Attacks, Threats, and Vulnerabilities
U.S. Issues Conti Alert as Second Farming Cooperative Hit by Ransomware (SecurityWeek) CISA has issued an alert on the Conti ransomware, just as a second major U.S. farming cooperative confirmed being hit by ransomware.
Threat Thursday: BlackMatter RaaS - Darker Than DarkSide? (BlackBerry) BlackMatter is a new player in the Ransomware-as-as-Service (RaaS) arena. It has recently made headlines as the likely culprit behind cybersecurity incidents affecting a major medical technology company and a U.S. farming cooperative.
Ransomware Isn't Back. It Never Left (Wired) A recent wave of attacks belies an apparent lull toward the end of the summer.
Cyber Attack Strikes US Critical Infrastructure (Axio) A Cyber Attack Strikes US Critical Infrastructure, this time an Iowa grain cooperative, illuminating the growing risk for companies.
Hackers breached computer network at key US port but did not disrupt operations (CNN) Suspected foreign government-backed hackers last month breached a computer network at one of the largest ports on the US Gulf Coast, but early detection of the incident meant the intruders weren't in a position to disrupt shipping operations, according to a Coast Guard analysis of the incident obtained by CNN and a public statement from a senior US cybersecurity official.
Major US port target of attempted cyber attack (TheHill) The Port of Houston, a major U.S.
Port of Houston targeted by hackers believed to be with foreign government, authorities say (ABC13 Houston) The port says it was able to fend off the attack, but there could have been severe consequences for international trade if the hackers had succeeded.
State-sponsored hacking group targets Port of Houston using Zoho zero-day (The Record by Recorded Future) A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today.
Hackers hit Russian ministry, rocket center using MSHTML vulnerability (HackRead) Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center.
BCCL, UIDAI, MP Police were targets of state-sponsored Chinese hackers: Insikt Group (Exchange4media) Earlier this year, Insikt Group documented a RedEcho campaign targeting India’s critical national infrastructure following India's skirmish with China at Galwan
TangleBot: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures (Cloudmark) A clever and complicated new SMS malware attack has been discovered in the United States and Canada. This malware, coined TangleBot, can directly obtainpersonal information, control device interaction with apps and overlay screens, and steal account information from financial activities initiated on the device.
Microsoft Exchange Autodiscover Flaw: How Hackers Can Exploit It (MSSP Alert) A Microsoft Exchange Autodiscover design flaw can "leak" web requests outside of a user's domains, Guardicore reports. Here's the fix.
Five Things You Need To Know As You Wake Up: A cyber attack compromises African Bank customers (ECR) Kickstart your morning with a variety of national and global news stories. This Thursday morning one of the biggest stories in country is that African Bank had its system hacked and some of their consumers' personal data is at stake. To lighten things up, you can check out a video of Nicole Richie's hair catching fire as she blows he birthday candles.
A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit (The Hacker News) A new vulnerability in all Microsoft Windows systems shipped since 2012 can allow attackers to install a rootkit with ease.
When you ‘Ask app not to track,’ some iPhone apps keep snooping anyway (Washington Post) To test Apple’s privacy protections, we watched the data flow out of 10 popular apps.
Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers (The Hacker News) Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers | Read latest news headlines on latest news and technical coverage on cybersecurity, infosec and hacking.
Secret Audit Reveals US Military's 3D Printing Tech Vulnerable to Cyberattacks (3DPrint.com | The Voice of 3D Printing / Additive Manufacturing) To those of us who are particularly civic-minded, few news alerts are more anxiety-inducing than those in which the U.S. military’s most broadly-encompassing actions are put under the microscope. The...
Sporting Events Are No Longer Immune From Cybercriminals, Warns Darktrace (Gizmodo Australia) With the AFL and NRL grand finals upon us it's the perfect time to be reminded that even Australian sport is not immune from cybercrime.
Security Patches, Mitigations, and Software Updates
Apple patches iOS and macOS zero-day exploited in the wild (The Record by Recorded Future) Apple has released security updates today to patch a new zero-day vulnerability that Google's security team said it's been exploited in the wild to compromise user devices.
Apple Deprecates Outdated TLS Protocols in iOS, macOS (SecurityWeek) Apple announced that it has deprecated the Transport Layer Security (TLS) 1.0 and 1.1 legacy encryption protocols from the latest iterations of its mobile and desktop platforms.
Trends
UK Businesses Fear Increased Risk of Data Breach as a Result of Hybrid Working – (UK Today News) More than eight in 10 (83%) UK businesses say hybrid working increases the risk of a data breach, yet over a fifth (22%) remain unprepared if it happens, with speed of response the top concern.
Virginia hails national importance of once-secret Army post in Fauquier (Culpeper Star-Exponent ) The Virginia Landmarks Register gained a most unusual historic district on Thursday: a former Army post whose activities have been among the nation’s most closely guarded secrets.
Marketplace
LG is acquiring automotive cybersecurity startup Cybellum in a $240M deal (TechCrunch) LG Electronics, the Korean tech giant that once was a leading player in mobile phones but is now winding down that business, is making an acquisition that points to its ambitions in another, emerging area: next-generation automotive hardware and services. Today the company announced that it will be…
Web Security Provider Jscrambler Raises $15 Million (SecurityWeek) The company will use the investment to expand marketing and sales initiatives and accelerate product roadmap.
Panorays Closes $42 Million Series B Funding Round to Revolutionize Third-Party Security (Yahoo Finance) Funding Comes on the Heels of 500% Growth in Client Base Panorays group photo Panorays Closes $42 Million Series B Funding Round to Revolutionize Third-Party Security NEW YORK, Sept. 23, 2021 (GLOBE NEWSWIRE) -- Panorays, a leading provider of third-party security risk management, today announced it has closed a $42 million Series B funding round led by Greenfield Partners with participation from existing investors Aleph and Oak HC/FT as well as new investors BlueRed Partners (Singapore), Greens
Continuous Controls Monitoring Becomes a Requirement for Ransomware Mitigation (Global Security Mag Online) Panaseer, an enterprise security company, announces key industry recognition and company developments that will accelerate its innovation and further enable organisations to understand and mitigate their cyber exposure.
FireEye to Adopt ‘Mandiant’ as Corporate Name; Kevin Mandia Quoted (GovCon Wire) Looking for the latest GovCon News? Check out our story: FireEye to Adopt ‘Mandiant’ as Corporate Name. Click to read more!
Spying concerns fuel the market for more secure tech (BBC News) Revelations about spyware have spurred interest in more secure phones and software.
These 11 leaders were named the best in Maryland cybersecurity (Technical.ly Baltimore) The Cybersecurity Association of Maryland, Inc. announced winners from the industry at its 2021 awards celebration. Check out the companies and people who were honored.
Securiti Named SINET16 Innovator (BusinessWire) Securiti unifies data protection, privacy and governance in one cloud scale platform to automate regulatory compliance obligations.
Former Gartner Analyst and Cybersecurity Pioneer Joins SessionGuardian's Advisory Board (PR Newswire) SessionGuardian, an industry leader in endpoint security for distributed workforces, announced today that Rob Smith, former Gartner analyst,...
Secureworks appoints Wendy Thomas as president and CEO (Security Brief) Thomas moves into the CEO role after serving as president of customer success. She has also held roles in finance, strategy, and product at the company.
SAIC Appoints Kevin Brown as Chief Information Security Officer (Dark Reading) Industry leader with decades of information security experience manages SAIC’s security strategy and oversees critical cybersecurity operations.
BlackBerry Hires McAfee Vet as Cybersecurity Business Unit President (Channel Futures) McAfee and AVG Technologies vet John Giamatteo is joining BlackBerry as president of the company’s cybersecurity business unit.
ExpressVPN Employees Question Company About Exec Working for UAE Spy Unit (Vice) Questions submitted as part of a company meeting give some insight to the response from ExpressVPN employees on the Project Raven news.
Products, Services, and Solutions
Dynatrace achieves distinguished FIPS 140-2 certification for its cryptographic engine (Dynatrace news) Dynatrace has announced its cryptography embedded in its Software Intelligence Platform has earned a FIPS 140-2 certification.
Cloud enabled Network Security as a Service with Check Point Harmony Connect and Harmony Email and Office (Check Point Software) As more applications move to the cloud, business users increasingly rely on these applications to do their jobs. From virtual meetings to file-sharing to
Ultra-small anti-jam GPS receivers with M-code security that resist spoofing introduced by BAE Systems (Military & Aerospace Electronics) The MicroGRAM-M is about the size of a postage stamp, and is for assured position. navigation, and timing (PNT) for size-constrained applications.
Cyber Bytes Foundation Holds Grand Opening of American Cyber League Innovation & Technology Cyber Labs (BusinessWire) The Cyber Bytes Foundation, in partnership with Insight Enterprises (NASDAQ: NSIT), the global integrator of Insight Intelligent Technology Solutions™
Technologies, Techniques, and Standards
Improving Security Posture to Lower Insurance Premiums (SecurityWeek) Cowbell Cyber aims to fill a gap in the cyber-insurance ecosystem with products that continuously monitor customers systems to find weaknesses that can be fixed so that insurance can be offered with greater confidence.
OFAC Helps Those Who Help Themselves: How a Ransomware Response Plan… (Fenwick & West LLP) On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) updated its advisory addressing the sanctions risks associated with paying ransomware actors. Many malicious cyber actors are located in embargoed countries such as Iran and North Korea.
Even the NSA Agrees: Targeted Ads Are Terrifying (Gizmodo) The agency's been using ad blockers since 2018 over malvertising fears—and more agencies have taken them on since.
Blocking Unnecessary Advertising Web Content (National Security Agency) Cyber adversaries can leverage malicious advertising (“malvertising”) to install malware. Exploit kits in malicious ads can take advantage of unpatched vulnerabilities to silently install malware.
Cyber commanders reflect on lessons learned from the pandemic. (The CyberWire) The US military has been engaged in cyber conflict throughout the pandemic. Senior officers gathered yesterday at the DoD Cyber Commanders Summit, Sponsored by Palo Alto Networks, to discuss "Lessons Learned from a Global Pandemic." They shared both lessons learned and suggestions for improvement. Remote work capabilities and the government's senior cybersecurity leadership team are big successes for US Cyber Command. Training, competition, and industry partnerships still need attention.
Design and Innovation
What is ethical Artificial Intelligence (AI)? 7 questions, answered (Enterpriser Project) As more organizations implement Artificial Intelligence technology into their processes, leaders are taking a closer look at AI bias and ethical considerations. Consider these key questions.
Academia
ROTC cadets receive Cyber Defense education at West Point (DVIDS) In order to enhance the Army’s defense capabilities against malicious cyber attacks, the U.S. Military Academy facilitated an eight-week summer internship program designed to provide real-world futuristic cyber research experience to Reserve Officers’ Training Corps cadets at the Army Cyber Institute.
Legislation, Policy, and Regulation
Experts say China’s low-level cyberwar is becoming severe threat (the Guardian) Activity more overt and reckless despite US, British and other political efforts to bring it to a halt
China continues to pose cyber security threats to India (India Today) Ever since the border skirmishes between India and China in May 2020, Chinese hacker groups have been regularly targeting Indian public sector companies and technical establishments via cyber security breaches.
China Declares Cryptocurrency Transactions Illegal, Bitcoin Price Lower (Wall Street Journal) China’s central bank said all cryptocurrency-related transactions are illegal, reinforcing the country’s tough stance against digital rivals to government issued money.
Exclusive: Big Tech targeted by U.S. and EU in draft memo ahead of tech and trade meeting (Reuters) The United States and European Union plan to take a more unified approach to limit the growing market power of Big Tech companies, according to a draft memo seen by Reuters.
Putin is directing attacks on the US through cyberspace. Here's how companies can stay safe (Fox Business) Putin is directing full throttled attacks on the U.S. in the unregulated, wide-open, man-made domain of cyberspace, which has become the backbone infrastructure of 21st century commerce and free expression.
Russian Markets Unruffled as U.S. House Raises Sanctions Risk (Yahoo Finance) (Bloomberg) -- Russian investors shrugged off U.S. House backing for a provision that could extend bond-trading curbs to the secondary market as punishment for Moscow’s alleged interference in U.S. elections. Most Read from BloombergIstanbul Turns Taps on Old Fountains, Joining Global Push for Free DrinksIn Paris, the Wrapped Arc de Triomphe Is a Polarizing PackageHow the Child Care Crisis Became a Global Economic FiascoThe Global Housing Market Is Broken, and It’s Dividing Entire CountriesBerli
Google Stays Silent On Russia's Growing Internet Threats (Bloomberg) No nation asks Google to scrub more from the internet than Russia. Over the past decade, Russian officials have requested the removal of nearly 1 million web pages, documents, apps and videos, mostly for reasons Google categorizes as "copyright" or "national security."
Get Prepared for Data Privacy Compliance Under China PIPL (Data Matters Privacy Blog) On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with... Read More
Hong Kong’s National Security Promises Were All Hollow (Foreign Policy) The Beijing-backed law is now used to crush dissent across the board.
The China-Lithuania Rift Is a Wake-Up Call for Europe (Foreign Policy) China is bullying Lithuania. The EU and NATO should push back.
State’s Cyber Security Centre ‘under-resourced’ to meet its goals (The Irish Times) Report by consultants makes 45 recommendations to improve its capacity
NDAA roundup: Senate bill places deep focus on cyber, IT and AI (FedScoop) Editor’s Note: This story has been updated to reflect the House passing its version of the NDAA. The Senate Armed Services Committee on Wednesday filed its final version of the annual defense policy bill, which would authorize $768 billion in spending on defense that prioritizes the modernization of the military’s IT and cybersecurity capabilities, including […]
Reed and Inhofe File Fiscal Year 2022 National Defense Authorization Act | United States Commitee on Armed Services (US Senate Armed Services Committee) United States Committee on Armed Services
Biden cybersecurity leaders back incident reporting legislation as ‘absolutely critical’ (Federal News Network) Senior officials supported fines for companies that don’t comply with proposed cyber reporting regulations.
Biden administration issuing new security guidance to companies aimed at blunting cyberattacks (CNN) The Biden administration is issuing new security guidance to critical infrastructure firms in an attempt to blunt the impact of ransomware and other hacks, following a series of attacks on US companies.
Biden cybersecurity leaders back incident reporting legislation as ‘absolutely critical’ (Federal News Network) Senior officials supported fines for companies that don’t comply with proposed cyber reporting regulations.
U.S. Officials Call for Fines Against Companies That Don’t Report Hacks (Wall Street Journal) The Biden administration wants Congress to add teeth to legislation that would force operators of critical infrastructure to disclose cyberattacks.
Biden administration pushes for fines on companies withholding info about hacks, cyberattacks (The Washington Times) The Biden administration said Thursday it wants the legal authority to fine companies that do not cooperate with the government on information-sharing to protect against cyberattacks on critical infrastructure.
Senior cyber officials back new, mandatory reporting of breaches (The Record by Recorded Future) Two of the U.S. government’s top cybersecurity officials on Thursday endorsed the idea of new legislation that would mandate certain private sector companies report when they have been hacked.
Ransomware Victims Told to Think Twice Before Paying Hackers (The National Law Review) On Tuesday, the U.S. Department of Treasury's Office of Foreign Asset Control ("OFAC") issued an updated advisory warning all ransomware victims that if they succumb to...
CISA issues promised draft guidance aligning TIC 3.0 with federal IPv6 mandate (FedScoop) The Cybersecurity and Infrastructure Security Agency enhanced its Trusted Internet Connections (TIC) 3.0 program to support the implementation of IPv6 across all federal IT systems with guidance issued Thursday. IPv6‘s 340 undecillion Internet Protocol (IP) addresses solve the problem of IPv4 running out of readily available addresses in 2015, while supporting the end-to-end visibility and […]
Biden Sets Up Senate Battle by Picking Bank Critic to Run OCC (Bloomberg) Saule Omarova has called for dramatic overhaul of lending. Law professor already faces opposition from a top Republican.
WSJ News Exclusive | Voters Want to Curb the Influence of Big Tech Companies, New Poll Shows (Wall Street Journal) The survey reflects broad support for stronger U.S. regulations over the use of data as well as Americans’ wariness of social media’s effects on children.
Ninja report likely to spur election legislation (Arizona Capitol Times)
As the first reports of the Arizona Senate’s review of 2020 general election results in Maricopa...
Litigation, Investigation, and Law Enforcement
Les téléphones de 5 ministres français infectés par le logiciel espion Pegasus (Mediapart) Les téléphones d’au moins cinq ministres français et un diplomate rattaché à l’Elysée ont été infectés par le logiciel espion Pegasus, selon le site français Mediapart, une information confirmée vendredi à l’AFP par deux sources proches du dossier.
French government confirms 5 ministers’ phones bore traces of Pegasus spyware, news outlet reports (Washington Post) The phones were on a list of more than 50,000 that sparked an investigation into the misuse of spyware the NSO Group licenses to governments
Five French ministers possibly targeted by Israeli NSO's Pegasus spyware, report says (Haaretz) The ministers' cellphones had 'suspicious marks,' according to a leaked document, suggesting at least an attempt to infect the device with the Pegasus spyware in 2019
Pegasus case: SC to set up a technical panel to probe surveillance allegations (Scroll.in) The order was delayed as some experts had said they would not be able to join the committee due to personal reasons, the chief justice said.
How the Mafia Is Pivoting to Cybercrime (Vice) Investigators from Spanish and Italian police explain how organized crime is going online and expanding into cybercrime.
Facebook Ordered to Release Records on Closed Myanmar Accounts (Wall Street Journal) The company had shut down accounts for promoting violence against the Rohingya, but it resisted sharing information about those accounts with countries pursuing a genocide case against Myanmar.
Facebook to testify on kids' safety as lawmakers probe a whistleblower’s revelations (Washington Post) A trove of documents reviewed by the Wall Street Journal exposing how Facebook’s own research found its products are harming users is rocking Silicon Valley and Washington alike, particularly a report suggesting the company downplayed how toxic Instagram is for teen girls.
Facebook exec will testify at Senate hearing after report finds Instagram harms teen mental health (CNBC) Facebook agreed to send Antigone Davis, global head of safety, to testify before the Senate Commerce subcommittee on consumer protection on Sept. 30.
Former Air Force contractor sentenced for taking classified information (Air Force Times) Izaak Vincent Kemp awoke on May 25, 2019, to find at least 10 agents in tactical gear in his house, with an armored vehicle outside and drones flying overhead.
Former Air Force contractor sentenced to prison for illegally taking 2,500 pages of classified information (Department of Justice, U.S. Attorney’s Office for the Southern District of Ohio) A former contractor with the United States Air Force was sentenced in U.S. District Court to one year and one day in prison for illegally taking approximately 2,500 pages of classified documents.
UK MoD Data Breach Shows Cybersecurity Must Protect Both People and Data (Dark Reading) The UK MoD has failed to protect personally identifiable information (PII) for Afghan interpreters; the incident highlights how avoidable cybersecurity mistakes can have devastating consequences.
Russian spy chief accuses Britain of lies after latest nerve attack charge (Reuters) A Russian spy chief on Thursday accused Britain of lies and trying to divert attention from other issues after British police said a third Russian suspect had been identified in the 2018 Novichok murder attempt on a former double agent.
Top Adviser to Ukrainian President Is Targeted in an Assassination Attempt (New York Times) President Volodymyr Zelensky said he was returning to Ukraine from New York immediately after giving his U.N. speech. The adviser, Serhiy Shefir, was unharmed, but his driver was shot and wounded in the attack.
Kremlin says Russia had nothing to do with attack on Ukrainian president's aide (Reuters) Suggestions of possible Russian involvement in the attempted assassination of a Ukrainian presidential aide "have nothing to do with reality", Kremlin spokesman Dmitry Peskov said on Wednesday.
Republican Review of Arizona Vote Fails to Show Stolen Election (New York Times) The much criticized review showed much the same results as in November, with 99 more Biden votes and 261 fewer Trump ones.
DICT also traces cyberattack to Army, 2 complaining news sites say (Philippine Daily Inquirer) Initial findings of an investigation led by the Department of Information and Communications Technology (DICT) have revealed that the cyberattacks on the websites of two alternative news outfits
Hikvision, HWG Deceive FCC About New Critical Vulnerability (IPVM) Hikvision surprisingly asserted to the FCC that "no vulnerability in Hikvision video surveillance equipment to date in 2021".