Attacks, Threats, and Vulnerabilities
Iran suspects Israel and US behind fuel cyber attack (France 24) An Iranian general has said Israel and the United States were likely to have been behind a cyber attack that interrupted the distribution of fuel at service stations.
Iran says Israel, U.S. likely behind cyberattack on gas stations (Reuters) Iran's civil defence chief on Saturday accused Israel and the United States of being the likely culprits behind a cyberattack which disrupted gasoline sales across the Islamic Republic, but said a technical investigation was yet to be completed.
Intelligence chief: People will be informed about cyber-attack (Tehran Times) Iranian Intelligence Minister Seyyed Esmail Khatib said on Saturday that all pieces of information regarding the cyber-attack on gas stations on Tuesday supplement each other.
A cyberattack paralyzed every gas station in Iran (NPR.org) Ebrahim Raisi's remarks stopped short of assigning blame for the attack, which rendered useless the government-issued electronic cards that many Iranians use to buy subsidized fuel at the pump.
Cyber Attack Successfully Crippled Iranian Gas Stations. This Should Worry U.S. (ClearanceJobs) An online attack crippled essentially every gas station across Iran, despite the fact that the nation is a leading exporter of oil.
Cyberattack targets National Bank of Pakistan, causes nationwide disruption (Samaa TV) Hackers have targeted a section of the computer system at the National Bank of Pakistan (NBP) and caused disruption which may result in payment delays for thousands of public sector employees. NBP President Arif Usmani has confirmed the cyber attack. He said the hackers failed to gain access to the NBP's main servers, though they did take control of some of the computers running Microsoft's software. The cyberattack was launched on the night between Friday and Saturday, Usmani said. The cyberattack disrupted NPB services throughout the country, prompting fears that the payment of salaries and pensions to public sector employees would be delayed, SAMAA TV reported. The State Ba...
National Bank of Pakistan gets hit by cyberattack, reports no financial loss or data breach (WION) In a recent cyberattack on its servers, National Bank of Pakistan (NBP) informed that no financial loss or data breach has been observed, the bank said on Saturday. It did report that the attack impacted “some of the bank’s services”.
Graff cyber attack: 'Tycoons and celebrities on leak list as Russian gang demands ransom' (Sky News) The data theft was carried out by Russian group Conti, believed to be based near St Petersburg, which has already leaked 69,000 confidential documents on the so-called dark web, according to reports.
Massive cyber heist rocks high society jeweller Graff (Daily Mail) Russian gang demand multi-million ransom or they'll release private details of rich and famous - after leaking files on David Beckham, Oprah and Donald Trump.
Chaos ransomware targets gamers via fake Minecraft alt lists (BleepingComputer) The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums.
An Apparent Ransomware Hack Puts the NRA in a Bind (Wired) The group behind the reported attack is under sanctions from the US Treasury, which means a payout could come with penalties for the victim.
Microsoft documents “SHROOTLESS” hack patched in latest Apple updates (Naked Security) We’d have called this bug “SHROOTMORE”, but naming it wasn’t our call.
Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation (SecurityWeek) Microsoft has published information on a vulnerability in Apple’s macOS platform that could allow an attacker to bypass System Integrity Protection (SIP) and modify operating system files.
Fortinet Security Researcher Discovers Multiple Vulnerabilities in Adobe Illustrator (Fortinet Blog) FortiGuard labs discovered and reported multiple zero-day vulnerabilities in Adobe Illustrator. Learn about the vulnerabilities and root causes.…
Massachusetts Health Network Hacked; Patient Info Exposed (SecurityWeek) A Worcester, Mass. health care network says someone hacked into its employee email system, potentially exposing the personal information of thousands of patients.
Hacker accessed medical info of thousands in email breach at UMass Memorial Health (Telegram & Gazette) UMass Memorial Health, in an Oct. 15 notice sent to patients, said an unauthorized person accessed the accounts between June 2020 and January 2021.
Location data collection firm admits privacy breach (BBC News) Huq says two apps it collects data from did not seek correct consent from users.
MITRE, CISA Announce 2021 List of Most Common Hardware Weaknesses (SecurityWeek) The 2021 CWE Most Important Hardware Weaknesses list includes 12 types of vulnerabilities.
CWE -
CWE Most Important Hardware Weaknesses (MITRE) Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.
Sugar daddy scams promise weekly payments to young women (Avast) Beware of sugar daddy scams lurking on your favorite social media platform. When you come across such cases, if possible, report them directly to the network where they appear, whether it’s Instagram, Facebook, TikTok, or another channel.
Email scams are catching crypto investors offguard and stealing millions (The Block) Scammers have been increasingly using a common email phishing attack to target wealthy crypto investors — and it's been working.
Hackers threaten to out Israeli LGBTQ dating site users (France 24) A hacking group calling itself Black Shadow threatened Sunday to reveal personal details of a million users of Israeli's leading LGBTQ dating site, an attack some cyber experts linked to Iran.
Art Basel Parent Group MCH Hit With Cyber Attack That May Have Breached Clients' Personal Data (Artnet News) Art Basel parent MCH Group was hit with a data breach last week and will keep clients updated about next steps.
Wealthy art world warned after Art Basel hit by criminal cyberattack (Page Six) MCH Group warns people their data may have been breach and has filed a criminal complaint against the “perpetrators unknown to us.”
Cyber attack: Information and recommendations to our customers and partners (MCH Group) The MCH Group is a leading international live-marketing company with a comprehensive network of services in the exhibition and event market and offers customised marketing solutions.
TTC investigating after hit by ransomware attack (CP24) The Toronto Transit Commission says it is investigating a ransomware attack that knocked down some of its communications systems and affected a number of its services Friday.
Roblox Servers Are Turning Back On (Slowly) After 60+ Hour Outage (Kotaku) According to Roblox's status page, all versions of the game have been down since Oct 28 starting at 7 pm EST
Comments to the US Secretary of Energy’s Advisory Board on lack of process sensor cyber security (Control Global) October 28, 2021, US Secretary of Energy Granholm held the first meeting of her Advisory Board (SEAB). The SEAB meeting can be found at https://www.energy.gov/seab/seab-meetings. The Board was established to provide advice and recommendations to the Secretary on the Administration’s energy policies; the Department’s basic and applied research and development activities; economic and national security policy; and other activities as directed by the Secretary.
Security Patches, Mitigations, and Software Updates
Google Fixes Two Chrome Zero-Day Flaws (Decipher) The two zero-day flaws were part of eight vulnerabilities patched this week in Google Chrome.
Google fixes two high-severity zero-day flaws in Chrome (ZDNet) This is the third set of zero-day patches for Chrome in three months.
Apple fixes security feature bypass in macOS (CVE-2021-30892) (Help Net Security) Apple has fixed CVE-2021-30892, a System Integrity Protection (SIP) bypass in macOS and CVE-2021-30883, an iOS flaw exploited by attackers.
Trends
Report: 37% of IT admins fear software vulnerabilities more than cyber threats (VentureBeat) IT administrators remain on the front lines of security, tasked with managing user devices, identities, and access to all IT resources.
Security AI is the next big thing (VentureBeat) This isn't a takeover by cybersecurity AI; it's a force multiplier for security teams and doing a lot of work behind the scenes.
Enterprise security spending in Australia to increase at 6.7% CAGR over 2020-2025, reveals GlobalData - GlobalData (GlobalData) The total addressable market size of IT security in Australia, in terms of enterprise spending, is set to grow at a CAGR of 6.7% to...
McAfee Enterprise and FireEye 2022 Threat Predictions (FireEye) Ransomware, nation states, social media and the shifting reliance on a remote workforce made headlines in 2021. Bad actors will learn from this year’s successful tactics, retool, and pivot them into next year’s campaigns wielding the potential to wreak more havoc in all our lives.
Zoom, Slack, Google Hangouts and More: The Hidden Risks of Remote Work (Wall Street Journal) A researcher says they have many benefits. But they also come with four big downsides: isolation, exclusion, surveillance and self-censorship.
Marketplace
Network automation provider BackBox will scale SaaS offerings with newly raised $32M (VentureBeat) BackBox, a network automation service provider, has raised $32 million in venture capital. It plans to spend the proceeds on growth projects.
Melbourne MSSP PMT Security expands into telco, mobile remediation services (CRN Australia) Taps Sam Jamil to lead new division.
ManTech to Acquire Gryphon Technologies (Globe Newswire) Acquisition Expands Advanced Digital Engineering Capabilities Across the Department of Defense
The Metaverse Is Mark Zuckerberg’s Escape Hatch (New York Times) If his new strategy works — a big if — it could help address several of Facebook’s biggest problems.
Meta (Stratechery by Ben Thompson) Facebook’s reorganization into Meta is the ultimate bet on the power of founder control.
The Facebook name was such a drag that employees referred to it as a 'brand tax' (CNBC) "Brand tax" is the term Facebook employees have used to refer to the negative impact Facebook has on its other brands.
Opinion: A name change can’t fix what’s broken at Facebook (Washington Post) A friend recently applied for a job at Facebook and the first interview question was: “Well, what do we do?” The now-obvious answer should have been, “Change your name.”
How to Fix Social Media (Wall Street Journal) Twelve leading figures from tech, government and academia —including Nick Clegg, Amy Klobuchar, Josh Hawley and David French—discuss how to deal with the problems posed by the biggest social media sites.
NSO Group Announces New Leadership Structure (NSO Group) Founder Shalev Hulio to Become Vice Chairman of the Board and the Global President. Isaac (Itzik) Benbenisti Named CEO.
Toronto-Based Cyber Insurer BOXX Insurance Appoints Dominic Steptoe as Global Chief Product Officer (Longview News-Journal) BOXX announces Dominic Steptoe, former AMEX executive, appointed as Chief Product OfficerBOXX announces first office in Europe
Trulioo Appoints Shradha Mittal as Senior Vice President of People (MarTech Series) Trulioo, the leader in global identity verification, announced the appointment of Shradha Mittal as Senior Vice President of People & Culture.
Products, Services, and Solutions
AT&T Plants Palo Alto Networks’ Firewall Into Managed 5G Security (SDxCentral) AT&T introduced a managed firewall service for 5G network deployments that combines its security services with Palo Alto Networks’ firewall.
Omdia Features Panorays' Unique Solution in New Report (Panorays) Omdia discusses how Panorays' TPSRM technology helps organizations detect and manage the risks posed by suppliers, contractors and channel partners.
VMware Pushes SASE Into Amazon’s Eero and Your Home (SDxCentral) VMware and Amazon-owned mesh WiFi vendor Eero teamed up this week to bring the benefits of secure access service edge (SASE) to your home.
CountryMark selects odix to provide protection from ransomware and zero-day attacks - odix Content Disarm and Reconstruction (CDR) (odix Content Disarm and Reconstruction (CDR)) odix will provide advanced cloud and file sanitization services to CountryMark through a range of odix’s advanced deep file inspection products...
The U.S. senate makes security intrinsic with VMware (CoolTechZone) Hackers from all over the world are targeting credit unions. With the threat of serious infrastructure data breaches expected to grow, USSFCU needed to update its legacy I.T. environment to strengthen security and streamline security operations.
Aryaka Unveils ‘Accelerate’ Agent Partner Program (BusinessWire) Managed SD-WAN & SASE leader, Aryaka, strengthens its partner-led strategy--new channel leadership, simplified packaging & pricing, and online quoting
Qualys Teams with TD SYNNEX to Deliver Leading Security Solutions Including Vulnerability Management, Detection and Response and Patch Management via the Qualys Cloud Platform (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, has partnered with...
New infosec products of the week: October 29, 2021 (Help Net Security) The featured infosec products this week are from: Avast, Data Theorem, Jumio, Quest and Secure.
Technologies, Techniques, and Standards
Three OT security lessons learned from 2021's biggest cyber incidents (Help Net Security) There are three key OT security lessons to be learned, so that other organizations can avoid repeating history.
Spot The Imposter: Tackling the Rise in Social Engineering Scams (Payments Journal) In today’s world, social engineering is at the heart of nearly every cyberattack. Using personal details collected from social media, data breaches, and the dark web, cybercriminals deploy well-crafted schemes with every sign of legitimacy. Even the savviest of individuals and businesses can fall victim to these sophisticated scammers.
Are immutable backups the last line of defence against ransomware attacks? (TelecomTV) These is no universal nostrum to prevent a ransomware attack…… they may avoid be impossible to avoid but the impact can be mitigated'Sleeper Attacks' are a big…
‘Mungadai’ offers 1st Cyber Battalion Soldiers one arduous day of building leadership, team spirit (DVIDS) Mungadai? What the heck is a mungadai? The term is believed to come from a 13th century test of skill and endurance used by Genghis Khan to select the Munga-Dai, his elite Mongolian cavalry forces. For the Soldiers of the 1st Cyber Battalion of the Army Cyber Protection Brigade it signified a recent daylong adventure challenge competition designed to test leadership and build esprit de corps and warrior skills as a team.
Safeguarding the B2B sharing economy (Help Net Security) Many businesses engaged in the B2B sharing economy are increasingly aware of is that engagement often carries considerable liability risk.
With agencies preparing for the future of work, Ahuja says OPM is ready to help (Federal News Network) The Office of Personnel Management is preparing new telework and remote work guidance for agencies.
Academia
Big Teacher Is Watching: How AI Spyware Took Over Schools (Bloomberg) The pandemic caused schools to embrace laptops, tablets, Zoom, and an app called GoGuardian that tracks everything students (and, sometimes, parents) do online.
Students go head to head in the 'Capture the Flag' competition (rocketcitynow.com) Raytheon Technologies hosted the competition on the campus of Oakwood University.
Ransomware Has Disrupted Almost 1,000 Schools in the US This Year (Vice) There have been more than 70 ransomware attacks affecting around 1,000 U.S. schools this year, and it may get worse before it gets better.
Legislation, Policy, and Regulation
The Fall and Rise of Techno-Globalism (Foreign Affairs) Democracies should not let the dream of the open Internet die.
WSJ News Exclusive | Left Behind After U.S. Withdrawal, Some Former Afghan Spies and Soldiers Turn to Islamic State (Wall Street Journal) Hunted by the Taliban and lacking income, some members of Afghanistan’s disbanded security forces are enlisting in the only force currently challenging the country’s new rules.
China's personal data protection law kicks in today (ZDNet) Passed in August, the Personal Information Protection Law takes effect on November 1, spelling out rules around data collection, use, and storage, as well as what international companies must do when they transfer data out of the country.
China proposes special rules for “super large” internet platforms (The Record by Recorded Future) China’s State Administration for Market Regulations (SAMR) has created a new category for Chinese internet companies: the “super large platform” and, the agency made clear in new guidelines, such designations come with great responsibility.
Rivals on World Stage, Russia and U.S. Quietly Seek Areas of Accord (New York Times) There have been a series of beneath-the-surface meetings between the two countries as the Biden administration applies a more sober approach to relations with the Kremlin.
Biden administration officials outline steps to tackle urgent cyber threats (TheHill) Top Biden administration officials on Thursday outlined steps taken to confront the increase in cyber threats against the nation, including through strengthening key critical infrastructure groups.
A Proclamation on Critical Infrastructure Security and Resilience Month, 2021 | The White House (The White House) For generations, American infrastructure -- from the Erie Canal and the Transcontinental Railroad to the Hoover Dam -- has been a cornerstone of our
Biden’s cybersecurity executive order, a progress report (CSO Online) Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.
Infrastructure Bill’s Broadband Plan Shrouded From Scrutiny (Wall Street Journal) A provision of Congress’s $42 billion plan to expand broadband into underserved areas could exempt it from Freedom of Information and Privacy Acts.
Bacon bill seeks to sharpen federal response to cyberattacks (Ripon Advance) U.S. Rep. Don Bacon (R-NE) introduced a bill last week that would require a review of the U.S. Department of Homeland Security’s (DHS) cyberattack response plans, following high-profile ransomware attacks earlier this year on major energy and food companies.
Australia should invest in a home-grown quantum industry (The Strategist) The recently announced AUKUS technology-sharing pact is about much more than the United Kingdom and United States helping Australia get nuclear-powered submarines; it is an agreement to share platforms and innovation costs for advanced technologies ...
Britain Leads the Way for Reining In Facebook, Twitter, YouTube (Bloomberg) The U.K. is wrapping up one of the world’s most promising new laws for curbing social media harms.
Litigation, Investigation, and Law Enforcement
Europol detains hackers behind 2019 Norsk Hydro ransomware attack (TechCrunch) The EU police agency said 12 individuals were targeted in raids in Ukraine and Switzerland following a two-year investigation.
Europol detains suspects behind LockerGoga, MegaCortex, and Dharma ransomware attacks (The Record by Recorded Future) Europol said it detained 12 suspects this week it believes were part of a professional criminal group that orchestrated a long string of ransomware attacks that targeted large companies and which hit more than 1,800 victims across 71 countries since 2019.
Future of Bengal's Pegasus panel uncertain after SC sets up committee (Weekend Leader) With the Supreme Court appointing an independent expert technical committee to examine allegations that the government used Israeli spyware, Pegasus, the future of the two-member commission, formed by the West Bengal government three months before, to probe the issue is unclear
GAO Sides With Microsoft in Massive NSA Contract Protest (Nextgov.com) NSA awarded the contract to Amazon Web Services in July.
Zuckerberg, Sandberg Should Face Criminal Probe, Liberal Nonprofit Group Says (Bloomberg) American Economic Liberties Project writes to DOJ, SEC, FTC. Facebook declined to comment on series of allegations.
Orgies, harassment, fraud: Satanic Temple rocked by accusations, lawsuit (Newsweek) Can you defame a religion? The answer to that question could cost four former members of The Satanic Temple more than $140,000.
12 People Arrested Over Ransomware Attacks on Critical Infrastructure (SecurityWeek) Europol announces the arrests of 12 individuals suspected of launching cyberattacks on critical infrastructure using ransomware such as LockerGoga, MegaCortex and Dharma.
Proofpoint Bid To Double $14M Verdict Meets Skeptical Judge (Law360) A California federal judge expressed skepticism Friday at cybersecurity firm Proofpoint Inc.'s bid for exemplary damages that would nearly double a $14 million verdict after a jury found Vade Secure maliciously stole Proofpoint's trade secrets, saying she's struggling to see how the jury reached its finding that Vade Secure acted with malice.
Man charged with hacking MLB, NBA, NFL, and NHL user accounts to stream games (The Record by Recorded Future) The US Department of Justice has filed charges today against a Minnesota man who hacked MLB, NBA, NFL, and NHL user accounts in order to supply content to a pirate streaming website that he operated.
Northern Virginia police increase presence at malls and transit hubs amid warnings about possible terror plot (CNN) Authorities in northern Virginia announced an increased police presence Friday amid warnings about a possible terror plot.
The most vital battle for press freedom in our time (New Age) IF ASSANGE is extradited and found guilty of publishing classified material it will set a legal precedent that will effectively end national security reporting.
For...