Today is the last day to send us your feedback in exchange for a chance to win a $100 Amazon gift card. We'd love to hear how we can provide the best content for you, and help make your life easier (and more cybersecure).
More Signal. Less Noise.
The speed of automation and hacker expertise is a security game changer.
Today developers largely outnumber security engineers by 100:1 and there are few people with access to security expertise. Turning to ethical hackers for knowledge to bolster security toolboxes is a growing trend in the community. Detectify CEO Rickard Carlsson discusses how security startups are challenging conventional cybersecurity solutions using the speed of automation and hacker expertise, and how these game changers are involving developers with security. View the full discussion.
Vaccination phishbait. Ransomware vs. Exchange Server. Purple Fox's wormy rootkit. Ransomware hits Sierra Wireless. ICS alerts.
Announcements
Last day to take our survey (and a chance for a gift card).
Summary
Palo Alto Networks’ Unit 42 this morning released a report describing how cybercriminals are taking advantage of the COVID-19 pandemic. Their reliance on hurrying the victims with a factitious sense of urgency has continued to shift: as vaccines are rolled out, the phishbait now tends to include vaccine availability and vaccination scheduling.
DearCry and Black Kingdom ransomware continue being deployed against vulnerable Microsoft Exchange servers. WIRED notes that DearCry’s relative lack of sophistication renders it a less dangerous threat. The Record reports that Black Kingdom’s kickoff of its own operations against Exchange Servers was sloppy (they’d failed to encrypt victims’ files) but that by yesterday they’d rectified their mistake.
Guardicore describes Purple Fox, an active malware campaign targeting Windows machines. It's backed by an extensive infrastructure, and it includes a rootkit with worm capabilities.
In a Form 6-K filed yesterday with the Securities and Exchange Commission, Sierra Wireless disclosed that on March 20th it discovered a ransomware attack that led it to suspend manufacturing. The company believes only internal systems were hit, with "customer facing products and services" unaffected.
The US Cybersecurity and Infrastructure Security Agency (CISA) yesterday released six advisories on industrial control systems: Ovarro TBox, GE MU320E, Weintek EasyWeb cMT, Rockwell Automation MicroLogix 1400 (Update A), Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A), Ovarro TBox, and GE Reason DR60. Claroty published its own research on one system's vulnerabilities, Ovarro TBox, which the researchers believe illustrates the risks of connecting unprotected control systems to the Internet.
Notes.
Today's issue includes events affecting Canada, China, India, Israel, Japan, the Democratic People Republic of Korea, Montenegro, NATO/OTAN, Russia, the United Kingdom, and the United States.
In COVID-19 era, IT leaders see uptick in risky remote work behaviors
In a remote work world, managing and securing endpoints has never been more important. Tanium, provider of endpoint management and security built for the world's most demanding IT environments, published a report with PSB Insights on the new security challenges facing organizations as a result of the COVID-19 pandemic. IT Leads the Way: How the Pandemic Empowered IT features intelligence from 500-senior level IT decision makers. Visit tanium.com/EmpowerIT to download the full report.
Sponsored Events
7th Annual Cybersecurity Virtual Conference for Executives (Virtual, Mar 10 - 24, 2021) Assessing and managing your organization’s top risks is key to protecting its sensitive data. Join Ankura and Johns Hopkins Information Security Institute for the 7th Annual Cybersecurity Virtual Conference for Executives to discuss the do’s and don’ts of risk management with industry leaders and other #cyber professionals. Join us on three consecutive Wednesdays in March (March 10, 17, 24). Learn more.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
Japan gov't, many local bodies halt use of Line app following data breach (The Mainichi) After revelations that personal data of users of the free messaging app Line was accessible to a Chinese affiliate firm sent shockwaves acros
TBox Remote Terminal Unit (RTU) Vulnerabilities Found by Claroty (Claroty) The Claroty Research Team found and disclosed vulnerabilities affecting Ovarro’s TBox RTUs and its TWinSoft engineering software.
AWS Authorization Bypass - Security Risk You Should Be Aware Of (Lightspin) AWS cloud misconfigurations can leave your organization open to security risks on the cloud. Lightspin uncovers a unique potential cloud security vulnerability when creating AWS permissions.
Purple Fox Malware Squirms Like a Worm on Windows (SecurityWeek) Malware hunters at Guardicore are warning that an aggressive botnet operator has turned to SMB password brute-forcing to infect and spread like a worm across Windows machines.
Purple Fox Rootkit Now Propagates as a Worm (Guardicore) Purple Fox is an active malware campaign targeting Windows machines. Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails.
Microsoft Exchange servers targeted by second ransomware group (The Record by Recorded Future) In the midst of a patching frenzy, Microsoft Exchange email servers are under attack from a new ransomware gang. Going by the name of Black Kingdom, this ransomware gang was first spotted last year in June, when they used vulnerabilities in Pulse Secure VPN products to breach corporate networks and install their file-encrypting payload.
The Peculiar Ransomware Piggybacking Off of China’s Big Hack (Wired) DearCry is the first attack to use the same Microsoft Exchange vulnerabilities, but its lack of sophistication lessens the threat.
Data of 6.5 million Israeli citizens leaks online (The Record by Recorded Future) The voter registration and personal details of millions of Israeli citizens were leaked online on Monday, just two days before the country held general elections for its unilateral parliament, known as the Knesset.
A day before elections, hackers leaked details of millions of Israeli voters (Security Affairs) Hackers have exposed personal and voter registration details of over 6.5 million Israeli voters, less than 24 hours before the election. A few hours before the election in Israel, hackers exposed the voter registration and personal details of millions of citizens. The source of the data seems to be the app Elector developed by the […]
New DDoS attack vector discovered in DCCP protocol (The Record by Recorded Future) Internet infrastructure company Akamai said today it observed threat actors abusing a relatively unknown networking protocol to crash internet servers.
Are you sharing too much data with your car? (The Irish Times) Pairing your phone with your vehicle can inadvertently give your information to third parties
Researchers Dive into the Operations of SilverFish Cyber-Espionage Group (SecurityWeek) Researchers investigating the SolarWinds attacks has discovered a new APT group called SilverFish that has conducted cyber-attacks on at least 4720 targets worldwide.
The Cybersecurity 202: Online scammers seize confusion about vaccine registration to steal personal information (Washington Post) Online scams luring victims with promises of a vaccine are spiking, according to a new report out today from researchers at cybersecurity firm Palo Alto Networks.
Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech (Unit42) We describe trends in COVID-19 themed phishing attacks since the start of the pandemic to gain insight into the topics that attackers try to exploit.
A recent cyberbreach proves that Florida’s drinking water is surprisingly easy to poison (Orlando Weekly) Out of their depth
Industrial giant Honeywell says it has ‘returned to service’ after cyber intrusion (CyberScoop) Honeywell, a Fortune 100 firm that makes aerospace and energy equipment, said Tuesday that malware had disrupted “a limited number” of its computer systems. Honeywell said it had “returned to service” following the incident, but the Charlotte, North Carolina-based firm’s statement did not elaborate on how service was disrupted.
Two large government conference organizers suffer data breach (Federal News Network) In today’s Federal Newscast, two large government conference organizers say the third party vendor they use for conference registration was the victim of a ransomware attack.
This is some of the worst news that a bank customer can get after a hack (BGR) Earlier this month, the Michigan-based bank Flagstar disclosed that a security incident had occurred, following the hack by a group of ransomware attackers who exploited a bank vendor’s zero-…
Sierra Wireless Says Ransomware Disrupted Production at Manufacturing Facilities (SecurityWeek) IoT company Sierra Wireless was recently targeted in a ransomware attack that disrupted production at manufacturing facilities.
CNA insurance firm hit by a cyberattack, operations impacted (BleepingComputer) CNA Financial, a leading US-based insurance company, has suffered a cyberattack impacting its business operations and shutting down its website.
Phish Leads to Breach at Calif. State Controller (KrebsOnSecurity) A phishing attack last week gave attackers access to email and files at the California State Controller's Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security…
Notice of Data Breach (California State Controller's Office: Unclaimed Property) An employee of the California State Controller’s Office (SCO) Unclaimed Property Division clicked on a link in an email they received and then entered their user ID and password as prompted, unknowingly providing an unauthorized user with access to their email account. The unauthorized user had access to the account from March 18, 2021 at 1:42 p.m. to March 19, 2021 at 3:19 p.m.
BREAKING: FBS major leak exposes clients data (FinanceFeeds) Nearly 20TB of data was leaked comprising more than 16 billion records. Millions of FBS users spread across the world were affected.
Data Breach: Millions of Confidential Records Exposed in Online Trading Broker Data Leak (WizCase) Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Were such detailed personally identifiable ...
Hobby Lobby Exposes Customer Data in Cloud Misconfiguration (Threatpost) The arts-and-crafts retailer left 138GB of sensitive information open to the public internet.
Ransomware gang leaks data stolen from Colorado, Miami universities (BleepingComputer) Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group.
Ransomware Group Leaks Information From CU Cyberattack On Dark Web (CBS Denver) A ransomware group has leaked data allegedly stolen from the University of Colorado on the dark web.
University of Northampton hit by cyber-attack (BBC News) The University of Northampton says it is still working to recover from the attack a week ago.
Alton confirms 'data incident' in early March (Alton Telegraph) City officials are acknowledging a data breach occurred earlier this...
Ransomware Extortion Threat Actors Post Data from 4 Healthcare Entities (HealthITSecurity) Three ransomware threat actors behind Avaddon, Conti, and the new variant Babuk leaked data they claim to have stolen from four healthcare providers in recent weeks, as the extortion trend continues.
Polk County Schools says student information may have been exposed in data breach (WTSP) The letter says the child's name, student identification number and date of birth were potentially exposed in a data breach in December 2019.
Fake romance, influencer scams thriving on Instagram (Tribuneindia News Service) Facebook-owned Instagram has seen a surge in frauds on its platform that were up by 50 per cent since the pandemic began, and scams related to romance, phishing and influencer sponsors top the chart, a new report said on Tuesday.
Security Patches, Mitigations, and Software Updates
Ovarro TBox (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Ovarro
Equipment: TBoxLT2 (All models), TBox MS-CPU32, TBox MS-CPU32-S2, TBox RM2 (All models), TBox TG2 (All models)
Vulnerabilities: Code Injection, Incorrect Permission Assignment for Critical Resource, Uncontrolled Resource Consumption, Insufficiently Protected Credentials, Use of Hard-coded Cryptographic Key
2.
GE MU320E (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: GE
Equipment: MU320E
Vulnerabilities: Use of Hard-coded Password, Execution with Unnecessary Privileges, Inadequate Encryption Strength
2.
Weintek EasyWeb cMT (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Weintek
Equipment: cMT
Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to access sensitive information and execute arbitrary code to gain root privileges.
Rockwell Automation MicroLogix 1400 (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely
Vendor: Rockwell Automation
Equipment: MicroLogix 1400
Vulnerability: Buffer Overflow
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-033-01 Rockwell Automation MicroLogix 1400 that was published February 2, 2021, to the ICS webpage on us-cert.cisa.gov.
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Rockwell Automation
Equipment: CompactLogix and ControlLogix controllers
Vulnerability: Improper Input Validation
2.
Ovarro TBox (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Ovarro
Equipment: TBoxLT2 (All models), TBox MS-CPU32, TBox MS-CPU32-S2, TBox RM2 (All models), TBox TG2 (All models)
Vulnerabilities: Code Injection, Incorrect Permission Assignment for Critical Resource, Uncontrolled Resource Consumption, Insufficiently Protected Credentials, Use of Hard-coded Cryptographic Key
2.
GE Reason DR60 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: GE
Equipment: Reason DR60
Vulnerabilities: Hard-coded Password, Code Injection, Execution with Unnecessary Privileges
2.
Firefox 87 Adds Stronger User Privacy Protections (SecurityWeek) The open-source Firefox web browser adds a new tracker blocking mechanism in the latest stable channel update.
More than half of Microsoft vulnerabilities solved by removing admin rights (ARN) More than half of Microsoft vulnerabilities could be solved by removing admin rights, according to cyber security vendor BeyondTrust.
Cyber Trends
PC Matic Survey Finds One Year After Onset of COVID-19 Pandemic, Employer Work from Home Cybersecurity Practices Remain Inadequate (PC Matic) Report summarizes findings from a survey of nearly 6,000 Americans; Results, in comparison to 2020 findings, signals employers continue to rely on lax cybersecurity policies; Concludes those working from home remain at high-risk for falling victim to cybercrime.
Gartner’s eight security trends for 2021 (CRN Australia) Addresses the challenges of a dispersed infrastructure.
FBI reports 12x surge in phishing complaints over the past 5 years (Atlas VPN) Atlas VPN's analysis reveals that phishing in the US soared over 12 times in the last five years, hitting a record 241,342 complaints in 2020. This data is provided by the Federal Bureau of Investigation’s (FBI) branch called Internet Crime Complaint Center (IC3).
Anti-Spoofing for Email Gains Adoption, but Enforcement Lags (Dark Reading) More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.
On the Road to Good Cloud Security: Are We There Yet? (Dark Reading) Misconfigured infrastructure is IT pros' top cloud security concern, but they're conflicted on how to address it in practice.
Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement (Help Net Security) 1.28 million domain owners have configured DMARC for their domains, but only 14% are protected from spoofing by an enforcement policy.
Cybercriminals capitalizing on our reliance on the cloud (Help Net Security) 90% of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to Centrify.
Cyberattacks on remote work infrastructure continue to rise in 2021 (mint) In brute force attacks, hackers test different usernames and passwords until they find the correct combination which will allow them entry into the corporate network and resources
National Privacy Tests: country rankings, and insights (NordVPN) The National Privacy Test scores internet users' digital habits, digital privacy awareness, and digital risk tolerance.
Marketplace
ID.me Raises $100 Million in Funding at $1.5 Billion Valuation to Build the Identity Layer of the Internet (PR Newswire) ID.me, the leading secure digital identity network, today announced it has raised $100 million in a Series C funding round led by Viking Global...
ID.me Snags $100M in Series C Funding (SecurityWeek) Digital identity network firm ID.me has joined list of cybersecurity unicorns after banking a new $100 million funding round that values the company at $1.5 billion.
Cloud Security Company Orca Raises $210 Million at $1.2 Billion Valuation (SecurityWeek) Cloud security company Orca becomes a unicorn after raising $210 million in a Series C funding round at a valuation of $1.2 billion.
Orca Security Reaches Cybersecurity Unicorn Status (Orca Security) By creating a cloud security solution that actually works, Orca Security is one of the fastest among all cybersecurity unicorns to achieve that status!
Identity Verification Provider Jumio Snags $150M Investment (SecurityWeek) With new financial backing from Great Hill Partners, Jumio plans to invest in automating identity verification solutions and adding new services to its platform.
Identity Verification Leader Jumio Secures $150 Million from Great Hill Partners (BusinessWire) Jumio, the leading provider of AI-powered end-to-end identity verification and eKYC solutions, today announced it secured a $150 million investment fr
New Cyber Vulnerability Ranking Platform Secures $500K In Seed Funding (PR Newswire) RankedRight, the new platform which has been predicted to supercharge the efficiency of IT security teams across the world has secured $500,000...
SCADAfence Secures $12M in Funding (FinSMEs) SCADAfence, a NYC- Munich, Germany- Ramat Gan, Israel- Tokyo, Japan-based provider of cybersecurity solutions for Operational Technology (OT) & Internet of Things (IoT) environments, secured $12m in funding
Amazon Delivery Drivers Forced to Sign ‘Biometric Consent’ Form or Lose Job (Vice) The new cameras, which are being implemented nationwide, use artificial intelligence to access drivers' location, movement, and biometric data.
AIS receives $49.9M military contract (Rome Daily Sentinel) Assured Information Security (AIS) of Rome has been awarded a $49.9 million cost-plus-fixed-fee completion contract through the Air Force for the Dauntless Cyber Platform/Prototype, AIS announced in conjunction with U.S. Sen. Charles E. Schumer, D-NY.
Allied Universal(R) Hires Financial Veteran as Global CFO (Accesswire) Allied Universal®, a leading security and facility services company in North America, recently hired Tim Brandt as the company's Global CFO. Brandt will lead the financial operations of the company, and will focus on the upcoming acquisition and integration of G4S, and the eventual IPO of the newly consolidated company. Allied Universal® hires Tim Brandt as the company’s
Qualys Announces Resignation of CEO Philippe Courtot (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced...
Products, Services, and Solutions
[Analyst Report] The Forrester Wave™: External Threat Intelligence Services, Q1 2021 (FireEye) In our 26-criterion evaluation of external threat intelligence services providers, we identified the 12 most significant ones — CrowdStrike, Digital Shadows, FireEye, Flashpoint, Group-IB, IBM, Intel 471, IntSights, Kaspersky, Recorded Future, RiskIQ, and ZeroFOX — and researched, analyzed, and scored them. This report shows how each provider measures up and helps security and risk professionals select the right ones for their needs.
Get Hooked on Smart Hooks (OneLogin Developers) Learn about Smart Hooks, which you can use to interact with common workflows, build customizations and integrate with almost any external system.
How Sydney's TribeTech resells quantum computing-powered services (CRN Australia) Through systems rented from major cloud providers.
Mexico’s Leading Neobank albo Partners with Acuant to Tackle AML/KYC Compliance (GlobeNewswire) Acuant, a leading global provider of identity verification solutions, today announced a partnership with albo, Mexico’s leading Neobank, which has integrated Acuant’s Trusted Identity Platform to provide a seamless and secure digital Know Your Customer (KYC) experience for customers and to meet compliance with Anti-Money Laundering (AML) regulations issued by the Mexican authorities.
Introducing TrustGrid™, The World's First Secure Digital Ecosystem (PR Newswire) TrustGrid Pty Ltd today announced the worldwide launch of TrustGrid™, the world's first digital trust ecosystem. With a high degree of privacy,...
AttackIQ Announces Major Platform Innovations to Bolster Informed Defense Architecture (BusinessWire) AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced a series of technology innovations to the Att
WTW launches cyber product for power & utilities firms (Insurance Business) Policy designed to protect critical targets from cyberattacks
42Crunch API Security Platform March 2021 Release (42Crunch) Today we are happy to announce the global availability of the latest version of the 42Crunch API Security Platform. Check out the new features....
Airlock Allowlisting Solution Blocks Ransomware And Reduces Operational Overhead For IT And Cybersecurity Teams (Scoop News) Australian cybersecurity pioneer Airlock Digital continues to enhance its industry-leading allowlisting solution to more effectively block malware, ransomware and zero-day attacks, help comply with cybersecurity standards, ...
Local Government Pensions Institution in Finland prepares for cyber threats systematically with Nixu’s support (News Powered by Cision) Keva, the largest pension agency in
Thales helps Microsoft customers protect their sensitive data in the cloud (Intelligent CIO Middle East) Thales has announced a new data protection capability for Microsoft customers to benefit from the power of the full range of Microsoft 365 applications while protecting sensitive data in the cloud and meeting major data privacy regulations and requirements. Designed for companies that operate in highly-regulated sectors such as financial services and healthcare, Thales’ Luna […]
Udacity Launches School of Cybersecurity to Ready the Next Generation of Digital Defenders, Addressing a Widening Skills Gap (PR Newswire) Udacity, the global online learning platform that trains the world's workforce for the careers of the future, today launched its School of...
Recorded Future's Third-Party Intelligence Solution Provides Unmatched Visibility for Mitigating Supply Chain Risk (PR Newswire) Recorded Future, the world's largest provider of intelligence for enterprise security, today announced enhancements to its Third-Party...
Herjavec to Handle Cybersecurity for Formula 1 (Infosecurity Magazine) Formula 1 appoints Herjavec Group as official cybersecurity services provider
Vietnamese cybersecurity firm Bkav exports Bphone to Europe (Phnom Penh Post) Vietnam-based cybersecurity corporation Bkav has exported its first batch of its Bphone to Europe, according to CEO Nguyen Tu Quang. Quang said the order came from a military buyer and that the first Bphone will be used for “key staff”, without elaborating further.
IBM Launches New and Enhanced Services to Help Simplify Security for Hybrid Cloud (PR Newswire) Today, IBM (NYSE: IBM) Security announced new and enhanced services designed to help organizations manage their cloud security strategy,...
Exabeam Announces New Product to Solve Alert Fatigue and Prevent Breaches (Exabeam) Exabeam Alert Triage helps security teams make sense of all third-party security alerts generated across the organization
Infrascale Backup and Disaster Recovery Launches as Next-Generation Disaster Recovery Offering (Infrascale) Infrascale today announced the launch of Infrascale Backup and Disaster Recovery (IBDR), the next generation of the Infrascale Disaster Recovery (IDR) product sold to MSPs and VARs servicing SMB and mid-market. IBDR is a Disaster Recovery as a Service (DRaaS) hybrid cloud solution: one part software/hardware on-premises with customers’ data and servers and one part service infrastructure in the cloud.
Acronis integrates with Kaseya VSA for streamlined MSP management of gapless cyber protection (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
Technologies, Techniques, and Standards
New Software Vendor Standards Coming Within Weeks, CISA Head Says (Nextgov.com) The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.
2021 Cybersecurity Role & Career Path Clarity Study (Infosec Institute) Using the NICE Workforce Framework for Cybersecurity to recruit talent & upskill teams
PC Matic COVID-19 Work from Home Trends (PC Matic) A year into the pandemic and the face of American business has changed. Remote work is, in some respects at least, here to stay for many companies who didn’t use it as an option previously. What does that look for cybersecurity? With employees working remotely, and ransomware attacks on the rise, cybersecurity is a critical component of remote work.
Best practices for cybersecurity defences in the new normal - Security News Desk UK (Security News Desk UK) The latest cyber data breach headline is the Which? & Red Maple Technologies research. How has cybersecurity threats changed during Covid-19 and how can we mitigate risk?The release of Which? & Red Maple Technologies research found that stolen Tesco Clubcard, Deliveroo & McDonald’s accounts are being advertised cheaply on the dark web. This headline is just another data breach from
Only half of enterprises have a dedicated cyber security department (Information Age) A report by Kaspersky has found that only half (52%) of enterprises globally have a dedicated cyber security department
Anti-Spoofing for Email Gains Adoption, but Enforcement Lags (Dark Reading) More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.
‘Browser Isolation’ Takes On Entrenched Web Threats (Wired) Cloudflare says it’s possible to build a version of the notoriously slow and buggy tool without compromising on speed.
Research and Development
AFRL releases cyber advancement BAA (Intelligence Community News) On March 23, the Air Force Research Lab released the Capabilities for Cyber Advancement broad agency announcement (BAA).
Academia
RIT wins Northeast regional collegiate cyber defense competition (RIT) A team of RIT cybersecurity students is moving on to the National Collegiate Cyber Defense Competition (NCCDC), after taking first place at the regional competition March 19–21. The annual event is part of the nation’s largest college-level cyber defense competition.
Legislation, Policy and Regulation
Covert Action, Espionage, and the Intelligence Contest in Cyberspace (War on the Rocks) In recent months, the world learned that China carried out an indiscriminate hack against Microsoft Exchange, while Russia hacked U.S. information
Huawei ban timeline: China reportedly tries Canadians in possible retaliation for exec's arrest (CNET) Here's a breakdown of the controversy surrounding the Chinese phone maker and telecommunications supplier.
Sierra Leone’s proposed cyber-crime legislation is a threat to free speech and civil liberty (Sierra Leone Telegraph) Sierra Leone Telegraph: 23 March 2021: In the past, politicians in Sierra Leone would invoke sections of the notorious Public Order Act that criminalized libel to suppress free speech and the press…
UK Unveils Plan for Smaller, More High-Tech Armed Forces (SecurityWeek) Britain plans to cut the size of its army and boost spending on drones, robots and a new “cyber force” under defense plans announced by the government.
Explainer: What does the UK’s Integrated Review mean for cybersecurity? (The Daily Swig) Stephen Pritchard sheds light on the government’s new defense strategy
SolarWinds compromise leaves Senate questioning agency cyber defenses (Utility Dive) Existing cyber defense programs fell short in detecting and defending U.S. agencies, a shortcoming that exacerbated SolarWinds fallout.
DHS Cyber Chief Says Hacks Slowed Progress on Public-Private Collaboration (Wall Street Journal) Hacks of U.S. agencies and companies in recent months have set back efforts to improve the public-private collaboration seen as key to defending against future attacks, the Department of Homeland Security’s top cyber official said.
Recent Cyber Attacks Show Increased Nation State Activity, Says Former NSA Director (BusinessWire) Cyber attacks launched by nation states are becoming more proficient and aggressive, Admiral (ret.) Michael S. Rogers tells NetDiligence webinar.
DHS Seeks Permission to Collect More Cyber Vulnerability Data (Meritalk) The Department of Homeland Security (DHS) is seeking comments on an Information Collection Request (ICR) to the Office of Management and Budget (OMB) to allow DHS to assist executive branch agencies in collecting cybersecurity vulnerability information and post the information on their own agency websites.
New bill could require Big Tech to pay news publishers for content (ABC News) U.S. lawmakers are going after Big Tech again, as Congress re-introduces a bill that could require companies like Facebook and Twitter to pay publishers for content. This battle already played out in Australia, where last month legislation passed requiring Facebook and Google to pay for news.
Bipartisan lawmakers introduce $35 billion water infrastructure bill (TheHill) A bipartisan group of lawmakers on Tuesday introduced a bill that seeks to give states more money to address aging water infrastructure, putting funds toward reducing lead levels and projects to address the impacts
Status Of Proposed CCPA-Like State Privacy Legislation As Of March 22, 2021 (JD Supra) Keypoint: It was another busy week with bills introduced in Colorado, New York and West Virginia, a committee hearing in New Jersey on three bills, a...
Litigation, Investigation, and Enforcement
Montenegrin Secret Service Chief Under Fire After Allegedly Disclosing NATO Ally's Data (RadioFreeEurope/RadioLiberty) Prosecutors in Montenegro say they have opened a preliminary investigation into the alleged disclosure of classified information by the head of the National Security Agency (ANB), Dejan Vuksic.
CISA and NSA: The Times, They Are A-Changin.’ Identity is Everything Now (CyberArk) The recent SolarWinds Senate hearing and a flurry of subsequent briefings have unearthed new questions around the attack, which acting director of the U.S. Cybersecurity and Infrastructure Agency...
First North Korean National Brought to the United States to Stand Trial for Money Laundering Offenses (US Justice Department) After nearly two years of legal proceedings, Mun Chol Myong (“Mun”), 55, a national of the Democratic People’s Republic of Korea (DPRK), has been extradited to the United States. This case represents the first ever extradition to the United States of a DPRK national.
New York Regulator Issues Second Enforcement Action Under Cyber Rules (Insurance Journal) The New York Department of Financial Services' (DFS) second enforcement action to date under its cybersecurity regulation underscores the importance of
The Circuit Split Continues: 11th Circuit Weighs in on Standing in Data Breach Litigation (The National Law Review) The 11th Circuit recently weighed in on the hottest issue is data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Joining several other circuit cour
Arrest, Prosecution, and Incarceration: The Cybercriminal Perspective (Digital Shadows) Digital Shadows visits a few cybercriminal forums to gather clues and report on the cybercriminal perspective on arrest, prosecution, and incarceration.
Cybercriminals exchange tips on avoiding arrest, jail in underground forums (ZDNet) Covering early mistakes, who to target, and what to do when on the verge of arrest are all hot topics.
Step Carefully: Protecting Data Breach Expert Reports from Discovery (JD Supra) In order to provide legal advice to clients in the aftermath of a hacking, lawyers must rely on digital forensics investigators to understand the...
The Coast News Group (The Coast News Group) Your community. Your newspaper. Covers Camp Pendleton, Oceanside, Carlsbad, Encinitas, Solana Beach, Del Mar, Carmel Valley, Rancho Santa Fe, Escondido, San Marcos & Vista.
Industry Events
newly Noted Events
Security Summit: South Africa (Virtual, Apr 22, 2021) With the constant threats to payment security globally, it’s important, now more than ever, that we help secure the future of payments together. Join the PCI Security Standards Council and invited guests for a special free online program for payment security professionals in South Africa. The PCI SSC Security Summit: South Africa is scheduled for Thursday, 22 April 2021 and will include updates from the Council, regional insights, and a panel discussion with local industry leaders. Don’t miss out on this opportunity.
Security Summit: India (Virtual, Jun 3, 2021) We provide you with the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out.
Security Summit: Latin America (Virtual, Aug 12, 2021) We provide you with the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out.
upcoming Events
National Cyber League (NCL) Spring Season (Virtual, Feb 15 - Apr 11, 2021) The National Cyber League (NCL) is a defensive and offensive biannual puzzle-based, capture-the-flag style cybersecurity competition allowing US high school and collegiate students of all skill levels to showcase and build their skills. Its virtual training ground helps students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. Between easy, medium and hard challenges, students identify their strengths and weaknesses and expand their portfolio with an NCL Scouting Report. Registration for the Spring Season closes March 9, 2020.
SoCal Cyber Cup Challenge (SCCC) (Virtual, Feb 15 - May 31, 2021) Now in its 12th year, the SoCal Cyber Cup Challenge (SCCC) is a cybersecurity competition for middle school, high school, and community college students in the Southern California region, started by NDIA San Diego. Supported by a Department of Defense grant, this year’s competition will include community college students and extensive training for competitors and their mentors. As part of the grant, faculty from Coastline College, Palomar College, and Riverside City College will be supporting the challenge by developing mentor training content and promoting the competition.
Priv8 Digital Privacy Summit (Virtual, Mar 23 - 25, 2021) The summit will feature keynotes from all fronts of the privacy war, including Whistleblower & Cybersecurity Expert Edward Snowden, Founder and CEO of the Electric Coin Company Zooko Wilcox, Electronic Frontier Foundation Executive Director Cindy Cohn, Digital Minister of Taiwan Audrey Tang, Executive Director at the Linux Foundation, Brian Behlendorf, as well as Co-founder and CEO of Orchid, Dr. Steven Waterhouse. Priv8 topics will illuminate the battlelines between freedom versus safety in the perpetual privacy crisis, focusing on how we communicate, transact financially and live in the era of digital surveillance. The summit will enhance the conversation around the future of digital privacy, reveal how the pandemic accelerated existing trends and analyze how people can protect their rights online.
The Cybersecurity Summit (Virtual, Mar 23 - 25, 2021) Join Cipher Brief CEO and Publisher Suzanne Kelly and former Deputy Director of the National Security Agency Rick Ledgett for a world-class, three-day virtual Cybersecurity Summit engaging experts from the public and private sectors on today's most pressing cybersecurity issues including: lessons learned from the SolarWinds hack, adapting a forward-leaning defense posture for private companies, and the latest innovative ideas for information sharing. This event is available to Cipher Brief members and non-members, and will take place over three days, from 11:00AM to 1:30PM (ET)
CyberMaryland Conference (Virtual, Mar 24, 2021) The CyberMaryland Conference is an annual event presented by the Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. This year’s theme,"Building the Cyber Generation," encompasses the event’s intent to ensure the cyber-safety of today and educate the cybersecurity professionals of tomorrow. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cybersecurity.
Sponsor & Support
Grow your brand, generate leads, and fill your funnel.
With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.