Cyber Attacks, Threats, and Vulnerabilities
Australian former intelligence boss, business leaders and university student caught up in Chinese police data leak (ABC) The identities of more than 160 Australian citizens — including a former intelligence chief, government officials and business leaders — are exposed in hacked Shanghai police files that reveal the inner workings of China's surveillance state.
Google: North Korean hackers target security researchers again (BleepingComputer) Google's Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts.
Suspected North Korean hackers set up fake company to target researchers, Google says (CyberScoop) North Korean hackers have set up a fake security company and social media accounts to target security researchers with malware, Google found.
Update on campaign targeting security researchers (Google) An update on a hacking campaign targeting security researchers.
After Chinese, now North Korean hackers are eyeing CoWIN, cyber intel firm alerts (ThePrint) Cyber intelligence firm Cyfirma says purpose of fake CoWIN sites is to collect personal information from Indian users and use that for cyberattacks.
USA to publish detailed analysis of SolarWinds hacking tools (Computing) The report details 18 pieces of malware used in the attack, including the Sunshuttle backdoor, China Copper webshell and covert Sibot tool
US to publish details on suspected Russian hacking tools used in SolarWinds espionage (CyberScoop) U.S. military and security officials are preparing to publish one of their most detailed analyses yet of the hacking tools used by suspected Russian spies in a campaign that the Biden administration has labeled a national security threat.
As SolarWinds Announces More Patches, Analysts Offer Advice (BankInfo Security) Although SolarWinds has released a second round of patches for flaws in its Orion network monitoring platform that was targeted in a supply chain attack, some
The Emails of the Department of Homeland Security exposed (Heimdal Security Blog) Email accounts belonging to US Department of Homeland Security (DHS) officials seem to have been exposed during the SolarWinds attack.
SolarWinds highlights "alarming" cyberattack trend (Insurance Business) Managed service providers are becoming heavily targeted, says expert
Revelations About Securing Hybrid Cloud Environments Post-SolarWinds (Cyberark) In the early 1960s, J.C.R. Licklider, director of the Pentagon’s Information Processing Techniques Office (IPTO), spoke of a future “intergalactic computer network” that would serve as the “main...
SolarWinds Attack Has Growing, Worsening Impact on Cybersecurity Pros (Channel Futures) Few cyber breaches have caused more anxiety among cybersecurity experts than the 2020 SolarWinds attack, which worsens as new details come to light.
The Microsoft Exchange Server Exploit: What Happened Next (Digital Shadows) A lot has happened since the Microsoft Exchange Server Exploit. In this blog, we take on what happened next.
Iranian Hackers Target Medical Personnel in US, Israel (SecurityWeek) Iran-linked TA453 attempted to phish senior medical professionals in the United States and Israel, who specialized in various research.
Hackers are implanting multiple backdoors at industrial targets in Japan (The Hacker News) APT10 Hackers Implant Multiple Backdoors at Industrial Targets in Japan
Malware hidden in game cheats and mods used to target gamers (BleepingComputer) Threat actors target gamers with backdoored game tweaks, patches, and cheats hiding malware capable of stealing information from infected systems.
Activision Reveals Malware Disguised as 'Call of Duty: Warzone' Cheats (Vice) Security researchers at the gaming company published a report that details a hacking campaign that used malware hidden inside a cheat for the popular online game.
The latest malware hiding in video game cheat codes (CyberScoop) Hackers have been lacing malware in video game cheat codes that give them access to microphones or webcams, Cisco Talos researchers found.
Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Elevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454) (Trustwave) Umbraco version 8.9.0 (also seen in 8.6.3) has a privilege escalation issue in the core administrative screens which allows a low privileged user to access various resources otherwise limited to higher privileged users. The issue exists in an API endpoint that does not properly check the user’s authorization prior to returning results found in the application’s logging section.
Can I Have Some More? Blatant Financial Scam Makes Way to Inboxes (Avanan) Avanan researchers uncovered a financial scam aiming to extract sensitive bank information from victims. It was missed by ATP.
BazarCall malware uses malicious call centers to infect victims (BleepingComputer) For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware.
Fake jQuery files infect WordPress sites with malware (BleepingComputer) Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious.
Malicious Docker Cryptomining Images Rack Up 20M Downloads (Threatpost) Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers.
Intelligints Publishes Research on Advanced Cyber Attack Footprint (Watertown Public Opinion) Intelligints, a leading cybersecurity organization specializing in security related services worldwide, has announced today the identification of an advanced cyberattack that might go undetected in your IT environment.
Lessons Learned from New York’s Second Cybersecurity Action (JD Supra) The New York Department of Financial Services (NYDFS) has announced its second regulatory enforcement action against a regulated entity (a New York...
Industry Letter - March 30, 2021: Cyber Fraud Alert Follow-Up (Department of Financial Services) We write to alert you again to an ongoing cybercrime campaign that is a serious threat to consumers. It has already resulted in theft of sensitive data for hundreds of thousands of New Yorkers. Financial services companies should take immediate action to protect consumer data from this ongoing cybercrime.
Ubiquiti cyberattack may be far worse than originally disclosed (BleepingComputer) The data breach report from Ubiquiti in January is allegedly a cover-up of a massive incident that put at risk customer data and devices deployed on corporate and home networks.
‘All Data Deleted’: Mobikwik Hackers Wipe Out Details After Breach (TheQuint) This comes after Mobikwik on Tuesday, 30 March, said they would initiate a forensic data security audit.
Data breach allegations: MobiKwik forensic audit gets moving on RBI order (Business Standard) Payments firm says working closely with requisite authorities to conduct independent audit
REvil Ransomware Gang Tells All About Alliances, Revenue (Security Intelligence) The gang behind a new REvil Ransomware strain talks about Ransomware-as-a-Service and adversaries' auctions. Keep up to date on how to defend against them.
Allied Press hit by data breach (Otago Daily Times Online News) This afternoon Allied Press was contacted by Government cyber security organisation Cert NZ about a data breach affecting its ODT Archive service....
Memorial Hermann patients' personal information may have been compromised in data breach (KHOU) Med-Data notified those affected on Wednesday via a letter, which included information about the incident.
()
“Tiny Crimes” – How Minor Mistakes When Remote Working Could Lead to Major Cybersecurity Breaches (Forcepoint) Part Two - Read Part One here In this post, we'll continue our exploration of the recent study Forcepoint undertook into the shifts and changes impacting office workers under work from home mandates. Exploring whether security behaviors changed due to this shift in working patterns, we surveyed 2000 office workers in Germany and the UK, to provide insight and guidance to business and IT leaders managing remote workers during 2021.
Cyber Trends
Cybersecurity trends: Malware leads Twitter mentions in Q4 2020 (Verdict) Malware leads as Verdict lists the top five terms tweeted on cybersecurity in Q4 2020, based on data from GlobalData’s Influencer Platform.
Marketplace
Living Security Raises $14 Million for Its Human Risk Management Platform (SecurityWeek) Living Security has raised $14 million in a Series B funding round, which the company says it will use to expand and further develop its human risk management platform.
Telefonica Plots Cloud, Cybersecurity Deals to Compete With IBM (Bloomberg) Spanish group’s tech unit growing faster than core business. Division’s CEO sees no problem maintaining double-digit growth.
Chinese Researchers Earn Another $20,000 for Chrome Sandbox Escape (SecurityWeek) Researchers from Qihoo 360 have earned another $20,000 for a Chrome sandbox escape vulnerability, bringing the total earned by the Chinese company’s employees in the past year to over $150,000.
CrowdStrike CEO breaks down Zscaler partnership, cybersecurity outlook (Yahoo) Zscaler and CrowdStrike have extended zero trust security from devices to business applications. CrowdStrike CEO George Kurtz joins Yahoo Finance Live to discuss.
Denim Group Recognized for Excellence in Vulnerability Management and Application Security by Multiple Industry Awards (BusinessWire) Denim Group announces multiple award wins for product excellence, innovation and leadership in the information security industry.
Cyberbit Declares Hudson’s Bay Company as Winner of ICL: America’s Cyber Cup (BusinessWire) Cyberbit Declares Hudson’s Bay Company as Winner of ICL: America’s Cyber Cup.
Jobs boost as Hewlett Packard names Galway as European cyber security hub (Galway Advertiser) There was further good news on the jobs front for Galway yesterday (Wednesday ) when Hewlett Packard Enterprise named Galway as its European hub for cyber security operations.
ReliaQuest Announces New Board Member and Chief Marketing Officer (BusinessWire) ReliaQuest, a global leader in cybersecurity, today announced the appointment of Kara Wilson to its Board of Directors and Alex Bender as its Chief Ma
Products, Services, and Solutions
Veristor and Armis Partner to Provide Agentless Device Security for Diverse, Managed and Unmanaged Devices (Veristor) With Armis, Veristor Offers Passive Cybersecurity Asset Management, Risk Management and Automated Enforcement to Mitigate the Cyber Risk of Unmanaged and IoT Devices ATLANTA – March 31, 2021 – Veristor Systems, Inc., a trusted provider of transformative business technology solutions, and Armis®, the leading agentless device security platform, today announced a partnership to provide cybersecurity […]
DTEX Systems Unveils Enriched Insider Threat Mitigation Solution for Critical Infrastructure Entities (BusinessWire) DTEX Systems today announced enhancements to DTEX InTERCEPT for Critical Infrastructure Entities.
Veriff Releases Face Match Product to Reverify People Easily Online (News Powered by Cision) Veriff (https://www.veriff.com), a global identity verification provider released Face Match (https:
Airtel gets CERT-IN thumbs up for govt cyber security services (The New Indian Express) According to a stock exchange filing made by Airtel on Wednesday, it has been empanelled by the Computer Emergency Response Team (CERT-IN).
Cloudentity partners with Okta to deliver zero trust authorization for open banking services (Help Net Security) Cloudentity and Okta collaborate to provide AI-driven dynamic authorization and governance to help customers secure open banking services.
UKCloud | UKCloud unveils Red Hat powered cloud native platform to help UK ISVs deliver secure and specialist SaaS solutions for the UK Public Sector (RealWire) UKCloud’s latest cloud native sovereign platform enables UK ISVs to develop innovative software solutions that benefit from scale and value for money.
Capgemini : bolsters its Cyber Defense Center capabilities with Microsoft Azure Sentinel and membership in the Microsoft Intelligent Security Association (MarketScreener) Capgemini announced today the launch of its next-generation of Cyber Defense Centers including expanded intelligent security analyticsusing Microsoft Azure Sentinel.
Spectrum signs on as first Illumio partner in NZ (Reseller News) Auckland-based critical services specialist Spectrum has become the first channel partner in New Zealand for US-headquartered zero trust segmentation solution vendor Illumio.
Optiv Security Introduces Enterprise Lab Focused on IoT in IT (Financial Post) Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, today unveiled its Enterprise Internet of Things (IoT) Lab in response to a growing and ever-present pain point for client security leaders – the proliferation of IoT devices on organizational networks. Chief information security officers (CISOs) are dealing with sizeable blind spots and have expressed the clear need for support in discovering those devices and bringing them into their existing vulnerability management programs with an expanded objective of total network protection that goes beyond simple device discovery and assessment.
Palo Alto builds scale in NZ with with its channel first platform play (Reseller News) Palo Alto Networks has grown fast locally over the past 18 months as the global company pursued a partners first approach to selling its cyber security platform.
b.well and Mastercard Partner to Give Consumers Secure, Mobile Control Over Their Digital Health Information (PR Newswire) b.well Connected Health today announced a partnership with Mastercard to provide individuals a simpler and more secure way to prove their...
Salt Security Joins the MuleSoft Technology Partner Program, Delivering API Security with Frictionless Integration (PR Newswire) Salt Security, the leading API security company, today announced it has joined the MuleSoft Technology Partner Program and has contributed to...
Technologies, Techniques, and Standards
Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective (The National Counterintelligence and Security Center) The National Counterintelligence Strategy of the United States of America, 2020-2022 highlights the expanding and evolving nature of threats to U.S. critical infrastructure organizations from foreign state and non-state actors.
()
Ransomware negotiations: An inside look at the process (SearchSecurity) As ransomware attacks increase and ransom demands get larger, incident response providers are tasked with ransomware negotiations with threat actors.
Buying Breached Data: When Is It Ethical? (BankInfo Security) Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
()
DHS launching 60-day cyber sprints ahead of upcoming executive order (Federal News Network) DHS Secretary Alejandro Mayorkas said the White House is working on nearly a dozen actions as part of an upcoming cyber-focused executive order.
Army developing tool for US cities to practice cyberattack response (C4ISRNET) The bigger picture idea is for the training platform to contribute to a greater sense of cybersecurity across society.
Design and Innovation
Don’t Make This Mistake on the Journey to Passwordless Security (CSO Online) Enterprises are slowly shifting away from enterprise password use and over to more secure alternatives. But IT leaders must build a security strategy beyond these measures.
Research and Development
New code breaking record for quantum-safe cryptography (CWI) A team of CWI cryptanalysts has set a new code breaking record for the lattice shortest vector problem (SVP) - a foundation for the security of next generation public-key cryptography, designed to be secure against quantum computers.
Academia
The Convergence of Cybersecurity & Student Safety in K-12 Schools (ManagedMethods) In this episode of The K-12 Tech Experience, hosted by ManagedMethods, we are joined by Neal Richardson, Director of Technology at Hillsboro-Deering School District, to discuss the convergence of cybersecurity and student safety in K-12 schools.
Legislation, Policy, and Regulation
Analyzing the UK's Nuclear Deterrence Theory for Cyberspace (SecurityWeek) The UK's 2021 Defence Review indicates that the United Kingdom is ready to launch Trident missiles in response to a serious cyber-attack against the country.
US officials raise concern about rising Russian-Ukrainian tensions (Military Times) The Pentagon's press secretary said the U.S. government was aware of reports from the Ukrainian military of Russian troop movements on the eastern border, but he offered no details.
China hails Arab data security pact amid battle for cyber influence (South China Morning Post) Beijing finds common ground with Arab states after its proposed standards for data security failed to sway the West, which largely backed the US’ Clean Network.
Biden Administration Considers Whether To Continue Trump's Hard Line Against Huawei (NPR.org) The Biden administration is weighing whether to continue former President Trump's hard line against Chinese telecommunications giant Huawei. It's part of the broader review of China-related policies.
U.S. campaign against Huawei appears to be working, as Chinese tech giant loses sales outside its home market (Washington Post) Huawei smartphone sales and total company revenue plummet outside of China
DHS to propose 'cyber response and recovery fund' for state and local governments (CNN) The Department of Homeland Security is working on a proposal for a "cyber response and recovery fund" to provide additional cybersecurity assistance to state and local governments through the Cybersecurity and Infrastructure Security Agency, Homeland Security Secretary Alejandro Mayorkas said Wednesday.
DHS chief lays out actions to strengthen cybersecurity in wake of major hacks (TheHill) Homeland Security Secretary Alejandro Mayorkas on Wednesday issued a “call for action” to confront mounting cybersecurity threats to the federal government, laying out a plan to combat hacking efforts following two
DHS chief lays out a cybersecurity vision with a focus on ransomware and infrastructure (The Record by Recorded Future) The top official at the Department of Homeland Security announced today a series of 60-day cybersecurity “sprints” aimed at focusing the department’s efforts on ransomware.
DHS Head Vows To Call Out Nations That Foster Ransomware (Law360) The head of the U.S. Department of Homeland Security vowed Wednesday to call out foreign nations that allow ransomware attacks to flourish within their borders, as part of a push to confront a scourge of hacks viewed by federal officials as a threat to national security.
America's digital defender is underfunded, outmatched and ‘exhausted’ (POLITICO) The agency that protects the U.S. from hackers is hobbled by funding woes, a talent shortage and growing pains that are jeopardizing its ability to counter sophisticated threats.
Broken trust: Lessons from Sunburst (Atlantic Council) The Sunburst crisis was a failure of strategy more than it was the product of an information-technology (IT) problem or a mythical adversary.
Companies Must Quickly Report Hacks to U.S. Under Proposed Order (Bloomberg) Biden using cyber crisis to mandate tighter security practices. Order would require basic security practices for U.S. agencies.
After SolarWinds, Lawmakers Want Companies to Come Clean About Cyberattacks (Wall Street Journal) Companies fear liability. Privacy activists fear government overreach. Congress fears opening doors to nation-state attackers.
Sen. Young: ‘Go On Offense’ In China Tech Race; Bipartisan Bill Gathers Steam (Breaking Defense) "Some do not believe this is an appropriate role for the government..." Republican Sen. Young said in an interview. "...[B]ut, simply, the private sector and venture capital community is not up to shouldering this task on its own."
U.S. Department of Commerce's Bureau of Industry and Security Relaxes Several Classification and Reporting Requirements for Encryption Items (JD Supra) As of March 29, 2021, the U.S. Department of Commerce's Bureau of Industry and Security (BIS) has implemented significant modifications to the Export...
NSW readies state overhaul of cyber defences (InnovationAus) A NSW parliamentary inquiry has recommended an overhaul of the state government’s cybersecurity strategy and a review of its cyber policies in the wake of a serious data breach that resulted from cyber risks being ignored.
Litigation, Investigation, and Law Enforcement
Audit of Maintaining Cybersecurity in the Coronavirus Disease–2019 Telework Environment (Inspector General, US Department of Defense) The objective of this audit was to determine whether DoD Components maintained network protections during the coronavirus disease–2019 (COVID‑19) pandemic while the DoD workforce maximized the use of telework capabilities to ensure the continuity of DoD operations.
Ex-Air Force analyst pleads guilty to leaking secrets about drone program (Air Force Times) A former Air Force intelligence analyst pleaded guilty Wednesday to leaking classified documents to a reporter about military drone strikes against al-Qaida and other terrorist targets.
Former Intelligence Analyst Pleads Guilty to Disclosing Classified Information (US Department of Justice) A former intelligence analyst and former military servicemember pleaded guilty today to illegally obtaining classified national defense information and disclosing it to a reporter.
DeepDotWeb Administrator Pleads Guilty to Money Laundering Conspiracy (US Department of Justice) An Israeli national pleaded guilty today for his role in operating DeepDotWeb (DDW), a website that connected internet users with Darknet marketplaces, where they purchased illegal firearms, malware and hacking tools, stolen financial data, heroin and fentanyl, and other contraband.
Microsoft cyber attack could trigger thousands of insurance claims (Business Insurance) Cyber risk analytics firm CyberCube Analytics Inc. has warned insurers and reinsurers to brace for a long-tail of potential attritional claims resulting from the recent cyber attacks on Microsoft Exchange servers.
Dutch Data Protection Authority Fines Booking.com Over Incident Notification (SecurityWeek) The Dutch Data Protection Authority has fined Booking.com half a million dollars for not reporting a 2018 data breach within the required 72 hours.
BREAKING: High Court Backs Narrow Autodialer Ban In Facebook Text Row (Law360) The U.S. Supreme Court on Thursday sided with Facebook's argument that the Telephone Consumer Protection Act narrowly covers only random-fired calls and texts to cellphones, in a ruling that's expected to significantly reduce the swell of class action litigation that's emerged under the statute.
US Sens. Back Calif.'s Donor Info Law Before Supreme Court (Law360) California's law requiring charities to disclose donor tax information is substantially related to an important state interest in regulating nonprofits and is constitutional, a group of U.S. senators told the U.S. Supreme Court on Wednesday.
NSW readies state overhaul of cyber defences - InnovationAus (InnovationAus) A NSW parliamentary inquiry has recommended an overhaul of the state government’s cybersecurity strategy and a review of its cyber policies in the wake of a serious data breach that resulted from cyber risks being ignored.
3 Cybersecurity Questions To Ask Before A Remote Mediation (Law360) Lawyers preparing to mediate or arbitrate a case through videoconference should take steps to ensure they and their alternative dispute resolution providers are employing reasonable security precautions to protect digital client data and conform to confidentiality obligations, say F. Keith Brown and Michael Koss at ADR Systems.
Cybersecurity Co. Owed $25M From Patent License Row (Law360) A Virginia federal judge granted a bid Wednesday from cybersecurity company Vir2us Inc. for an award of more than $24.6 million from cloud-enabled cybersecurity firm Sophos Inc. for disputed patent royalty payments born out of a 2016 settlement agreement.
Kansas man faces charges for hacking into & shutting down water supply cleaning systems (KSNT News) An Ellsworth County man is facing federal charges after the Acting U.S. Attorney said he tampered with a Kansas public water system. Wyatt A. Travnichek, 22, o…