Pinellas County, Florida: the latest on the water treatment attack.
Compromise of U.S. Water Treatment Facility (CISA) On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment plant. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also known as lye, a caustic chemical, as part of the water treatment process. Water treatment plant personnel immediately noticed the change in dosing amounts and corrected the issue before the SCADA system’s software detected the manipulation and alarmed due to the unauthorized change.
Cybercriminals are interested in your SCADA systems (Intel 471) Within the last year, Intel 471 has seen financially-motivated actors attempt to sell access to SCADA systems tied to water treatment plants.
Visibility, Monitoring, and Critical Infrastructure Security (DomainTools) Joe Slowik provides an overview of the Oldsmar incident and delivers defensive countermeasures and attack surface reduction recommendations.
Local water authorities insist we're secure from system hackers (Sun Newspapers) You wouldn’t think twice about sipping cool water from the kitchen tap.
Dayton’s drinking water systems have layers of security to curb hacking, officials say (Dayton Daily News) A cyber attack like one recently attempted in Florida, where a hacker tried to add dangerous levels of chemicals to the drinking water is unlikely to happen in Dayton and some local municipalities because the operation of their treatment plants isn’t connected to the internet, city officials said.
Wisconsin Agency Issues Alert After Florida Water System Hack (Government Technology) The state’s Department of Natural Resources urged municipal water systems to take steps to secure their computerized control systems, after hackers accessed and made changes to a water treatment system in Florida.
Cyber Attacks, Threats, and Vulnerabilities
The Long Hack: How China Exploited a U.S. Tech Supplier (Bloomberg) For years, U.S. investigators found tampering in products made by Super Micro Computer Inc. The company says it was never told. Neither was the public.
Pro-India hacking group expands mobile malware arsenal (CyberScoop) A pro-India hacking operation has used two kinds of mobile surveillance malware to spy on hundreds of victims for years, new research shows.
U.N. experts point finger at North Korea for $281 million cyber theft, KuCoin likely victim (Reuters) A preliminary United Nations inquiry into the theft of $281 million worth of assets from a cryptocurrency exchange last September "strongly suggests" links to North Korea - with industry analysts pointing to Seychelles-based KuCoin as the victim of one of the largest reported...
Krebs: More 'destructive,' 'brazen' attacks possible from Russia (FCW) The former CISA director's warning came during one of the first congressional hearings that largely focused on the SolarWinds Orion breach.
Supply chain security is actually worse than we think (ZDNet) Most enterprises have no clue they're sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.
Software supply chain attacks – everything you need to know (The Daily Swig) The SolarWinds breach brought a dangerous attack vector to the fore, but supply chain attacks are far from a new phenomenon
ECU Worldwide chief confirms IT systems are down after 'cyber incident' (The Loadstar) The chief executive of ECU Worldwide has confirmed the company’s systems have been affected by a “cyber incident”. In a note to customers, Tim Tudor wrote: “Our online systems have been temporarily unavailable due to a cyber incident. “As a precautionary measure we have taken our systems offline. This includes emails. “Our IT team, along with a top independent global IT vendor, are in the midst of completing the requisite processes to get ...
Hackers auction alleged stolen Cyberpunk 2077, Witcher source code (BleepingComputer) Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were stolen in a ransomware attack.
Cyberpunk 2077 and Witcher 3 source code reportedly sold by CD Projekt Red hackers (Computing) It is not clear who purchased the data, how much they paid for it or even the currency they used
Malware slingers step up efforts to target gamers on Discord (The Daily Swig) Persistence of malicious links and lack of ‘report abuse’ button faulted by security researchers
Multiple Embedded TCP/IP stacks (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Multiple
Equipment: Nut/Net, CycloneTCP, NDKTCPIP, FNET, uIP-Contiki-OS, uC/TCP-IP, uIP-Contiki-NG, uIP, picoTCP-NG, picoTCP, MPLAB Net, Nucleus NET, Nucleus ReadyStart
Vulnerabilities: Use of Insufficiently Random Values
Rockwell Automation DriveTools SP and Drives AOP (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
Vendor: Rockwell Automation
Equipment: DriveTools SP and Drives AOP
Vulnerability: Uncontrolled Search Path Element
2. RISK EVALUATION
Successful exploitation of this vulnerability may result in privilege escalation and total loss of device confidentiality, integrity, and availability.
Wibu-Systems CodeMeter (Update E) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Wibu-Systems AG
Equipment: CodeMeter
Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verification of Cryptographic Signature, Improper Resource Shutdown or Release
2.
Romance Fraud Scams Are On The Rise (Tessian) Cybercriminals target and trick people on social media and email using social engineering scams, posing as romantic interests.
Romance scams take record dollars in 2020 (Federal Trade Commission) They say love hurts.
Verify Your Valentine (CISA) This Valentine’s Day, before you go looking for love in all the wrong chat rooms, CISA reminds users to be wary of internet romance scams. At first, cyber criminals promise the reward of romance after adopting an alias to appear as a potential partner. Once your heart is hooked on hope, they turn the tables. The scammer with the illusive identity will ask for money, making promises of phony matrimony, as they finagle funds from you as a fake fiancée.
If you don’t know who you are doting on when you are dating, be cautious with your cash and keep it.
20 Years After the Love Bug Virus: Too Many Phish in the Sea (Vade Secure) 20 years after Love Bug infected 50 million computers, phishing has morphed into other variants that exploit user emotions.
()
()
No evidence personal info stolen in Sask Polytech cyber attack: school officials (Global News) School officials say although they haven't found a motive for the Oct. 30 malware attack, they don't believe any personal information was compromised.
Security Patches, Mitigations, and Software Updates
Gmail iOS App Has Out of Date Warning After 2 Months of No Updates as Google Delays Privacy Labels [Updated] (MacRumors) Though Google has promised to update its suite of apps with App Privacy labels to comply with App Store rules that Apple began enforcing in December,...
Apple's Keeping Google's Prying Eyes Out Of iOS 14 (Gizmodo) The move is part of Apple's latest privacy push.
()
Cyber Trends
Cyber Warfare: Report on 2020 Shows Triple-Digit Increases Across All Malware Types (Yahoo) A study reports on the hundreds of millions of attempted cyber-attacks that occurred in 2020 showing malware increased by 358% versus 2019.
Rising Security Concerns in the Telecom Industry (SecurityHQ) Protecting telecom infrastructure is far from easy. Threat actors will continue to exploit vulnerabilities.
Successful BEC attacks become 56% more costly (Help Net Security) BEC attacks that sought wire transfers from victim companies sought an average of $75,000, making them very successful, according to Agari.
Hybrid cloud is critical to meeting global business needs (NTT) NTT's 2021 Hybrid Cloud Report highlights the critical need for business agility, and how hybrid cloud has helped businesses achieve this. Read more
Marketplace
Funds advised by Apax to acquire Herjavec Group (PR Newswire) Funds advised by Apax Partners (the "Apax Funds") today announced the signing of a definitive agreement to acquire a majority stake of Herjavec...
Cyren Announces $13.8 Million Registered Direct Offering of Ordinary Shares (Yahoo) Cyren (NASDAQ:CYRN), a provider of email security and threat intelligence solutions, today announced that it has entered into securities purchase agreements with several institutional investors for the purchase and sale, in a registered direct offering, of 12,000,000 of its ordinary shares at a purchase price of $1.15 per share for gross proceeds of $13.
Program administrator adds cyber underwriters (Business Insurance) Specialty program administrator Dual North America Inc. said Thursday it had expanded its cyber liability underwriting unit, adding two senior cyber underwriters from Chubb Ltd. and Axa XL, a division of Axa SA.
Google partners brace for hit as search giant threatens Australia exit (ETCIO.com) Google said it would likely pull its core search function from Australia if the government pushes ahead with a plan to require it and Facebook to pay ..
Akamai CEO on Pivot From Web to Cloud Security (Yahoo) Tom Leighton, chief executive officer of Akamai Technologies Inc., says the time has come to bring all of the security products together in one group. He speaks on "Bloomberg Markets: The Close."
Akamai cuts 2 percent of workforce as part of reorganization around security business (Boston Globe) The Cambridge-based company reported on Tuesday that revenue from its security business topped $1 billion over the last year, growing over 25 percent from the year prior.
Microsoft’s $10-Billion Secret: 6 Fun Facts about its Security Business (Cloudwars) On the Jan. 27 earnings call, Satya Nadella casually mention that Microsoft’s security business did more than $10 billion in revenue in 2020.
Major Hospitals Form Company to Capitalize on Their Troves of Health Data (Wall Street Journal) A group of major hospital systems is launching a company to pull together and sell access to anonymized data on their millions of patients for uses including research and drug development.
Ivanti Announces Erik Randles as New SVP, Global Channels and Alliances (BusinessWire) Ivanti, Inc., the automation platform that makes every IT connection smarter and more secure, today announced the appointment of Erik Randles, the com
Coalfire Federal Names Stuart Itkin to Lead CMMC Assurance Practice (PR Newswire) Coalfire Federal, a leading cybersecurity services provider to the federal government and Defense Industrial Base (DIB), today announced the...
Bryan S. Ware Joins LookingGlass Advisory Board (Citybizlist) LookingGlass Cyber Solutions, a leader in operationalizing threat intelligence, announced the appointment today of Bryan S. Ware to its Advisory Board. Ware brings extensive government and business experience, with a particular focus on infrastructure security and policy.
Products, Services, and Solutions
Latest Release of Tripwire Configuration Manager Delivers Increased Protection (Tripwire) Service expands support across three major cloud service providers and offers storage configuration monitoring.
Demetics Protects AI-Based Medical Innovation with Intel SGX (Intel Newsroom) What’s New: Demetics Medical Technology Co. Ltd. is using Intel® Software Guard Extension (Intel® SGX) and Intel® oneAPI Math Kernel Library (oneMKL) to
BlackBerry Bolsters Embedded Software Portfolio with Release of QNX Hypervisor 2.2 (BlackBerry) BlackBerry today announced the release of QNX® Hypervisor 2.2, the latest edition of the company’s real-time embedded hypervisor product.
Cybersecurity and MSP Market Leaders Bring Their Expertise to CompTIA ISAO (Telecom Reseller) Executives from companies and organizations at the forefront of the cybersecurity and managed services technology markets have been named to the inaugural Executive Advisory Council (EAC) of the CompTIA Information Sharing and Analysis Organization (ISAO).
IDX Announces Cybersecurity Healthcheck for Organizations in Conjunction with No-Cost Data Breach Services Agreement (PR Newswire) Today IDX, the leading digital privacy platform and data breach services provider, announces its Cybersecurity Healthcheck, a complimentary...
Barracuda Networks launches new version of email threat scanner (Hindu Businessline) This would enable in detecting cyber attacks better
KnowBe4 Releases Comprehensive Guide to Fight Phishing and Social Engineering (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that it has released...
HALOCK And Spirion Partner To Solve Vexing Privacy Compliance Issue (PR Newswire) HALOCK, an information security professional services firm in the Chicago area, has partnered with an industry-leading data protection vendor,...
File Shredding Software by Jetico Saves Time with Intuitive Interface (BusinessWire) BCWipe version 7, Jetico’s file shredding software, now saves time with an intuitive and streamlined interface.
HALOCK And Spirion Partner To Solve Vexing Privacy Compliance Issue (PR Newswire) HALOCK, an information security professional services firm in the Chicago area, has partnered with an industry-leading data protection vendor,...
Syniverse and Minu Launch Verified SMS in Brazil (Valdosta Daily Times) Syniverse, the most connected company in the world, has launched, together with Minu, previously known as Minutrade, its first Verified short message service (SMS) project in Brazil. The collaboration between the two companies will allow Minu to send SMS messages with an additional layer of verification, which gives its customers more confidence in interacting with its brand through text Messages by Google.
Technologies, Techniques, and Standards
Is it Time to Update Your Cyber Insurance Strategy? (Security Boulevard) If anything, 2020 was about preparing for – well, everything. This includes cyberthreats, which have risen sharply in the pandemic era. In 2021, rethinking your cyber insurance strategy should be a top priority for CISOs and executive leadership.
Research and Development
NAVWAR looking for emerging cyber research and development (C4ISRNET) Naval Information Warfare Systems Command looks to industry to fill gaps in cyber warfare weapon systems.
Machines Are Inventing New Math We've Never Seen (Vice) Pushing the boundaries of math requires great minds to pose fascinating problems. What if a machine could do it? Now, scientists created one that can.
Legislation, Policy, and Regulation
Microsoft president Brad Smith explains backing of Australia's proposed media laws (CRN Australia) Company president Brad Smith argues in favour of measures.
Microsoft: U.S. should consider Aussie law vexing Facebook, Google (Axios) "I would be the first to acknowledge that we recognize that this is an opportunity to combine good business with a good cause," Microsoft President Brad Smith told Axios.
Analysis | The Cybersecurity 202: Biden will sign an executive order to fuel the U.S. semiconductor industry (Washington Post) The proposed order comes amid a broader review of Trump's crackdown on Chinese technology.
U.S. chip industry calls on Biden administration to fund factories (Reuters) A group of U.S. chip companies on Thursday sent a letter to President Joe Biden urging him to provide "substantial funding for incentives for semiconductor manufacturing" as part of his economic recovery and infrastructure plans.
How the Biden administration can avoid another SolarWinds attack (C4ISRNET) We need better cybersecurity requirements in general for all government contractors and suppliers.
()
Experts Tell Lawmakers to Give CISA 'Operational' Federal Information Security Role (Nextgov.com) Former CISA director Chris Krebs said government contracts also need to change in order to facilitate cross-agency information sharing.
DHS agency should defend all federal computer networks, experts say (Roll Call) The Cybersecurity and Infrastructure Security Agency should have more clout and greater authority over all civilian agency computer networks, officials say.
Lawmakers concerned CISA lacks ‘centralized visibility’ to hunt agency cyber threats (Federal News Network) The Biden administration is touting a whole-of-government approach to cybersecurity that leading members of Congress has stressed for years.
Rep. Jim Langevin Lays Out Priorities as Chairman of New House Cyber Subcommittee (Executive Gov) Rep. Jim Langevin, D-R.I., will serve as chairman of the newly established panel within the House Ar
()
()
Huawei suppliers push to reverse Trump's last minute blows (Reuters) Semiconductor firms are seeking extra time to appeal last-minute Trump administration moves to block sales to Chinese telecoms company Huawei, hoping against the odds that the Biden administration will reverse course, five sources said.
Biden Admin. Looks To Pause WeChat, TikTok Shutdown Bids (Law360) The Biden administration is pausing federal efforts to remove the Chinese social media applications WeChat and TikTok from U.S. networks.
Will the FCC relent on Huawei ‘national security threat’ label? (Totaltelecom) Huawei is once again challenging the Federal Communication Commission (FCC)’s decision to designate them a threat to national security, after multiple failed appeals
How tweets poison a leader from the get-go (Federal News Network) OMB nominee Neera Tanden learns the hard way how being anti on social media can come back to bite.
Baltimore County Board Of Education Approves Contracts After Ransomware Cyber Attack (CBS Local Baltimore) The Baltimore County School Board has approved nearly $2 million in contracts in connection to the aftermath of the ransomware cyber attack in November 2020.
Litigation, Investigation, and Law Enforcement
()
Huawei Says Feds Are Withholding Exculpatory Evidence (Law360) Huawei Technologies Co. Ltd. says federal prosecutors are withholding exculpatory evidence from the company in its case accusing the Chinese telecommunications giant of bank fraud and violating U.S. sanctions, as well as racketeering and trade secret theft charges.
WSJ News Exclusive | GameStop Mania Is Focus of Federal Probes Into Possible Manipulation (Wall Street Journal) The U.S. Justice Department has subpoenaed information from Robinhood Markets and others.
Meghan Markle Gets Privacy Win In Battle With Daily Mail (Law360) The Duchess of Sussex won her privacy and copyright case on Thursday against a British tabloid that published a letter she penned to her father, as a London court rejected the Daily Mail's claim that its coverage was in the public interest.
Facebook has doubled bullying and harassment takedowns since last year (The Verge) It attributes the change to AI improvements.
No Catch: Facebook Moved to Claim Domains Used For Employee Cybersecurity Training - Tech (LawStreetMedia) Law Street provides accessible, client-focused legal news designed to inform readers and connect lawyers with the legal needs in their field.
Man Pleads Guilty to Stealing Nude Photos of Dozens of Victims (US Department of Justice) A New York man pleaded guilty Monday to computer fraud and aggravated identity theft related to his hacking of online social media accounts and theft of nude images of dozens of female victims.