Attacks, Threats, and Vulnerabilities
Lithuanian government warns about secret censorship features in Xiaomi phones (The Record by Recorded Future) The Lithuanian Defense Ministry published a security audit on Wednesday for three popular 5G smartphone models manufactured in China, recommending that citizens avoid or stop using at least two of the three devices, citing privacy infringements and secret censorship capabilities.
BlackMatter gang ramps up attacks on multiple victims (ComputerWeekly) A wave of new BlackMatter ransomware attacks is hitting organisations around the world, even as the US authorities mull new sanctions on ransom payment infrastructure.
Marketron marketing services hit by Blackmatter ransomware (BleepingComputer) BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry.
System Status | Marketron (Marketron Broadcast Solutions) Marketron is experiencing a cyber event, which is impacting certain business operations. Currently, all Marketron customers may experience an interruption in services as a result.
Russian hackers target Iowa grain co-op in $5.9 million ransomware attack (Washington Post) Cybercrime cell BlackMatter threatened to release New Cooperative’s proprietary business data unless it paid up
WatchGuard CSO: ‘Hackers Don’t Break In, They Log In’ (CRN) WatchGuard Chief Security Officer, Corey Nachreiner discusses supply chain attacks and big game ransomware and what end users can do to protect their companies.
Russia-Linked Turla APT Uses New Backdoor in Latest Attacks (SecurityWeek) Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands.
Ukrainian-language Cybercriminal Platforms: A Gap In the Market? (Digital Shadows) Take a look at the use of Ukrainian on the dark web and why Ukrainian-language cybercriminal platforms differ from their Russian-language counterparts.
Russian security firm sinkholes part of the dangerous Meris DDoS botnet (The Record by Recorded Future) Rostelecom-Solar, the cybersecurity division of Russian telecom giant Rostelecom, said on Monday that it sinkholed a part of the Meris DDoS botnet after identifying a mistake from the malware's creators.
Microsoft uncovers giant Phishing-as-a-Service operation (The Record by Recorded Future) Microsoft's security team said today that it uncovered a massive operation that provides phishing services to cybercrime gangs using a hosting-like infrastructure that the OS maker likened to a Phishing-as-a-Service (PHaaS) model.
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation (Microsoft Security Blog) With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. We are sharing these findings so the broader community can build on them and use them to enhance email filtering rules as well as threat detection technologies like sandboxes to better catch these threats.
BulletProftLink - A phishing service from Malaysia (Part 1) (OSINT Fans) Today’s OSINT investigation involves a talented young hacker, who slowly turned into the operator of a large-scale phishing network.
Chinese hackers target Indian agency and media company, report says (The Japan Times) The agency, the Unique Identification Authority of India, holds the private biometric information of more than 1 billion Indian citizens.
Chinese Hackers Target Indian Agency, Media Company, Report Says (Bloomberg) Indian authority maintains biometric information on citizens. UIDAI and Times Group dispute claims that they were hacked.
Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang (SecurityWeek) A cybercrime group that deploys the Cring ransomware has been exploiting two decade-old Adobe ColdFusion vulnerabilities in its attacks.
Autodiscovering the Great Leak (Guardicore) See the most recent research from Amit Serper on a vulnerability in Autodiscover from Microsoft Outlook that affects credential leaks.
Scammer luring Apple enthusiasts on launch event (Zscaler) Scammers are targetting iPhone enthusiasts with a BitCoin/Ethereum giveaway scam following an Apple launch event.
New macOS zero-day bug lets attackers run commands remotely (BleepingComputer) Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run arbitrary commands on Macs running any macOS version up to the latest release, Big Sur.
OpenOffice Vulnerability Exposes Users to Code Execution Attacks (SecurityWeek) A buffer overflow vulnerability in Apache OpenOffice could be exploited to execute arbitrary code on target machines using malicious documents.
Huge hack reveals embarrassing details of who’s behind Proud Boys and other far-right websites (Washington Post) Researchers say it will allow them to gain important new insights into how extremists operate online
This Is What COVID Fraud Looks Like (Flashpoint) Over the course of the COVID-19 pandemic, threat actors have leveraged fear, uncertainty, and doubt to turn a profit. Their fraud schemes target government relief funding; they advertise fake treatments or cures; and, lately, they buy, sell, and trade fake (negative) test results or proof of vaccination.
Trojan posing as IT refund skulking to attack Android phone bank customers (ETCIO.com) The phishing (a social engineering computer virus attack to steal personal data) malware is masquerading as an "income tax refund" and it can "effecti..
Database containing personal info of 106 million international visitors to Thailand was exposed online (Comparitech) Thai authorities left an unsecured database on the web containing international travel records dating back 10 years.
Details of 100M Visitors to Thailand Exposed Online: Research Firm (SecurityWeek) More than 106 million travellers to Thailand had their personal details exposed online in August, but the leak was quickly plugged by authorities.
Security Patches, Mitigations, and Software Updates
VMware warns of critical bug in default vCenter Server installs (BleepingComputer) VMware warns customers to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.
Team82 Researches Network Management Systems Security (Claroty) Claroty Team82’s latest research focuses on network management systems security, starting with 11 vulnerabilities in Nagios XI.
Announced - CVE-2021-40444 (eSentire) THE THREAT UPDATE 2: As of September 14th, Microsoft has released security patches to address CVE-2021-40444 for all impacted versions of Windows. eSentire has tested the update and confirmed its validity against public exploits. Organizations are strongly recommended to apply these security…
Apple partially patches new macOS Finder zero-day vulnerability (AppleInsider) A newly discovered bug in all versions of macOS, including the latest macOS Big Sur, allows attackers to run arbitrary code remotely with the help of files embedded in emails.
Trends
Arctic Wolf Global Survey Reveals Lack of Confidence in Cybersecurity Defenses and Government Action Amid Fears of State-Sponsored Attacks (Arctic Wolf) One in three enterprises experienced a six-figure breach in the past twelve months
Shadow Code: The Hidden Risk to Your Website (PerimeterX) More than 99% of websites use at least one third-party script, but only 33% can automatically detect potential problems with those scripts.
The rise and rise of supply chain attacks (ComputerWeekly) Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains
'Shadow Code' Creates Risk for 99% of Websites (TechNewsWorld) More than 50 percent of the security pros and developers surveyed believed there were some or lots of risk in using third-party code in their applications.
ESG Research Finds SASE Adoption Has Accelerated, Multi-vendor Approaches are Preferred, and ZTNA Projects Are Leading the Way (PR Newswire) Axis Security and industry analyst firm Enterprise Strategy Group (ESG) today unveiled new quantitative survey research of more than 600...
LastPass’ Psychology of Passwords Report Finds People are Still Practicing Poor Password Hygiene While Increasing Their Online Presence (GlobeNewswire News Room) More time online and increased volume of cyberattacks is not translating to safer password practices...
Cyber Claims Studies - NetDiligence (NetDiligence) The annual NetDiligence® Cyber Claims Study uses actual cyber liability insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.
Marketplace
SaaS Alerts Announces $3 Million Financing Round; Allocates 500K of Investment Opportunity to MSPs (EIN) Funding round led by channel industry veterans; offers MSP investment opportunity in fast-growth cybersecurity company purpose-built for IT service providers
Tequity's Cybersecurity Client Avaleris Acquired by PwC Canada (Yahoo Finance) Tequity, an M&A advisory firm specializing in global Enterprise B2B Cloud, SaaS, and IT companies, acted as the exclusive financial advisor to Avaleris Inc., an Ottawa-based firm focused on Microsoft Identity, Security and Cloud services, in their acquisition by PwC Canada.
Why St. Louis VC firm SixThirty created a new role to help its portfolio companies with cybersecurity (St. Louis INNO) St. Louis-based venture capital firm SixThirty has expanded with the creation of a new role: chief information security officer-in-residence.
Cisco Sees $80 Billion Cybersecurity Opportunity (Nasdaq) Any company that doesn't effectively lock down its data is susceptible to a data breach, and data breaches are expensive. Dealing with a data breach now costs $4.24 million on average, according to IBM's latest data breach report, with more than one-third of that cost stemming from lost business resulting from increased customer turnover, system downtown, and diminished reputation.
The Darktrace share price just exploded! Should I buy now? (The Motley Fool UK) The Darktrace share price surged 30% last week after releasing its latest earnings report, but is there trouble ahead? Zaven Boyrazian investigates.
The Oversight Board wants Facebook to explain its controversial rules for VIPs (Engadget) The Oversight Board is pushing Facebook to provide more information on its controversial “cross-check” system..
Facebook Oversight Board Launches Review of Company’s XCheck System (Wall Street Journal) The company’s oversight board is examining Facebook’s practice of holding high-profile users to separate sets of rules, citing apparent inconsistencies in decision-making. The inquiry follows an investigation by The Wall Street Journal into the system, known internally as “XCheck.”
No More Apologies: Inside Facebook’s Push to Defend Its Image (New York Times) Mark Zuckerberg, the chief executive, has signed off on an effort to show users pro-Facebook stories and to distance himself from scandals.
Coinbase signs new $1.36M contract with US Customs enforcement agency (WHATNEWS?) Coinbase, a leading cryptocurrency exchange in the United States, has obtained a contract for up to $1.36 million to create technology for the Department of Homeland Security.
Piratica Is Back at Hack For Troops' Fundraising Event (PR Newswire) PlayCyber, powered by Katzcy and Tech For Troops (T4T), a 501(c)(3) nonprofit organization, are pleased to announce that the annual Capture the...
ThreatQuotient Continues Tradition of Celebrating World Rhino Day in 2021 (BusinessWire) ThreatQuotient invites the cybersecurity industry to celebrate World Rhino Day 2021.
Jumio Appoints Jennifer N. Harris to Board of Directors (BusinessWire) Jumio, the leading provider of AI-powered end-to-end identity verification and eKYC solutions, today announced the appointment of Jennifer N. Harris t
Recent Gartner VP Analyst Sanjeev Mohan Joins Okera as a Strategic Advisor (Okera) Back September 22, 2021 Recent Gartner VP Analyst Sanjeev Mohan Joins Okera as a Strategic Advisor Sanjeev will lend his technical expertise to guide innovative solutions that deliver scalable analytics while meeting data governance, security, privacy, and regulatory requirements
SecurID Appoints Jim Taylor as Chief Product Officer (SecurID.com) SecurID, the trusted identity platform and an RSA business, today announced the appointment of Jim Taylor as Chief Product Officer.
CREST appoints Rowland Johnson as President (CREST) CREST, the international not-for-profit accreditation and certification body, has appointed Rowland Johnson as President for an initial term of one year. As a former member of the CREST GB Executive, serving between 2014 and 2020, he is ideally placed to take over from Ian Glover, who announced that he was stepping down in June after nearly 13 years.
Products, Services, and Solutions
Apiiro Receives SOC 2 Type II Attestation for its Code Risk Platform - Apiiro | Industry-first Code Risk Platform™ (Apiiro | Industry-first Code Risk Platform™) We are reinventing the Secure Software Development Lifecycle with complete risk visibility for every change from design to code to cloud.
Netskope Sets New Industry Benchmarks for Cloud Security Performance; Announces Industry-First SLA to Address Encrypted Traffic Processing (PR Newswire) Netskope, the SASE leader, today announced groundbreaking service level agreements (SLA) focused on security traffic processing in the cloud....
PDI Introduces New and Enhanced Solutions to Drive Consumer Engagement, Optimize Enterprise Productivity, and Strengthen Security - PDI Software (Professional Datasolutions, Inc.,) PDI is committed to helping the convenience retail and fuel marketing industry to accelerate digital transformation and overcome critical industry challenges.
HackerOne Expands the Internet Bug Bounty to Improve the Collective Security of Software Supply Chains (BusinessWire) HackerOne today announced the next evolution of the Internet Bug Bounty (IBB) program at the company’s annual Security@ conference.
PDI Introduces New and Enhanced Solutions to Drive Consumer Engagement, Optimize Enterprise Productivity, and Strengthen Security (PR Newswire) Professional Datasolutions, Inc. (PDI), a global provider of leading software for the convenience retail and petroleum wholesale industries,...
Offensive Security Unveils On-Demand Cybersecurity Training and Workforce Development Program with Learn Unlimited Subscription Offering (BusinessWire) Offensive Security unveils the industry’s most comprehensive subscription-based, on-demand cybersecurity training and workforce development library.
Query.AI Achieves 150th API Integration Milestone to Give Organizations Centralized Insights to Decentralized Data Across Cloud, Third-Party SaaS, and On-Prem Infrastructures (Query.AI) Query.AI now provides real-time, API-driven, centralized insights to decentralized data across 150 of the most widely used enterprise technologies in cloud, third-party SaaS, and on-prem environments.
LogPoint introduces native SOAR into core SIEM offering, advancing cybersecurity automation and efficiency (LogPoint) LogPoint advances foundational cybersecurity capabilities by including SOAR in its core SIEM solution. Introducing automation, increased speed and precision in incident response, bringing SOAR to organizations of all sizes.
FireMon Applications Now Certified in the ServiceNow App Store (StreetInsider.com) Enterprise Customers Can Dramatically Improve Security Efficiency, Responsiveness, and Visibility by Integrating Network Security Workflows with ServiceNow
Owl Data Diodes Become a Critical Component of the Industry-Leading Cyber Recovery Data Vault Solution (GlobeNewswire News Room) Owl Cyber Defense Solutions (“Owl”), the global market leader in cross domain, data diode, and network...
Barracuda launches cloud-native security capabilities to accelerate Secure Access Service Edge (SASE) deployments (iTWire) Barracuda Networks, a leading provider of cloud-enabled security solutions, today announced a cloud-native SASE platform that enables businesses to control access to data from any device, anytime, anywhere. The platform brings together Secure SD-WAN, Firewall-as-a-Service, Zero T...
ThycoticCentrify’s Latest Version of Privilege Manager Enhances Flexibility for Diverse Enterprise Environments (Thycotic) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the
Beyond Identity Achieves SOC 2 Type 2 Certification (Beyond Identity) Attestation Reaffirms Passwordless MFA Pioneer’s Founding Vision of Engineering an Extremely Secure, Highly Available, Cloud-Native Authentication Platform
BlackFog ARM 64 edition provides anti data exfiltration across new platforms (BlackFog) BlackFog ARM 64 edition for now available for Windows 10 and 11 computers such as Microsoft’s Surface Pro X and virtual machines.
Telos Corporation Achieves CMMI DEV V2.0 Maturity Level 3 (Telos Corporation) Telos® Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, today announced that Telos Secure Networks – Core Solutions has achieved Capability Maturity Model Integration Development V2.0 Maturity Level 3. The Capability Maturity Model Integration (CMMI)® is a... Read more
Cobalt Announces New Professional Services Offerings for Premium Pente (PRWeb) Cobalt, the Pentest as a Service (PtaaS) company that’s modernizing the traditional pentesting model, today announced new professional services offerings
Technologies, Techniques, and Standards
IBM Security BrandVoice: Want To Avoid A Multi-Million Dollar Data Breach? You Need These Three Things (Forbes) As security threats mount, the cost of a data breach keeps growing.
Bridging The Developer And Security Divide: A Forrester Consulting Thought Leadership Paper Commissioned By VMware (VMware) The report unpacks what’s lacking and the key components needed to create a cohesive environment and common language between these siloed teams.
Organizations Deprioritize Third-Party Relationships as Potential Breach Sources, CyberGRX Study Reveals (BusinessWire) CyberGRX has announced the results of their commissioned study on how organizations prioritize third-party risk.
Design and Innovation
Grand Opening of the American Cyber League Innovation & Technology Cyber Labs (Cyber Bytes Foundation) Grand Opening and Ribbon Cutting Ceremony
Research and Development
Scality awarded new U.S. patent for breakthrough technology in hyper-scale data protection (Yahoo Finance) Scality's vast experience in distributed file systems and object storage has resulted in a new patent that empowers customers to recover from any disaster or ransomware attack with increased precision. The new innovation provides the technical basis for enabling snapshots at massive scale, with the ability to capture billions of files in a single snapshot, leap-frogging the capacity of traditional NAS file systems by orders of magnitude.
Academia
University of Wisconsin adds cybersecurity degree (Security Magazine) The Wisconsin university's Whitewater campus hosts the Cybersecurity Center for Business which provides training programs for organizations in the area, offers an online M.S. in cybersecurity, and has just launched a B.S. in the field.
University of Birmingham launches new data sciences institute (University of Birmingham) A new institute that will drive forward the use of big data and artificial intelligence in addressing major global challenges has been launched at the University of Birmingham.
Legislation, Policy, and Regulation
Why the Taliban Won’t Quit al Qaeda (Foreign Policy) Don’t expect the Taliban to compromise their terrorist allies.
Is Canada prepared for a large-scale cyber attack? (Safety Mag) Nearly 9 in 10 IT decision-makers expect the government to make proactive investments in cybersecurity measures in the future
Remarks by President Biden Before the 76th Session of the United Nations General Assembly (The White House) United Nations HeadquartersNew York, New York 10:01 A.M. EDT THE PRESIDENT: Mr. President, Mr. Secretary-General, my fellow delegates, to all those
Opinion | America Is Being Held for Ransom. It Needs to Fight Back. (New York Times) Businesses attacked. Data stolen. Miles of pipeline shut down. The scourge of ransomware is worse than ever.
'Release the hounds': Ransomware attacks prompt calls for aggressive U.S. cyber response (MSNBC) Dmitri Alperovich, cybersecurity expert and co-founder of Crowdstrike, talks with Rachel Maddow about the options the United States has for responding more aggressively to cyber attacks, both in terms of the attackers and the countries, like Russia, that offer them safe harbor even if they're not directly part of the hacking operations.
Welcome developments in data protection, but are they enough? (Centre for Information Policy Leadership) By Malcolm Crompton Founder & Lead Privacy Advisor, Information Integrity Solutions Former Australia Privacy Commissioner Any views expressed herein are not necessarily the views of CIPL nor...
AFGE looks to block Cyber Command reserve program in NDAA (Defense Systems) A proposed amendment to the 2022 National Defense Authorization Act to pilot a cybersecurity reserve force at the Department of Defense would weaken merit systems principles, according to the largest federal employee union.
Army Cyber Command hosts summit on evolution of Information Advantage in Multi-Domain Operations (DVIDS) Senior military and civilian leaders from across the Army, Department of Defense, and multinational and interagency partner forces came together to discuss concepts, initiatives and requirements for enabling Multi-Domain Operations (MDO) in the information dimension (ID) during an Information Advantage (IA) Summit hosted by Army Cyber Command (ARCYBER) here, Sept. 20-21.
President Biden Announces Key National Security Nominations (The White House) Today, President Joe Biden announced his intent to nominate the following four individuals to serve in key national security roles: Shannon
The top takeaways from Maryland’s cyber summit (Maryland Daily Record) A new state partnership with the National Security Agency, an institute for innovative computing, and codifying a statewide privacy network are just a few of the initiatives to come out of the Annapolis Cybersecurity Summit.
Litigation, Investigation, and Law Enforcement
At the Supreme Court, a Plea to Reveal Secret Surveillance Rulings (New York Times) The justices will soon consider whether to hear a case arguing that the First Amendment requires disclosure of a secret court’s major rulings.
U.S. Treasury sanctions cryptocurrency exchange for alleged role in ransomware attacks (CNBC) It marks the first such action against a cryptocurrency exchange, according to the department.
US Treasury sanctions cryptocurrency exchange linked to ransomware operations (The Record by Recorded Future) The US Treasury Department has imposed sanctions today on cryptocurrency exchange portal Suex for helping ransomware, and other cybercrime groups, launder more than $160 million in illicit funds between 2018 and 2021.
U.S. Sanctions Crypto Exchange Accused of Catering to Ransomware Criminals (Wall Street Journal) The sanctions mark the first time the U.S. has blacklisted a cryptocurrency exchange, SUEX OTC, and heralds a new approach to firms found handling illicit payments.
Mafia-linked cybercrime gang busted in joint operation by Spanish and Italian police (Computing) Arrest of 106 suspects involved in online fraud and other criminal activities
Wray warns Taliban takeover in Afghanistan could inspire US-based extremists (TheHill) FBI Director Christopher Wray warned Tuesday that the Taliban takeover in Afghanistan could inspire a new wave of extremism in the U.S.
Zoom’s Nearly $15 Billion Deal for Five9 Under U.S. Government Review Over China Ties (Wall Street Journal) The Justice Department-led Team Telecom is looking into whether Zoom’s China ties could make its acquisition of the software company a national-security risk.
The US is unfairly targeting Chinese scientists over industrial spying, says report (MIT Technology Review) A new study of economic espionage cases in the US says people of Chinese heritage are more likely to be charged with crimes—and less likely to be convicted.
He has been uncovering the lavish lifestyle of Viktor Orbán’s circles. This summer, he was surveilled with Pegasus spyware (Direkt36) Photographer-journalist Dániel Németh has spent years investigating and documenting the luxury lifestyle of Hungary’s ruling elite, following them with his camera as they travelled around Europe. This time, however, someone was watching him too.
Trump Campaign Knew Lawyers’ Voting Machine Claims Were Baseless, Memo Shows (New York Times) Days before lawyers allied with Donald Trump gave a news conference promoting election conspiracy theories, his campaign had determined that many of those claims were false, court filings reveal.
6th Circ. Robocall Ruling Likely To Spark High Court Fight (Law360) The Sixth Circuit has dealt a major blow to companies' argument that the national robocall ban doesn't apply to calls made during the five years that government debt collectors were exempt from the law, but a likely appeal and questions about the validity of other exemptions are poised to keep the debate churning.