Attacks, Threats, and Vulnerabilities
Robinhood discloses data breach impacting 7 million customers (BleepingComputer) Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers.
Robinhood Hack Exposes Millions of Customer Names, Email Addresses (Wall Street Journal) The trading app said an intruder gained access to its systems last week and made off with the personal information of millions of its users.
Robinhood Security Breach Exposes Data on Millions of Users (Bloomberg) Brokerage says 5 million email addresses compromised in attack. Firm says it doesn’t believe clients incurred financial losses.
Robinhood Hacked, Millions of Names, Emails Stolen (SecurityWeek) Robinhood said a security breach exposed names and email addresses for millions of users and “extensive account details” for what appeared to be very specific targets
Robinhood Announces Data Security Incident — Under the Hood (Under the Hood) Late in the evening of November 3, we experienced a data security incident. An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers
Hackers have breached organizations in defense and other sensitive sectors, security firm says (CNN) Suspected foreign hackers have breached nine organizations in the defense, energy, health care, technology and education sectors -- and at least one of those organizations is in the US, according to findings that security firm Palo Alto Networks shared exclusively with CNN.
Hackers Breached Global Defence Organisations in 'Massive Espionage Campaign' Claims Security Firm (Sputnik International) After US infrastructure witnessed a swathe of hack attacks, including ransomware assaults this year, the State Department announced in July it was offering up to a $10 million reward for information to help identify those engaged in...
Global Companies Compromised via ADSelfService Plus Exploitation (SecurityWeek) At least nine global entities across multiple sectors were compromised in attacks exploiting a ManageEngine ADSelfService Plus security flaw.
MediaMarkt hit by Hive ransomware, initial $240 million ransom (BleepingComputer) Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany.
MediaMarkt victim of international cyber attack (RetailDetail) MediaMarkt and its stores have been hit by a large-scale cyber-attack. The electronics retailer's international computer systems are said to have been 'held hostage' by a ransomware attack.
Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog (JFrog) Background Embedded devices with limited memory and storage resources are likely to leverage a tool such as BusyBox, which is marketed as the Swiss Army Knife of embedded Linux. BusyBox is a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find …
US Government Contractor EWA Discloses Data-Theft Breach (SecurityWeek) Electronic Warfare Associates said its email system was compromised in August by hackers who stole social security numbers and other personally identifiable information.
Alleged Russian Hacks of Microsoft Service Providers Highlight Cybersecurity Deficiencies (VOA) Microsoft disclosed last month that alleged Russian state-backed hackers ‘Nobelium’ successfully compromised up to 14 IT service providers this year
Latest Russia-Linked Attacks Put Cloud Security In Spotlight (Dice Insights) The Russia-linked group believed responsible for the SolarWinds attack in 2020 is back, putting the cloud again in the security spotlight.
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored (The Hacker News) Two popular NPM packages with a cumulative weekly download of nearly 22 million have been found to be compromised with malicious code.
BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups (The Hacker News) BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups | Read latest news headlines on latest news and technical coverage on cybersecurity, infosec and hacking.
Researchers uncover software flaws leaving medical devices vulnerable to hackers (CNN via Erie News Now) Researchers say they have found more than a dozen vulnerabilities in software used in medical devices and machinery used in other industries that, if exploited by a hacker, could cause critical equipment such as patient monitors to crash.
Personal info of 25,000 current and former TTC employees may have been stolen in cyber attack, agency says (Toronto Star) The same incident, described as a ransomware attack, knocked several key internal agency systems offline.
Israeli hospital's IT system still down weeks after cyber-attack (The Jerusalem Post) Health Ministry is working on new regulations to protect the hospitals as its technology unit thwarts around 100,000 threats a month, official tells Knesset Health Committee.
Cheese Barrel Prices Tumble After Cyberattack on U.S. Manufacturer (Bloomberg) Prices for some processed American cheeses are plummeting as the largest U.S. manufacturer quietly recovers from a cyberattack.
Vulnerability Summary for the Week of November 1, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
November 2021 Patch Tuesday forecast: More mandates in the United States (Help Net Security) Todd Schell offers a November 2021 Patch Tuesday forecast and presents what we'll probably have to patch this month.
Trends
Human Error Is One Of the Prime Reasons Behind Security Breaches For Indian Businesses (Entrepreneur) Human error is one of the significant factors that facilitates cybersecurity breaches in an organization. A Sophos report shows how Indian businesses lack appropriate preparedness levels when it comes to cybersecurity. However, there is a silver lining. This article discusses the report's key findings and why there is a need for Indian businesses to adopt robust cybersecurity measures.
Survey Reveals Expanding CISO Influence (Coalfire.com) Today Coalfire, in partnership with cybersecurity media thought leader, Dark Reading, released The State of CISO Influence 2021 report, finding that chief information security officers (CISOs) have found their rightful place within the greater organizational management sphere of influence.
Research Finds Alarming Jump in Phishing Attacks (PhishLabs) PhishLabs Threat Trends and Intelligence Report show attacks grow 31.5% year-to-date over 2020, with social media attacks continuing to climb; September more than doubles its phishing activity over the same month last year.
Four Out of Five Cybersecurity Leaders Now Use Microsegmentation to Pr (PRWeb) In today’s era of remote employees and an ever expanding variety of connected devices, network security is becoming increasingly complex.
Marketplace
Identity Firm Socure Secures $450M Round At $4.5B Valuation (Crunchbase News) New York-based digital identity verification firm Socure closed a $450 million round at a $4.5 billion valuation as more companies go digital and fraud escalates.
The Briefing: Drata Raises $100M, H20.ai Lands $100M, And More (Crunchbase News) Crunchbase News' top picks of the news to stay current in the VC and startup world.
Drata Scores $100M Investment for Security and Compliance Automation (SecurityWeek) As cybersecurity valuations soar, Drata banks $100 million in a funding deal that values the company north of $1 billion.
SafeBreach raises $53.5 million for cyberattack simulation platform (CTECH) The Israeli startup’s security validation platform automatically executes thousands of attack methods to validate network, endpoint, cloud, container and email security controls against its hacker’s playbook
SafeBreach Closes $53.5 Million Series D New Funding to Fuel Momentum (safebreach) Breach and Attack Simulation leader to accelerate growth with investment led by Sonae IM, Israel Growth Partners, and strategic investor ServiceNow
McAfee to be Taken Private in $14 Billion Private Equity Deal (SecurityWeek) McAfee has agreed to be acquired by a group of private equity firms in a deal valued at more than $14 billion, the company announced.
McAfee agrees to be taken private again in $14B deal with Advent-led group (Silicon Valley Business Journal) McAfee Corp. officially plans to go private again.
BlueHalo acquires Citadel Defense (Intelligence Community News) Arlington Capital Partners announced on November 8 that its portfolio company, BlueHalo, a provider of advanced engineering solutions and technology to the national security community, has acquired Citadel Defense Company.
Darktrace Plunge Driven by ‘Fear Not Fact,’ Berenberg Says (BloombergQuint) A new research note has defended Darktrace Plc, the U.K. cybersecurtity firm whose shares have plummeted since a broker recommended selling the stock last month.
Cybersecurity M&A Roundup for First Week of November 2021 (SecurityWeek) A dozen cybersecurity-related acquisitions were announced in the first week of November 2021.
Panaseer Selected as a CIS Development Partner (PR Newswire) Panaseer, an enterprise security company, today announces that it has partnered with the Center for Internet Security, Inc. (CIS®) to further...
Huawei Strikes Back (Foreign Affairs) To beat China on tech, America must invest in the developing world.
Versa Networks is Recognized as a Visionary in the Gartner® Magic Quadrant™ for Network Firewalls (Yahoo Finance) Versa Networks, the recognized secure access service edge (SASE) leader, today announced that Gartner has recognized it as a Visionary in the 2021 Magic Quadrant for Network Firewalls1 report.
Code42 Growth Expansion: Opens Two New Offices in Austin and Atlanta (Code42) Code42, the Insider Risk Management leader, today announced its next phase of growth will include the opening of two new office locations in Austin, one of the fastest growing tech hubs in the U.S., and Atlanta, home to more than a dozen cybersecurity companies. Like Code42’s locations in Minneapolis, Washington, DC, Denver and London, the […]
US-Saudi business diplomacy firm Quincy Group looks for new outlets after losing star cyber consultant (Intelligence Online) Kenneth Close, head of business diplomacy specialist Quincy Group, which helps American groups to do business in Saudi Arabia, is looking to diversify its activities following the departure of
Huntington Ingalls Industries Announces New Cyber and Electronic Warfare Business Group President For Its Technical Solutions Division (StreetInsider.com) Huntington Ingalls Industries (NYSE: HII) announced today that Grant Hagen has been named president of its Technical Solutions division Cyber and Electronic...
Carlos Morales Joins Ultra-Low Power Semiconductor Technology Leader Ambiq As Vice President of AI (Ambiq) Ambiq announces that Carlos Morales has joined the company as Vice President of Artificial Intelligence (AI). Learn more.
Query.AI Doubles Down on Customer Centricity to Meet Rapidly Accelerating Market Demand for Security Investigations Platform (Query.ai) Query.AI, announced the expansion of its executive team with the addition of Ron Schnackenberg to lead it customer success organization.
Products, Services, and Solutions
Palo Alto extends partnership with Siemens (Enterprise Times) Palo Alto has extended its relationship with Siemens to prevent attacks on critical infrastructure.
Akamai Redefines WAAP Simplicity and Automation with New App & API Protector (PR Newswire) Akamai Technologies, Inc. (NASDAQ: AKAM), the world's most trusted solution to power and protect digital experiences, today announces the...
CLEAR partners with Microsoft to improve secure exchange of verified information and credentials (Help Net Security) CLEAR announced its collaboration with Microsoft for the rollout of Microsoft's Azure Active Directory (AD) verifiable credentials.
Rockwell Automation Announces New Initiatives to Bolster Cybersecurity Offering for Customers (BusinessWire) Rockwell Automation, Inc. (NYSE: ROK), the world’s largest company dedicated to industrial automation and digital transformation, today announced new
Introducing a new tool for businesses to better understand their networks (Avast) As well as gaining better visibility into the IT network, Network Discovery provides users with the capability to keep track of unauthorized devices accessing the business network.
Cado Security Partners with SentinelOne to Deliver Cloud-Native Digital Forensics (BusinessWire) Cado Security and SentinelOne partner to enable security teams to launch in-depth cloud attack investigations from SentinelOne's XDR platform.
UL Launches SafeCyber to Secure Connected Devices Around the Globe (PR Newswire) UL, the global safety science leader, today launched its new SafeCyber Digital Security Platform, a suite of solutions aimed at democratizing...
ThreatQuotient Launches ThreatQ v5 to Support the SOC of the Future with Key Data Management Capabilities (BusinessWire) ThreatQuotient today announced v5 of the ThreatQ platform, launching the capabilities needed to support the security operations center of the future.
Plurilock partners with Absolute Software and announces DEFEND Persisted continuous authentication product (Proactiveinvestors NA) “Absolute's cutting-edge Persistence technology will help provide assurance to our customers that their devices will remain protected, and...
Mitiga Releases Cloud Incident Readiness and Response Solution for Ransomware Attacks (PR Newswire) Mitiga, the cloud incident response company, today released the first Ransomware Readiness solution for the cloud to increase resilience to...
Titania | Titania Launches New Module for Organizations Working with U.S. Government Agencies to Meet Cybersecurity Compliance Accurately (RealWire) New Nipper module assesses and automates NIST 800-171 compliance for 89% of requirements linked to the core network; Provides remediation recommendations within minutes
Micro Focus’ CyberRes Delivers on Product Strategy for DevSecOps with Complete CI/CD Integrations (Micro Focus) Micro Focus’ CyberRes Delivers on Product Strategy for DevSecOps with Complete CI/CD Integrations
MOXFIVE Announces Digital Forensics and Incident Response Services to Expand Incident Management Platform (MOXFIVE) MOXFIVE, a technical advisory firm specializing in cybersecurity & information technology, today announced the addition of Digital Forensics and Incident Response (DFIR) services to expand its Incident Management Platform offerings.
Trulioo Match Rate Challenge (Trulio) Ready to level up your identity verification solution? Enter our challenge to see how Trulioo can optimize your match rates
Technologies, Techniques, and Standards
AFP starts week-long cyber defense exercise (Philippine News Agency) The Armed Forces of the Philippines (AFP) on Monday formally started its week-long Cyber Defense Exercise (CYDEX) which is part of the ongoing AFP Joint "DAGIT-PA"."DAGIT-PA" refers to the annual unilateral maneuver that seeks to further enhance its land, air, and maritime assets...
US Army cyber operations team visiting Lithuania (Baltic Times) A team from the Defensive Cyber Operations Element of the Pennsylvania Army National Guard (PAARNG) have been visiting Lithuania...
Design and Innovation
The Turing Test Is Bad For Business (Wired) Technology should focus on the complementarity game, not the imitation game.
Legislation, Policy, and Regulation
Time ripe for treaty on cyberspace (New Straits Times) WE live in an age of digital interdependence where technologies are rapidly transforming societies and economies of nation states with unprecedented challenges to human security.
Joe Sestak: Cyber supremacy, not ships, is key to confronting China (Pittsburgh Post-Gazette) Since World War II, the mission of the U.S. Navy has been to command the seas to assure global access for American sovereign power. But in 2018, the incoming...
Govt Allocates Rs 2 Bn for Cyber Security Team to Protect Govt Institutions (PhoneWorld) The government of Pakistan has allocated a sum of Rs 2 bn to tackle the growing cyber attacks in the country.
Fact Sheet: The Bipartisan Infrastructure Deal (The White House) Today, Congress passed the Bipartisan Infrastructure Deal (Infrastructure Investment and Jobs Act), a once-in-a-generation investment in our nation’s
$1B for state, local cyber is just the first step (POLITICO) State and local governments are finally getting $1 billion to secure their computer systems. But it means nothing if they don’t start prioritizing cyber funding themselves, one expert warns.
Former CYBERCOM Leader Urges Collective Defense Against Cyber Threats (Nextgov.com) Retired general Keith Alexander suggested a collective defense posture.
The CISA Directive Is Crucial for Cybersecurity (Security Boulevard) As the CEO of a cybersecurity company, it’s important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive to federal agencies. The mandate establishes an aggressive timeline for federal agencies to address known vulnerabilities in their environments. More importantly, though, the guidance will change how government agencies deal with cybersecurity moving forward and improve our ability to defend against attacks.
Exclusive: New bipartisan bill to require algorithm-free versions of tech platforms (Axios) The bill requires tech platforms to offer users an option to view content unsorted by algorithms.
Experts Analyze Proposed Bill Allowing Private Entities to 'Hack Back’ (SecurityWeek) Proposed bill (S. 2292) was designed to require DHS to study and report on the risks and benefits of allowing private organizations to hack back at cyber aggressors
U.S. Government Must Do More to Protect Its Data and Systems (The State of Security) This Tripwire survey helps to provide insight into the current state of federal security and where there’s room for improvement.
The AP Interview: Justice Dept. Conducting Cyber Crackdown (SecurityWeek) Deputy Attorney General Lisa Monaco said the public should expect to see more arrests and law enforcement action as the Justice Department deals with the threat of ransomware.
Litigation, Investigation, and Law Enforcement
Five affiliates to Sodinokibi/REvil unplugged (Europol) Updated on 8 November at 18:30
Ukrainian Arrested and Charged with Ransomware Attack on Kaseya (US Department of Justice) Today, the Justice Department announced recent actions taken against two foreign nationals charged with deploying Sodinokibi/REvil ransomware to attack businesses and government entities in the United States.
U.S. charges Ukrainian and Russian in major ransomware spree, seizes $6 mln (Reuters) The U.S. Justice Department charged a Ukraine national and a Russian in one of the worst ransomware attacks against American targets, court filings showed on Monday.
U.S. Charges Two Suspected Major Ransomware Operators (SecurityWeek) Suspected hackers Yaroslav Vasinskyi and Yevgeniy Polyanin are accused of ransomware attacks resulting in 5,000 infections have been arrested as part of a global cybercrime crackdown
US seizes $6 million in ransom payments and charges Ukrainian over major cyberattack (CNN) Law enforcement officials seized an estimated $6 million in ransom payments and federal prosecutors charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration's pursuit of cybercriminals, the Justice Department announced Monday.
Europol: Seven REvil/GandCrab ransomware affiliates were arrested in 2021 (The Record by Recorded Future) Europol has announced today the arrests of seven suspects who worked as "affiliates" (partners) for a major ransomware cartel and have helped carry out more than 7,000 attacks since early 2019.
Kaseya attack suspect arrested in Poland (CRN Australia) The Ukrainian citizen is being held pending US extradition orders.
Kaseya ransomware suspect nabbed in Poland, $6m seized from absent colleague (Naked Security) Suspects nabbed, millions seized, in ransomware busts across the globe.
Europol Announces Arrests of 7 People Linked to REvil, GandCrab Ransomware (SecurityWeek) Europol announces arrests of five people linked to REvil and two people linked to GandCrab ransomware operations.
Six Arrested for Roles in Clop Ransomware Operation (SecurityWeek) Six individuals allegedly associated with the Clop ransomware operation were arrested in a global law enforcement operation, Interpol announced.
US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown (SecurityWeek) The U.S. Treasury Department slaps sanctions against the Chatex cryptocurrency exchange and offers multi-million-dollar rewards for information on the REvil ransomware gang.
U.S. Seizes $6.1 Million in Cryptocurrency in Ransomware Crackdown (Wall Street Journal) The retrieval comes alongside new sanctions that raise compliance questions for victim companies.
REvil associates arrested in international ransomware crackdown (ComputerWeekly) Two individuals suspected of conducting 5,000 REvil ransomware attacks were arrested by Romanian police last week as an international crackdown on the crime gang gathers pace
Feds Seize Millions in Sprawling Ransomware Bust (The Daily Beast) U.S. law enforcement officials announced Monday that they've arrested a Ukrainian national connected to the Russia-linked REvil ransomware gang and seized millions of dollars.
US Has Ways Of Disrupting Cyber Criminals Sheltering In Russia - FBI Director (UrduPoint) The United States has ways of disrupting cyber criminals sheltering in Russia, FBI Director Christopher Wray said on Monday.Weve got ways of disrupting those sheltering in places like Russia as (Yevgeniy) Polyanin discovered when he woke up and found $6.1 million he extorted from his victims missi ..
Israel escalates surveillance of Palestinians with facial recognition program in West Bank (Washington Post) The Israeli military has been conducting a broad surveillance effort in the occupied West Bank to monitor Palestinians by integrating facial recognition with a growing network of cameras and smartphones, according to descriptions of the program by recent Israeli soldiers.
Report: NSO spyware found on 6 Palestinian activists' phones (AP NEWS) JERUSALEM (AP) — Security researchers disclosed Monday that spyware from the notorious Israeli hacker-for-hire company NSO Group was detected on the cellphones of six Palestinian human rights activists, half affiliated with groups that Israel’s defense minister controversially claimed were involved in terrorism.
Report: 6 Palestinian Rights Activists Hacked by NSO Spyware (SecurityWeek) Security researchers disclosed that spyware from Israeli hacker-for-hire company NSO Group was detected on the cellphones of six Palestinian human rights activists
Palestinian activists hacked by Israeli firm NSO spyware: Report (al jazeera) Spyware from the Israeli firm was detected on mobile phones of six Palestinian rights activists, according to a report.
Despite Abuses of NSO Spyware, Israel Will Lobby U.S. to Defend It (New York Times) As a new accusation surfaces that NSO’s software may have been used to spy on Palestinians, Israeli officials say it is crucial to national security.
Facebook can pursue malware lawsuit against Israel's NSO Group -US appeals court (Reuters) A U.S. appeals court said Facebook can pursue a lawsuit accusing Israel's NSO Group of exploiting a bug in its WhatsApp messaging app to install malware allowing the surveillance of 1,400 people, including journalists, human rights activists and dissidents.
Pension funds sue SolarWinds for breach of fiduciary duties and lackluster cybersecurity protocols (Jurist) Two pension funds have filed suit against SolarWinds Corporation and its board members for oversight failures arising from a massive cyberattack in early 2020. The two pension funds allege that SolarW...
How China's new data privacy law applies to foreign businesses (Yahoo) China's new Personal Information Protection Law (PIPL) took effect yesterday, and it's likely to change the private data protection landscape in China and beyond.The big picture: The law is part of the Chinese government's ongoing campaign to assert control over data and it's also a response to growing calls within China for stronger protection of user data.Get market news worthy of your time with Axios Markets. Subscribe for free.The law does not restrict the government's collection or use of d