Attacks, Threats, and Vulnerabilities
Hungary Primaries Deadline Extended After 'Cyber Attack' (Barron's) Hungary's first ever opposition primary elections to find a candidate to take on Prime Minister Viktor Orban were extended Sunday by two days after a suspected cyber attack forced polling to be suspended.
'Attack' hits Hungary primary polls aimed to challenge Orban: opposition (Yahoo) Hungary's first-ever primary elections to find a candidate to challenge right-wing Prime Minister Viktor Orban got off to a rocky start on Saturday with voting suspended due to what organisers said was a suspected cyber attack.
Orban party blames opposition for Hungary primaries debacle after alleged cyber attack (TheJournal.ie) Voting in the primary elections to find a candidate to challenge Orban was suspended on Saturday.
Boris Johnson and ministers breached security guidance over private messages 'on an industrial scale' (Computing) The breaches are said to be 'on an industrial scale'
Why are Ministers using private emails? (CrowdJustice) Good Law Project's mission is to achieve change through the law. We use litigation to uphold democracy, protect the environment and ensure no one is left behind.
Numando: Count once, code twice (WeLiveSecurity) ESET Research continues its series on Latin American banking trojans, this time dissecting Numando, which targets mainly Brazil and rarely Mexico and Spain.
Cyberattacks against the aviation industry linked to Nigerian threat actor (ZDNet) The investigation began after a Microsoft tweet concerning AsyncRAT.
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan (Forbes) Texas-based Exodus Intelligence says it had to cut ties with India after its research into Windows security was weaponized to attack China and Pakistan. It’s now looking into whether or not its valuable code leaked to other nations.
Why Government and Military Sites Are Hosting Porn and Viagra Ads (Motherboard) A security researcher believes the issue comes down to a specific government contractor called Laserfiche.
US govt sites showing porn, viagra ads share a common software vendor (BleepingComputer) Multiple U.S. government sites using .gov and .mil domains have been seen hosting porn and spam content, such as Viagra ads, in the last year. A security researcher noticed all of these sites share a common software vendor, Laserfiche.
Yes, of course there's now malware for Windows Subsystem for Linux (Register) Once dismissed proof-of-concept attack on Microsoft OS through WSL detected in the wild
Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang (Threatpost) Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems.
OMIGOD: Microsoft Azure VMs exploited to drop Mirai, miners (BleepingComputer) Threat actors started actively exploiting the critical Azure OMIGOD vulnerabilities two days after Microsoft disclosed them during this month's Patch Tuesday.
Mirai Botnet Actively Exploiting OMIGOD Flaw (BankInfoSecurity) The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, aka OMIGOD in Microsoft's Azure Linux Open Management Infrastructure framework
DDoS botnets, cryptominers target Azure systems after OMIGOD exploit goes public (The Record by Recorded Future) Threat actors are attacking Azure Linux-based servers using a recently disclosed security flaw named OMIGOD in order to hijack vulnerable systems into DDoS or crypto-mining botnets.
TTEC Resolves Cyber Attack On Technology Systems (Nasdaq) TTEC Holdings Inc. (TTEC) said that it resolved the cyber attack on its technology systems.
‘Yes, we are breaking the law:’ An interview with the operator of a marketplace for stolen data (The Record by Recorded Future) A website called Marketo emerged earlier this year, billing itself as a marketplace where people can buy leaked data. Although Marketo isn’t a ransomware group, it appears to borrow key strategies from those types of threat actors.
Kiwibank expects more problems with online banking and app on Monday (Stuff) Bank source says Reserve Bank has been in communication with GCSB over 'denial-of-service' attacks.
French Container Operator CMA CGM Hit By Cyberattack (MarketWatch) By Costas Paris French liner CMA CGM S,A. said Monday that it suffered a cyberattack with unknown hackers leaking part of its customer information. The...
CMA CGM data hack leaves confused customers in the dark (Loadstar) Confusion reigned among the customers of French carrier CMA CGM, as hackers wrote to media organisations claiming to have accessed customer data – but many of the line’s customers had not heard of the attack.
TN govt systems under cyber attack, probe on (The New Indian Express) The Tamil Nadu government’s Public Department is said to have come under a ransomware attack, wherein a malware was used to encrypt computer files.
Health Dept. Cyber Attack Exposes Most Alaskans’ Personal Data (Governing) The attack against the Department of Health and Social Services could have released personal and health information to the hackers. The state will spend $215,000 for free credit monitoring for those who want it.
‘Any Alaskan’ Could Have Been Impacted by Health Data Breach (GovTech) The Alaska Department of Health and Social Services said yesterday that the personal data of most Alaskans could have been compromised by a May cyber attack. In response, the state is offering free credit monitoring.
Alaska discloses 'sophisticated' nation-state cyberattack on health service (The Record by Recorded Future) A nation-state cyber-espionage group has gained access to the IT network of the Alaska Department of Health and Social Service (DHSS), the agency said last week.
2021 Cyberattack: Frequently Asked Questions Updated Sept. 16, 2021 (State of Alaska Department of Health and Social Services) The Department of Health and Social Services (DHSS) recognizes there are many questions that have not been answered about this cyberattack. Due to the nature of the situation, many factors must be considered before information is released publicly...
City of Mount Vernon Government Stops Attempted Cyber Attack-Hack (Yonkers Times) “Last Friday, the City of Mount Vernon was subject to an attempted cyber-attack whichtargeted the City’s internal email and cloud storage systems. The isolated breach was quickly confinedthanks to the City’s new cyber security measures and updated servers put into place last year. Noinformation was stolen from staff or residents and over the past few […]
Notice of Data Event - Simon Eye (Simon Eye Associates) Simon Eye Management (“Simon Eye”) recently became aware of suspicious activity related to certain employee email accounts. With the assistance of third-party computer forensic specialists, we took immediate steps to contain the incident and to investigate the nature and scope of the incident. Simon Eye is issuing this notice to provide additional details regarding what […]
New "Elon Musk Club" crypto giveaway scam promoted via email (BleepingComputer) A new Elon Musk-themed cryptocurrency giveaway scam called the "Elon Musk Mutual Aid Fund" or "Elon Musk Club" is being promoted through spam email campaigns that started over the past few weeks.
Security Patches, Mitigations, and Software Updates
Laserfiche Forms Portal File Upload Vulnerability. (Laserfiche) Laserfiche has identified a security vulnerability with self-hosted Laserfiche Forms. A summary of the vulnerability is below. Laserfiche has released a critical security update in order to address the issue. If you have not already applied this update, it should be applied immediately on Laserfiche Forms servers that are accessible from the public Internet or other open networks.
Laserfiche Forms Public Portal File Cleanup Tool (Laserfiche) The Laserfiche Forms Public Portal File Cleanup Tool is a diagnostic tool that can do the following...
Google will extend Permission Auto-Reset feature to older Android versions (The Record by Recorded Future) Google announced plans today to port its Permission Auto-Reset feature from Android 11 to older versions of its mobile operating system, as far back as Android 6.
Trends
Industrial control systems spyware scripts on rise in UAE (GDN) Almost one in three industrial computers in the UAE was subject to malicious activity in the first half (H1) of 2021, said a new report by Kaspersky ICS CERT.
We are at war; a cyber war (Security Magazine) is the U.S. in a cyber war? Eric Jeffery, Sr. Solutions Architect for IBM Security, explores the scale of the latest nation-state sponsored cyberattacks.
Apple Patch: Intensifying Cybersecurity Race (PYMNTS) The Apple security hole is a sign that the cybersecurity arms race is intensifying, as activists and tech companies work to fix vulnerabilities.
Marketplace
The Cybersecurity Sector is Booming — Here’s How to Play It (Nasdaq) Imagine you receive a text message that looks off.
Orca Security Touts Transparency in Latest Salvo Against Palo Alto Networks (SDxCentral) In the latest chapter of its ongoing battle against Palo Alto Networks, Orca Security launched the Transparency in Cyber initiative.
Atlanta cybersecurity firm Pindrop is downsizing in favor of 'remote-first' model (Atlanta Business Chronicle) Atlanta technology companies have announced different approaches as they revamp the traditional office model in favor of more flexible work environments.
Alert Logic MSP Partner Channel Grows 70% with Increasing Demand for Managed Detection and Response (PR Newswire) Alert Logic today announced the latest expansion of its SaaS-enabled managed detection and response (MDR) solution from a growing base of...
William Lin : Venture Capital & Cybersecurity Superstar - (Rebellion Research) William Lin : Venture Capital Superstar : William Lin has turned heads as one of the hottest Venture Capital investors and minds globally!
Peraton appoints government and customer relations SVP (Virginia Business) Mara Motherway joined Peraton Inc. in September as the Herndon-based federal contractor's senior vice president of government and customer relations, a newly created position.
Aryaka Appoints Craig Patterson New Channel Chief & VP of Sales (Aryaka) Craig will be the strategic leader for revenue and sales in the Aryaka Channel Partner Program and will be responsible for the go-to market strategies in NA.
Sotero's President and Co-Founder, Purandar Das Joins Forbes Tech Council (PR Newswire) Sotero, the leading innovator in comprehensive data protection with an emphasis on data usability, announced today that Purandar Das,...
Products, Services, and Solutions
Radware and Azion partner in Brazil to offer BOT Management Protection Service (Intelligent CIO LATAM) Radware, a leading provider of cybersecurity and application delivery solutions, has partnered with Azion, a global leader in Edge Computing in Brazil. The partnership will strengthen Radware’s global presence as well as offering Azion customers Radware’s Bot Manager solution. Radware’s Bot Manager detects and blocks the most aggressive and sophisticated bot attacks. As part of this partnership, […]
CaixaBank, together with fraud prevention start-up Revelock, is developing an artificial intelligence solution to reinforce digital security (PR Newswire) CaixaBank has worked together with the start-up Revelock, recently acquired by Feedzai, to develop a solution based on artificial intelligence...
Technologies, Techniques, and Standards
NIST Receives Feedback on AI Risk Management Framework (MeriTalk) A request for information (RFI) by the National Institute of Standards and Technology (NIST) developing a framework to improve the management of risks to individuals, organizations, and society associated with AI received feedback to assist in its development.
Looking for Cyber Insurance? Legal Terms, Issues to Know (Bloomberg Law) The impacts of cyber and ransomware attacks on companies can be devastating, and companies seeking to mitigate these risks are shopping for standalone cyber insurance policies. Hogan Lovells privacy and security litigators examine what companies should know and understand when looking for a policy.
IoT 'Nutrition' Labels Aim to Put Security on Display (Dark Reading) NIST has laid the groundwork for an easy-to-understand way to communicate to consumers the security of software and connected devices.
Natural Gas Pipelines ‘Not at the Forefront’ of Cybersecurity, Experts Warn (Natural Gas Intelligence) Natural gas pipeline operators must enhance their cybersecurity protocols to avoid breaches like the one that shut down the Colonial Pipeline refined
Why ‘Role’ Permissions Are So Dangerous To Your Cloud Environment (Radware Blog) A key challenge facing organizations in the cloud is how to reign in excessive permissions. Benefits frequently come at a cost to security.
A 10-Point Guide to Establish Supply Chain Cybersecurity (Supply Chain Brain) As global supply chains become increasingly digital, companies are exposed to risks from umpteen indirect sources.
How to shut down a phishing operation in 48 hours (TechRadar) And you can do it, too, even without Gmail’s help
Everything You Need to Know about Cyber Crisis Tabletop Exercises (The State of Security) By using a cyber crisis tabletop exercise (CCTE), organizations can test or rehearse an emergency preparedness plan before a crisis occurs.
Change urgently needed in defence against cybercrime (Scoop) Cultural change urgently needed in defence against cybercrime attacks Spending millions of dollars and IT specialists working around the clock to defend against the wave of cyber-attacks currently engulfing New Zealand will only be a losing battle until ...
Debunking Hard Drive Destruction Misconceptions (Infosecurity Magazine) The correct path is following NSA standards and degaussing all magnetic media
Design and Innovation
A New App Helps Iranians Hide Messages in Plain Sight (Wired) Nahoft uses encryption to turn chats into a random jumble of words, and it works even when the internet doesn’t.
The Facebook Files (Wall Street Journal) Facebook knows, in acute detail, that its platforms are riddled with flaws but hasn’t fixed them. That’s a key finding of a Journal series that launched this week, based on an array of internal company documents. Read all the stories here.
What the Wall Street Journal Got Wrong - About Facebook (About Facebook) We fundamentally reject this mischaracterization of our work and impugning of the company’s motives.
AI Can Write Code Like Humans—Bugs and All (Wired) New tools that help developers write software also generate similar mistakes.
Academia
Cybersecurity growing as a concern for schools, universities (CBS17.com) Educational computer systems are a rich target for bad actors, partly because, in many cases, they’re so poorly protected.
NSA designates CEI’s Cybersecurity Program designated as Center of Academic Excellence (Local News 8) CEI’s Information Assurance & Cybersecurity program is now designated as a Center of Academic Excellence in Cyber Defense Education (CAE-CDE).
Legislation, Policy, and Regulation
How America Should Deal With the Taliban (Foreign Affairs) Avoiding the diplomatic errors that doomed the U.S. withdrawal.
How Russia made Apple and Google complicit in its internet crackdown (Atlantic Council) Just as voting opened in Russia, Apple and Google deleted an app from their stores published by Alexei Navalny's team designed to deliver candidate recommendations. Here's why that signals an international problem.
Google and Apple, Under Pressure From Russia, Remove Voting App (New York Times) The app, created by allies of the opposition leader Aleksei Navalny, vanished from online stores, reflecting a new level of pressure against U.S. technology companies in the country.
Apple and Google Go Further Than Ever to Appease Russia (Wired) The tech giants have set a troubling new precedent.
Telegram Messenger Blocks Navalny's Bot During Vote (RadioFreeEurope/RadioLiberty) Popular messaging app Telegram has suspended all chat bots used in the Russian elections campaign, in another blow to jailed opposition politician Aleksei Navalny’s Smart Voting initiative after Apple and Google removed the election-guide app from their stores.
Why the Quad Alarms China (Foreign Affairs) The Quad's success poses a major threat to Beijing’s ambitions.
The People’s Liberation Army (PLA), Global Supply Chains and Chinese Military-Civil Fusion (MCF) (OODA Loop) The U.S. DoD has embarked on a strategic transformation based on changes in organizational structure, putting nuclear once again at center stage, a renewed commitment to the U.S. and allied military capabilities in the Indo-Pacific region, strength through power in Europe (in the form of U.S. and NATO military capabilities), and the maintenance of superiority by the U.S. in conventional weapon technologies.
Antony Blinken deletes tweet saying "We stand with the people of Hong Kong" (Newsweek) The secretary of state was criticizing China for disqualifying seven pro-democracy district councilors.
First national cybersecurity policy to be fully implemented by June 2022 (TechJuice) The government is all set to fully implement the first-ever National Cyber Security Policy 2021 by end of June 2022 to monitor, detect, protect and respond on time to the international threats against the country's digital ecosystem.
How Estonia Created Trust in Its Digital-Forward Government (Security Intelligence) The cybersecurity risk of going all-in on digital is endless, yet Estonia is thriving. A digital transformation advisor explains how they did it.
Project Raven – Cyber mercenaries and cyberwars (FijiTimes) Earlier this week three American former NSA and US military cybersecurity experts were indicted for violations of US laws involving computer fraud and improper exporting of technology.
(International Campaign) Pegasus Espionage: End the Global Trade In Spyware (The Good Men Project) They don’t make vaccines: all they sell is the virus.
The battle for election security funding is back (Washington Post) Welcome to The Cybersecurity 202! I hope you're getting ready for the last official summertime weekend. Take a walk outside. Have a drink on a patio.
WSJ News Exclusive | U.S. to Target Crypto Ransomware Payments With Sanctions (Wall Street Journal) The Biden administration is preparing an array of actions, including sanctions, to disrupt the digital finance infrastructure that facilitates ransomware cyberattacks, a national security threat traced to Russia.
Treasury to Flag Stablecoin Perils as U.S. Readies Clampdown (Bloomberg) Tether and its peers get scrutiny ahead of oversight talks. Recommendations from Treasury officials may steer future rules.
Key security agencies split over whether to blacklist former Huawei smartphone unit (Washington Post) Key security agencies are divided over whether to place Huawei’s former smartphone company on an export blacklist, showing that the Trump-era debates about the trade-offs of doing business with Chinese technology companies continue during the Biden administration.
John Sherman Nominated for DOD CIO Post (GovCon Wire) Looking for the latest GovCon News? Check out our story: John Sherman Nominated for DOD CIO Post. Click to read more!
One U.S. state stands out in restricting corporate use of biometrics: Illinois (Reuters) When night fell, a clerk at a bustling 24-hour MotoMart flipped a switch from behind the counter.
Pennsylvania National Guard Army Cyber Team participates with state partners in overseas cyber exercise (DVIDS) VILNIUS, Lithuania – Nine Soldiers from the Pennsylvania Army National Guard’s Defensive Cyber Operations Element (DCOE) along with their Lithuanian counterparts participated in “Amber Mist,” a week-long cyber defense exercise Aug. 18-28.
Sending off the Bats! - the 185th Cyberspace Operations Squadron supports USCYBERCOM (DVIDS) Virginia Air National Guard members from the 185th Cyberspace Operations Squadron have embarked on a six-month mobilization this month in support of United States Cyber Command’s 856th Cyber Protection Team. The Airmen celebrated their upcoming mission with family and command leadership during send-off ceremonies in August 2021 at Joint Base Langley-Eustis, Virginia.
Litigation, Investigation, and Law Enforcement
How Ukraine planned to lure Russian mercenaries into a trap (CNN) Ukrainian intelligence set up a recruitment website to ensnare Russian mercenaries but their plan ended with arrests in Belarus.
NSO spyware used against Belgian journalist, likely at behest of Rwanda, reports say (Haaretz) As part of Pegasus Project, Belgian media outlets say military intelligence report reveals a journalist and his wife were targeted by Israel's NSO
Pegasus: Journalist, Wife Targeted by NSO Spyware, Finds Belgium’s Military Intelligence (The Wire) The security agency said that due to the timing and the targets, Rwanda was 'highly likely' to be behind this case of spyware intrusion.
Israel’s Pegasus: Is your phone a ‘24-hour surveillance device’? (Al Jazeera) The Pegasus scandal is the latest episode in the dystopian science fiction thriller that we are living.
India antitrust probe finds Google abused Android dominance, report shows (Reuters) Google abused the dominant position of its Android operating system in India, using its "huge financial muscle" to illegally hurt competitors, the country's antitrust authority found in a report on its two-year probe seen by Reuters.
Ireland raises privacy question over Facebook smart glasses - ET CIO (ETCIO.com) The Irish regulator said it shares the concerns of the Italian Data Protection Regulator, the Garante, which asked Facebook for clarifications on Sept..
DHS intelligence bulletin warns of small number of online threats of violence ahead of "Justice for J6" rally (CBS News) But DHS says there haven't been "indications of a specific or credible plot associated with the event.
Why Twitch’s 'hate raid' lawsuit isn’t just about Twitch (Protocol) When is it OK for tech companies to unmask their anonymous users? And when should a violation of terms of service get someone sued?
CREST Concludes Investigation and Responds to NCC Group Exam Leak Scandal (Infosecurity Magazine) After a year-long investigation, Phil Muncaster asks what lessons can be learned from the CREST exam leak scandal
U.S.’s Binance Probe Expands to Examine Possible Insider Trading (Bloomberg) CFTC examining whether crypto exchange exploited customers. Binance has said it has strict policies to prevent misconduct.
Union President Who Doxxed Chief Judge Janet DiFiore Retires From Court Officer Position (New York Law Journal) Dennis Quirk was suspended from duty in August for 30 days after posting the addresses of New York's top judicial official in a call to protest a COVID-19 vaccine mandate for court system employees.
AT&T lost $200M in seven years to illegal phone unlocking scheme (BleepingComputer) A Pakistani fraudster was sentenced earlier this week to 12 years in prison after AT&T, the world's largest telecommunications company, lost over $200 million after he and his co-conspirators coordinated a seven year scheme that led to the fraudulent unlocking of almost 2 million phones.