Cyber Attacks, Threats, and Vulnerabilities
COVID-19 Phishing With a Side of Cobalt Strike (Domain Tools) Multiple adversaries, from criminal groups to state-directed entities, engaged in malicious cyber activity using COVID-19 pandemic themes since March 2020.
AP Says It Experienced Unprecedented Cyber "Attacks" During 2020 Election (Zero Day) These included 10,000 daily phishing attempts and an average of 1.8 million web-based “attacks” per month.
Splunk BrandVoice: Top 10 Ways Cybercrooks Are Targeting Your Data In 2021 (Forbes) This research feeds into Splunk’s Top 50 Security Threats.
Ubiquiti confirms extortion attempt following security breach (BleepingComputer) Networking device maker Ubiquiti has confirmed that it was the target of an extortion attempt following a January security breach, as revealed by a whistleblower earlier this week.
Ubiquiti confirms it was the target of an extortion attempt, but nothing more (The Record by Recorded Future) Networking equipment and IoT device vendor Ubiquiti Networks released a statement late last night confirming some of the details surrounding a 2020 data breach, details that were exposed earlier this week by a whistleblower involved in the investigation.
Ubiquiti Shares Dive After Reportedly Downplaying 'Catastrophic' Data Breach (SecurityWeek) Ubiquiti shares fell after a whistleblower claimed that a recent data breach was far more serious than the company told customers.
Twitter temporarily locks account of researcher who first claimed MobiKwik data breach (Entrackr) Security researcher who was first to claim on Twitter a security breach suffered by MobiKwik, found that his account was restricted by Twitter
Cybereason vs. DarkSide Ransomware (Cybereason) DarkSide ransomware follows the double extortion trend where the threat actors first exfiltrate the data and threaten to make it public if the ransom demand is not paid, rendering backing up data as a precaution against a ransomware attack moot...
VMware vROps Flaws Can Provide 'Unlimited Opportunities' in Attacks on Companies (SecurityWeek) Exploitation of a couple of vulnerabilities in VMware vRealize Operations can give attackers unlimited opportunities to carry out further attacks on a company's infrastructure.
Cyber-security ‘extortionware’ whereby hackers embarrass victims to ransom. (Technomag) Cyber-security companies are warning about the rise of so-called ‘extortionware’ where hackers embarrass victims into paying a ransom.
When a Legitimate Pension Fund Uses Fraudulent Phishing Tactics (Avanan) A legitimate pension fund is using fraudulent phishing tactics to gin up business in improper ways.
5G Network Slicing Vulnerabilities Risk DoS, Location Tracking, and more (Latest Hacking News) Due to weak authentication, exploiting the 5G network slicing vulnerabilities allow location tracking, dos attacks, stealing sensitive data.
()
In a rare step, Activision warns CoD players of malware hidden in cheat apps (The Record by Recorded Future) In a rare step for a company that seldomly issues security warnings, gaming giant Activision published research yesterday detailing how cybercriminals are hiding malware inside Call of Duty: Warzone cheats, warning users to stay away from such offers.
Staff bank account numbers and addresses compromised in major data breach at global consultancy with Edinburgh office (Edinburgh News) Staff working at a global consultancy firm with an office near Edinburgh have had their personal details - including bank account numbers, addresses and names - compromised following a major cyber security attack.
Hackers Hit Italian Menswear Brand Boggi Milano With Ransomware (Bloomberg) Ragnarok hacking group says it stole 40 gigabytes of data. FBI says $144 million paid to hackers as ransom in 2013-2019.
Memorial Hermann patients' personal data may have been compromised, hospital says (ABC13 Houston) The hospital said this may have compromised some patients' personal data, including medical records and social security numbers.
Even the Best Fall Down Sometimes: Nine Network Suffers Large-Scale Cyber Attack (The National Law Review) Channel Nine has suffered the largest cyber attack on a media company in Australia’s history, according to reports from IT News, the AFR and Nine News.
The cyber attack, r
Higher Ed Sees an Increased Number of Malware Attacks Demanding Payment (IBL News) The FBI issued a warning about the increase in cyberattacks targeting higher education, K-12 schools, and seminaries in 12 U.S. states and the United Kingdom.
UC Targeted In Nationwide Cyber Attack; People Urged To Beware Of Threatening Emails (CBS Local - Sacramento) The University of California is warning its workers and students about a national cybersecurity attack targeting one of their systems.
UC Davis hit by cyberattack - Davis Enterprise (Davis Enterprise) Worldwide extortion scheme has targeted universities, government agencies and corporations UC Davis and other University of California campuses…
Nationwide cybersecurity attack compromises UC employee data (The Daily Californian) Following a cyberattack on the file transfer service used in the UC Office of the President, or UCOP, system, personal UC employee data was released to the public.
University of Maryland, Baltimore says private data was published online following ransomware attack (Baltimore Sun) The University of Maryland, Baltimore has learned that student and staff’s private information was posted on the internet this week after a ransomware group breached system security measures in December.
Hackers leak Social Security numbers, student data in massive data breach | The Stanford Daily (The Stanford Daily) The leaked Stanford data is part of a data breach affecting numerous businesses and universities that targeted a widely-used file transfer service, Accellion, used by the University.
Experts Weigh In on Fallout From HBS Data Breach (Harvard Crimson) Following a data breach of the Harvard Business School’s secure file transfer system in December, experts said they foresee ongoing consequences for the system’s users.
International hackers target DeKalb County program in cyberattack (CBS46 News Atlanta) DeKalb County Government opened a criminal investigation after an international cyberattack targeted one of the county’s programs to help renters.
Large Florida school district hit by ransomware attack (ABC News) The computer system of one of the nation’s largest school districts was hacked by a criminal gang that demanded $40 million in ransom or it would erase files and post students’ and employees’ personal information online
Red Canary 2021 Threat Detection Report - MITRE ATT&CK® Techniques (Red Canary) Our Threat Detection Report takes a close look at the most prevalent techniques & threats to help security teams focus on what matters most.
Security Patches, Mitigations, and Software Updates
Google to restrict Android apps from viewing other apps installed on the same device (The Record by Recorded Future) Google has announced plans today to restrict the ability of Android apps from seeing what other applications are installed on the same device, citing privacy and security reasons.
()
Rockwell Automation FactoryTalk AssetCentre (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: Rockwell Automation
Equipment: FactoryTalk AssetCentre
Vulnerabilities: OS Command Injection, Deserialization of Untrusted Data, SQL Injection, Improperly Restricted Functions
2.
Cyber Trends
Navigating Cyber 2021 (FSISAC) FS-ISAC, the global fincyber utility, releases its report on cyber threats in 2020 and predictions for 2021 and beyond.
Cyberinc Cyber Insights 2021 Reveals that Human Error is Five Times More Likely to Cause a Breach than Other Sources (Cyberinc) End User Survey Highlights the Need to Adopt Novel Zero Trust Technologies like Browser Isolation to Combat Ransomware and Other Malware Attacks
State-backed Cyber Attacks Pose Dangerous Threat to Business (PRWeb) Messaging Architects, an eMazzanti Technologies Company and cybersecurity expert explores state-backed cyber attacks in a new article. The informative article
Banks remain target of cyberthreats; scams, misinformation about virus, vaccines will dominate cyberspace (Yahoo) CYBERTHREATS will continue to challenge the banking and financial sector as countries in Southeast Asia keep on fighting the spread of Covid-19 and roll out vaccines in different phases.Kaspersky’s said
Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It (Dark Reading) Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?
Marketplace
Cybersecurity M&A Roundup: 40 Deals Announced in March 2021 (SecurityWeek) Tens of cybersecurity-related mergers and acquisitions were announced in March 2021, including by KnowBe4, Fortinet, IronNet, Lookout, Recorded Future and VMware.
The 10 most powerful cybersecurity companies (CSO Online) What makes these 10 security vendors the biggest power players? We break it down.
Air Force asks industry for next-generation cyber security to safeguard military computers and networking (Military & Aerospace Electronics) Researchers want cyber technologies that repel attacks by enabling technologies to survive attacks by re-provisioning resources as necessary.
Cybersecurity: What are the hottest sectors in Israel? (CTECH) Cyber threats reached new highs due to the Covid-19 pandemic, accelerating security innovation and adoption
Tech company seeks $100 million with IPO (Business Observer) Not long after being valued at $1 billion, fast-growing area tech company — with more than $100 million in losses in three years — looks to score big with an IPO.
Kintent raises $4M seed round to simplify cybersecurity compliance with AI (SiliconANGLE) Kintent raises $4M seed round to simplify cybersecurity compliance with AI - SiliconANGLE
Blockchain Fund Draper Goren Holm to Invest in the Tezos Ecosystem (Draper Goren Holm | Blockchain Venture Studio) Draper Goren Holm early-stage venture fund looking to incubate startups building on Tezos.
IN BRIEF: Intercede wins USD3 million order from US Federal Government (MorningstarUK) Intercede Group PLC - cybersecurity software firm with offices in US state of Virginia and ...
Protek Garners "Top 10 Digital Forensics Service Company" Award by Enterprise Security Magazine (PR Newswire) Protek International, a nationally recognized leader in digital forensics, cyber security, and e-discovery services has been named a 2021 "Top...
K2 Cyber Security Wins Gold for Runtime Application Self-Protection in the 2021 Cybersecurity Excellence Awards (BusinessWire) K2's RASP solution protects web applications from zero day, OWASP Top 10, and memory-based attacks, with virtual patching of existing vulnerabilities
Palo Alto Networks Poised For Serious Long-Term Gains (Yahoo) With hackers always on the prowl and increasingly sophisticated enterprise network operating environments, including traditional networks, public clouds, and private clouds, the need for advanced, responsive cybersecurity isn’t going to diminish any time soon, and the SolarWinds (SWI) breach in late 2020 only underlined how emerging vulnerabilities can be exploited.
Bug Bounty Radar // The latest bug bounty programs for April 2021 (The Daily Swig) New web targets for the discerning hacker
Full steam ahead for Darktrace IPO as top team blossoms (BusinessWeekly) Cambridge-based cyber security world leader Darktrace has further strengthened its top team in preparation for its upcoming multi-billion dollar IPO. The float date in the UK will be announced imminently as Darktrace continues to dominate the cyber-security sector through big-money contracts from the people to the Pope! Darktrace has contracts with some of the world’s leading
Darktrace Appoints James Sporle as General Counsel (PR Newswire) Darktrace, a leading autonomous cyber security AI company, today announced that it has appointed James Sporle as General Counsel and Company...
Dana Barnes, Public Sector SVP at Palo Alto Networks, Receives First Wash100 Award (GovCon Wire) Looking for the latest GovCon News? Check out our story: Palo Alto Networks' Dana Barnes receives first Wash100 Award. Click to read more!
ABA Names Benda SVP for Operational Risk and Cybersecurity (American Bankers Association) The American Bankers Association has named Paul Benda as its senior vice president for operational risk and cybersecurity.
NTT Security CEO Matt Gyde Exits After Building Services Giant (CRN) NTT Security CEO Matt Gyde resigned Wednesday after creating one of the largest security solution provider businesses in the world over the past 15 years.
Products, Services, and Solutions
TalaTek Selected by CMMC-AB as One of the First CMMC Third-Party-Assessor-Approved Organizations (TalaTek, LLC) TalaTek, an integrated risk management firm, today announced that it is one of the first organizations to be accredited as a Certified Third-Party Assessor organization (C3PAO) by the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB).
OM2200 NetOps Console Server Products now with 10GbE Interfaces and 1GbE Ethernet Ports (OpenGear) The first NetOps console server with both Smart Out-of-Band management and advanced automation tools, featuring support for 10GbE network infrastructure as well as 24-port serial and 24-port 1GbE Ethernet
Winding Tree launches ORGiD Bot, streamlining digital identity verification between blockchain businesses | ReBlonde | PR system (Reblonde) Winding Tree, the Ethereum-powered travel distribution channel, launches ORGiD Bot, an open-source registry that provides real-time identification and verification of companies and their representatives.
Yotta Extends Infrastructure and Cloud-Hosted Workload Protection Via Partnership with Virsec (Virsec) Virsec will provide advanced application protection for Yotta's customers in India, making it the company's largest data center partnership to date.
WISeKey’s WISfans.com Platform to Launch Physical and Digital Collectibles Non-Fungible Tokens (NFT) in Football (GlobeNewswire) WISfans was originally deployed by famous soccer clubs such as Real Madrid, Flamingo and FC Barcelona and has expanded to other sports competitions including the Americas Cup
Jean-Claude Biver and Carlos Moreira, CEO of WISeKey Successfully Launched the World’s First NFT Auction of a Luxury Watch (GlobeNewswire) Where auctions are already soaring for works of art and intangibles, never before has a luxury watch been the subject of an NFT (Non-Fungible Token) sale.
Technologies, Techniques, and Standards
After Hack, Officials Draw Attention to Supply Chain Threats (SecurityWeek) The U.S. government is calling attention to supply chain vulnerabilities, after suspected Russian hackers gained access to federal agencies and private corporations by sneaking malicious code into widely used software.
April is National Supply Chain Integrity Month (CISA) Week 1: Building Collective Supply Chain Resilience
Authored by: National Risk Management Center
NCSC and Partners Launch “National Supply Chain Integrity Month” in April: A Call-to-Action Campaign to Raise Awareness of Supply Chain Threats and Mitigation (NCSC) NCSC and Partners Launch “National Supply Chain Integrity Month” in April:A Call-to-Action Campaign to Raise Awareness of Supply Chain Threats a...
SolarWinds attack and the importance of a risk-based approach to cybersecurity (Federal News Network) The threats will only become more sophisticated, multifaceted, and well-orchestrated. Organizations must do the same with their security postures.
Communication is Crucial in the Fight Against Phishing Scams (Infosecurity Magazine) What communication strategies should orgs employ to mitigate against the risk of phishing scams?
FactoryTalk AssetCentre Vulnerabilities Uncovered by Claroty (Claroty) Claroty has uncovered nine critical FactoryTalk AssetCentre vulnerabilities that allow for remote code execution.
Phishing Tests Are Necessary. But They Don’t Need to Be Evil. (Harvard Business Review) Three ways to maintain cybersecurity without jeopardizing employee trust.
The importance of quantifying cyber risk (Security Info Watch) Most businesses don’t know their exposure to cyber events until its too late
Splunk BrandVoice: 5 Key Ways CISOs Can Accelerate The Business (Forbes) Today’s security leader is also a business executive. Here’s how to thrive in both roles.
New CISOs should focus more on people and less on tech (SC Media) New research indicates that newly hired CISOs are best served by initially focusing attention on their workforce, not systems and processes.
4 Kinds of Insider Threats — and How to Minimize Them (Built In) Think gamified training, password managers and anomaly detection.
What Is DevSecOps, Anyway? (Defense One) How one company used it to accelerate improvements to an Air Force cyber defense program.
Hacked companies had backup plans. But they didn't print them out before the attack. (ZDNet) New NCSC chief says businesses need to take cybersecurity more seriously.
Design and Innovation
Who Criticizes the Tech Critics? A Meta Talk With Carole Cadwalladr and Yael Eisenstat (Medium) The ‘Real Facebook Oversight Board’ members discuss tech criticism, Cambridge Analytica, and how Facebook can begin to right its wrongs
Research and Development
Could Latvia become NATO’s 5G military test hub? (C4ISRNET) In November, the Baltic nation turned one of its bases into a 5G hub for military testing, and it plans to do more.
Legislation, Policy, and Regulation
China’s Unrestricted War on India (Foreign Affairs) Beijing Bullies Its Neighbor By Unconventional Means
Myanmar orders wireless internet shutdown until further notice: telecoms sources (Reuters) Myanmar's military rulers have ordered internet service providers to shut down wireless broadband services until further notice, several telecoms sources said on Thursday.
Russia now requires all smartphones and devices in the country to have Russian software preinstalled (Business Insider) Reuters said Russia viewed the new law as a way to help Russian software companies compete with international ones.
Punitive Response to SolarWinds Would Be Misplaced, But Cyber Deterrence Still Matters (Russia Matters) In a recent Russia Matters article, Paul Kolbe argues that the United States should respond to the SolarWinds breach by focusing on improving defenses, rather than on conducting a retaliatory response such as some government officials have been advocating.
Biden rebuilds cybersecurity alliances but risks creating a techno-democratic clique (East Asia Forum) Under Donald Trump, US global leadership on cyber issues came to a screeching halt. But ‘America is back’ under President Joe Biden. Observers can expect sensible, expert-crafted policy that unpicks the policy discord while maintaining the previous administration’s focus on technology competition and trusted networks.
DHS secretary Outlines Biden Administration’s Cybersecurity Vision (Infosecurity Magazine) DHS secretary Alejandro Mayorkas spoke during RSAC webcast
DHS Secretary Outlines 60-Day Cybersecurity Recovery Plan (Government Technology) Department of Homeland Security Secretary Alejandro Mayorkas outlined the steps the agency and the Cybersecurity and Infrastructure Security Agency would take to close cybersecurity gaps during the RSA conference Wednesday.
CISA gives agencies 90 days to further harden networks against Microsoft email threat (Federal News Network) The Cybersecurity and Infrastructure Security Agency released a supplement to its March 3 emergency directive outlining new steps agencies need to take.
Homeland Security Orders Cyber 'Sprints' as Part of U.S. Plan Against Hacks (Insurance Journal) The U.S. Department of Homeland Security is undertaking a series of "sprints" to enhance American cybersecurity in the wake of major attacks. "I am
Ransomware top US cyber priority: DHS secretary (Business Insurance) Department of Homeland Security Secretary Alejandro Mayorkas said on Wednesday that dealing with ransomware will be a top priority, highlighting the growing threat of the data-scrambling software.
What does the White House’s infrastructure plan mean for federal agencies? (Federal News Network) In today’s Newscast, the president wants to set aside $18 billion to repair and modernize VA facilities, and also invest $10 billion in other federal buildings.
After SolarWinds, Lawmakers Want Companies to Come Clean About Cyberattacks (Wall Street Journal) Companies fear liability. Privacy activists fear government overreach. Congress fears opening doors to nation-state attackers.
SolarWinds Hack Shows Why We Need a National Cyber Director (Government CIO) An Atlantic Council leader advocates for greater empowerment of the CISO role.
Rob Joyce Named to New Cyber Position at NSA/CSS (Merialk) Rob Joyce has been named director and deputy national manager for national security systems at Cybersecurity Directorate within the National Security Agency’s (NSA) Central Security Service (CSS).
Litigation, Investigation, and Law Enforcement
Days before Puducherry polls, HC directs UIDAI to probe into data breach (The New Indian Express) The court also made it clear that the ECI should deal with the perceived breach of code of conduct without putting a lid on the issue, and a separate probe initiated against the party should go on.
Data breach allegations: RBI orders forensic audit of Mobikwik systems (India TV News) The Reserve Bank has asked troubled digital wallet firm Mobikwik, which is facing data breach allegations, to get a forensic audit done without any delay.
ALEXANDER YURYEVICH KORSHUNOV | Federal Bureau of Investigation (Federal Bureau of Investigation) Conspiracy to Commit Theft of Trade Secrets; Attempted Theft of Trade Secrets
Protracted Battle Over Privacy Fine Batters Dutch Soccer-Streaming Company (Wall Street Journal) Companies say glacial pace of European data-privacy investigations and fines can leave businesses in limbo as they wait for final rulings. Regulators say they are too understaffed and under-budgeted to move any faster.
Militia extremists deploy strategies to work around social media crackdown, warns DHS (ABC7 Los Angeles) Anti-government extremists are working to circumvent recent social media clampdowns in order to continue recruiting new members, the Department of Homeland Security says.
Supreme Court rules Facebook's automated text system doesn't count as robocalling, handing major win to people who want to spam your phone (Business Insider) The US Supreme Court ruled that Facebook's text alerts on suspicious login attempts do not qualify as illegal robocalls.
Google's 'Teacher approved' apps mislead on kids' privacy, activists tell FTC (Reuters) Two advocacy groups on Wednesday called on the U.S. Federal Trade Commission (FTC) to investigate whether apps that Google's Play Store labels as "Teacher approved" are unlawfully collecting personal data without parental consent to target ads at children.
These Companies Track Millions Of Cars—Immigration And Border Police Have Been Grabbing Their Data (Forbes) Federal agencies have been able to tap data from General Motors OnStar, as well as fleet-tracking companies Geotab and Spireon.