Pinellas County, Florida: the latest on the water treatment attack.
FBI, Secret Service investigating cyberattack on Florida water treatment plant (TechRepublic) Local officials said someone took over their TeamViewer system and dangerously increased the levels of lye in the town's water.
‘Batman Begins’ cyber attack is a warning to CNI providers (ComputerWeekly) A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services.
Water Supply Cyber Breach Thwarted (IndustryWeek) Hackers use remote access software to attack Florida city's water treatment facility.
Cyber-Attacker Tries to Remotely Poison Florida City (Infosecurity Magazine) Unknown assailant hijacked system to increase sodium hydroxide levels
Oldsmar’s water supply attack is a warning, experts say. It could’ve been worse. (Tampa Bay Times) Instead of causing widespread injury or loss of life, the attack could stand as a huge red flag marking quietly pervasive flaws in national security.
Cyberattack on Florida town’s water supply shows vulnerability of infrastructure (Miami Herald) An attack on Oldsmar’s water supply last week highlighted cybersecurity experts’ longstanding concerns about the security of the country’s critical infrastructure.
In Florida, a near-miss with a cybersecurity worst-case scenario (NBC News) A hacker broke into a Florida water treatment plant and ordered it to increase the amount of lye to extremely dangerous levels, officials said.
Florida Water Supply Hack Chilling Reminder of Infrastructure Vulnerability (Channel Futures) In a particularly disturbing cyberattack, a water supply hack in Oldsmar, Florida, could have poisoned that city's drinking water.
Lye-poisoning attack in Florida shows cybersecurity gaps in water systems (NBC News) It's the kind of breach that has been warned about for years but is rarely seen.
‘Dangerous Stuff’: Hackers Tried to Poison Water Supply of Florida Town (New York Times) For years, cybersecurity experts have warned of attacks on small municipal systems. In Oldsmar, Fla., the levels of lye were changed and could have sickened residents.
Hacker Tried Poisoning Water Supply After Breaking Into Florida's Treatment System (The Hacker News) Hackers infiltrated a water treatment facility in the U.S. state of Florida and drastically altered the levels of sodium hydroxide (NaOH) in the water
Remote Hacker Caught Poisoning Florida City Water Supply (SecurityWeek) An unknown hacker accessed the city’s water control systems in Oldsmar, Florida and increased sodium hydroxide to dangerous levels.
Hack exposes vulnerability of cash-strapped US water plants (Washington Post) A hacker’s botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation’s water systems may be to attacks by more sophisticated intruders. Treatment plants are typically cash-strapped, and lack the cybersecurity depth of the power grid and nuclear plants.
Florida water breach highlights need to strengthen cybersecurity of critical infrastructure (Intelligent CIO North America) Experts from Mandiant Threat Intelligence and BlueVoyant offer their take on an attack on a water system in Florida. A hacker gained remote access to the water system of a city in Florida and changed the water chemical levels. The hacker briefly increased the amount of sodium hydroxide (lye) in the water treatment system at […]
Cyber Attacks, Threats, and Vulnerabilities
UN experts: North Korea using cyber attacks to update nukes (AP NEWS) North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to...
Mobile Health Apps Systematically Expose PII and PHI Through APIs, New Findings from Knight Ink and Approov Show (BusinessWire) Mobile Health Apps Systematically Expose PII and PHI Through APIs, New Findings from Knight Ink and Approov Show #Approov #Cybersecurity #APIsecurity
Iran 'hides spyware in wallpaper, restaurant and games apps' (BBC News) More than 1,000 dissidents and others have been targeted by two active campaigns, researchers say.
Researchers find more victims of one of Iran’s oldest hacking groups (Washington Post) The victims include high-profile academics, activists and business leaders, and government officials in the United States and Europe
Dormant for years, Iranian cyber sleeper cell awakens (Haaretz) Researchers from Checkpoint discover Iranian hacker group has infected computers across the world with malware, allowing them to capture victim’s screens and record their audio
Domestic Kitten hacking group strikes local citizens considered a threat to Iranian regime (ZDNet) FurBall spyware pretends to be everything from a security app to screen wallpapers.
Detailed: Here's How Iran Spies on Dissidents with the Help of Hackers (The Hacker News) Researchers reveal how Iran spies on its citizens with the help of hackers
Israel's economy not ready to deal with Iran cyberattacks (Middle East Monitor) Commenting on Russian-Iranian cooperation on cybersecurity, founder and CEO of Israeli cyber consultation firm Konfidas Digital Ltd, Ram Levi, said Israel's economy is not ready for Iranian cyberatt...
Discord CDN: A Popular Choice for Hosting Malicious Payloads (Zscaler) Discord, Ransomware, Stealer, Miner, Grabber
LodaRAT Windows Malware Now Also Targets Android Devices (The Hacker News) Windows remote access Trojan (RAT) with credential-stealing and espionage capabilities expanded its scope to target Android devices.
More than 100 Financial Services Firms Hit with DDoS Extortion Attacks (PR Newswire) FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today that last year, more than...
Hackers Targeted Financial Sector in Mass Extortion Campaign (Wall Street Journal) Late last year more than 100 firms were threatened with DDoS attacks unless they paid off a group that variously posed as Fancy Bear and Lazarus, an industry group said.
Experian: No Evidence of System Compromise in Brazil (BankInfo Security) Investigation Follows Report of Data for Sale on Darknet
Roses are red, violets are blue, cybercriminals are ready to come after you! (Check Point Software) Highlights: Over 400 malicious Valentine's Day themed phishing individual email campaigns spotted weekly in January A 29% YOY increase in Valentine’s Day
HelloKitty ransomware gang behind CD Projekt hack (IT PRO) Emsisoft CTO tells IT Pro that the sensitive data obtained by the attackers 'will most likely be leaked'
‘Cyberpunk 2077’ Developer Says Hacker Has Threatened to Release Sensitive Data (Wall Street Journal) CD Projekt said a hacker accessed its internal network and collected certain data belonging to its capital group, adding that the compromised systems didn’t contain personal data of its players.
Cyberpunk 2077' Developer Hit With Cyberattack -- 2nd Update (MarketScreener) The company behind Cyberpunk 2077 said its internal systems were breached in a cyberattack and the purported hacker threatened to release the software... | February 10, 2021
CD Projekt Slides as Ransomware Hack May Delay Cyberpunk Fix (Bloomberg) Ransom note claims hacker obtained source codes of some games. Attack doesn’t appear to include gamers’ data, CD Projekt says.
Data Exfiltration Enabled by Google Chrome Sync Extension (BankInfo Security) Hackers used a fake Forcepoint extension, leveraging the Google Chrome Sync feature, to exfiltrate data and send commands to infected browsers, according to a
ECU Worldwide faces system disruption as fears grow of cyber attack (The Loadstar) Sources have indicated that ECU Worldwide is currently undergoing a cyber attack. The company has not officially confirmed the nature of the problem, but one staff member told The Loadstar that all the systems are down. “It’s global, and it’s been problematic for a couple of days. None of us can connect,” said the staff member. The Loadstar has been unable to access the company’s website. One source said his company had ...
New Zealand Exchange Cyberattack Also Hit More Than 100 Firms (Bloomberg) Damage was worse for exchange than other targeted companies. Worldwide attacks raised security costs for most victims.
U.K. Merger Watchdog Suffers 150 Data Breaches in Two Years (Bloomberg) CMA handles sensitive information on takeovers, competition. Declines to say if breaches affected any merger situations.
Personal Information Compromised In CU Cyberattack Believed To Be Largest In University History (CBS Denver) The University of Colorado is investigating a cyberattack that compromised the personal information of students and employees.
Beware of technical “experts” bombarding you with bug reports (Naked Security) Beware pseudo-geeks bearing ‘gifts’.
GE Digital HMI/SCADA iFIX (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.1
ATTENTION: Low skill level to exploit
Vendor: GE Digital
Equipment: HMI/SCADA iFIX
Vulnerabilities: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges.
Advantech iView (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: iView
Vulnerabilities: SQL Injection, Path Traversal, Missing Authentication for Critical Function
2.
Siemens SINEMA Server & SINEC NMS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SINEMA Server, SINEC NMS
Vulnerability: Path Traversal
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow arbitrary code execution on an affected system.
Siemens RUGGEDCOM ROX II (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: RUGGEDCOM ROX IIB
Vulnerabilities: Improper Input Validation, NULL Pointer Dereference, Out-of-Bounds Write, Insufficient Verification of Data Authenticity, Improper Certificate Validation, Out-of-bounds Read
2.
Siemens TIA Administrator (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: TIA Portal and PCS neo
Vulnerability: Improper Access Control
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow local users to escalate privileges and execute code as a local SYSTEM user.
Siemens JT2Go and Teamcenter Visualization (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: JT2Go and Teamcenter Visualization
Vulnerabilities: Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer overflow, Out-of-Bounds Write, Type Confusion, Untrusted Pointer Dereference, Incorrect Type Conversion or Cast
2.
Siemens SCALANCE W780 and W740 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE W780 and W740
Vulnerability: Allocation of Resources Without Limits or Throttling
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
Siemens SIMARIS configuration (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.4
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMARIS configuration
Vulnerability: Incorrect Default Permissions
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain persistence or escalate privileges within the system.
SIMATIC WinCC Graphics Designer (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.2
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC WinCC and PCS 7
Vulnerability: Authentication Bypass Using an Alternate Path or Channel
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker unauthenticated access to protected files.
Siemens DIGSI 4 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: DIGSI 4
Vulnerability: Incorrect Default Permissions
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a low privileged attacker to execute arbitrary code with SYSTEM privileges.
Siemens SCALANCE X Switches (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE X200, X200IRT, X300
Vulnerabilities: Use of Hard-coded Cryptographic Key
2.
Siemens JT2Go and Teamcenter Visualization (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: JT2Go and Teamcenter Visualization
Vulnerabilities: Type Confusion, Improper Restriction of XML External Entity Reference, Out-of-bounds Write, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Untrusted Pointer Dereference, Out-of-bounds Read
2.
Siemens SCALANCE X Products (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE X Products
Vulnerabilities: Missing Authentication for Critical Function, Heap-based Buffer Overflow
2.
Siemens Embedded TCP/IP Stack Vulnerabilities–AMNESIA:33 (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SENTRON PAC3200, SENTRON PAC4200, SIRIUS 3RW5
Vulnerability: Integer Overflow
2.
Siemens Industrial Products (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.5
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: Siemens Industrial Products containing certain processors
Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2.
Siemens UMC Stack (Update E) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: UMC Stack
Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation
2.
Siemens Climatix (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Climatix
Vulnerability: Cross-site Scripting, Basic XSS
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-20-105-04 Siemens Climatix that was published April 14th, 2020, to the ICS webpage on us-cert.cisa.gov.
Siemens SCALANCE & SIMATIC (Update D) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE, SIMATIC
Vulnerability: Resource Exhaustion
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-20-105-07 Siemens SCALANCE & SIMATIC (Update C) that was published September 8, 2020, to the ICS webpage on us-cert.cisa.gov.
Siemens Industrial Products SNMP Vulnerabilities (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Various SCALANCE, SIMATIC, SIPLUS products
Vulnerabilities: Data Processing Errors, NULL Pointer Dereference
2.
Siemens SCALANCE X Switches (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.2
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE X switches
Vulnerability: Protection Mechanism Failure
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-20-042-07 Siemens SCALANCE X Switches that was published February 11, 2020, to the ICS webpage on us-cert.cisa.gov.
Siemens Industrial Real-Time (IRT) Devices (Update E) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Industrial Real-Time (IRT) Devices
Vulnerability: Improper Input Validation
2.
Siemens SCALANCE X Switches (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE X switches
Vulnerability: Insufficient Resource Pool
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-19-225-03 Siemens SCALANCE X Switches (Update A) that was published August 20, 2019, on the ICS webpage on us-cert.cisa.gov.
Siemens SCALANCE X (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.1
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE X Switches
Vulnerability: Storing Passwords in a Recoverable Format
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-19-162-04 Siemens SCALANCE X (Update A) that was published January 14, 2020, to the ICS webpage on us-cert.cisa.gov.
Security Patches, Mitigations, and Software Updates
Microsoft to add 'nation-state activity alerts' to Defender for Office 365 (ZDNet) Microsoft has been alerting users of nation-state attacks since 2016. Alerts will now be added to the Defender for Office 365 dashboard so companies can take quicker action.
February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days (Help Net Security) On this February 2021 Patch Tuesday Adobe has fixed a Reader flaw used in limited attacks and Microsoft has plugged a Windows zero-day.
Microsoft Patch Tuesday, February 2021 Edition (KrebsOnSecurity) Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws.
Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw (SecurityWeek) Microsoft drops a mega patch batch for February: 56 documented vulnerabilities, 11 rated critical, one under active attack.
Adobe Patches Reader Vulnerability Exploited in the Wild (SecurityWeek) Adobe has released patches for 50 vulnerabilities, including a Reader zero-day vulnerability that has been exploited in the wild.
Zero Day Initiative — The February 2021 Security Update Review (Zero Day Initiative) It’s the second Tuesday of the month, and that means the latest security updates from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for February 2021 For February, Adobe released
SAP Security Patch Day February 2021: Critical Patch released for SAP Commerce (Onapsis) SAP has released 20 new and updated SAP Security Notes on February’s Patch Day, including the notes that were released since last Patch Day.
Google Fi VPN updates help you connect safely (Google) Since today is Safer Internet Day, we wanted to share a few improvements we’ve made to the Fi VPN.
Critical Firefox Vulnerability Can Allow Code Execution If Chained With Other Bugs (SecurityWeek) An update released by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other flaws to achieve arbitrary code execution.
Cyberpunk 2077 bug fixed that let malicious mods take over PCs (BleepingComputer) CD Projekt Red has released a hotfix for Cyberpunk 2077 to fix a remote code execution vulnerability that could be exploited by third-party data file modifications and save games files.
Cyber Trends
Cyber Security Workforce Development (perConcordiam) Scarcity of human talent is among the most pressing cyber security concerns for nations the world over.
Custom hacking services (Positive Technologies) Many businesses actively and productively use corporate sites, online stores, and web services to accomplish tasks.
The State of Email Security (Avanan) Avanan polled over 500 IT managers and leaders to quantify the time it takes to manage the email threat.
ATM hacks surged 269% in Europe in 2020 H1, recent findings reveal (Atlas VPN) Recent findings by Atlas VPN reveal that cybercriminals started to hack into the ATMs using malware and logical attacks. A logical or malware attack is a type of cyber attack where threat actors alter the ATM software to access the cash dispenser.
A Year Like No Other: Phishers’ Favorite Brands of 2020 (Vade Secure) Our yearly report places Microsoft in the top spot on the list of most impersonated brands in phishing attacks.
Enterprise VPN usage flourished worldwide in 2020 (NetMotion Software) You may be surprised to learn in 2021 that VPNs are still an essential part of the remote access strategy of many enterprises.
Exclusive: Majority polled believe social media radicalizes people (Axios) Respondents also said social media firms bear some responsibility for last month's Capitol riot.
US Gmail users are most popular targets for email phishing and malware attacks (Computing) Third-party data breaches also make users more attractive targets for cyber attacks
These are the people most likely to fall victim to a phishing attack (TechRadar) Third-party data breaches can make you a more likely target for future cyberattacks
Proofpoint’s State of the Phish Report Reveals Ransomware and Phishing Attack Trends; Underscores Need for Tailored Security Awareness Training, Particularly for Remote Workers (GlobeNewswire) 90% of U.S. infosec survey respondents said their workforce shifted to working from home in 2020, yet only 29% trained users on safe remote working habits
Too few UK organisations offering cyber training for remote work (ComputerWeekly) 11 months into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers
The Birds, Bees & Bots: Kids' internet use puts pressure on 70% of parents to have "the talk" sooner than planned (PR Newswire) AVG Technologies, a global leader in digital security products, has today released new findings that show the majority of parents are facing...
Research: Enterprise SIEMs Unprepared for 84% of MITRE ATT&CK Tactics and Techniques (PR Newswire) CardinalOps, pioneer of the industry's first AI-powered Threat Coverage Optimization Platform, today unveiled new independent research which...
Marketplace
Cybersecurity firm SentinelOne buys Scalyr for $155 million (ZDNet) SentinelOne said the acquisition will help the company add significant capabilities to its extended detection and response (XDR) platform.
IoT Security Startup Armis Doubles Valuation To $2B With $125M Round (CRN) IoT security startup Armis announced a new $125 million funding round from Brookfield Technology Partners, Insight Partners and CapitalG, doubling its valuation to $2 billion.
Security Firm Appgate To Go Public At $1B Valuation Via Merger (CRN) Secure access vendor Appgate plans to go public at a $1 billion valuation just a year after its formation by merging with a shell company.
Monte Carlo raises $25 million for AI that monitors data reliability (VentureBeat) Data reliability startup Monte Carlo has raised $25 million in venture capital, bringing its total raised to over $40 million.
WireWheel Raises $20 Million in Series B Funding (PR Newswire) WireWheel, a leader in data privacy technology, today announced $20 million in Series B financing led by ForgePoint Capital. Existing investors...
Peraton Creates New Business Sectors, Names Leaders, Roles (WashingtonExec) After the successful completion of Peraton’s acquisition of Northrop Grumman’s integrated Mission Support and IT Solutions business on Feb. 1, Peraton has
Dragos Joins IBM Security App Exchange Community (AiThority) Dragos Inc., a global leader in cybersecurity for industrial controls systems (ICS)/OT environments, launched the new Dragos QRadar Device Support Module.
Akamai tops Q4 expectations, announces reorganization and new CTO (ZDNet) The company said it was reorganizing its business groups with a greater focus on its security division.
BAE Systems Named One of America’s Best Large Employers by Forbes (Odessa American) Forbes has recognized BAE Systems as one of “America’s Best Large Employers” of 2021, one of only 500 companies selected. Forbes and its partner, market research firm Statista, chose the companies through an independent survey of 50,000 employees across more than two dozen industries.
GroupSense Doubles Customer Base and Reports Significant Year-Over-Year Revenue Growth in 2020 (PR Newswire) GroupSense, a digital risk protection services company, today announced several milestones from a successful 2020, including doubling its...
Augusta authority grant will route Fort Gordon personnel to cyber jobs (Augusta Chronicle) The Augusta Economic Development Authority is the recipient of a $8.5 million grant to connect Fort Gordon personnel with area cyber jobs.
TrueFort Adds Lane Bess to Board of Directors (Security Boulevard) Security Industry Luminary Brings Decades of Strategic Management and Operational Experience to New Board Seat
AvePoint, Leading Microsoft 365 Data Management ISV, hires former Palo Alto Networks Leader Jason Beal as Head of Global Channel (PR Newswire) AvePoint, a leading Microsoft 365 data management independent software vendor, appoints Jason Beal as senior vice president of global channel...
Novetta Hires Military Vet to Lead Emerging Tech Group; Tiffanny Gates Quoted (GovCon Wire) Todd Massengill, a retired U.S. Army colonel, recently joined
Tanium Adds Matt Thompson to Board of Directors (Infosecurity Magazine) Thompson becomes independent director of endpoint management and security provider
Products, Services, and Solutions
Sonrai Security Adds Industry-First Cloud Database Protection to Award-Winning Security and Governance Platform (Sonrai Security) Sonrai Dig helps ensure security for AWS, Azure and Google Cloud Platform cloud-native data stores
Secureworks Unveils Secureworks Taegis™, XDR Advancements, and MSSP Partner Initiative to Strengthen Cybersecurity Community (GlobeNewswire) Secureworks marshals software, brand and channel to protect enterprises and fight adversaries at scale
Making every day safer with Google (Google) Today, as we celebrate Safer Internet Day, we’re sharing the progress we’ve made to create a safer internet.
Furthering our support for election security (Google) We look forward to continuing our work in 2021 to make sure campaigns and elected officials around the world stay safe online.
IT Pros in LatAm Rely on Cladirect for a Reslient Out-of-band Solution (Opengear) Out-of-Band management for LATAM organizations is provided by Opengear via CLADirect. A case study.
DTEX Systems Unveils Enhanced Workforce Cyber Security Platform with the Release of InTERCEPT 6.5 (BusinessWire) DTEX Systems, the Workforce Cyber Intelligence CompanyTM, today announced the release of its latest Workforce Cyber Security platform, DTEX InTERCEPT
Security Operations Teams Get Relief From Alert Overload with the Trend Micro Vision One Platform (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity, combats security alert overload and resource constraints...
Votiro Announces Launch of SaaS Solution that Proactively Removes Malicious Content from Files (BusinessWire) Votiro, a global leader in Positive Selection® Technology, announces the launch of a cloud-based SaaS version of their Secure File Gateway solutions.
Philadelphia International Airport Renews Contract with Telos to Process Background Checks for Aviation Workers (GlobeNewswire) Telos’ aviation channeling services offer increased efficiency and flexibility in credentialing operations at the only major airport serving the Philadelphia metro area
ID.me and Sterling Announce Exclusive Partnership to Transform Background Screening with Innovative Identity Verification Solutions (Insights.id) As Remote Hiring Continues, Bold New Digital Identity Solution for Employment Speeds Return to Work
Cyber Safety Video Series
(CYBER.ORG and the Cybersecurity and Infrastructure Security Agency (CISA)) Tips for staying safe online!
BAE Systems Debuts Groundbreaking AI Products on AWS GovCloud (US) (AiThority) BAE Systems announced it is offering a suite of groundbreaking artificial intelligence capabilities and a new data labeling service offering
KnowBe4 Launches Season Three of Netflix-Style Security Awareness Training Series (GlobeNewswire) Season three of “The Inside Man” debuts exclusively for KnowBe4 customers
Accelerate Compliance of NIST SP 800-63-3 with ForgeRock (ForgeRock) Digital identity is at the heart of addressing many government specifications and guidelines. In this post, we’ll unpack two assurance levels, identity assurance level (IAL) and authenticator assurance level (AAL), within NIST SP 800-63-3 Digital Identity Guidelines.
Axon and Cellebrite Partner to Help Manage and Safeguard Digital Intelligence (PR Newswire) Axon (Nasdaq: AXON), the global leader in connected public safety technologies, today announced a joint partnership with Cellebrite, the global...
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files (Help Net Security) BlobHunter is an tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made public.
Group-IB MSSP and MDR program allows partners to integrate THF and DFIR services into their offerings (Help Net Security) Group-IB unveiled its global MSSP and MDR program that allows partners to integrate Group-IB THF and DFIR services into their offerings.
Votiro launches SaaS solution that eliminates file-borne threats (Help Net Security) Votiro announced the launch of a cloud-based SaaS version of their Secure File Gateway solution to eliminate file-borne attacks.
Pearson VUE and CrowdStrike partner to provide high-stakes certification and grow global security talent (APN News) Pearson VUE, the global leader in computer-based testing, announced today that it has entered into a multi-year agreement to deliver security certifications for cybersecurity leader, CrowdStrike.
PwC UK and Panaseer join forces to offer continuous Cyber Risk Monitoring (Yahoo) Panaseer, the first Continuous Controls Monitoring (CCM) platform for enterprise security, today announces that it has joined forces with PwC UK, a leader in cybersecurity consulting services, to offer continuous Cyber Risk Monitoring. This will pave the way for continuous and accurate measurement, monitoring, and reporting of cyber risk.
Enzoic Expands Automated Credentials Monitoring in Active Directory (BusinessWire) Enzoic expands automated credentials monitoring in Active Directory. Providing insights on unsafe passwords, reducing the risk of a cyberattack.
Corsight AI Receives Top Rankings in 2020 Biometric Technology Rally Conducted by the Department of Homeland Security (PR Newswire) Corsight AI, a leading facial recognition technology provider, today announced that the company received top rankings in the 2020 Biometric...
Technologies, Techniques, and Standards
‘Reckless and stupid’: Security world feuds over how to ban wireless gear in voting machines (POLITICO) Supporters say it’s reasonable for the Election Assistance Commission to adopt compromise language that falls short of a full prohibition. But many security experts say it opens the door to cyberattacks.
Google expands election security aid for federal, state campaigns (TheHill) Google announced Tuesday it is expanding its efforts around election security by providing free training to state and federal campaigns in all 50 states.
Workloads of Counting Queries: Enabling Rich Statistical Analyses with Differential Privacy (NIST) We are excited to introduce our first guest author in this blog series, Ryan McKenna, at University of Massachusetts at Amhers
U.S. Agencies Publish Ransomware Factsheet (SecurityWeek) The document details the most common ransomware attack methods, as well as prevention and mitigation techniques.
What conversations should executives be having about cyber security? (iTnews) Making cyber security a bigger focus in 2021.
Get Back to the Basics with Your Company’s Cybersecurity Practices (Get Back to the Basics with Your Company’s Cybersecurity Practices) Basic hygiene best practices go beyond hand washing – even if you’re doing lots of that these days. The same hygiene concept extends into the digital world of cybersecurity. In an age of...
Remote working is broken. These six changes can help fix it (TechRepublic) Everyone could do with finding better ways of working from home, particularly if we're in it for the long haul. Here are six changes that can make remote working more effective for all of us.
Academia
NCL, Powered by Cyber Skyline, Partners with National University to Ho (PRWeb) The National Cyber League (NCL), powered by its technology partner Cyber Skyline, has been chosen as the platform, content, and mentoring partner to host the 20
Cyber threats disguised as online learning platforms grew by 60% in H2 2020 (mint) The threats detected by Kaspersky were disguised as one of the widely used video calling apps and online course platforms and were distributed through copycat websites designed to look like the original platforms
Cyber criminals target education sector as remote learning increases (Security Brief) “Unfortunately, until all students are back in the classroom full-time, educational institutions will continue to be a popular target for criminals.
Tips to keep your classroom secure with Microsoft Teams (Microsoft EDU) The past year has been unpredictable, but that doesn't mean remote and hybrid learning have to be. With reliable and secure technology, students can connect with teachers and classmates, work on
AIM program prepares students for cyber jobs (The Merciad) Mercyhurst University has teamed up with PricewaterhouseCoopers (PWC) in a unique program to prepare students with autism for high-paying cybersecurity jobs. This partnership with PWC began through vocational exposure experiences in New York City and Washington D.C. Students in the Autism Initiative at Mercyhurst (AIM) program were invited to meet with corporate leaders and to...
Legislation, Policy, and Regulation
Estonia's diplomacy training aims to shape state behavior in cyberspace (CyberScoop) Diplomats from around the world are convening this week to hash out what the future of negotiations on cyber incidents should look like.
UK Cyber Security Council will oversee security education and training (Computing) The UK Cyber Security Council will work with training providers to accredit courses on cyber security
UK launches new body to oversee booming cybersecurity sector (CityAM) The government has launched a new independent body to oversee standards in the UK’s booming cybersecurity sector.
Brazilian government urged to protect consumers from massive data leak (ZDNet) A consumer rights organization has called for urgent measures to investigate and punish those responsible for exposing the population's data, as well as better citizen information and transparency.
Australia Is Ground Zero in the Global Battle Against Google (Foreign Policy) A proposed law would shake the global internet—and put the Biden team’s Silicon Valley friendships to the test.
FERC Proposes Cybersecurity Incentives for Electric Companies (Meritalk) The Federal Energy Regulatory Commission (FERC) is proposing a rule change that would provide rate incentives for electric companies that go “above and beyond” current regulations in their cybersecurity investments.
The Cybersecurity 202: Congressional scrutiny heats up of government response to the SolarWinds hack (Washington Post) The House Homeland Security Committee will today hold its first cybersecurity hearing of 2021. The hearing comes as scrutiny heats up of the government's response to a massive Russian hack of government systems exposed in December.
Unhappy with response, senators ask for a leader to head up cyber breach cleanup (C4ISRNET) The heads of the Senate Intelligence Committee urged the federal government to name a singular leader to run the response to a widespread hack attributed to Russian cyber actors.
Big Russian hack used a technique experts had warned about for years. Why wasn’t the U.S. government ready? (Washington Post) Hackers got long-term, wide-ranging access to government and private networks by manipulating the software that vouches for those allowed inside.
Experts laud SolarWinds post-attack efforts, but why’d it take a massive cyber incident to make changes? (Federal News Network) SolarWinds officials are trying to make their case to agencies that they are creating more rigor and security in their development and testing processes.
Op-ed: The SolarWinds hack is a blow. The U.S. must prioritize cybersecurity now (CNBC) It is critical we respond with a clear, forceful message to the Russians and any others who wish to do the United States harm, writes U.S. Sen. Jim Risch.
Biden 'better not rely' on private sector to police national security: Hedge fund manager Kyle Bass (Fox Business) Hayman Capital Management founder and CIO Kyle Bass said the private sector aims to enhance shareholder returns and "make as much money as they can."
Like Trump, Biden Is Putting 'National Security' Ahead of Economics (Barron's) Reports of the death of the defense-industrial base have been greatly exaggerated, writes Scott Lincicome.
Easy pickings: UAE hired former US hackers to spy on Qatar (TRT World) A new report reveals how Abu Dhabi established a spy network to snoop on Doha.
Ex-NSA man Aitel launches fresh attack on NYT reporter's cyber security book (iTWire) Ex-NSA hacker and former owner of security company Immunity, Dave Aitel, has launched a fresh salvo of tweets against a book published by New York Times cyber security reporter Nicole Perlroth, after securing and reading a copy of the tome which was published on Tuesday US time. But he ignored the m...
Washington state data breach prompts calls for new cybersecurity office (king5.com) The proposed law would create a new state "Office of Cybersecurity" and would bring about new statewide standards.
Vermont to pay for identity protection in 1099-G data breach (WCAX) The state will pay for identity protection for all Vermonters who received unemployment benefits last year as it works to contain the fallout from a massive mailing error.
White House indicates Trump hasn't asked for intel briefing (TheHill) White House press secretary Jen Psaki on Monday indicated former President Trump hasn't asked for an intelligence briefing days after President Biden said he didn't think his predecessor should receive one.
Litigation, Investigation, and Law Enforcement
They were accused of plotting to overthrow the Modi government. The evidence was planted, a new report says. (Washington Post) Key evidence against a group of Indian activists accused of plotting to overthrow the government was planted on a laptop seized by police, a new forensics report concludes, deepening doubts about a case viewed as a test of the rule of law under Prime Minister Narendra Modi.
Ukrainian Police Arrest Author of World's Largest Phishing Service U-Admin (The Hacker News) Ukraine Law enforcement shut down U-Admin, one of the world's largest phishing services and arrested its author.
SIM-swapping gang busted for targeting 'influencers, sports stars, musicians' (CyberScoop) International police say 10 suspects have been arrested for fraudulently accessing the phones of celebrities to steal about $100 million cryptocurrency as well as personal data throughout 2020. The sting included eight arrests in the United Kingdom as well as one in Malta and another in Belgium, according to Europol.
Huawei Files U.S. Lawsuit Disputing That It Is a Security Threat (Wall Street Journal) The Chinese telecom giant challenged its designation as a national security threat by federal regulators, stepping up its legal challenges in the U.S. despite the change of administration.
Irish GDPR regulator lambasted for delaying critical IT works (IT PRO) The DPC is aiming to finally complete works on its case management system by Q2 2021, five years after first proposing upgrade
Facebook sued in UK for Cambridge Analytica scandal (Computing) The class action lawsuit seeks damages from Facebook over a failure to comply with the Data Protection Act 1998
More than S$201 million cheated in top 10 scam types last year: Police (CNA) The top four scams of concern are e-commerce, social media impersonation, loan scams and banking-related phishing scams.
Facebook, Google, EBay Urge Justices To Limit Privacy Suits (Law360) Facebook, Google and eBay have urged the U.S. Supreme Court to significantly scale back the types of privacy class actions that can move forward in federal courts, claiming that the Ninth Circuit has wrongly set a standard that such cases can proceed based on breaches of privacy alone, rather than "separate" harms.
How Instagram Celebrities Promote Dubai's Underground Animal Trade (bellingcat) Social media images of celebrities posing with tiger cubs, monkeys and cheetahs have inadvertently revealed some secrets of Dubai's shadowy wild animal industry.
Federal Judge Sides with Chubb in Denial of Target's Data Breach Bank Claims (Insurance Journal) Target Corp. has been denied its $138 million insurance claim against ACE (now Chubb) Insurance companies stemming from a 2013 data breach. A federal
Bruno Mars impersonator scams Texas woman out of $100K, Case has ties to Houston (KPRC) A 65-year-old North Texas woman is out $100,000 after she fell in love with someone pretending to be Bruno Mars, the famous entertainer.