Cyber Attacks, Threats, and Vulnerabilities
India Suspects China May Be Behind Major Mumbai Blackout (Wall Street Journal) Officials are investigating whether cyberattacks from China could have caused the power outage, an assertion that China rejects.
Chinese cyber-attack threat raises head again, PowerMin accepts past cases (Business Standard) Maharashtra seeks probe into China angle on Mumbai outage of October 2020; Somerville-based Recorded Future says China-linked Group RedEcho targeted Indian power sector amid heightened border tensions
Shelar to write to Center about reinvestigation of cyber-attack causing power outage (Times Now) On 1st March, the Maharashtra Cyber Crime Department submitted its report regarding a power outage and possible cyber-attack on MSEB servers in Maharashtra.
Report linking Chinese cyber attack to Mumbai power outage true: Maharashtra minister Nitin Raut (India Today) The Maharashtra cyber department had initially suspected that a malware attack could be responsible for Mumbai's power outage in October last year, which stopped trains and shut down hospitals.
First Fully Weaponized Spectre Exploit Discovered Online (The Record by Recorded Future) A fully weaponized exploit for the Spectre CPU vulnerability was uploaded on the malware-scanning website VirusTotal last month.
Four Things We Learned (And Four Things That Remain Unclear) About the Russia Hack (The Record by Recorded Future) Nine takeaways from the hearings on Capital Hill last week. Lawmakers heard from executives from Microsoft, SolarWinds, FireEye, and others.
SolarWinds security fiasco may have started with simple password blunders (ZDNet) UPDATED: Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password. A SolarWinds third-party, public relations spokesperson, however, claims that the password incident had nothing to do with the major security breach.
Incident Response to SolarWinds Orion Software Compromise for SMEs (GlobeNewswire) In early December 2020, it was revealed that a state-sponsored cyber attack had been launched through a supply chain compromise of the SolarWinds' Orion monitoring software, initially affecting FireEye, a cybersecurity company.
Countering cyber proliferation: Zeroing in on Access-as-a-Service (Atlantic Council) It is imperative that governments reevaluate their approach to countering the proliferation of offensive cyber capabilities.
How Apple's locked down security gives extra protection to the best hackers (MIT Technology Review) You’ve heard of Apple’s famous walled garden, the tightly controlled tech ecosystem that gives the company unique control of features and security. All apps go through a strict Apple approval process, they are confined so sensitive information isn’t gathered on the phone, and developers are locked out of places they’d be able to get into…
How Apple's walled garden iPhone security can help hackers evade scrutiny | AppleInsider (AppleInsider) Apple has a secure mobile ecosystem because of choices in hardware and software that it has made, but the same systems and policies that keep most hackers out could be dramatically helping those few who can beat it.
Accellion Cyber Attacks Explode as Criminals Exploit Multiple FTA Vulnerabilities (CPO Magazine) Beginning in December with hacks of the Office of the Washington State Auditor and the Reserve Bank of New Zealand (among several other targets), reports began to circulate that Accellion’s 20-year-old file transfer system FTA was wide open to cyber attacks. It didn’t take long for opportunistic hackers to pounce on the remaining organizations still using the outdated software.
Evolving Risks, Insecure Defaults, Watering Hole Threats: New Research from Accurics Uncovers Developing Sources of Cloud Risk (Accurics) Terrascan by Accurics supports Helm and Kustomize, enabling Policy as Code guardrails in your cloud native projects to enforce security best practices.
Critical vulnerability found in Snow Software's Inventory Agent (Computing) The USA's NIST ranks the flaw's severity as 9.8 out of 10
Why what you watch can make you a target for cybercriminals (TechRepublic) Resist the lure of catching up with award nominees by trolling for free views. Free, when offered by bad actors, could end up costing you much more than it would for a one-time rental.
Far-right platform Gab blames 'demon hackers' for security breach (Computing) The attackers are sharing information from the far-right site with journalists and researchers
Report: 10,000s of Brazilians Exposed to Fraud in Massive Data Breach (vpnMentor) Led by Noam Rotem, vpnMentor’s research team discovered a data breach in an enterprise software solution built by a Brazilian company called DyS.
Data Breach: Reputation Risk Intelligence Company Left 30TB Server Exposed (WizCase) The Wizcase CyberResearch Team, led by Ata Hakcil, have recently discovered a huge breach affecting Polecat, the UK leader in reputation intelligence, exposing 30TB of data and billions of records. Polecat, which successfully predicted the outcome of the 2016 US Presidential Election, had potentially conducted a similar set of research less than a week ...
World's leading dairy group Lactalis hit by cyberattack (BleepingComputer) Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems.
CyRC Vulnerability Advisory: Denial of service vulnerability in Jetty web server (Synopsys Software Integrity Blog) CVE-2020-27223 is a denial of service vulnerability discovered in the Eclipse Foundation’s popular Jetty web server.
Is Your Browser Extension a Botnet Backdoor? (KrebsOnSecurity) A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be…
Vulnerability Summary for the Week of February 22, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.
Asian Food Distribution Giant JFC International Hit by Ransomware (SecurityWeek) Asian food distributor JFC International says its IT systems were briefly disrupted by a ransomware attack.
Boat Building Giant Beneteau Says Cyberattack Disrupted Production (SecurityWeek) The company was forced to shut down all systems to prevent malware from spreading and is still working on restoring them.
Hackers put stolen NSW government data up for sale (Australian Financial Review) Hacking group Clop has put up previews and screenshots of stolen data from Transport for NSW.
Hackers accessed Npower customer accounts via credential-stuffing attack (teiss) Npower suffered a major data breach that involved hackers using stolen passwords to gain access to a large number of customer accounts.
Buzzsprout DDoS Technical Postmortem (Buzzsprout) Buzzsprout was the target of a DDoS attack on February 21st and 22nd, 2021. This technical postmortem will provide additional details regarding the type of attack we suffered and how we responded.
8 mobile security threats you should take seriously (CSO Online) Mobile malware? Other mobile security threats are more pressing. Every enterprise should have its eye on these eight issues.
Cyber Trends
Trend Micro Cloud App Security Threat Report 2020 (Trend Micro) We discuss the notable email threats of 2020 that we found using the Trend Micro Cloud App Security solution, including over 16.7 million high-risk email threats, in addition to those detected by cloud email services’ built-in security.
78% Lack Confidence in Their Company’s Cybersecurity Posture, Prompting 91% to Increase 2021 Budgets (BusinessWire) Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT secur
Cybersecurity at a Crossroads (Insight CDCT) We commissioned IDG Research Services to survey CIOs, CISOs, CTOs, and IT security directors about how they’re addressing cybersecurity challenges. This is what they told us.
Secure Remote Access is a Top Zero Trust Priority for 2021 According to New ESG Research Survey (Axis Security) Driven by 3X Increase in Remote Users and the Complexity of Third-Party Access
Momentum Cyber’s Annual Cybersecurity Almanac Highlights Sector’s Resilience With a Record-Breaking ~$11B of Private Capital Invested and $20B of M&A Activity in 2020 (Odessa American) Momentum Cyber, the premier trusted advisor to the Cybersecurity industry, today released its fourth annual Cybersecurity Almanac for 2021 – the most comprehensive and accurate strategic data and insights available on the industry. Culled from analysis of over 3,500 Cybersecurity companies across the globe and strategic deal activity including IPOs, mergers and acquisitions (M&A), venture capital and private equity financings, and the market impact of news and events, the Cybersecurity Almanac chronicles the key trends which made 2020 a unique and strong year for the industry including $20.0 billion in M&A volume and $10.7 billion in PE & VC investments.
Marketplace
Cybersecurity Asset Management Leader Axonius Announces $100 Million Funding Round at Unicorn Valuation (BusinessWire) Axonius has raised $100 million in Series D funding, increasing the company's total funding to $195 million at a greater than $1 billion valuation.
1KOSMOS Is Selected to Be Part of the Fifth Generation of Alestra's Innovation Program (PR Newswire) 1Kosmos, the world's only cybersecurity solution that combines indisputable digital identity proofing with advanced biometrics, passwordless...
Data Privacy Startup TripleBlind Raises $8.2 Million in Seed Funding (SecurityWeek) TripleBlind, a startup that provides a de-identification and data privacy solution, announced raising $8.2 million in seed funding.
TPG acquires Thycotic in $1.4bn deal (PE Hub) As part of the deal, TPG plans to combine Thycotic with Centrify, a company it bought from Thoma Bravo in January.
Criterion Systems, Inc. Acquires Realm Consulting, Inc., Launches Intelligence Solutions Business Unit (Digital Journal) Realm employees form the nucleus of Criterion’s new Intelligence Solutions business unit, which focuses on providing systems integration and cyber operations-focused services to current and future customers. Realm co-founder Ross Deem serves as the Vice President and Chief Technology Officer of the new business unit and John Abromavage, the former Vice President of Strategy for Realm, serves as Vice President, Intelligence Solutions. Both bring decades of experience in serving the Intelligence Community to Criterion.
Ex-FireEye CEO launches SPAC NightDragon Acquisition Corp. (SeekingAlpha) NightDragon Acquisition Corp. (Nasdaq:NDACU), a SPAC founded by ex-CEO Dave DeWalt of cybersecurity firms FireEye (Nasdaq:FEYE) and McAfee, will begin trading after a $300 million SPAC IPO.
When Will Illumio IPO? (Grit Daily News) We've had several companies go public or prepare to do so in the last few weeks. These include Bumble, Robinhood and Coinbase. Now Illumio, a successful cybersecurity start-up seems to be next in line to IPO in the coming future. Here's what we know about Illumio and when we can expect them to go public.
Cybersecurity M&A Round-Up for February 2021 (SecurityWeek) Many cybersecurity-related mergers and acquisitions were announced in February 2021, including by Akamai, Proofpoint, SentinelOne, Tenable, CrowdStrike and Palo Alto Networks.
Telos Corporation and Johnson Controls Form Strategic Partnership (Telos Corporation) Ashburn, Va. and Cork, Ireland – March 2, 2021– Telos® Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, and Johnson Controls (NYSE: JCI), the global leader for smart, healthy and sustainable building, today announced the integration of the Telos Ghost® virtual obfuscation network into... Read more
Google Working With Allianz and Munich Re on Cyber Insurance (Wall Street Journal) The insurers will take data directly from Google Cloud on request to help them determine pricing for companies seeking coverage.
Black Woman-Led Firm Automation Workz Ranked as Top U.S. Cybersecurity Bootcamp by Career Karma (PR Newswire) Career Karma recently ranked Automation Workz Institute among its list of top cybersecurity bootcamps in the U.S., a boost for the Black-run...
A Conversation With Alisa Esage, a Russian Hacker Who Had Her Company Sanctioned After the 2016 Election (The Record by Recorded Future) Shevchenko talked to Recorded Future's Dmitry Smilyanets about her favorite vulnerabilities and what it's like to be a hacker in Russia.
Air Force Selects General Dynamics, ManTech, Northrop for $4.4B Special Access Program Support IDIQ (GovCon Wire) General Dynamics (NYSE: GD), ManTech International (Nasdaq: MANT) and Northrop Grumman (NYSE: NOC) h
CIA William Burns Talks Recruiting Strategy and Perspecta Contract Wins Lead to Hiring (ClearanceJobs) Biden's pick for CIA director moves through confirmation hearing easily, touting the need to recruit Mandarin-speaking agents.
Careers at Allied Universal (Allied Universal) We are North America's leading security services provider with more than 265,000 phenomenal employees. At Allied Universal, we pride ourselves on fostering a promote from within culture. There are countless examples of individuals who began their career as Security Professionals and today hold positions on our senior leadership team.
Darktrace Strengthens Board With Appointment Of Sir Peter Bonfield As Non-Executive Director (PR Newswire) Darktrace, a leading autonomous cyber security AI company, today announced that Sir Peter Bonfield CBE, FREng has agreed to join the Board of...
Proofpoint Elects Elizabeth Rafael to its Board of Directors (GlobeNewswire) Proofpoint, Inc., (NASDAQ: PFPT), a leading next-generation cybersecurity and compliance company, today announced its Board of Directors has elected Elizabeth ("Betsy") Rafael as a new independent director, effective Thursday, February 25, 2021. Ms. Rafael has also been appointed as the chair of Proofpoint’s audit committee.
ManTech, BAE make leadership team appointments (Washington Technology) Two of the government market’s leading systems integrators make appointments to their respective management teams.
GlobalPlatform Elects Stéphanie El Rhomri as Chair (GlobalPlatform) GlobalPlatform, the standard for secure digital services and devices, today announces that Stéphanie El Rhomri of Fime has been elected as Chair of the organization.
Christiaan Beek Joins Intezer's Board of Advisors (PR Newswire) Add Christiaan Beek to the list of industry leaders on Intezer's advisory board. After a few years of collaboration with Intezer, the prominent...
Products, Services, and Solutions
Incident Response to SolarWinds Orion Software Compromise for SMEs (GlobeNewswire) In early December 2020, it was revealed that a state-sponsored cyber attack had been launched through a supply chain compromise of the SolarWinds' Orion monitoring software, initially affecting FireEye, a cybersecurity company.
SailPoint Delivers Identity Extensibility for the Cloud Enterprise (MarTech Series) Delivering on the SailPoint vision to embed identity into the cloud enterprise’s digital fabric, SailPoint Technologies Holdings, Inc., the leader in enterprise identity security, today announced additional extensibility functionality to its platform.
Xposure App Protects the Digital Photos You Don’t Want Others to See (Norton LifeLock) Your private pictures and personal information could be exposed by hackers or by accident. NortonLifeLock Labs helps tackle those risks.
Adaptiva Introduces Fully Integrated CDN for OneSite Cloud (BusinessWire) Powerful Feature Provides the Storage and Content Distribution Capabilities Enterprise Customers Need to Manage Remote Endpoints in Today’s New Normal
SailPoint extensibility helps customers secure their digital ecosystem (Help Net Security) SailPoint additional extensibility functionality to its platform helps customers embed identity security into their digital ecosystem.
Logically Launches Cutting Edge Threat Intelligence Platform To Identify And Counter Mis- And Disinformation At Scale (PR Newswire) Misinformation and disinformation today is greatly impacting communities, governments and economies worldwide due to rapid online spread – from...
The Cybersecurity 202: A nonprofit is providing free ransomware protection to private U.S. hospitals (Washington Post) Ransomware attacks against hospitals have dramatically spiked during the coronavirus pandemic. The ransomware “epidemic,” as it was recently described by Homeland Security Department Secretary Alejandro Mayorkas, has made the issue a key focus for both cybersecurity nonprofit organizations and government agencies.
DESC partners with Thales to upskill Cyber work-force (GDN) The Dubai Electronic Security Centre (DESC) has signed a
Fime supports fight against passwords with FIDO biometric accreditation in Taiwan. (Fime) Fime has extended its portfolio of biometric consultancy and testing services to its Taiwan laboratory.
Onapsis Expands into Mission-Critical SaaS Application Market with Cybersecurity and Compliance Support for SAP SuccessFactors (BusinessWire) Onapsis, the leader in mission-critical application cybersecurity and compliance, today announced the general availability of support for SAP SuccessF
Druva Teams with Leidos on NASA NEST Contract (Druva) Druva to help the agency enhance productivity, security and connectivity for a modern, mobile workforce
Telos Corporation Partners with Omnilert on Secure Visual Gun Detection Solution (Telos Corporation) Omnilert Gun Detect embeds virtual obfuscation network, Telos Ghost
EUKHOST Launch Website Security Tool (Pressat) Web host, eukhost, has announced the launch of the Patchman security tool. Patchman is a sophisticated security tool that automates the patching and removal of malicious software from content management system websites used by many of eukhost’s global customers.
Technologies, Techniques, and Standards
Edge Computing Growth Drives New Cybersecurity Concerns (Security Boulevard) Edge computing is proving to be more than just a trend. Research giant Gartner predicts that by 2025, some 75% of enterprise-generated data will be created and processed outside of the traditional data center or cloud. Simply put, the edge is poised to be huge, and with that growth comes new cybersecurity threats.
SAFE Identity Announces Internet of Medical Things Working Group to Establish Industry Standards for Securely Credentialing Medical Devices (Yahoo) SAFE Identity, an industry consortium and certification body operating a Trust Framework for digital identities in healthcare, today announced the Internet of Medical Things (IoMT) working group.
Stalkerware: Welche Apps gibt es, wie kann man sich schützen? (Spiegel) IT-Sicherheitsfirmen werden besser darin, Stalkerware auf Smartphones zu erkennen. Aber das allein reicht nicht. Experten mahnen: Betroffene, die vom eifersüchtigen Partner überwacht werden, müssen besonnen handeln.
()
Design and Innovation
Microsoft's Dream of Decentralized IDs Enters the Real World (Wired) The company will launch a public preview of its identification platform this spring—and has already tested it at the UK's National Health Service.
Twitter Expands Use of Enforcement System to Covid-19 Falsehoods (Wall Street Journal) Twitter users who repeatedly tweet coronavirus misinformation face a ban from the site under the new policy.
Research and Development
‘Wakeup call’: Report calls for massive AI investments to counter China (C4ISRNET) The findings, ordered by Congress, include hundreds of recommendations from experts to get the DoD “AI-ready” by 2025.
Modeling Software Once Led Us to the Precipice of Nuclear War. What Will AI Do? (Defense One) The Pentagon must heed the lessons of RYAN and Able Archer amid its artificial-intelligence aspirations.
Academia
Calling all puzzle fans: do you have what it takes to work in cryptography? (ANU College of Science) What, exactly, happens on the fifth floor of the Hanna Neumann Building? To find out, you first need to break the code.
Legislation, Policy, and Regulation
Myanmar’s Military Deploys Digital Arsenal of Repression in Crackdown (New York Times) The generals who staged a coup last month use surveillance drones, iPhone cracking devices and hacking software, some of it from Western countries that bar sales of such technology to Myanmar.
Russia Leans On Twitter to Delete Content (Wall Street Journal) The country’s communications watchdog accused Twitter of violating Russian law by failing to delete banned content for the past several years.
JORDAN : King urges GID to improve cyber capabilities (Intelligence Online) Under orders to modernise since 2019, Jordan's foreign intelligence service is still not meeting expectations in cyber, prompting a stern reminder from King Abdullah II earlier this month.
France’s Huawei Ban Begins to Kick In With Purge in Urban Areas (Bloomberg) Toulouse, Brest and Rennes being cleared of vendor’s equipment. Phone companies must remove Huawei gear in major cities.
Trump's unfinished assault on Chinese tech like TikTok and Huawei leaves loose ends for Biden (Axios) Haphazard efforts to shut Chinese tech giants out of the U.S. leave the Biden administration with choices.
Sec. of Defense Lloyd Austin Announces Two Cyber Appointments at Pentagon (Meritalk) Sec. of Defense Lloyd Austin announced that President Joe Biden has made a slew of appointments at the Pentagon, including two in the cyber realm.
Litigation, Investigation, and Law Enforcement
Cybercriminal Law Enforcement Crackdowns in 2021 (Digital Shadows) A follow-up on our previous blog, Emotet Disruption, expanding on cybercriminal law enforcement crackdowns in 2021.
Breached software firm SolarWinds faces SEC inquiry after insider stock sales (Washington Post) Company’s largest investors sold $315 million in shares days before hack was revealed, causing price to plummet
Duckworth calls for Russian bounties intelligence to be declassified (TheHill) Sen. Tammy Duckworth (D-Ill.) on Monday called for the Biden administration to declassify intelligence related to reports that the Kremlin offered bounties to Taliban forces for targeting U.S. troops in Afghanistan.
Duckworth urges Biden admin to release intel on Russian bounties (POLITICO) The senator pointed to public reports showing possible evidence that GRU bounty offers had been made.
Khashoggi's fiancée says Saudi crown prince should be punished "without delay" (NBC News) “It will haunt him for his life," Hatice Cengiz, Jamal Khashoggi's fiancée, said of Saudi Crown Prince Mohammed bin Salman and his role in Khashoggi's killing.
US said probing Israeli spyware firm NSO following WhatsApp lawsuit (Times of Israel) Department of Justice reportedly renews interest in alleged targeting of 1,400 users by Herzliya-based firm after FBI investigation said to stall; NSO says it's unaware of probe
Huawei executive Meng Wanzhou's extradition fight enters final round in Canada (mint) Meng, 49, is accused of having lied to the HSBC investment bank about Huawei's relationship with subsidiary Skycom.Huawei last month sought access to HSBC's internal documents -- including a copy of Meng's full presentation to bank executives