Attacks, Threats, and Vulnerabilities
Meet Meris, the new 250,000-strong DDoS botnet terrorizing the internet (The Record by Recorded Future) A new botnet consisting of an estimated 250,000 malware-infected devices has been behind some of the biggest DDoS attacks over the summer, breaking the record for the largest volumetric DDoS attack twice, once in June and again this month.
Mēris botnet, climbing to the record (Qrator Labs) End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.
Cyber attack: ANZ online access down for third day (New Zealand Herald) The bank and a number of other major organisations have been under a cyber attack.
Russia Influences Hackers but Stops Short of Directing Them, Report Says (New York Times) The arrangement allows the Russian government some plausible deniability for attacks, researchers found.
Dark Covenant: Connections Between the Russian State and Criminal Actors (Recorded Future) The intersection of individuals in the cybercriminal world and officials in the Russian government is well established yet highly diffuse.
U.S. Cyber Czar: Too soon to tell if Russia ransomware has stopped (The Record by Recorded Future) A top U.S. cybersecurity official said on Thursday that it was too soon to tell whether Russian ransomware gangs have let up their assault on U.S. targets.
Cyberangriffe auf Politiker: Generalbundesanwalt ermittelt gegen Putins Hacker (Der Spiegel) Erstmals hat die Bundesregierung Russlands Militärgeheimdienst GRU öffentlich für die Hackerkampagne »Ghostwriter« angeprangert. Nach SPIEGEL-Informationen ermittelt nun auch die Bundesanwaltschaft.
Germany probes claims of pre-election MP hacking by Russia (Yahoo) German federal prosecutors said Thursday they are probing alleged hacking attacks against lawmakers ahead of this month's German election that Berlin has blamed on Russia.
Is the Taliban a Cyber Threat to the West? (SecurityWeek) While the Taliban provides no immediate cybersecurity threat, there is ample potential for it to develop into a major threat on a par with North Korea over the next three to five years
Cybersecurity Advisory: Hackers Are Exploiting CVE-2021-40444 (Huntress) Huntress is monitoring a new threat against Windows OS and Microsoft Office products (CVE-2021-40444). The MSHTML engine is vulnerable to arbitrary code execution.
REvil Is Back on Exploit and Trying to Restore Its Reputation (Flashpoint) A threat actor operating under the alias “REvil” appeared on Exploit claiming to be the ransomware group’s new representative on the illicit Russian-language forum.
Threat Thursday: Get Your Paws Off My Data, Raccoon Infostealer (BlackBerry) Raccoon is an information-stealing malware variant made available to subscribers through a Malware-as-a-Service (MaaS) arrangement. It targets Windows users, seeking out and stealing their stored credentials.
Get Ready for PYSA Ransomware Attacks Against Linux Systems (SecurityWeek) Linux is increasingly targeted by ransomware. Researchers have now detected indications that the PYSA ransomware, often also known as Mespinoza, is also being readied for Linux targets.
Virginia National Guard confirms cyberattack hit Virginia Defense Force email accounts (ZDNet) A spokesperson said there was no impact on the Virginia Army National Guard or Virginia Air National Guard IT infrastructure.
Hackers are leaking children’s data — and there’s little parents can do (NBC News) Most don’t have bank passwords. Few have credit scores yet.
August 2021’s Most Wanted Malware: Formbook Climbs into First Place (Check Point Software) Check Point Research reports that the infostealer, Formbook, is the most prevalent malware while the banking trojan, Qbot, has dropped from the list all
Security Patches, Mitigations, and Software Updates
Microsoft Warns of Information Leak Flaw in Azure Container Instances (SecurityWeek) Microsoft patches Azure Container Instances vulnerability that could allow access to other customers’ information.
AVEVA PCS Portal (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.3
ATTENTION: Low attack complexity
Vendor: AVEVA
Equipment: Platform Common Services (PCS) Portal
Vulnerability: Uncontrolled Search Path Element
2. RISK EVALUATION
The DLL hijacking vulnerability in the Platform Common Services (PCS) Portal, if exploited, could allow malicious code execution within the context of the PCS Portal application.
Delta Electronics DOPSoft 2 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Delta Electronics
Equipment: DOPSoft 2
Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow arbitrary code execution.
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric Europe B.V.
Equipment: smartRTU and INEA ME-RTU
Vulnerabilities: OS Command Injection, Improper Access Control, Cross-site Scripting, Use of Hard-coded Credentials, Unprotected Storage of Credentials, Incorrect Default Permissions
2.
Mitsubishi Electric Multiple Products (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric
Equipment: Multiple Products
Vulnerability: Predictable Exact Value from Previous Values
2.
Trends
The Cybersecurity 202: Cybersecurity pros want to stop talking about a ‘cyber 9/11’ (Washington Post) For nearly two decades, government analysts have warned of a “cyber 9/11” or a “cyber Pearl Harbor” following the Sept. 11, 2001 terrorist attack, whose 20th anniversary is tomorrow.
IT leaders facing backlash from remote workers over cybersecurity measures: HP study (ZDNet) More than 30% of workers under the age of 24 admitted to outright bypassing certain corporate security policies to get work done.
How 9/11 sparked the rise of America’s biometrics security empire (Fast Company) Hundreds of millions of people have been caught up in the U.S.’s biometrics databases—at home, at the border, and abroad—including millions of Afghans who now may be at risk from the Taliban.
Marketplace
Piratica Is Back at Hack For Troops' Fundraising Event (PR Newswire) PlayCyber, powered by Katzcy and Tech For Troops (T4T), a 501(c)(3) nonprofit organization, are pleased to announce that the annual Capture the...
Snyk Closes $530 Million Series F Investment at $8.5 Billion Valuation (PR Newswire) Snyk, the leader in developer security, today announced a $530 million Series F investment to accelerate the industry's shift to developer...
Mastercard to Acquire Blockchain Analytics Firm CipherTrace (SecurityWeek) Mastercard (NYSE: MA) has agreed to acquire cryptocurrency intelligence and blockchain analytics company CipherTrace for an undisclosed sum.
BlackSky Announces Completion of Merger with Osprey Technology Acquisition Corp. (BusinessWire) BlackSky Holdings, Inc. (“BlackSky”), a leading technology platform providing real-time geospatial intelligence and global monitoring, today announced
Largest Cybersecurity Companies in Greater Baltimore (Baltimore Business Journal) Ranked by Number of employees in Greater Baltimore
Atlanta cybersecurity firm Pindrop moving to West Midtown project The Interlock, adopting hybrid work model (Atlanta Business Journal) Atlanta cybersecurity firm Pindrop moving to West Midtown project The Interlock, adopting hybrid work model
L3Harris becomes Space ISAC’s newest founding member (Electronics Weekly) L3Harris Technologies, the aerospace and defence specialist, has joined the Space Information Sharing and Analysis Center (ISAC) as its newest founding mem
Zscaler CEO: ‘We Are Barely Scratching The Surface Of The Federal Market’ (CRN) Zscaler has been tapped to run a pilot program driving adoption of zero trust architectures in support of the Biden administration’s Executive Order on cybersecurity.
Apple pays hackers six figures to find bugs in its software. Then it sits on their findings. (Washington Post) Lack of communication, confusion about payments and long delays have security researchers fed up with Apple’s bug bounty program
Apiiro Appoints Moshe Zioni as VP of Security Research (PR Newswire) Apiiro, the industry's first Code Risk Platform™, today announced the appointment of industry veteran Moshe Zioni as the company's new VP of...
Atlassian names billionaire Cloudflare co-founder Michelle Zatlyn to Board of Directors (CRN Australia) Michelle Zatlyn joins as software firm's fourth director.
Proton welcomes Sir Tim Berners-Lee to its advisory board – as ProtonMail suffers a privacy backlash (Register) 'I am a firm supporter of privacy,' Sir Tim declares - even as the service is lambasted over IP logging
Introducing Cobalt’s Chief Information Security Officer: Andrew Obadiaru (Cobalt) As CISO, it’s an opportunity to take a seat at the table and guide decisions across the organization as a whole.
Checkmarx Bolsters Executive Team with Appointment of Nancy Pearson as Chief Marketing Officer (BusinessWire) Checkmarx, the global leader in developer-centric application security testing (AST) solutions, today announced that it has named Nancy Pearson as Chi
Products, Services, and Solutions
Corvus Insurance Combats Cyber Risk With New Risk Aggregation Platform (BusinessWire) Corvus Insurance, the leading provider of smart commercial insurance products powered by AI-driven risk data, today announced its Risk Aggregation Pla
BlackBerry Delivers Secure Modern Authentication for Microsoft 365 (PR Newswire) Announced today, BlackBerry Limited (NYSE: BB; TSX: BB) has enhanced the integration of BlackBerry® Unified Endpoint Manager (UEM) and...
Medigate and CrowdStrike to Provide Healthcare Organizations with Unified Endpoint Security for Medical IoT Devices (PR Newswire) Medigate, healthcare's Best in KLAS IoT Security Provider, today announced it has partnered with CrowdStrike, a leading provider of...
Omada and Performanta Partner to Bring Stronger Identity Governance to the UK (PR Newswire) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA), and Performanta, a managed security and consulting firm,...
Technologies, Techniques, and Standards
US Gov Seeks Public Feedback on Draft Federal Zero Trust Strategy (SecurityWeek) The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation.
Every second counts in cyber-attack on automated ports and ships (TradeWinds | Latest shipping and maritime news) Lessons can be learned from Maersk's 2017 cyber-hack as autonomous systems spread through shipping
How Cyber Liability Insurance Can Rescue A Small Business (Forbes Advisor) Cyber crime against a business can lead to the damage and misuse of sensitive information. If this happens, recovery costs can mount and include specialized repairs and legal fees.
Cyber liability insurance protects a business from the cost of threats to computer systems and data. It’s also known
New Pillsbury Report Explores the Benefits and Risks of AI in Cybersecurity (PR Newswire) Pillsbury has published a new research report that seeks to illuminate the important role artificial intelligence stands to play in defending...
Acting Responsibly in Cyber Space - With Marcus Willett CB OBE (Pentest) We spoke to Marcus Willett OB CBE, Ex GCHQ Director of Cyber, to discuss the big issues affecting cyber space, especially state-led operations
US Army works through what ‘information advantage’ is and how to achieve it (Defense News) The Army is conducting a series of experiments to figure out the right mix to achieve information advantage for commanders.
Design and Innovation
Money, mimicry and mind control: Big Tech slams ethics brakes on AI (Reuters) In September last year, Google's cloud unit looked into using artificial intelligence to help a financial firm decide whom to lend money to.
Research and Development
True quantum supremacy and the race to a million qubit chip (Computing) Is quantum supremacy - the moment when conventional computers become obsolete - a fiction?
Legislation, Policy, and Regulation
Brazil’s President Bans Social Networks From Removing Some Posts (New York Times) The new rules in Brazil appear to be the first national policy that restricts how tech companies can control their sites, analysts say.
Triumphant Taliban Start Putting Policies Into Practice (The Street Journal) Twenty years since the Taliban’s hardline regime was ousted from Kabul, the Islamists are back in power and putting a new political agenda into practice.
SECDEF: al-Qaida may seek comeback in Afghanistan (Military Times) The Taliban had provided al-Qaida with sanctuary while it ruled Afghanistan from 1996 to 2001.
Readout of the Political Directors Small Group Meeting of the Global Coalition to Defeat Daesh/ISIS (United States Department of State) Senior diplomatic representatives from the Small Group of the Global Coalition to Defeat Daesh/ISIS met today in a virtual setting to discuss the global campaign against Daesh/ISIS. U.S. Acting Special Envoy for the Global Coalition John Godfrey provided an update on progress in Iraq and Syria, and outlined the Coalition’s focus on defeating Daesh/ISIS global […]
Beyond Forever War (Foreign Affairs) A smarter counterterrorism approach is now within reach.
Easterly Discusses Ransomware Action and Industry Collaboration with U.K. Counterpart - Hstoday (Hstoday) Top cyber security officials from the U.S. and U.K. affirmed their commitment to tackling ransomware in their first official face-to-face engagement on September 9 in London. Lindy Cameron, CEO of the U.K.’s National Cyber Security Centre (NCSC) – a part of GCHQ – met with Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency […]
UK's proposed data and ICO reforms are surprisingly pro-regulation (Computing) There were concerns that reforms could damage privacy and undo the GDPR. Instead, it appears that the government wants to rebuild problem areas while maintaining personal protections
Democrats eye new $1 billion effort to crack down on Big Tech in sprawling economic package (Washington Post) The new funding proposal comes as Democrats work to assemble a $3.5 trillion spending bill
Should Ransomware Payments Be Made Illegal? (Wall Street Journal) Proponents say it would lead to fewer attacks. Opponents say that organizations need the option to pay. The two sides square off in a debate.
Litigation, Investigation, and Law Enforcement
EXCLUSIVE Wide-ranging SolarWinds probe sparks fear in Corporate America (Reuters) A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, according to six people familiar with the inquiry.
Canadian-US National Sentenced to Prison for Cybercrime Schemes (SecurityWeek) Ghaleb Alaumary sentenced to prison time for laundering millions from BEC schemes, ATM cash-outs, and bank cyber-heists.
Money launderer connected to North Korean government hackers, 'Hushpuppi' is sentenced to 11 years (CyberScoop) A U.S. court sentenced a Canadian man to 11 years in prison for his role in a global hacking and money laundering scheme allegedly spearheaded by North Korean cybercriminals.
