Netwalker ransomware takedown. US Cyber Command urges immediate patching of Sudo. Influenzers and a short squeeze.

Cyber Attacks, Threats, and Vulnerabilities

MAR-10319053-1.v1 - Supernova (CISA) This report provides detailed analysis of several malicious artifacts, affecting the SolarWinds Orion product, which have been identified by the security company FireEye as SUPERNOVA.

Hundreds of Industrial Organizations Received Sunburst Malware in SolarWinds Attack (SecurityWeek) Hundreds of industrial organizations, many in the manufacturing sector, apparently received the Sunburst malware as part of the SolarWinds hack.

Why the SolarWinds Cyber Hack Could Have One-to-Many Impacts (Security Sales & Integration) A single systems integrator experiencing a cyber incident could easily cause a major cascading compromise effect to many of their customers.

How Cloud Services Are Exploited for Cyber-Espionage (Infosecurity Magazine) A number of recent cyber-espionage campaigns share common characteristics

Cyber Command, NSA warn to patch decade-old sudo vulnerability (CyberScoop) There's a critical vulnerability in sudo, a common Unix program, according to security firm Qualys, and the Pentagon is paying attention.

CISA Issues Advisory for High-Severity Vulnerabilities in Fuji Electric HMI Products (SecurityWeek) CISA has issued an advisory to warn industrial organizations about some Fuji Electric HMI products being affected by several high-severity remote code execution vulnerabilities.

Joker’s Stash’s Final Deal: A turning point for AVCs? (Digital Shadows) Back in December 2020, Digital Shadows reported that the Blockchain DNS domains for the infamous carding automated vending cart (AVC) Joker’s Stash displayed a notification that the US Department of Justice and Interpol had seized the site.

Cracking the LifeShield: Unauthorized Live-Streaming in your Home (Bitdefender Labs) Also, CVE-2020-8101 - Command execution due to unsanitized input Do-it-yourself home security solutions are centerpieces of the modern lifestyle. From sensors to surveillance and anything in between, these solutions have our back while we’re at home and, even more... #ADT #Lifeshield

Report: 10,000s of Online Shoppers Exposed by Popular Shopify App. Personal Data, Credit Cards, And Much More (vpnMentor) Led by Noam Rotem, vpnMentor’s research team discovered a data leak originating from a 3rd party Shopify app popular in the dropshipping industry.

NVD - CVE-2021-1070 (NIST) NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

Check Point Identifies A Security Vulnerability In TikTok’s ‘Find Friends’ Feature (Security Informed) Researchers at cyber-security specialist Check Point Research have identified a security vulnerability in TikTok’s ‘Find Friends’ feature.If left unpatched, the vulnerability would...

Manufacturing Giant Suffers Major Cyber-Disruption (Infosecurity Magazine) Attack bears the hallmarks of ransomware

Data Of 20 Lakh Credit Score Records Leaked From Chqbook (Inc42 Media) Data of over 20 lakh credit score records with Chqbook, an Indian neobank for small businesses, has been leaked on the dark web.

Multimillion-dollar Pakistani delivery company leaks 400+ million files (SafetyDetectives) A prominent vehicle-for-hire and parcel delivery company based in Pakistan has suffered a significant data breach which affected its extensive user database. Th

Outages Continue to Plague Online Brokerages (Wall Street Journal) Schwab, Vanguard, Fidelity and others reported new service disruptions. TD Ameritrade blocked some trades on GameStop and AMC.

Security Patches, Mitigations, and Software Updates

Firefox Cracks Down on Supercookies to Improve User Privacy (SecurityWeek) Mozilla this week announced further improvements to user privacy in Firefox, through the isolation of network connections and caches, thus essentially cracking down on supercookies.

Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes (Dark Reading) Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.

Cyber Trends

Cybercriminals Cash Out as Finance Industry Becomes Lucrative Targets (Keeper Security) Report finds 70% of financial services organizations have reported experiencing a cyberattack in the past 12 months alone

Businesses at Work 2021: Driving the Digital Economy Forward (Okta) Today, we announced the findings of our seventh annual Businesses at Work report, examining how organizations and people worked in a year of near-constant change.

Security Risks 2021: Ransomware and the Return to the Office (Illumio) What are the top cybersecurity risks in 2021? Read this report for insights into how organizations are addressing remote endpoint security and ransomware.

Dasera Releases Data Lifecycle Trust and Privacy Report on Data Privacy Day (BusinessWire) Cloud Data Lifecycle Security startup Dasera announced today that it has released its research findings on how consumers feel about brands who use the

Consumers Flocked To VPNs in 2020 Under Threats of Government Censorship, Major Events Impacting Travel (Security.org) People use VPNs for various reasons, such as bypassing government restrictions, securing Wi-Fi networks, and hiding web activity from Internet Service Providers. Recent data suggests that consumers’ average interest in VPNs increased greatly in 2020 during important news events such as the potential ban of the social media platform TikTok by the U.S. government. In … Continued

KnowBe4 warns of AI, deepfakes in social engineering attacks this year (Engineering News) Cybersecurity awareness and training solutions company KnowBe4 Africa warns that the volume and sophistication of phishing emails – fraudulent emails designed to steal information and credentials or infect devices with malware –will continue to increase this year. KnowBe4 Africa Content Strategy senior VP Anna Collard adds that criminals are likely to start applying artificial intelligence (AI) and new technologies, such as deepfakes, in their social engineering attacks.

Marketplace

Veritas inks $7.1B deal for Perspecta. But wait, there's more. (Washington Technology) Veritas Capital's $7.1 billion offer to acquire Perspecta has been accepted by the company's board of directors, but there are two other (giant) moving pieces to this story.

Link11 to Acquire DDoS Protection Provider DOSarrest (Link11) The acquisition of the Vancouver-based company reinforces Link11’s commitment to deliver DDoS protection solutions to organizations globally.

Second Front Systems Extends Seed Round Funding to $8.1 Million to Provide Immediate Impact to National Security, adds investment by Pallas Ventures (PR Newswire) Second Front Systems (2F), a public benefit software company that equips defense and national security professionals for long-term, continuous...

January tech layoffs: New cuts at PayPal, VMware, Samsung Semiconductor (Silicon Valley Business Journal) PayPal, VMware and Samsung Semiconductor were among the tech giants to cut staff this month.

Microsoft’s Security Business Swells to $10 Billion (Wall Street Journal) Microsoft’s security business surged to $10 billion in revenue over the past 12 months, reflecting an uptick in cyber threats during the coronavirus pandemic.

For Microsoft, cybersecurity has become bigger than business (CyberScoop) Since the cybersecurity firm FireEye hired Microsoft to help investigate a hack at the federal contractor SolarWinds, Microsoft has helped clean up the mess, alerted victims and distributed other details meant to fend off alleged Russian spies.

WisdomTree Launches Cybersecurity Fund (WCBR) (GlobeNewswire) WCBR offers exposure to the key themes driving cybersecurity developments and addresses increased interest in cybersecurity as shift towards remote work and cloud computing accelerates

AMC, GameStop, Blackberry: What to Watch in the Stock Market Today - WSJ.com (Wall Street Journal) Shares of AMC and GameStop surged again on Wednesday as retail investors pile into popular names. Here's what you need to know.

GameStop mania explained: How the Reddit retail trading crowd ran over Wall Street pros (CNBC) "Retail investors with the help of technology acting as a union in attacking is a new phenomenon," said an investor.

GameStop Mania Reveals Power Shift on Wall Street—and the Pros Are Reeling (Wall Street Journal) Internet-fueled amateurs are gathering on platforms like Reddit, Discord, Facebook and Twitter, encouraging each other to pile into stocks, bragging about their gains and, at times, intentionally banding together to intensify losses among professional traders. “I didn’t realize it was this cult-like.”

A Reddit user on what it's like to be part of "the mother of all short squeezes" (Quartz) A young retail investor explains what it's like to be present for "the mother of all short squeezes."

Reddit’s WallStreetBets Forum Briefly Goes Dark (Wall Street Journal) A message on the forum’s landing page initially said WallStreetBets had been taken private by its moderators because off technical difficulties on an “unprecedented scale as a result of the newfound interest in WSB.”

Fastly, CyberArk named as GameStop style short-squeeze candidates at D.A. Davidson (NYSE:FSLY) (SeekingAlpha) Reddit investors have driven a meteoric rise for GameStop shares. D.A.

'Nerds Vs. Wall Street' Battle Heats Up (Wall Street Journal) Traders piling into AMC are seeking GameStop-like gains in other companies following the recent excitement in social-media groups. "Right now there's a whole movement of the nerds vs. Wall Street," said Chicago resident Ronald Clark, who traded into AMC shares on Tuesday after seeing a friend post

Nextdoor Is Quietly Replacing the Small-Town Paper (One Zero) While Facebook and Twitter get the scrutiny, Nextdoor is reshaping politics one neighborhood at a time

Announcing the Oversight Board’s first case decisions (Oversight Board) Today, the Oversight Board is announcing its first decisions. In the five case decisions published today, the ...

Facebook will stop recommending political groups permanently (CNBC) Facebook CEO Mark Zuckerberg on Wednesday announced that the company will no longer recommend civic and political groups to its users.

Telegram, Pro-Democracy Tool, Struggles Over New Fans From Far Right (NYTimes) The app has helped fuel democracy movements in Iran and Belarus but now faces scrutiny as extremists and conspiracy theorists flock to it amid crackdowns by Facebook and Twitter on disinformation.

Parler Security Hack : What Happened? (Bugcrowd) Today on the Bugcrowd Stream, our Founder and CTO Casey Ellis spoke with Director of Infrastructure, Coen Hyde, about the role of security in the early stages of a business and how asking what might go wrong early on could save you a lot of grief later.

Google's Decision to Delete Data From Inactive Accounts Branded 'Unfair' by 91% of Europeans (PR Newswire) The overwhelming majority (91%) of Europeans believe Google's plans to delete data in accounts that have been inactive for two years is...

ByteDance set to wrap up Indian ops and lay off over 1,800 employees (Entrackr) ByteDance has decided to wrap up its India operations and Entrackr sources said that close to 90% staff would be laid off.

Veteran Darktrace chairman to step down ahead of $5bn float (Coast FM) The veteran chairman of Darktrace is to step down ahead of a stock market flotation that its owners hope will value the cybersecurity company at $5bn (£3.8bn).

Blumira Expands Executive Leadership Team, Names Jim Simpson VP of Product (Blumira) Blumira, an emerging cybersecurity provider of automated threat detection and response technology, today announced that Jim Simpson has joined the company as vice president of product.

Kaspersky names new Asia-Pacific boss (CRN Australia) Chris Connell promoted to managing director for the region.

Cyren Announces Appointment of Kenneth Tarpey as Chief Financial Officer (IT News Online) Cyren (NASDAQ:CYRN), a provider of email security and threat intelligence solutions, today announced that Kenneth Tarpey will join the Company as Chief Financial Officer, replacing Michael Myshrall, who, after ten years with the company, is moving on to pursue other interests.

TrueFort Names Jill Richards Chief Marketing Officer (StreetInsider) Innovator in Application and Cloud Workload Protection Hires Proven Technology Brand Builder

Products, Services, and Solutions

Offensive Security Launches New Course and Certification for Exploit Development and Reverse Engineering (BusinessWire) Offensive Security, the leading provider of hands-on cybersecurity training and certifications, today announced the launch of Windows User Mode Exploi

Liseberg deploys new data centre solution from Proact for streamlined IT operations and enhanced security (Cision) Liseberg has assigned Proact to help modernise its IT infrastructure. Its new data centre solution,

observIQ’s Stanza Log Agent Now a Part of OpenTelemetry Project (BusinessWire) observIQ’s Stanza Log Agent Now a Part of OpenTelemetry Project

Akamai-Plume deal locks in on home-mobile security convergence (Light Reading) Under new deal, companies have forged a co-selling agreement for security and management products for inside and out of the home, with plans to develop a more integrated product.

Talkdesk Alert: Talkdesk first to earn ISO 27701:2019 security certification (Talkdesk) With this extension, Talkdesk adds to its level of General Data Protection Regulation (GDPR) certification.

Nuspire Launches New Industry-Based Approach to Threat Modeling (Nuspire) Nuspire, a leading managed security services provider (MSSP), announced today that it has launched the Nuspire Threat Modeling Tool (TMT) that helps organizations prioritize threats and mitigation efforts based on industry specific intelligence. “Threat modeling is used to help organizations understand their adversaries’ techniques,” said Christina Richmond, Program VP,…

Exabeam Announces Partnership with Snowflake (Exabeam) Collaboration enables organizations to identify risk across the entire business ecosystem and automate investigations and incident response FOSTER[...]

Shared Assessments’ CTPRP Risk Management Professional Certification Now Available Online, On-Demand (BusinessWire) The Certified Third Party Risk Professional (CTPRP), the gold standard risk mgt. credential, is now offered online self-paced by Shared Assessments.

Technologies, Techniques, and Standards

Going beyond the vulnerability hype: Top considerations for security teams (Intelligent CIO Europe) To ensure effective vulnerability management, it is essential that business leaders take a risk-based approach when making decisions. Stephen Roostan, VP EMEA at Kenna Security, discusses how organisations can manage their vulnerabilities to external threats as the attack surface widens with remote working. It’s all too easy to get caught up in the hype surrounding […]

If IoT devices are being cyber-certified, why aren’t mobile applications? (Security Magazine) In spite of the fact that mobile apps live on IoT-enabled devices, collect user data, and continuously loop communication between Internet, cloud services and companies (even when not “in use”), there is a limited view that they are different entities altogether. We see this particularly when it comes to security – or lack-there-of – regarding security standards in place to continuously protect users from detrimental application hacks.

CIO Study: CIOs Massively Underestimate SSH Risks (Venafi) 300% growth in SSH malware targets organizations with weak SSH key management

Design and Innovation

How we’re helping developers with differential privacy (Google Developers Blog) News and insights on Google platforms, tools, and events.

COVID helped teach Army how to build classified networks, both on and off bases (Federal News Network) The Army is finding ways to use tools initially developed for telework to accelerate the deployment of classified networks on its bases.

Understanding true intent: probabilistic vs deterministic approaches (Paypers) For ecommerce companies, 2020 could be characterised as the best of times and the worst of times. Digital businesses saw massive waves of new customers as COVID-19-related lockdowns spurred people online to buy everything from cars to groceries to video games. And those who previously engaged in online commerce only occasionally, quickly became much more reliant on it.

How Tracy Chou is battling trolls (both hers, and yours) (Protocol) Her new app, Block Party, aims to give people control over harassing content.

South African government releases its own browser just to re-enable Flash support (ZDNet) For some people, it's apparently easier to manage your own browser than port some web forms from Flash to HTML.

Academia

NSWC Crane technical experts mentor college students in virtual hackathon (Naval Sea Systems Command) Naval Surface Warfare Center, Crane Division’s (NSWC Crane) microelectronics subject-matter experts (SMEs) mentored more than 120 students in the 2nd annual HackIN hackathon. The

NSA designates SA colleges as a cybersecurity regional hub (San Antonio Business Journal) San Antonio College and the University of Texas at San Antonio were designated as the Southwest Center of Academic Excellence in Cybersecurity Regional Hub by the National Security Agency.

Legislation, Policy and Regulation

GDPR - Your questions answered on Data Protection Day (Computing) Dr W Kuan Hon, director in the Privacy, Security & Information Law team at Fieldfisher, answers IT leaders’ enduring questions about GDPR around data erasure, subscriber data and Schrems II

Beijing’s Welcome Gift to Biden: More Threats and Tensions (Foreign Policy) If China is seeking a reset of relations, it has a strange way of showing it.

White House vows to protect U.S. telecoms network from Huawei security threat (Reuters) The Biden administration will work to safeguard American telecoms networks from "untrusted vendors" like Huawei Technologies Co Ltd that threaten national security, the White House said on Wednesday, offering some insight into its plans for China's top telecoms equipment...

Secretary Antony J. Blinken at a Press Availability - United States Department of State (United States Department of State) MR PRICE: Good afternoon. Welcome back to the briefing room, to your briefing room. We’ll be spending quite a bit of time together starting very shortly, and I very much look forward to that. But today, first, I have the privilege of introducing for the first time to this room the 71st Secretary of State, […]

The uncomfortable reality of American cyber espionage (Axios) The U.S. is only portrayed as a victim of nation-state cyber activity and not as a perpetrator in its own right.

How Biden’s $10.2B Investment Can Transform Federal Cybersecurity Post-SolarWinds (Forbes) What President Biden’s proposed American Rescue Plan means for federal cybersecurity — and how to ensure its success.

Pressure builds on Biden, Democrats to revive net neutrality rules (Washington Post) The party is under pressure to deliver on its past promises to restore open-Internet protections, but doing so — at least at first — may not be easy

SIFMA Opposes Proposal To Shift CAT Data Breach Liability Away From SROs (Mondo Visione) In a comment letter filed today with the SEC, SIFMA strongly opposes the SEC’s proposed amendment to the National Market System Plan governing the Consolidated Audit Trail (CAT) that would force all CAT Reporters to effectively assume all liability associated with a breach of the CAT data system.

Young people want checks on Big Tech's power (Axios) The power of Big Tech is raising alarm for young Democrats and Republicans.

Litigation, Investigation, and Enforcement

Afghanistan Wanted Chinese Mining Investment. It Got a Chinese Spy Ring Instead. (Foreign Policy) Desperate to jump-start its economy, Kabul is sick of waiting for Beijing to tap the country’s mineral wealth.

NSW Health, SBS probe potential cyber attack damage (Australian Financial Review) The NSW government’s cyber security agency is investigating whether the state’s health department and other agencies have been victims of a high-profile cyber attack that has hit the corporate watchdog, law firm Allens and the Reserve Bank of New Zealand.

Social Media Influencer Charged with Election Interference Stemming from Voter Disinformation Campaign (US Department of Justice) A Florida man was arrested this morning on charges of conspiring with others in advance of the 2016 U.S. Presidential Election to use various social media platforms to disseminate misinformation designed to deprive individuals of their constitutional right to vote.

Influencer Interfered in '16 Election Through Voter Disinformation Campaign: Feds (NBC New York) A social media influencer was charged with conspiring with others in advance of the 2016 presidential election by using various social media platforms in a disinformation campaign designed to deprive individuals with their right to vote, Acting United States Attorney for the Eastern District of New York Seth DuCharme announced Wednesday. According to the unsealed criminal complaint, in 2016, Douglass…

Twitter troll arrested for election interference related to disinformation campaign (NBC News) The charges are a potentially tectonic shift in how the federal government tries to enforce laws against election interference.

Right-Wing Twitter Maven Accused Of Trying To Fool Voters (Law360) A right-wing social media influencer from Florida was arrested Wednesday after the Brooklyn U.S. attorney's office unsealed a complaint charging him with conspiring to deprive Americans of their right to vote in the 2016 presidential election by spreading misinformation on Twitter.

U.S. prosecutors eye 400 potential suspects, expect sedition charges ‘very soon’ in Jan. 6 Capitol breach (Washington Post) U.S. authorities have opened case files on at least 400 potential suspects and expect to bring sedition charges against some “very soon” in the sprawling investigation of the Jan. 6 breach of the U.S. Capitol, officials said.

Law enforcement takes over Emotet, one of the biggest botnets (CSO Online) Multi-national cooperation removes this key malware delivery service as a threat, at least temporarily.

Police take down Emotet, the “world’s most dangerous” botnet (Verdict) A coordinated international law enforcement operation has taken down the Emotet botnet, one of the most prolific distributors of malware of the past decade.

Cops Disrupt Emotet, the Internet's ‘Most Dangerous Malware’ (Wired) A global operation has taken down the notorious botnet in a blow to cybercriminals worldwide.

Emotet Botnet Disrupted in Global Law Enforcement Operation (SecurityWeek) Law enforcement authorities in Europe and North America took control of the Emotet infrastructure.

Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline (Threatpost) Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker's Dark Web leaks site offline and charged a suspect.

Collaborative global effort disrupts Emotet, World’s most dangerous malware (Check Point Software) In an extraordinary broad, well-coordinated and timed collaboration, law enforcement agencies of eight countries and the Europol have teamed together to

Cops Disrupt Emotet, the Internet's ‘Most Dangerous Malware’ (Wired) A global operation has taken down the notorious botnet in a blow to cybercriminals worldwide.

Netwalker ransomware dark web sites seized by law enforcement (BleepingComputer) The dark web websites associated with the Netwalker ransomware operation have been seized by law enforcement from the USA and Bulgaria.

Justice Department issues rare charges against ransomware operator (NBC News) The charges also indicate how much of an uphill battle the U.S. faces in combating ransomware hackers, who have steadily attacked Americans in recent years.

Department of Justice Launches Global Action Against NetWalker Ransomware (US Department of Justice) The Department of Justice today announced a coordinated international law enforcement action to disrupt a sophisticated form of ransomware known as NetWalker.

Voice Recognition Tech Co. Broke Ill. Privacy Law, Suit Says (Law360) A software company that provides speech and voice recognition technology to companies like FedEx is accused in an Illinois state court lawsuit of violating Illinois' biometric privacy law by collecting customers' voiceprint biometrics without getting written permission and making required disclosures.

Department of Home Affairs directed to compensate detainees for data breach (Weekly Times) Almost 1300 asylum seekers could receive up to $20,000 each in compensation from the commonwealth following a serious data breach.

Microsoft Draws Wide Support In Bid To Ax Warrant Gag Order (Law360) The U.S. Chamber of Commerce, more than two dozen media organizations and former federal prosecutors are among those backing Microsoft's bid to convince the Second Circuit to strike down a "secrecy order" barring it from telling a large corporate client that the U.S. government has issued a warrant for the client's data.

Cypriot National Admits in U.S. Court to Extorting Website Owners (SecurityWeek) Joshua Polloso Epifaniou admitted hacking major websites, stealing user data, and demanding ransom payments not to make the data public.

Assessing Cyber Insurance Coverage for Data Breach Losses (JD Supra) Last week’s article on cybersecurity threats faced by the legal profession did not examine one risk mitigation strategy that is increasingly finding...

Feds Say Canadian Extorted $27M From Ransomware Victims (Law360) The U.S. Department of Justice on Wednesday accused a Canadian national of extorting cyberattack victims into paying $27 million worth of cryptocurrency using a type of ransomware that hackers have deployed to target hospitals and schools during the COVID-19 pandemic.

Philadelphia Health Department Severs Relationship with Philly Fighting COVID (Philadelphia Magazine) The startup organization, founded by a 22-year-old Drexel student, had been running the city's first COVID-19 mass vaccination clinic. But after the organization changed its data privacy practices, the city has cut ties.