Pinellas County, Florida: the latest on the water treatment attack.
Breached water plant employees used the same TeamViewer password and no firewall (Ars Technica) Shortcomings illustrate the lack of security rigor in critical infrastructure environments.
Outdated computer system exploited in Florida water treatment plant hack (ABC News) Investigators said a Florida wastewater treatment plant's outdated computer left it open to a dangerous hack.
Florida water treatment facility hack used a dormant remote access software, sheriff says (CNN) A hacker who last week tried to poison a Florida city's water supply used a remote access software platform that had been dormant for months, Pinellas County Sheriff Bob Gualtieri told CNN on Tuesday.
Hackers exploited shared passwords and obsolete Windows 7 OS to infiltrate Florida water treatment plant (Computing) Systems at the plant were connected directly to the Internet without any type of firewall protection installed and systems shared the same password
Turns out that Florida water treatment facility left the doors wide open for hackers (The Verge) They put their own remote control software onto the computer and didn’t change the passwords
Poor Password Security Lead to Recent Water Treatment Facility Hack (The Hacker News) Poor Password Security and Outdated Systems Poor Password Security Lead to the Recent Water Treatment Facility Hack
US Water Plant Suffers Cyber Attack Through the Front Door (RUSI) An attempted cyber attack against a water treatment plant in Florida highlights endemic failures in the cyber security of the US water sector. , On 5 February, an unidentified attacker accessed the systems at a US water treatment plant in Oldsmar, Florida, and briefly altered the chemical levels in the drinking water.
Cybersecurity Advisory for Public Water Suppliers (Mass.gov) How public water suppliers can guard against cyber-attacks on water supplies.
Oldsmar cyberattack raises importance of water utility assessments, training (CSO Online) The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.
Oldsmar cyberattack raises importance of water utility assessments, training (CSO Online) The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.
Florida Water Plant Breach: An RSAC Interview with Bryson Bort (RSA Conference) Cecilia Marinier of RSA Conference interviews Bryson Bort, Founder and CEO of SCYTHE, regarding the Florida water system attack and the importance of protecting critical infrastructure. Bryson Bort explains the common entry point through which the hackers gained access and how we can be more prepared for future critical infrastructure attacks, including ransomware attacks.
Gainesville Mayor Lauren Poe says GRU water system is safe (WCJB) Gainesville Mayor Lauren Poe is dispelling questions around the safety of the city’s water after an attempted poisoning of the water supply of a central Florida city.
Cyber Attacks, Threats, and Vulnerabilities
Lookout Unmasks State-sponsored Android Spyware Tied to India-Pakistan Conflict (PR Newswire) Lookout, Inc., the leader in mobile security, today announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The...
NHS Vaccine Scams: Criminals Still Targeting COVID-19 Anxiety (Akamai) It's 2021, but the anxiety, fear, uncertainty, and stress caused by the COVID-19 pandemic in 2020 is very much alive today. Criminals are targeting the most vulnerable among us, using the lure of COVID-19 vaccination in their most recent phishing...
Egregor Ransomware Adopting New Techniques (Morphisec) Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.
January 2021’s Most Wanted Malware: Emotet Continues Reign as Top Malware Threat Despite Takedown (Check Point Software) Check Point Research reports the Emotet trojan continued to reign as top malware in January, even though international law enforcement took control of its
Researcher hacks over 35 tech firms in novel supply chain attack (BleepingComputer) A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties.
Sift Uncovers New Telegram Fraud Scheme Exploiting Increased Demand of Restaurant and Food Delivery Applications (Sift) Cybercriminals Feasting on Telegram Forums as Attempted Payment Fraud Rates Increase
()
French cyber expert shows data leak on Koo app, company denies any breach (Deccan Herald) More than 3 million Koo users' data is at risk of getting compromised if the company doesn't scale up the security now.
Koo denies leaking user data, clarifies about Chinese firm's investment (Business Standard) French cybersecurity says on Twitter that the Indian-made app was leaking email and other details about users
Cyberpunk and Witcher hackers claim they’ll auction off stolen source code for millions of dollars (The Verge) Cyberpunk 2077 source code is for sale.
Almost half a million users duped by Facebook phishing campaign (TechRadar) Think twice before opening that message from an 'old friend'
Singapore's Singtel assess potential data breach by hackers (ETTelecom.com) In a media statement on Thursday, Singtel said it was informed by third-party vendor Accellion that its file sharing system FTA (File Transfer Applian..
'Cyberpunk 2077' Maker Was Hit With Ransomware—and Won't Pay Up (Wired) CD Projekt Red's list of woes gets longer, as hackers claim to have stolen the source code for their most popular games.
Nebraska health system notifying patients of data breach (AP NEWS) Nebraska Medicine and the University of Nebraska Medical Center have begun notifying patients and employees whose personal information may have been compromised in a data...
()
Stolen Chatham county data posted online after cyber incident, includes personnel files, other sensitive documents (The Chatham News + Record) Sensitive data files stolen following Chatham County’s Oct. 28 governmental “cyber incident” have been posted online by the criminal enterprise responsible, the News + Record has learned.
Cybercrime and Valentine’s Day: What to Look Out For (Digital Shadows) Dating app cybercrime is a threat to online daters. Uncover three main threats linked to dating app security and ways to date (online) in a secure manner.
Security Patches, Mitigations, and Software Updates
CISA Alerts to Microsoft Windows Win32K Privilege Escalation Flaw (HealthITSecurity) DHS CISA is urging all entities to apply a patch for a flaw found in Microsoft Windows Win32k, as a successful exploit would give an attacker complete control of the vulnerable system.
Adobe patches wave of critical bugs in Magento, Acrobat, Reader (ZDNet) Some of the vulnerabilities were reported through a hacking contest.
Apple Issues Security Update to Fix ‘Baron Samedit’ Sudo Bug (The Mac Observer) Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit.
Microsoft to add 'nation-state activity alerts' to Defender for Office 365 (ZDNet) Microsoft has been alerting users of nation-state attacks since 2016. Alerts will now be added to the Defender for Office 365 dashboard so companies can take quicker action.
Cyber Trends
Inside cybersecurity’s shelfware problem (CSO Online) Sometimes underutilization of security software and services is a deliberate, strategic choice; more often it's a cause for concern.
2021 Credential Stuffing Report (F5 Labs) Credential stuffing is a multifaceted and enduring risk to organizations of all types and sizes. This report is a comprehensive examination of the entire life cycle of stolen credentials—from their theft, to their resale, and their repeated use in credential stuffing attacks.
New Research: 2020 Vulnerabilities on Track to Exceed 2019 (Risk Based Security) Our newly released 2020 Year End Vulnerability QuickView Report revealed that 2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year.
Our VulnDB® team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial di
2020 H2 Healthcare Data Breach Report (CI Security) An explanation of why reports of healthcare breaches to the U.S. Dept. of Health and Human Services (HHS) spiked during the second half of 2020, and predictions about 2021 in a report from CI Security.
Three in five UK manufacturers faced a cyber attack in 2020 (Information Age) Research from Keeper Security, alongside the Ponemon Institute, found that 57% of UK manufacturers were subject to a cyber attack in 2020
Marketplace
Tenable To Buy Active Directory Security Startup Alsid For $98M (CRN) Tenable has agreed to purchase cybersecurity startup Alsid for $98 million to help customers find and fix security weaknesses in Microsoft’s Active Directory in real-time.
Israeli startup CYE raises $100M to help companies shore up their cyber-defenses (Yahoo) Cybersecurity startup CYE has raised $100 million in a new growth round, led by investment firm EQT and with participation from 83North. CYE was founded in 2012 by Reuven Aronashvili to help companies shore up their security posture. The company also provides incident response and security consultants, as well as its flagship product, Hyver, which helps companies assess their entire network and assets.
Silicon Valley CISO Investments (SVCI) Backs Traceable to Transform Web App Security Market (PR Newswire) Traceable, the world's first end-to-end application security monitoring platform, today announced a strategic partnership with Silicon Valley...
Spacelift Raises $6M Series A To Keep Companies Online (Crunchbase News) Spacelift, a startup that automates IT infrastructure, has raised $6 million in a Series A round, the company announced Thursday.
DISA awards managed services contract to Perspecta (Defense News) The company will provide content delivery, network optimization and information assurance services.
These Dayton-area defense firms are helping DoD contractors achieve cybersecurity compliance (Dayton Business Journal) The local companies also discussed the biggest cybersecurity threats, and the most recent technological advances that help mitigate risks.
Akamai tops Q4 expectations, announces reorganization and new CTO (ZDNet) The company said it was reorganizing its business groups with a greater focus on its security division.
Cisco CEO admits Acacia merger didn't initially get Chinese approval (Silicon Valley Business Journal) A missed deadline to secure approval from Chinese antitrust officials cost Cisco Systems Inc. $1.9 billion.
Facebook Dials Down the Politics for Users (New York Times) News feeds will start getting less political content in Canada, Brazil and Indonesia, the social network said, with the change reaching the U.S. in coming weeks.
Semperis Taps Former HPE Chief Technologist, Guido Grillenmeier, to Support the Company’s Global Expansion (Semperis) Germany-Based Active Directory Disaster Recovery Expert and 14-Year Microsoft MVP Joins Semperis as Chief Technologist to Help Deliver Identity-Driven Cyber Resilience to Organizations Worldwide
Quantum Xchange Names John N. Stewart, Former Senior Vice President and Chief Security and Trust Officer at Cisco to its Board of Directors (PR Newswire) Quantum Xchange, a leader in quantum-safe products and services for crypto agility and quantum readiness, today announced that John N. Stewart...
Products, Services, and Solutions
MANN+HUMMEL Selects Omada to Implement Identity and Access Management (Yahoo) Omada A/S ("Omada"), a global leader of Identity Governance and Administration (IGA) software and cloud-delivered IGA services, announced today that MANN+HUMMEL has chosen to implement Omada's identity and access management system.
Vectra extends cloud identity detection capabilities with Microsoft Azure AD (PR Newswire) Vectra AI, a leader in network detection and response (NDR), today announced enhanced cloud identity detection capabilities using Azure AD...
New WatchGuard Cloud Platform Capabilities Usher in the Era of Simplified Security Management for MSPs (WatchGuard Technologies) WatchGuard further unifies security services and streamlines deployment capabilities for MSPs while simplifying zero-trust adoption
Tessian | Tessian Launches Industry-First Solution to Detect and Prevent Email Attachment Anomalies (RealWire) Product launch is accompanied by new research that shows one-third of U.S. organizations have lost customers following email attachment errors
11 February 2021: SAN FRANCISCO. Human Layer Security c
Denim Group and NowSecure Announce Integration for Unified View of Mobile Application Security (BusinessWire) Denim Group today announced its integration with NowSecure, creating a clear path toward scalable vulnerability remediation at DevSecOps speed.
Google News Showcase launches in more countries, including the UK and Argentina (Engadget) Google News Showcase is starting to roll out to more countries worldwide, including the UK and Argentina, on the heels of its Australian launch last week. The digital news digest includes free and paywalled articles from more than 120 UK and 40 Argentinian outlets, bringing its tally to 450 publications. Google’s British media partners range from major news wires such as Reuters to business and politics outlets like The Financial Times and New Statesman, and newspapers The Telegraph, The Independent and Midland News Association.
Technologies, Techniques, and Standards
The Cybersecurity 202: New voting machine security standards are already drawing controversy (Washington Post) The Election Assistance Commission, an independent government body that issues voluntary voting guidelines to states and voting machine vendors, unanimously passed a new set of recommendations for voting machines.
Center for Internet Security (CIS) Releases New Elections Technology Cybersecurity Supply Chain Guide (PR Newswire) The Center for Internet Security, Inc. (CIS®) released Managing Cybersecurity Supply Chain Risks in Election Technology: A Guide for Election...
What to Do After a Data Breach: The Steps Explained (SFGate Lifestyle) The prospect of having your data or identity stolen online is a very scary one. Most of us just choose to ignore the chance that this could happen to us until there’s a real threat to our sec…
OSD, Joint Staff Double Down On DoD-Wide Data Standards (Breaking Defense) "We even had representation at our [first] data summit from NATO," said Army Brig. Gen. Rob Parker, JG deputy director and head of the JADC2 Joint Cross-Functional Team (CFT).
Design and Innovation
In defense of blocking on Clubhouse (Platformer) Blocking is an important part of privacy — but it could be better
Twitter’s Jack Dorsey wants to build an app store for social media algorithms (The Verge) "That is something that not only we can host but we can participate in."
Legislation, Policy, and Regulation
U.N. Members Plan New Cyber Group as States Suffer Large-Scale Hacks (Wall Street Journal) European diplomats are pushing to create a long-term United Nations group that would consider how to respond to government-sponsored cyberattacks.
A New Australian Law Is the Wrong Answer to Big Tech (One Zero) Google and Facebook are too powerful, but monetization won’t solve the core problems
Microsoft CEO's Take on Tech's Clout: `Big by Itself Is Not Bad’ (Bloomberg) U.S. technology companies should be ready to face greater global competition—including from China, Nadella says
White House Announces Senior Official Is Leading Inquiry Into SolarWinds Hacking (New York Times) The announcement comes after the bipartisan leaders of the Senate Intelligence Committee criticized the administration for its disjointed response.
White House Names Cybersecurity Expert to Lead Response to SolarWinds Hack (Wall Street Journal) Anne Neuberger, a senior White House National Security Council official, has been in the position since President Biden took office, but administration officials didn’t disclose her appointment until Wednesday.
Ex-government officials urge US to take action to avoid another SolarWinds-style hack (CyberScoop) The U.S. government requires dramatic updates to its current approach toward cybersecurity if Americans want to avoid the kind of cyber-espionage campaigns that have recently rocked the national security establishment, a panel of security practitioners told Congress Wednesday.
Experts tell Katko: CISA should 'quarterback' federal government cybersecurity (Auburn Citizen) A pair of experts, including the former head of the Cybersecurity and Infrastructure Security Agency, told U.S. Rep. John Katko that the agency should handle cybersecurity for more than 100
Congress’ newest subcommittee is focusing on cyber troops and JEDI (Federal News Network) The first-ever chairman of the Cyber, Innovative Technologies and Information Systems Subcommittee, Rep. Jim Langevin (D-R.I.), said the panel will pursue an aggressive agenda.
()
U.S. Cyber Weapons Were Leaked — And Are Now Being Used Against Us, Reporter Says (NPR) New York Times reporter Nicole Perlroth says the U.S. went from having the world's strongest cyber arsenal to becoming most susceptible to attack. Her book is This is How They Tell Me The World Ends.
How scammers targeted Colorado’s unemployment system -- and what the state is doing about it (The Colorado Sun) Like many victims of unemployment fraud, Duane Thomas only learned that someone had used his identity to file for jobless benefits when a strange 1099-G tax document arrived in his mailbox last month. He reported the mistake in an online form provided by the state Department of Labor and Employment. Within about three weeks, the […]
Litigation, Investigation, and Law Enforcement
Twitter suspends over 500 accounts in India after government warning (TechCrunch) Twitter said on Wednesday it has taken action on more than 500 accounts and reduced visibility of some hashtags in India to comply with “several” orders from the Indian government after New Delhi threatened legal action against executives with the American social network. Twitter had su…
Authorities arrest SIM swapping gang that targeted celebrities (ZDNet) Eight men were arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks targeting US celebrities.
()
Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests (ZDNet) Facebook's crackdown on lookalike domains last year has touched some of the domains security firm Proofpoint was using for security awareness training exercises.
11th Circuit Finds No Standing Based on Fear of Future Identity Theft (JD Supra) In an opinion that deepens an existing circuit court split, the Eleventh Circuit recently held that the future risk of identity theft is not...
Classified assessment found slow and chaotic response to brain injuries affecting diplomats in Cuba (Washington Post) More than four years after personnel at the U.S. Embassy in Havana began reporting sudden, debilitating illnesses, with severe headaches, hearing loss and other brain injuries, there are still no definitive answers as to what caused the outbreak.
DPC fines UCD €70,000 for GDPR breach (Lexology) The Irish Data Protection Commission (DPC) has imposed a €70,000 fine on University College Dublin (UCD) for failure to implement appropriate…