Cyber Attacks, Threats, and Vulnerabilities
How to check if your info was exposed in the Facebook data leak (BleepingComputer) Data breach notification service Have I Been Pwned can now be used to check if your personal information was exposed in yesterday's Facebook data leak that contains the phone numbers and information for over 500 million users.
533 million Facebook users' phone numbers and personal data have been leaked online (Insider) The personal data of over 500 million Facebook users has been posted online in a low-level hacking forum. The data includes phone numbers, full names, location, email address, and biographical information. Security researchers warn that the data could be used by hackers to impersonate people and commit fraud.
Facebook Data on 533 Million Users Reemerges Online for Free (Bloomberg) Data include phone numbers, names, locations, birth dates. Personal information posted online for free on Saturday.
533 million Facebook users’ phone numbers, personal information exposed online, report says (Washington Post) Personal information on more than 500 million Facebook users — previously leaked and now made more widely available — was shared online Saturday, according to the news site Insider, worrying experts who said the compromised data could make people more vulnerable to fraud.
Phone numbers for 533 million Facebook users leaked on hacking forum (The Record by Recorded Future) A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network's user pool— on a publicly accessible cybercrime forum.
Facebook data leak: Australians urged to check and secure social media accounts (the Guardian) Experts urge users to secure accounts and passwords after breach exposes personal details of more than 500 million people
ACLU, a defender of digital privacy, reveals that it shares user data with Facebook (Fortune) The American Civil Liberties Union updated its privacy statement to reveal that shares user data with third parties.
US says APTs are using Fortinet bugs to gain initial access for future attacks (The Record by Recorded Future) In a joint security alert published today, on Friday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said they'd observed multiple state-sponsored hacking groups scanning the web for Fortinet devices in order to find and gain access to sensitive networks so they could launch future attacks.
FBI and CISA warn of state hackers attacking Fortinet FortiOS servers (BleepingComputer) The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits.
APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks (IC3 Joint Cybersecurity Advisory) In March 2021 the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks. APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements, and disinformation campaigns.
Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms (SecurityWeek) Nine vulnerabilities, all with a CVSS score of 10, have been found in the FactoryTalk AssetCentre product from Rockwell Automation.
As ransomware stalks the manufacturing sector, victims are still keeping quiet (CyberScoop) Halvor Molland was asleep on a brisk night in Oslo, Norway’s capital, two years ago when his phone rang around 3 a.m. The computer servers of Norsk Hydro, the global aluminum producer where Molland is senior vice president for communications, had seized up as a crippling ransomware infection spread through the company’s networks.
The “Fair” Upgrade Variant of Phobos Ransomware (Morphisec) The Morphisec incident response team identified a new FAIR variant of the Phobos ransomware.
Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices (SecurityWeek) Tens of thousands of QNAP SOHO NAS devices potentially impacted by unpatched RCE flaws that allow attackers to completely take over vulnerable devices using simple reverse shells.
AMD Zen 3 CPUs vulnerable to Spectre-like attacks via PSF feature (The Record by Recorded Future) US chipmaker AMD advised customers last week to disable a new performance feature if they plan to use CPUs for sensitive operations, as this feature is vulnerable to Spectre-like side-channel attacks.
GitHub investigating crypto-mining campaign abusing its server infrastructure (The Record by Recorded Future) Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company's servers for illicit crypto-mining operations, a spokesperson told The Record today.
Phishing Phails: When Cybercriminals Don't Get It "Right" (GreatHorn) At GreatHorn, we spend most of our time and effort on the most sophisticated email attacks that are threatening organizations and end users. Let's take a little break and share a few comical "phails" that caught our eyes.
Kansas Water Utility Attack Underscores Security Limitations in Municipalities (Decipher) An indictment this week resulting from a 2019 intrusion at a Kansas water utility highlights the budgetary and technical limitations utilities face.
Water Supply Hacks Are a Serious Threat—and Only Getting Worse (Wired) An ex-employee allegedly tampered with a Kansas water system. It was too easy, and it's happening too often.
Criminals send out fake “census form” reminder – don’t fall for it! (Naked Security) Don’t fall for fake text messages, no matter how realistic the website looks if you click through.
Wieden+Kennedy Employees Exposed to a Data Breach (Willamette Week) Ransomware attack hit a data vendor that works indirectly with the Portland ad agency.
Personal data of 30,000 users of NTUC's e2i training and job matching services may have been breached (The Straits Times) A malware had infected the mailbox of an employee of an e2i-appointed third party vendor.. Read more at straitstimes.com.
Florida School District Hit with 'Bizarre' $40M Ransomware Demand (Insurance Journal) The computer system of one of the nation's largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in
Qualys : Update on Accellion FTA Security Incident (MarketScreener) Update April 2, 2021 to the March 3 original blog post: As part of our commitment to keeping customers and the community informed about how we are addressing and resolving... | April 5, 2021
Stanford, University Of California Targeted In Widespread Ransomware Cyber Attack (CBS Local San Francisco) University of California and Stanford officials have confirmed that they were among the universities nationwide that have been targeted by a massive cyber ransomware attack.
Brown University hit by cyberattack, some systems still offline (BleepingComputer) Brown University, a private US research university, had to disable systems and cut connections to the data center after suffering a cyberattack on Tuesday
University of California victim of ransomware attack (TheHill) The University of California (UC) said Wednesday that it was the victim of a ransomware attack.
University of California victim of nationwide hack attack (ABC News) The University of California is warning students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide
UC Berkeley confirms data breach, becomes latest victim of Accellion cyber-attack (The Daily Swig) File transfer vendor suffered a cyber intrusion in January
Update on Accellion Cyberattack (UC Davis) The UC Office of the President distributed the following update by email today (April 2) about the Accellion cyberattack and what people should do to protect themselves.
DeKalb’s anti-eviction program a victim of cyber attack (Champion) DeKalb County’s Department of Innovation and Technology became aware of an attempted data breach on the county’s Tenant-Landlord Assistance Coalition program March 24.
Bookchor data breach of over 5 lakh users: What we know so far (OpIndia) A threat actor has claimed that he has breached Bookchor database in February and downloaded personal information of over 5 lakh users. | OpIndia News
Vaccine Passports: Ticket to a ‘Normal’ Summer or Serious Privacy Threat? (Money) “Do I really want Krispy Kreme to have my raw health information?”
Security Patches, Mitigations, and Software Updates
SecureDrop Workstation Gets Post-Audit Security Refresh (SecurityWeek) A third-party audit financed by the New York Times discovers a high-risk vulnerability but overall gives Securedrop Workstation a positive security bill of health.
Apple Rejecting Apps With Fingerprinting Enabled As iOS 14 Privacy Enforcement Starts (Forbes) Apple is rejecting updates to apps that conflict with its new privacy policies in iOS 14, signaling that it is now getting serious about privacy enforcement.
For small business, cyber-security is as important as it is intimidating (Concord Monitor) One of the difficulties in getting people like you – and I suppose me, too – to be on guard against bad guys online, is that we are not quite as clever as we think.“In graduate school, I worked in a computer lab managing systems, and what fascinated...
Financial Sector Remains Most Targeted by Threat Actors: IBM (SecurityWeek) Adversaries have intensified the targeting of manufacturing and energy sectors in 2020, while decreasing focus on retail and telecommunications.
Kaspersky: over half of ransomware victims paid off attackers in 2020 (Gulf Business) Study says only 17% of the victims got all their data back
One-Third of Organizations Take No Action After Detecting a Cyber Attack (Security Boulevard) ZDNet recently wrote about some new statistics from the annual Cyber Security Breaches Survey from the Department for Digital, Culture, Media and Sport (DCMS).
Cybersecurity firm Darktrace finalising plans for £3bn stock market listing (Yahoo) The company is finalising plans for a £3bn ($4.2bn) stock market listing just days after Deliveroo’s dire London debut.
3 Top Cybersecurity Stocks to Buy in April (The Motley Fool) All three of these companies look like long-term winners.
CrowdStrike: Top Dog In Cybersecurity (Seeking Alpha) CrowdStrike is an innovator in cybersecurity. The company has developed multiple moats to stave off competition from competitors.
Inside the spyware firm that came in from the cold (The Telegraph) The boss of the world’s best-known cyber mercenary company wants to step out of the shadows and engage with its critics
Minerva Labs Named Winner of Six Gold Cybersecurity Excellence Awards (BusinessWire) Minerva Labs, a leading provider of active, pre-execution endpoint threat prevention platform, today announced that it has been named the Gold Winner
US sanctions are squeezing Huawei, but for how long? (Ars Technica) Huawei's growth slowed in 2020, as it had trouble securing the state-of-the-art chips.
China’s Huawei confident of making it to India's trusted gear vendor list (ETTelecom.com) “We think about what is logic [behind it] and what is possible. We don’t think Huawei will be blocked. We think this [trusted list] benefits the I..
$400B China-Iran Deal Includes a $Billion 4G-5G Network, Most Likely Huawei (Circle ID) China has agreed to buy $16 billion/year of Iranian oil in what amounts to a barter arrangement for Chinese goods. Telecommunications is specifically included, with a $billion or more for an upgraded mobile system. Huawei & ZTE will probably split the contract. Iran's population is 84 million, about the same as Germany or Turkey. That's as much as Ireland, Norway, Finland, Denmark, Switzerland, Austria, Sweden, Belgium, and the Netherlands combined. Nothing's announced, but it will be a big deal.
Kroll—Including Duff & Phelps Business—Announces 31 Managing Director Promotions (Kroll) Kroll today announced that the firm has promoted 31 colleagues to the managing director level.
Products, Services, and Solutions
Code42 Expedites Insider Risk Response Using Automated Slack Workflows (BusinessWire) Code42 is offering security analysts a new automated workflow in Slack that speeds alert triage and response to Insider Risk events.
Volante Global launches standalone ransomware solution (Insurance Business) Unique solution underpinned by a multi-layered offering
IRONSCALES Achieves Top-Tier Status with Microsoft Co-Sales Team (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced the expansion of their Microsoft partnership. As a newly-selected member of the One Commerc
Technologies, Techniques, and Standards
Using Infrared for Hardware Control (Black Hills Information Security) Infrared technology has been around for a very long time and is a wireless technology used in devices that convey data by way of Infrared radiation. Infrared is electromagnetic radiation (EMR) with a wavelength just beyond the visible light spectrum.
Four Tenets of Zero Trust Workload Protection (Virsec) To better protect our enterprise systems, the Zero Trust model must be re-defined and expanded to cover applications and cloud workloads during runtime.
DIB-VDP Pilot (DC3) The official website for Department of Defense Cyber Crime Center
Design and Innovation
IBM bets homomorphic encryption is ready to deliver stronger data security for early adopters (VentureBeat) Homomorphic encryption enables computing on data while it remains encrypted. IBM believes this will unlock a new generation of services.
Army posts BEAGLE RFP | Intelligence Community News (Intelligence Community News) The U.S. Army posted a request for proposals for the Behavioristic Electromagnetic Spectrum Assessment General Learning Engine (BEAGLE).
Legislation, Policy, and Regulation
Myanmar’s Internet Shutdown Is an Act of ‘Vast Self-Harm’ (Wired) On Friday the military junta shut off connectivity across the country. There’s no sign of when it will return.
Cyber attacks new war frontier: Dutton (Yahoo) New Defence Minister Peter Dutton believes cyber attacks are the new war frontier faced by countries around the world.As Mr Dutton was being switched from his long-time ministry of Home Affairs last week, the Nine Network suffered the largest cyber attack on a media company in history, while Parliament House had to pull the plug on the federal email system.
Apple forced to offer Russian iPhone users local apps at setup thanks to new law (The Verge) ‘In compliance with Russian legal requirements, continue to view available apps to download.’
In Russia, iPhone Apps Install You (Daring Fireball) It’s quite a thing that Russia’s “law against Apple” allows for more transparency to users than Apple’s own App Store rules.
The UK Is Trying to Stop Facebook's End-to-End Encryption (Wired) The government's latest attack is aimed at discouraging the company from following through with its planned rollout across platforms.
Arbitration to gain from Qatar’s efforts on cybersecurity, says QICCA official (Gulf-Times) The creation of a national agency for cybersecurity stresses the importance that Qatar is placing on efforts to protect data privacy in all sectors, an official of the Qatar International Centre for Conciliation and Arbitration (QICCA) has said.
Biden struggling to fill DOJ job that could rein in Silicon Valley (POLITICO) White House ethics officials are raising objections about DOJ antitrust candidates who have represented companies complaining about major tech companies, particularly Google.
US looks to keep critical sectors safe from cyberattacks (Tampa Bay Times) The public-private partnership reflects the administration’s concerns about the vulnerability of vital systems, including the electric grid and water treatment plants.
When a Fish Tank Beat the House (Propmodo) New governmental IoT protocols aim to prevent hacks of the past
WSJ News Exclusive | U.S. Senators Ask Digital-Ad Auctioneers to Name Foreign Clients Amid National-Security Concerns (Wall Street Journal) A bipartisan group of lawmakers is asking questions about the inner workings of digital advertising amid worries the industry’s user-targeting capabilities could pose a threat to national security.
More Surveillance Isn’t the Answer to the SolarWinds Hack (EIN News) An extensive hacking campaign, purportedly conducted by Russian hackers, has infected the computer systems of numerous U.S. government agencies, critical
DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack (Nextgov.com) The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector.
Litigation, Investigation, and Law Enforcement
Supreme Court Rules for Google in Multibillion-Dollar Copyright Battle With Oracle (Wall Street Journal) The Supreme Court on Monday ruled Google isn’t liable to Oracle for copyright infringement based on how it built its Android smartphone-operating system.
Police bust 'world's biggest' video-game-cheat operation (BBC News) Chinese police seize a collection of luxury sports cars in the raid.
How America’s surveillance networks helped the FBI catch the Capitol mob (Washington Post) Federal documents detailing the attacks at the U.S. Capitol show a mix of FBI techniques, from license plate readers to facial recognition, that helped identify rioters. Digital rights activists say the invasive technology can infringe on our privacy.