Attacks, Threats, and Vulnerabilities
EU formally blames Russia for GhostWriter influence operation (The Record by Recorded Future) European Union officials have formally accused the Russian government and its state hackers of meddling inside the elections and political systems of several EU states.
EU Denounces Alleged Russian Hacking Ahead of German Vote (SecurityWeek) The European Union on Friday condemned alleged Russian cyber attacks that have targeted Germany in the run up to this weekend's election for Chancellor Angela Merkel's successor.
Declaration by the High Representative on behalf of the European Union on respect for the EU’s democratic processes (European Council) The EU issued a declaration strongly denouncing malicious cyber activities collectively designated as Ghostwriter, and urging the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.
Finland Reports Widespread Espionage Around Politics, High Tech (Bloomberg) Russia, China among those spying in Finland, including via web. Finnish Security and Intelligence Service publishes report.
Cambodia’s prime minister is Zoombombing opposition meetings (Rest of World) Hun Sen’s government, which has shown little hesitation in quashing any sign of dissent, is taking control of user activities on the internet.
Cisco unit warns of cyber-attack campaign against Indian government employees, military personnel (The Hindu) The cyber-attack campaign used malicious Microsoft Office documents (maldoc) and malicious archives to gain access to confidential information related to government and defence agencies.
ZeroFox Threat Research Flash Report: Colossus Ransomware | ZeroFox (ZeroFox) ZeroFox Threat Intelligence team discovered a variant of ransomware called Colossus that affects machines running Microsoft Windows.
Major European call center provider goes down in ransomware attack (The Record by Recorded Future) GSS, the Spanish and Latin America division of Covisian, one of Europe's largest customer care and call center providers, has suffered a debilitating ransomware attack that froze a large part of its IT systems and crippled call centers across its Spanish-speaking customerbase.
VMware vCenter deployments under attack as enterprises urged to update systems (The Daily Swig) Mass scanning detected after RCE exploits surface online
VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit (CISA) On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server.
Apple Confirms New Zero-Day Attacks on Older iPhones (SecurityWeek) Apple confirms a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform.
Serious Warning Issued For Millions Of Apple iPhone Users (Forbes) Apple iPhones around the world face three dangerous new threats...
Researcher dumps three iOS zero-days after Apple failed to fix issues for months (The Record by Recorded Future) A security researcher has published on Thursday details about three iOS zero-day vulnerabilities, claiming that Apple has failed to patch the issues, which they first reported to the company earlier this year.
Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program (Habr) I want to share my frustrating experience participating in Apple Security Bounty program. I've reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are...
Google Issues Warning For 2 Billion Chrome Users (Forbes) Google has issued an urgent upgrade warning to all Chrome users...
Google Says Threat Actors Using New Code Signing Tricks to Evade Detection (SecurityWeek) Google has observed a new code signing trick being used by a financially motivated threat actor to help its Windows files evade detection.
United Health Centers ransomware attack claimed by Vice Society (BleepingComputer) California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft.
REvil Affiliates Confirm Getting Screwed Out of Payments (Threatpost) Following the discovery of REvil's rip-off-the-affiliates backdoor and double chats, those affiliates fumed on the underground, pointing to negotiations that ended abruptly just before payment came.
Telegram is becoming the paradise of cyber criminals (Security Affairs) Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […]
Port Of Houston Cyber Attack – Experts Weigh In (Information Security Buzz) In a report issued Thursday, Port Houston disclosed that “The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August. Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”
May security breach might have affected some Navistar employees (South Bend Tribune) Security breach might have affected some employees at Navistar, which operates the former Studebaker proving grounds in New Carlisle.
Security Patches, Mitigations, and Software Updates
Stable Channel Update for Desktop (Chrome Releases) The Stable channel has been updated to 94.0.4606.61 for Windows, Mac and Linux which will roll out over the coming days/weeks A full list of...
EFF to deprecate HTTPS Everywhere extension as HTTPS is becoming ubiquitous (The Record by Recorded Future) The Electronic Frontier Foundation said it is preparing to retire the famous HTTPS Everywhere browser extension after HTTPS adoption has picked up and after several web browsers have introduced HTTPS-only modes.
Creaking systems leave Aussie businesses wide open to cyber attack (Australian Financial Review) Despite ANZ boss Shayne Elliott last week claiming big businesses has got cyber security licked, global experts says more realistic planning is urgently needed.
SonicWall Patches Critical Vulnerability in SMA Appliances (SecurityWeek) A critical vulnerability patched by SonicWall in its SMA appliances can allow an attacker to disrupt devices or gain administrator access to them.
Trends
2021 has broken the record for zero-day hacking attacks (MIT Technology Review) But the reasons why are complicated—and not all bad news.
Lights Out (Washington Post) Living without power in the wake of Hurricane Ida
Global Demographics of Cybercrime Report Reveals Cybercrime Does Not Impact Individuals Equally (PR Newswire) MalwarebytesTM, a global leader in real-time cyberprotection, today released the findings of "The Demographics of Cybercrime" report, with...
The UK Online: Safety, scams and security (Veriff) Take a deep dive into safety, scams, and security online, with this article from the team at Veriff.
A multi-party data breach creates 26x the financial damage of single-party breach (Help Net Security) A recently released research quantifies how a multi-party data breach impacts many organizations in today’s interconnected digital world.
Marketplace
LG to Acquire Vehicle Cybersecurity Firm Cybellum (SecurityWeek) LG is acquiring Israel-based vehicle cybersecurity company Cybellum for roughly $240 million.
Sternum, the first-code free, device-resident autonomous IoT platform, raises $27 million in Series B funding led by Spark Capital (ReBlonde) Company pushes beyond current frontiers of IoT security and observability as the first platform to establish “presence” on variety of devices, whenever made – past, present and future – to both secure them and provide real-time data insights.
States at disadvantage in race to recruit cybersecurity pros (Chicago Journal) In a high profile example, after warnings of weak security, Kwame Raoul's Illinois Attorney General's Office was hit by a cyber attack in April of 2021 that has cost his office an estimated $2.5 million in crisis management spending.
States struggle to hire cybersecurity experts (KTLA) Austin Moody wanted to apply his cybersecurity skills in his home state of Michigan, teaming up with investigators for the State Police to analyze evidence and track down criminals. But the recent …
In Race for 5G, Alarm and Security Services Get Stuck in the Middle (New York Times) Covid-19 shutdowns and chip shortages have made it more difficult to upgrade devices and meet a deadline set by AT&T.
Products, Services, and Solutions
Qohash Launches New Qostodian Recon™ Product to Help Organizations Discover and Secure Their Sensitive Data (Qohash) Qohash launches its on-premise data discovery and classification tool that catalogs sensitive data in real-time; from WFH or the office.
Authority to Operate on AWS Brings Splunk, Telos Corporation and stackArmor Together to Create a Simple and Fast Way to Help Achieve Compliance (Telos Corporation) FASTTR initiative enhances stackArmor’s ThreatAlert by building on market-leading Telos’ Xacta for security compliance documentation and Splunk for security information and event management
DataDome Launches Enhanced Online Fraud & Bot Management Solution (BusinessWire) DataDome launches an enhanced online fraud & bot management solution. Includes threat analytics & industry benchmarks to fight fraud.
PDI Ranked in Top 14% of MSSP Alerts “2021 Top 250 MSSPs List” (Professional Datasolutions, Inc.,) Appearing at number 34, PDI ranks among the top 14% of managed security service providers (MSSPs) on MSSP Alert’s fifth annual Top 250 MSSPs list.
Technologies, Techniques, and Standards
Companies are hoarding personal data about you. Here’s how to get them to delete it. (Washington Post) Data deletion is complicated, and some companies mishandle requests. But it doesn’t hurt to ask.
10 Best Practices for Cyber Attack Prevention 2021 (Datamation) Prevention is key when minimizing the risk of cyber attacks. Learn the top 10 methods to prevent cyber attacks in your business today.
Design and Innovation
How to Go Passwordless on Your Microsoft Account (Wired) You no longer need an ungainly string of characters to access your Windows PC or Xbox.
Three Key Artificial Intelligence Applications For Cybersecurity (Forbes) We are at the doorstep of a new era of smart technology and cybersecurity is already a testing ground. The cybersecurity industry is increasingly impacted by the deployment of solutions supported by artificial intelligence
Legislation, Policy, and Regulation
U.N. Members Seek New Cyber Discussions Amid Rising Ransomware Attacks (Wall Street Journal) The future of United Nations-led efforts to create rules around how nations should behave in cyberspace is unclear, researchers and experts say, even as countries respond to a growing number of ransomware attacks.
Development of Humanities, Islamic Science Required for Achieving Decline of US in Cyberspace: Scholar (Tasnim News Agency) Head of the Political Science Department of the Imam Khomeini Education and Research Institute (RA) said that the emergence and consolidation of the theory of governance by using the humanities and Islamic sciences in the post-decline cyberspace of the united states requires dialog
Japan names China, Russia, North Korea as threats in cyberspace (Kyodo News+) The Japanese government adopts a draft cybersecurity strategy for the next three years, naming China, Russia and North Korea as cyberattack threats for the first time.
Germany elections: Centre-left claim narrow win over Merkel's party (BBC News) The Social Democrats beat the party of outgoing Chancellor Merkel and may need weeks to form a coalition.
China's central bank says all cryptocurrency-related activities are illegal, vows harsh crackdown (CNBC) China's central bank renewed its tough talk on bitcoin, calling all digital currency activities illegal and vowing to crack down on the market.
Crypto Exchange Giants Cut Back on China Users as Ban Widens (Bloomberg) Binance, Huobi won’t allow new sign-ups via China phones. Steps come after missive from PBOC about crypto transactions.
Crypto Exchange Blacklisting To Test US Sanctions' Teeth (Law360) The U.S. Department of the Treasury's unprecedented blacklisting of a cryptocurrency platform accused of helping cybercriminals convert funds into real-world currency will test its ability to sway ransomware actors' behavior, as officials sharpen their pitch for victims to report attacks.
Paying Hackers’ Ransom Demands Is Getting Harder (Data Center Knowledge) The U.S. Treasury Department has sanctioned a cryptocurrency exchange for its role in facilitating ransomware payments and issued an advisory to private companies against making such payments.
White House Weighs Invoking Defense Law to Get Chip Data (Bloomberg) Biden administration seeks inventory, sales information, Goal is to prevent stockpiling, ease supply chain bottlenecks.
Opinion: With cyber aggression on the rise, this is the wrong time to cripple an important asset in our defense against attacks (Des Moines Register) Former Republican U.S. senator: We can’t afford to let China get ahead while leaving our homeland vulnerable to attack.
Litigation, Investigation, and Law Enforcement
'Chilling': Facial recognition firm Clearview AI hits watchdog groups with subpoenas (POLITICO) Advocacy groups argue the company is trying to bully critics.
When the FBI seizes your messages from Big Tech, you may not know it for years (Washington Post) Microsoft, Google, Facebook and other tech firms are pressing lawmakers to stop prosecutors from secretly snooping on private accounts
It’s Not Easy to Control Police Use of Tech—Even With a Law (Wired) A key backer of a 2018 Oakland law to rein in tools like automated license plate readers says the city is not following the rules.
Kidnapping, assassination and a London shoot-out: Inside the CIA's secret war plans against WikiLeaks (Yahoo) In 2017, as Julian Assange began his fifth year holed up in Ecuador’s embassy in London, the CIA plotted to kidnap the WikiLeaks founder, spurring heated debate among Trump administration officials over the legality and practicality of such an operation.
CIA's Assange abduction plan raises questions for Australian government (Crikey) We now know the CIA planned to abduct, perhaps even murder, Julian Assange. Did it bother telling the Australian government?
Huawei CFO Meng Wanzhou Reaches Deal With Justice Department (Wall Street Journal) Under the agreement, Ms. Meng admitted to some wrongdoing, securing an exit from Canada and her U.S. extradition fight; meanwhile, two Canadians detained in China were released.
Huawei CFO Meng Is Released Amid Case Against Chinese Giant (Bloomberg) CFO admits to list of wrongs in U.S. deferred-prosecution deal. Charges against Huawei remain as U.S. rivalry with China grows.
Huawei CFO Admits Duping HSBC On Iran Dealings (Law360) Huawei Chief Financial Officer Meng Wanzhou on Friday entered into a deferred prosecution agreement with U.S. authorities and admitted to deceiving global lender HSBC about Huawei's business dealings with Iran.
Huawei's Meng Wanzhou flies back to China after deal with US (BBC News) The row over Meng Wanzhou's detention in 2018 strained China's relations with Canada and the US.
China’s act of ‘hostage diplomacy’ comes to end as two Canadians freed (the Guardian) Michael Kovrig and Michael Spavor were released hours after Huawei executive Meng Wanzhou was freed in Canada
To Get Back Arrested Executive, China Uses a Hardball Tactic: Seizing Foreigners (New York Times) The speed at which Beijing returned two Canadians held seemingly tit-for-tat in exchange may signal comfort with the tactic.
Germany’s probe into Chinese cellphones over security will end in vain: experts (Global Times) Germany will reportedly investigate the cyber security status of some Chinese mobile phones, following a recent report by Lithuania's Defense Ministry accusing that phones produced by Chinese vendor Xiaomi sold in Europe have a built-in ability to censor content.
Huawei bans are a clear national security double standard (GGTN) By targeting Huawei and putting the focus on Huawei for all their partners in the EU and around the world, the U.S. is trying to downsize the economic strength of Huawei, and by that, harming China. What happens at the moment has nothing to do with democracy. It has nothing to do with the free market.
Mexico asks Bennett for Israel’s support on extraditing ex-investigator (Times of Israel) Mexican president sends letter to PM requesting cooperation in case of former official Tomas Zeron, wanted in connection with disappearance of 43 students in 2014
Irish data regulator fines Whatsapp €225m for GDPR infringements (Lexology) On 20 August 2021, the Irish data regulator - the Data Protection Commission (DPC) - fined WhatsApp a record €225M for a series of cross-border data…
UC San Diego Health sued over data breach that may have exposed records of 500,000 patients (San Diego Union-Tribune) Lawsuit seeks class-action status in a case where a phishing scam allowed access to a wide range of sensitive information.