Attacks, Threats, and Vulnerabilities
Apple Issues Emergency Security Updates to Close a Spyware Flaw (New York Times) Researchers at Citizen Lab found that NSO Group, an Israeli spyware company, had infected Apple products without so much as a click.
Apple Cyber Flaw Allows Silent iPhone Hack Through iMessage (Wall Street Journal) Apple issued a software fix Monday, but an Israeli security firm has been exploiting the vulnerability since February, according to a research group.
New Pegasus hack found targeting Apple devices through iMessage, researchers say (Washington Post) Apple released a software update Monday to fix a security flaw exploited in hacking iPhones and other devices made by the company
FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild (The Citizen Lab) While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.
This is how a cybersecurity researcher accidentally broke Apple Shortcuts (ZDNet) Detectify explains how investigating CloudKit resulted in Shortcuts disruption for users back in March.
Hackers port Cobalt Strike attack tool to Linux (SearchSecurity) Intezer researchers have observed attacks in the wild that use a Linux version of Cobalt Strike Beacon, a popular penetration testing tool.
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks (BleepingComputer) An unofficial Cobalt Strike Beacon Linux version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide.
SSID Stripping: New Method for Tricking Users Into Connecting to Rogue APs (SecurityWeek) Researchers have found new ways to trick users into connecting to rogue wireless APs by manipulating how their name is displayed on a mobile or desktop device.
Report: How We Uncovered a Phishing Kit Being Used to Scam Thousands of People (vpnMentor) Led by Noam Rotem, vpnMentor’s research team has discovered two separate criminal schemes using slightly altered versions of the same phishing kit to scam people across the
REvil is back - and wants to rebuild its reputation (TechRadar) REvil is supposedly clearing its dues in its efforts to re-engage with old affiliates
REvil’s Back; Coder Fat-Fingered Away Decryptor Key? (Threatpost) How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”
GetHealth Platform Misconfiguration Exposes 61 Million Records (Solutions Review) GetHealth, a health and wellness data unification solution provider, exposed 61 million records due to a platform misconfiguration.
Report: Fitness Tracker Data Breach Exposed 61 Million Records and User Data Online (Website Planet) On June 30th, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected
How Walgreens’ sloppy Covid-19 test registration system exposed patient data (Vox) Millions of people got Covid-19 tests through Walgreens. Their information wasn’t adequately protected.
Post-Ida cyber attack hits Jefferson Parish courts; closures to last until at least Sept. 20 (NOLA.com) Most of Jefferson Parish’s key courthouses will remain closed through the week after a cyber attack shut down the courts’ computer systems in the wake of Hurricane Ida, according to
Cyber attack: Kiwibank and MetService still experiencing problems (New Zealand Herald) A week-long cyber attack has affected a number of major sites in New Zealand.
Cyber attack: Kiwibank and MetService still experiencing problems - NZ Herald (New Zealand Herald) A week-long cyber attack has affected a number of major sites in New Zealand.
Vulnerability Summary for the Week of September 6, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
OWASP Top 10 ranking has a new leader after ten years (The Record by Recorded Future) The OWASP Top 10, a list of the most dangerous web vulnerabilities, has been updated after four years, and, after more than a decade, there is a new vulnerability at the top of the ranking.
Security Patches, Mitigations, and Software Updates
Google patches two Chrome zero-days (ZDNet) Researchers said this was the 10th zero-day exploit that Google had patched this year.
Apple says iOS 14.8 patches iPhone attack that defeated Blastdoor protections (9to5Mac) Apple has published a full support document detailing what’s new in iOS 14.8, watchOS 7.6.2, iPadOS 14.8, and macOS Big Sur 11.6. Apple says that the updates address security vulnerabilities that “may have been actively exploited in the wild.” Update: Citizen Lab has published a new report today with more details on the vulnerabilities. The […]
Apple patches an NSO zero-day flaw affecting all devices (TechCrunch) Citizen Lab says the ForcedEntry exploit affects all iPhones, iPads, Macs and Watches.
Apple releases patches for NSO Group's ForcedEntry zero-day (The Record by Recorded Future) Apple has released security updates today to patch ForcedEntry, a professional exploit developed by Israeli spyware maker NSO Group, and which has been abused to hack into the phones of multiple activists since February this year.
Apple Ships Urgent Patch for FORCEDENTRY Zero-Days (SecurityWeek) Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category.
Apple fixes iOS zero-day used to deploy NSO iPhone spyware (BleepingComputer) Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones.
Apple Issues Emergency Fix for NSO Zero-Click Zero Day (Threatpost) Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.
Apple patches against alleged NSO Group zero-click exploit used on activists (CyberScoop) Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers.
About the security content of iOS 14.8 and iPadOS 14.8 (Apple Support) This document describes the security content of iOS 14.8 and iPadOS 14.8.
Trends
CISOs Faced With Friction, Resistance From Remote Workers Over Security Controls (SecurityWeek) Research from HP Wolf Security indicates that implementing certain security solutions may suffer from the resurgence of an old problem: user resistance.
The Race Against External Threats in the Automotive Supply Chain (Cybelangel) Discover real examples of data leaks, vulnerable assets, and exposed credentials leaving car companies vulnerable to data breaches and ransomware.
Mimecast : Ransomware Rewrites Cyber Insurance Policies (MarketScreener) Ransomware has exerted immense pressure on the cyber insurance market, and organizations looking for coverage are paying the price.
Venafi Survey: Execs Say Companies Negligent in Protecting Security Software Build Environments Should Face Clear Consequences (BusinessWire) Venafi®, the inventor and leading provider of machine identity management, today announced survey results highlighting the challenges of improving sof
U.S., UK, Germany among top cybercrime targets worldwide – Study (Guardian (Nigeria)) A study conducted by a German consultancy firm, Roland Berger, has revealed that the United States (U.S.) tops the list of the main cybercrime targets worldwide followed by UK, Germany, South Africa, Brazil
A snapshot of security: How a top business priority has evolved (BusinessLIVE) An IDC Cybersecurity survey by Microsoft showed 50% of SA business leaders are concerned with the consequences of security breaches
Data security is broken: What’s next? (Imperva Blog) One out of every two on-premises databases globally has at least one vulnerability, finds a new study from Imperva Research Labs spanning 27,000 on-prem databases, based on insights from a proprietary database scanning service introduced by Imperva Innovation five years ago. The question is: why is securing data so challenging? Key Findings This research proves […]
Chances Are, Your Data is Not Secure: 46% of On-Prem Databases Globally Contain Vulnerabilities - Company (Imperva) Imperva, Inc., (@Imperva) the cybersecurity leader whose mission is to help organizations protect their data and all paths to it, releases the findings of new threat intelligence research showing that nearly half (46%) of all on-premises databases globally are vulnerable to attack. A five-year longitudinal study conducted […]
Attacks from All Angles: 2021 Midyear Cybersecurity Report (Trend Micro) In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets.
Cyberpion Reveals A Quarter of Fortune 500 Companies Have Exploitable Vulnerabilities in their External IT Network (Yahoo Finance) Cyberpion, a cybersecurity pioneer in external attack surface management (EASM), today presented research showing that nearly three quarters of Fortune 500 companies' IT infrastructure exists outside their organization, a quarter of which was found to have a known vulnerability that threat actors could infiltrate to access sensitive employee or customer data.
Marketplace
BitSight raises $250M from Moody’s and acquires cyber risk startup VisibleRisk (TechCrunch) The investment values BitSight at $2.4 billion and makes Moody’s the largest shareholder in the company.
TransUnion to Buy Consumer-Data Aggregator Neustar for $3.1 Billion in Cash (Variety) Credit rating giant TransUnion announced a deal to acquire Neustar, an identity resolution company — which tracks and aggregates consumers’ digital activity for marketing and anti-fraud…
Tenable to Acquire Accurics in $160M Deal (SecurityWeek) Attack surface management pioneer Tenable on Monday announced plans to spend $160 million in cash to snap up Accurics, an early-stage startup selling cloud-native security for DevOps and security teams.
JFrog Acquires Upswift, Bringing Software Updates and Container Deployment for IoT Devices to Developers (JFrog) We are thrilled to announce Upswift is joining the JFrog family! Together, the two companies will deliver something that’s never been done before – end-to-end software delivery from development to device that will join developers’ modern CI/CD and SecOps workflows to the world of connected devices. Learn More.
Cybersecurity Pioneer Launches Neosec With $20.7 Million Series A to Protect APIs From Business Abuse and Data Theft (Neosec) Neosec today announced that it has emerged from stealth mode and completed its Series A fundraise to protect APIs from business abuse and data theft.
Rezilion raises $30M to help security operations teams with tools to automate their busywork (TechCrunch) Security operations teams face a daunting task these days, fending off malicious hackers and their increasingly sophisticated approaches to cracking into networks. That also represents a gap in the market: building tools to help those security teams do their jobs. Today, an Israeli startup called R…
Siris Capital in talks to take cybersecurity firm Radware private - CNBC (Reuters) Cybersecurity company Radware is in talks to sell itself to private equity firm Siris Capital, CNBC reported on Monday, citing people familiar with the matter.
Booz Allen takes full ownership, control of cyber forensics firm (Washington Technology) Booz Allen Hamilton exercises its option to acquire full ownership of a commercial cybersecurity company specializing in digital forensics and incident response.
Booz Allen Acquires Cybersecurity Firm Tracepoint (Defense Daily) Booz Allen Hamilton on Monday said it has acquired Tracepoint, a cybersecurity company with deep expertise in digital forensics and incident response,
Cyber Market Leader Booz Allen Acquires Tracepoint (Booz Allen) Booz Allen has acquired Tracepoint, a digital forensics and incident response (DFIR) company serving public and private sector clients.
Satori Secures $20M in Series A to Accelerate Adoption of Cloud Data Platforms with DataSecOps (GlobeNewswire News Room) B Capital Group and Evolution Equity Partners co-led investment round, alongside seed investor YL Ventures...
Kape Technologies acquires ExpressVPN, Intuit buys Mailchimp (Computing) ExpressVPN deal is one of the largest acquisitions by a UK technology company in recent years, while Intuit snaps up SME marketing platform for $12 billion
18 cybersecurity startups to watch (CSO Online) Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management, zero-trust, and more.
The 10 most powerful cybersecurity companies (CSO Online) What makes these 10 security vendors the biggest power players? We break it down.
Focus on Data, Advanced Analytics and Decisioning Creates a Winning Strategy for Experian (BusinessWire) Experian has ranked #11 on the newly announced 2021 IDC FinTech Ranking, jumping from its previous position at #45.
Cellebrite Announces Formation of Ethics & Integrity Committee (PR Newswire) Cellebrite DI Ltd. (Nasdaq: CLBT), the global leader in Digital Intelligence (DI) solutions for the public and private sectors, today announced...
Arvig Welcomes Eric Wilkens as the Director of Cybersecurity (CIOReview) Arvig Welcomes Eric Wilkens as the Director of Cybersecurity By CIOReview - Arvig promoted Eric Wilken, Ph.D., as the Director of Cybersecurity, which will be effective from July 1st.
Michael Mangan Joins Siege Technologies as CFO (ExecutiveBiz) Michael Mangan, a veteran finance executive with more than two decades of leadership experience, has joined cybersecurity technology research and development company Siege Technologies as chief financial officer. “I look forward to helping the Siege team grow both organically and through strategic acquisitions. It is exciting to get in the action on the front lines of
Products, Services, and Solutions
Lookout Delivers First Zero Trust Solution For Any App That Dynamically Adapts Based On Data Sensitivity And Continuous Risk Assessment Of Endpoints And Users (PR Newswire) Lookout, Inc., an integrated endpoint-to-cloud security company, today announced the industry's first Zero Trust access solution that...
Attivo Networks® Brings Identity Security to the Next Level with a New Method of Credential Protection (BusinessWire) Attivo Networks® Brings Identity Security to the Next Level with a New Method of Credential Protection
Titania | Titania Launches New Nipper Module to Protect Defense Industry and Suppliers from Cybersecurity Breaches (RealWire) First dedicated tool to automate and assess Cybersecurity Maturity Model Certification (CMMC) compliance within minutes; prioritizes risk and remediation and saves organizations up to $200 per network device
SailPoint Set To Offer a No-Code Way To Automate Security Tasks, Customize Workflow (Integration Developer News) <p>As companies struggle to find identity talent, SailPoint is bringing a no-code approach to identity security. SailPoint Workflows lets users integrate and automate such processes in a few clicks.</p>
Encrypted Phone Firm Ciphr, Used by Criminals, Moves to Cut Off Australia (Vice) Ciphr is one of the few remaining players in the encrypted phone industry after the FBI secretly ran its own firm called Anom.
TikTok Is Removing Educational Hacking Videos (Vice) Multiple creators showed that TikTok is particularly aggressive at removing videos that are designed to educate viewers about hacking.
NordVPN Teams rebrands as NordLayer, moves towards SASE business solutions (CyberNews) NordVPN Teams becomes NordLayer, and focuses more on custom SASE solutions for growing businesses.
Datadobi Receives SOC2 Type I Attestation for DobiMigrate (BusinessWire) Datadobi announced that it has completed certification by KPMG in accordance with SOC 2 Type I requirements for DobiMigrate.
Synopsys Transforms Workspace Security with Citrix® (BusinessWire) It’s an eternal question among IT organizations: how do you keep corporate data and devices safe without hampering the user experience – particularly
Qualys Introduces Zero-Touch Patching for Proactive Vulnerability Remediation (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced it...
Vade for Microsoft 365 is now available in the Microsoft Azure Marketplace (PR Newswire) Vade, a global leader in AI-based threat detection, user awareness and incident response with one billion protected mailboxes worldwide, today...
Akamai launches new, on-demand learning platform for customers (PR Newswire) Akamai Technologies, Inc. (NASDAQ: AKAM), the world's most trusted solution for protecting and delivering digital experiences, today announces...
Beyond Identity Closes Software Supply Chain Vulnerability (Beyond Identity) Introduces Secure and Automated Way to Ensure All Source Code Entering GitHub, GitLab, and Bitbucket Repositories is Signed by a Developer With a Validated Corporate Identity
Paradigm Initiative launches tools of impact in the digital space (Africanews) Social enterprise Paradigm Initiative (PIN) (https://Paradigmhq.org) known for building an ICT-enabled support system and advocating digital rights in order to improve livelihoods for under-served youth,
Technologies, Techniques, and Standards
ATP 7-100.3: Chinese Tactics (US Army) ATP 7-100.3 describes Chinese tactics for use in Army training, professional education, and leader development. This document is part of the ATP 7-100 series that addresses a nation-state’s military doctrine with a focus on army ground forces and tactical operations in offense, defense, and related mission sets.
Virtual Events Amplify NIST’s Cybersecurity and Privacy International Engagements (NIST) For the past many months, NIST has taken advantage of the shift to online events to deepen our international engagement.
What Is Zero Trust? It Depends What You Want to Hear (Wired) The cybersecurity world’s favorite catchphrase isn’t any one product or system, but a holistic approach to minimizing damage.
The Zero-Trust Approach to Managing Cyber Risk Explained (Wall Street Journal) The Biden administration last week released a draft blueprint for a so-called “zero trust” approach to fending off cyber hackers. Here are the basics of of what it would look like in practice.
Kaspersky Finds Patch Management Combined With Robust Password Policies Reduces The Risk Of Cyberattacks To Businesses By Up To 60% (AiThority) New findings from Kaspersky reveals that, in six in ten (63%) cyberattacks investigated by the Kaspersky Global Emergency Response team, adversaries
How to Find the Hidden Files on Your Phone or Computer (Wired) You shouldn't mess with some of them—but there are others you should be aware of.
Drive down the risks of security threats with secure ELDs (Synopsys Software Integrity Blog) During this National Truck Driver Appreciation Week, we review how to ensure security on the road with ELD cyber security considerations.
Research and Development
BT demonstrates quantum-secure communication on revolutionary hollow core fibre cable (Computing) Trial of quantum key distribution over HCF cable is a 'world's first', BT claims
Is your brain a computer? (MIT Technology Review) We asked experts for their best arguments in the long-standing debate over whether brains and computers process information the same way.
Academia
National Cyber League Welcomes Back CompTIA as Sponsor for 2021-22 Season (CompTIA) Competitions ready college and high school students for careers in cybersecurity
Legislation, Policy, and Regulation
Report: Beijing, Moscow step up efforts to control the Internet’s backbone (The Record by Recorded Future) Authoritarian governments — particularly in Beijing and Moscow — are stepping up their efforts to buy or influence companies responsible for laying the undersea cables that shuttle online communications between countries and servers, according to a report released on Monday.
Russia is fully capable of shutting down cybercrime (CSO Online) With internet blocks and high-profile arrests, Russia shows it can crack down on cybercrime when properly motivated. New analysis suggests the Biden administration’s sanctions may be providing some motivation.
Tech 24 - Cyberspace, the 21st century battleground (France 24) As the 13th edition of the International Forum on Cybersecurity comes to a close in Lille, we explore the growing risk of an escalation of conflict in cyberspace.
ANZUS at 70: Cyberspace (The Strategist) Ten years ago, in September 2011, Australia and the US stretched ANZUS to cover cyberspace. That year’s AUSMIN communiqué addressed the challenges posed by growing cyber threats, specifically endorsing a joint statement on cyberspace. The ...
Where Should We Draw the Cyber Blue Line? (The State of Security) What are the limits of online privacy and law enforcement? Can we clearly define them, or is this a vague and blurred area of debate?
Funding OMB’s zero trust mandate may be the toughest part of the new strategy (Federal News Network) Current and former federal technology leaders say OMB’s draft zero trust strategy must still address some challenges.
Brazil debates creation of national strategy to tackle cybercrime (ZDNet) Discussions are being led by the Ministry of Justice and the banking sector
The case for a SaaS bill of material (CSO Online) A SaaSBOM will provide greater visibility into the components of cloud-based software infrastructure. This proposal shows how to begin to develop one.
Biden nominates critic of surveillance software to FTC, further bolstering agency as check on Big Tech (Washington Post) Alvaro Bedoya has spearheaded pivotal research into how the government’s use of facial recognition software hurts America’s most marginalized
Alvaro Bedoya Set to Be Nominated to Federal Trade Commission Post (Wall Street Journal) Critic of surveillance technologies would take on role of enforcing antitrust, consumer-protection laws.
Litigation, Investigation, and Law Enforcement
Florida Delegation Wants Answers on SolarWinds Hack of U.S. States Attorneys’ Offices (Florida Daily) Last week, Florida’s two U.S. senators–Republicans Marco Rubio and Rick Scott–and U.S. Reps. Gus Bilirakis, R-Fla., Vern Buchanan, R-Fla., Kat Cammack, R-Fla., Mario Diaz-Balart, R-Fla., Neal Dunn, R-Fla., Carlos Gimenez, R-Fla., Stephanie Murphy, D-Fla., Bill Posey, R-Fla., John Rutherford, R-Fla., Maria Elvira Salazar, R-Fla., and Michael Waltz, R-Fla., sent a letter to U.S. Attorney General […]
Formal response to FERC Complaint EL21-99-000 on Chinese equipment in the US grid (Control Global) September 13, 2021, I submitted my response to the FERC Complaint EL21-99-000 on the use of Chinese-made equipment for critical equipment used in the US grid - https://michaelmabee.info/wp-content/uploads/2021/09/FERC-Complaint-EL21-99-000-commments-jw-9-13-21.pdf
