Attacks, Threats, and Vulnerabilities
CISA and FBI Urge Organizations to Remain Vigilant to Ransomware and Cyber Threats This Holiday Season (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a cybersecurity reminder for public and private sector organizations to remain vigilant and take appropriate precautions to reduce their risk to ransomware and other cyberattacks leading up to and during the holiday season. This advisory is based on observations on the timing of high impact ransomware attacks that have occurred previously rather than a reaction to specific threat reporting.
How China Became Jihadis’ New Target (Foreign Policy) International terrorist organizations long considered Beijing a secondary focus. That’s changed.
Devious ‘Tardigrade’ Malware Hits Biomanufacturing Facilities (Wired) The surprisingly sophisticated attack is “actively spreading” throughout the industry.
A foreign government could be trying to hack U.S. biomedical companies (Washington Post) A mysterious and highly sophisticated hacking tool has been found attacking biomanufacturing companies.
Information on a cyber attack (GlobeNewswire News Room) On Saturday November 20th, 2021, the cybersecurity system of Bureau Veritas detected a cyber-attack.
RATDispenser: Stealthy JavaScript Loader Dispensing RATs into the Wild (HP Wolf Security) With a 11% detection rate, RATDispenser appears to be effective at evading security controls and delivering malware.
U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation (SecurityWeek) Security response agencies warn that Zoho flaw puts academic institutions, critical infrastructure and defense contractors are at high risk for malware attacks.
Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications (SecurityWeek) Claroty researchers are documenting a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN.
Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (SecurityWeek) Many critical and high-severity vulnerabilities have been found by Cisco Talos in a Lantronix Wi-Fi module designed for critical industrial and commercial applications.
Researchers Hack Conti Ransomware Infrastructure (SecurityWeek) Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti ransomware, which allowed them to gain insight into its inner workings.
Report: China May Steal Encrypted Government Data Now to Decrypt with Quantum Computers Later (Nextgov.com) A new analysis urges CISO’s to take strategic steps ahead of the advent of quantum computing.
Attackers don't bother brute-forcing long passwords, Microsoft engineer says (The Record by Recorded Future) According to data collected by Microsoft's network of honeypot servers, most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters.
GoDaddy says data breach exposed over a million user accounts (TechCrunch) The web host said an unauthorized person used a compromised password to get access to GoDaddy's systems.
Over a million GoDaddy WordPress customers had email addresses exposed in latest breach (The Verge) The system was compromised for over a month.
GoDaddy admits to password breach: check your Managed WordPress site! (Naked Security) GoDaddy found crooks in its network, and kicked them out – but not before they’d been in there for six weeks.
Global web hosting company GoDaddy reports data breach (CRN Australia) Hackers accessed customers usernames, passwords and email addresses.
GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts (SecurityWeek) GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months.
GoDaddy says information on 1.2 million customers exposed in data breach (TheHill) Internet domain host GoDaddy on Monday disclosed a recent data breach that the company said impacted the customer data of around 1.2 million individuals.
GoDaddy security breach exposes WordPress users' data (iTnews) Up to 1.2 million customers caught up.
GoDaddy data breach impacts 1.2 million WordPress site owners (The Record by Recorded Future) Internet infrastructure company GoDaddy said on Monday that a hacker gained access to the personal information of more than 1.2 million customers of its WordPress hosting service.
GoDaddy data breach affects nearly 1.2 million WordPress users (Computing) The attacker used a compromised password to access the company's provisioning system for Managed WordPress
US education software company exposed personal data of 1.2M students (TechCrunch) The data included academic transcripts, resumes, and invoices for approximately 1.2M applications to funding programs over the past year.
Fraudsters Hijack Newspaper’s Twitter Account to Push PS5 Scam (Vice) The Dallas Observer is not actually selling a PS5 to the first person to DM them.
Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (SecurityWeek) Utah Imaging Associates has started informing over 583,000 former and current patients who might have been affected by the incident.
Fresno health clinic system announces ‘encryption event,’ data breach (The Business Journal) United Health Centers of the San Joaquin Valley announced on Friday it was the victim of a data breach incident that apparently began in August. The Fresno-based federally qualified health center has a couple dozen
Wind Turbine Giant Vestas Fending Off Cyberattack (SecurityWeek) Danish wind turbine manufacturer Vestas Wind Systems confirms a cyber attack has impacted parts of internal internal IT infrastructure and that data has been compromised.
Update on cyber security incident (Vestas Wind Systems) Vestas discovered a cyber security incident during 19 November 2021 and has since then together with external partners worked around the clock to contain the situation and re-establish the integrity of its IT systems.
NHS Denies Data Was Exposed in Stor-a-File Hack (GovInfoSecurity) Reports of NHS data being exposed following a ransomware attack on U.K.-based data capture and storage company Stor-a-File are incorrect, an NHS Digital
Proofpoint warns top UAE online retailers to be extra vigilant of fraudulent emails (ITP Net) 67% of retailers are at risk of email fraud this sale season for not following the strictest and recommended levels of DMARC protection
Vulnerability Summary for the Week of November 15, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Philips Working on Patches for Vulnerabilities Found in Medical Products (SecurityWeek) Philips is working on patches for several vulnerabilities, including ones rated high severity, found by researchers in some of its medical products.
WhatsApp Pushes Privacy Update to Comply With Irish Ruling (SecurityWeek) WhatsApp is adding more details to its privacy policy and flagging that information for European users, after Irish regulators slapped the chat service with a record fine for breaching strict EU data privacy rules.
Trends
The Cost of a Data Breach Goes Beyond the Bottom Line (Security Intelligence) Reduce the cost of a data breach with these defensive measures. Even without including the cost of the ransom, the potential loss is high.
Intel agencies warn of potential uptick in cyber threats during holidays (NY1) The FBI and CISA cited previous holiday increases
CISA, FBI issue holiday warning about hackers, urge vigilance (The Record by Recorded Future) Hackers could try to ruin your holiday season, CISA and the FBI warned on Monday.
The Grinchy email scams to watch out for this holiday season (Expel) As the holidays approach, cyber Grinches are targeting phishing campaigns to steal data, credentials and more. Look out for these email scams while online shopping and checking your inbox this season.
Black Friday scams: Why you should be careful in 2021 (Surfshark) Do you like Black Friday? Because scammers do. And this year’s US cybercrime numbers are already the worst they’ve ever been, especially in these states.
Cybereason Government Inc. Issues Ransomware Holiday Warning (PRWeb) Cybereason, the leader in operation-centric attack protection, today issued a Ransomware Advisory, through its government subsidiary, Cybereason Government Inc, w
Black Friday and Cyber Monday – here’s what you REALLY need to do! (Naked Security) The world fills up with cybersecurity tips every year when Black Friday comes round. But what about the rest of the year?
Desperate Parents Turn to Shopping Bots to Hunt for Hottest Christmas Gifts (Wall Street Journal) Long used by resellers looking to buy and flip high-demand goods for a profit, the technology is also now being used by desperate holiday shoppers to buy just a few items at a time.
Cybersecurity firm: Ransomware will become more modular and uniform in 2022 (Security Info Watch) Sophos says ransomware was involved in 79% of the incidents investigated by its rapid response team in the last 18 months
Marketplace
KeyCaliber raises $2.6M to accelerate platform development and propel go-to-market channels (Help Net Security) KeyCaliber announced its $2.6M seed funding from leading venture capital firms Lytical Ventures, Unusual Ventures, and HearstLab.
Evina raises 20 million euros to secure financial services for telecom operators (Evina) Paris, November 18, 2021 - Paris-based cybersecurity company Evina, which operates in 70 countries, has announced a €20 million funding round to consolidate its leading position in securing financial services for telecom operators.
Akamai-backed Shield-IoT Raises $7.4 Mn in Series A to Streamline and Secure Mass Scale IoT Networks (IndianWeb2.com) Udi Solomon, CEO and Co-Founder (Left) and Ohad Levin, Co-Founder and CTO (Right) Shield-IoT streamlines the implementation of mass-scale I...
Cybersecurity M&A Roundup for Third Week of November 2021 (SecurityWeek) Seven cybersecurity-related acquisitions announced in the third week of November 2021.
We’re Making the Facebook Papers Public. Here’s Why and How (Gizmodo) Independent experts from NYU, UMass Amherst, Columbia, Marquette, and the ACLU are partnering with Gizmodo to responsibly publish this historic leak.
Israeli Spyware Firm NSO Seen at Risk of Default as Sales Drop (Bloomberg) Moody’s cuts company’s credit rating by two notches to Caa2. NSO at risk of covenant breach on about $500 million of debt.
NSO was about to sell hacking tools to France. Now it’s in crisis. (MIT Technology Review) French officials were close to buying controversial surveillance tool Pegasus from NSO earlier this year. Now the US has sanctioned the Israeli company, and insiders say it’s on the ropes.
Trend Micro Leads the Cloud Security Industry with the Most Data Centers Across More Geographies (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, offers cloud security in data centers across 9 countries....
IBM Spin-Off Kyndryl Expands VMWare Partnership (CRN) VMware and Kyndryl partner up and Kyndryl boosts its SAP skills.
The Rise And Fall Of Darktrace: Why Has One Of 2021's Biggest IPO Success Stories Shed Almost 40% Of Its Value In Six-Weeks (Benzinga) What a difference six months can make. When cybersecurity unicorn Darktrace debuted on the London Stock Exchange on April 30th 2021, it took one week for Wired to claim ...
BAE Systems selected for National Cyber Range Complex contract (Businesswire) The U.S. Army has selected BAE Systems to serve as a prime contractor on Lot 1 of the 10-year, $2.4 billion National Cyber Range contract.
SAIC Grabs Space & Intelligence Contracts Worth $348M in Q3 (Nasdaq) Science Applications International Corporation SAIC announced last week that it has secured $348 million worth of contracts from the space and intelligence communities in the third quarter of fiscal 2022.
CISO Conversations: Honda Aircraft, Bombardier CISOs Discuss Getting Started in Security (SecurityWeek) In this CISO Conversations feature, SecurityWeek asks two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier – how they got started in security
Varonis Executives and Investor Relations Leadership Named to Institutional Investor’s 2022 All-America Executive Team (GlobeNewswire News Room) Varonis team ranked within the top three places across eight categories in the midcap software sector...
Cloud security vendor ExtraHop names Tanya Hovagimian as first ANZ channel manager (CRN Australia) Tanya Hovagimian joins from Sophos.
Cybersixgill Expands Executive Team to Support Company's Rapid Growth (PR Newswire) Cybersixgill, the premier vendor of real time and actionable threat intelligence, has announced today the appointment of two industry veterans...
Products, Services, and Solutions
D4T4 Solutions Launches Innovative Fraud Data Platform Updates (PR Newswire) D4t4 Solutions Plc, a leading innovator in customer data, management, and analytics, announced it has launched the latest version of its...
BitSight and Marsh McLennan Collaborate to Bolster Organizations' Cybersecurity Performance (PR Newswire) BitSight, the Standard in Security Ratings, and Marsh McLennan, the world's leading professional services firm in the areas of risk, strategy,...
Announcing Okera for Snowflake, a SaaS Solution to Deliver Universal Data Authorization on Snowflake's Data Cloud (PR Newswire) Okera, the Universal Data Authorization company, today announced Okera for Snowflake, a new software as a service (SaaS) offering for the...
Versa Networks Honored with Top 2021 ‘ASTORS’ Homeland Security Award for Versa SASE (Yahoo Finance) Versa Networks, the recognized secure access service edge (SASE) leader, today announced it is the recipient of the Gold 2021 "ASTORS" Homeland Security Award from American Security Today (AST) for its Versa SASE solution.
Baffle Launches Data Privacy Cloud to Enable Privacy Preserving Analytics on Amazon Redshift (Businesswire) Baffle, Inc. today announced its Data Privacy Cloud supports privacy preserving analytics on encrypted and tokenized data for Amazon Redshift.
Technologies, Techniques, and Standards
Business Leaders Need to Own Cyber Security (The CyberWire) Corporate cybersecurity requires a business leader to make the decisions, be personally invested, and lead the security work the same way as the business. The intent and guidance of the business leaders need to be visible. That's not always the case.
Security is everyone’s job in the workplace (MIT Technology Review) To fully combat against cyber threats, companies need to think not just about the tech, but also how people behave.
NSA, CISA Say Industry Should Use Attestation Technology to Secure 5G Environments (Nextgov.com) The tech can provide evidence of compliance with configuration standards and detect anomalies in complex multi-tenant, multi-cloud computing architectures.
What to do if you receive a data breach notice (WeLiveSecurity) Receiving a breach notice doesn’t mean you’re doomed – here’s what you should consider doing in the hours and days after learning that your personal data has been exposed
Is it OK to Take Your CEO Offline to Protect the Network? (Dark Reading) Are you asking the right questions when developing your incident response playbook? What security tasks are you willing to automate?
The Future of Information Warfare (Sixteenth Air Force (Air Forces Cyber)) Sixteenth Air Force leaders, various wing command teams, and group command teams gathered in-person and virtually here Nov. 8-9 to meet and discuss the future of the Air Force’s only Information
Design and Innovation
Twitter introduces aliases for contributors to its Birdwatch moderation program (The Verge) It introduced the moderation tool in January.
Academia
What will it take to protect schools’ digital landscape? (eSchool News) Malicious actors have been turning their attention to the nation’s schools in a significant and unwelcome way. The State of K-12 Cybersecurity: 2020 Year in Review report found an 18 percent increa…
Legislation, Policy, and Regulation
US intelligence shows preparations for rapid Russian push into Ukraine: report (TheHill) U.S. intelligence shows that Russia is prepared to push into Ukraine from multiple locations with a buildup of troops and artillery along the border, Bloomberg reported Sunday.
Russia rejects US concerns about Ukraine as smokescreen (Stars and Stripes) Kremlin spokesman Dmitry Peskov dismissed U.S. media allegations of Moscow's purported plans to invade Ukraine as part of efforts to discredit Russia. He insisted that troop movements on Russia's own territory shouldn't concern anyone.
Xi’s Confidence Game (Foreign Affairs) Beijing's actions show determination, not insecurity.
Pegasus spyware and the direction of Australian policing (The Strategist) The US government’s recent ban of Israeli technology firm NGO Group’s Pegasus spyware has significant implications for Australian efforts to regulate digital technologies in the face of new online national security threats. Putting human rights ...
Intel is the raw material of foreign policy, so fix it first (iPolitics) Due to swift geopolitical change and an ever-more complex threat environment, there are growing calls for Canada to adopt a more activist foreign policy. But before the federal government can even consider heeding this advice, it must fill a critical gap in intelligence resources. During the Cold War — and later, in the post-9/11 struggle […]
U.S., UK Conduct Cyber Management Review at Fort Meade (HS Today) Such consistent touch-points enable both nations to develop world-class cyber capabilities while ensuring the different organizations can work seamlessly together.
Pentagon Officials Rethinking Cyber's Role in National Defense Strategy (Nextgov.com) Cyber policy lead Mieke Eoyang discussed the Defense Department’s role in the nation’s cybersecurity posture, including in defending elections and countering ransomware attacks.
From Cybersecurity To Climate Tech: The Startup Sectors That Will Get Billions From Biden’s Infrastructure Plan (Crunchbase News) The recently signed $1.2 trillion U.S. infrastructure bill sets aside hundreds of billions of dollars of government investment in sectors where venture-backed startups are likely to play an active role. Crunchbase News talked to venture investors about the pending funds earmarked for cybersecurity investment, electric vehicle infrastructure, broadband internet expansion, and a host of clean energy and climate tech initiatives.
U.S. lawmakers call for privacy legislation after Reuters report on Amazon lobbying (Reuters) Five members of Congress called for federal consumer-privacy legislation after a Reuters report published Friday revealed how Amazon.com Inc has led an under-the-radar campaign to gut privacy protections in 25 states while amassing a valuable trove of personal data on American consumers.
Government Watchdog Asks CISA, Schools to Update Cyber Plans (GovTech) A new report from the Government Accountability Office calls for the U.S. Department of Education to work with CISA on updating cyber threat response plans for K-12 schools that are more than a decade old.
Schumer: LI school districts should get ready to apply for funding to fight off cyberattacks (Newsday) Long Island school districts, which have been hit Robby more than a dozen cyberattacks since 2018 where hackers shut down computer networks and posted confidential files online, can apply for a piece of a $1 billion grant included in the recently signed federal infrastructure bill, Senate Majority Leader Chuck Schumer said Monday. Schumer (D-N.Y.) said Long Island districts, including those that have not been attacked, should begin establishing their plans to apply for a portion of the funding.
Texas Plans to Become the Bitcoin Capital, Vulnerable Power Grid and All (Bloomberg) Crypto miners with more than double the power demand of Austin are descending on the anti-regulation state.
Litigation, Investigation, and Law Enforcement
Norsk Hydro Probe Shows Slow Pace of International Ransomware Cases (WSJ) The Norwegian aluminum maker was hit by hackers in March 2019. Suspects were apprehended last month.
Air Force promotes major who doxed an alleged sexual assault survivor (Task & Purpose) The Air Force promoted Maj. Priscilla Giddings, who posted the personal information of an alleged sexual assault survivor to social media.