Attacks, Threats, and Vulnerabilities
Suspected Chinese state-linked threat actors infiltrated major Afghan telecom provider (The Record by Recorded Future) Four distinct infiltrations by suspected Chinese-state sponsored threat actors stole gigabytes of data from the corporate mail server of major Afghan telecom provider Roshan within the past year, with data exfiltration by some spiking during the Taliban’s recapture of the country, according to new research from Recorded Future’s Insikt group.
A record 5.4 million DDoS attacks were reported in H1 2021 (Atlas VPN) According to the data presented by the Atlas VPN team, cybercriminals launched nearly 5.4 million Distributed Denial of Service attacks in the first half of 2021 — an 11% increase compared to the first half of 2020.
Blox Tales: Zix Credential Phishing (Armorblox) This blog focuses on a credential phishing attack that spoofs a Zix secure message notification and attempts a drive-by download.
FinSpy Surveillance Spyware Fitted With UEFI Bootkit (SecurityWeek) Security researchers at Kaspersky have spotted signs of the notorious FinSpy surveillance spyware hijacking -- and replacing -- the Windows UEFI bootloader to perform stealthy infections on target machines.
Universities’ Security Blindspot on Global Free WiFi Network Leaves Faculty and Student Usernames and Passwords Exposed to Hackers (WizCase) WizCase’s security team, led by Ata Hakçıl has discovered a major security issue affecting the users of WiFi provider eduroam. Eduroam provides free WiFi connections at participating institutions assigning student, researcher, or faculty login credentials. Each institution gives time, manpower, and other resources to help keep eduroam running. Unfortunately, since there is no one ...
Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (SecurityWeek) Microsoft has detailed FoggyWeb, a post-exploitation backdoor that the hackers behind the SolarWinds attack have used to remotely exfiltrate data from AD FS servers.
Microsoft warning: This malware creates a 'persistent' backdoor for hackers (ZDNet) This custom backdoor lets attackers remotely steal tokens and certificates from Microsoft's identity platform.
Enterprises Warned About Zix-Themed Credential Phishing Attacks (SecurityWeek) Enterprise users have been warned that cybercriminals may be trying to phish their credentials using emails that spoof security company Zix.
New Research: Security Report Finds Ed Tech Vulnerability That Could Have Exposed Millions of Students to Hacks During Remote Learning (The 74 Million) A student monitoring company that thousands of schools used during remote and hybrid learning to ensure students were on task may have inadvertently exposed millions of kids to hackers online, according to a report released Monday by the security software company McAfee. The research, conducted by the McAfee Enterprise Advanced Threat Research team, discovered the […]
Salt Security Finds Widespread Elastic Stack API Security Vulnerability that Exposes Customer and System Data (Salt Security) New Threat Research from the Salt Labs Security Research Team Details Elastic Stack Injection Exploit that can Result in DoS Attacks and Cascading API Threats
UK umbrella payroll firm GiantPay confirms cyber-attack (Register) Tech contractors fume at lack of info as company says it will 'try' to get them paid by Friday
Bandwidth.com is latest victim of DDoS attacks against VoIP providers (BleepingComputer) Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days.
Bandwidth hit by cyber attack that causes disruptions to some business phone calls (News Observer) Raleigh technology company Bandwidth, which makes software for internet-based voice and text communication, is experiencing outages after it was hit by a cyber attack over the weekend, the company said Tuesday.
How to Spot a Fake Microsoft Security Warning (IT Pro) It can be hard to tell a fake Microsoft security warning from a real one, especially for end users working from home.
Colossus Ransomware Hits Automotive Company in the U.S. (SecurityWeek) Engaging in double extortion, the ransomware operators appear to be familiar with existing ransomware-as-a-service (RaaS) groups.
Ransomware: Has the U.S. reached a tipping point? (SearchSecurity) The U.S. government has taken a number of steps to address the threat of ransomware, which experts say has gotten increasingly more dangerous.
Lufkin ISD hit with an attempted cyber-attack (KJAS.COM) The Lufkin Independent School District says computer technicians are on site after a weekend attempted cyber-attack on their computer system.
REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout (Flashpoint) REvil’s tactics have recently come under renewed scrutiny. Threat actors operating on XSS and Exploit are currently reacting to evidence that REvil included a secret backdoor in its ransomware code—allegedly enabling the ransomware group to steal illicit ransom proceeds from its affiliates. Flashpoint cybersecurity analysts examine the chatter and subsequent fallout.
Security Patches, Mitigations, and Software Updates
QNAP Patches Critical Vulnerabilities in QVR Software (SecurityWeek) QNAP announces the availability of patches for a couple of critical vulnerabilities in its QVR video management solution.
Trends
2021 Trustwave SpiderLabs Telemetry Report (Trustwave) The 2021 Trustwave SpiderLabs Telemetry Report: The State of High Profile Vulnerabilities reviews Internet-facing targets exposed to high-profile vulnerabilities released in 2021.
2021 State of the Threat Report (Secureworks) Cyber threats have taken over 2021 and they show no sign of stopping. In this report, we explore some of the most recent, hard-hitting cyberattacks.
ThreatQuotient Publishes Research Report: State of Cyber Security Automation Adoption in 2021 (BusinessWire) ThreatQuotient has published new research focused on understanding the challenges businesses face when it comes to cybersecurity automation.
It's Time For Cyber-insurance To Become Personal In The WFH Age (Forbes India) According to a recent report by Hewlett Packard, there has been a stupendous 238 percent increase in global cyberattack volume during the pandemic
Healthcare Organizations Must Deal with their Shadow Information Problem (JD Supra) A myopic focus on protecting EMR (Electronic Medical Records) systems has left healthcare organizations open to shadow information risk. ...
DigiCert 2021 State of PKI Automation Survey Finds Companies are Struggling with Reliance on Manual Processes Amid Growing Volume of Digital Certificates (PR Newswire) DigiCert, Inc., the world's leading provider of TLS/SSL, IoT and other PKI solutions, today released its 2021 State of PKI Automation survey...
Finance sector vulnerable to rising cyberattacks (Security Brief) “The finance sector is a lucrative target for cybercriminals given the wealth of data it possesses.
The balance of top 5 dormant Bitcoin addresses worth more than Tajikistan’s GDP (Finbold) A dormant Bitcoin (BTC) address is a BTC wallet that has not had any transactions for a long period of time. Remarkably, the top five dormant Bitcoin address balances are worth more than the Gross Domestic Product (GDP) of some countries in U.S. dollars.
Interest in keyword ‘cybersecurity’ on Google Search hits an all-time high (Atlas VPN) Cybersecurity lately has become a hot topic for many governments and businesses around the world. Cybercriminals used the pandemic and remote work to launch cyberattacks against unprepared organizations, suddenly making big headlines and getting everyone’s attention.
Bitdefender Threat Debrief | August 2021 (Bitdefender) Bitdefender's monthly report on the current ransomware threats and threat actors.
Marketplace
Cybersecurity ETF Offers Long-Term Appeal (ETFdb.com) A spate of large-scale cyberattacks this year confirms that companies and governments must commit significant financial resources to cybersecurity...
'Like nothing happened': Protesters slam NSO Group's presence at UK-backed fair (Middle East Eye) After dozens of UK citizens identified as alleged hacking victims, demonstrators are disappointed that the Israeli firm is among exhibitors at the London event
Darktrace: Too much too young? (Investors' Chronicle) It has been a stock market phenomenon since listing, but has Darktrace's value gone too far? Robin Hardy examines the investment case
Egress Hires Mimecast’s Steven Malone as VP of Product Management (BusinessWire) Egress announced today that it has hired Steven Malone as its new VP of Product Management to spearhead the ongoing development of its industry-leadin
SentinelOne Appoints Rob Salvagno as Senior Vice President of Corporate Development (GuruFocus) SentinelOne, Inc. (NYSE: S), an autonomous cybersecurity platform company, today announced the appointment of Rob Salvagno to SVP, Corporate Development.
Cloudentity Appoints Jason Needham as Chief Executive Officer (BusinessWire) Cloudentity, a leading provider of modern application authorization and consent solutions, today announced the appointment of Jason Needham as chief e
Products, Services, and Solutions
Disaster Recovery With a Single Command (Backblaze Blog | Cloud Storage & Cloud Backup) Learn more about Backblaze Instant Recovery in Any Cloud, a new solution that provides easy disaster recovery in any VMware/Hyper-V based cloud.
Appsian Security Releases Cloud Platform for ERP Access Management, Segregation of Duties, and Data Loss Prevention (Yahoo Finance) Appsian Security, the global leader of ERP data security & compliance, today announced the cloud release of a unified GRC platform designed to automate ERP access governance, identity governance, user provisioning/de-provisioning, and segregation of duties. This cornerstone release highlights a significant expansion of Appsian Security capabilities, along with their ability to offer critical ERP security and compliance in the cloud.
Armis and Gigamon Team Up to Safeguard Unmanaged and IoT Devices Against Rising Cloud Threats (GlobeNewswire News Room) Strategic Partnership Ensures Managed, Unmanaged and IoT Devices are Secured Across Cloud Environments as Cyber Threats Proliferate Across the Enterprise...
Simply Business Partners with USG Insurance Services to Offer Small Businesses Cyber Liability Insurance (Homenewshere.com) Simply Business, Inc., a Boston-based digital insurance agency focused on small businesses, today announced the launch of cyber liability insurance. The new product, developed
MCNC – operator of statewide fiber network in NC – rolls out cybersecurity service (WRAL TechWire) MCNC, the operator of the statewide fiber-based North Carolina Research and Education Network, is rolling out a new cybersecurity service in a project aimed at improving data security for school and h
Vanderbilt unveils VCredential platform | ISJ (International Security Journal) Vanderbilt, a global provider of security systems, has announced the launch of its VCredential cloud-based credential management platform.
U.S. Healthcare and Government Institutions Launch Cyber-Command Defense in Preparation of Future Attacks, Disruptions, and Disasters with The Help of FastCommand (Yahoo Finance) Social Unrest, Cyber-Attacks, Violent Active Shooters, and Health Pandemics have all motivated leaders in the U.S. to become more prepared.
SecureCraft brings Cato Networks to the channel in Singapore and Malaysia (Channel Asia) SecureCraft has been tasked with leading the introduction of Cato Networks’ cloud-based networking and security solutions to the IT channel in Singapore and Malaysia.
Sigstore aims to close the trust gap in open-source software - SiliconANGLE (SiliconANGLE) Sigstore aims to close the trust gap in open-source software - SiliconANGLE
GlobalDots offers a one-stop-shop for companies looking for the latest cloud technology (ReBlonde) The company provides cloud performance, content delivery, and securities technology to corporations—including Lufthansa, Lidl, and Bosch—worldwide
Jetico Delivers Stronger Encryption with More Resilience Against Cyberattacks (PR.com) The new version of BestCrypt Volume Encryption has now been released, offering users improved security against brute-force attacks.
U.S. Dept. of Labor awards Verizon Public Sector $887M for network modernization (KULR-8 Local News) The U.S. Department of Labor (DOL) has awarded Verizon Public Sector five Enterprise Infrastructure Solutions (EIS) task orders to modernize legacy network infrastructure
MCNC introduces next-level cybersecurity for North Carolina (The Mountaineer) Cyber threats are becoming more sophisticated and relentless – forcing organizations to implement advanced cybersecurity services and digital health checks no
Fortinet Continues its Secure SD-WAN Momentum with New Global Service Providers (Yahoo Finance) Fortinet Expands List of Global SPs Using Secure SD-WAN to Include Comcast Business, Granite Telecommunications, C&W Business Panama, Acuative, Tata Teleservices and 1&1 Versatel
Alkira Rolls Check Point Into Multi-Cloud Strategy (SDxCentral) Check Point Security’s CloudGuard firewalls are now available on Alkira’s multi-cloud platform.
SecureCraft brings Cato Networks to the channel in Singapore and Malaysia (Channel Asia) SecureCraft has been tasked with leading the introduction of Cato Networks’ cloud-based networking and security solutions to the IT channel in Singapore and Malaysia.
Avertium and Black Kite Announce Strategic Partnership in New Approach to Attack Surface Monitoring (Avertium) Avertium announces a joint partnership through Black Kite’s Aviator Partner Program to provide a comprehensive approach to attack surface monitoring and supply chain cyber security risk.
Exabeam Cyberversity Guides Next Generation of Cybersecurity Professionals (BusinessWire) Exabeam today announced Exabeam Cyberversity.
Rockset Enhances Real-Time Analytics Database With Enterprise-Grade Security And Compliance (GlobeNewswire News Room) Industry’s Only Cloud Native Real-Time Analytics Database Adds a Comprehensive Set of Enterprise Security and Compliance Capabilities, Including SOC 2 Type...
Cloudflare scraps egress fees (Conputing) Says eliminating egress charges is a 'huge win' for open-access to data stored in the cloud
New capabilities simplify data protection, backup and disaster recovery, and application mobility in Kubernetes environments (Kasten) New capabilities simplify data protection, backup and disaster recovery, and application mobility in Kubernetes environments
NETSCOUT and Palo Alto Networks Integrate Security Solutions to Mitigate Risk and Increase Service Availability (BusinessWire) NETSCOUT and Palo Alto Networks announce their new integrated security solutions to mitigate risk and increase service availability.
Beyond Identity Enables Any Business to Eliminate Authentication Friction and Account Takeover Fraud (Beyond Identity) New Beyond Identity Secure Customers Provides First Zero-Friction Passwordless MFA for Native and Web Applications, Delivering a Fast, Fundamentally Secure Customer Authentication Experience
ITProTV Releases New Training Course for the Certified Ethical Hacker Certification (EIN Presswire) CEHv11 training provides the knowledge and skills required for key security roles involving analysis, offensive security testing and vulnerability assessments
Technologies, Techniques, and Standards
NSA, CISA Release Guidance on Selecting and Hardening Remote Access VPNs (National Security Agency/Central Security Service) The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Information Sheet today detailing factors to consider when choosing a
NSA, CISA share VPN security tips to defend against hackers (BleepingComputer) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for hardening the security of virtual private network (VPN) solutions.
NSA, CISA share guidelines for securing VPNs as hacking groups keep busy (CyberScoop) Cautioning that foreign government-backed hackers are actively exploiting vulnerabilities in virtual private network devices, the National Security Agency and the Department of Homeland Security’s cyber wing on Tuesday published guidelines for securing VPNs.
NSA, CISA publish guide for securing VPN servers (The Record by Recorded Future) The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published today technical guidance on properly securing VPN servers used by organizations to allow employees remote access to internal networks.
With Ransomware Attacks, Déjà Vu May Be the New Normal (SHRM) The proliferation of cyberattacks is all too familiar and the source of sleepless nights for many employers.
How one red team exercise averted a new SolarWinds-style attack (ComputerWeekly.com) Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack.
Tokenization vs. Encryption for Data Protection Compliance (SecurityWeek) Tokenization is a branch of cryptography, but should not be confused with encryption. Encryption is used to hide strings of text based on mathematics. Tokenization replaces individual characters with a different character based on randomness.
A cloud company asked security researchers to look over its systems. Here's what they found (ZDNet) With supply chain attacks increasingly common, cloud companies are looking to tighten their defences.
Research and Development
ionir Awarded Patent for Data Container Synchronization (PR Newswire) ionir announced today the approval of a U.S. patent for its system of synchronizing data containers and improving data mobility. This patent...
Academia
Virginia Tech launches National Security Institute; Eric Paterson appointed executive director (Virginia Tech) Drawing on the experience of its faculty members and experts, the institute will produce research and impact policy related to legal and practical challenges facing national intelligence, defense, law enforcement, homeland security, and cybersecurity communities.
Thales : New partnership between QEP and Thales to spur innovation in quantum security and quantum sensors (MarketScreener) The National University of Singapore and Thales have inked a Memorandum of Understanding to mark the start of a two-year partnership to jointly develop... | September 29, 2021
Rider student earns scholarship to Women in Cybersecurity Conference (Rider University) Ana Kolovani, Lilli Kolovani, Marissa Neef, Dr. Elizabeth Hawthorne attend WiCyS conference
Legislation, Policy, and Regulation
Russia, Sentinel for World Cybersecurity? We Think Not. (POLYGRAPH.info) Lest we forget, Russia has a decades-long history of cyberattacks against foreign targets.
U.S. and Europeans Parley in Pittsburgh on Tech, Trade and China (Wall Street Journal) The high-level meeting on Wednesday is an effort to smooth over recent trans-Atlantic squabbles and discuss emerging and long-term issues, even as policy disagreements over China threaten to further strain relations.
Quad takeaways to boost India’s capabilities (Tribuneindia News Service) The first in-person Quad summit hosted by US President Joe Biden on September 24 brought a firm focus to the evolving partnership. It was the second summit this year. The intent of the partners to forge a partnership which could be a defining one for the second quarter of the 21st century is evident
Ransomware-as-a-service amid rising geopolitical tension (Australian Financial Review) Australia could face a wave of nation state-backed cyber attacks against our government and business assets in retaliation for our stance on the COVID pandemic as the nature of digital threats evolves and escalates, a leading security expert says.
House Passes Cyber Incident Reporting Legislation and Other Critical Provisions in NDAA (Hstoday) One provision authorizes the DHS Cybersecurity and Infrastructure Security Agency’s (CISA) CyberSentry program.
Defense bill set to deal civilian cyber agency a big power boost (Federal News Network) Lawmakers want to put the Cybersecurity and Infrastructure Security Agency at the center of U.S. cyber defenses with new authorities and funding.
Senate Bill to Mandate Cyberattack, Ransomware Payment Reporting | Bloomberg Government (Bloomberg Government) Energy companies, banks and other critical infrastructure operators would have to report cybersecurity incidents and ransomware payments to the federal government under legislation introduced Tuesday.
Huawei cloud security, privacy concerns raised by legislators (SC Media) The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.
CISA Director Easterly Talks JCDC, Importance of Cyber Collaboration (MeriTalk) The Cybersecurity and Infrastructure Security Agency (CISA) is in the process of building out its Joint Cyber Defense Collaborative (JCDC) office, and CISA Director Jen Easterly today said that while the office is being established based on the Cyberspace Solarium Commission recommendation of creating a joint collaborative planning office, the JCDC will be about more than just planning.
Analysis | Bipartisan criticism grows over the FBI delaying aid to Kaseya victims (Washington Post) The bureau delayed withheld a decryption key while it worked on retaliating against the hackers.
Coast Guard looks to direct commissioning for cyber personnel (FCW) The maritime military branch opened up its direct commissioning program to cyber roles in cyberspace operations, cybersecurity, information assurance and cyber threat intelligence.
Litigation, Investigation, and Law Enforcement
Head of Russian cybersecurity firm Group IB detained on state treason charges (Reuters) RUSSIA-CYBER/ARREST (URGENT):Head of Russian cybersecurity firm Group IB detained on state treason charges
Group-IB Founder Sachkov Arrested in Moscow on Treason Charges (Bloomberg) The founder of the Group-IB cybersecurity company, Ilya Sachkov, was put under arrest on treason charges for two months until Nov. 27, Anastasia Romanova, spokesperson for the Lefortovo court in Moscow, said by telephone.
Russian Security Agents Raid Moscow Offices Of Major Cybersecurity Company (RadioFreeEurope/RadioLiberty) Russian security agents raided the Moscow offices of Group-IB, a leading Russian cybersecurity company known for its work in tracking down hackers and fighting theft and cyberfraud.
Russian authorities arrest cybersecurity giant Group-IB’s CEO on treason charges (TechCrunch) Group-IB, founded in 2003, is one of Russia's largest cybersecurity companies.
Kremlin holds no details on Group-IB founder arrest, sees no connection with Calvey case (TASS) On Wednesday, it was reported that the founder of Group-IB had been arrested for two months in Moscow on suspicion of high treason
tech companies block more than 11.6 million transactions for endangered wildlife online (IFAW) The Coalition to End Wildlife Trafficking Online has blocked more than 11.6 million listings for endangered wildlife products and live animals.
Warby Parker under investigation over handling of cyberattack (Fortune) As the eyewear retailer readies to go public, it revealed it has been the subject of an ongoing investigation over its handling of a 2018 cyberattack.
'Overheated': How A Chinese-Spy Hunt At DOJ Went Too Far (Law360) A Trump-era program was intended to root out Chinese state-sponsored economic espionage. Instead, critics say, it stirred up a toxic mix of racial profiling and prosecutorial misconduct, leaving innocent scientists to suffer the consequences.
Malwarebytes Wins Dismissal of Enigma Lawsuit in Final Ruling (IT News Online) Malwarebytes Wins Dismissal of Enigma Lawsuit in Final Ruling
Cisco's $56.9 mln network-security patent loss reinstated by Fed Circ. (Reuters) Cisco Systems Inc is liable for at least $56.9 million in damages and attorneys' fees for willfully infringing SRI International Inc patents related to network security, the U.S. Court of Appeals for the Federal Circuit said Tuesday.
DHS Cyber Office Wants to See Secret Voting Machine Vulnerability Report (The Daily Beast) After a cybersecurity researcher wrote a report about potential vulnerabilities in voting machines, and a judge locked up the report, a government official now wants to read it.