Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19 (Forbes) Oxford’s Division of Structural Biology is hacked by a crew that has allegedly sold data to governments. They acquired access to machines preparing biochemical samples.
Oxford University confirms breach of its Covid-19 lab (Computing) Although Oxford says no clinical studies were compromised, the attackers are likely to sell the data to nation states
Oxford University Covid-19 lab suffers cyberattack (ETCIO.com) Oxford University has confirmed that one of its laboratories involved in Covid-19 research suffered cyberattack after an investigation by Forbes sugge..
Newly Identified Zoom Impersonation Phishing Campaigns: Targeting Users in the EU (GreatHorn) Email phishing attackers are increasingly adding remote collaboration applications to the list of familiar services upon which they basing these attacks. Read how a newly identified Zoom impersonation phishing campaign is targeting users in the EU.
North Korea's Lazarus Group Expands to Stealing Defense Secrets (Dark Reading) Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
Why security experts were blindsided by the SolarWinds attack (Fast Company) The massive cyberattack on U.S. government agencies and corporations took advantage of the fact that the public and private sectors can’t easily share threat information.
Local Privilege Escalation on SaltStack Minions (Immersive Labs) Mat Rollings, Vulnerable App Developer at Immersive Labs, has uncovered a command injection vulnerability in SaltStack's Salt programme.
Npower scraps app, and urges customers to change passwords, after data breach (Graham Cluley) UK energy firm Npower has scrapped its smartphone app following an attack by hackers that saw some users' accounts accessed and personal information stolen.
Cybersecurity Challenges in the Uptake of Artificial Intelligence in Autonomous Driving (ENISA) A report by the European Union Agency for Cybersecurity (ENISA) and the Joint Research Centre (JRC) looks at cybersecurity risks connected to Artificial Intelligence (AI) in autonomous vehicles and provides recommendations for mitigating them.
Claroty Discovers Critical Authentication Bypass in Rockwell Software (Claroty) The Claroty Research Team has discovered a severe vulnerability in a mechanism that verifies communication between Rockwell Automation PLCs and engineering stations. The vulnerability affects Studio 5000 Logix Designer, RSLogix 5000, and many Logix Controllers.
Rockwell Automation Logix Controllers (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Rockwell Automation
Equipment: Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers
Vulnerability: Insufficiently Protected Credentials
2.
PerFact OpenVPN-Client (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: PerFact
Equipment: OpenVPN-Client
Vulnerability: External Control of System or Configuration Setting
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow for local privilege escalation or remote code execution through a malicious webpage.
Fatek FvDesigner (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Fatek
Equipment: FvDesigner
Vulnerabilities: Use After Free, Access of Uninitialized Pointer, Stack-based Buffer Overflow, Out-of-Bounds Write, Out-of-Bounds Read
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow an attacker to read/modify information, execute arbitrary, and/or crash the application.
ProSoft Technology ICX35 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.2
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: ProSoft Technology
Equipment: ICX35-HWC-A and ICX35-HWC-E
Vulnerability: Permissions, Privileges, and Access Controls
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to change the current user’s password and alter device configurations.
Venture Capital Giant Sequoia Targeted in BEC Attack (SecurityWeek) Venture capital giant Sequoia Capital said the recently disclosed cybersecurity incident was apparently part of a BEC attack.
Email hack exposes 45,000 patients' data at Covenant HealthCare (Becker's Hospital Review) Covenant HealthCare has confirmed that an unauthorized individual gained access to two employees' email accounts, potentially exposing about 45,000 patients' information.
Security Patches, Mitigations, and Software Updates
Cisco Patches Severe Flaws in Network Management Products, Switches (SecurityWeek) Cisco has released patches for over a dozen vulnerabilities affecting multiple products, including three critical bugs impacting its ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software.
Cyber Trends
Hospitals, Schools Get a Crucial Break From Ransomware Attacks (The Record by Recorded Future) Healthcare and government organizations started 2021 with ransomware incidents at their lowest point in months.
Study Finds 50% of SMBs Have Experienced a Website Breach, And 40% Are Being Attacked Monthly (Sectigo) Sectigo Website Security and Threat Report Reveals Vulnerabilities, Impact of Breaches, and Spending Trends for SMBs
Advanced Restaurant Technology Creates the Need for Advanced Cybersecurity | (Restaurant Technology News) Cybersecurity concerns are becoming more prevalent across industries. For restaurants, adopting new technology for better managing work processes and the customer experience can bring invaluable benefits—but it also brings added risks. Cybercrime is on the [...]
Marketplace
Hyas raises $16 million to accelerate cyberattack intercept technology (VentureBeat) Hyas has raised a $16 million round to accelerate sales and marketing of its threat detection service and continue product development.
IDS International Acquires International Training and Security Support Services Companies DECO and GovSource (PR Newswire) IDS International, a security government services firm, announced today it has acquired DECO, a global training and specialized technical...
SolarWinds Profit Forecast Trails Estimates After Hack (Bloomberg) SolarWinds had $3.5 million in costs last quarter from attack. As many as 18,000 customers received malicious code in updates.
Cyber attack leads to Isentia's H1 loss (Yahoo) A cyber attack has cost media monitoring agency Isentia more than $4 million and led to a first-half loss.The company on Friday posted a net loss after tax of $5.
An Update on the Situation in Myanmar (About Facebook) An update on the investments Facebook is making in the evolving situation in Myanmar.
Jon Peppler of Bitglass Recognized as 2021 CRN® Channel Chief (BusinessWire) Bitglass, the Total Cloud Security company, today announced that CRN®, a brand of The Channel Company, has named Jon Peppler, Bitglass’ vice president
Products, Services, and Solutions
CleanMyMac X adds native support for Apple Silicon Macs and gets a fantastic new look (MacPaw) Meet the new CleanMyMac X update! New design, M1 support, cleaning more junk, and more! Check out all the massive improvements that come with this new version.
First-Ever ZAPcon Celebrates World's Most Widely Used Application Security Scanner (PR Newswire) ZAPCon, the first-ever user conference for the open source application security testing tool OWASP ZAP, is set to take place March 9, 2021....
Approov Announces Follow-on Research into Security of mHealth apps use of SMART and FHIR with a Call to Participate (BusinessWire) Approov Announces Follow-on Research into Security of mHealth apps use of SMART and FHIR with a Call to Participate; Webinar set for March 4, 1PM EST
Technologies, Techniques, and Standards
()
NSA issues zero trust guidance, urging DOD and contractors to adopt model (FedScoop) The NSA's document on zero trust urges contractors and DOD network administrators to move to the model where no one is trusted.
()
GCHQ sets out rules of the road for AI in cyber (ComputerWeekly) A new paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security
Spy agency: Artificial intelligence is already a vital part of our missions (ZDNet) The UK's GCHQ has unveiled plans to ramp up its use of algorithms. What could go wrong?
Air Force general busts myth that enemies always try to stop rivals’ communications (C4ISRNET) What adjustments must the military make to counter adversaries that want to get inside communications systems instead of cutting them?
Design and Innovation
Google Funds Linux Kernel Security Development (SecurityWeek) Google and the Linux Foundation this week announced the prioritizing of funds to allow long-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor to focus on improving the security of the platform.
The Race to Find Profits in Securing Email (SecurityWeek) Email security startup Armorblox raises $30 million in new VC funding, joining a growing list of well-heeled startups taking a stab addressing one of cybersecurity’s most difficult problems: keeping malicious hackers out of corporate mailboxes.
Twitter planning a feature to let you auto-block and mute abusive accounts (The Verge) It’s a toggle you’ll be able to turn on.
Research and Development
Taiwanese scholar enters semifinals in post-quantum cryptography competition | Taiwan News | 2021/02/25 (Taiwan News) If Academia Sinica researcher wins, his work will be accepted as US standard and possibly international benchmark
Academia
The University of San Diego Named #12 on Best Value Schools List (University of San Diego) The List Features the 16 Best Masters in Security Programs in 2021
Legislation, Policy, and Regulation
European Commission Proposes Stricter, More Encompassing Cybersecurity Obligations for Companies (cyber/data/privacy insights) The last months of 2020 saw impressive legislative activity by the European Commission, as it rolled out proposals for several regulations (namely, the Data Governance Act, the Digital Services Act and the Digital Markets Act), as well as proposed new Standard Contractual Clauses for international d
()
The Cybersecurity 202: DHS chief wants to fight another 'epidemic' – hackers holding data hostage (Washington Post) The Department of Homeland Security is making cybersecurity one of its top priorities for funding this year, underscoring the Biden administration's growing focus on it as part of national security.
Katko calls for bipartisanship on cyber issues as threats intensify (TheHill) Rep. John Katko (R-N.Y.) says he is looking to shine a bipartisan spotlight on cybersecurity concerns as the newly appointed ranking member of the House Homeland Security Committee.
Enhancing Readiness for National Cyber Defense through Operational Collaboration (Columbia SIPA) The 2020 New York Cyber Task Force
Hackers seized on the pandemic. Some states are fighting back. (GCN) Rocked by the massive SolarWinds hack, unemployment system breaches and other attacks, several states are trying to bolster their cybersecurity in the midst of the public health crisis.
Litigation, Investigation, and Law Enforcement
Amazon’s Lack of Public Disclosure on SolarWinds Hack Angers Lawmakers (Wall Street Journal) The tech giant says it wasn’t breached, but it is seen as having valuable data on the attack.
Army probing alleged data breach in Northern Command (The New Indian Express) The data breach took place when the soldier from Punjab and posted under the Northern Command was caught by officials dealing with the alleged issue, Army sources said here.
Cayman Islands, Morocco Placed on Terror-Financing Watch List (Wall Street Journal) The global standard setter for anti-money-laundering laws added Burkina Faso, the Cayman Islands, Morocco and Senegal to its list of jurisdictions under increased monitoring.
ByteDance Agrees to $92 Million Privacy Settlement With U.S. TikTok Teens (Wall Street Journal) The proposed settlement in the U.S. District Court for the Northern District of Illinois could end a set of lengthy disputes over whether the popular video-sharing app unlawfully harvested minors’ personal information.
TikTok Users Ink $92M Deal To End Biometric Privacy MDL (Law360) TikTok users alleging biometric privacy violations in multidistrict litigation against the short-form video-sharing app and its parent company, ByteDance, asked an Illinois federal judge Thursday to approve a $92 million litigationwide settlement.
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit (ZDNet) The video platform was accused of collecting biometric data without consent.
German Prosecutors Are Building AI In-House (Wall Street Journal) European prosecutors and police are constructing their own image-recognition systems so they can explain in court how the algorithms work and meet strict privacy standards.
Huawei’s Meng takes HSBC to court in Hong Kong to seek bank’s papers (South China Morning Post) The documents lie at the heart of Meng’s defence that she did not mislead HSBC about Huawei’s business dealings with Iran, and that the fraud allegations that form the basis of the US extradition request should be thrown out.
FBI, State Police probing cyber hack on Saginaw Township schools (ABC 12) Saginaw Township schools hit by cyber crooks, but classes have continued all week
Koh 'Deeply Disturbed' By Google Tracking Court Site Users (Law360) Google's bid to end a privacy class action backfired Thursday after its attorney pointed out that the Northern District of California's court website uses Google analytics to track website users — a revelation that "deeply disturbed" U.S. District Judge Lucy Koh and prompted her to order discovery on the tracking.
Celebs Settle Tabloid Phone Hacking Claims As More Loom (Law360) "Britain's Got Talent" judge David Walliams and six other celebrities settled their phone hacking claims against one of the U.K.'s biggest newspaper groups, lawyers told a court on Thursday, as dozens of other claims against the publisher forge ahead.
Sex Tapes, Hush Money, and Hollywood’s Economy of Secrets (Wired) Meet Kevin Blatt, the celebrity fixer who’s a master at shepherding compromising material off the internet—or into the hands of the highest bidder.
Hurt By Wawa Data Breach In NJ? You May Be Eligible For Gift Card (Newark, NJ Patch) Also: Amazon Adding 5 NJ Sites / Controversy Over NJ School District Shut Due To COVID / Amid COVID, NJ Woman Looks Back On Making History