Cyber Attacks, Threats, and Vulnerabilities
Verkada breach exposes thousands of surveillance cameras at banks, hospitals, and other sites (Computing) Tesla, Equinox, and Cloudflare are among the victims
Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals (Bloomberg) Hacker group says it wanted to show prevalence of surveillance. Video footage was captured from Sequoia-backed startup Verkada.
Hackers access surveillance cameras at Tesla, Cloudflare, banks, more (BleepingComputer) Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah.
Exchange servers under siege from at least 10 APT groups (WeLiveSecurity) ESET Research shows that at least 10 APT groups are exploiting the recent Microsoft Exchange vulnerabilities to compromise email servers across the world.
More than 46,000 Exchange servers still unpatched (The Record by Recorded Future) More than 46,000 of a total of 250,000 Exchange email servers are still unpatched against four critical vulnerabilities that have been under heavy attacks over the past few days.
Why the SolarWinds Hack Is a Wake-Up Call (Council on Foreign Relations) The sweeping cyber espionage campaign shows how sophisticated adversaries can bypass even well-defended targets.
China’s Microsoft Hack, Russia’s SolarWinds Attack Threaten to Overwhelm U.S. (Bloomberg) Coincidence of sprawling hacks depletes cyber defenses. China, Russia blamed for massive attacks months apart.
SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers (The Hacker News) A web shell deployed on Windows PC by leveraging zero-day in SolarWinds network monitoring software may have been the work of a Chinese hacking group.
Serious Security: Webshells explained in the aftermath of HAFNIUM attacks (Naked Security) Webshells explained, with some (safe) examples you can try at home if you want to learn more.
The SolarWinds Hack Hits Home (DevPro Journal) The SolarWinds hack was complex and expansive, potentially impacting thousands of businesses and organizations.
Spanish government falls victim to Ryuk ransomware attack (The Record by Recorded Future) The Spanish government has fallen victim to a Ryuk ransomware attack on Tuesday that impacted the IT systems of the Servicio Público de Empleo Estatal (SEPE), the agency that manages and pays out government unemployment benefits.
Threat Actors Target Victims by Promising COVID-19 Relief, Vaccines, and Variant News (Proofpoint) As COVID-19 vaccinations accelerate and the U.S. coronavirus relief package nears enactment, threat actors continue to use the ongoing crisis to exploit fears. Pandemic-themed attacks remain ever-present, and we’ve never observed such a convergence around a single social engineering lure for such an extended time. These campaigns transcend borders, languages, and industries.
FIN8 hackers return after two years with attacks against hospitality sector (ZDNet) FIN8 returns with improved malware and new attacks aimed at POS systems in the hotel industry.
9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware (The Hacker News) 9 Android Apps Found On Play Store Caught Distributing AlienBot Banker and MRAT Malware
Vulnerability That Allows Complete WordPress Site Takeover Exploited in the Wild (SecurityWeek) A critical vulnerability identified in The Plus Addons for Elementor WordPress plugin could be exploited to gain administrative privileges to a website. The zero-day has been exploited in the wild
Ransomware gang plans to call victim's business partners about attacks (BleepingComputer) The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim's business partners to generate ransom payments.
Over 100 million malware infections detected on Windows in 2020 (Atlas VPN) Malware, a malicious software designed to disrupt, damage, or gain unauthorized access to a computer system, is one of the most common cyber threats computer users face today. While malware can affect any operating system, Windows users are among the most vulnerable.
Home office selfies leave you vulnerable to attack (Human Resources Director) Beware of cybercriminals targeting remote workers
Gab Social Network Briefly Shuts Down After Hacker Strikes Again (PCMAG) On Monday, the hacker 'JaXpArO' briefly hijacked the Gab account for the site’s founder, Andrew Torba, and posted a note claiming the site was still compromised.
Third French Hospital Hit by Cyberattack (SecurityWeek) A hospital in southwest France has seen some of its IT systems paralysed by a "ransomware" cyberattack, its management said, the third such incident in the last month.
Damage from Albany, N.Y., Cyberattack Dates Back to 2017 (Government Technology) Damage from the 2019 ransomware attack on the city police department internal affairs computer system stretches back to files as early as September 2017, according to the district attorney’s office.
Public Notice of Cyber-Attack Affecting Woodcreek Provider Services, LLC. (PR Newswire) Woodcreek Provider Service is a medical practice management company in Washington that provides support to pediatric clinics and urgent care...
Study of Breached Fortune 500 Companies Passwords (NordPass) NordPass in collaborations with a team of professional data breach researchers looks into password practices of Fortune 500 companies.
Vaccine-Appointment Sites Rush to Fix Glitches, Expand Capacity as Rollout Gathers Steam (Wall Street Journal) Website administrators are tackling things like confusing interfaces and pages prone to dropping information and freezing.
Security Patches, Mitigations, and Software Updates
Microsoft urges enterprises to act quickly to secure Exchange as attacks mount (VentureBeat) Microsoft has released security updates and tools to help enterprises investigate whether their Exchange servers have been compromised.
Microsoft's March Patch Tuesday: Critical remote code execution flaws, IE zero-day fixed (ZDNet) The fixes follow an unscheduled emergency release for Microsoft Exchange Server.
Microsoft Ships Massive Security Patch Bundle (SecurityWeek) Microsoft releases a mega-batch of security updates with patches for a whopping 89 documented vulnerabilities, including one used in zero-day attacks against some in the white-hat hacker community.
Microsoft Issues Hafnium Security Fixes that Don't Require Latest Exchange Server Cumulative Updates (Redmondmag) Microsoft's Exchange team on Monday announced additional help for organizations having trouble trying to patch Exchange Server products quickly in response to the Hafnium attacks.
How to patch Exchange Server for the Hafnium zero-day attack (CSO Online) Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.
IBM fixes vulnerability in QRadar SIEM discovered by Positive Technologies (Positive Technologies) IBM fixes vulnerability in QRadar SIEM discovered by Positive Technologies
SAP Security Patch Day March 2021: Critical Patch Released for SAP MII and SAP NetWeaver AS Java (Onapsis) SAP has released 18 new and updated SAP Security Notes in its March 2021 patch release, including the notes that were released since last patch day. As part of this month’s patch release, there are four HotNews notes and one High Priority note.
Claroty Uncovers Vulnerabilities in Schneider Electric Smart Meters (Claroty) Last year, Claroty researchers examined the security of Schneider Electric’s PowerLogic ION/PM smart meter product line and disclosed two vulnerabilities present in numerous flavors and versions of the product.
Siemens Releases Several Advisories for Vulnerabilities in Third-Party Components (SecurityWeek) Siemens has published 12 new security advisories for the March 2021 Patch Tuesday and half of them cover vulnerabilities in third-party components.
Zero Day Initiative — The March 2021 Security Update Review (Zero Day Initiative) It’s the third second Tuesday of the year, which means we get the latest security updates from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patches for March 2021 For March, Adobe relea
Adobe Patches Code Execution Flaws in Connect, Creative Cloud, Framemaker (SecurityWeek) Adobe has patched critical code execution vulnerabilities in its Connect, Creative Cloud, and Framemaker products.
Siemens SIMATIC S7-PLCSIM (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.5
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC S7-PLCSIM v5.4
Vulnerabilities: Infinite Loop, NULL Pointer Dereference, Divide by Zero
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker with local access to craft special project files that may lead to denial-of-service attacks.
Siemens SCALANCE and RUGGEDCOM Devices SSH (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE and RUGGEDCOM Devices
Vulnerability: Improper Restriction of Excessive Authentication Attempts
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service under certain conditions.
Siemens SCALANCE and RUGGEDCOM Devices (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE and RUGGEDCOM Devices
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a reboot. Under specific circumstances, an attacker could also achieve remote code execution of the affected devices.
Siemens SINEMA Remote Connect Server (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SINEMA Remote Connect Server
Vulnerabilities: Incorrect Authorization\
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow authenticated unprivileged user accounts to access unauthorized functionality.
Siemens LOGO! 8 BM (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.5
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: LOGO! 8 BM
Vulnerability: Improper Handling of Exceptional Conditions
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition if a user is tricked into loading a malicious project file.
TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC3220, SENTRON PAC4200
Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write
2.
Siemens TCP Stack of SIMATIC MV400 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC MV400
Vulnerabilities: Improper Validation of Specified Index, Position, or Offset in Input; Use of Insufficiently Random Values
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could cause a denial-of-service condition or affect the integrity of TCP connections.
Siemens Energy PLUSCONTROL 1st Gen (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: PLUSCONTROL
Vulnerability: Predictable Exact Value from Previous Values
2. RISK EVALUATION
Successful exploitation of this vulnerability could affect integrity of TCP connections.
Siemens Solid Edge File Parsing (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: Solid Edge
Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read
2.
Luxion KeyShot (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Luxion
Equipment: KeyShot products
Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Insufficient UI Warning of Dangerous Operations, Untrusted Pointer Dereference, Path Traversal
2.
dnsmasq by Simon Kelley (Update A) | (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: dnsmasq by Simon Kelley
Equipment: dnsmasq
Vulnerabilities: Heap-based Buffer Overflow, Insufficient Verification of Data Authenticity, Use of a Broken or Risky Cryptographic Algorithm
Siemens Embedded TCP/IP Stack Vulnerabilities–AMNESIA:33 (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: ENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC4200, SIRIUS 3RW5
Vulnerability: Integer Overflow
2.
Siemens UMC Stack (Update F) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: UMC Stack
Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation
2.
Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update F) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK
Vulnerability: Unquoted Search Path or Element
2.
Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update B) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: KTK, SIDOOR, SIMATIC, and SINAMICS
Vulnerability: Uncontrolled Resource Consumption
2.
Siemens PROFINET-IO Stack (Update D) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Siemens PROFINET-IO Stack
Vulnerability: Uncontrolled Resource Consumption
2. UPDATE INFORMATION
This updated advisory is a follow-up to the advisory update titled ICSA-20-042-04 Siemens PROFINET-IO Stack (Update C) that was published February 9, 2021, to the ICS webpage on us-cert.gov.
Siemens SIMATIC Ident MV440 Family (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC Ident MV440 Familiy
Vulnerabilities: Improper Privilege Management, Cleartext Transmission of Sensitive Information
2.
Siemens SINEMA Remote Connect (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SINEMA Remote Connect (Client and Server)
Vulnerabilities: Incorrect Calculation of Buffer Size, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Handling of Insufficient Permissions
2.
Siemens Industrial Products (Update Q) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Remotely exploitable/low skill level to exploit
Vendor: Siemens
Equipment: Industrial Products
Vulnerability: Improper Input Validation
2. UPDATE INFORMATION
This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update P) published August 11, 2020, to the ICS webpage on us-cert.gov.
Siemens PROFINET DCP (Update S) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable from an adjacent network/low skill level to exploit.
Vendor: Siemens
Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP)
Vulnerabilities: Improper Input Validation
2.
Cyber Trends
Third-Annual CRITICALSTART Research Report reveals persistent challenges and some silver linings (Critical Start) It’s back! For the third year in a row, we have surveyed SOC professionals from across the industry to learn more about the issues and challenges facing the cybersecurity community and its workers. As the old saying goes, the more things change, the more they stay the same… Just like in 2018 and 2019, alert […]
48% of Security Pros Prohibited From Intelligence-Sharing (Dark Reading) Some do so anyway, according to new Kaspersky research.
Ransomware attacks on US healthcare organizations cost $20.8bn in 2020 (Comparitech) We've gathered data on ransomware attacks involving hospitals and healthcare organisations to understand the true cost of this crime in the US.
Survey exposes IT security gap: 36% of Americans have been impacted by a cybersecurity attack since the start of COVID-19 (or know someone that has) (Lynx) Survey exposes IT security gap: 36% of Americans have been impacted by a cybersecurity attack since the start of COVID-19 (or know someone that has)
The Global Ecommerce Security Report 2021 (Webscale) Critical Insights and Key Learnings from the Year that Broke all Records
Inside Israel’s lucrative — and secretive — cybersurveillance industry (Rest of World) A small but vocal group of Israelis say the country’s reputation for hacking products is a bad thing.
Marketplace
As cyber risks evolve, cyber insurance becomes harder to get (BenefitsPRO) Underwriters are asking tougher questions about companies' cyber attack mitigation plans.
Snyk Advances Developer-First Security with Series E Investment (PR Newswire) Snyk, the leader in cloud native application security, today announced that the company has closed a Series E financing, totaling $300 million....
Aqua Security Announces $135 Million in Series E Funding at a $1 Billion Valuation (Aqua) Investment to fuel continuing growth of the cloud native security leader, driving product innovation and expanding market presence.
TiG acquires ThirdSpace (Private Equity Wire) TiG, one of the UK’s leading Cloud, Data Analytics and Managed Services providers to the financial services sector, has acquired ThirdSpace, a UK-based provider of Microsoft Identity and Cyber Security solutions.
Spirent Acquires octoScope for $55M (Broadband Communities) Deal enhances Spirent’s Wi-Fi testing portfolio.
Following Axonius Unicorn Valuation, YL Ventures Sells Its Stake to IPO-Focused Investors for $270 Million (BusinessWire) Axonius seed investor, YL Ventures, sold its stake to late-stage, IPO-focused investors ICONIQ Growth, Alkeon Capital, DTCP, and Harmony Partners.
ActZero emerges from stealth with $40M for a suite of cybersecurity solutions aimed at SMBs (TechCrunch) The world of cybersecurity has seen a huge proliferation of new technology and services over the years. But with the primary focus being on solutions for larger enterprises, it leaves a big gap in the market for small and medium businesses, not least because they are increasingly finding themselves…
IronNet in Talks to Go Public via Gabelli’s LGL Systems (Bloomberg) Blank-check firm is discussing raising new equity for a deal. A transaction could value the combined entity at $1.2 billion.
Tausight Closes $20 Million Series A Financing to Discover and Secure Protected Health Information (PHI) (Tausight) Polaris Partners and Flare Capital Partners lead round with new investor .406 Ventures for company founded by David Ting
"We are pursuing the potential value creation provided by a US market listing." WANdisco mulls US listing (Yorkshire Post) Live data company, WANdisco, is to raise £32m through a fundraising as it considers a potential dual-listing on a US market, in addition to its UK listing.
Space ISAC Selects Cyware for Automated Threat Sharing (PR Newswire) Cyware, the industry's only Virtual Cyber Fusion Platform provider, is partnering with the Space Information Sharing and Analysis Center (Space...
The Gula Tech Foundation Announces Winners of $1 Million Grant Program (PR Newswire) Gula Tech Foundation, a nonprofit focused on awarding $1,000,000 in competitive grants to cybersecurity nonprofits several times each year,...
T-Mobile to join AT&T, Verizon in selling customers' data (Light Reading) T-Mobile quietly changed its customer privacy policy so that it can begin selling customer data to advertisers without having to obtain the customer's explicit consent.
T-Mobile to Step Up Ad Targeting of Cellphone Customers (Wall Street Journal) T-Mobile US will automatically enroll its phone subscribers in an advertising program informed by their online activity, testing businesses’ appetite for information that other companies have restricted.
Volvo Cars Looks to Beef Up Data Protection Compliance (Wall Street Journal) The Swedish auto maker, owned by China’s Zhejiang Geely Holding Group, has hired a new chief compliance and ethics officer with a background in data protection.
Over 3,500 new cryptocurrencies emerged in the last 12 months amid bullish 2020 (Cryptoparrot) As the cryptocurrency sector matures, new digital assets are emerging to leverage blockchain technology’s diverse uses. With the industry mostly bullish over the last 12 months, newly created cryptocurrencies have spiked significantly.
PerimeterX Named to Fast Company’s List of the World’s Most Innovative Companies for 2021 (PerimeterX) Protect your web apps against account takeover, carding, denial of inventory, scalping, skewed analytics, digital skimming, Magecart, PII harvesting, scraping.
Growing Cybersecurity Company Announces Chief Revenue Officer to Support Expansion (Avertium MDR, EDR, Compliance & Consulting) Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO). Formerly the senior vice president of...
OurCrowd Appoints Hasanat Dewan as Chief Innovation Officer, Plans Global AI Innovation Center (BusinessWire) OurCrowd, the leading venture investing platform and Israel’s most active venture investor, today announced the appointment of Dr. Hasanat Dewan as Ch
SentinelOne Appoints Ric Smith as Chief Technology Officer (Yahoo) SentinelOne, the autonomous cybersecurity platform company, today announced the appointment of Ric Smith as Chief Technology Officer. With over 15 years of experience driving product development in pre- and post-IPO companies, Mr. Smith will accelerate global R&D efforts and support the rapid growth of SentinelOne’s Singularity XDR platform across the endpoint, cloud, and IoT security markets.
DNSFilter Expands Team Leaders, Including Jen Ayers From CrowdStrike as COO (PR Newswire) AI-driven startup company DNSFilter provides DNS threat protection and content filtering for enterprises. The company announced Jen Ayers as...
Nuspire Appoints Three C-Suite Executives Amid Company Growth (PR Newswire) Nuspire, a leading managed security services provider (MSSP), today announced the appointment of three senior leadership executives including,...
Products, Services, and Solutions
AT&T Cybersecurity Launches Managed SASE Solution (AT&T) AT&T is expanding its portfolio of Managed Security Services through its alliance with Fortinet to make Secure Access Service Edge (SASE) a reality for enterprises.
Menlo Security Launches Industry-First Secure Web Gateway (SWG) with an Isolation Core for Mobile Devices (Menlo Security) Menlo Security joins the Microsoft Active Protections Program to provide defenses to customers faster
Nok Nok Labs and Netcetera to Provide Delegated Authentication Solutions for Compliance with PSD2-Strong Customer Authentication and EMV® 3-D Secure (NokNok) Nok Nok Labs (Nok Nok), the trusted leader in passwordless authentication and Netcetera, the trusted partner for digital payment solutions, today announced a partnership that will deliver delegated authentication solutions to merchants and payment providers seeking to address PSD2-SCA and 3DS 2.x protocols compliance.
Orthoplastics Deploys Invixium’s Touchless Biometric Solution to Safeguard Employee Health | Invixium (Invixium) Leading Implantable Plastics Manufacturer Adopts Touchless Biometrics and Temperature Screening via IXM TITAN with Enhancement Kit for Workforce Management
SAFE Identity Announces Industry Guidance for Compliance With Title 21 CFR Part 11 (Yahoo Finance) SAFE Identity, an industry consortium and certification body operating a Trust Framework for digital identities in healthcare, today announced the publication of industry guidance that healthcare organizations can use as a tool to achieve compliance with the Food and Drug Administration (FDA) Title 21 CFR Part 11 regulation.
Microsoft makes passwordless push in Azure Active Directory (SearchSecurity) In a Microsoft Ignite 2021 session on the company's roadmap for Azure Active Directory and zero trust, the company demonstrated how enterprise customers can go passwordless.
SolarWinds Attack And Executive Order On America’s Supply Chain Illuminate Gaps In Supply Chain Risk Management, Spur Innovative Solutions By Fortress Information Security (Fortress Information Security) Fortress Information Security announces a series of innovations to their risk and compliance management solutions in response to emerging security challenges.
Athreon Launches New Cybersecurity Division (PR Newswire) Athreon, a leading business and knowledge process outsourcing company, announced today it is adding cybersecurity consulting to its portfolio...
Palo Alto Networks and Alkira Partner to Drive Koch Industries Network Cloud Transformation (Alkira) Koch Industries Deploys Alkira Cloud Networking as a Service Embedded with Palo Alto Networks VM-Series Virtual Firewalls
ZTE strengthens LTE router security (Gadget) New ZTE MF286 routers support Irdeto’s Trusted Home solution, enabling users to strengthen their home Wi-Fi security.
Dimension Data selects Cortex XSOAR platform to enhance cybersecurity capabilities (ITPnet) The global managed services provider says it now has a platform to accurately assess and contextualise threat vectors
Zscaler gets government nod for Zero Trust Exchange (CRN Australia) Second assessment gives vendor “protected” status for authentication.
Free sigstore signing service confirms software origin and authenticity (Help Net Security) sigstore empowerd software developers to securely sign software artifacts such as release files, container images and binaries.
Juniper Networks and PBX-Change Team Up to Bring Customers a High-Performance SD-WAN Solution (PR Newswire) Juniper Networks, the leader in Session Smart™ Routing, today announced a partnership with PBX-Change, a Tampa-based leading-edge Business...
LogRhythm partners with The Cyber Security Council of the United Arab Emirates (LogRhythm) LogRhythm, has been chosen by the United Arab Emirates’ Cyber Security Council to provide advice and recommendations for cybersecurity monitoring.
Denuvo joins exclusive PlayStation®5 Tools and Middleware program to o (PRWeb) As security and innovation collide, Denuvo by Irdeto today announces it has joined the exclusive PlayStation®5 Tools and Middleware program. Denuvo, the leader in
Check Point CloudGuard NDR integrates with AWS VPC Traffic Mirroring (Check Point Software) Check Point CloudGuard NDR is a launch partner for AWS Traffic Mirroring with non-nitro instances. Join the Early Availability program and enjoy great benefits!
Lightspin Announces Enhanced Cloud Contextual Security (PR Newswire) Lightspin, a pioneer in contextual cloud security protecting native, Kubernetes and microservices from known and unknown risks, today announced...
Nozomi Networks Delivers First SaaS Platform for OT and IoT Cybersecurity (GlobeNewswire) Vantage™ tackles escalating cyber threats, accelerating digital transformation and ensuring operational resilience with the simplicity, scalability and TCO control of SaaS-based cybersecurity
Technologies, Techniques, and Standards
Akamai Security Research: Defending A Global Organization During A Pandemic (Akamai) How a Zero Trust model protected Akamai from 21 million malicious queries while enabling remote workers to do their jobs from anywhere
Managing Necessary Risks in Critical Infrastructure Tech After Florida Water Hack (Homeland Security Today) With the benefit of time and commendable candor from investigating authorities, the national security and critical infrastructure operator communities are learning more about how an intruder tried to tamper with chemical levels in the water supply in Pinellas County, Florida. Even in our data breach and cyber attack-saturated headlines, this incident gave everyone pause – particularly similar municipal water and other utilities.
Cyber security: three reasons why you may be protecting the wrong thing (Continuity Central) For too long now, organizations have been focusing on protecting their network, when in fact they should have been protecting their data. Paul German outlines three reasons why this has been the case and why it matters.
Is MFA a Security Illusion? (Akamai) A recent Akamai Security blog post, Massive Campaign Targeting UK Banks Bypassing 2FA, written by my colleague Or Katz, is a great insight into how attackers used very simple techniques to bypass two-factor (2FA) authentication security to obtain access to U.K. consumers' bank accounts.
Design and Innovation
Morpheus chip foils attacks from 500 cybersecurity experts (Computing) The chip randomises elements of code and data every 50 milliseconds, which researchers say makes it nearly uncrackable
Legislation, Policy, and Regulation
Legal ambiguity, cover, and deterrence: notes from the 2021 USCYBERCOM Legal Conference. (The CyberWire) US Cyber Command’s annual Legal Conference surveys “law and policy issues related to offensive and defensive cyberspace operations.” This year’s discussions covered a lot of ground, but one of their most interesting themes was the advantage adversaries now find in legal ambiguity and uncertainty: deterrence, as it took shape during the Cold War’s nuclear competition, hasn’t been successfully transposed to cyberspace.
Cyber war scales up with new Microsoft hack (Axios) The latest giant security breach shows how the great-power cyber game is spilling over its boundaries.
Russia Warns Against U.S. Retaliation for SolarWinds Amid Fears of Cyberwar (US News and World Report) The hackers in last year’s sweeping attack on U.S. federal servers did not destroy anything, analysts say. That could change if the Biden administration escalates conflict with Moscow.
Reports of US cyberattack plans against Russia concerning (National Herald) Media report of the administration of US President Joe Biden planning to launch cyberattacks against Russia is a “cause for extreme concern”, a Kremlin spokesman has said.
‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer (Wired) It will be hard pointing to a specific line the Kremlin crossed that the US hasn't crossed as well.
The hypocrisy of a SolarWinds hack-back by Biden (Fortune) When is retaliation warranted?
Pentagon issues cyber tasking order in response to Exchange hack (FCW) The Pentagon's new order to its agencies and commands aligns with the recent emergency directive issued by the Cybersecurity and Infrastructure Security Agency.
Can we keep hackers from shorting the grid? (The Indian Express) As devices get more interconnected and dependent on the internet, plugging the security leaks in our critical infrastructure has become an urgent task.
Can India Stand Up To China’s Cyber Warfare? (Analytics India Magazine) India was one of the most cyber-targeted countries globally in 2019, with over 50,000 cyber-attacks from China alone.
Germany’s Positions on International Law in Cyberspace Part I (Just Security) Germany issues major statement on cyberspace and international law, analyzed here by leading expert Professor Michael Schmitt.
The Cybersecurity 202: Coronavirus bill includes nearly $2 billion to secure and improve government tech (Washington Post) The House is poised to vote this morning on a $1.9 trillion coronavirus stimulus package that includes nearly $2 billion in funding to secure and improve aging government technology that has crippled efforts disperse relief to struggling Americans.
The Cyberlaw Podcast: A Lot of Cybersecurity Measures That Don't Work, And A Few That Might (Lawfare) We’re mostly back to our cybersecurity roots in this episode, for good reasons and bad. The worst of the bad reasons is a new set of zero-day vulnerabilities in Microsoft’s Exchange servers. They’ve been patched, Bruce Schneier tells us, but that seems to have inspired the Chinese government hackers to switch their campaign from Stealth to Promiscuous Mode. Anyone who hasn’t already installed the Microsoft patch is at risk of being compromised today for exploitation tomorrow.
FireEye CEO: Reckless Microsoft hack unusual for China (WKMG) Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running its Exchange email program to potential hacks.
Microsoft Hack Shows How to Lose and Win the Cyberwar (BloombergQuint) Microsoft Hack Shows How to Lose and Win the Cyberwar
Biden challenged by early cyber threats (TheHill) The Biden administration is grappling with two major cyber incidents in its first 50 days in office, underscoring the challenge the new White House faces from foreign actors.
Keeping pace: ITU's Global Cybersecurity Agenda (Mirage News) The COVID-19 pandemic has put the spotlight on the benefits that information and communication technologies (ICTs) can bring. But the technologies only...
Is Congress finally ready to pass meaningful ransomware legislation? (CyberScoop) During the entire last two-year session of Congress, lawmakers only got one bill signed into law that mentioned the word “ransomware.”
Biden expected t to name Big Tech critic Lina Khan to FTC (SeekingAlpha) President Joe Biden is set to nominate Lina Khan, a critic of Big Tech’s market power, for a seat on the Federal Trade Commission, Politico reported earlier.Khan is a law professor...
Exclusive: Biden appoints Clare Martorana to lead the White House’s digital efforts (Fast Company) The former health tech executive and U.S. Digital Service veteran will be charged with improving government websites and modernizing IT infrastructure and cybersecurity.
White House names OPM’s Martorana as new Federal CIO (Federal News Network) Clare Martorana, the current chief information officer for the Office of Personnel Management, is the new Federal CIO.
DHS Explores Higher Salaries for Cyber Workforce (Bloomberg Government) A new Department of Homeland Security solicitation is one of the federal government’s latest initiatives in the fight to hire and retain cybersecurity talent.
Next State Up: Top Contenders For 3rd US Data Privacy Law (Law360) Now that Virginia has joined California in setting rules for how companies handle and share personal information, attention is turning to where the emerging consumer privacy law patchwork will expand next. Here, Law360 looks at some of the most likely candidates to pass the country's third comprehensive data privacy law.
Litigation, Investigation, and Law Enforcement
Has GDPR failed because of a lack of will to enforce it? (Computing) 'The Commission is not serious about it; the member states are not serious about and activists aren't serious about it either' says Johnny Ryan of the Irish Council for Civil Liberties during a roundtable debate
Belgian and Dutch police take down encrypted criminal chat platform Sky ECC (The Record by Recorded Future) Law enforcement agencies from the Netherlands and Belgium have shut down today Sky ECC, a company that provided a secure encrypted messaging platform to criminals organizations across the world.
Emails Show Shadow Structure Behind Encrypted Phone Network Encrochat (Vice) Emails obtained by Motherboard show an Encrochat co-owner conducting business via overseas companies and bank accounts.
Apple hit by privacy complaint by leading French tech association (Sifted) The allegations would seem to contradict not just Apple’s image as a privacy-friendly company, but also the widespread praise iOS 14 has received
GameStop Saga Prompts SEC to Weigh Review of Payment for Order Flow (Wall Street Journal) The practice, known as payment for order flow, is decades old but has generated greater scrutiny as more individual investors trade on brokerage apps.
Altice Employees Suffered Clear Injury By Breach, Judge Says (Law360) A New York federal judge kept most claims in a data privacy suit lodged against cable giant Altice USA by its current and former employees, highlighting how three of the named plaintiffs already experienced identity theft due to the breach.
Ill. Judge Says Precedent Hinders Worker's Finger Scan Suit (Law360) An Illinois federal judge signaled Tuesday that a former maintenance company employee is likely fighting an uphill battle to advance his biometric privacy suit, considering Seventh Circuit case law suggesting his claims are preempted by the Labor Management Relations Act.
Facebook Slams $12M Atty Fees Request In Data Breach Row (Law360) Facebook is opposing a $12 million attorney fees request from counsel representing users who settled a dispute with the company over a 2018 cyberattack, slamming the lawyers for accruing a hefty bill while pursuing claims that didn't win money for their clients.
Owner and Former NSA Contractor Facing Federal Indictment (STL.News) Information Technology Company Owner and Former NSA Contractor Facing Federal Indictment for Submitting False Claims for Hours Worked on a Government Contract