Cyber Attacks, Threats, and Vulnerabilities
Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies (McAfee Blogs) In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies,
McAfee Defender’s Blog: Operation Dianxun (McAfee Blogs) Operation Dianxun Overview In a recent report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team disclosed an espionage campaign,
Technical Analysis of Operation Diànxùn (McAfee) In this report the McAfee® Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn.
China Intensifies Cyber-Attacks After Disengagement From Pangong Lake: Report (Swarajyamag) Indian government organisations such as Computer Emergency Response Team (CERT-IN) and National Critical Information Infrastructure Protection Centre (NCIIPC) have reported that Chinese hackers have attempted to infiltrate the countrys cyberspace after troops from the two neighbours disengaged from Pangong Lake in eastern Ladakh.
Tech 24 - Microsoft cyber-attack turns into global crisis (France 24) In this edition, we tell you more about the vast cyber-attack on Microsoft Exchange. What started as an alleged state-sponsored attack is quickly becoming a global crisis, claiming at least 60,000 vi…
CISA Updates Microsoft Exchange Advisory to Include China Chopper (Dark Reading) US officials warn organizations of China Chopper Web shells as new data sheds light on how the Exchange Server exploits have grown.
Mitigate Microsoft Exchange Server Vulnerabilities (CISA) Note: This Alert was updated March 13, 2021 to provide further guidance.
The Microsoft Exchange hacks: How they started and where we are (BleepingComputer) The emergency patches for the recently disclosed critical vulnerabilities in Microsoft Exchange email server did not come soon enough and organizations had little time to prepare before en masse exploitation began.
KnowBe4 Warns of Rise in Microsoft Exchange Global Security Exploit Attempts (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today issued a warning regarding the...
Exploits on Organizations Worldwide Grow Tenfold after Microsoft’s Revelation of Four Zero-days (Check Point Software) Following the revelation of four zero-day vulnerabilities currently affecting Microsoft Exchange Server, Check Point Research (CPR) discloses its latest
Over 80,000 Exchange Servers Still Affected by Actively Exploited Vulnerabilities (SecurityWeek) Microsoft has released patches for over 95% of the Exchange Server versions exposed on the Internet.
How Did Multiple Threat Groups Know About Exchange Patches Before Release? (Breaking Defense) Following CISA's weekend updates on continuing Exchange server hacks, Microsoft is investigating the significant uptick in exploits just days before patches were released.
Protecting on-premises Exchange Servers against recent attacks (Microsoft Security) For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange servers have also been affected. Exchange Online is…
Michael Dell: Public Cloud Isn’t More Secure Than On-Premise (CRN) ‘The things that led to a lot of these attacks are human-induced that can occur in a public cloud, can occur in a private cloud – it can occur anywhere,’ says Dell Technologies CEO Michael Dell.
Google Chrome Zero-Day Under Attack, Again (SecurityWeek) Google has shipped an urgent fix to block in-the-wild zero-day attacks hitting its flagship Chrome browser but defenders lament the lack of information on the live attacks.
Security Vendors Understate Risks in Senate Hearing on SolarWinds (Virsec) The US Senate Cyber Intelligence Committee held a hearing on the SolarWinds attack on February 24, 2021. Three pieces of testimony stood out.
Microsoft reports ‘worldwide’ Teams, Azure outage (CRN Australia) Affecting services overnight and this morning.
Phishing sites now detect virtual machines to bypass detection (BleepingComputer) Phishing sites are now using JavaScript to evade detection by checking whether a visitor is browsing the site from a virtual machine or headless device.
Sensitive MoD information exposed through personal email accounts (Computing) The Ministry of Defence logged 151 security incidents in 2020, compared to 75 in 2019
Twonky Server - Beware What You (Unintentionally) Share (RBS) There is a long story about how we came to examine software called Twonky Server, but it’s not particularly exciting so we’ll skip right over that. Let’s just say, its conspicuous name played a role. But it is our research findings that are far more interesting and important.
Twonky Server is a D
A Hacker Got All My Texts for $16 (Vice) A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages.
WeLeakInfo Leaked Customer Payment Info (KrebsOnSecurity) A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account…
NFT digital art is already attracting hackers (CyberScoop) Users of Nifty Gateway reported hackers had taken over their accounts and stolen artwork worth thousands of dollars over the weekend.
China’s tech giants test way around Apple’s new privacy rules (Financial Times) ByteDance and Tencent see if they can keep tracking iPhone users with solution created by state-backed group
Rising encrypted app Signal is down in China (TechCrunch) Chinese users of the instant messenger Signal knew that the good times wouldn’t last long. The app, which is used for encrypted conversations, is unavailable in mainland China as of the morning of March 16, a test by TechCrunch shows. The website of the app has been banned in mainland China s…
More than 16 million Covid-related cyber threats were detected in 2020 (Atlas VPN) The year 2020 will be forever remembered for the Covid-19 pandemic, which swiftly overtook the world and altered our lives forever. The pandemic has also affected the cybersecurity landscape — a new wave of cyber threats emerged where criminals leveraged Covid-19 to launch attacks.
Vulnerability Summary for the Week of March 8, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA.
Tax season scams and how to avoid them (AwareGO) There's nothing in life certain except for taxes and phishing! Want to avoid falling for tax season scams? Follow AwareGO’s pro tips.
Professional Provident Society suffers ‘malicious’ cyber attack (ITWeb) The insurer for graduate professionals confirms it is a victim of a cyber attack, saying it is working on restoring full functionality.
Security Patches, Mitigations, and Software Updates
One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021 (Microsoft Security Response Center) We have been actively working with customers through our customer support teams, third-party hosters, and partner network to help them secure their environments and respond to associated threats from the recent Exchange Server on-premises attacks.
Twitter now supports multiple 2FA security keys on mobile and web (BleepingComputer) Twitter has added support for multiple security keys to accounts with two-factor authentication (2FA) enabled for logging into the social network's web interface and mobile apps.
Cyber Trends
Threat Insights Report, Q4-2020 (HP - Bromium) Welcome to the Q4 2020 edition of the HP-Bromium Threat Insights Report. The report reviews notable malware trends identified by HP Sure Click from the fourth quarter of 2020 (1 October to 31 December), so that security teams are equipped with the knowledge to combat emerging threats and improve their security postures.
Selective Survey Finds Majority Of Small Businesses Lack Cyber Insurance Coverage (PR Newswire) A survey of small businesses conducted by Appalachian State University in coordination with Selective found that cybersecurity and technology...
How tech workers feel about China, AI and Big Tech’s tremendous power (Protocol) Protocol's inaugural Tech Employee Survey dives deep into how employees across tech feel about the existential issues facing their industry.
Selective Survey Finds Majority Of Small Businesses Lack Cyber Insurance Coverage (PR Newswire) A survey of small businesses conducted by Appalachian State University in coordination with Selective found that cybersecurity and technology...
SailPoint Research Sheds Light on Cybercrime Targeting Digital Identities (SailPoint) 100% of surveyed security and IT leaders confirmed that their organizations experienced a security compromise in the last year AUSTIN, March 16, 2021 – SailPoint Technologies Holdings, Inc. (NYSE: SAIL), the leader in enterprise identity security, today released the findings from a new survey of security and IT managers/directors that explored why large, well-resourced enterprises are continuing to be compromised. [...]
Jay-Z or Cher? Our latest password data shows which artists are most popular in leaked passwords (Specops Software) Specops Software released today the latest update to its Breached Password Protection list as well as the latest analysis of password data. “This password...
Marketplace
The CyberWire collaborates with Microsoft Canada to accelerate cybersecurity education and awareness missions (PR Newswire) The CyberWire announced today that Microsoft Canada has joined its distinguished academic, research, and industry partner program, focused on...
Government Spyware Firm That Put Rogue Apps on Play Store Goes Bankrupt (Vice) A court just declared eSurv, a company that sold spyware to Italian cops, bankrupt.
Argon Exits Stealth Mode to Launch the First Unified Security Solution Protecting the Integrity of the DevOps pipeline (Argon) Company Also Secured Funding From Hyperwise Ventures and an Impressive List of Individual Investors including Shlomo Kramer — Founder of Check Point, Imperva, and Cato Networks TEL...
Tesserent acquires Secure Logic's managed services business for $10 million, stock (CRN Australia) Also signs as reseller for TrustGrid and AttackBound products.
Inpher Secures Strategic Investment from the Amazon Alexa Fund for Consumer Data Protection in AI (PR Newswire) Inpher, Inc., the pioneers of Secret Computing®, today announced a strategic investment from the Amazon Alexa Fund. Inpher plans to apply the...
Cyware Closes $30M Series B Just 7 Months After A Round (Crunchbase News) New York-based Cyware locked in a $30 million Series B after growing annual recurring revenue 120 percent last year and just seven months after raising its Series A.
Sonatype Acquires MuseDev (GlobeNewswire) Acquisition Pairs Developer-Friendly Source Code Analysis with Full-Spectrum Software Supply Chain Management
Merlin Ventures Unveils Public Sector Growth Program for Cybersecurity Startups (BusinessWire) Merlin Ventures announces the formation of a Public Sector growth program for cybersecurity software-as-a-service (SaaS) startups.
Deloitte Unveils Artificial Intelligence Institute for Government (Deloitte United States) Deloitte unveils Artificial Intelligence Institute for Government, new entity to develop talent and drive collaboration with the public sector to advance AI for public good
ICF Handed $53 Million Task Order from U.S. Army for Cybersecurity and AI Solutions (Homeland Security Today) The U.S. Army Combat Capabilities Development Command Army Research Laboratory (DEVCOM ARL) has awarded global consulting and digital services provider ICF a new task order valued at up to $53 million to expand the delivery of cyber research, development and technology services. It has a term of five years, including a one-year base and four option years.
Unisys Named a Leader in Cyber Resiliency Services by NelsonHall (Unisys) Unisys Corporation (NYSE: UIS) today announced that NelsonHall has named the company as an overall market segment leader in the NelsonHall Evaluation & Assessment Tool (NEAT) Vendor Evaluation for Cyber Resiliency Services report, citing the company's overall ability to deliver immediate benefits to its clients, as well as strategize and plan to meet future client needs.
Facebook, News Corp. reach deal on Australia news; NWSA rises (SeekingAlpha) Facebook (FB) and News Corp. ([[NWS]], [[NWSA]]) have come to a deal on news in Australia, building on some groundwork the two companies laid in the United States
Former bp CISO Simon Hodgkinson Joins RangeForce Advisory Board (Yahoo) RangeForce has developed a self-directed platform with a gaming interface that represents the future of cyber security training - Simon Hodgkinson.
Fusion Connect adds Channel Veteran Rick Ribas as Senior Vice President of Channels and Alliances (PR Newswire) Fusion Connect, a trusted partner for enabling the connected enterprise, announced today that Rick Ribas has joined the company as Senior Vice...
John Kindervag, Creator of Zero Trust, joins MSSP ON2IT (PR Newswire) ON2IT, the global managed security services company and Zero Trust innovator, today announced that Zero Trust creator, John Kindervag, will...
CYE Deepens Market-leading Cyber Bench with New Additions to Advisory Board (PR Newswire) CYE, the industry leader in cybersecurity optimization solutions, announced today the addition of Franck Cohen, Ann Johnson, John Negron and...
Products, Services, and Solutions
SyncDog Unveils First Fully Integrated Solution for Mobile Endpoint Security (PR Newswire) SyncDog Inc., the leading Independent Software Vendor (ISV) for next generation mobile endpoint security and data loss prevention, today...
Aqua announces industry-first container runtime security solution for Arm 64-bit environments (Aqua) Aqua Security now protects containers and Virtual Machine (VM) workloads at runtime on Arm®- powered devices
Tempered Combines Strengths with Nozomi Networks to Deliver Industry-Leading IoT/OT Security (News Direct) Solution integration offers AI-powered threat visibility, analysis and remediation along with military-grade encryption, policy enforcement and simplified policy management
DH2i Launches DxEnterprise v20 Improving Microsoft SQL Server High Availability (HA) and Disaster Recovery (DR) Performance | DH2i (DH2i) Customers in Financial Services and Other Sectors to Enjoy Greater Business Resilience, Security and Scalability Across On-Prem, Remote and Public Clouds FORT COLLINS, Co. – March 16, 2021 DH2i®, the leading provider of multi-platform Software Defined Perimeter (SDP) and Smart Availability® software, today announced the general availability of DxEnterprise® version 20 (v20), engineered to improve the Read More...
Untangle Extends SD-WAN Router Functionality with Leading Telco Certifications (PR Newswire) Untangle® Inc., a leader in comprehensive network security for small-to-medium businesses (SMBs) and distributed enterprises, today announced...
Noogata Unveils No-Code Platform to Scale Enterprise AI (PRWeb) Noogata, the leader in radically simple, no-code artificial intelligence (AI) data analytics for enterprises, today announced that it has secured a $12 mil
Datadobi Announces Support for File Data Protection on Microsoft Azure Blob Storage (BusinessWire) Datadobi today announced it has added support for Azure Blob storage in DobiProtect 5.11.
SD Elements by Security Compass Now Available in U.S. DoD Iron Bank Repository (Yahoo) Security Compass today announced that their flagship product, SD Elements, is now available in the U.S. Department of Defense Iron Bank repository.
SteelCloud Awarded Enterprise License from an Army Component for STIG Compliance Software (PR Newswire) SteelCloud LLC, a leading STIG and CIS compliance automation software developer, announced today that it is has been awarded an...
Leslie Sims Joins Deloitte Digital as US Chief Creative Officer (MarTech Series) Today, Deloitte Digital, a creative digital consultancy, announced that award-winning creative executive Leslie Sims has joined as managing director, Deloitte Consulting LLP, and U.S. chief creative officer, serving as a central creative leader for all of Deloitte Digital. Building on Deloitte Digital's commitment and investments in creative talent,
Netsurion Announces Enhanced Partner Program Benefits (GlobeNewswire) Netsurion, a leading managed security service provider (MSSP), today announced the rollout of its new, enhanced Netsurion Partner Program for authorized MSP and MSSP channel partners.
Satori Announces Data Users Directory for Streamlined Enterprise Data Access Management, GDPR Compliance (GlobeNewswire) Satori, the industry’s leading provider of Data Governance-as-a-Service and data access, today announced the Data Users Directory service, which leverages universal data access groups to provide customers with a more streamlined data entitlement process.
NetSfere Named as the Leading Secure Enterprise Messaging Platform as Compared to Microsoft Teams, Slack and Others Amid Growing Security & Privacy Concerns (GlobeNewswire) The latest Market Intelligence report details the current business communication landscape in light of WhatsApp's privacy policy updates, highlighting the relevance for enabling secure employee communications post-COVID-19
DTEX Systems Enhances DTEX InTERCEPT for Hybrid and Cloud Server Infrastructures (Yahoo) DTEX Systems, the Workforce Cyber Intelligence CompanyTM, today announced that it has broadened the reach of its Workforce Cyber Security Platform, DTEX InTERCEPT, with enhanced capabilities to monitor and secure server infrastructures.
Technologies, Techniques, and Standards
NIST Risk Management Framework Team Did Some Spring Cleaning! (NIST) Check out our new and improved Risk Management Framework (RMF) website that better highlights the resources NIST developed to support implementers. In addition to the look, we have:
Companies Turn to Fusion Centers to Deal With Cyber Intelligence Overload (Wall Street Journal) Deluged by alerts, security professionals are automating information-sharing, and including risks like geopolitical, weather and physical threats as well.
Protecting Digital Identity from Cyber Compromise (TAG Cyber) This reported, based on a survey of cyber security leaders on digital identity-related breaches, explores how the market is evolving and how enterprises can approach securing digital identities with identity governance.
Zscaler’s Stephen Kovac: Agencies Should Align Network Security to User, Data (GovCon Wire) Stephen Kovac, vice president of global government and head of corporate compliance at Zscaler, said agencies need to develop a tailored approach for protecting and monitoring traffic as more government information technology users connect from devices beyond the network perimeter, ExecutiveBiz reported March 9.
Design and Innovation
()
Instagram will block direct messages to teens from adults they don't follow (SeekingAlpha) Instagram (FB)has rolled out new safeguards for users under the age of 18, which include prohibiting direct messages to teens from adults they don't follow
Research and Development
Pentagon has new research center to link networks, communications (C4ISRNET) The $7.5 million investment for a new networked systems center of excellence comes as the Defense Department looks to advance its future joint war-fighting concept.
Army working on new cyber, electromagnetic weapons after large-scale test event (FedScoop) The Army recently concluded a large event that tested new cyber and electromagnetic spectrum weapons in its tactical operations.
Legislation, Policy, and Regulation
UK Cyber Authority Urges Organizations to Install Microsoft Updates (Insurance Journal) Britain's cyber security body urged organizations to install the latest Microsoft updates as a matter of urgency on Friday, after the company
INDOPACOM Drafts Regional Strategy For All-Domain Ops (Breaking Defense) The emerging Indo-Pacific Warfighting Concept has been drafted, but still has "a ways to go as far as working through the Department of Defense," says INDOPACOM's head of requirements, George Ka'iliwai.
US, EU must work together to counter China’s ‘bullying’, Nato chief urges (South China Morning Post) “If you’re concerned about the rise of China, the military and economic strength of China, that makes it even more important that we stand together, Europe and North America in Nato,” said Nato chief Jens Stoltenberg.
US Should Create New 3-Pronged Approach To Cybersecurity (Law360) Although the Biden administration's recent provision of $10 billion for cybersecurity infrastructure funding in response to last year's SolarWinds hack is a good start, the U.S. should create a coordinated, multidisciplinary and systematic approach to cybersecurity reform that is proactive rather than reactive, says Rebecca Rakoski at XPAN Law Partners.
Milton Security Applauds Biden's American Rescue Plan Act of 2021 for Taking Cybersecurity Seriously (PR Newswire) Milton Security, a leading provider of Threat Hunting as a Service, XDR & MDR (MxDR) SOC Services, by way of CEO James McMurry, issued a formal...
The Cybersecurity 202: Congress mulls legislation to require companies to report major cyberattacks (Washington Post) The breaches of SolarWinds and Microsoft software, which collectively ensnared the data of federal and local governments as well as thousands of other U.S. organizations, have renewed a longstanding debate: Should companies be required to report cybersecurity breaches to the government?
House Bill Aims to Strengthen CISA Role in ICS Cyber Protection (Meritalk) A bipartisan group of legislators has introduced the Department of Homeland Security (DHS) Industrial Control Systems Enhancement Act of 2021. The legislation will solidify the Cybersecurity & Infrastructure Security Agency’s (CISA) lead role in protecting critical infrastructure – particularly industrial control systems (ICS) – from cyber threats.
The US must adopt Software Bill of Materials to thwart cyberattacks (TheHill) Government must work with software vendors to implement security standards for the software and services they deliver.
Litigation, Investigation, and Law Enforcement
Swiss Police Raid Over Hack on U.S. Security-Camera Company (SecurityWeek) Swiss authorities confirmed a police raid at the home of a Swiss software engineer who took credit for helping to break into a U.S. security-camera company’s online networks.
Gardaí investigating cyber attack on Fastway Couriers (The Irish News) GARDAÍ are investigating a cyber attack on a courier company which targeted the personal details of hundreds of thousands of clients.
Students Sue Online Exam Proctoring Service ProctorU for Biometrics Violations Following Data Breach (LawStreetMedia) Online exam proctoring companies like ProctorU “have seen a significant uptick in light of the COVID-19 pandemic, which has caused institutions to move exams online. This has led to significant privacy implications for students”; specifically, three students filed a class-action complaint on Friday in the Central District of Illinois against ProctorU for alleged biometric violations, particularly after a data breach.
Robinhood Seeks To Nix Customers' Data Breach Suit (Law360) Robinhood users who claim to be affected by a data breach haven't made the case that their losses were the result of inadequate security measures, the stock-trading platform has told a California federal court.