Cyber Attacks, Threats, and Vulnerabilities
Exclusive: YouTube removed 30,000 videos with COVID misinformation (Axios) It's YouTube's first release of enforcement numbers for this category of misinformation.
New Old Bugs in the Linux Kernel (GRIMM) Introduction Dusting off a few new (old) vulns Have you ever been casually perusing the source code of the Linux kernel and thought to ...
()
As firms race to patch Microsoft Exchange flaw, security pros brace for ransomware outbreak (CyberScoop) With a large victim list and myriad hackers going after Microsoft bugs, security pros are preparing for impending ransomware attacks.
Microsoft Warns of New Threat Against Unpatched Networks (Bloomberg) Hackers capitalizing on businesses yet to fix vulnerabilities. Company has detected and blocked a ‘new family of ransomware.’
ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks (The Hacker News) A public PoC exploit has been released for ProxyLogon Microsoft Exchange vulnerability.
Microsoft Exchange servers targeted by DearCry ransomware abusing ProxyLogon bugs (The Record by Recorded Future) A threat actor is currently exploiting the ProxyLogon vulnerabilities to install ransomware on unpatched Microsoft Exchange email servers and encrypt their content, Microsoft confirmed today.
Increased probing for Microsoft Exchange vulnerabilities (Journey Notes) Barracuda has observed increasing levels of probing for Exchange vulnerabilities in our sensors and deployments worldwide in recent days.
Exchange email hack: Hundreds of UK firms compromised (BBC News) Hackers linked to China have found footholds inside hundreds of companies after a mass hack.
There’s a vexing mystery surrounding the 0-day attacks on Exchange servers (Ars Technica) A half-dozen groups exploiting the same 0-days is unusual, if not unprecedented.
All You Need to Know: The Four Zero Days in Microsoft Exchange Servers (Check Point Software) By, Adi Ikan, Head of Network Research and Protection Lotem Finkelsteen, Threat Intelligence Group Manager Yaniv Balmas, Head of Cyber Research Sagi
Microsoft Exchange Cyberattack: Hafnium Email Hack Timeline and Incident Details (MSSP Alert) Microsoft Exchange Server cyberattack timeline covering patches, vulnerabilities, IOCs, HAFNIUM, Huntress, FireEye, Mandiant, Veloxity & more.
Why embedded devices are the dangerous blind spot in the SolarWinds attack (TheHill) The SolarWinds attack is likely only the means to cyber war, not the end.
Researcher Publishes Code to Exploit Microsoft Exchange Vulnerabilities on Github (Vice) Microsoft-owned Github quickly deleted the code, which exploited vulnerabilities apparently used by Chinese hackers to break into a series of companies.
This trojan malware is now your biggest security headache (ZDNet) The disruption of Emotet was a blow for cyber criminals - but just weeks later, the gap is being filled by other trojans and botnets.
How confidential are your calls? This iPhone app shared them with everyone (Naked Security) Caveat utilitor! Caveat emptor! Caveat programmator!
Flipping Out: Hackers Hijack Legitimate File Service to Reach Inboxes (Avanan) Avanan researchers uncovered an attack whereby hackers host malicious files on a legitimate site. The attack passed by ATP, Mimecast and Proofpoint.
Perils of a New Dimension: Socially Engineered Attacks in Maritime Cybersecurity (Center for International Maritime Security) Maritime digital transformation is in its most rapid and turbulent era. Such a transformation offers substantial advantages and benefits, but with commensurate risks in the cyber domain.
Check Your Android for Malware Clones of These Useful Apps (Lifehacker) A handful of malware-filled Android apps has, once again, been removed from the Google Play Store, and they were all taking advantage of the latest trend in malware design: masquerading as innocent clones of useful apps to escape initial detection by Google, and transforming into crappy malware once people started downloading and using them.
Cyberattack Takes Down Systems at Molson Coors (Wall Street Journal) Molson Coors Beverage said it is experiencing disruption across its business following a cyberattack.
Molson Coors says cyberattack impacting brewing operations (Washington Post) Molson Coors Beverage Co. said Thursday it has been hit by a cyberattack that disrupted its brewing operations and shipments.
Molson Coors discloses cyberattack disrupting its brewery operations (ZDNet) Miller Coors said it's bringing in an outside forensic IT firm to investigate the breach, but that delays in shipments were likely.
Cyberattack Forces Brewery Shutdown at Molson Coors (SecurityWeek) Molson Coors says said a cyberattack attack has caused delays and disruptions to parts of the business handling brewery operations, production, and shipments.
‘Cybersecurity incident’ halts operations at Albany manufacturer (WALB) One of Albany’s largest manufacturers and employers has stopped operations because of what is being called a “cybersecurity incident.”
Molson Coors brewing operations disrupted by cyberattack (BleepingComputer) The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations.
Fastway Couriers: Thousands of Irish shoppers personal details stolen in major data breach (Newstalk) Hackers have stolen personal details relating to thousands of Irish online shoppers from an inter...
Verkada Workers Had Extensive Access to Private Customer Cameras (Bloomberg) Former employee said issue was raised with Verkada executives. Hackers gained access to 150,000 customer camera feeds.
‘Fraught With Issues’: Faulty Software Snarls Vaccine Sign-Ups (New York Times) Health departments continue to grapple with delays caused by technical problems with numerous websites used for making appointments.
Covington’s mayor discusses cyber attack on City Hall (WGNO) The city of Covington’s computers were hacked. They lost all access to services including Police, Fire, Finance, and Public Works. Phone calls and e-mail access systems has been locked due to…
Security Patches, Mitigations, and Software Updates
Schneider Electric IGSS SCADA Software (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Schneider Electric
Equipment: IGSS (Interactive Graphical SCADA System)
Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in remote code execution.
Cyber Trends
Threat actors bypassing shoddy patching, targeting network gateways (SC Media) A new report examining the 2020 vulnerability landscape finds malicious hackers are increasingly targeting gateways to corporate networks.
5 Reasons Why the Crypto Insurance Market Could Reach New Heights in 2021 (Marsh) The global digital asset market continues to grow at a fast clip, a trend that is likely to continue for years to come. With more organizations and governments exploring the opportunities presented by digital assets and increased regulatory clarity, there is expected to be a greater focus on insurance in 2021.
The State of Phishing in 2021 (SlashNext) In 2020 phishing exploded as the world faced a 100-year pandemic and many people moved to remote working and learning, which changed the phishing threat landscape forever. Our recent report, The State of Phishing, SlashNext Threat Labs, reports on the latest statistics and trends in phishing. In the last 12 months, cybercriminals launched thousands of new […]
COVID-19 Inflamed Damaging Year For Data Breach Victims (Law360) Data breach responders are coming up for air after an onslaught of security episodes over the past year, as hackers' evolving tactics collided with unprecedented challenges for organizations responding to the COVID-19 pandemic, cybersecurity lawyers tell Law360.
Marketplace
Cyber Security Stocks Have Underperfomed This Year, Time To Buy? (Forbes) Our indicative portfolio of Cyber Security Stocks has declined by about 8% year-to-date, driven by the broader sell-off in technology and high growth stocks. The theme has also underperformed the Nasdaq-100, which is down by about 4% over the same period. However, we think this could be a good...
Companies that rode pandemic boom get a reality check (Silicon Valley Business Journal) Zoom and other companies that saw their stocks soar amid booming business during the Covid crisis have seen their share prices crash lately.
SailPoint Announces Intent to Acquire ERP Maestro, Uniting Identity Security with Separation-of-Duties Controls Monitoring (SailPoint) AUSTIN, March 12, 2021 – SailPoint Technologies Holdings, Inc. (NYSE: SAIL), the leader in identity security for the cloud enterprise, today announced its intent to acquire ERP Maestro, a SaaS governance, risk and compliance (GRC) solution. With ERP Maestro, SailPoint will unite identity security with ERP Maestro’s Separation-of-Duty (SoD) controls monitoring for an [...]
XDR Firm Cynet Raises $40 Million Series C Funding (SecurityWeek) Extended detection and response (XDR) firm Cynet raised $40 million via a Series C funding round led by Greenfield Partners
Data Security and Governance Provider Privacera Raises $50 Million (SecurityWeek) Cloud data governance and security solutions provider Privacera this week announced that it has closed a $50 million Series B funding round, roughly half a year after raising $13.5 million in a Series A round.
Hugging Face raises $40 million for its natural language processing library (TechCrunch) Hugging Face has raised a $40 million Series B funding round — Addition is leading the round. The company has been building an open source library for natural language processing (NLP) technologies. You can find the Transformers library on GitHub — it has 42,000 stars and 10,000 forks. Existing inv…
Infinite Group, Inc. Announces New Look, Rebrands as ‘IGI Cybersecurity’ (IGI) The growing cybersecurity company has a fresh look, refined mission, and renewed commitment to its growing customer base PITTSFORD, NY—March 10, 2021—IGI Cybersecurity (OTC:IMCI) announces the completion of its rebranding initiative, further establishing its place as a highly-skilled, fa
Sectra's nine-month interim report 2020/2021: Increased order bookings and the industry's most satisfied customers for the eighth consecutive year (PR Newswire) International medical imaging IT and cybersecurity company Sectra (STO: SECT B) has received a top ranking in customer satisfaction surveys in...
Zscaler achieves ‘protected’ status in stringent Australian Government review (Intelligent CIO APAC) New security status enables Zscaler to assist all Australian government departments and agencies to combat cybersecurity threats. Zscaler, a leader in cloud security, has announced it has successfully completed a second Information Security Registered Assessors Program (IRAP) assessment. The new assessment confirms that the Zscaler Zero Trust Exchange and Zscaler solutions have achieved the Australian […]
Canberra welcomes large events back with Australian Cyber Conference 2021 (CMW) The National Convention Centre Canberra (NCCC) is gearing up for a return to large in-person business events as it welcomes the Australian Information Security Association (AISA)’s 2021 Australian Cyber Conference, 16-18 March.
Allgress Named Gold Winner in the Globee Awards 17th Annual Cyber Security Global Excellence Awards® for IT Governance, Risk & Compliance (PR Newswire) Allgress announced today that The Globee® Awards, organizers of world's premier business awards programs and business ranking lists, has named...
Anomali picks up pace on APJ expansion with exec appointment (Security Brief) Cybersecurity firm Anomali has appointed channel sales specialist Stree Naidu to lead its business across APJ.
DNSFilter expands leadership team with new appointments (Help Net Security) DNSFilter expands leadership team to showcase the company's continued efforts towards expansion after several years of growth.
Former NSA and Department of Defense Executive Marianne Bailey Joins Cohesity as an Advisor (KULR-8 Local News) Cohesity today announced that cybersecurity expert and intelligence leader Marianne Bailey has joined the company as an advisor, where she will apply her deep government security experience in helping public sector organizations and federal agencies manage and protect their data.
Randori Expands Leadership, Adds Kristen Yerardi as Vice President of Product To Meet Growing Demand for Attacker's Perspective (PR Newswire) /PRNewswire/ -- Randori, the pioneer in continuous red teaming, today announced the appointment of Kristen Yerardi as Vice President of Product. Her addition...
Products, Services, and Solutions
Akamai Offers Free Tier for Client-Side Edge Security (Akamai) In March of 2020, Akamai saw a dramatic 30% rise in internet traffic --- equivalent to an entire year of growth.1 Post-pandemic, Akamai believes there will be a return to normal internet traffic growth,2 but many things will never be the same. In general, we particularly expect to see greater reliance on the internet for transactions in retail, media, health care, finance, and travel and hospitality.
DigitalOcean Achieves SOC 2 Type II Certification and Cloud Security Alliance STAR Level 1 (GlobeNewswire) Certification reports highlight the company’s commitment to trust and security
SyncDog Unveils First Fully Integrated Solution for Mobile Endpoint Security (INSIDENOVA.COM) SyncDog Inc., the leading Independent Software Vendor (ISV) for next generation mobile endpoint security and data loss prevention, today announced integral updates to
Dimension Data Middle East enhances its Cybersecurity Capabilities | TahawulTech.com (TahawulTech.com) Dimension Data Middle East has selected Cortex XSOAR, an extended SOAR platform from Palo Alto Networks.
iTWire - SailPoint delivers identity extensibility for cloud enterprise (IT Wire) SailPoint has announced additional extensibility functionality to its platform in a move it says enables customers to infuse its identity platform’s core functionalities within their workflows, reducing integration development from months to days or even hours. SailPoint says the latest u...
EclecticIQ expands MSSP offering through ACDS partnership (Help Net Security) EclecticIQ has partnered with Applied Cyber Defense Systems (ACDS) to expand its offering as a Managed Security Service Provider (MSSP).
Technologies, Techniques, and Standards
Actionable Tips for Engaging the Board on Cybersecurity (Dark Reading) Up your game with your company's board of directors to help them understand your cybersecurity priorities.
GAO’s emerging tech shop developing framework to test reliability of AI algorithms (Federal News Network) A year into the COVID-19 pandemic, GAO still faces a higher demand for its oversight work.
Introduction to Sigma Rules and Detection of Credential Harvesting (Recorded Future) This report details Insikt Group's research regarding Sigma based detection rules for Mimikatz, LaZagne, T-Rat 2.0, and Osno Stealer.
Design and Innovation
Netflix is testing a way to secure accounts from hidden hackers (The Record by Recorded Future) Netflix is currently testing a security feature that will block users who don't live in the same home as the account owner from accessing a shared account, a spokesperson told The Record today.
Split Screen: How Different Are Americans’ Facebook Feeds? (The Markup) Snapshots from the Facebook feeds of our Citizen Browser panelists illuminate how Facebook’s recommendation algorithm siloes information on the platform.
Research and Development
DARPA Awards Contracts For Encrypted Data Processing (Breaking Defense) How can Pentagon clouds process data quickly while it's still encrypted, instead of having to decrypt it and thereby render it vulnerable?
Academia
State of K-12 Cybersecurity: 2020 Year in Review (K12 Security Information Exchange and the K-12 Cybersecurity Resource Center) An unprecedented year offered a profound stress test of the resiliency and security of the K-12 educational technology ecosystem.
Legislation, Policy, and Regulation
China’s cyberattack on Maharashtra power grid was to improve PLA’s bargaining position (ThePrint) China’s cyber assault against India’s critical infrastructure in October 2020 happened amid an ongoing crisis on their contested boundary.
Tim Berners-Lee says Africa’s internet shutdowns shouldn’t be tolerated (Quartz) The creator of the internet says internet access if a human right that, when violated, creates an untenable power divide.
U.S. Imposes New 5G License Limits on Some Huawei Suppliers (Bloomberg) Conditions for licensed exporters went into effect this week. Move builds on Huawei prohibitions implemented under Trump.
America's Place in Cyberspace: The Biden Administration’s Cyber Strategy Takes Shape (Council on Foreign Relations) The Biden administration's cyber strategy reflects the ideological, geopolitical, technological, and diplomatic pillars of President Biden's overarching vision for U.S. foreign policy and national security.
CISA’s four-part plan to spend $650M on cyber protections (Federal News Network) House Appropriations Subcommittee on Homeland Security members questioned CISA leaders about plans to improve federal cybersecurity efforts.
Commentary: What the first-ever U.S. national cyber director will need to succeed (Fortune) Commentary: The 2021 NDAA created the national cyber director role, which will be appointed by President Biden.
The Cybersecurity 202: Democrats' new infrastructure bill highlights cybersecurity concerns (Washington Post) Coming up on the Biden administration's agenda now that the massive coronavirus relief bill has passed: A major infrastucture and jobs package.
$1.9T Covid relief bill promises tech opportunity for federal contractors (Washington Business Journal) The American Rescue Plan Act includes more than $2 billion in funding for technology and cybersecurity efforts and provides contractors with a change to generate modernization momentum, some experts say.
Litigation, Investigation, and Law Enforcement
Small Companies Scramble on Microsoft Hack as Legal Threat Looms (Bloomberg Law) Small and medium-sized organizations that lack cyber resources and response capabilities could face legal claims if they don’t react fast enough to a global hack of Microsoft Corp.‘s popular email software.
India lauds efforts of Organization for Security and Cooperation in Europe for countering terrorism (Times Now News) External Affairs Minister S Jaishankar had on January 11 called for member nations to fulfill the obligations enshrined in the international counter-terrorism instruments.
Russia’s government tried to block Twitter. It censored itself instead. (Rest of World) Reminder: Internet censorship can have unintended consequences.
SEC Announces 2021 Information Security Examination Priorities – Five (5) Steps Every Firm Should Take to Prepare! (JD Supra) “Information security is critical to the operation of the financial markets and the confidence of its participants. . . The Division is acutely...
German Court Overturns GDPR Fine, Raises Legal Questions About Fines Against Companies (Lexology) On February 18, 2021, the District Court of Berlin overturned a €14.5 million fine that had been imposed on German real estate company Deutsche Wohnen…
Vermont Joins Multistate Settlement with American Medical Collection Agency Over 2019 Data Breach (EIN) Attorney General T.J. Donovan today announced that Vermont, as part of a coalition of 41 attorneys general, has settled with Retrieval-Masters Creditors Bureau, doing business as American Medical Collection Agency (“AMCA”) resolving a multistate investigation into the 2019 data breach that exposed the personal information of over 7 million individuals, including 2,889 Vermont residents, and potentially exposed the personal information of up to 21 million individuals throughout the United States.
Facial Recognition Company Sued by California Activists (SecurityWeek) Civil liberties activists are suing a company that provides facial recognition services to law enforcement agencies and private companies around the world, contending that Clearview AI illegally stockpiled data on 3 billion people without their knowledge or permission.
Vic privacy breach of vulnerable youth data (InnovationAus) A youth case worker stood down from a Victorian health department service provider on suspicion of accessing child pornography continued to access sensitive information about clients for months afterwards, according to a data breach inquiry into the incident.
Eleventh Circuit Holds Risk of Future Identity Theft Insufficient to Confer Article III Standing in a Data Breach Class Action (JD Supra) On February 4, 2021, the Eleventh Circuit became the latest federal court of appeals to weigh in on a question that has divided the circuits: whether...
Judge Finds No Article III Standing in Proposed Class Action Against Marriott (JD Supra) The question of standing has proven to be a tricky one in data breach litigation. Last week a federal district court in Maryland rejected a proposed...
Settlement reached in data breach that exposed information of 345K Nevadans (KLAS) A data breach that exposed the personal information of 345,447 Nevadans — and more than 7 million nationwide — has led to a settlement with a debt collection company.
34,000 affected in New Hampshire hospital data breach (Becker's Health IT) New London (N.H.) Hospital began notifying 34,878 patients that an unauthorized party gained access to a file on the hospital's network in a targeted cyberattack.
GDPR fines by industry: Telecoms far outpace Big Tech (Compliance Week) Since the GDPR came into force in 2018, Big Tech firms have not been on the receiving end of fines as frequently as expected. Meanwhile, other industries have shown to be more prone to data privacy violations, namely telecommunications.