Attacks, Threats, and Vulnerabilities
China accused of cyber attacks on Norwegian IT systems (ComputerWeekly.com) China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway.
White House warns of ransomware attacks over Labor Day weekend (NY1) One official recommended some precautions Thursday.
White House double downs on warning about cyberattacks over the holidays (The Record by Recorded Future) White House deputy national security adviser Anne Neuberger on Thursday urged U.S. organizations to be on guard against malicious digital activity ahead of the Labor Day holiday.
Feds warn organizations not to take a cyber vacation after high-profile hacking on holidays (CBS News) In a joint advisory, the FBI and CISA said they "observed an increase in highly impactful ransomware attacks occurring on holidays and weekends — when offices are normally closed."
Why Ransomware Hackers Love a Holiday Weekend (Wired) Looking forward to Labor Day? So are ruthless gangs of cybercriminals.
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role (Bloomberg) Tech company installed a flawed NSA algorithm that became ‘a perfect example of the danger of government backdoors.’
Recently Patched Confluence Vulnerability Exploited in the Wild (SecurityWeek) Hackers started exploiting a critical Confluence vulnerability just one week after Atlassian announced the availability of a patch.
Flaws in Moxa Railway Devices Could Allow Hackers to Cause Disruptions (SecurityWeek) Railway wireless communication devices made by Moxa are affected by 60 vulnerabilities, including ones that could allow hackers to cause disruptions.
Unpatched Exchange Servers an overlooked risk (ARN) Attackers are targeting older, unpatched Microsoft Exchange Servers with much success because organisations don't properly assess the risk.
Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft (SecurityWeek) Software vendor SolarWinds failed to enable ASLR, an anti-exploitation feature available since the launch of Windows Vista 15 years ago. The oversight that made it easy for attackers to launch targeted malware attacks in July this year.
Gift Card Gang Extracts Cash From 100k Inboxes Daily (KrebsOnSecurity) Some of the most successful and lucrative online scams employ a "low-and-slow" approach -- avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here's the story…
Threat Thursday: Who’s Afraid of Phobos Ransomware? (BlackBerry) Phobos ransomware is closely related to the CrySIS and Dharma malware families. The name 'Phobos' is likely inspired by the Greek god who was believed to be the personification of fear and panic.
US farm loses $9 million in the aftermath of a ransomware attack (The Record by Recorded Future) A US farm lost a whopping $9 million due to a temporary shutdown of its farming operations following a ransomware attack earlier this year; the FBI said this week.
Cyber Criminal Actors Targeting the Food and Agriculture Sector with Ransomware Attacks (FBI Cyber Division Private Industry Notification) Ransomware attacks targeting the Food and Agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain.
Recruiting Firm Apparently Pays Ransom After Being Targeted by Hackers (SecurityWeek) Administrative staffing agency Career Group, Inc. this week started sending notification letters to customers who were affected by a data breach that occurred in late June.
Positive Technologies: 91% of Industrial Companies Open to Cyber-Attacks (Positive Technologies) Positive Technologies today released new research that examines information security risks present in industrial companies, the second-most targeted sector by cybercriminals in 2020. Among key findings, an external attacker can penetrate the corporate network at 91% of industrial organizations, and Positive Technologies penetration testers gained access to the industrial control system (ICS) networks at 75% of these companies.
Information security risks at industrial companies (Positive Technologies) Industrial companies attract criminals by their size, the importance of business processes, and their impact on the world and people's lives.
Accellion-related breach disclosures continue to unfold (SearchSecurity) Beaumont Health is the latest to disclose a data breach related to last year's attack on Accellion's legacy software.
Ransomware Gangs: the Newest Form of International Cyber Criminals (KAKE) By Author: by Caitlyn-Rae Arendse, Security Television Network
Security Patches, Mitigations, and Software Updates
iOS 15 now prompts users if they want to enable Apple personalized ads, after it was previously on by default (9to5Mac) For iOS 15 users, Apple has begun prompting for their consent to enable Personalized Ads for their Apple ID, which allows Apple to use your App Store purchase history and several other demographics, to inform what advertising is displayed in the News and Stocks apps, as well as for targeting App Store Search Ads. Apple…
Advantech WebAccess (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Advantech
Equipment: WebAccess
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of WebAccess, an HMI platform, are affected:
JTEKT TOYOPUC Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: JTEKT Corporation
Equipment: TOYOPUC products
Vulnerability: Allocation of Resources Without Limits or Throttling
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote attacker to deny Ethernet communications between affected devices without authorization.
Johnson Controls Sensormatic Electronics Illustra (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc.
Equipment: Illustra
Vulnerability: Off-by-one Error
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local attacker to obtain super user access to the underlying Linux operating system.
Apple to Delay iPhone Update That Could Scan Device for Illegal Content (Wall Street Journal) The tech giant plans to make improvements to software that aimed to report collections of sexually exploitative images of children, amid a backlash from critics concerned about privacy erosion.
Trends
Indonesia at Highest Risk Level of Cyber Threat: TrendMicro (Jakarta Globe) Around 81 percent of Indonesian companies anticipate the possibility of customer data leakage in the next year, the cyber security firm said
FBI: Americans lost more than $8 million to sextortion scams this year (The Record by Recorded Future) The US Federal Bureau of Investigation said today that Americans lost more than $8 million to sextortion scams in the first seven months of the year following a massive uptick in activity from criminal groups.
Marketplace
Facebook says it helped airlift Afghans, including employees, to Mexico (Axios) The social media giant joined with others in organizing a flight out of Afghanistan.
SOAR Company D3 Security Raises $10 Million (SecurityWeek) SOAR platform provider D3 Security has raised $10 million and obtained an additional $5 million in debt financing.
Corelight Banks $75M for Network Monitoring Expansion Plans (SecurityWeek) Network detection and response play Corelight has raised a fresh $75 million funding round to speed up its global expansion ambitions.
Okta buys startup atSpoke to fuel identity governance (CRN Australia) For its upcoming identity governance and administration (IGA) offering.
DataTribe Announces Fourth Annual Cybersecurity Start-Up Challenge (BusinessWire) DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today the launch o
The cybersecurity industry is burning — but VCs don’t care (VentureBeat) Cyberattacks are worse than they've even been. Why can't the security industry keep up? And what should we make of this current VC gold rush?
With breaches rising, Maryland cybersecurity companies are poised to protect healthcare systems (Technical.ly Baltimore) Health and cybersecurity are two of Maryland's biggest innovation economy engines. LaunchTech Communications Founder Wayne Schepens writes that one can help the other.
Georgia cyber incubator tries to stoke military innovation (Defense News) The center provides an open, collaborative space for military technologists to think and work on hard problems free from typical government bureaucracy.
Record Doge NFT Sale Highlights Growing Demand for Fractionalization (CoinDesk) Group ownership of NFTs is rising, but critics question whether the trend will last.
SAIC Announces Second Quarter of Fiscal Year 2022 Results (SAIC) Revenues increase to $1.8 billion; 4.1% total revenue growth, 3.8% growth excluding acquired revenues Diluted earnings per share increase to $1.41; Adjusted diluted earnings per share(1) increase to $1.97 Net bookings of $1.6 billion; Book-to-bill ratio of 0.9 for the second quarter Company raises revenue, adjusted EBITDA margin(1) and adjusted diluted EPS(1) guidance for fiscal year 2022 Science Applications International Corporation (NYSE: SAIC), a premier Fortune 500® technology integrator dr
Products, Services, and Solutions
Kasten by Veeam Provides Secure, Reliable Backup of Kubernetes Data and Applications for the CyberPeace Institute (PR Newswire) Kasten by Veeam®, the market leader for Kubernetes Backup, today announced that the CyberPeace Institute has deployed Kasten K10 to protect its...
Platform9 Joins Intel's Open Retail Initiative, Launches Solution to Power Software-Defined Stores (PR Newswire) Platform9, the leader in multi-cloud Kubernetes as a service, joined Intel's Open Retail Initiative (ORI) and launched a new software-defined...
Code42 Launches Incydr Flows to Automate and Accelerate Effective Responses to Insider Risk Events (BusinessWire) Code42 announced Incydr Flows, a series of actions that are automated to effectively respond to different types of insider risk events.
Technologies, Techniques, and Standards
Addressing the Private Sector Cybersecurity Predicament: The Indispensable Role of Insurance (Carnegie Endowment for International Peace) Harnessing the full potential of cyber insurance will be imperative for preventing systemic cyber incidents of concern for governments and the private sector alike.
Design and Innovation
AWS to proactively remove more content that violates rules (CRN Australia) Is creating a small team to identify and proactively remove content from AWS servers.
Twitter Plans New Privacy Tools to Get More People Tweeting (Bloomberg) Features give users more control over who sees which posts. ‘Social privacy’ push targets reputation, identity management.
Research and Development
The Battle For Post-Quantum Security Will Be Won By Agility (Semiconductor Engineering) Don't wait for quantum resistant cryptography standards to be developed.
Legislation, Policy, and Regulation
European Regulators Continue to Disrupt Data Transfers to U.S. (Wall Street Journal) Businesses transferring data from the European Union to the U.S. must provide new legal guarantees about data privacy starting this month.
UK now expects compliance with children’s privacy design code (TechCrunch) In the U.K., a 12-month grace period for compliance with a design code aimed at protecting children online expires today — meaning app makers offering digital services in the market which are “likely” to be accessed by children (defined in this context as users under 18 years old)…
Online Safety Bill gives legal basis for LGBT censorship, warn Stephen Fry and campaigners (inews.co.uk) Legal free speech could be banned from social media under the proposed law
HASC NDAA Markup Adds Slew Of Cyber, IT, Spectrum Initiatives (Breaking Defense) "If there's one overarching theme of our approach this year, it's to transform where we're heading and focus on technology and innovation and how to start using that better," HASC Chair Smith said in opening remarks.
Massive T-Mobile Data Breach Reignites Calls for National Privacy and Data Security Law (Lexology) A little over two weeks ago, T-Mobile became the latest victim of a cyberattack when more than 50 million of their customers’ data was stolen. In the…
Insurers Push For Security Standards Amid Cybercrime Crush (Law360) As Congress continues to drag its feet on enacting federal cybersecurity rules, the insurance industry has stepped in to fill the void behind the scenes, pushing policyholders to adopt strict security practices as a condition of receiving coverage for cyberattacks.
Oregon IT audit highlights cyber policy gaps (StateScoop) The state’s technology division agreed with auditor recommendations but cited challenges with IT’s decentralized structure.
Litigation, Investigation, and Law Enforcement
Israeli Foreign Minister Promises Closer Look at NSO (SecurityWeek) Israel’s foreign minister has played down criticism of the country’s regulation of the cyberespionage firm NSO Group but vowed to step up efforts to ensure the company’s controversial spyware doesn’t fall into the wrong hands.
SEC’s $1 Million Settlement with Pearson Over Botched Data Breach Disclosure Is A Cautionary Tale for Public Companies (JD Supra) Careful—and truthful—reporting of a data breach should be a must for any company. But nowhere is this truer than for publicly traded companies. A...
SEC Continues to Emphasize Cybersecurity Practices and Disclosures, Settles Three Actions with Broker-Dealers and Investment Advisors (Lexology) Last week we wrote about the Securities and Exchange Commission's (SEC) emphasis on cybersecurity underlined by several recent enforcement actions…
Data breach ruling "could stem" tide of claims (Legal Futures) A High Court ruling on a low-value data breach claim may stop claimants recovering ATE insurance premiums in cases involving cyber-attacks.
Voting Data From A Colorado County Was Leaked Online. Now, The Clerk Is In Hiding (NPR.org) A county clerk in Colorado is under investigation after sensitive information about the county's voting machines appeared on conspiracy websites.
Student sues SU over data breach that exposed nearly 10,000 names, SSN (The Daily Orange) After a data breach that exposed the names and Social Security numbers of nearly 10,000 people, a Syracuse University student affected by the breach is suing the university for negligence.