Attacks, Threats, and Vulnerabilities
Cash-Starved North Korea Eyed in Brazen Bank Hack (Daily Beast) Hackers who stole tens of millions of dollars to fund North Korea’s nuclear weapons program in 2016 tried hitting another bank last year, The Daily Beast has learned.
Hacker Attacks Hit Indonesian Agency: Calling for Cyber War? (D-Insights) A cyber attack hits National Cyber and Encryption Agency’s (BSSN) website, highlighting the latent threat of cyber warfare.
Operation Secondary Infektion Targets Pfizer Vaccine | Recorded Future (Recorded Future) A fake letter has been discovered that is highly likely an attempt to generate vaccine hesitancy and distrust.
Conti Ransom Gang Starts Selling Access to Victims (KrebsOnSecurity) The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti's malware who refuse to negotiate a ransom payment are added to Conti's victim shaming blog, where confidential files stolen from victims may be…
Ransomware Gang Says the Real Ransomware Gang Is the Federal Government (Vice) A day after it was revealed that the US and its allies hacked the infamous REvil ransomware gang, a competing gang published an anti-government rant on its website.
BlackMatter botched ‘tens of millions’ in ransoms after coding bug caught by Emsisoft (SC Media) Cybersecurity firm helped victims without publicly announcing bug in BlackMatter ransomware, which has since been fixed by the threat group.
Emsisoft cracked BlackMatter ransomware, recovered victims' data (SearchSecurity) Emsisoft found a critical flaw in BlackMatter ransomware, as well as other ransomware families, that helped to decrypt files without paying.
Hackers used billing software zero-day to deploy ransomware (BleepingComputer) An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks.
SolarWinds Hackers Target Another Weak Point in Tech Supply Chain (Wall Street Journal) Firms that resell or manage cloud services are springboards for bigger attacks.
US being hit by huge cyber attacks, Microsoft warns (The Independent) Hundreds of companies and organisations are being hit by a wave of cyber attacks, Microsoft has warned.
Hundreds of U.S. Networks Targeted by Russian Cyber Attack, Microsoft Says (Insurance Journal) The Russian-based agency behind last year's massive SolarWinds cyberattack has targeted hundreds more companies and organizations in its latest wave of
Russia-Linked SolarWinds Hackers Continue Supply Chain Attack Rampage (SecurityWeek) Microsoft warns that the Russia-linked threat group that targeted SolarWinds continues launching supply chain attacks.
Russian Hackers Behind SolarWinds Attack Are Targeting The Supply Chain, Microsoft Says (Daily Caller) The same group of Russian hackers behind the December 2020 SolarWinds attack are targeting companies in the U.S. technology supply chain, Microsoft says.
Russian Cyber Spies Flout Sanctions, Target Tech Sector (Law360) Russian spies behind a cyberattack on software provider SolarWinds that led to breaches at nine U.S. federal agencies have flouted White House sanctions with a new campaign targeting cloud service companies, Microsoft Corp. said Monday.
The Russian hacker group behind the SolarWinds attack is at it again, Microsoft says (NPR.org) According to Microsoft, the group is targeting technology companies that resell and provide cloud services and has been using phishing and password spray to gain entry to targeted networks.
Wave of cyberattacks hitting American companies, Microsoft warns (Newsweek) Microsoft has accused the Russian hacking group Nobelium of being responsible for the attack.
Urgency, Mail Relay Serve Phishers Well on Craigslist (INKY) Craigslist, that old fashioned website people still use to find things locally — and urgently — has become the latest phishing vector. In addition to the inherent time pressure of its marketplace, a feature on the site that appeals to phishers is the mail relay function. In the service of safety and anonymity, Craigslist lets people seeking or offering things send an email through the system to anyone else.
Cracking WiFi at Scale with One Simple Trick (Cracking WiFi at Scale with One Simple Trick) How I Cracked 70% of Tel Aviv’s Wifi Networks (from a Sample of 5,000 Gathered WiFi). In the past seven years that I’ve lived in Tel Aviv, I’ve changed apartments four times. Every time I...
NYT journalist describes his iPhone being hacked, and the precautions he now takes (9to5Mac) A New York Times journalist covering the Middle East has described the experience of his iPhone being hacked, and the security precautions ...
Old Hollywood CCTV camera hack actually works on modern security cameras (CoolTechZone) We decided to prove multiple Hollywood scenes about spoofing video of security cameras and show that in our hands-on research
Janesville schools hit with ransomware attack locking digital systems (Channel3000.com) The School District of Janesville says it was hit with a ransomware attack over the weekend, locking students, staff and parents out of several web-based systems and programs.
Bulletin (SB21-298) Vulnerability Summary for the Week of October 18, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
CISA Raises Alarm on Critical Vulnerability in Discourse Forum Software (SecurityWeek) CISA over the weekend issued an alert on a critical vulnerability in open source discussion platform Discourse.
Critical RCE Vulnerability in Discourse (CISA) Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.
CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.
Trends
2021 Unisys Security Index™ | Global and Country Insights (Unisys) The Unisys Security Index measures global consumer concerns related to national, personal, financial and Internet security.
Threat Labs Report - September 2021 (Netskope) Cloud-enabled threats: Google Drive remains the app for which Netskope blocks the most malware. Google Gmail, previously not in the top 5, rose as attackers delivered malicious Office documents via email attachments
Appsec Stats Flash (WhiteHat Security) The state of application security is rapidly evolving and there is a need for a more frequent analysis of the threat landscape.
Deepfakes, Cryptocurrency and Mobile Wallets: Cybercriminals Find New Opportunities in 2022 (Check Point Software) Check Point Software 2022 Cyber-security Predictions also anticipates an increase in supply chain attacks in the new year Check Point® Software
Menlo Security Survey Sees Orgs Reevaluating Remote Access Strategy (Security Boulevard) A survey of 545 IT decision-makers from organizations in the U.S. and United Kingdom (UK) found three-quarters of respondents (75%) are reevaluating their
As Cyber Events Plague U.S. Execs, Some Still Have No Cyber Plan (PRNewswire) Deloitte's 2021 Future of Cyber survey shows similarities, differences in U.S. and non-U.S. C-suite responses
It’s October. Are you aware of cybersecurity yet? (StateScoop) Cybersecurity awareness month gets a ton of flak, especially from those working in cybersecurity. Does it need revision?
Marketplace
(ISC)² 2021 Cybersecurity Workforce Study ((ISC)²) The (ISC)² Cybersecurity Workforce Study includes the Cybersecurity Workforce Estimate, the Cybersecurity Workforce Gap and insights on the challenges and opportunities surrounding cybersecurity workforce development.
How We Can Narrow the Talent Shortage in Cybersecurity (Dark Reading) Filling crucial roles in cybersecurity and addressing the talent shortage requires rethinking who qualifies as a "cybersecurity professional" and rewriting traditional job descriptions.
Cybersecurity M&A Roundup for October 11-24, 2021 (SecurityWeek) A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021.
Piiano Raises $9M Seed Round to Transform Enterprise Data Privacy (BusinessWire) Piiano, a pioneer of data privacy engineering for the cloud, announced today that it has raised a $9M seed round. The round was led by cybersecurity-f
Devo Whips Up $250M Series E At $1.5B Valuation (Crunchbase News) Cambridge, Massachusetts-based cybersecurity firm Devo Technology has closed a $250 million Series E as the company hopes to ride its strong growth and disrupt the security analytics market.
Onfido acquires EYN to provide innovative acoustic-based liveness detection amid record-breaking global revenue growth (Onfido) -Increased investment in research and development spurs EYN acquisition, pioneers in industry-first acoustic-based anti-spoofing technology
-Key strategic hires in CFO and CCO
TransUnion Enhances Consumer Identity Protection Offerings with Agreement to Acquire Sontiq for $638 million (GlobeNewswire News Room) The combined company will offer comprehensive identity solutions, further empowering consumers and businesses to shape and protect their financial futures...
Amentum again hits accelerator with PAE acquisition (Washington Technology) Amentum in year one of its relaunch as a standalone company went out and acquired DynCorp International. Now in year two, Amentum has set its sights on a second major transaction and this time it's buying PAE.
BackBox closes $32 million Series A for the hybrid multi-cloud era (CTECH) The news also comes with the appointment of Andrew Kahl as the new CEO and a move to Dallas
2019 Cybersecurity Workforce Study ((ISC)²) The (ISC)² Cybersecurity Workforce Study, 2019 is downloadable here. The study is conducted annually to assess the cybersecurity workforce or skills gap and how to recruit, build and strengthen cybersecurity staff or teams.
Researcher Earns $2 Million for Critical Vulnerability in Polygon (SecurityWeek) Security researcher Gerhard Wagner earned a $2 million bug bounty reward for a critical vulnerability in Polygon’s Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times.
GCHQ 'signs deal with Amazon' to host top-secret material (Computing) The UK's spy agencies will use the cloud to boost the use of AI, analytics and other technologies
Amazon signs deal with British spy agencies to boost use of AI for espionage -FT (Reuters) Britain's spy agencies have given a contract to Amazon Web Services (AWS) to host classified material in a deal aimed at boosting the use of data analytics and artificial intelligence (AI) for espionage, the Financial Times reported on Monday.
Northern Virginia Technology Council Announces 2021 NVTC Capital Cyber (PRWeb) The Northern Virginia Technology Council (NVTC), the trade association representing the national capital region’s technology community, today announced the wi
Salt Security Named 2021 CISO Choice Award Winner for Application Security (PR Newswire) Salt Security, the leading API security company, today announced it was named the winner in the Application Security category of the 2021 CISO...
Darktrace Plunges After Peel Hunt Forecasts 50% Downside (Bloomberg) Some experts consider product a ‘gimmick,’ broker says. Spokeswoman says firm provides protection, customers satisfied.
Cybersecurity firm Darktrace tumbles after broker’s bearish note (Times) A high flying cybersecurity specialist lost just over a fifth of its market value yesterday after concerns were raised over the quality of Darktrace’s products and size of its target market. The group, which listed on London’s main market in April, is set to enter the FTSE 100 tomorrow, replacing th
US retail giants pull Chinese surveillance tech from shelves (TechCrunch) Home Depot, Best Buy, and Lowe's removed the Chinese video surveillance makers over links to human rights abuses.
Cofense Joins Microsoft Intelligent Security Association (MISA) (BusinessWire) Nominated for membership based on Cofense PhishMe's Recipient Sync feature, Cofense has joined the Microsoft Intelligent Security Association (MISA).
CIS Mobile Launches Mobile Integration Center in Northern Virginia Headquarters (EIN) Company Partners with Multiple Tech Providers to Secure Mobile Devices In, Around Federal Facilities
Aryaka Names Ed Pearce as National Channel Director – North America (BusinessWire) Aryaka, the leader in fully managed SD-WAN and SASE, chooses Ed Pearce as National Channel Director for North America
Keeper Security Expands Leadership Team with Tristen Yancey as VP of Public Sector (PR Newswire) Keeper Security, the leading provider of zero-knowledge security and encryption software covering password management, dark web monitoring,...
Rick Waddell, Lieutenant General (Ret.), U.S. Army Reserve Joins KnectIQ Advisory Board (PR Newswire) KnectIQ Inc., an innovator in cybersecurity technology, today announced Rick L. Waddell, Lieutenant General (Ret.), U.S. Army Reserve has...
Products, Services, and Solutions
Jumio Launches End-to-End Orchestration for its KYX Platform to Deliver Holistic View of Consumer Identities and Risk (BusinessWire) Jumio, the leading provider of AI-powered end-to-end identity verification, eKYC and AML solutions, today announced the launch of an intuitive no-code
Quest Releases SharePlex 10.1.1 to Expand Oracle Data Replication to Azure Cloud Services, Maximizing Resiliency, Lowering Costs and Reducing Risk (GlobeNewswire News Room) SharePlex 10.1.1 helps customers move their Oracle data in real-time into Microsoft Azure cloud servicesFacilitates continuous high-speed replication of...
AT&T Launches 5G Managed Advanced Security Capabilities to Further Protect Enterprise Network Infrastructure (PR Newswire) What's the news? AT&T* is introducing comprehensive, managed advanced security capabilities for 5G network deployments. The first security...
Illumio Introduces Illumio CloudSecure for Cloud-Native Application Visibility and Control to Accelerate the Path to Zero Trust (Illumio) New Agentless Solution Delivers Zero Trust Segmentation of Cloud-Native Applications in Multi- and Hybrid Cloud Environments
Check Point Software Brings Infosec Institute's Award-Winning Security Awareness Training to Leading Cyber Solutions Platform (Yahoo Finance) Infosec Institute, the leading cybersecurity education company, today announced it has partnered with Check Point Software Technologies to bring its award-winning security awareness training and phishing simulator to the Check Point Technology Partner Alliance. Check Point Software is a leading provider of cybersecurity solutions to governments and corporate enterprises globally.
Group-IB Fraud Hunting Platform Delivers Substantial ROI (PR Newswire) Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation...
CrowdStrike & AWS Provide Protection Against Ransomware & Identity-Based Threats (CrowdStrike) CrowdStrike announced new features to the Falcon platform that work with Amazon Web Services to protect customers from complex ransomware & cyber attacks.
ionir Extends Support for CI/CD Pipeline Acceleration (PR Newswire) ionir, a leader in Kubernetes Data Services, today announced updates to its cloud-native data services platform with new capabilities focused...
Veriff Launches New Account Onboarding, Arming FinTech Companies with Next-Gen Security Features (WIBW) Innovative, built-in KYC requirements ensure trust between businesses and consumers online
Hiscox CyberClear® Offering Expands to 50 States (Hiscox) Florida is the latest and final state to be admitted
Ivanti Extends Neurons Platform to Help Customers Further Improve Network Security, Automate Compliance, and Maximize Productivity (Ivanti) Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today anno
Technologies, Techniques, and Standards
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (Mandiant) In December 2020, FireEye uncovered and publicly disclosed a widespread campaign conducted by the threat group we track as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to on-premises networks to gain unauthorized access to the victim’s Microsoft 365 environment.
Expert Q&A: How to use honeypots to lure and trap bots (PerimeterX) As bots become more sophisticated, detection and blocking need to stay one step ahead of them.
Design and Innovation
Dev-Sec Convergence: New Research Details Progress and Challenges on the Road to Secure Innovation (PR Newswire) Nearly all organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace...
Socure Publishes Industry’s First Digital Identity Fairness and Inclusion Report (BusinessWire) Socure, the leading provider of digital identity verification and fraud solutions, today at Money 20/20 announced the industry’s first Digital Identit
Academia
What is a cybersecurity degree? (ZDNet) Thinking about pursuing cybersecurity training? A cybersecurity degree could boost your future career. Here's what to expect in cybersecurity school.
Legislation, Policy, and Regulation
New hacking efforts show Russia undeterred by US actions (TheHill) A year after Russian government hackers compromised almost a dozen U.S. federal agencies, renewed efforts by the same group to target the global IT supply chain are painting a picture of a defiant Russia undeterred by U.S.
China is accused of exporting authoritarian technology. But the west has done so, too, more covertly (The Conversation) While it may be difficult to enact a global set of regulations on surveillance technologies, individual countries can take the lead with enhanced monitoring and stronger laws.
Facebook Whistleblower Frances Haugen Calls for New Tech Laws in Europe (Wall Street Journal) Frances Haugen tells U.K. lawmakers that social-media platforms should be required to disclose actions to combat misinformation and hate speech.
Facebook whistleblower testifies to UK parliament (TechCrunch) Frances Haugen, one of (now) multiple Facebook whistleblowers who have come forward in recent years with damning testimony related to product safety, gave testimony in front of the UK parliament today — where, in one key moment, she was invited to clarify her views on end-to-end encryption fo…
Britain Wants to Use Its New Cyber Command to 'Hunt' Ransomware Gangs (Gizmodo) A week or so after revelations about an FBI plot to hack a prominent ransomware gang, Britain has announced new offensive operations against cybercrime groups.
Australia plans to force parental consent for minors on social media (Reuters) Australia unveiled plans on Monday to make social media companies obtain parental consent for users under the age of 16, with multimillion dollar fines for failing to comply.
YouTube, TikTok Defend Teen Privacy Plans Amid Facebook Scrutiny (Bloomberg) Senators say Facebook shows protection needed across the board. Companies to argue they have existing protections in place.
WSJ News Exclusive | State Department to Form New Cyber Office to Face Proliferating Global Challenges (Wall Street Journal) The organizational changes are intended to confront cybersecurity challenges like ransomware and waning global digital freedom, the latest overhauls by the administration aimed at prioritizing cyber threats as a top-tier national security issue.
State Department will form new cyber bureau (CNN) The Biden administration is launching a new bureau for cyberspace and digital policy at the State Department as part of an effort to strengthen diplomats' cyber expertise, Secretary of State Tony Blinken announced in an email to the department's workforce on Monday.
US State Department to establish new cyber bureau led by ambassador ( The Jerusalem Post | JPost.com ) The US State Department said on Monday it plans to establish a bureau of cyberspace and digital policy that will be led by a Senate-confirmed ambassador at large, spokesperson Ned Price said.
First on CNN: Biden administration expected to name GOP official who challenged Trump's lies to key election security role (CNN) The Biden administration is expected to name Kim Wyman, a Republican secretary of state who challenged former President Donald Trump's false claims of election fraud, to lead the Department of Homeland Security's efforts to protect future elections from foreign and domestic interference, multiple people familiar with the matter tell CNN.
Litigation, Investigation, and Law Enforcement
Julian Assange: what to expect from the extradition appeal (the Guardian) US has assured courts he could be jailed in native Australia and not held under maximum security
Kansas Man Admits Hacking Public Water Facility (SecurityWeek) Roughly seven months after being indicted for his actions, a Kansas man admitted in court to tampering with the systems at the Post Rock Rural Water District.
Secure email group Proton wins Swiss appeal over surveillance rules (Reuters) Geneva-based Proton AG, the company behind ProtonMail and ProtonVPN, has won an appeal regarding its treatment under Swiss law governing telecommunications surveillance, a Swiss court said on Friday.
New Standard Contractual Clauses: 10 Things You Need to Know (cyber/data/privacy insights) On the third anniversary of the General Data Protection Regulation, Cooley launched a series of webinar focused on the GDPR. The GDPR permits the transfer of data from the European Union and the European Economic Area (EEA) to third countries using standard contractual clauses (SCCs), which are a
FBI Given Power To Unlock Capitol Riot Suspect Phone With His Fingerprint (Forbes) January 6 investigators get a warrant to open devices using a defendant’s fingerprint. Though he’d been accused of assaulting officers with pepper spray, forced fingerprint unlocks remain a legally-questionable power.