Dateline
Log4j vulnerabilities at midweek. (The CyberWire) As organizations continue to work toward securing themselves against exploitation of the Log4shell Apache vulnerability, a new, related, flaw is discovered and addressed. Active exploitation of Log4shell has moved beyond the low-level, opportunistic crime observed over the weekend to ransomware delivery and, finally, exploitation by nation-state espionage services.
Global Fight Against Log4j Vulnerability Relies on Apache Volunteers (Wall Street Journal) Members of the nonprofit Apache Software Foundation are racing to fix a potentially disastrous bug in the free, open-source Log4j tool, which has been downloaded millions of times.
Second Log4j vulnerability discovered, patch already released (ZDNet) Apparently the patch for the first vulnerability was "incomplete."
Second security flaw found in Log4Shell software — what this means for you (Tom's Guide) New vulnerability could knock websites offline
CVE -
CVE-2021-45046
(MTRE) CVE® is a list of records — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
CISA probes scope, potential fallout of Log4j vulnerability (CyberScoop) A top government cyber official said Tuesday that the Cybersecurity and Infrastructure Security Agency hasn’t seen hackers compromise federal agencies by exploiting the Apache Log4j vulnerability — but the agency’s still fearful of widespread attacks stemming from it.
Cybersecurity official warns software vulnerability could affect 'hundreds of millions of devices' (ABC News) A top government cybersecurity official on Tuesday warned "hundreds of millions of devices" could be linked to vulnerable software.
EXPLAINER: The security flaw that's freaked out the internet (AP NEWS) Security pros say it's one of the worst computer vulnerabilities they've ever seen. They say state-backed Chinese and Iranian hackers and rogue cryptocurrency miners have already seized on it.
The Log4j software bug could put your favorite sites at risk (CNET) Casual computer users might not have heard of the logging software, but it's used across the internet.
Log4j: List of vulnerable products and vendor advisories (BleepingComputer) News about a critical vulnerability in the Apache Log4j logging library broke last week when proof-of-concept exploits started to emerge on Thursday.
10 vendors affected by the log4j vulnerability (CRN Australia) Including AWS, ConnectWise, IBM and more.
Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions (Imperva) Since it was disclosed on Friday, December 11, I have spoken with many customers about CVE-2021-44228 and the ways Imperva is working to ensure that they are protected. Countless others have contacted us with questions about ways to mitigate the impact from the Log4j vulnerability. In the spirit of transparency and information sharing, we’ve aggregated […]
The numbers behind a cyber pandemic – detailed dive (Check Point Software) To get immediate support from our incident response team on Log4j CLICK HERE *Updated 14.12.2021 06:00 PST Precisely one year after the SolarWinds Hack,
Log4Shell vulnerability: What we know so far (WeLiveSecurity) The zero-day flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what you should know.
New data and insights into Log4Shell attacks (CVE-2021-44228) (Fastly) We’re sharing our latest data and insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228) to help the engineering community cope with the situation, including guidance around testing your environment against new methods that have been seen.
Log4Shell Tools and Resources for Defenders - Continuously Updated (SecurityWeek) SecurityWeek has compiled a list of useful Log4Shell tools and resources for defenders.
How a true zero-trust architecture could have minimized the impact of Log4j - and still can (SiliconANGLE) How a true zero-trust architecture could have minimized the impact of Log4j - and still can - SiliconANGLE
ExpressVPN Delivers Log4Shell Protection to Users (Home of internet privacy) ExpressVPN has rolled out a protective layer for the Log4J vulnerability. All ExpressVPN users benefit from this protection.
Chinese, Iranian State Hackers Exploiting Log4j Flaw: Mandiant (SecurityWeek) Chinese and Iranian state actors are exploiting the “Log4Shell” vulnerability (CVE-2021-44228) that has sparked chaos across the cybersecurity industry
Log4Shell attacks expand to nation-state groups from China, Iran, North Korea, and Turkey (The Record by Recorded Future) Nation-state groups from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) vulnerability to gain access to targeted networks, Microsoft said on Tuesday.
Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation (Microsoft Security Blog) Microsoft is tracking threats taking advantage of the CVE-2021-44228 remote code execution (RCE) vulnerability in Apache Log4j 2. Get technical info and guidance for using Microsoft security solutions to protect against attacks.
Hackers launch over 840,000 attacks through Log4J flaw (Ars Technica) Researchers claim Chinese government groups are among the perpetrators.
U.S. cybersecurity officials see mainly low-impact attacks from logging flaw, so far (Reuters) The U.S. agency charged with defending the country against hacking said on Tuesday the majority of attacks it has seen using a recently disclosed flaw in widely used open-source software were minor, with many of them seeking to hijack computing power to mine cryptocurrency.
Industrial Organizations Targeted in Log4Shell Attacks (SecurityWeek) Industrial organizations are exposed to Log4Shell attacks and there already are reports of active exploitation of the vulnerability.
Log4j exploits attempted on 44% of corporate networks; ransomware payloads spotted (VentureBeat) Cyberattacks exploiting the Log4j vulnerability, Log4Shell, continue to spread and ransomware attempts using the flaw have now been seen.
Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability (ZDNet) Cybersecurity researchers warn on the growing pace of scans and attempted attacks looking to exploit the Java logging library security flaw.
New Khonsari ransomware family uses Log4j to target Windows systems (SC Media) Security researchers expect to see more, broader-based ransomware attacks in the coming weeks exploiting the Log4j vulnerability.
First Log4Shell attacks spreading ransomware have been spotted (The Record by Recorded Future) Romanian antivirus maker Bitdefender says it has spotted the first ransomware group that is abusing the recently disclosed Log4Shell vulnerability to infect and encrypt unpatched systems.
Log4j Causes Nearly 900K Cyberattacks in 4 Days (PYMNTS) There have been over 840,000 attacks on companies since Friday (Dec. 10) due to a vulnerability in the open-source Log4j software.
Will The Log4j Exploit Move Leaders To Heed Cybersecurity Warnings? (Forbes) A year since SolarWinds set the security world on fire, the Log4j vulnerability is the latest exploit with the potential to incur significant economic and national security harm. These exploits expose key lessons – and warnings – for organizational leaders and policymakers.
Attacks, Threats, and Vulnerabilities
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia (Symantec) Tentative link to Iran-backed Seedworm group.
Iranian APT Targets Middle East Telecoms Operators in Espionage Campaign (SecurityWeek) A cyberespionage campaign targeting telecoms operators, IT services organizations, and a utility company in the Middle East and other parts of Asia has been linked to the Iranian APT actor tracked as MuddyWater
Telecom operators targeted in recent espionage hacking campaign (BleepingComputer) Researchers have spotted a new espionage campaign targeting telecommunication and IT service providers in the Middle East and Asia.
Suspected espionage campaign targets telecoms, IT service firms in Middle East (CyberScoop) Hackers targeted a string of telecommunication operators and IT service organizations in the Middle East and Asia over the last six months, according to research published Tuesday. The suspected espionage activity targeted organizations in Israel, Jordan, Kuwait, Saudi Arabia, the United Arab Emirates, Pakistan, Thailand, and Laos, according to the research from Symantec’s Threat Hunter Team.
Iranian Hackers Abuse Slack For Cyber Spying (Forbes) IBM researchers claim an Iranian-linked crew called MuddyWater has been trying to avoid detection by using Slack to control their malware. It’s believed to be the first time a suspected state-backed hacking outfit has been seen using such a technique.
Nation State Threat Group Targets Airline with Aclip Backdoor (Security Intelligence) An attack on an Asian airline was uncovered, likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack. IBM Security X-Force experts share the findings from their research.
Press Release - Superior Plus (Superior Plus) Through its subsidiaries, Superior Plus distributes and markets propane and distillates, in both the U.S. and Canada, and supplies sodium chlorate, chlor-alkali and potassium and sodium chlorite in North America and internationally. Superior Plus aspires to be the leader in creating value through differentiation and best-in-class operations in all of the business segments we operate.
Brazilian Ministry of Health hit by second cyberattack in less than a week (ZDNet) According to the minister, a new event has "caused turmoil" as the department's IT function attempted to restore systems.
Scope of N.L. cyberattack grows as officials confirm breach of social insurance data (CTVNews) Newfoundland and Labrador officials revealed Tuesday that personal data belonging to everyone who has had a COVID-19 test in the province was stolen by the hackers behind a cyberattack launched Oct. 30 against the provincial health-care system.
Most Health Systems Affected by Cyber Attack Back Online; Scope of those Affected Broadened (VOCM) Most health systems affected by a recent cyber attack have been restored, but the scope of the privacy breach ...
Md. health department faces second week of disruption from cyberattack (Washington Post) Maryland’s health department has not released coronavirus case rates for a ninth straight day because of a cyberattack that the governor has described as not as crippling as initially feared.
School district was 'specifically targeted' in cyber attack, superintendent says (RiverheadLOCAL) The recent cyber attack on the Riverhead Central School District is believed to have been “specifically targeted" at Riverhead, according to Superintendent Augustine Tornatore.
Social media phishing is on the rise. (Verizon) Phishing via social media is a bit different from other types of phishing.
5 warning signs your identity has been stolen (WeLiveSecurity) How do you know if you’ve been affected by identity theft? By spotting these early warning signs, you can minimize the impact on you and your family.
She was traveling to a cybersecurity event—then her hotel got hit by ransomware (The Record by Recorded Future) Nordic Choice Hotels, a major Norwegian hospitality chain, was hit by a ransomware attack while security expert Runa Sandvik stayed with them.
George Washington Law Reports Cyberattack During Finals (Law360) The George Washington University Law School reported a cyberattack it said affected a third-party vendor the university contracted with to support its academic programs, disclosing the attack just as students take their final exams.
Debevoise Says Name Being Used As Phishing Bait (Law360) Two website domains are using Debevoise & Plimpton LLP's name and imitating its attorneys to peddle phishing emails to try to steal people's sensitive personal information, according to a lawsuit filed Monday in Virginia federal court.
Security Patches, Mitigations, and Software Updates
Zero Day Initiative — The December 2021 Security Update Review (Zero Day Initiative) The final second Tuesday of the month is here, and this month, it brings much more than just patches from Microsoft and Adobe. Take a break from your holiday preparations and join us we review the details of the latest security patches. CVE-2021-44228: Log4Shell (Log4j) Unless you have been hidi
Log4j – Download Apache Log4j 2 (Apache Logging Services) The link in the Mirrors column should display a list of available mirrors with a default selection based on your inferred location. If you do not see that page, try a different browser. The checksum and signature are links to the originals on the main distribution server.
Adobe Joins Security Patch Tuesday Frenzy (SecurityWeek) Adobe documented at least 60 security vulnerabilities in prominent software products and warned that malicious actors could exploit these bugs for code execution, privilege escalation and denial-of-service attacks.
Microsoft Patches 67 Security Flaws, Including Zero-Day Exploited by Emotet (SecurityWeek) In the final Patch Tuesday release for 2021, Redmond warns of a zero-day flaw being exploited in the wild by the Emotet malware operation.
Microsoft December 2021 Patch Tuesday: Zero-day exploited to spread Emotet malware (ZDNet) This month's round of security fixes includes a patch for a zero-day vulnerability being actively exploited in the wild.
Microsoft fixes six zero-days in December Patch Tuesday update (Computing) One zero-day addressed has been observed in active attacks
Microsoft Patch Tuesday, December 2021 Edition (KrebsOnSecurity) Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month's Patch Tuesday is being overshadowed by the…
Chrome 96 Update Patches Exploited Zero-Day Vulnerability (SecurityWeek) Google on Monday announced a Chrome 96 update that patches five vulnerabilities, including a zero-day that has been exploited in attacks.
Android Update: Government wants you to update your Android device, here’s why (The Times of India) The Indian Computer Emergency Response Team under the Ministry of Electronics and Information Technology has issued a new warning for Android operatin
Apple security updates are out – and not a Log4Shell mention in sight (Naked Security) Get ’em while they’re hot!
Apple Patches 42 Security Flaws in Latest iOS Refresh (SecurityWeek) The new iOS 15.2 makeover fixes security vulnerabilities in multiple components, some serious enough to lead to code execution attacks if iPhone or iPad users open image or audio files.
Apple Patches Vulnerabilities That Earned Hackers $600,000 at Chinese Contest (SecurityWeek) The iOS and macOS updates released this week by Apple patch vulnerabilities that earned researchers over $600,000 at a Chinese hacking contest.
Advantech R-SeeNet (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Low attack complexity
Vendor: Advantech
Equipment: R-SeeNet
Vulnerabilities: SQL Injection, Improper Privilege Management
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow authenticated users to perform a local privilege escalation and retrieve any information from the product’s database.
Schneider Electric Rack PDU (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.2
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Rack Power Distribution Unit (PDU)
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to access the system with elevated privileges.
Hillrom Medical Device Management (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Exploitable remotely
Vendor: Hillrom
Equipment: Welch Allyn medical device management tools
Vulnerabilities: Out-of-Bounds Write, Out-of-Bounds Read
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-152-01 Hillrom Medical Device Management that was published June 1, 2021, to the ICS webpage at www.cisa.gov/uscert.
Trends
Dark Web Roundup: November 2021 (Risk Based Security) Malicious threat actors never stop, but neither do we. Risk Based Security’s Cyber Risk Analytics research team is dedicated to gathering the latest in data breach intelligence. Here is our round-up of November 2021.
Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws (PR Newswire) With data breaches on the rise along with consumer demand for privacy and control over their own data, governments have in turn adopted new...
New research reveals that one third of all log-in attempts on eCommerce sites are malicious (Imperva) What do humans and bots have in common? A love for visiting online shopping sites: more than half (57%) of all attacks on retail websites in 2021 were carried out by bots, compared to 33% for all other industries. It gets worse: a third of all log-in attempts on retail eCommerce websites are account takeover […]
The cyber risk future doesn't look good, but organizations are ready (Help Net Security) Orgs will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating cyber risk.
"Fear Fatigue" Threatens Cybersecurity of Employees Working from Home (PR Newswire) Malwarebytes™, a global leader in real-time cyberprotection, today announced the findings from its latest survey examining how the impact of...
Marketplace
Atmosec Raises $6M Seed Round; Launches Platform that Secures SaaS Ecosystem by Understanding Behavior of Third-Party Services (PR Newswire) Atmosec, the SaaS security venture, announced today its official launch out of stealth as well as the completion of a $6 million seed funding...
LogMeIn Set to Establish LastPass as an Independent Cloud Security Company Amid Strong Market Demand (GlobeNewswire News Room) Industry leader in Enterprise Password Management with over 50% Revenue CAGR over the last 3 years BOSTON, Dec. 14, 2021 (GLOBE NEWSWIRE) -- LogMeIn,...
Cybersecurity startup Guardio, now with 1M users of its browser extension, raises its first funding: $47M led by Tiger Global (TechCrunch) Some say that antivirus software that you install on your PC may have run its course when it comes to the next generation of computing in the cloud. Today a startup that has built what it believes comes next is making some news with a large funding round, its first outside money. Guardio — wh…
UncommonX Adds $9.5M to Close its Series A Funding at $36M in Total Eq (PRWeb) UncommonX, a SaaS-based cybersecurity managed detection and response (MDR) provider, today announced that it has completed its Series A financing round with an a
CyberSheath Receives Investment From Lightview Capital to Secure the Defense Supply Chain (Businesswire) CyberSheath, the largest Cybersecurity Maturity Model Certification (CMMC) managed service vendor for Department of Defense (DoD) contractors, announc
Cequence Security Raises $60M in Series C Funding to Meet Surging Demand for its Innovative API Security Platform (Cequence) New funding, led by Menlo Ventures, will help Cequence expand its global footprint and product offerings while also hiring new talent Sunnyvale, Calif., December 15, 2021 — Cequence Security, the leader in API security, today announced it has closed $60 million in Series C funding led by new investor Menlo Ventures. Additional participation comes from […]
GitLab Acquires Opstrace to Expand its DevOps Platform with Open Source Observability Solution (GlobeNewswire News Room) GitLab will create the first integrated observability solution within a DevOps Platform...
Sysdig Hits $2.5B Valuation As Cloud And Container Security Continues To Bring The Heat (Crunchbase News) San Francisco-based cybersecurity company Sysdig more than doubled its valuation to $2.5 billion in just eight months with a new $350 million Series G led by Permira’s growth fund.
Noname Security Raises $135 Million in Series C at $1B Valuation, Becomes First API Security Unicorn (Noname Security) Noname Security announces it has secured $135 million in Series C funding at $1B valuation. The funding round was led by Georgian and Lightspeed...
Dazz, from ex-Microsoft team, gets $60M to automate cloud security (VentureBeat) Dazz, founded by former Microsoft security executives, has raised $60 million for its platform that brings automation to cloud security.
Why Booz Allen sees spinouts as part of its strategy (Washington Technology) Why would Booz Allen Hamilton let an internally-developed artificial intelligence product go out on its own rather than hold onto it? The government technology and consulting firm sees its spinout strategy as a natural progression.
US government to offer up to $5,000 'bounty' to hackers to identify cyber vulnerabilities (CNN) The Department of Homeland Security is launching a "bug bounty" program, potentially offering thousands of dollars to hackers who help the department identify cybersecurity vulnerabilities within its systems.
DHS gets nearly 2,000 applications for new cyber cadre (FCW) The goal is for DHS to onboard the first 150 feds into the system next year.
Triple whammy for cyber security specialist Darktrace (BusinessWeekly) Cambridge cyber security company Darktrace has clinched a lucrative deal with an unnamed European automotive giant, announced a £30 million share buyback, and also a deal with Sir Robert McAlpine – all in a matter of days. Sir Robert McAlpine, has adopted Darktrace’s Self-Learning AI technology to bolster its cyber defenses. Sir Robert McAlpine has over 2,000 employees, and
Barracuda CEO: We don’t exist without partners (MicroscopeUK) The recently installed boss at the security vendor has restated the importance of the channel to the firm’s prospects of success.
ThreatX Names Tom Axbey to Its Board of Directors (Businesswire) ThreatX today announced the appointment of Tom Axbey to its board of directors.
Anomali Appoints Cybersecurity Industry Veteran Karen Buffo as Chief Marketing Officer (Businesswire) Anomali Appoints Cybersecurity Industry Veteran Karen Buffo as Chief Marketing Officer
Druva Appoints Security and IT Veteran Yogesh Badwe as Chief Security Officer (Businesswire) Druva Inc. today announced the appointment of Yogesh Badwe as the company’s Chief Security Officer (CSO). Bringing nearly 15 years of experience leadi
Datadobi Appoints Charlie Collins to Channel Sales Director to Continue Momentum in the Channel (Businesswire) Datadobi today announced the appointment of Charlie Collins as the company’s new Americas Channel Sales Director.
Arcfield Appoints Kevin Kelly as Chairman and CEO, Announces New Company Name (Businesswire) Arcfield, previously known as CTFV Acq. Corp., announces Kevin Kelly, a 30-yr defense & intel leader, as CEO & Chairman.
Products, Services, and Solutions
ThreatQuotient Achieves SOC 2 Type II Compliance for ThreatQ Platform (Businesswire) ThreatQuotient has successfully completed a Service Organization Controls (SOC) 2 Type II compliance audit for its ThreatQ Platform.
StorCentric Announces Nexsan Unity Software v7.0, A True Unified Solution With Enhanced Protocol Support, Security and Performance (Nexsan) Unity now Supports Object (S3) Protocol, Enterprise-Class Ransomware Protection and Compliance Requirements, as well as Increases Performance up to 40%
Introducing Cybereason XDR Powered By Google Chronicle (Cybereason) Introducing Cybereason XDR Powered By Google Chronicle
Introducing Cybereason XDR Powered by Google Chronicle (Cybereason) Cybereason and Google cloud have unveiled Cybereason XDR powered by Google Chronicle, the first AI-driven XDR platform capable of ingesting and analyzing threat data from across the entire IT environment.
TeleSign Becomes a WhatsApp Business Solution Provider (GlobeNewswire News Room) Integration of WhatsApp into TeleSign’s Messaging API enhances omnichannel communication offerings, providing increased efficiency, security, and...
Trulioo Announces Six New Customers in the Cryptocurrency Industry (PRWeb) Trulioo, the global identity verification leader, today announced six new customers in the cryptocurrency industry: Centbee, GMO Trust, Omni
IAM Security Leader Authomize Launches Authomize Together Partner Ecosystem and Joins Microsoft Co-Sell Program (PR Newswire) Authomize, the first Zero Trust solution for continuously managing the Authorization Security Lifecycle across all cloud environments,...
Xe.works Chooses Leaseweb Infrastructure Services to Host Global AdTech Network (Businesswire) Leaseweb Global announced that Xe.works selected Leaseweb as its exclusive Infrastructure-as-a-Service (IaaS) provider
Digital Guardian by HelpSystems Successfully Completes SOC 2 Type 2 Examination (Digital Guardian) Digital Guardian Data Protection Platform Meets Security and Availability Standards Set by The American Institute of Certified Public Accountants (AICPA) With Zero Exceptions Listed
MOXFIVE Announces Strategic Partnership with CrowdStrike to Scale Inci (PRWeb) MOXFIVE, a technical advisory firm specializing in cybersecurity and information technology, today announced a partnership with CrowdStrike, a leader in cloud
Teleport Announces Latest Version of Teleport Access Plane (PR Newswire) Teleport, the Access Plane company, today announced availability of Teleport 8. The latest edition of the open-source Teleport Access Plane...
Cato Delivers Independent Compliance and Security Assessment of Cloud Applications in All-New Cato Management Application (Yahoo Finance) Cato Networks, the provider of the world's first SASE platform, introduced today independent assessments of cloud application regulatory compliance and security capabilities as part of complete re-architecture of the self-service Cato Management Application. More than 103 frontend improvements and a restructured backend event architecture were introduced, enabling Cato to address the scaling and usability needs of the largest and smallest enterprises. Other additions include a Cloud Application
Cobalt Iron Introduces Compass® Enterprise Object Search
(Wall Street Communications) Available Now, Free New Feature Increases Efficiency by Allowing Compass Users to Search the Entire Enterprise Backup Landscape at the Object Level
NetApp ONTAP Becomes First Enterprise Storage Platform to Receive Validation from NSA for Security and Encryption (NetApp) NetApp ONTAP recognized by the US National Security Agency for data-centric security capabilities that make it easier for organizations to protect their data
Technologies, Techniques, and Standards
NIST Launches New International Cybersecurity and Privacy Resources Website (NIST) Every day, NIST cybersecurity and privacy resources are being used throughout the world to help organizations manage cybersecurity and privacy ri
ChemLock (CISA) Everyone who interacts with dangerous chemicals has a role to play in preventing chemicals from being weaponized by terrorists. CISA’s ChemLock program is a completely voluntary program that provides facilities that possess dangerous chemicals no-cost services and tools to help them better understand the risks they face and improve their chemical security posture in a way that works for their business model.
Aunalytics Cites Cybersecurity Best Practices for Financial Services as Attacks Rise 118% in 2021 (GlobeNewswire News Room) Secure Managed Services Provider Protects Community Banks and Credit Unions as Cybercriminals Double Down on Efforts to Breach Financial Data, Compromise...
Why Should Organizations Implement a Vulnerability Management Program? (Enterprise Security Magazine) Vulnerability management is the systematic process of identifying, classifying, and resolving vulnerabilities in computer systems.
Design and Innovation
Hutch celebrates second cohort to graduate from digital services incubator (Hutch) Hutch, a digital services incubator that strengthens minority and women entrepreneurs, today graduated their second cohort of companies. Four companies have emerged from the intensive 24-month program with a vision and the skills necessary in strategy, branding, contracting and leadership to build an impactful business that can compete in the competitive government services market. Hutch […]
Cybersecurity should not be a bolt-on, Comcast CISO says (Light Reading) In Noopur Davis' estimation, cybersecurity, like the foundation of a house, must be formed early in the product and service development cycle, rather than something that's applied toward the end of a project.
Academia
University of Texas at Arlington Takes APWG eCrime Symposium Top Paper Award With Study of Twitter's Growing Utility as a Potent Phishing Report Channel (GlobeNewswire News Room) Researchers from Temple and Princeton Win 'Best Student Paper' Awards With Social-Engineering Capture the Flag Exercise and a Study of the Security and...
Legislation, Policy, and Regulation
The Case for Cyber-Realism (Foreign Affairs) Geopolitical problems don’t have technical solutions.
A World Without Trust (Foreign Affairs) The insidious cyberthreat.
Great Protocol Politics (Foreign Policy) The 21st century doesn’t belong to China, the United States, or Silicon Valley. It belongs to the internet.
Any use of force, threat in cyberspace condemned: UN envoy (Mehr News Agency) Iran's Permanent Ambassador to the United Nations condemned any use of force or threat in cyberspace, reminding that a binding legal document on cyber security is a a necessity.
This huge Chinese company is selling video surveillance systems to Iran (MIT Technology Review) A new report sheds light on a shadowy industry where authoritarian states enthusiastically export surveillance technologies to repressive regimes around the world.
Why the Stalemate in Eastern Ukraine Will Likely Hold (Foreign Affairs) Despite the Russian buildup, the status quo still serves both sides.
Russian invasion of Ukraine could be costly even without US troops involved, experts say (Military Times) Outside observers say Ukrainian troops are better prepared for a fight now than they were in 2014.
Germany says Russia will face 'massive consequences' if it invades Ukraine (Reuters) New German Foreign Minister Annalena Baerbock said on Tuesday Russia would face "massive consequences" if it invades Ukraine, after a phone call with her Russian counterpart in which she said Kyiv's territory integrity must not be violated.
Ukrainian troop buildup is defensive, defense minister says (Military Times) In recent weeks, there has been a massive Russian troop buildup near Ukraine’s border which has prompted fears of a possible invasion in Kyiv and the West.
EU slaps sanctions on Russian mercenary group Wagner (Al Jazeera) EU accuses the group of human rights abuses and carrying out clandestine operations on the Kremlin’s behalf.
NATO looking at holistic path to boost cyber defense arsenal (Defense News) NATO is moving into 2022 determined to increase its cyber defense posture, investing in new capabilities, refreshing its policies, and learning from recent exercises to do so.
Britain to push back against China and Russia in cyberspace (Reuters) Britain said it would push back at what it casts as attempts by Russia and China to establish national sovereignty over the communications arteries and emerging technologies which will shape the 21st Century.
Cyber review warns UK and west in ‘clash of values’ with Russia and China (the Guardian) Ministers and spy chiefs warn Britain must improve capabilities and wider digital skills to meet ‘evolving’ challenges
Europe’s Cloud Project Launches Without U.S., Chinese Firms (Bloomberg) Region attempting to lessen its reliance on U.S. tech firms. EU also working on a bloc-wide semiconductor strategy.
Biden Takes Aim at Kleptocrats (Foreign Policy) The United States is finally taking big steps to close the loopholes that make America a money laundering haven.
Federal Cybersecurity Advisor Floats Executive Order on Cloud Service Providers (Nextgov.com) The idea sprung from a sense of moral outrage Cybersecurity and Infrastructure Security Agency Director Jen Easterly identified with.
U.S. to blacklist 8 Chinese companies, including drone maker DJI (Nikkei Asia) Growing sanctions reflect Washington's ire with Beijing over Uyghur crisis
U.S. House passes measure clamping down on products from China's Xinjiang (Reuters) The U.S. House of Representatives passed legislation on Tuesday to ban imports from China's Xinjiang region over concerns about forced labor, part of Washington's continued pushback against Beijing's treatment of its Uyghur Muslim minority.
Exclusive: U.S. lawmakers call for sanctions against Israel's NSO, spyware firms (Reuters) A group of U.S. lawmakers is asking the Treasury Department and State Department to sanction Israeli spyware firm NSO Group and three other foreign surveillance companies they say helped authoritarian governments commit human rights abuses.
US calls for sanctions against NSO Group and other spyware firms (Computing) Senate Finance Committee chair Ron Wyden said, "The Biden administration has the chance to turn off the spigot of American dollars and help put them out of business for good"
US Sen. Schatz' Bill To Fight Cybercrime Passes Senate, Goes to House (Maui Now) The US Senate passed the bipartisan Better Cybercrime Metrics Act, legislation authored by Hawaiʻi Sen. Brian Schatz that would help fight cybercrime and help keep people safe from online scams.
Canada's privacy commissioner urges Parliament to reform privacy law (Regina Leader-Post) The government must make privacy reform a priority, Canada’s privacy commissioner said today in his annual report to Parliament.
Litigation, Investigation, and Law Enforcement
The British are coming for Silicon Valley (Fortune) The past month shows the UK is serious about regulating American tech mergers.
Revealed: LAPD used ‘strategic communications’ firm to track ‘defund the police’ online (the Guardian) Internal documents show a Polish firm with no law enforcement experience helped LAPD collect tens of thousands of tweets related to Black Lives Matter and racial justice protests