Attacks, Threats, and Vulnerabilities
Facebook reveals broad takedown of global disinformation networks, including some tied to anti-vaccine groups and state actors (Washington Post) The takedowns described in the company’s latest threat report demonstrate how the cat-and-mouse game between Facebook and bad actors is escalating
Meta's Adversarial Threat Report (Meta) We’re sharing a detailed, end-of-year threat report on six adversarial networks we found and removed for Coordinated Inauthentic Behavior, Brigading and Mass Reporting.
New Yanluowang ransomware mounting targeted attacks in U.S. (SearchSecurity) The Symantec Threat Hunter team detailed a new ransomware tracked as Yanluowang that has targeted U.S. companies since August 2021.
Lightspin Research Team Discovers Cross-Account Access Vulnerability on AWS SageMaker Jupiter Notebook Instance (PR Newswire) Lightspin, the multi-layer cloud security platform that prioritizes and remediates critical vulnerabilities across hybrid cloud and Kubernetes...
US, Canadian critical infrastructure targeted by novel Sabbath ransomware (SC Media) Critical infrastructure in the U.S. and Canada are being attacked by the new Sabbath ransomware gang, also known as UNC1290, since June.
When acting turns criminal: Deepfakes and voice impersonators in the cybercriminal underground (Digital Shadows) In this blog, we’ll explore the origins of these atypical attack methods on the cybercriminal underground and examine their real-world applications.
These researchers wanted to test cloud security. They were shocked by what they found (ZDNet) Cybersecurity researchers set up a tempting cloud honeypot to examine how cyber attackers work.
APT Conducts Active Campaign Against ManageEngine ServiceDesk Plus (Unit42) A persistent and determined APT actor has expanded beyond Zoho ManageEngine ADSelfService Plus and begun an active campaign against ServiceDesk Plus.
BlackByte ransomware attacks exploiting ProxyShell flaws (SearchSecurity) ProxyShell exploitation on Microsoft Exchange servers is leading to BlackByte ransomware attacks, according to security vendor Red Canary.
Identified High Risk Vulnerabilities in the CATIE Web application (Bishop Fox) CATIE Web app is vulnerable to 4 local file disclosure high-risk vulnerabilities. They enable unauthenticated attackers to read arbitrary files. Read more.
Missed Delivery: New Phish Spoofs DHL (Avanan) A new attack spoofs DHL.
Doctor Web discovered vulnerabilities in children’s smart watches (Dr.Web) Parents always strive to take care of their children. Technology innovations help them reach this goal, through various wearables like smartwatches and GPS trackers. More and more models of these devices are getting close to smartphones in functionality. For example, many of them can track the child’s location and travel route.
Report: Leaked Healthcare Staffing Records Exposed Personal Information of Thousands of Medical Workers, Nurses, and Caregivers Online. (Website Planet) Security researcher Jeremiah Fowler together with the Website Planet research team discovered a non-password protected database that contained a
Ransomware attack exposed personal info of Hancock unit owners (Loop North News) A ransomware attack on a property management company in Chicago did not get ransom but exposed personal information about unit owners and prospective unit owners at John Hancock Center.
Planned Parenthood LA discloses data breach after ransomware attack (BleepingComputer) Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients.
Hackers Breach Los Angeles Planned Parenthood Network (Wall Street Journal) Planned Parenthood Los Angeles said it is investigating a cyberattack that compromised the personal information of thousands of patients.
Planned Parenthood Los Angeles says hack breached about 400,000 patients’ information (Washington Post) A hacker gained access to the personal information of hundreds of thousands of Planned Parenthood patients in October, the reproductive health-care group’s Los Angeles branch said Wednesday.
NW Iowa business victim of cyber attack, 5315 employees compromised (SiouxlandProud) A northwest Iowa business has become the victim of a cyber attack with more than 5,000 customers affected.
Update on the Delta-Montrose Electric Association cyber attack (NBC 11 News) Now that they have completed the first few weeks of the investigation, they say they are highly confident that no sensitive information was compromised.
Security Patches, Mitigations, and Software Updates
Mozilla fixes critical bug in cross-platform cryptography library (BleepingComputer) Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries.
Trends
83% of Fortune 1000 CIOs and CTOs Surveyed Have Transitioned to 5G or (PRWeb) Consumers are already starting to experience 5G network speeds on their mobile devices, and at a business level, it may be as little as two years until enterprise
Are you lazy with iPhone or Gmail security? Quarter of adults ‘victim of hackers’ (New York Post) A study of 2,000 adults revealed 25 percent feel their digital safety is not something they need to worry about.
KnowBe4’s Team of Cybersecurity Experts Release Predictions for 2022 (KnowBe4) KnowBe4’s Team of Cybersecurity Experts Release Predictions for 2022
The DomainTools Report, Fall 2021 (DomainTools) In the Fall 2021 edition of the DomainTools Report, we examine concentrations of phishing, malware, and spam activity along six domain characteristics.
Financial employees present heightened security risk in the age of work from home (SC Media) According to ObserveIT, more than half (55%) of enterprises report that their greatest internal risk comes from privileged users.
Do passwords impact productivity? (Axiad) Do passwords impact productivity? They do. 60% of US workers we surveyed said they stop them from doing their jobs! Today we released results of our new Axiad Fall 2021 Passwords & Productivity Survey...
'The Matrix' Is the Best Hacker Movie (Wired) Most people point to 'Sneakers' or 'WarGames'. They’re all wrong. The Wachowskis actually invented the ultimate cyber superhero.
Marketplace
CyCognito nabs $100M to fight cyberattacks with bots (VentureBeat) CyCognito, a startup developing a bot-based platform to fight cyberattacks, has raised $100 million in venture funding.
Neustar Security Services Spins Out with Focused Investment to Foster Accelerated Growth (Neustar) Neustar Security Services has become the newest portfolio company of Golden Gate Capital and GIC
TransUnion and Neustar Announce Transaction Close (TransUnion) TransUnion (NYSE: TRU) and Neustar Inc. (“Neustar”), today announced that TransUnion has completed its $3.1 billion acquisition of Neustar from a private investment group led by Golden Gate Capital and with minority participation by GIC.Neustar, a premier identity resolution company with leading solutions in Marketing, Fraud and Communications, ...
TransUnion Completes Acquisition of Sontiq (TransUnion) TransUnion (NYSE: TRU) announced today that it has completed the acquisition of Sontiq, a leader in digital identity protection and security, for $638 million.Sontiq provides solutions including identity monitoring, restoration, and response products and services to empower consumers and businesses to proactively protect against identity theft a...
Cloud security firm Panther Labs raises fresh funds at $1.4 bln valuation (Reuters) Panther Labs raised $120 million in fresh capital as part of an early-stage financing round led by investment manager Coatue, valuing the cloud-based security analytics platform at $1.4 billion.
Crypto whitehat security firm CertiK bags $1 billion valuation after Sequoia raise (CryptoSlate) CertiK today announced the completion of an $80 million Series B2 financing round. This investment is led by Sequoia.
Karamba Security Raises $10M in New Funding from Leading Asian Corps. (Businesswire) Karamba Security today announced it has secured $10 million in new funding in an extension to its B Round financing. VinFast, a member of Vingroup, th
Latham-Led Cybersecurity Biz ReliaQuest Tops $1B Valuation (Law360) ReliaQuest, a cybersecurity company guided by Latham & Watkins, said Wednesday it has surpassed a $1 billion valuation in a growth equity round led by global investment firm KKR & Co. Inc.
Frontegg raises $25M for its user management platform (TechCrunch) Frontegg, a Tel Aviv-based startup that provides SaaS companies with the core user management tools they need to build their own services, today announced that it has raised a $25 million Series A funding round led by Insight Partners. Existing investors Pitango, which led the company’s $5 mi…
Israeli spyware maker NSO's new secret op (Haaretz) Israeli NSO has secretly teamed up with a cyber firm exploiting big-tech vulnerabilities. 'Realmode Labs' has recently demonstrated a major breach capability into Amazon servers.
Inside NSO, Israel’s billion-dollar spyware giant (MIT Technology Review) The world’s most notorious surveillance company says it wants to clean up its act. Go on, we’re listening.
Digital privacy firm Haventec wins the cybersecurity award (InnovationAus) Sydney digital privacy firm Haventec has won the cybersecurity award at the InnovationAus 2021 Awards for Excellence in recognition of its globally-patented platform stopping usernames and passwords from being stolen. The InnovationAus2021 Awards for Excellence were presented at a gala black-tie dinner held on Wednesday night at the Overseas Passenger Terminal in Sydney. The cybersecurity category was sponsored by Mimecast, and was awarded to Haventec.
Dorsey’s Twitter Departure Hints at Tech Moguls’ Restlessness (New York Times) Jack Dorsey, who is stepping down after six years as Twitter’s chief executive, is one of the tech leaders who seem to have grown tired of managing their empires.
ID.me Appoints Erin Teague to Board of Directors (PR Newswire) ID.me, the secure digital identity network with 65 million members, today announced it has appointed Erin Teague to its Board of Directors....
RightCrowd Names Chief Technology Officer as Company Continues to Strengthen Management Team (PR Newswire) RightCrowd (ASX: RCW / OTCQB: RCWDF), a leading provider of safety, security and compliance solutions, announced that Bryan Jones has joined...
CYREBRO Expands Leadership Team with Appointment of New Chief Financial Officer (PR Newswire) CYREBRO, a leading global cybersecurity company that provides an interactive SOC platform for businesses of all sizes, today announced that...
Products, Services, and Solutions
CrowdStrike DTEX Systems Deliver Behavioral DLP (Dtex Systems Inc) CrowdStrike and DTEX Systems partner to deliver a first-of-its-kind workforce cyber security approach to behavioral data loss prevention.
CISA Selects CrowdStrike to Protect the Nation’s Critical Endpoints & Workloads (CrowdStrike) Cybersecurity and Infrastructure Security Agency (CISA) selected CrowdStrike as one of the major platforms to support the Executive Order EDR initiative.
Immuta Announces the Availability of SaaS for Modern Data Stacks (Immuta) Immuta SaaS enables data teams to automate data access control across their cloud data environment without having to worry about maintenance or infrastructure costs Immuta, the leader in universal cloud data access control, today announced the general availability of Immuta software as a service (SaaS) deployment. Immuta SaaS, which recently received its SOC 2 Type...
RedSeal Opens Stratus Early Adopter Program to Security Teams Struggling with Cloud Security (GlobeNewswire News Room) Stratus – a SaaS-based Cloud Security Posture Management (CSPM) solution -- addresses dangers of exposure and unintended access issues; Free webinar and...
Fudo Security Raises The Bar With New IT Infrastructure Protection Enhancements, Bolstering Zero Trust Philosophy (Businesswire) Fudo Security announces new capabilities to its award-winning PAM solution with enhanced IT infrastructure protection bolstering Zero Trust.
Cybereason and SiS International Limited Partner to Protect Joint Customers in Hong Kong from Cyberattacks (Yahoo) Cybereason, the leader in operation-centric attack protection, and SiS International Limited, a leading IT distributor in Hong Kong, today announced a partnership to protect enterprises in Hong Kong from sophisticated cyberattacks.
Panasas Joins Thales Accelerate Partner Network to Collaborate on Storage Security for High-Performance Computing (Businesswire) Panasas has joined the Thales Accelerate Partner Network and will work together with Thales to safeguard HPC storage systems and customer data.
TitanHQ Launch SpamTitan Plus to Combat Zero-Day Email Phishing Attacks (GlobeNewswire News Room) New SpamTitan Plus delivers best-in-class phishing protection with zero-day threat intelligence and URL databases not found in any other anti-phishing...
Plurilock Announces Fall 2021 Product Release (Nasdaq) Plurilock Security Inc. and related subsidiaries , an identity-centric cybersecurity solutions provider for workforces, has announced the availability of its Fall 2021...
Empired launches new app to reduce human error and improve security (Security Brief) The Empired User Secure Score works alongside Microsoft Teams, to give organisations a bird’s eye view of the level of security compliance from their team.
Ondato debuts AI-enabled spoofing detection tool to combat rise of document fraud (Finextra) Ondato, the leading Compliance-as-a-Service platform, has launched a new AI-enabled ID forensics system that makes it impossible to submit spoof documents, such as altered photos, ID papers, and deep fake videos, as part of any customer on-boarding process.
Reverse Engineering Ebpfkit Rootkit With BlackBerry's Free IDA Processor Tool (BlackBerry) As eBPF adoption increases, so will the need to reverse-engineer eBPF programs. To make the lives of reverse-engineers easier, BlackBerry is making a new reverse-engineering tool publicly available.
IGI Cybersecurity Introduces CISO Team-as-a-Service to Meet Growing Industry Demands for Cybersecurity Expertise (Accesswire) IGI Cybersecurity now offers a service that gives customers access to a CISO-led team of practitioners with a variety of skills and expertise PITTSFORD, NY / ACCESSWIRE / December 2, 2021 / Infinite Group, Inc. (IGI) (OTCQB:IMCI) has added a new service to its portfolio to give customers access to its full team of security experts. CISO Team-as-a-Service™ (TaaS) is designed to help customers meet their business requirements around
Technologies, Techniques, and Standards
After the Attack - Mitigating Organizational Impacts of a Data Breach (Infosecurity Magazine) Read this whitepaper to understand the 3 major organizational impacts of a data breach and how to mitigate the risk.
Still paying for antivirus software? Experts say you probably don't need it (NBC News) Josh Brunty had spent more than a decade in cybersecurity — first as a digital forensics analyst for the West Virginia State Police, then as someone who taught
An Understandable Guide to Zero Trust Architecture (JD Supra) While cybersecurity professionals are generally nice people, and I have nothing against them, they have trust issues. Their spouse, friends, and...
Challenge abounds: Dealing with unsecured databases (Digital Journal) Businesses need to be mindful of the complexity of the threats involved.
The problem with near-misses in cybersecurity (Security Brief) Cybersecurity is treated a lot like aviation security. Breaches that don't result in catastrophic consequences don't stay in the national psyche for very long, in much the same way near-misses in aviation don't invite much public scrutiny.
Legislation, Policy, and Regulation
Cybersecurity experts: small- and medium-sized businesses are sitting ducks (Fortune) “There’s this whole set of companies that are legitimate national security targets now, and they don’t know it.”
Blinken says Russia could move on Ukraine ‘on short order’ (Military Times) Tensions over a Russian troop buildup along the border of Ukraine have been a focus of Blinken’s weeklong Europe trip.
Putin demands NATO guarantees not to expand eastward (Military Times) Putin’s statement came a day after he sternly warned NATO against deploying its troops and weapons to Ukraine.
U.S., NATO fully committed to Ukraine, says Blinken ahead of Lavrov talks (Reuters) NATO allies share an "unwavering commitment" to Ukraine's sovereignty, U.S. Secretary of State Antony Blinken said on Thursday, hours before he meets Russia's Foreign Minister Sergei Lavrov amid escalating East-West tensions over Ukraine.
Russia orders US diplomats to leave as Ukraine tensions escalate (Al Jazeera) Diplomatic row between Moscow and Washington deepens as US-headed NATO alliance holds talks on Ukraine.
Lithuania mulls state of emergency on Polish border to stop migrants (Reuters) Lithuania's government said on Wednesday it would ask parliament to declare a state of emergency on its border with Poland from Dec. 10 as part of efforts to prevent the smuggling of migrants.
China Publishes Draft Data Transfer Requirements That Heavily Favor Data Localization (JD Supra) As drafted the new measures specify security assessment and contract requirements but leave ample room for Chinese authorities to heavily restrict...
Huawei’s future in Canada hangs in balance as feds’ 5G review due soon, again (The Logic) Timelines have shifted, who’s in charge is unclear and how a Huawei ban would work is unstated
CSAC Members (CISA) The CISA Cybersecurity Advisory Committee (CSAC) is comprised of the nation’s leading experts on cybersecurity, technology, risk management, privacy, and resilience.
Senator wants to know what agencies are doing to protect employee cell phones (Federal News Network) In today’s Federal Newscast, Sen. Wyden wants to know what agencies are doing to deploy countermeasures and protect employees and critical facilities.
EXCLUSIVE: Pentagon weighing reorganization of AI, data offices - Breaking Defense (Breaking Defense) The Defense Digital Service (DDS), the Joint Artificial Intelligence Center (JAIC) and the office of the Chief Data Officer (CDO) would all report up to a new individual, tentatively named the Chief Data & AI Officer.
Biden expected to nominate first woman as Army Cyber chief (The Record by Recorded Future) President Joe Biden is expected to pick Brig. Gen. Maria Barrett to be the first female leader of U.S. Army Cyber Command, according to two people familiar with the decision.
Litigation, Investigation, and Law Enforcement
The US crackdown on Chinese economic espionage is a mess. We have the data to show it. (MIT Technology Review) The US government’s China Initiative sought to protect national security. In the most comprehensive analysis of cases to date, MIT Technology Review reveals how far it has strayed from its goals.
Belarus Hackers Declared Terrorists After Exposing Dubious Donation to Regime (OCCRP) The Belarusian Supreme Court declared on Tuesday a network of informal pro-democracy organizations a ‘terrorist movement’ after some of its members revealed that an oligarch had donated expensive cars to the regime the same year he was given control over the country’s tobacco industry.
Treasury Crypto Security Sanction Blocks Exchange Favored by Ransomware Actors (Security Intelligence) The U.S. government blocked SUEX for harming crypto security by facilitating ransomware actors. See what this means for today's big ransomware gangs.
Russian national sentenced to prison for creating online "safe haven" for cybercriminals (Newsweek) The man pleaded guilty to one count of conspiracy to engage in a racketeer-influenced corrupt organization.
Bulletproof hosting founder imprisoned for helping cybercrime gangs (BleepingComputer) 34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015.
FIN7 hacker trialed in Russia gets no prison time (The Record by Recorded Future) A Russian court handed down a mild one-year suspended prison sentence to a member of the FIN7 hacking group, a notorious cybercrime cartel that has hacked more than 100 US companies between 2015 and 2018.
FBI seized Bitcoins worth $2.3 million from REvil affiliate (Computing) The cash comes from ransomware payouts to mitigate REvil attacks
Ubiquiti hack may have been an inside job, federal charges suggest (The Verge) The DOJ alleges the "whistleblower" was actually the culprit
Former Ubiquiti employee charged with hacking and extorting company (The Record by Recorded Future) An Oregon man and a former employee of Ubiquiti Networks was arrested and charged today with hacking the company's servers, stealing gigabytes of information, and then attempting to extort his employer for $2 million when Ubiquiti began investigating the breach.
SIM Hijacking Attack Lands Hacking Group Member in Jail (Decipher) The sentencing comes as the FCC grapples with how it can better safeguard consumers against SIM hijacking attempts.
T-Mobile Investor Sues Over Massive Data Breach (Law360) A long-term T-Mobile stockholder launched a derivative suit against the telecom giant's current board of directors, alleging they misled investors about the company's protection of consumer data and failed to take substantial steps to prevent a massive data breach that occurred in August.
WSJ News Exclusive | Racy Affair Saga Between Jeff Bezos and Enquirer Reaches Final Chapter (Wall Street Journal) Investigations by federal officials on phone-hack and extortion claims haven’t led to public action. The government’s response marks a quiet end to a bizarre saga that captivated the business and media worlds.