Cyber Attacks, Threats, and Vulnerabilities
Warning: Google Alerts abused to push fake Adobe Flash updater (BleepingComputer) Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers.
Florida water utility hack reveals thousands of organizations vulnerable to Window 7 exposure (Utility Dive) Critical infrastructure providers and small and medium businesses continue to operate the outdated Microsoft OS without security updates and patches.
Hungary Says Vaccine Registration Website Under Cyber Attack (Bloomberg) The website to register for a coronavirus vaccine in Hungary was one of several government pages facing a cyber attack on Friday, leading to temporary outages for some users.
Jian - The Chinese Double-edged Cyber Sword (Check Point Software) Highlights: A Chinese-affiliated attack group (APT31) cloned and actively used an American-affiliated attack group’s (Equation Group) cyber offensive tool
Chinese hackers cloned attack tool belonging to NSA’s Equation Group (ZDNet) The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued.
China Hijacked an NSA Hacking Tool—and Used It for Years (Wired) The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online.
French health insurer suffers cyber attack (ITIJ) The latest count of cybercrime further highlights the vulnerability of healthcare IT infrastructure
New malware "Silver Sparrow" is targeting both Intel and M1 Macs (Mashable) Nearly 30,000 Macs (and counting?) have been infected.
'Silver Sparrow' malware infects about 30,000 Macs worldwide (Computing) But so far the new attack does...nothing
New malware found on 30,000 Macs has security pros stumped (Ars Technica) With no payload, analysts are struggling to learn what this mature malware does.
Clubhouse Chats Are Breached, Raising Concerns Over Security (Bloomberg) The app’s creators had been warned user data was vulnerable. An unidentified user streamed audio chats to their own website.
Clubhouse suffers 'data breach' after third-party developer designs app for Android users (SiliconANGLE) The hot audio-based social app Clubhouse has apparently suffered a data breach, as a third-party developer designed an open-source app that allowed Android smartphone users to access the invite-only, iPhone-only service.
The social app Clubhouse is an invitation to trouble (the Guardian) The startup’s invitation-only model gives it a sheen of exclusivity, but privacy horrors lurk behind the buzz
Sequoia Capital says it was hacked (Axios) The firm informed its investors that some of their personal and financial data may have been accessed.
Masslogger campaigns exfiltrates user credentials (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users (The Hacker News) Privacy Bug in Brave Browser Exposes .onion Dark-Web Browsing History of Its Users
Credential-Stuffing Attack Targets Regional Internet Registry (Threatpost) RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA (TerabitWeb Blog) Original Post from Security Affairs Author: Pierluigi Paganini RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for their a…
Payment processor used government hit by 'Cuba' ransomware gang (SC Media) The targeted payment processor is widely used by many state and municipal agencies to manage utility bills and driver’s license data.
‘Cuba Ransomware’ attack disrupts payment provider used by state and local agencies (StateScoop) A successful attack against a widely used payment processing service has prompted state and local agencies to issue breach disclosures in recent days.
Hack of Software Provider Accellion Sets Off Global Ripple Effects (Wall Street Journal) The hack of software provider Accellion has renewed security experts’ fears of attacks on suppliers and highlighted the difficulty of defending against them in real time.
Kroger reports data breach affecting pharmacy records, associate HR data (Fox 19) Kroger is informing customers and associates of a data breach involving a third-party software vendor.
Kroger confirms data breach impacts customers of pharmacy, money services (WLWT) Kroger announced Friday a data breach is impacting customer of its pharmacy and money services.
Kroger advises customers of data breach affecting pharmacy (Atlanta Journal Constitution) The Kroger Co. is advising customers of its pharmacy and Little Clinic of a data security breach in which patient names and personal information were accessed illegally, according to multiple media outlets.
Watermark takes action after data security breach potentially affects people in 10 states - News - McKnight's Senior Living (McKnight's Senior Living) Tucson, AZ-based Watermark Retirement Communities is the latest victim of a data security breach, in this case one that may have compromised the personal information of 208 residents and others.
Scottish Borders Council suffers data breach (UKAuthority) Scottish Borders Council has acknowledged a digital data breach that it says has affected around 600 customers.
Georgetown County cyber attack traced to “sophisticated” email from hackers (WCBD News 2) Georgetown County Government on Friday provided an update on a recent cyber hack that destroyed the county’s network. According to a press release, the hack wa…
Lakehead extends study break after cyber attack (CTV News Barrie) Students at Lakehead University are getting an extended winter study break following a cyber attack.
Singtel's data breach: What happened, and how can you protect yourself? (AsiaOne) Singtel’s announcement of their data breach which affected approximately 129,000 customers should be a cause for concern, as identifiable data containing NRIC and a combination of phone number, address, name, and date of birth was part of that leak. Singtel was alerted by Accellion, a third-party vendor for a file-sharing system, that unidentified hackers have gained access to that file-sharing...
Security Patches, Mitigations, and Software Updates
Brave Release Notes | Brave Browser (Brave Browser) The Brave browser is a fast, private and secure web browser for PC, Mac and mobile. Download now to enjoy a faster ad-free browsing experience that saves data and battery life by blocking tracking software.
Malware and Exploit Activity are up by more than 57% according to latest Nuspire Threat Report (Nuspire) Nuspire, a leading managed security services provider (MSSP), today announced the release of its 2020 Q4 and Year in Review Threat Landscape Report. Sourced from its 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence…
'Silent stealing': cyber fraudsters expand mass, low-return operations in the pandemic (Computing) Criminals are targeting hundreds of thousands of individuals for as little as £10, reasoning that such thefts are less likely to be reported
Global Threat Report Highlights Trends in eCrime and Nation-State Activity (CrowdStrike) CrowdStrike announced the release of the 2021 CrowdStrike Global Threat Report, detailing unique threat landscape insights and best practices for 2021.
2021 Global Threat Report: Analyzing a Year of Chaos and Courage (CrowdStrike) In introducing the 2021 Global Threat Report, CEO George Kurtz says “2020 was perhaps the most active year in memory.” He explains how that shaped this year’s report.
The Cybersecurity 202: Cybercrime skyrocketed as workplaces went virtual in 2020, new report finds (Washington Post) Companies faced significantly more digital threats last year as the coronavirus pandemic forced a shift to remote work – and hackers are likely gearing up for even more attacks as many choose to keep workers home until the end of 2021, or in some cases permanently.
Only a tiny percentage of security vulnerabilities are actually exploited in the wild (TechRadar) Most vulnerabilities are patched before they're exploited
Cybersecurity is the risk of this decade: IBM CEO (Fortune) Arvind Krishna, IBM chairman and CEO, at Nasscom's virtual event, also talked about what India needed to do to become an innovation hub, and the year ahead.
DDoS attacks dropped by a third in Q4 2020, compared to Q3 (Information Age) The number of DDoS attacks detected by Kaspersky was found to have dropped by 31% in Q4 2020, compared to Q3, as cryptomining rises
Kaspersky Research: Russia Now No. 1 Global Source of Spam (Channel Futures) Russia has overtaken the United States as the world's top source of spam emails, according to new Kaspersky research. Online stores were most targeted.
A new mimecast report shows a steady increase in malicious files in GCC (Gulf News) Mimecast researchers observed month-on-month increase in malicious files in the region
VArmour Secures $58 Million (Silicon Valley Daily) vArmour, a provider of Application Relationship Management software, has raised $58 million in a new round of funding. The oversubscribed round was led by AllegisCyber Capital and NightDragon, with support from existing investors Standard Chartered Ventures, Highland Capital Partners, Telstra, Redline Capital, and EDBI.
Robert Herjavec Interview: CEO Explains Herjavec Group-Apax Partners Deal (MSSP Alert) CEO Robert Herjavec explains Herjavec Group's deal with private equity firm Apax Partners, and what's next for the MSSP's cybersecurity business.
FiscalNote buys English advisory firm Oxford Analytica (Washington Business Journal) D.C. legislative and regulatory dashboard FiscalNote Inc., which owns CQ Roll Call, has acquired a English advisory firm — and a new Securities and Exchange Commission filing could shed some light on the deal.
Dell to invest $50m in Singapore innovation hub (ComputerWeekly) Dell Technologies’ new global innovation hub will house a research and development lab and other facilities to drive development and adoption of emerging technologies
Google fires another AI ethics leader (Axios) The firing follows the controversial ouster of Timnit Gebru.
Google tweaks diversity, research policies following inquiry (Axios) The moves follow the company's ouster of prominent AI researcher Timnit Gebru.
Facebook takes down main page of Myanmar military (Reuters) Facebook on Sunday deleted the main page of the Myanmar military under it standards prohibiting the incitement of violence, the company said, a day after two protesters were killed when police opened fire at a demonstration against the Feb 1 coup.
“Mark Changed The Rules”: How Facebook Went Easy On Alex Jones And Other Right-Wing Figures (BuzzFeed News) Facebook’s rules to combat misinformation and hate speech are subject to the whims and political considerations of its CEO and his policy team leader.
WhatsApp details what will happen to users who don’t agree to privacy changes (TechCrunch) WhatsApp said earlier this week that it will allow users to review its planned privacy update at “their own pace” and will display a banner to better explain the changes in its terms. But what happens to its users who do not accept the terms by the May 15 deadline? In an email to one […]
All the cool politicians are on Clubhouse (POLITICO) The invite-only audio platform has quickly become popular among Brussels’ tech-minded folk.
Evolv Technology Appoints Tech Industry Veteran Merline Saintil to its Board of Directors (Evolv Technology) Evolv Technology announces appointment of digital transformation executive Merline Saintil to its board of directors.
Palo Alto Networks Appoints Dr. Helene D. Gayle to Its Board of Directors (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today announced the appointment of Dr. Helene D. Gayle to the company's board...
Novetta Elevates Kevin Heald, Michael Thieme to Key Exec Positions (WashingtonExec) Novetta has promoted two experienced executives to new roles in an effort to unify its technology portfolio and expand its information exploitation
Products, Services, and Solutions
GitLab 13.9 released with a Security Alert Dashboard and Maintenance Mode (GitLab) GitLab 13.9 released with a Security Alert Dashboard, Maintenance Mode, and so much more!
Apiiro Releases Industry’s First Solution That Detects and Prevents the Attack Used Against Solarwinds (Apiiro) SolarWinds Press Release
CIS rolls out free ransomware protection service for private hospitals (Becker's Hospital Review) Private hospitals in the U.S. can access a free ransomware protection service funded by the Center for Internet Security.
Palo Alto Networks expands IoT security to healthcare to ensure patient data privacy (Back End News) Cybersecurity solutions firm Palo Alto Networks addresses emerging concerns on healthcare data security amid a global health crisis. Leveraging machine learning (ML), the company’s ensures mo…
Technologies, Techniques, and Standards
Live-fire drill puts Europe’s military cyber responders to the test (Defense News) Officials hope to break up a culture of secrecy and encourage data sharing among member states.
Zero Trust is not a security solution. It’s a strategy (ZDNet) One of the top challenges and misunderstandings that I continue to see is what the definition of Zero Trust actually is. Zero Trust is not one product or platform; it's a security framework built around the concept of "never trust, always verify" and "assuming breach."
'Cyber education alone will not stop Australia's cyber attacks' (ARN) According to one of Australia and New Zealand’s leading cyber security players, blaming employees working from home falls short of addressing the whole story.
‘Crypto’: Hidden from view, yet on everyone’s lips (mint) An ancient term for something secret has been applied to many modern enigmas, including the hottest new form of currency
Design and Innovation
Online Speech Is Now an Existential Question for Tech (Wall Street Journal) Content moderation rules used to be a question of taste. Now, they can determine a service’s prospects for survival.
Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That (The Record by Recorded Future) The Record caught up with threat intelligence researcher Timo Steffens to talk about the latest in threat hunting.
Anthony Levandowski closes his Church of AI (TechCrunch) The first church of artificial intelligence has shut its conceptual doors. Anthony Levandowski, the former Google engineer who avoided an 18-month prison sentence after receiving a presidential pardon last month, has closed the church he created to understand and accept a godhead based on artificia…
The massive coronavirus IT blunder with a funny side (Naked Security) He was either the smallest person who has ever lived, by an order of magnitude, or the heaviest person ever known, by two of them.
Legislation, Policy, and Regulation
EU Decision Frees U.K. to Handle Europeans’ Personal Data (Wall Street Journal) European Union officials granted the U.K. a sweeping arrangement that will allow companies to continue moving personal data between the jurisdictions, pending approval from the union’s 27 member countries and privacy regulators.
China Blocked Clubhouse App Fearing Uncontrolled Public Discourse (Voice of America) For a brief time before Beijing banned the audio chat app Clubhouse, tech-savvy Chinese joined global discussions on taboo topics — Beijing’s placement of Uighurs in concentration camps in Xinjiang, Hong Kong’s pro-democracy movement and the 1989 Tiananmen Square protests — absorbing perspectives and information far outside the lines drawn by the Communist Party.
GCHQ and NSA Celebrate 75 Years of Partnership (Homeland Security Today) The United Kingdom Government Communications Headquarters (GCHQ) and the United States National Security Agency (NSA) commemorate their partnership to share intelligence. These intelligence agencies have worked together for nearly a century to strengthen national security. March 5, 2021, marks the 75th anniversary of the formalized agreement to share information between the two agencies as much as possible, with minimal restrictions.
NATO and North Macedonia strengthen responses to cyber threats (NATO) NATO’s newest Ally, North Macedonia, signed a key document that will improve cyber defence cooperation and assistance between NATO and the country’s cyber defenders. The new Memorandum of Understanding (MOU) on cyber defence cooperation facilitates information-sharing on cyber threats and best practices, helps prevent cyber incidents and will enable North Macedonia to increase its resilience to cyber threats.
Internet Shutdowns Leave Indians Struggling With Everyday Life (Foreign Policy) Cutting cables has become the Modi government’s favorite tool.
Canada to follow Australia and take on Facebook, seeking payment for content (New York Post) Canada is poised to take on Facebook, following the example set by Australia, which began a war with the tech giant when the country’s publishers backed proposed legislation demanding payment…
Defence firms losing business due to cyber attack concerns (Australian Financial Review) The government is seeking to lift cyber security standards after 40 per cent of small and medium businesses missed out on defence contracts due to lax protections.
Australia Is Fighting a Platform War on the Wrong Battlefield (Wired) Plus: Google’s ad software, the future of space travel, and the Texas governor’s weird tune.
China May Ban Rare Earth Tech Exports on Security Concerns (Bloomberg) Ban on raw materials to U.S. unlikely unless tensions deepen. Technology viewed as a more powerful weapon in a trade war.
China's foreign minister calls for the U.S. to remove tariffs and sanctions (CNBC) Chinese Foreign Minister Wang Yi laid out specific requests for U.S. President Joe Biden's administration as the two countries navigate a tense relationship.
Biden calls for creating 'rules' on cyber, tech to combat China and Russia threats (TheHill) President Biden on Friday called on the United States and other democratic nations to shape the “rules of the road” on cybersecurity and tech issues, particularly as part of efforts to confront China and Russia.
Biden declares ‘America is back’ in welcome words to allies (Washington Post) President Joe Biden used his first address before a global audience Friday to declare that “America is back, the transatlantic alliance is back,” after four years of a Trump administration that flaunted its foreign policy through an “America First” lens.
A Sharper, Shrewder U.S. Policy for Chinese Tech Firms (Foreign Affairs) Biden Can Make the Most of a Trump-Era Rule
Suspected Russian hack fuels new US action on cybersecurity (AP NEWS) Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation’s cyber defenses and...
A Biden official says the White House's response to the SolarWinds attack may come within weeks (Business Insider) President Joe Biden's administration may respond to the SolarWinds attack within weeks, a national security advisor told CNN on Friday.
Neuberger: Private-Sector Partnership ‘Core’ in Fixing Huge Hack, Building Better Defenses (Homeland Security Today) The federal government is prioritizing cooperation with the private sector — the “partnership has to be a core part of national cyber defense” — in order to fix the massive SolarWinds hack and beef up cyber infrastructure to better protect the country in the future, the White House cybersecurity chief said this week.
Category: Ask the CIO (Federal News Network) Executive Editor Jason Miller talks to federal chief information officers about the latest technology trends and issues facing their agencies on Ask the CIO.
When Government Intelligence Agencies Encounter Nonstate Competitors (Stratfor) Nongovernmental actors that conduct intelligence collection, analysis and operations create a more complex environment that offers policymakers tradeoffs.
Gen. Paul Nakasone Receives Fifth Consecutive Wash100 Award; Jim Garrettson Quoted (GovCon Wire) Gen. Paul Nakasone, commander of the U.S. Cyber Command, director of the National Security Agency an
Litigation, Investigation, and Law Enforcement
North Korean cyberspies behind BOV cyber attack (Newsbook) Three North Korean military hackers have been indicted by the United States Department of Justice on charges related to a wide-ranging scheme to commit cyberattacks and financial crimes across the world.
Experian challenged over massive data leak in Brazil (ZDNet) Consumer rights body criticizes explanations from the credit bureau in relation to the data exposure of over 220 million citizens.
Allegations of planted evidence raise questions about hacking ecosystem in India (CyberScoop) A new forensics report finds digitally planted evidence against one activist in India accused of plotting to overthrow the government.
Data protection breaches and compensation for damages in Germany (Pinsent Masons) If an organisation is responsible for a data breach in Germany it can face not only regulatory fines but also potential claims for damages from those affected.
Wawa Inks $12M Deal With Consumers Over Data Breach (Law360) A proposed class of roughly 22 million Wawa customers asked a Pennsylvania federal judge on Friday to preliminarily approve a settlement worth up to $12 million to resolve the consumer track of a putative class action against the grocer that arose from a 2019 security data breach that exposed the credit and debit card numbers of Wawa customers.
Split 9th Circ. Sends Alexa Privacy Suit To Arbitration (Law360) A split Ninth Circuit panel sent to arbitration a proposed class action alleging Amazon's Alexa devices violate state privacy laws, reversing a lower court's decision, which found the claims didn't belong in arbitration because Amazon's alleged conduct was "criminal in nature."