Lebanon Cedar described. Lazarus Group conned vulnerability researchers. Containing Solorigate. Self-organizing crowds?

Cyber Attacks, Threats, and Vulnerabilities

Hezbollah's cyber unit hacked into telecoms and ISPs (ZDNet) Security firm Clearsky said they identified at least 250 servers hacked by Lebanese Cedar, a hacking group linked to the Hezbollah militant group.

Hezbollah hackers attack unpatched Atlassian servers at telcos, ISPs (BleepingComputer) Volatile Cedar, an advanced hacker group believed to be connected to the Lebanese Hezbollah Cyber Unit, has been silently attacking companies around the world in espionage operations.

‘Lebanese Cedar’ APT (ClearSky) In early 2020, suspicious network activities and hacking tools were found in a range of companies.

“Lebanese Cedar” APT: Global Lebanese Espionage Campaign Leveraging (ClearSky) Lebanese Cedar is an APT group that has been operating for almost a decade attacking companies and organizations around the world

Lazarus Group behind security researcher attacks (iTnews) Microsoft attributes campaign to familiar North Korean threat actors.

ZINC attacks against security researchers (Microsoft Threat Intelligence Center (MSTIC)) In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress.

Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say (Wall Street Journal) Close to a third of the victims didn’t run the SolarWinds software initially considered the main avenue of attack for the hackers.

SolarWinds Hack Proves ‘No Finish Line With Security’: Ahead President (CRN) Why the SolarWinds hack proves there’s no end to cybersecurity attacks and businesses security strategies, according to Ahead President Stephen Ayoub.

The Story of a SolarWinds Attack Victim (Bloomberg) Hi, this is Alyza on Bloomberg’s cybersecurity team. This week, I caught up with Marcin Kleczynski, the chief executive officer of Malwarebytes, one of several cybersecurity firms targeted in the course of a massive hacking campaign using software from Texas-based SolarWinds Corp.

How Cloud Services Are Exploited for Cyber-Espionage (Infosecurity Magazine) A number of recent cyber-espionage campaigns share common characteristics

Rocke Group’s Malware Now Has Worm Capabilities (Threatpost) The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics.

Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx and FactoryTalk Services Platform Vulnerabilities: Classic Buffer overflow, Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of these vulnerabilities may result in denial-of-service conditions.

Facebook Ad Services Let Anyone Target US Military Personnel (Wired) Researchers warn that an advertising platform with categories like “Army” and “United States Air Force Security Forces” could be abused.

Stack Overflow Shares Technical Details on 2019 Hack (SecurityWeek) Stack Overflow has shared technical details on how its systems were hacked in 2019, and it turns out that the attacker often viewed questions posted on Stack Overflow.

Peel District School Board suffers cyber attack, online learning unaffected (CTV Toronto) The Peel District School Board’s website is down, and access to some school systems and files are blocked due to a “cyber security incident,” the board said Thursday.

Beware the Long Con Phish (KnowBe4) One email, one rogue URL link, one phone call. The fraudster is counting on the victim’s immediate response as key to the success of the phishing campaign.

Phishing Campaign Spoofed DHL Delivery Service (BankInfo Security) The security firm FireEye reports that a recently uncovered phishing campaign spoofed DHL's delivery service as way to collect personal information, including

Dead System Admin's Credentials Used for Ransomware Attack (GovInfo Security) The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable

Security Patches, Mitigations, and Software Updates

Apple Adds 'BlastDoor' to Secure iPhones From Zero-Click Attacks (SecurityWeek) Apple added several anti-exploit mitigations into its iOS mobile operating system to protect against zero-click attacks

Apple to Crack Down on Tracking iPhone Users in Early Spring (SecurityWeek) Apple says it will roll out a new privacy control in the spring to prevent iPhone apps from secretly shadowing people.

Apple Privacy Survey: iOS users agree with Apple’s Latest Privacy Update…but 74% would rather be tracked than pay for sites & apps (SellCell) Apple introduced a slew of radical new privacy improvements to its iPhone and iPad lineup with the rollout of recent

Cyber Trends

Neustar Highlights Rise in Ransom-Related DDoS Attacks and Greater Use of Existing Attack Vectors (BusinessWire) Neustar highlights rise in ransom-related DDoS attacks and greater use of existing attack vectors

The Wordfence 2020 WordPress Threat Report (Wordfence) There were 3 primary threats to WordPress in 2020. The Wordfence Threat Intelligence Team details these threats and how to address them.

Why to Blame IT Pros for Sensitive Data Privacy Failures (Channel Futures) Data Privacy Day is a good reminder that everyone within an organization is responsible for protecting sensitive data, according to DataPro.

“Life Online” Driven by COVID-19 Is Here to Stay (Cyber Florida) Researchers at the University of South Florida, in partnership with the Florida Center for Cybersecurity, conducted a nationwide survey of 1,003 U.S. adults to measure how the COVID-19 pandemic has affected their online behaviors and digital reliance. The survey included a representative sample of adult Americans, fielded between January 9th and 12th. Topline results are

Many European CISOs Shift Focus to Mobile Security: Survey (SecurityWeek) A survey commissioned by Ivanti shows that a majority of CISOs in Europe have shifted the focus of their cybersecurity strategy to mobile devices due to increasing remote work.

Online Harassment Toward Women Is Getting Even More Insidious (Wired) From coded memes to deepfake porn, abusive disinformation campaigns are sliding past moderation tools. Platforms, Congress, and employers need to help women fight back.

Remote Workers Could Offer Brexit Britain Cybersecurity Lifeline (Infosecurity Magazine) CrowdStrike study reveals many IT leaders are concerned at hiring freeze

Marketplace

TPG Agrees to Acquire a Majority Stake in Centrify from Thoma Bravo (BusinessWire) TPG Capital, the private equity platform of global alternative asset firm TPG, today announced that it has signed a definitive agreement to acquire a

Centrify To Be Bought, Names Ex-Symantec Head Art Gilliland As CEO (CRN) Centrify will have its third owner and fourth top executive in less than three years after the company agreed to be purchased by TPG and selected Art Gilliland as CEO.

CybSafe raises $7.9M Series A led by IQ Capital for its ‘behavioral’ cybersecurity platform (TechCrunch) Cybersecurity startup CybSafe, a “behavioral security” platform, has raised $7.9 million in a Series A funding round led by IQ Capital with participation from Hanover Digital Investments (HDI) GmbH and B8 Ventures. The investment round will be used to focus on expanding its enterprise a…

Link11 to acquire Canadian DDoS protection provider DOSarrest Internet Security (EIN) Acquisition reinforces Link11’s commitment to deliver DDoS protection solutions to organizations globally.

Cybersecurity giant Tanium scores $150 million, following HQ move to Seattle area (GeekWire) Tanium may not be a household name, at least not yet. But the fast-growing cybersecurity company, which moved its headquarters from the San Francisco Bay Area to Kirkland, Wash. last year…

Romania's Cyber Dacians admitted to Start-up Chile (Telecompaper) Romania-based cyber-security company Cyber Dacians was admitted to Start-up Chile, a seed accelerator created by the Chilean government and based in Santiago. The programme is managed by CORFO, the Chilean Economic Development Agency, via InnovaChile and aims to encourage entrepreneurship and innovation to improve productivity in Chile, Romanian news agency Agerpres reports.

Envistacom wins $235m US Army contract for communications and IT services (Army Technology) Communications, cyber and intelligence operations solution provider Envistacom has secured a $235m prime contract from the US Army.

Apple, Facebook Trade Barbs Over Privacy-Focused Business Models (Wall Street Journal) Tim Cook criticized app-tracking tools that he said turn consumers into an advertising product a day after Mark Zuckerberg accused Apple of using its platform to interfere with how Facebook apps work.

Reddit/WSB names resume rally premarket (NASDAQ:AAL) (SeekingAlpha) The retail trading world is outraged at the trading limits imposed by Robinhood (RBNHD) and other brokerages yesterday and questions are circling about the protections that should be in...

Robinhood, Other Brokerages Restrict Trading on GameStop, AMC (Wall Street Journal) Popular online brokerages restricted trading in some highflying stocks, sapping some of the euphoria around shares of companies that individual investors have sent skyrocketing undefinedin recent days.

Robinhood Restricts GameStop Trading—in a Bid to Save Itself (Wired) The online broker blocked users from trading several “meme stocks” on Thursday, as regulators take a close look at the WallStreetBets phenomenon.

Robinhood restricts trading in GameStop, other names involved in frenzy (CNBC) Free-trading pioneer Robinhood and Interactive Brokers took steps to curb the wild trading activity in heavily shorted names.

Robinhood's GameStop freeze stirs storm of criticism from pols, users (Silicon Valley Business Journal) Robinhood Markets Inc. is getting a hail of criticism after it restricted users' ability to trade shares of GameStop Corp. and other companies on Wednesday.

Robinhood will allow "limited buys" of stocks like GameStop, starting on January 29th (The Verge) Start your engines.

Robinhood Android app gets review-bombed over stock block (9to5Google) After restricting stocks from GameStop, AMC, and more, the Robinhood Android app has been review-bombed, bringing the overall score to 1-star

A Reddit user on what it's like to be part of "the mother of all short squeezes" (Quartz) A young retail investor explains what it's like to be present for "the mother of all short squeezes."

The biggest investors in space are cheering on the GameStop trade (Quartz) What does a wild financial market mean for the space industry?

Facebook shuts popular stock trading group amid GameStop frenzy (Reuters) Facebook Inc took down a popular Wall Street discussion group, Robinhood Stock Traders, in a move that its founder on Thursday described as backlash for conversations buoying shares of GameStop Corp and other companies this week.

Cellebrite: Israel's Good Cyber Cop is Big Tech's Backdoor to Breaching Your Privacy (MintPress News) Israeli digital forensics company Cellebrite has been quietly providing law enforcement agencies with the tools to retrieve data from any device for years, but they want you to know they're on the right side of the law.

UK Insurers Warned Against 'Funding' Ransomware Payouts (Law360) Insurers are effectively funding cybercriminals by subsidizing ransomware payments through insurance policies, creating a vicious cycle that generates further attacks, an information technology security company warned on Thursday.

Energage Names KnowBe4 a Winner of the 2021 Top Workplaces USA Award (Yahoo Finance) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has earned a 2021 Top Workplaces USA award, issued by Energage, a purpose-driven organization that develops solutions to build and brand Top Workplaces. This is the inaugural year for Top Workplaces USA, built on the program's 14-year history surveying more than 20 million employees across 54 markets for the regional Top Workplaces awards.

Malware Expert Michael Sikorski Joins Trinity Cyber, Inc. Advisory Board (Trinity Cyber) Trinity Cyber, Inc., a Gartner Cool Vendor for Network and Endpoint Security 2020, today announces that Michael Sikorski, one of the cybersecurity industry’s technical leaders, has been named to its Advisory Board effective immediately.

Cybersecurity Pioneers Ron and Cyndi Gula Invest in Trinity Cyber, Inc. (Trinity Cyber) Trinity Cyber, Inc., the company redefining network threat prevention, announces that Gula Tech Adventures (GTA), founded by Ron and Cyndi Gula, has invested in the cybersecurity startup. GTA focuses on identifying and helping to build the next generation of cybersecurity companies.

Todd Massengill Joins Novetta as Vice President (Citybizlist) Novetta, a leader in advanced analytics technology, today announced that Todd Massengill joins as the Vice President of Emerging Technologies in Novetta's Information Exploitation Division. Todd will lead strategic and operational initiatives driving data analytics, cyber solutions, cloud deployments, and software development solutions for Defense and Intelligence Community customers.

Bitglass kicks off new year with two senior APJ hires (Security Brief) “I look forward to helping Bitglass change the way people and organisations protect themselves when using the cloud.

Facebook appoints its first chief compliance officer amid ongoing scrutiny (Reuters) ViacomCBS Inc's top compliance official, Henry Moniz, is moving to Facebook Inc as the social media platform's first chief compliance officer, as Facebook faces scrutiny from regulators and lawmakers.

Products, Services, and Solutions

Barracuda introduces fast, scalable, and resilient backup platform to protect data in Microsoft Office 365 (Barracuda Networks) Completely rearchitected Barracuda Cloud-to-Cloud Backup delivers fast search and restore experience for Office 365 data including Teams, Exchange Online, SharePoint, and OneDrive

CommScope’s Wireless Solutions Added to the U.S. National Security Agency’s Commercial Solutions for Classified Programs List (BusinessWire) CommScope's RUCKUS SmartZone controllers and RUCKUS access points have cleared the NSA/CSS vetting process and are now available on CSfC Programs list

DIU Scaling Up Commercial Cyber Threat Deception Platform (Nextgov) The innovation group extended an other transaction agreement with cybersecurity firm CounterCraft with an eye to moving to a production contract in the coming months.

Akamai Partners with Smart Home Services Pioneer Plume to Improve CX for Broadband Customers (Fast Mode) Akamai, the intelligent edge platform for securing and delivering digital experiences, on Wednesday announced a new partnership

Lumen Named an Approved Provider for Tech Programs in Georgia and California (PR Newswire) Lumen Technologies (NYSE: LUMN) recently won a spot as an approved technology provider on both the Georgia Technology Authority (GTA) Direct...

Technologies, Techniques, and Standards

World Economic Forum launches GAIA to accelerate responsible AI adoption (Computing) The WEF's new platform will work to ensure that AI governance reflects best practices in data governance

Entitlement creep: What you should know about it (Security Magazine) Organizations are exposing their business to unnecessary risk by allowing employees to have residual access to systems and applications that they no longer need to have access to. Security teams need to evolve their current approach to better manage and control unauthorized user access.

How to protect your organization's remote endpoints against ransomware (TechRepublic) A lack of visibility into remote endpoints can leave your organization vulnerable to ransomware attacks, says security provider Illumio.

Three Steps to Securing Supply Chains Under Pressure (Supply Chain Brain) The challenge of securing increasingly complex, flexible, and responsive supply chains has grown enormously over the past year.

Rethinking Endpoint Security - Check Point Software (Check Point Software) Part 2: The top 5 must-have endpoint protections By Oleg Mogilevsky, Product Marketing Manager, Threat Prevention Malicious actors worldwide are taking

Latest version of cyber training to roll out in coming months (C4ISRNET) The Army improves the cyber warrior training platform with a DevOps approach and readies new training content quickly.

Design and Innovation

Barracuda Microsoft collaboration on Cloud-to-Cloud Backup (Journey Notes) Nills Franssens, Senior Cloud Solution Architect at Microsoft, shares an inside look at the collaboration on Barracuda Cloud-to-Cloud Backup.

Car Makers Seek Ways to Secure Data Needed to Build Connected Services (Wall Street Journal) Pooling data churned out by connected cars poses a challenge for companies that are wary of violating privacy laws or sharing valuable proprietary information.

Research and Development

Microsoft claims breakthrough in quantum computing with Gooseberry chip and cryo-computing core (Computing) The company says its new system is a leap ahead from previous technology

Researchers develop tool that ensures secure sensitive data sharing (Help Net Security) A tool that enables secure sensitive data sharing has been developed to help ensure key datasets can be publicly shared with extra security.

Academia

New Berkeley center will explore bipartisan security solutions (Berkeley News) The US political system is struggling with historic challenges, says former UC President Janet Napolitano

Legislation, Policy and Regulation

Australia’s cyber security game plan (ComputerWeekly) Australia’s next cyber security strategy was unveiled recently and comes at a time when the country is facing unprecedented attacks against its critical infrastructure systems.

China warns Taiwan independence 'means war' as US pledges support (BBC News) The warning comes days after China stepped up military activities near the self-governed island.

23 Republicans urge Biden to work with allies on tech to combat China (Defense News) GOP lawmakers are calling on President Biden to maximize alliances on emerging technology.

Lawmakers from AOC to Ted Cruz are bashing Robinhood over its GameStop trading freeze (CNBC) AOC, Ted Cruz, Elizabeth Warren and other lawmakers criticized Robinhood after it restricted trading in GameStop and other companies.

Data Privacy Day: Will U.S. Reform Help Americans ‘Own’ Their Data and Help Businesses Protect and Recover It? (Infrascale) Some special days on the calendar are whimsical, some are too commercialized. International Data Privacy Day is neither. It highlights a massive and unwieldy problem requiring immediate global attention from individuals, businesses, governments, and organizations of every kind: Exponential data growth in our data-filled work, lives, and world means unprecedented personal and business data exposure. […]

The Cybersecurity 202: Watchdog report criticizes State Department cybersecurity bureau established by Trump administration (Washington Post) A government watchdog released a report criticizing a State Department cybersecurity bureau set up in the last days of the Trump administration.

The NSA has a new interim cybersecurity director (CyberScoop) Dave Luber is serving as the NSA’s interim cybersecurity director as the agency transitions in new leadership in the Biden administration.

Is Raimondo's confirmation in jeopardy because of Sen. Ted Cruz and a Chinese telecommunications company? (The Providence Journal) Is Governor Raimondo's nomination as commerce secretary in trouble because of her \

Former Bush homeland security adviser urges Mayorkas confirmation amid DHS 'heightened threat' warning (Fox News) A former homeland security adviser for President George W. Bush on Thursday said President Biden's nominee for DHS secretary, Alejandro Mayorkas, should quickly be confirmed to his post amid the agency's advisory warning that the U.S. is under a "heightened threat environment."

Military intel chief sacked over ‘NPA’ list boo-boo (INQUIRER) Defense Secretary Delfin Lorenzana has relieved the military’s intelligence chief after the Armed Forces of the Philippines posted on social media an erroneous list

The Next Target for a Facial Recognition Ban? New York (Wired) San Francisco, Oakland, and other cities have enacted moratoriums on government use of the tech. New York looks like a harder sell.

What Washington Privacy Act Would Mean For Cos. (Law360) If the Washington Privacy Act passes, companies will need to undertake substantial compliance efforts similar to those other prominent data privacy laws from California and the European Union require, with a few notable differences, says David Stauss at Husch Blackwell.

Litigation, Investigation, and Enforcement

Law Enforcement Planning Emotet Cleanup Operation Following Botnet Takedown (SecurityWeek) Following a takedown operation earlier this month, authorities are taking steps towards cleaning up systems infected with the Emotet malware.

Emotet-Takedown eine Verschnaufpause für Unternehmen (Datensicherheit und Datenschutz) Unternehmen sollten die durch den Emotet-Takedown gewonnene Zeit nutzen und ihre Sicherheitsstrategie überprüfen, empfiehlt Tim Berghoff.

End of Emotet: A blow to cyber crime, but don’t drop your guard (ComputerWeekly) The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact.

FBI watching for cyber-hacking involving Detroit automakers & autonomous vehicles (WXYZ) The FBI Detroit Special Agent in Charge says there are emerging threats here in Michigan, including the growing danger of cyber hacking.

Calif. Privacy Law May Sway Venue For Dickey's Breach Suits (Law360) The California Consumer Privacy Act could be a big factor in deciding where six cases stemming from a data breach at Dallas-based Dickey's Barbecue Pit should be consolidated, with a federal judge on the panel that's mulling consolidation questioning whether the novel claims justify hearing the disputes in the Golden State.

Personal Data Protection - Duties after your business faces a cyber-attack or hacking (Lexology) From time to time, there are news reports of hackers breaching computer systems through the use of ransomware or by other means resulting in, in many…