Attacks, Threats, and Vulnerabilities
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities (CISA) CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint Cybersecurity Advisory highlighting ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with the government of Iran.
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities (CISA) Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity
• Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591.
• Implement multi-factor authentication.• Use strong, unique passwords.
Microsoft warns of the evolution of six Iranian hacking groups (BleepingComputer) The Microsoft Threat Intelligence Center (MSTIC) has presented an analysis of the evolution of several Iranian threat actors at the CyberWarCon 2021, and their findings show increasingly sophisticated attacks.
ProxyNoShell: A Change in Tactics Exploiting ProxyShell Vulnerabilities (Mandiant) In September 2021, Mandiant published a blog post from the Mandiant Managed Defense team about widespread exploitation of three vulnerabilities in on-premises Microsoft Exchange Servers which were collectively referred to as ProxyShell.
Israeli spyware firm linked to watering hole attacks on Middle East, UK websites (Computing) The US placed Candiru on a trade blacklist earlier this month, along with fellow Israeli spyware firm NSO Group
Israeli spyware firm Candiru linked to cyberattacks on Mideast websites (Times of Israel) Cybersecurity firm Eset claims Tel Aviv-based company's software used against sites and services in Yemen, Syria, Saudi Arabia and Iran
Israeli firm’s spyware linked to attacks on websites in UK and Middle East (the Guardian) Canada-based researchers say new evidence suggests Candiru’s software used to target critics of autocratic regimes
British news website was hacked to control readers' computers, report says (NBC News) A secretive Israeli company helped hack a British news site and used it to take over the devices of some people who visited the site, cyberreseachers say.
Strategic web compromises in the Middle East with a pinch of Candiru (WeLiveSecurity) ESET researchers uncover strategic web compromise (aka watering hole) attacks against high-profile websites in the Middle East.
Kiwis Confronted With An Alarming Rise In Online Identity Theft (Scoop News) Newly released data from Netsafe shows incidents of identity fraud in New Zealand have increased by a shocking 86 per cent over the last financial year, while incidents of investment fraud have risen by 37 per cent over the same period. With more and ...
‘Ghostwriter’ Looks Like a Purely Russian Op—Except It's Not (Wired) Security researchers have found signs that the pervasive hacking and misinformation campaign comes not from Moscow but from Minsk.
Mandiant researchers tie elements of ‘Ghostwriter’ influence campaign to Belarus (SC Media) The findings shed new light on a global influence campaign that went from pushing anti-NATO narratives to narrowly targeting opponents of Belarusian President Alexander Lukashenko at home and abroad over the past year and a half.
Group behind cyberattacks on multiple governments linked to Belarus (TheHill) Hacking and disinformation groups believed to be behind attacks on governmental agencies in countries including Germany in recent months were linked by cybersecurity researchers on Tuesday to the Belarusian governme
UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests | Mandiant (Mandiant) Mandiant Threat Intelligence assesses with high confidence that UNC1151 is linked to the Belarusian government.
Facebook says hackers in Pakistan targeted Afghan users amid government collapse (Reuters) Hackers from Pakistan used Facebook to target people in Afghanistan with connections to the previous government during the Taliban's takeover of the country, the company's threat investigators said in an interview with Reuters.
Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive (SecurityWeek) Facebook said it worked to block a hacker group that targeted the accounts of people tied to Afghanistan's then-government and security forces as the Taliban was moving in to take power.
Facebook: Pakistani hackers operated a fake app store to target former Afghan officials (The Record by Recorded Future) A group of Pakistani hackers has created and operated a fake Android app store in order to target and infect individuals connected to the former Afghanistan government prior to and during its fall to the new Taliban regime.
RAMP Ransomware’s Apparent Overture to Chinese Threat Actors (Flashpoint) RAMP forum returns—but to what end? Flashpoint has observed an increase in recent weeks of Mandarin and Chinese-speaking threat actors on RAMP as well as
Hundreds of WordPress sites defaced in fake ransomware attacks (The Record by Recorded Future) Hundreds of WordPress sites have been defaced over the weekend with a message claiming that the site's data was encrypted in what security firm Sucuri has described as "fake ransomware."
WordPress sites are being hacked in fake ransomware attacks (BleepingComputer) A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration.
Fake Ransomware Infection Spooks Website Owners (Sucuri) Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND 0.1 BITCOIN” were sitting at 6 last week and increased to 291 at the time of writing this. Upon visiting their website webmasters have been met with an alarming message:
G DATA warnt: Emotet ist zurück (datensicherheit.de) Nach dem koordinierten Takedown durch Strafverfolgungsbehörden im Frühjahr 2021 wurden jetzt erstmals wieder neue Varianten der Emotet-Schadsoftware gesichtet.
Emotet Returns After Law Enforcement Disruption (Decipher) Almost a year after law enforcement disrupted its infrastructure, the Emotet malware has returned.
Return of Emotet malware (Zscaler) Emotet, TrickBot, Ransomware
FBI Hacker Offers to Sell Data Allegedly Stolen in Robinhood Breach (SecurityWeek) The hacker who sent fake emails from FBI systems last week is offering to sell data allegedly stolen in the breach at stock trading platform Robinhood.
GitHub Confirms Another Major NPM Security Defect (SecurityWeek) Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain.
SMS-based attacks and leak from SendPulse (CoolTechZone) A detailed article with a demo on how to perform a DDoS attack, how to send messages from your computer, and what is Flubot, a malware that infected tens of thousands of Android devices.
Ransomware gangs are now rich enough to buy zero-day flaws, say researchers (ZDNet) Zero-day cybersecurity vulnerabilities have traditionally been the preserve of nation states - but now criminal gangs have the funds to buy their own.
Exploit-as-a-service: Cybercriminals exploring potential of leasing out zero-day vulnerabilities (The Daily Swig) New approach echoes the depressingly successful ransomware-as-a-service business model
These are the cryptomixers hackers use to clean their ransoms (BleepingComputer) Cryptomixers have always been at the epicenter of cybercrime activity, allowing hackers to "clean" cryptocurrency stolen from victims and making it hard for law enforcement to track them.
How cryptomixers allow cybercriminals to clean their ransoms (Intel471) A thorough understanding of these mixing services' operational underpinnings is key to comprehending how criminals are laundering the money.
200M Adult Cam Model, User Records Exposed in Stripchat Breach (Threatpost) The leak included model information, chat messages and payment details.
Federal Group's payroll provider hacked, staff given emergency $250 payment (ABC) Gaming and hospitality giant Federal Group has been affected by a cyber attack for the second this year. This time it it has hit the company's payroll software.
Scam alert: phone number change (Bollyinside) Thieves are after something that almost everyone has in their pocket or purse: our cell phone. It’s referred to as SIM swap scam. Criminals may take your
Mom shares how her prodigious 11-year-old hacked the school's internet and people are howling (Upworthy) This kid has a bright future ahead of him.
Security Patches, Mitigations, and Software Updates
Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform (Security Intelligence) It's become increasingly important to ensure the security of your organization's third-party software. Learn more about a recent vendor software vulnerability discovered by X-Force Red.
FATEK Automation WinProladder (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: FATEK Automation
Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow for arbitrary code execution.
Mitsubishi Electric GOT products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric
Equipment: GOT2000 series, GOT SIMPLE series, GT SoftGOT2000
Vulnerability: Improper Input Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow the system’s operations to be adversely affected.
Mitsubishi Electric FA engineering software products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: FA engineering software products
Vulnerabilities: Heap-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may cause a denial-of-service condition.
NCSC tackles record number of cyber incidents as Russian ransomware attacks surge (Computing) Nearly 20 per cent of attacks were Covid-related
FortiGuard Labs Predicts Cyberattacks Aimed at Everything From Crypto Wallets to Satellite Internet (GlobeNewswire News Room) Advanced Persistent Cybercrime Techniques Mean More Destructive Ransomware and Supply Chain Attacks...
Five Web App Security Predictions for 2022 (PerimeterX) In 2022, security and business leaders will recognize just how varied fraud really is. Here are our top five predictions for the year to come.
DigiCert 2022 Security Predictions (DigiCert) To take stock of where we’re at and what lies on the horizon, we’ve once again gathered our team of cybersecurity experts. Let’s take a closer look at what they observed in the crystal ball for 2022.
Half of Financial Institutions Identify Regulatory Compliance as a Serious Roadblock for Digital Transformation, OneSpan Research Reveals (OneSpan) OneSpan’s second annual Global Financial Regulations Report reveals coming regulations aimed at digital currencies and securing digital economies
New Perimeter 81 Study Reveals That 71% of VPs and CIOs Have Difficulty in Combating Cyberattacks Due to Cyber Complexity (Businesswire) Perimeter 81, the Zero Trust Networking leader and creator of the world’s first Cybersecurity Experience (CSX) platform, has published its Second Annu
Businesses worried about cyberattacks during the holidays, report finds (CBS News) Report finds companies that have already experienced ransomware attacks fear they'll fall victim again during the holiday season, and many aren't prepared.
Gmail bait attacks targeting business (Barracuda report) Bait attacks launched via Gmail and other free email services could be making businesses in Asia Pacific vulnerable to targeted phishing attacks and other threats.
Near 33 million cyberthreats target users and organisations combined in Kenya (Intelligent CIO Africa) The increase in cyberthreats recorded by Kaspersky (Kaspersky.co.za) in the first half of this year in Kenya amounted to 32.8 million. Compared to similarly prominently targeted countries in the African region the recorded number was on par with South Africa accounting for 31.5 million and near double the number recorded in Nigeria at 16.7 million. […]
Keeper Security research: UK retailers attractive target for cybercriminals (Retail Technology Innovation Hub) The UK’s retail sector has experienced 44 cyberattacks in the last 12 months, according to new research by Keeper Security.
ThycoticCentrify Report: 57% of Organizations Suffered Security Incidents Related to Exposed Secrets in DevOps (PR Newswire) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of the privileged access management (PAM)...
Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (SecurityWeek) External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy to deliver a real-time, comprehensive third-party infrastructure analysis to eliminate attack surface blind spots
KnowBe4 Completes Acquisition of SecurityAdvisor and Cements Vision For the Future of the Human Defense Layer for Cybersecurity (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that it has...
Stellar Cyber Raises $38 Million Series B to Expand Its Open XDR Success and Address Urgent Need to Provide 360-Degree Visibility Across Entire Attack Surface (Businesswire) Stellar Cyber Raises $38 Million Series B to Expand its Open XDR Success and Address Urgent Need to Provide 360-degree Visibility
Sedric Raises $US 3.5 Million to Increase Consumer Protections for Next-Gen FinTechs (PR Newswire) Sedric, an AI-based compliance excellence platform for next-gen fintechs, today announced that it has raised US$ 3.5 million in seed funding to...
NetRise Emerges from Stealth with $6.8M Seed Round and a Mission to Defeat Firmware Threats (Star Local) NetRise, the company solving the world's firmware security problem, has emerged from stealth by closing their $6.8M Seed Round led by Miramar Digital
London and Amsterdam-based cybersecurity startup Hadrian nabs €2.5 million pre-seed funding (EU-Startups) Hadrian, a London and Amsterdam based cybersecurity startup has closed a €2.5 million pre-seed round to build the world’s first autonomous offensive
Insightcyber Emerges From Stealth to Provide Cyber-Physical Security to Critical Global Infrastructure; Appoints Executive Bench (Businesswire) InsightCyber, an innovative cybersecurity provider applying advanced AI to cyber-physical security, today announced its emergence from stealth mode.
Threat intel startup SnapAttack lands $8M Series A following Booz Allen spinout (TechCrunch) The threat intelligence startup recently announced its spinout from Booz Allen Hamilton.
Booz Allen Completes Spinoff of Cyber Threat Intelligence Platform; Susan Penfield Quoted (GovCon Wire) Looking for the latest GovCon News? Check out our story: Booz Allen Completes Spinoff of Cyber Threat Intelligence Platform. Click to read more!
GreyNoise Awarded Production Contract with a $30 Million Ceiling by the United States Department of Defense (PRWeb) GreyNoise Intelligence, the anti threat intelligence company, today announced that it has been awarded a production contract with a $30 million ceiling by the
CyberOne Announces Strategic Plans for National Expansion (CyberOne Security) Plano, TX - November 16, 2021 -- CyberOne, a trusted cybersecurity advisory and solutions leader, announced today its plans to spin off from the CRITICALSTART brand as an independent company.
Long-Term Bull Signal Could Mean a Bounce for Crowdstrike Stock (Schaeffers Investment Research) Crowdstrike (CRWD) just pulled back to a long-term area of support, which could help the security back up the charts
Cyber Insurance for Local Governments Costs More, Covers Less (Route Fifty) More governments have cyber incident coverage than ever before, but the escalated risk of ransomware and cyberattacks means higher premiums, rising deductibles and greater scrutiny of security protocols.
Some businesses are now facing an annual $130m cybersecurity bill. These ASX stocks could benefit (Stockhead) Cyber attacks are up 13% and Deloitte says organisations are looking to improve threat intelligence, detection, and monitoring, cyber transformation and data security.
Darktrace aims to expand into ‘proactive’ security AI by end of year (VentureBeat) Darktrace, a provider of security powered by artificial intelligence, says it plans to expand into AI-based attack prevention by year's end.
Could The AvePoint, Inc. (NASDAQ:AVPT) Ownership Structure Tell Us Something Useful? (Nasdaq) The big shareholder groups in AvePoint, Inc. (NASDAQ:AVPT) have power over the company. Generally speaking, as a company grows, institutions will increase their ownership. Conversely, insiders often decrease their ownership over time. I quite like to see at least a little bit of insider ownership. As Charlie Munger said 'Show me the incentive and I will show you the outcome.
Your next security hire might not come from tech (Computing) As technology use grows exponentially, attack surfaces are widening and security teams must expand. But in the labour shortage, where are these new workers going to come from?
SessionGuardian Announces Racing Sponsorship of Josh Green with Turn 3 Motorsports (PR Newswire) SessionGuardian, the global leader in continuous identity verification, is pleased to announce a partnership with New York-based Josh Green, a...
Mike Rogers Named Chairman of MITRE Board of Trustees; Jason Providakes Quoted (Executive Gov) Mike Rogers, former Michigan Congressman and Wash100 Award winner, has been elected chairman of The
Deduce Announces Expansion of Executive Team (York Pedia) Cybersecurity and fraud prevention leader promotes Robert Panasiuk to CTO; adds Andy Sheldon as VP Marketing and Adish Kasi as VP Sales(YorkPedia Editorial):- New York City, New York Nov 16, 2021 (Iss
Products, Services, and Solutions
Cato SASE Cloud Protects Against Urgent Exploits Identified by CISA (Cato Networks) With this week’s CISA deadline, Cato has already updated its IPS-as-a-Service in the Cato SASE Cloud to protect against key exploits on third-party network and security infrastructure.
WatchGuard Cloud Adds New Endpoint Security Modules Further Strengthening Its Unified Security Platform (GlobeNewswire News Room) Partners and customers using WatchGuard’s Endpoint Security solutions can now layer on Patch Management, Encryption, Reporting and Data Control features to...
Bitdefender Adds Enhanced Malware Detection and Expands Privacy Offerings Across Consumer Product Lines (Bitdefender) New Product Capabilities Include Deep Level Analysis, Android Scam Alert, iOS Security Assessment Scan and Enhanced Virtual Private Network
CyberSeek™ Expands Resources on Careers, Credentials and Training as the Need for Cybersecurity Professionals Grows Across the US (PR Newswire) CyberSeek™, the most authoritative resource on the supply and demand in America's cybersecurity job market, today released expanded, enhanced...
Offensive Security Unveils Its First Defensive Security Training and Certification Offering (Businesswire) Offensive Security, the leading provider of hands-on cybersecurity training and certification, today announced the launch of two new courses, expandin
Sectigo Announces Market Disrupting Move to Become a CA Agnostic Certificate Lifecycle Management Provider (Sectigo) New Product Innovations Enable Enterprises to Manage Both Public and Private Certificates Issued by Sectigo and Other CAs Within a Single Platform
A moment of reckoning: it's time to revolutionise data protection (Computing) The data centre is no longer the centre of data
SMB Companies Beware: The Ransomware Hunter is Aiming at You (Security Boulevard) Ransomware attackers aren’t always after the biggest fish. In fact, so-called “mid game hunting” — as opposed to “big game” hunting — where attackers identify smaller targets that are less likely to trigger a legal or governmental response, appears to be on the rise.
BioCatch Mule Account Detection brings mule detection capabilities for financial institutions (Help Net Security) BioCatch launched Mule Account Detection, a solution to help financial institutions address the money laundering epidemic.
Kaspersky VPN Secure Connection reveals transparency, supports new connected devices and locations (Manila Standard) Kaspersky has improved and expanded the list of available features for Kaspersky VPN Secure Connection users.
Palo Alto Networks unveils ML-powered cloud security platform (VentureBeat) Palo Alto Networks announced its Next-Generation CASB will include new SaaS security features powered by AI and ML.
Palo Alto Networks updates Prisma Cloud to secure the full app lifecycle (ZDNet) The latest version of Prisma Cloud offers cloud code security, agentless security and other enhancements to embed security into the entire application lifecycle.
AT&T Cybersecurity Launches New Managed Solution to Help U.S. Federal Agencies Modernize and Protect their IT Infrastructure (PR Newswire) What's the news? AT&T* has launched an integrated, managed cybersecurity solution to help U.S. federal agencies modernize and protect their IT...
7 Reasons to apply Cloud based Voice Biometric today (Aculab) From privacy and security, to ease of use and savings. Discover how your business can benefit from cloud based voice biometrics.
Technologies, Techniques, and Standards
New Itential Research Reveals Lack of Automation Undermines Network Configuration Compliance (PRWeb) Itential, the leader in network and cloud automation software, today released new research findings in partnership with Enterprise Management Associates (EMA) re
Your tolerance for risk in critical comms will drive your security solution (Breaking Defense) Data protection solutions are key to the JADC2 goal of an interconnected tactical network that enables the sharing of sensor data among all military branches in every domain.
Here's how AT&T, Verizon and T-Mobile are fighting SIM swaps (Light Reading) After Princeton University research showed glaring holes in mobile operators' SIM swapping systems, the FCC opened a proceeding into the issue. Here's how the nation's big carriers are responding.
Here's Why Critical Infrastructure Keeps Getting Hacked (SecureLink) Hackers count on an organization’s apathy, overconfidence, and lack of proper procedures to get in and steal valuable information.
Cyber Monday: Three Critical Cloud Components for Retail Vendors (Styra) Cyber Monday is fast approaching, here are three critical cloud components for retail vendors.
Industrial Cybersecurity Safety, Vulnerability Disclosure (Claroty) Claroty's Team82 has disclosed 250 industrial cybersecurity vulnerability disclosures, contributing to the safety of the domain.
Connecting Cyberspace and Airspace (Air Force) The Mission Defense Team is made up of a team of cyber and communication professionals designated to defend a specific aircraft, preventing adversaries from invading the airspace and manipulating
Research and Development
Australia to Beef Up High-Tech Prowess After Security Pact With U.S. (Wall Street Journal) Australia will strengthen its capabilities in technologies that could be used to counter threats from China, providing more detail on the type of innovations Australia might develop alongside the U.S. under a new security partnership.
US races to lead the way in quantum computing (CNBC) We're diving into quantum computing this AM. CNBC's @EamonJavers took a look at the importance to America's security and global competitiveness, while @Kr00ney breaks down tech's appetite in the space.
This new startup has built a record-breaking 256-qubit quantum computer (MIT Technology Review) QuEra Computing, launched by physicists at Harvard and MIT, is trying a different quantum approach to tackle impossibly hard computational tasks.
NSA cyber academy grants expand scope (University of North Georgia) Thanks to a new format, the University of North Georgia's (UNG) GenCyber Warrior Academy and Advancing GenCyber Education for North Georgia Teachers (AGENTs) of Change camp will cover more material for the students and teachers involved.
Northrop Grumman commits $12.5 million toward quantum research and education (Virginia Tech) The company’s commitment will dramatically enhance the university’s work in a field with the potential to reshape industries and profoundly alter the dynamics of national security.
Legislation, Policy, and Regulation
Government is seeking to water down data protection and gut the ICO, warns ORG (Computing) Measures are designed to favour business and government interests over those of the individual, says Open Rights Group
Former CISA head warns of rivals' 'destructive' cyber capabilities (Breaking Defense) "There's one line [in the notice] that should scare the hell out of everyone everywhere," Chris Krebs said.
Why Cyber War Is Subversive, and How that Limits its Strategic Value (War on the Rocks) For three decades, defense planners and analysts have worried about cyber war. It has not happened. Instead, now their fear is that cyber operations open
The gaps preventing cyber securing physical infrastructures (Control Global) In preparation for my November 17th presentation to ISA Twin Cities (https://www.controlglobal.com/blogs/unfettered/november-17-2021-twin-cities-isa-education-event-control-system-cybersecurity), I have identified two critical flaws in cyber security approaches for physical infrastructures (e.g., power, grids, water/wastewater, petrochemical, pipelines, manufacturing, mining, transportation, buildings, medical devices, food manufacturing, defense, etc.). I have not used the term "critical infrastructure" as these issues apply to any physical infrastructure.
US DHS Launches New System for Hiring, Retaining Cyber Talent (BankInfoSecurity) The U.S. Department of Homeland Security on Monday launched a new personnel system that it says will enable the department to "more effectively recruit,
Department of Homeland Security unveils new cybersecurity job growth initiative (Healthcare IT News) Employees hired through the system will join what the agency is calling the Cybersecurity Service, "the nation’s preeminent federal cybersecurity team."
FBI wants in on cyber reporting legislation (FCW) A top FBI cyber official told lawmakers on Tuesday that the bureau could face significant challenges addressing cyberattacks and ransomware incidents if it was not included in breach disclosure requirements being considered in legislation.
FBI Calls For Firms to Report Hacks Directly to Law Enforcement (Wall Street Journal) A top cyber official with the FBI urged lawmakers to require certain businesses to disclose cyberattacks directly to law enforcement, warning that a hack-reporting proposal now moving through Congress could hinder investigations.
FBI left out of the loop in cyberattack reporting bill (POLITICO) The Biden administration is "troubled" by legislation that would require companies to report cyberattacks to the Department of Homeland Security but not the FBI.
A new congressional report highlights just how bad a hack can be (Washington Post) Companies hit by ransomware hackers are at a disadvantage during every phase of the attack.
FBI Hack Called 'Tipping Point' in Struggle Against Cybercrime (The Crime Report) A congressional committee began hearings Tuesday on cybersecurity in the shadow of a series of escalating threats that legislators warned could "create catastrophic consequences."
CISA weeks away from naming members to new advisory, investigative panels (The Record by Recorded Future) The Cybersecurity and Infrastructure Security Agency is close to unveiling the roster for a new advisory and investigative panels that will help steer the organization’s strategy and analyze major digital incidents, a senior official said on Tuesday.
CISA working group assessing cyber risks to space infrastructure (FedScoop) The Cybersecurity and Infrastructure Security Agency established a cross-sector space working group that is performing an assessment of risks to both federal and commercial space infrastructure, said Assistant Director Bob Kolasky. CISA’s primary concern is mitigating cyber risks to position, navigation and timing (PNT) services and GPS, Kolasky said, during an AFCEA Bethesda event on […]
Cyber Experts: "Blacklisting NSO - Hypocrisy and Insincerity" (iHLS) This post is also available in: עברית (Hebrew)“Would you send police officers armed with slingshots to Brazil’s favelas? This is how threats
DHS chief information security officer wary of Pentagon’s changes to CMMC (Federal News Network) Now, officials think “CMMC 2.0” might leave gaps in contractor cybersecurity.
Lina Khan Sees Turbulent Start as Head of Federal Trade Commission (Wall Street Journal) As the FTC chairwoman attempts to flex the business watchdog’s regulatory muscles to an extent not attempted in decades, some career officials have felt excluded from deliberations.
Litigation, Investigation, and Law Enforcement
Exclusive: LAPD partnered with tech firm that enables secretive online spying (the Guardian) Records show LA police trialed social media surveillance tech from Voyager Labs, which claims its software can predict crimes and help monitor private messages
'We Have to Change the Decision Calculus' to Stop Ransomware (Decipher) Ransomware groups such as REvil have take some hits recently, but the broader landscape has continued to expand and experts say defenders need to change their thinking in order to address the problem.
REvil Is Down—For Now (Lawfare) What can be learned from the operations that got them to shut down?
China Telecom Appeals Against US Ban (Infosecurity Magazine) Telco giant follows Xiaomi, whose legal case was successful
Ninth Circuit Tells NSO Group It Isn't A Government, Has No Immunity From WhatApp's Lawsuit (Techdirt.) Long before its current run of Very Bad News, Israeli malware purveyor NSO Group was already controversial. Investigations had shown its exploits were being used to target journalists and activists and its customer list included governments known...
GOP lawmakers: Whistleblower email refutes Garland on FBI monitoring of school board threats (The Washington Times) Republican lawmakers say a whistleblower sent them an internal FBI email that shows the counterterrorism unit is monitoring threats against school board members, despite Attorney General Merrick Garland denying such surveillance.