found out just how much privacy Americans are willing to give up.
Marketplace
Automotive startup Upstream raises $62M Series C to scale cloud-based security (TechCrunch) Back in 2015, researchers Charlie Miller and Chris Valasek remotely hacked into a Jeep Cherokee driven by a Wired reporter, Andy Greenberg, in an attempt to warn the auto industry of potential pitfalls in their software and inspire legislation around automotive cybersecurity. It did that and more. …
Nexon acquires Brisbane MSSP Equate Technologies (CRN Australia) For its security expertise and range of large to mid-market customers.
How Cisco keeps its startup acquisition engine humming (TechCrunch) Cisco has a rich history of buying its way to global success. And it's remained quite active, acquiring more than 30 startups over the last four years for a total of 229 over the life of the company.
Perimeter 81 Named as a 2021 Leader in Zero Trust Network Access (BusinessWire) Perimeter 81, a leading innovator for Zero Trust Network Access and SASE (Secure Access Service Edge), announced today that the independent research f
New Barracuda Networks CEO on UK plans, Kaseya cyber-attack and why he is not yet declaring a vaccine mandate (CRN) Barracuda Networks' new CEO Hatem Naguib chats exclusively to CRN after taking over from BJ Jenkins
Infrastructure monitoring vendor LogicMonitor opens Melbourne office (CRN Australia) With four founding staff, after Aussie revenue grows 250%.
Astra Inc. Reports Record Annual Growth of 392% for Automated Transfers and Scales Customer Base By 10x in Q2 2021 (BusinessWire) Astra, a technology company that offers advanced bank-to-bank transfer solutions, today announced record-breaking volume growth of 392% as it continue
Seccom Global goes all in on Asia via Singapore (CRN Australia) Founders Maryanne and Michael Demery talk Asian expansion.
Why cyber security in Australia is riper for disruption than ever before (Defence Connect) Bruce Bennie from Juniper Networks highlights the evolving security risks posed by emboldened, malicious cyber actors.
U.S. Government Hiring More Cybersecurity Pros: What You Should Know (Dice Insights) Want a cybersecurity job? The U.S. government is hiring. DHS and CISA have let the security community know recruits are welcome.
Cybersecurity salaries in Scotland fell over past year, according to recruiter research (CRN) Randstad claims to have discovered decreases in Scotland while England and Ireland salaries rose
Forcepoint appoints new chief product officer (Intelligent CIO Middle East) Forcepoint, a global provider of data-first cybersecurity solutions, announced that Rees Johnson has joined the company as the chief product officer (CPO). In the role, Johnson will play a critical part as the company continues to deliver its data-first secure access service edge (SASE) solutions that enable enterprises and government agencies to protect the lifeblood […]
Pathwire Appoints Bug Bounty Hacker Jesse Kinser as CISO (BusinessWire) Pathwire announced the appointment of Jesse Kinser as CISO.
John P. Coughlan Joins StorCentric as Chief Financial Officer (StorCentric) Will Play Key Role in Helping Ensure StorCentric Continues to Lead in Data Management and Protection Space
Anthony Dumont Joins Constella Intelligence as Chief Revenue Officer (PR Newswire) Constella Intelligence, a leader in Digital Risk Protection, today announced that Anthony Dumont has joined the company as Chief Revenue...
Products, Services, and Solutions
IBM Expands Zero Trust Strategy Capabilities with New SASE Services to Modernize Network Security (IBM Newsroom) IBM Security today announced new Secure Access Service Edge (SASE) services designed to help accelerate organizations' adoption of cloud-delivered security at the edge, closer to the users and devices that access corporate resources.
eSentire Achieves AWS Level 1 Managed Security Service Provider (eSentire) A leader in Managed Detection and Response (MDR), eSentire protects cloud environments with 24/7 MDR to stop sophisticated attackers and prevent business disrupting events.
Tru Independence Enhances Cybersecurity Protection For Financial Advisors By Joining Forces With Armorblox (Blue Mountain Eagle) tru Independence, an open architecture platform that provides financial advisors with the dedicated back-office, compliance, marketing, and investment services needed to operate independently,
Akamai ‘API accelerators’ up developer edge game (ComputerWeekly) Although Akamai sounds a lot like it could be a Japanese games developer company, the organisation is in fact a cloud-services focused Content Delivery Network (CDN) business with a focus on cyber ...
IDology Extends Product Innovation Leadership Position with Advanced Verification Flexibility Capabilities (PR Newswire) IDology, a GBG Company, today announced ExpectID Flex API, a new product that empowers businesses to verify anyone, anywhere in the customer...
Cybersecurity Startup ActZero Announces Partnership with Tech Data (PR Newswire) /PRNewswire/ -- ActZero, a cybersecurity startup whose AI-driven managed detection and response (MDR) platform makes best-in-class security accessible for...
Technologies, Techniques, and Standards
LS-ISAO establishes Cyber Incident Response Committee to expand threat awareness for law firms (Help Net Security) LS-ISAO has established a new member-led group called the Cyber Incident Response Committee to guide peers on attack mitigation and recovery.
How Data Brokers Sell Access to the Backbone of the Internet (Vice) ISPs are quietly distributing "netflow" data that can, among other things, trace traffic through VPNs.
Academia
Back to school with the National Cyber Security Alliance's Education and Career Resources Library (Newsroom | TikTok) The safety and security of our global community is always a priority at TikTok. As families and students gear up for back-to-school season, we're also focused on inspiring the next generation of secur
Password Hygiene in Higher Education (LastPass) One of the many lessons learned from the pandemic is that today’s IT teams are easily overwhelmed by the vast volume of priorities and needs across any university or college campus. In this year alone, 88% of institutions suffered an IT security infringement because of poor password management.
Legislation, Policy, and Regulation
Cyber in the light of Kabul – uncertainty, speed, and assumptions. (The CyberWire) The Talban's swift assumption of power in Afghanistan holds lessons that apply equally to intelligence and cyber operations. It illustrates the implications of faulty assumptions and the difficulty of staying inside the opposition's OODA loop, especially when one's own concepts remain unclear.
South Korea parliament set to pass law to curb 'fake news' (Reuters) South Korea's ruling party is set to revise a media law to rein in "fake news" by giving courts the power to award much bigger damages but opponents said it would discourage reporters from delving into the shady dealings of the powerful.
Privacy Law Will Help China Flex Muscles on Digital Trade (WSJ) The Personal Information Protection Law, or PIPL, unveiled Friday imposes rules on how companies can use Chinese citizens’ data and the conditions firms must meet to share information with computer servers or business partners outside the country.
China blasts US over Afghanistan pullout, describes ‘effective’ talks with Taliban (Military Times) China considers Kabul to be an “important platform and channel for both sides to discuss important matters of all kinds.”
Afghanistan: World Bank halts aid after Taliban takeover (BBC News) The announcement comes after the International Monetary Fund halted aid to Afghanistan last week.
Under Taliban Rule, Life in Kabul Transforms Once Again (New York Times) Though the streets are quiet, Kabul residents describe a struggle to make ends meet in a reeling economy where banks and government offices are closed, and uncertainty reigns.
The Roads Not Taken in Afghanistan (Foreign Affairs) Despite Biden's claims, catastrophe was not inevitable
Al Qaeda is still in Afghanistan and the Taliban are still their allies (Task & Purpose) BFFs.
CIA Director William Burns held secret meeting in Kabul with Taliban leader Abdul Ghani Baradar (Washington Post) CIA Director William J. Burns held a secret meeting Monday in Kabul with the Taliban’s de facto leader, Abdul Ghani Baradar, in the highest-level face-to-face encounter between the Taliban and the Biden administration since the militants seized the Afghan capital, according to U.S. officials familiar with the matter who spoke on the condition of anonymity to discuss sensitive diplomacy.
U.S. begins military drawdown at Kabul airport; Biden to stick to Aug. 31 withdrawal deadline (Washington Post) The United States has begun to reduce its military presence at Kabul airport as President Biden seeks to stick to the Aug. 31 deadline for withdrawing from Afghanistan.
ISIS terrorist threats jeopardize Afghanistan evacuation, Pentagon assessment warns (POLITICO) The security in Kabul has deteriorated Tuesday due to new terrorist threats by the Islamic State branch in Afghanistan.
Why Biden Bucked the Blob on Afghanistan (The National Interest) Biden has always tried to adjust to the changing foreign policy zeitgeist. He voted against the first Gulf War. Then, he voted in favor of the second one.
EXCLUSIVE U.S. approves licenses for Huawei to buy auto chips - sources (Reuters) U.S. officials have approved license applications worth hundreds of millions of dollars for China's blacklisted telecom company Huawei to buy chips for its growing auto component business, two people familiar with the matter said.
The Cybersecurity 202: It's cybersecurity day at the White House (Washington Post) President Biden meets with top executives from the tech, finance, gas, water and insurance industries today.
White House to announce new cyber initiatives with private sector (The Record by Recorded Future) The Biden administration and a roster of America’s largest private companies on Wednesday will announce a series of initiatives meant to address some of the country’s systemic cybersecurity problems, including workforce training and protection of critical infrastructure.
The Trickle-Down Effect of Renewed Federal Attention on Cybersecurity (GovTech) When President Joe Biden signed an executive order requiring all federal agencies to ramp up and improve their cybersecurity efforts, it immediately raised the question about whether these requirements would trickle down to state and local governments. Although the order covers only federal…
New CISA director wants to spend less time cleaning up after big hacks, more time preparing for them (CyberScoop) U.S. cybersecurity officials have scrambled to respond to one major hacking incident after another over the past nine months, from the alleged Russian intrusions into federal networks using bugged SolarWinds software, to the extortion of Colonial Pipeline, which controls the East Coast’s biggest fuel artery.
How local governments are scaring tech companies (Protocol) Congress has failed to regulate tech, so states and cities are stepping in with their own approaches to food delivery apps, AI regulation and, yes, privacy. Tech doesn't like what it sees.
Attorney General Rob Bonta Calls for Full Compliance with State Health Data Privacy Laws (State of California - Department of Justice - Office of the Attorney General) Reminds healthcare providers to report data breaches to the California Department of Justice and to be vigilant about reducing the risk of ransomware attacks
Facing Foreign Election Foes, States Hire 'Cyber Navigators' (Pew Trusts Stateline) Seven states have hired cybersecurity experts to assist counties and cities with elections.
Litigation, Investigation, and Law Enforcement
Kabul Evacuee With Potential ISIS Ties Detained at Qatar Base (Defense One) Up to 100 evacuees have been flagged for further scrutiny during the more comprehensive screening they received at their first stop after Afghanistan.
FBR under cyberattack-II: Wake-up call (Brecorder) Interestingly, FBR is not only collecting taxes but is also responsible for dealing with Anti-Money Laundering and...
DC Circ. Says Trump Call With NSA On Russia Is Privileged (Law360) The D.C. Circuit on Tuesday held that the National Security Agency was permitted to withhold a memo outlining a 2017 phone call between former President Donald Trump and the agency's deputy director from a records request, affirming a lower court's finding that the memo contained privileged information.
Arizona high court delays release of audit records (AP NEWS) Cyber Ninjas will not need to imminently release records of their review of the 2020 vote count in Arizona’s most populous county. Arizona Supreme Court Justice Kathryn King put a hold Tuesday on a lower court order for the records to be released by Aug.
He Was the ‘Perfect Villain’ for Voting Conspiracists (New York Times) Eric Coomer had an election-security job at Dominion Voting Systems. He also had posted anti-Trump messages on Facebook. What happened next ruined his life.
Why does cybersecurity matter in employment law? (InfotechLead) Companies often focus on preventing external cyberattacks, forgetting that internal threats can be more devastating. Employees can engage in
Proofpoint wins $14m from ex-VP and French email security rival in IP theft court battle (Register) Jury finds message-filtering tech misappropriation was 'wilful and malicious'
La Puente man steals 620,000 iCloud photos in plot to find images of nude women (Los Angeles Times) Man who tricked thousands of iPhone users into giving up their passwords admits he stole private photos and videos and shared them online.
FCC Floats Record $5.1M TCPA Fine Over Election Robocalls (Law360) The Federal Communications Commission on Tuesday proposed hitting conservative activists Jacob Wohl and Jack Burkman and J.M. Burkman & Associates LLC with a record $5.1 million fine for purportedly making hundreds of unsolicited robocalls aimed at spreading election misinformation about voting by mail.
Landry's Asks To Pause $20M Data Breach Judgment (Law360) Landry's has asked a Texas federal judge to stay the execution of a $20 million judgment instructing the hospitality company to repay penalties that Visa Inc. and Mastercard levied against Chase Bank following a Landry's data breach, saying it's appealing the order in the Fifth Circuit.