Dateline the Internet: the Log4j vulnerability (Log4shell).
Log4shell: risk and reaction. (The CyberWire) Log4shell is a serious vulnerability. It's being actively exploited in the wild, and there's unlikely to be any single quick fix for it. We take a look at reactions to the incident.
Statement from CISA Director Easterly on “Log4j” Vulnerability (CISA) Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly released the following statement today on the “log4j” vulnerability:
Alert: Active scanning for Apache Log4j 2 vulnerability (CVE-2021-44228) (NCSC) The NCSC is advising organisations to take steps to mitigate the Apache Log4j 2 vulnerability.
Critical remote code execution vulnerability found in Apache Log4j2 library (Australian Signals Directorate | Australian Cyber Security Centre) A vulnerability exists in certain versions of Apache Log4j2 library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Affected Australian organisations should apply the available patch.
Apache Security Advisory - Canadian Centre for Cyber Security (Canadian Centre for Cyber Security) On 10 December 2021 Apache published a Security Advisory to address a critical vulnerability in the following product...
Log4j RCE 0-day actively exploited (CERT-NZ) Updated: 3.30pm, 13 December 2021 to provide link to list of related softwares' vulnerablity status. The widely-used java logging library, Log4j, has an unauthenticated RCE vulnerability if a user-controlled string is logged. This could allow the attacker full control of the affected server.
Update: Kritische Schwachstelle in log4j veröffentlicht (Bundesamt für Sicherheit in der Informationstechnik) Das Blog eines Dienstleisters für IT-Sicherheit[LUN2021] berichtet über die Schwachstelle CVE-2021-44228[MIT2021] in log4j in den Versionen 2.0 bis 2.14.1, die es Angreifern gegebenenfalls ermöglicht, auf dem Zielsystem eigenen Programmcode auszuführen und so den Server zu kompromittieren. Diese Gefahr besteht dann, wenn log4j verwendet wird, um eine vom Angreifer kontrollierte Zeichenkette wie beispielsweise den HTTP User Agent zu protokollieren.
[MaJ] Vulnérabilité dans Apache Log4j (CERT-FR) Une vulnérabilité a été découverte dans la bibliothèque de journalisation Apache log4j. Cette bibliothèque est très souvent utilisée dans les projets de développement d'application Java/J2EE ainsi que par les éditeurs de solutions logicielles sur étagère basées sur Java/J2EE.
Zero-Day Exploit Targeting Popular Java Library Log4j (Swiss Government Computer Emergency Response Team) On Friday morning, NCSC/GovCERT.ch received reports about a critical vulnerability in a popular Java library called “Log4j”. At the time of receiving these reports, the vulnerability apparently has been exploited by threat actors “in the wild” and no patch was available to fix the vulnerability (0-day exploit).
DHS warns of critical flaw in widely used software (CNN) The Department of Homeland Security's top cyber official on Saturday urged government and private-sector organizations to address a critical flaw in widely used software that hackers were actively using to try to breach networks.
German cybersecurity watchdog issues red alert warning on software (Reuters) Germany's federal cybersecurity watchdog, the BSI, on Saturday issued a red alert warning, its highest, on a flawed piece of widely-used software, saying it posed an "extremely critical threat" to web servers.
Log4j actively exploited, serious complications can occur according to CERT NZ (Security Brief) The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.
Companies Respond to Log4Shell Vulnerability as Attacks Rise (SecurityWeek) Government organizations and the private sector are responding to the disclosure of a critical vulnerability (CVE-2021-44228) affecting the widely used Log4j logging utility, as exploitation attempts are on the rise
Update on Apache Log4j Zero-Day Vulnerability (Security Intelligence) IBM X-Force shares the latest on the Apache vulnerability dubbed "Log4Shell," a remote code execution vulnerability.
Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Hackers start pushing malware in worldwide Log4Shell attacks (BleepingComputer) Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability.
Log4Shell attacks began two weeks ago, Cisco and Cloudflare say (The Record by Recorded Future) While a public proof-of-concept code was released last Thursday, attacks exploiting the Log4Shell vulnerability started two weeks ago.
Apache Log4j Zero-Day Being Exploited in the Wild (Symantec) Symantec products will protect against attempted exploits of critical CVE-2021-44228 vulnerability
Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j (Fastly) CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.
Software Flaw Sparks Global Race to Patch Bug (Wall Street Journal) Cybersecurity researchers say they have seen thousands of attempts to exploit the bug.
'Especially dangerous' Java zero day discovered, same type as used in Equifax breach (Computing) Patch Log4j urgently admins urged, as memories of 2017 Equifax hack loom large
Log4Shell, The Worst Java Vulnerability in Years (Bugcrowd) On Dec. 9, 2021, a zero-day exploit was observed in the wild targeting a critical RCE vulnerability in Log4j, the ubiquitous open source logging tool. (Per NIST
Microsoft: Log4j exploits extend past crypto mining to outright theft (VentureBeat) The Log4j vulnerability, known as Log4Shell, is now seeing exploits such as crypto coin mining, credential theft, and more, Microsoft said.
The Internet’s biggest players are all affected by critical Log4Shell 0-day (Ars Technica) Seeing is believing. Critical Log4j vulnerability is an Internet-wide threat.
Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps (CSO Online) The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it.
Log4j Zero Day: (BankInfoSecurity) How serious is the Apache Log4j zero day vulnerability that was announced to the world on Friday? "It's big," says Sam Curry, Chief Security Officer at
Log4j: new software supply chain vulnerability unfolding as this holiday's cyber nightmare (MarketScreener) Nearly a year ago the security world worked through a first-of-its-kind supply chain vulnerability during the SolarWinds/SUNBURST incident response. Now at...
‘The Internet Is on Fire’ (Wired) The flaw in the logging framework has security teams scrambling to put in a fix.
Log4j Vulnerability: APIs Causing Massive Risk Exposure (Noname Security) Vulnerability in the Apache Log4J2 vulnerability (CVE-2021-44228), dubbed “Log4Shell”, which can be easily exploited to take control of vulnerable systems remotely
Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit (PCMAG) The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers.
'The internet's on fire' as techs race to fix software flaw (AP NEWS) A critical vulnerability in a widely used software tool — one quickly exploited in the online game Minecraft — is rapidly emerging as a major threat to organizations around the world.
Apache Log4j Threatens, Well, Everything (Security Boulevard) It doesn’t get much worse than this, at least according to cybersecurity experts. The RCE bug currently being actively exploited in the widely used Apache
It's already attacked 'Minecraft': The race is on to fix the biggest PC vulnerability in years (Mashable) Bad actors are already exploiting it.
Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package (LunaSec) Given how ubiquitous this library is, the impact of this vulnerability is quite severe. Learn how to patch it, why it's bad, and more in this post.
Log4Shell explained – how it works, why you need to know, and how to fix it (Naked Security) Find out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you!
Log4j Vulnerability: What You Need to Know (Bestgamingpro) It appears that hackers are very soon going to exploit a significant problem in Log4j, an open source Apache logging library that is widely used. Security professionals are working full speed to patch their systems in the hopes of averting a catastrophe. It’s a really terrible day, and things may get even worse quickly.
New zero-day exploit for Log4j Java library is an enterprise nightmare (BleepingComputer) Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike to ongoing remote code execution attacks.
Exploits Swirling for Major Security Defect in Apache Log4j (SecurityWeek) Enterprise security response teams are bracing for impact as public exploits -- and in-the-wild attacks -- circulate for a remote code execution flaw in the Apache Log4j Java logging utility.
Security warning: New zero-day in the Log4j Java library is already being exploited (ZDNet) Severe vulnerability in Java logging libraries allows unauthenticated remote code execution and access to servers, warn researchers.
Apache Log4j zero-day exploit could be used by hackers to target users on Steam, Twitter, Amazon, and other platforms (Notebookcheck) A zero-day exploit was recently identified within the Apache log4j logging library, which can potentially be used by hackers to take over entire servers via logging messages. The vulnerability affects a number of online services, from Steam and Twitter to Amazon and Minecraft, among others.
Apple, Cloudflare and Minecraft could be at risk from ‘critical’ security flaw (New York Post) Jen Easterly, head of DHS’s Cybersecurity and Infrastructure Security Agency, warned of breaches to Java-based software ‘Log4j’. Some of the world’s biggest tech firms use t…
0-Day Detection of Log4j2 vulnerability (Contrast Security) The world’s most used logging framework was just hit, but DevSecOps teams can quickly identify what’s impacted and where they focus their time
“Log4Shell” Java vulnerability – how to safeguard your servers (Naked Security) Just when you thought it was safe to relax for the weekend… a critical bug showed up in Apache’s Log4j product
Log4j zero-day gets security fix just as scans for vulnerable systems ramp up (The Record by Recorded Future) The Apache Software Foundation has released an emergency security update today to patch a zero-day vulnerability in Log4j, a Java library that provides logging capabilities.
Cybereason Releases Vaccine to Prevent Exploitation of Apache Log4Shell Vulnerability (CVE-2021-44228) (Cybereason) Cybereason researchers have developed and released a "vaccine” for the Apache Log4Shell vulnerability (CVE-2021-44228) - the vaccine is now freely available on GitHub and it is a relatively simple fix that requires only basic Java skills to implement...
Cyber Pandemic Update – Protect yourself against a widely exploited vulnerability CVE-2021-44228 (Apache Log4j2 versions 2.14.1) (Check Point Software) What happened? On December 9th, an acute remote code execution (RCE) vulnerability was reported in the Apache logging package Log4j2 versions 2.14.1 and
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately (Bitdefender Labs) Log4Shell is a 0-day vulnerability in the Log4j Java library that allows
attackers to download and run scripts on targeted servers, leaving them open to
complete remote control.
The Log4j vulnerability is bad. Here’s the good news (VentureBeat) The Apache Log4j vulnerability came to light quickly, which should help with the security response, cybersecurity executives said.
Rapid Response: Critical RCE Vulnerability Is Affecting Java (Huntress) Our team is currently investigating CVE-2021-44228, a critical vulnerability that’s affecting a Java logging package.
It could take years for applications using vulnerable version of Java log4j library to be patched, says expert (Channel Daily News) Infosec leaders around the world are being urged to heed warnings from national computer emergency teams, software…
Facing cybersecurity threats, Quebec shuts down government websites for evaluation (CBC) The province is checking nearly 4,000 government websites for potential vulnerabilities, including sites for the education and health networks.
Massive software flaw with global reach forces Quebec to shut government websites (Global News) Quebec says it is shutting down almost 4,000 government websites as a preventative measure following threats of a cyberattack.
Thousands of Canadian websites offline over cybersecurity threat (The Globe and Mail) Federal Defence Minister Anita Anand said Ottawa is aware of a ‘vulnerability’ in a software product, ‘which has the potential to be used by bad actors in limited and targeted attacks’
Attacks, Threats, and Vulnerabilities
An ‘Alt-Jihad’ Is Rising On Social Media (Wired) The playbook of the “alt-right” is guiding a new generation of fringe jihadists, showing just how complicated extremism is about to become online.
1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs (Wordfence) Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for attackers to update arbitrary options on vulnerable sites. This led us into an investigation which uncovered an active attack targeting over a million WordPress sites. Over the past 36 hours, the Wordfence network ...Read More
Massive attack against 1.6 million WordPress sites underway (BleepingComputer) Wordfence analysts report having detected a massive wave of attacks in the last couple of days, originating from 16,000 IPs and targeting over 1.6 million WordPress sites.
This old malware has just picked up some nasty new tricks (ZDNet) The crafty Qakbot trojan has added ransomware delivery to its malware building blocks.
New 'Karakurt' hacking group focuses on data theft and extortion (BleepingComputer) A sophisticated cybercrime group known as 'Karakurt' who has been quietly working from the shadows has had its tactics and procedures exposed by researchers who tracked recent cyberattacks conducted by the hackers.
Study: Most phishing pages are abandoned or disappear in a matter of days (TechRepublic) Research from Kaspersky finds that a quarter of phishing sites are gone within 13 hours — how in the world can we catch and stop cyber criminals that move so quickly?
Vulnerabilities in Eltima SDK affect popular cloud desktop and USB sharing services (Help Net Security) There are a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services.
Brazil health ministry website hit by hackers, vaccination data targeted (Reuters) Brazil's health ministry said its website was hit on Friday by a hacker attack that took several systems down, including one with information about the national immunization program and another used to issue digital vaccination certificates.
Brazilian Ministry of Health suffers cyberattack and COVID-19 vaccination data vanishes (ZDNet) Hackers claimed to have copied and deleted 50 TB worth of data from internal systems.
PM Modi's Twitter account hacking: Over 30,000 cyber attacks targeted govt organisations this year (The Times of India) India News: NEW DELHI: Prime Minister Narendra Modi's Twitter handle was hacked for a brief time on Sunday with a tweet declaring that India has "officially adopt.
Indian Prime Minister Modi’s account was hacked (TechCrunch) During the time it was compromised, Prime Minister Narendra Modi’s account tweeted falsely saying that India had officially adopted bitcoin as a legal tender.
Swiss Minister’s Data Exposed After Buying Crypto, Paper Says (Bloomberg) Swiss federal councilor Alain Berset was the victim of a data breach that made his address, private email and home phone number public after a company he used to buy cryptocurrency was hacked, Swiss newspaper Le Matin Dimanche reported.
Volvo Cars discloses security breach leading to R&D data theft (BleepingComputer) Swedish carmaker Volvo Cars has disclosed that unknown attackers have stolen research and development information after hacking some of its servers.
Volvo finally confirms "potential" theft of R&D data (The Record by Recorded Future) Swedish automaker Volvo confirmed today a security breach and the theft of research and development (R&D) data from one of its file storage repositories.
Hackers Steal Research Data From Sweden's Volvo Cars (SecurityWeek) Swedish manufacturer Volvo Cars said Friday that hackers had stolen research and development data from its systems in a cyberattack.
A phishing campaign targets clients of German banks using QR codes (Security Affairs) Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. The messages used in a campaign recently discovered by cybersecurity firm Cofense use QR codes […]
Kryptowire Collaborates with Orange and Uncovers Major Vulnerabilities in Mobile Devices at Scale (AP NEWS) Press release content from PR Newswire. The AP news staff was not involved in its creation.
Amazon Web Services explains outage and will make it easier to track future ones (CNBC) Amazon's network devices got overloaded on Tuesday, the company said, resulting in issues that lasted for hours.
Summary of the AWS Service Event in the Northern Virginia (US-EAST-1) Region (Amazon Web Services, Inc.) We want to provide you with some additional information about the service disruption that occurred in the Northern Virginia (US-EAST-1) Region on December 7th, 2021.
Opening of email attachment led to HSE cyber attack, report finds (The Irish Times) Ransomware attack could be repeated and HSE is taking steps to mitigate risk, says Reid
Irish health cyber-attack could have been even worse, report says (BBC News) A report found the attack on the healthcare system had "a far greater" impact than initially expected.
HSE cyber attack: How Russian criminals laid the bait that would ultimately bring the Irish health service to its knees (independent) The bait that would bring the Irish health service to its knees was secretly laid by an unscrupulous Russian criminal just before St Patrick’s Day.
Q&A: How did the HSE miss warning signs that could have prevented the cyberattack? (Irish Examiner) The PriceWaterhouseCooper report says concerns flagged by hospitals were not acted upon or reported to the gardaí
Colorado Energy Company Suffered a Cyber Attack Destroying 25 Years of Data and Shut Down Internal Controls (CPO Magazine) Delta-Montrose Electric Association (DMEA) suffered a malicious cyber attack that shut down 90% of its internal controls and wiped 25 years of historical data.
US Vice President Kamala Harris refrains from using Bluetooth headphones, here's why (Republic World) Kamala Harris has been seen wearing wired earphones on several occasions, prompting many to wonder what the VP has against wireless or Bluetooth headphones.
Kamala Harris Is Actually Right About the Bluetooth Headphones, You Nitwits (Futurism) Vice President Kamala Harris came under a little fire this week for the outrageous decision to not use Bluetooth headphones — but experts say she's right.
Warning as scammers pretend to be official (3FM) Manx police have issued a warning about scammers pretending to be from the Office of Cyber Security and Information Assurance.
GO Transit website back online after precautionary outage over cyber threat (Global News) Metrolinx said the GO Transit website was back online and fully functional as of 1:15 p.m. and thanked customers for their patience during the outage.
Investigation continues into cyber-attack on Oahu Transit Services (KITV Island News) The investigation continues into the cyber-attack on online servers at Oahu Transit Services.
ABS-CBN News website hit by cyber attack (ABS-CBN News) ABS-CBN News' website was hit Saturday by a DDoS (Distributed Denial of Service) attack, causing an outage that lasted about 6 hours.
Security Patches, Mitigations, and Software Updates
Fujitsu Retires Tool Targeted by Threat Actors (SecurityWeek) Japanese tech giant Fujitsu has announced plans to retire the ProjectWEB project information sharing tool after it was targeted by threat actors earlier this year.
WD Updates SanDisk SecureAccess to Prevent Dictionary, Brute Force Attacks (SecurityWeek) WD has updated its SanDisk SecureAccess (PrivateAccess) product to address vulnerabilities that could have been leveraged for brute force and dictionary attacks.
Apple Set to Release Nudity Detection in Texting, But Other Features Remain on Hold (Bloomberg) Apple Inc. is set to release new features with iOS 15.2, including scanning for nude photos sent to or from children in Messages. But other additions—like digital ID cards—remain elusive. Plus, even more members of the Apple car team depart, and a former Amazon Echo executive heads to Google Maps.
Trends
DARKTRACE REPORTS INFORMATION TECHNOLOGY AND COMMUNICATIONS SECTOR MOST TARGETED BY CYBER-ATTACKERS IN 2021 (PR Newswire) Darktrace, a global leader in cyber security AI, today reported that the information technology (IT) and communications sector was the most...
HackerOne releases its ethical hacking security report for the year 2021 (Digital Information World) In the current year, more than 66,500 accurate vulnerabilities were exposed by the ethical hacker, inside the HackerOne security report 2021.
Hacker-powered pentests gaining momentum (Help Net Security) Hacker-powered pentests are seeing a 264% increase in reported vulnerabilities, a HackerOne report has revealed.
‘Terror Contagion’ Director Laura Poitras On Dangers Of Israeli Company’s Pegasus Malware: “It’s Classified As A Cyber Weapon” (Deadline) With voting now underway for the Oscar documentary shortlists, Academy Doc Branch members are choosing from a variety of contenders, including one from Laura Poitras, director of the Oscar-winning …
83% of Brits Believe 1984's Hyper-Surveillance Themes Are Coming True (TechRound) 83% of Brits believe the hyper-surveillance themes of ‘1984’ are coming true today, as the iconic novel is re-released as ‘2021'.
Jede dritte Familie ist bereits einer Phishing-Mail zum Opfer gefallen (Mimikama) Phishing-Mails können jeden treffen, egal ob im Büro oder in den eigenen vier Wänden. Mit Kindern steigt das Risiko von Phishing-Versuchen
C-suite’s biggest ransomware fear: Post-attack regulatory sanctions (ComputerWeekly.com) Exposure to regulatory sanctions such as fines are the biggest worry for C-suite executives in the wake of a ransomware attack.
Marketplace
Afero Raises $50 Million for Its Secure IoT Platform (SecurityWeek) Afero closes a $50 million Series C investment round led by Crosspoint Capital Partners.
The Israeli Harvard professor who raised $30 million from Tiger Global and Sequoia to eliminate risks of AI (CTECH) Professor Yaron Singer’s company Robust Intelligence develops an AI Firewall that monitors and prevents data that leads to errors and risks
Romanian antivirus company Bitdefender prepares $2bn IPO in the US (BNE) Romanian IT security solutions producer Bitdefender, best known for its antivirus software, has hired investment banks JP Morgan and Morgan Stanley ...
Romanian cybersecurity firm Bitdefender hires JP Morgan and Morgan Stanley for US IPO (Romania Insider) Romanian IT security solutions producer Bitdefender hired investment banks JP Morgan and Morgan Stanley to help it launch an IPO on the US market, Profit.ro announced quoting Unquote portal....
Check Point pushed out of Nasdaq 100 Index (Globes) Check Point is being removed from the prestigious list of the 100 largest non-financial companies traded on Nasdaq.
Crowe expands Texas operations with Briggs & Veselka acquisition (Consulting) Crowe, a mid-market accounting and consulting firm, has expanded its presence in Texas with the acquisition of Briggs & Veselka, the largest locally owned accounting and consulting firm in Houston.
Who Are You? Venture Investment In Identity Management Hits New Levels (Crunchbase News) Figuring out better ways to ID and authenticate people is something security experts have been working on for decades—and while new methods are seeing slow adoption, they are realizing large dollar investment from venture capitalists.
Okta Joins the OpenID Foundation Board to Further Advance Open Identity Standards (Businesswire) Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity, today announced it has joined the OpenID Foundation as a sustaining member. Th
Products, Services, and Solutions
Invixium Integrates Biometric Solutions with AEOS by Nedap (Invixium) Invixium Integrates Touchless Face Recognition and Multi-Factor Biometric Solutions with AEOS Access Control
IronNet Wins 2021 Threat Detection Product of the Year at the Cyber Security Awards (Businesswire) IronNet, Inc. (NYSE:IRNT) (“IronNet”), an innovative leader in Collective Defense and Network Detection and Response (NDR), today announced its IronDo
Vaultree Joins FDATA to Bring Enhanced Encryption to Major Global Financial Firms (Vaultree) <p>Vaultree Joins FDATA to Bring Enhanced Encryption to Major Global Financial Firms</p>
Aite-Novarica Group Recognizes Socure as the Only Vendor in Its Best-in-Class Circle Amongst Eight Competitors in Its Global Document Identification and Verification Impact Report (Businesswire) Socure, the leading provider of digital identity verification and fraud solutions, announced its industry-leading predictive identity document verific
Concentra Bank and Cinchy Share Award for ‘Best Core Banking Solution Provider for COVID-19 Rapid Response’ (Businesswire) Concentra Bank and Cinchy recognized as having
CACI partners with Yubico to enhance trusted mobile platforms (Help Net Security) CACI entered into a partnership with Yubico through a memorandum of understanding that establishes Yubico as the provider of MFA solutions.
Coalition Launches Captive to Accelerate its Growth in Cyber Insurance (PR Newswire) Coalition, the world's largest commercial insurtech provider, today announced it will launch a new captive to begin taking risk on its cyber...
PT Network Attack Discovery (Positive Technologies) PT NAD alerts about all dangerous threats and detects even modified versions of malware. To describe the full range of cyberthreats, our experts constantly explore the latest malware samples and hacker tools, techniques, and procedures. Each rule they create covers an entire malware family.
New infosec products of the week: December 10, 2021 (Help Net Security) The featured infosec products this week are from: Action1, Cloudflare, Code42, F5 Networks, NetQuest, Oxeye, SentinelOne and Tenable.
Technologies, Techniques, and Standards
There’s more to control system cybersecurity than IT and OT networks – TSA is missing that distinction (Control Global) The October 2, 2021 oil pipeline breach off Huntington Beach, California, was identified when workers saw a sheen of oil on the water. There was a leak detection system, but according to an Associated Press article, it wasn’t “fully functional.”
Microsoft launches center for reporting malicious drivers (The Record by Recorded Future) Microsoft has launched this week a special web portal where users and researchers can report malicious drivers to the company's security team.
Q&A: the impact of environmental conditions on biometric authentication. (Fime Group) User adoption of biometric authentication has accelerated in recent years, yet some users are still cautious. Fime is exploring ways to innovate on biometric evaluation to help solution providers to launch reliable and high-performance products.
Cyber Authority runs nationwide anti-hacking drill (Jerusalem Post) According to an INCD statement, the drill will focus on employees from around 20 large organizations who will be targeted with a wide variety of 'phishing' hacking techniques.
Israel said to lead 10-country simulation of major cyberattack on world markets (Times of Israel) Report says 10-day simulation held in Jerusalem tested several scenarios, is aimed at promoting international cooperation to minimize damage to global financial systems
Introducing LoRa (Long Range) Wireless Technology - Part 1 (Black Hills Information Security) Ray Felch // This write-up is the first of a multi-part series, providing an introduction to LoRa wireless technology and the LoRaWAN, low-power wide-area network (LPWAN). Interestingly, I came across this technology while researching a GPS tracking project that I was working on and quickly determined that this technology might be a viable alternative to […]
When should you ignore an instruction from your boss? (IT-Online) As organisations around the world spend ever more on cybersecurity tools, cyber criminals are increasingly using a simple yet effective way to access organisations’ data or money – business email compromise (BEC) or CEO fraud. International security awareness organisation, KnowBe4, explains that in this form of scam, cyber criminals gain access to – or convincingly […]
Academia
Cheyney University launches new cybersecurity program to address diversity in tech careers (PhillyVoice) The first 25 students to complete the 6-month course may be eligible for certification and job opportunities
Legislation, Policy, and Regulation
Biden’s democracy summit should produce a transatlantic anti-corruption strategy (Atlantic Council) The Biden administration's impressive new corruption strategy should inspire the UK and EU to join in.
The Future of Conquest (Foreign Affairs) Fights over small places could spark the next big war.
G7 warns Russia of 'massive' consequences if Ukraine invaded (AP NEWS) LIVERPOOL, England (AP) — The Group of Seven economic powers told Russia on Sunday to “de-escalate” its military buildup near the Ukrainian border, warning that an invasion would have “massive consequences” and inflict severe economic pain on Moscow.
Don’t Sell Out Ukraine (Foreign Affairs) The west must respond to Russia with strength, not appeasement.
Six ways Russia views Ukraine — and why each should worry the West (Washington Post) Since President Biden’s call with Russian President Vladimir Putin over the Ukraine crisis, Russian officials have dug in deeper: blaming NATO for the confrontation, dismissing Ukraine as a puppet state of the West and ruling out a pullback of Russian forces massed near Ukraine’s border.
NATO membership still possible for Ukraine, alliance chief says (Stars and Stripes) Ukraine’s quest to eventually join NATO has been a major point of contention with Russia, which has used Kyiv’s increasingly closer ties with the West as a justification for its military buildup on Ukraine’s borders.
Ukraine Says It Can Deter a Russian Invasion With Air Defenses; NATO Calls for ‘Adjustments’ (Air Force Magazine) NATO members call for eastern flank “adjustments,” and Ukraine needs to know the U.S. will deliver air defenses to deter a Russian attack.
Russia’s Internet Censorship Machine Is Going After Tor (Wired) The attempt to block the site, which helps users mask their online activity, is the latest step in the country's efforts to control the internet.
Biden admin holds back extra military aid to Kyiv amid diplomatic push (NBC News) The Biden administration prepared a major package of additional military assistance for Ukraine in recent weeks but chose to hold off on delivering the aid.
Kicking Russia Off of SWIFT Might Not Be the Nuclear Option (Foreign Policy) But additional economic sanctions under study could be more devastating to Moscow than the last ones were.
Biden’s latest attempt to curb cyber surveillance leaves much to be desired (Israel Defense) Only three other countries signed a new initiative on the matter, out of more than 100 which participated at the Summit for Democracy, held virtually last week
It’s time for democracies to protect dissidents from spyware (TechCrunch) Only by enacting stronger regulatory and legal protections can democracies ensure their survival, enable free speech to flourish and safeguard their citizens' well-being.
Officials press for actionable recommendations from new cyber advisory committee (TheHill) Top officials at the Department of Homeland Security (DHS) on Friday urged a newly established advisory committee composed of experts from across sectors to propose solutions to help tackle the growing wav
CISA Director tells new Advisory Committee she wants more than just talk (The Record by Recorded Future) First meeting focused on building functional cooperation between the public and private sectors to defend America's networks.
New White House policy gives agencies 24 hours to assess cyberattacks of potential national security concern (CNN) The White House has enacted a new policy requiring the FBI and other agencies to help US officials quickly assess whether a cyberattack "rises to the level of a national security concern" that could hamper the provision of key services such as fuel or food, according to a National Security Council memo obtained by CNN and two US officials.
US Cyber Command Goes on the Offensive (Security Boulevard) This past week, General Paul Nakasone, who is both head of U.S. Cyber Command and director of the National Security Agency, acknowledged that the United
Corruption, Cybercrime In Crosshairs For DOJ Crime Chief (Law360) As the Biden administration marshals the full power of the federal government to tackle global corruption and cybercrime, U.S. Department of Justice Criminal Division chief Kenneth Polite says his unit stands ready with a strong pipeline of cases and a new task force in the works.
DOD needs stronger way to gauge effectiveness of cyber program, GAO says (FedScoop) The DOD's Cybersecurity Maturity Model Certification program needs better communication and stronger management, a GAO review found.
GAO Finds Cybersecurity Improvements at NIH and Identifies Remaining Areas of Weakness (Homeland Security Today) The National Institutes of Health’s (NIH) duties include researching infectious diseases and administering over $30 billion a year in research grants. NIH uses IT systems containing sensitive data to carry out its mission.
Congress must do more to stop China’s military-industrial spying on US campuses (New York Post) A new report from the Foundation for Defense of Democracies details how China-sponsored Confucius Institutes at campuses across America facilitate Beijing’s espionage.
US, Australia, Japan to fund undersea cable in Pacific (Al Jazeera) The announcement is the latest funding commitment in the telecommunications sector of the Pacific.
U.S. senators announce bipartisan social media data transparency bill (Reuters) Three U.S. senators, two Democrats and a Republican, announced on Thursday a bill to require social media companies like Facebook, now known as Meta Platforms Inc , to give certain researchers access to its data.
Germany's new government vows to support end-to-end encryption while UK looks to undermine it (Computing) This is opposite to what British government thinks about the use of encryption on digital platforms
Litigation, Investigation, and Law Enforcement
Russian Who Helped Kelihos Malware Evade Detection Sentenced to 4 Years in Prison (SecurityWeek) Oleg Koshkin, the Russian national who helped the Kelihos malware evade detection, has been given a 4-year prison sentence in the United States.
EFF sues spyware maker DarkMatter for illegally hacking Saudi activist (TechCrunch) The Electronic Frontier Foundation (EFF) has filed a lawsuit against spyware maker DarkMatter, along with three former members of U.S. intelligence or military agencies, for allegedly hacking the iPhone of a prominent Saudi human rights activist. The lawsuit was filed on behalf of Loujain al-Hathl…
I Accidentally Hacked A Peruvian Crime Ring (Wired) I arrived in paradise. I got a new phone number. Then the eggplant and gun emojis starting pouring in.
Delta cybercop Europe-bound in hunt for ransomware attacker (Global News) The Delta police cybercrime unit shared "digital fingerprints" of a recent cyber-attack with Europol. The same identifiers were linked to attacks in several European countries.
Police: Man fatally shot ex-girlfriend in Baltimore before killing ex-wife and himself in Columbia, broadcast his intentions on Facebook video (Baltimore Sun) A man forced his way into a Federal Hill home and shot his girlfriend to death Saturday afternoon before heading to Columbia, where he gunned down his ex-wife and took his own life, police officials said.