Cyber Attacks, Threats, and Vulnerabilities
Highways Ministry asks NHAI, automakers to tighten IT security after cyber attack threats (Tribuneindia News Service) Received alert from Indian Computer Emergency Response Team about possible cyber attacks, says ministry The Ministry of Road Transport and Highways on Sunday alerted NHAI, NHIDCL and its other wings besides automobile makers to augment their IT security systems after reports regarding threats of possible cyber attacks targeted at the Indian transport sector.
Automakers told to ramp up IT infrastructure amid cyber-attack threats (Business Standard) The Ministry of Road Transport and Highways on Sunday alerted NHAI, NHIDCL and its other wings besides automobile makers to augment their IT security systems after reports regarding threats of possible cyber attacks targeted at the Indian transport sector.
MoRTH alerted on cybersecurity intrusion on transport sector (mint) 'The Ministry has advised departments and organisations under (the) transport sector to strengthen the security posture of their infrastructure,' highways ministry said
After power, Chinese hackers target transport sector (Hindu Businessline) Depts, organisations asked to beef up IT infrastructure
In-the-Wild Series: October 2020 0-day discovery (Google Project Zero) Posted by Maddie Stone, Project Zero In October 2020, Google Project Zero discovered seven 0-day exploits being actively used in-the-w...
Hacking group used 11 zero-days to attack Windows, iOS, Android users (BleepingComputer) Project Zero, Google's zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year.
“Expert” hackers used 11 0-days to infect Windows, iOS, and Android users (Ars Technica) The breadth and abundance of exploits for unknown vulnerabilities sets group apart.
SolarWinds-Linked Attackers Target Microsoft 365 Mailboxes (Dark Reading) Researchers observe attackers altering mailbox folders to assign read-only permissions to any authenticated user on a target machine.
SilverFish: Swiss researchers identify threat actor with links to SolarWinds hack (Computing) The researchers found a 'major overlap' between the hack group's victims and those targeted in the SolarWinds attacks
Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker (Bloomberg Law) A Swiss cybersecurity firm says it has accessed servers used by a hacking group tied to the SolarWinds breach, revealing details about who the attackers targeted and how they carried out their operation. The firm, PRODAFT, also said the hackers have continued with their campaign through this month.
Threat actors start attacking F5 devices using recent vulnerability (The Record by Recorded Future) Multiple hacking groups have started attacking F5 networking devices after the publication of proof-of-concept exploit code online for a recent critical vulnerability the vendor patched last week.
DDoS booters now abuse DTLS servers to amplify attacks (BleepingComputer) DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks.
ESET Exposes Malware Disguised as Clubhouse App (Infosecurity Magazine) The malware can steal login information for 458 online services
Beware Android trojan posing as Clubhouse app (ESET Ireland) The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication. Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliv…
Area 1 Stops New Microsoft Spoofing Campaign Targeting Financial Departments (Area 1 Security) A sophisticated Microsoft Office 365 credential harvesting campaign targets financial departments at companies across multiple industries, as well as newly-appointed CEOs and executive assistants.
New XcodeSpy malware targets iOS devs in supply-chain attack (BleepingComputer) A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer's computer.
ZeroFont Phishing: Three Years Later, the Attack Form is Still Out There (Avanan) Avanan has been tracking ZeroFont phishing attacks since 2018. Email scanners like ATP still can't stop them, and the attacks remain a major concern.
Why That Email About Your Apple ID Being Locked Is a Scam (MUO) Here are the most common signs that you're dealing with a phishing email that will steal your Apple ID and password.
Going Back to Work: New Opportunities for Phishers (INKY) As people begin to contemplate returning to work in a physical office, phishers are thinking about new ways to exploit, through phishing emails, workers’ desire for accurate information about COVID-19, vaccines, and related work policy changes.
Computer giant Acer hit by $50 million ransomware attack (BleepingComputer) Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.
REvil Ransomware Targets Acer’s Microsoft Exchange Server: Source (CRN) The notorious REvil ransomware gang recently targeted a Microsoft Exchange server on Taiwanese PC giant Acer‘s domain, according to Advanced Intelligence CEO Vitali Kremez.
Ransomware gang demands $50 million from computer maker Acer (The Record by Recorded Future) Taiwanese computer maker Acer has suffered a ransomware attack over the past weekend at the hands of the REvil ransomware gang, which is now demanding a whopping $50 million ransom payment to decrypt the company's computers and not leak its data on the dark web.
Hackers auction stolen CD Projekt data with ‘charity fundraiser' (IT PRO) Hacker announcement discovered on a Tor site likely linked to 'HelloKitty' ransomware gang
Instagram, WhatsApp, and Facebook Messenger have recovered from a major outage (The Verge) More than a 100,000 users reported Instagram issues.
Maricopa Community Colleges investigating possible cyber attack after network outage (KNXV) Maricopa Community Colleges said Friday they are investigating a possible cyber attack after a network outage that has been impacting students since earlier this week.
Nunavut schools' service provider suffers ransomware attack (Nunatsiaq News) Updated on Sunday, March 21, 2021 at 1 p.m. Nunavut’s Department of Education has confirmed a ransomware attack took place at the service provider for the
South Gloucestershire schools hit by ransomware attack (Gazette Series) A number of schools in South Gloucestershire have been left without access to their IT systems after being subjected to a targeted ransomware attack.
Algoma Power billing company falls victim to ransomware attack (SooToday.com) Company can confirm that no customer banking information was compromised as a result of the attack
Cyber Trends
“Busting” 5 Hardware Security Myths (TechNative) Hardware security is an often-neglected aspect of cybersecurity that is not allocated the same resources as application and software security The insufficient funding of this realm of security stems from a general lack of knowledge surrounding hardware security. Today, we hope to debunk some myths so that organizations have a better understanding of hardware security and take appropriate action to protect their hardware assets.
()
Cyber Soldiers join prestigious Sergeant Audie Murphy Club (DVIDS) Sgt.. Maj. Nathaniel Piper, 780th Military Intelligence Brigade (Cyber), and Staff Sgt. Daniel Colón, E Company, 782nd MI Battalion (Cyber), were recently inducted into the prestigious Sergeant Audie Murphy Club (SAMC) in a ceremony at the Army Reserve Center on March 19.
API security becomes a ‘top’ priority for enterprise players (ZDNet) As API attacks rise, the security surrounding their usage is now firmly on the radar.
Imvision's 2021 Enterprise API Security Survey (imvision) API security is a top Priority for 91% of enterprises according to our recent Survey. While security leaders agree on ideal backbone of API security, survey reveals enterprise API security contains major challenges
Marketplace
SOSA teams up with the Canadian Technology Accelerators to scale Canadian cyber startups in the U.S. | ReBlonde | PR system (Reblonde) The virtual accelerator will engage a select group of Canadian cyber startups, providing them with U.S.-based market intelligence and mentorship to advance expansion goals
Fortinet Acquires Cloud And Network Security Startup ShieldX (CRN) Fortinet has quietly purchased cloud and network security startup ShieldX to give customers a more comprehensive view of end users, workstations, and OT devices.
VMware to acquire Mesh7 (CRN Australia) To bolster cloud security, Tanzu.
Peraton revels in hidden gems its Northrop and Perspecta deals bring in (Washington Technology) Peraton is not going to be a large platform builder or try its luck at commercial markets after adding the former Northrop Grumman IT business and later its pending deal for Perspecta, but it is talking up the added product and patent content through both deals.
Forcepoint Layoffs Cut Deep Into Channel Organization: Sources (CRN) Forcepoint has laid off most of its North American channel team just weeks after the platform security vendor was bought by Francisco Partners, sources told CRN.
AIS gets $50M contract to give 'our nation a revolutionary advantage in cyberspace' (Observer-Dispatch) The award is the result of a competitive bidding with two offers received.
Apple Bent the Rules for Russia—and Other Countries Will Take Note (Wired) Russian iPhone buyers will soon be prompted to install software developed in that country, setting a precedent that other authoritarian governments may follow.
Twitter to appoint representative to Turkey (Hürriyet Daily News) Twitter accepted a requirement to appoint a local representative in Turkey as part of a new social media law that took effect in October 2020, according to a top Turkish official.
Cellebrite Stops Selling Its Digital Intelligence Offerings in Russian Federation and Belarus (PR Newswire) Cellebrite, the global leader in Digital Intelligence (DI) solutions for public and private sectors, announced today that effective immediately...
Israeli phone-hacking firm Cellebrite halts sales to Russia, Belarus in wake of Haaretz report (Haaretz) Cellebrite will stop selling hacking tools to Russia and Belarus after its technology was used against minorities, pro-democracy activists and opposition forces
Huawei working on addressing the security concerns across the globe: Official (Gizmochina) Huawei is working on addressing the various security risks and national security concerns that surrounds it across the globe, as stated by the company’s official in a recent interview.
Huawei reaffirms cybersecurity commitment (Trade Arabia) The President of Huawei Middle East, Charles Yang, reaffirmed the company’s commitment to supporting digital transformation across the Middle East by building stronger ICT ecosystems supported by cooperative cybersecurity mitigation programmes.
CrowdStrike co-founder Dmitri Alperovitch on his new policy accelerator that’s all about action (The Record by Recorded Future) CrowdStrike co-founder Dmitri Alperovitch talks about his new nonprofit venture, which is aimed at getting policy into motion.
Why Huntress Wants You to ‘Break Out Your Hacker Hoodie and Get Shady’ (SDxCentral) Huntress wants managed services providers to “break our your hacker hoodie” for its Hack It event next week.
Advanced Technology Is At the Forefront of Cybersecurity (PR Newswire) Cybersecurity has become a major industry with a pronounced growth potential. The recent surge in data breaches, business and agency hacks, as...
Shelly Morales, Chief People Officer at Balbix, joins Censia Board (PR Newswire) Shelly Morales, Chief People Officer at Balbix, has joined the board of advisors at Censia, a leading Talent Intelligence provider. Other board...
Michael Troutman Joins SIEGE Technologies As CSO (Executive Gov) SIEGE Technologies announced in March their acquisition of Michael J. Troutman as chief strategy off
MItel appoints Arvind Raman as Chief Information Security Officer (Mitel) Mitel®, a global leader in business communications, announced today the appointment of Arvind Raman as Chief Information Security Officer (CISO). Raman will lead all aspects of the company’s information security strategy, architecture, operations and governance.
Products, Services, and Solutions
Coalfire Awarded First UKAS ISO 27701 Accreditation (PR Newswire) Coalfire ISO, the conformity assessment body arm of Coalfire, announced today that it has extended its accreditation with the United Kingdom...
Nemasis – VMS, armed with the Intelligence to Detect Proxylogon (APN) In the wake of a ubiquitous cyber-attack being executed across the world, cybersecurity leader MicroWorld Technologies Inc., has announced their security solution Nemasis – Vulnerability Management System, being armed with intelligence to detect the highly catastrophic ProxyLogon Vulnerability. The on-premises versions of Microsoft Exchange Servers are being targeted in a pervasive global attack through multiple […]
NeoSystems Reaches CMMC Milestone; 10 Employees Achieve CMMC AB Registered Practitioner Status (PR Newswire) NeoSystems, a full service strategic back-office outsourcer, IT systems integrator and managed services provider, announced today that 10 of...
Elcomsoft Delivers Forensic Extraction of iOS 14, iPhone 12 Devices Without a Jailbreak (PR Newswire) ElcomSoft Co. Ltd. updates iOS Forensic Toolkit, the company's mobile forensic tool for extracting data from a range of Apple devices. Version...
New startup Argon launches security solution to protect integrity of DevOps pipeline (Israel Defense) The platform enables corporate teams to build, test and deploy software securely, the company says
Steel Root Partners with Zscaler to Support CMMC Requirements for Defense Contractors (Homeland Security Today) Steel Root, a leading cybersecurity services firm that specializes in compliance for the U.S. Defense Industrial Base, announces that they have partnered with Zscaler, Inc. to address the challenges defense contractors are faced with as they prepare for the Cybersecurity Maturity Model Certification (CMMC).
Zscaler Selects Telos Risk Management Tool to Support FedRAMP Compliance; Stephen Kovac Quoted (ExecutiveBiz) Zscaler has partnered with Telos to use the latter’s Xacta cyber risk assessment tool to help automa
Thomas Jefferson University & Jefferson Health Selects Matchlight from Terbium Labs, the World's Only Fully Private Digital Risk Protection Solution (PR Newswire) Terbium Labs, the premier Digital Risk Protection (DRP) company, today announced a strategic investment from Jefferson Health and Thomas...
Microdium, a Leading Business Continuity Solution Distributor in Southeast Asia, Selects Comodo to Power Its Cybersecurity Solutions (IT News Online) As a business continuity solution distributor, Microdium has seen numerous cases where cyber-threats have ransacked companies in Southeast Asia. The increasing complexity of the cyber-threat landscape has led the company to explore a comprehensive, highly-effective cybersecurity solution.
Claroty Launches its FOCUS Partner Program (PR Newswire) Claroty, the industrial cybersecurity company, today introduced its Claroty FOCUS Partner Program. The three-tier program is designed to align...
Cybersixgill Brings Their Industry Leading, Automated Threat Intelligence to the Swimlane Platform (PR Newswire) Cybersixgill, the leader in threat intelligence enablement, today announced that Darkfeed will be available through Swimlane's security...
Water Tight: Utility Secures its Infrastructure and Workforce (CSO Online) The organization says its use of Cisco solutions has enabled greater security visibility and peace of mind.
New infosec products of the week: March 19, 2021 (Help Net Security) Akamai MFA provides FIDO2 multi-factor authentication without hardware security keys Akamai Technologies announced the launch of Akamai MFA, a phish-proof
Cloud Security Alliance and ISACA Announce Availability of Industry's First Cloud Auditing Credential, the Certificate of Cloud Auditing Knowledge (CCAK) (BusinessWire) CSA, ISACA launch the Certificate of Cloud Auditing Knowledge, the industry’s first global, vendor-neutral, technical credential for cloud auditing.
Transport & Logistics Business - Certero (Certero) Global Logistics company, employing excess of 45,000+ people had a disparate estate with offices around the globe.
Technologies, Techniques, and Standards
CISA Chief Defends Value of EINSTEIN Program, Suggests Improvements (Meritalk) Brandon Wales, acting director of the Cybersecurity and Information Security Agency (CISA) today defended the value of CISA’s EINSTEIN cyber defense program against criticism leveled by the ranking member of the Senate Homeland Security and Governmental Affairs Committee and suggested that the program be improved rather than scrapped.
Big Tech Helps Set Standards for Covid-19 Vaccine Verification (Wall Street Journal) A coalition that includes tech giants and healthcare providers is preparing to release global standards for mobile apps that verify whether someone has had a Covid-19 vaccine.
Requiring a VDP for Suppliers Won't Fix Supply Chain Security (Decipher) Extending the requirement for vulnerability disclosure policies from federal agencies to their suppliers is not a quick fix for supply chain security issues.
How RPA is forcing businesses to redefine secure identities (ITProPortal) Throughout 2021 , security teams will realise security all points back to one common perimeter – identity.
Four ingredients to a successful security strategy (StateScoop) It’s critical that public sector security and policies protect against new cyberthreats. What types of attacks are on the rise and what can IT leaders do about it?
Build your cybersecurity A-team: 7 recruiting tips (TechBeacon) Here is what you need to know about cybersecurity recruiting—and tips from top experts on how to build a solid team.
Is Misinformation Slowing SASE Adoption? (Security Boulevard) One of the most notable emerging security architectures in 2020 was secure access service edge (SASE), a technology designed to bring SD-WAN and cybersecurity together on the same plane. Much of that recognition was driven by the coronavirus pandemic crisis, which forced enterprises to explore ways to deploy both zero-trust security principles and networking optimization for a burgeoning (and potentially permanent) remote workforce.
Design and Innovation
Business Software Faces Pressure to Update Its User Experience (Wall Street Journal) When Citigroup last year sent almost $900 million to lenders in error, it not only set off a legal fight over the money but unwittingly highlighted a separate issue in the back office: the frequently clunky experience of using business software.
Singapore bank turns on face verification at ATMs (ZDNet) OCBC Bank enables customers to use their face as verification at eight ATMs across the country, bypassing the need for ATM cards, but access currently is limited to balance enquiries with cash withdrawals to be added at a later stage.
Research and Development
After the science: What quantum computing will really mean for the tech industry (CRN Australia) Four of Australia's quantum leaders explain the real-world effects of quantum computing.
L’ordinateur quantique va-t-il tuer la blockchain? (Bilan) L’avancée de l’informatique quantique ravive les craintes de voir une machine prendre le contrôle de toute l’économie digitale. La blockchain, réputée inviolable, n’échappe pas aux doutes qui pèsent sur la cryptographie actuelle.
Quantum Mischief Rewrites the Laws of Cause and Effect (Wired) Spurred on by experiments that scramble the ordering of causes and their effects, some physicists are figuring out how to abandon causality altogether.
University of Memphis Researchers Awarded Key Patents (MemphisFlyer) The University of Memphis’ Office of Technology Transfer, housed out of the Division of Research & Innovation, received word that a number of patents submitted have been allowed by the U.S. Patent and Trademark Office, as well as internationally in Australia, Japan, and China. Dipankar Dasgupta, a professor in Computer Science at the U of… Continue reading University of Memphis Researchers Awarded Key Patents
Academia
Targeting colleges and other educational institutions proving to be 'good business' for cybercriminals (Inside Higher Ed) Cybercriminals using ransomware increasingly focus on colleges and universities. What steps can institutions take to minimize their own risks -- and threats to the sector?
Jones, Beane take new roles with Innovation Campus (Virginia Tech) Robin Jones has been named assistant vice president for Innovation Campus student services. Dannette Gomez Beane is the new assistant vice provost for enrollment management for strategic initiatives.
Legislation, Policy, and Regulation
British Army to establish new special operations brigade to tackle emerging threats (The Independent) Ranger regiment will form core of new force which will engage in combat
U.S. defense secretary urges India to avoid buying Russian equipment (Reuters) U.S. Defense Secretary Lloyd Austin discussed India's planned purchase of Russia's S400 air defence system at a meeting with his Indian counterpart on Saturday, reiterating U.S. allies should steer clear of Russian equipment to avoid sanctions.
Biden must punish Putin’s cyber-attacks. But building more nukes only makes things worse (the Guardian) A fear of cyber-attack helps explain, though not excuse, Britain’s ill-considered plan to unilaterally increase its nuclear warhead stockpile
White House reviewing National Cyber Director role as Congress presses for governmentwide leadership (Federal News Network) Senators pressed OMB, CISA and FBI officials the SolarWinds attack and who is ultimately accountable for responding, mitigating the problems.
Biden under growing pressure to nominate cyber czar (TheHill) President Biden is coming under increasing pressure from lawmakers and other officials to nominate a White House cyber czar as the government starts formulating its response to two major foreign cyberattacks.
Biden White House’s Ties to Big Tech Are Detailed in New Disclosures (Wall Street Journal) National security adviser Jake Sullivan served on an advisory council for Microsoft last year, new federal disclosures show.
Democrats plan to bombard Big Tech with a swarm of antitrust bills (Axios) "[I]t's harder for (the tech companies) to manage and oppose...10 bills as opposed to one," Rep. David Cicilline said.
A Dozen Experts with Questions Congress Should Ask the Tech CEOS — On Disinformation and Extremism (Just Security) Experts draft specific questions — on disinformation and extremism — for Congress to ask Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey, and Google CEO Sundar Pichai in hearing on Thursday.
Oklahoma Votes to Outlaw Ransomware as Threats Grow (Governing) State lawmakers unanimously passed an anti-ransomware bill, outlawing a type of cyber attack that cost computer users at least $1 billion in 2019. But investigating and prosecuting the hackers may prove difficult.
Connecticut Legislature Considers Incentivizing Adoption of Cybersecurity Best Practices (PR Newswire) The Center for Internet Security, Inc. (CIS®) testified before the Commerce Committee of the State of Connecticut General Assembly last...
New Calif. Privacy Board Poised To Balance Various Interests (Law360) The Squire Patton Boggs LLP attorney and four others selected to helm the inaugural California Privacy Protection Agency are expected to leverage their broad experience across industry, advocacy and academia to strike a measured approach to crafting rules and enforcing cutting-edge digital privacy issues.
Litigation, Investigation, and Law Enforcement
Top NATO Scientist With Security Clearance Busted Spying for China (The Daily Beast) An Estonian military defense scientist, who held a senior role at NATO, was convicted of spying for China last week.
Tokyo police toughening espionage crackdowns amid intel threat from China, N. Korea - The Mainichi (The Mainichi) The Metropolitan Police Department (MPD)'s Public Security Bureau will realign its foreign affairs department as part of efforts to beef up c
India Wants Court to Block WhatsApp’s Controversial Privacy Rule (Bloomberg) Modi government urges a high court to restrain WhatsApp. India says WhatsApp’s policy violates technology laws.
Facebook facing new antitrust probe in UK (SeekingAlpha) Facebook ([[FB]]+3.9%) is facing an antitrust investigation in the UK, the Financial Times reports
Foreign Nationals Sentenced for Roles in Transnational Cybercrime Enterprise (US Department of Justice) Two foreign nationals — one Russian, the other North Macedonian national —were sentenced today for their role in the Infraud Organization, a transnational cybercrime enterprise engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, computer malware, and other contraband.
Cisco Denied New Trial After $1.9 Billion Security-Patent Loss (Bloomberg Law) Cisco Systems Inc.’s request for a new trial after a $1.9 billion patent loss to a startup was rejected Wednesday by a Virginia federal judge, who said many of the networking company’s defenses at trial were unreasonable.
Cisco's new trial bid rejected after $1.9 billion patent infringement case (Reuters) A federal judge in Virginia has denied Cisco Systems Inc.'s request for a new trial, following the company's $1.9 billion loss in a patent infringement case brought by cybersecurity provider Centripetal Networks Inc. U.S. District Judge Henry Coke Morgan Jr. of the Eastern...
Internet tip leads feds, SC police to arrest Lancaster County man for child porn (Herald) A Lancaster County man faces as much as 200 years in prison after he was charged for sharing child porn over the internet, officials said.
When in Doubt, Report Cybersecurity Events (JD Supra) The New York State Department of Financial Services (DFS) announced the $1.5 million settlement of its investigation of Residential Mortgage Services...
Time for Answers About Those Intelligence Reports DHS Filed About Me (Lawfare) I’m not seeking damages or a judgment that what the Department of Homeland Security did was illegal, but I do want to understand who else the department reported on based on First Amendment-protected activity.
Cyber attack tied to China boosts development bank's chief (The Ridgefield Press) The cyberattack crested just as finance officials from across Latin...