Attacks, Threats, and Vulnerabilities
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise (FireEye) Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild.
Hackers go after SonicWall email appliances with three zero-days (The Record by Recorded Future) A hacking group has used three zero-day vulnerabilities impacting SonicWall products to breach corporate networks and install backdoors, security firm FireEye said in a report on Tuesday.
Security Notice: SonicWall Email Security Zero-Day Vulnerabilities (SonicWall) Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.
SonicWall warns customers to patch 3 zero-days exploited in the wild (BleepingComputer) Security hardware manufacturer SonicWall is urging customers to patch a set of three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products.
Hackers use previously unknown vulnerability to target SonicWall customers (KFGO) Hackers have targeted customers of California-based network services firm SonicWall via a previously undisclosed vulnerability in its email security product, the company and cybersecurity firm FireEye said T...
China-linked hackers used VPN flaw to target U.S. defense industry -researchers (Reuters) At least two groups of China-linked hackers have spent months using a previously undisclosed vulnerability in American virtual private networking devices to spy on the U.S. defense industry, researchers and the devices' manufacturer said Tuesday.
US Agencies, Defense Companies Hacked Via VPNs (Breaking Defense) Threat actors are targeting one newly discovered and three previously known vulnerabilities in Pulse Connect Secure enterprise VPNs, according to a CISA emergency directive and alert, as well as blog posts by FireEye and Ivanti. "There is no indication the identified backdoors were introduced through a supply chain compromise of the company's network or software deployment process," FireEye noted.
Pulse Secure VPN zero-day used to hack defense firms, govt orgs (BleepingComputer) Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks.
Pulse Secure VPN Flaws Exploited to Target US Defense Sector (Dark Reading) China-linked attackers have used vulnerabilities in the Pulse Secure VPN appliance to attack US Defense Industrial Base networks.
Spy groups hack into companies using zero-day flaw in Pulse Secure VPN (CSO Online) Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.
Suspected Chinese hackers spied on US, European targets (KOB 4) Suspected state-backed Chinese hackers exploited widely used networking devices to spy for months on dozens of high-value government, defense industry and financial sector targets in the U.S. and Europe, according to FireEye, a prominent cybersecurity firm.
State-linked hackers hit American, European organizations with Pulse Secure exploits (CyberScoop) Two hacking groups, including one with ties to China, have in recent months exploited popular enterprise software to break into defense, financial and public sector organizations in the U.S. and Europe, security firm FireEye warned Tuesday.
Cyberattacks on Japan aerospace industry exploited 'zero-day' flaw (Nikkei Asia) Roughly 200 companies and institutions targeted, including JAXA
Chinese hackers compromise dozens of government agencies, defense contractors (Washington Post) Sophisticated Chinese government hackers are believed to have compromised dozens of U.S. government agencies, defense contractors, financial institutions and other critical sectors, according to a private cybersecurity firm working with the federal government.
Exploitation of Pulse Connect Secure Vulnerabilities (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021, CISA assisted multiple entities whose vulnerable Pulse Connect Secure products have been exploited by a cyber threat actor.
Pulse Connect Secure Security Update (Pulse Secure Blog) The Pulse Secure team recently discovered that a limited number of customers have experienced evidence of exploit behavior on their Pulse Connect Secure (PCS) appliances. We are sharing information about the investigation and our actions through several communications channels in the best interests of our customers and the greater security community.
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass
Techniques and Pulse Secure Zero-Day (FireEye) This post examines new persistence and auth bypass techniques for Pulse Secure VPNs, which we've observed being used by one or more groups.
Lazarus APT Hackers are now using BMP images to hide RAT malware (The Hacker News) North Korean hackers were recently caught hiding malware inside BMP image files to steal passwords in a spear phishing attack.
North Korean hackers use new method to dodge security programs (NK PRO) Hackers linked to North Korea deployed a new means of extracting malware by hiding it inside a legitimate-looking command to convert a PNG image into a BMP image, according to a new report from security company Malwarebytes. Based on similarities to previous code and tactics, researchers at Malwarebytes attributed the phishing attack to the North …
Vulnerability In Duo Security App 2FA Could Allow Account Takeover (Latest Hacking News) The vulnerability in Duo Security app could allow an adversary with authenticated access bypass 2FA and takeover victim account.
ISIS Cyber Group Warns of Tracking Through Bitcoin Use (Homeland Security Today) An ISIS-supporting cybersecurity group warned followers to avoid using Bitcoin because of the potential for jihadists to be tracked through use of the cryptocurrency.
Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store (The Hacker News) Researchers have discovered a new set of fraudulent Android apps in the Google Play store that hijack SMS notifications for billing scams.
WhatsApp Pink: Watch out for this fake update (WeLiveSecurity) Android users should watch out for messages circulating on WhatsApp and other major messaging apps and promising to provide a pink color theme for WhatsApp.
IoT Devices – The Newest Source of OT Network Security Gaps (Nozomi Networks) Juniper Research predicts that there will be 83 billion IoT connections within the next three years, with the industrial sector accounting for over 70% of them.1
Codecov supply chain attack has echoes of SolarWinds (ComputerWeekly) Supply chain attack on code auditing service may have compromised the likes of HPE and IBM.
Taxonomy of SUNBURST DNS Tactics (ExtraHop) Read the report to understand the SUNBURST DNS tactics that helped them avoid detection—and why DNS is so challenging to secure.
State of the Global Response to the SolarWinds Orion Breach (Risk Recon) Download this new white paper that discusses how firms around the world are responding to the SolarWinds Orion breach.
Hacking smart meters – a defence warning (Smart Energy International) US cybersecurity specialist Mandiant demonstrates hacking and switching off a North American electricity utility smart meter.
Eversource Energy data breach caused by unsecured cloud storage (BleepingComputer) Eversource, the largest power supplier in New England, has suffered a data breach after customers' personal information was exposed on an unsecured cloud server.
Ransomware gang tries to extort Apple hours ahead of Spring Loaded event (The Record by Recorded Future) The operators of the REvil ransomware are demanding that Apple pay a ransom demand to avoid having confidential information leaked on the dark web.
CAPTCHA This: Bypassing SEGs via reCAPTCHA (Avanan) Avanan researchers uncovered an attack that utilizes reCAPTCHA to bypass SEG scanners and reach end-users.
Security Patches, Mitigations, and Software Updates
Firefox 88 patches bugs and kills off a sneaky JavaScript tracking trick (Naked Security) What’s in a window name? Turns out that it could be a sneaky tracking code, so Firefox has put a stop to that.
Hitachi ABB Power Grids Ellipse APM (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Hitachi ABB Power Grids
Equipment: Ellipse APM
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim’s browser.
Rockwell Automation Stratix Switches (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Exploitable remotely/ Low attack complexity
Vendor: Rockwell Automation
Equipment: Stratix Switches
Vulnerabilities: Insufficiently Protected Credentials, Insufficient Verification of Data Authenticity, Use of Out-of-Range Pointer Offset, Insertion of Sensitive Information Into Log File, Command Injection, Improper Input Validation
2.
Delta Industrial Automation COMMGR (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: Delta Industrial Automation
Equipment: COMMGR
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow for remote code execution or cause the application to crash, resulting in a denial-of-service condition in the application server.
Delta Electronics CNCSoft ScreenEditor (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Delta Industrial Automation
Equipment: CNCSoft ScreenEditor
Vulnerability: Out-of-bounds Read
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow arbitrary code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of CNCSoft ScreenEditor are affected:
Delta Electronics CNCSoft-B (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Delta Electronics
Equipment: CNCSoft-B
Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could lead to arbitrary code execution.
Eaton Intelligent Power Manager (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.7
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Eaton
Equipment: Intelligent Power Manager (IPM)
Vulnerabilities: SQL Injection, Eval Injection, Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Code Injection
2.
Siemens Mendix (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Mendix
Vulnerability: Improper Privilege Management
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a non-administrative user to gain administrative privileges.
Hitachi ABB Power Grids Multiple Products (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: Hitachi ABB Power Grids
Equipment: Relion 670, 650, and SAM600-IO; REB500; RTU500; FOX615 (TEGO1); MSM; GMS600; PWC600
Vulnerability: Improper Input Validation
2.
Mitsubishi Electric MELSEC iQ-R Series (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: Mitsubishi Electric
Equipment: MELSEC iQ-R Series
Vulnerability: Resource Exhaustion
2.
Siemens and PKE SiNVR/SiVMS Video Server (Update A) (CISA) 1. EXECUTIVE SUMMARY
--------- Begin Update A Part 1 of 4 ---------
Valve's Really Terrible Security Hole Is No More (SVG.com) Two years after it was initially reported, Valve has finally fixed a major security exploit in Counter-Strike: Global Offensive.
Trends
Infosec Teams Expand Use Of Security Tools to Address Cloud Complexity, Survey Finds (InfoQ) The Cloud Security Alliance (CSA), a non-profit organization, recently published its findings on the state of cloud security practices which shows accelerating cloud adoption, but a need for more sophisticated security approaches.
Demand for Cloud-Based Security Solutions Soars While IT Security Budgets Tighten, Finds ‘2021 Cyberthreat Defense Report’ (BusinessWire) CyberEdge Group today announced the availability of its eighth annual Cyberthreat Defense Report (CDR).
Keysight Releases Fourth Security Report Highlighting Three Critical Areas of Concern to Network Security (BusinessWire) Keysight Releases Fourth Security Report Highlighting Three Critical Areas of Concern to Network Security
New Research Indicates Nearly 80% of Top US Energy Companies Are at Serious Risk for Cyberattacks (CircleID) In light of the Biden administration's recent efforts in protecting critical infrastructure from cyber threats, new research from CSC indicates that a majority of the top energy companies in the U.S. are vulnerable to attack due to shortcomings in their online operations. Specifically, these organizations are vulnerable to domain name and domain name system (DNS) hijacking and phishing attacks based on their lack of effective domain security.
UAE businesses hit with growing wave of ransomware attacks (Khaleej Times) Experts say that the cyber threat landscape across the UAE is constantly evolving, with attacks becoming more malicious and sophisticated
Infosec Teams Expand Use Of Security Tools to Address Cloud Complexity, Survey Finds (InfoQ) The Cloud Security Alliance (CSA), a non-profit organization, recently published its findings on the state of cloud security practices which shows accelerating cloud adoption, but a need for more sophisticated security approaches.
Every fifth corporate network faced a cryptomining malware attack in 2020 (HostReview.com) Data acquired by cryptocurrency trading simulator Crypto Parrot indicates that cryptomining malware accounted for the second-largest corpora
Upstream | Developing Markets Suffer Mobile Malware Pandemic with 1 In 6 Android Phones Now Infected (RealWire) Threat actors move from Google Play - 71% of malware-infected apps now on 3rd party stores
Americans lost $1.19 billion to imposter scams in 2020 (Atlas VPN) Atlas VPN findings reveal that Americans lost $1.19 billion to imposter fraud in 2020, which is $613.8 million more than the previous year, representing a 106.56% increase.
And the Award for Most Popular Movie Used in Passwords Goes to… (Specops Software) A couple of weeks ago, we revealed the top Major League Baseball team names that are a homerun for hackers in conjunction with Opening Day. With the...
Marketplace
Passwordless Authentication Firm HYPR Raises $35 Million (SecurityWeek) HYPR, a company that provides cloud-based passwordless authentication platform, has raised $35 million in a Series C financing, bringing the company’s total funding to more than $70 million
Druva Raises $147 Million at $2 Billion Valuation (SecurityWeek) Cloud data protection and management firm Druva has raised $147 million at a valuation of more than $2 billion.
Cape Privacy announces $20M Series A to help companies securely share data (TechCrunch) Cape Privacy, the early-stage startup that wants to make it easier for companies to share sensitive data in a secure and encrypted way, announced a $20 million Series A today. Evolution Equity Partners led the round with participation from new investors Tiger Global Management, Ridgeline Partners a…
Coalfire Acquires Neuralys Pen Testing Platform (Coalfire.com) Coalfire has acquired Neuralys Corporation, a cloud-based penetration testing management platform headquartered in Bethesda, MD.
AppOmni Closes $40 Million Funding Round Led by Scale Venture Partners (PR Newswire) AppOmni, the leading provider of SaaS Security Management, today announced that the company has raised $40 Million in Series B funding. This...
SaaS Security Company Grip Security Emerges From Stealth (SecurityWeek) SaaS security company Grip Security emerges from stealth mode with $6 million in seed funding.
buguroo becomes Revelock as it Changes the Game of Online Fraud Prevention (PR Newswire) buguroo, a pioneer in behavioral biometric based online fraud prevention, today announced it is changing its name to Revelock to reflect the...
Facebook Wants to 'Normalize' the Mass Scraping of Personal Data (Vice) An internal email lays out Facebook's plan to talk more about scraping.
Versa SASE Wins 2021 Government Security Award (Yahoo) Independent Panel of Judges Recognizes Versa as Industry’s Only Comprehensive Integration of Cloud Security, Networking, SD-WAN, Secure Access, and Analytics for Branch, Remote and Home Users
Zerto Announces Partner Award Winners at ZertoCON 2021 (BusinessWire) Zerto, an industry leader in cloud data management and protection, has announced the partner award winners from ZertoCON 2021 Virtual.
Specops Software Doubles North American Sales Team to Meet Growing Dem (PRWeb) Specops Software, the leading provider of password management and authentication, today announced that it has successfully doubled the size of it
XA Network appoints tech stars to advisory board (Private Equity Wire) The XA Network, a member-based investment network of executives from prominent tech firms in Southeast Asia, has appointed an advisory board.
Former VMware Channel Exec to Head Check Point's Americas Sales (Channel Futures) A former high-ranking VMware channel executive has joined Check Point Software Technologies has head of sales in the Americas.
Netskope names Michael Herman as VP Channel Sales for EMEA and Latam (Intelligent CIO Africa) Netskope, a security cloud vendor, has appointed Michael Herman as VP Channel Sales for EMEA and Latam. With extensive experience in technology sales, and over twenty years leading and architecting channel strategies, Herman joins with a remit to build out Netskope’s channel partnerships, support team and programmes across both the EMEA and Latam regions. Herman […]
Robert Thomas - Former CEO Infoblox and NetScreen - Joins Acreto Board (PR Newswire) Robert Thomas, Silicon Valley veteran CEO who led both NetScreen Technologies and Infoblox from startup to IPO, has joined Acreto's Board of...
Resilience Broadens National Footprint. Adding Underwriting Strength naming Gavin Reed as EVP in Los Angeles (PR Newswire) Resilience Cyber Insurance Solutions, providing comprehensive insurance coverage and patented cybersecurity tools to protect mid-market...
JupiterOne Hires CISO and Appoints New Board Member from Uber (PR Newswire) JupiterOne, the leader in cyber asset management and governance solutions, today announced the hiring of Sounil Yu as Chief Information...
Products, Services, and Solutions
AT&T Cybersecurity Launches New Managed Endpoint Security Solution (PR Newswire) What's the news? AT&T* has launched a managed endpoint security solution through its alliance with SentinelOne. AT&T Managed Endpoint Security...
The Storybook Approach to MITRE ATT&CK (Trend Micro) The MITRE ATT&CK® knowledge base is an extremely valuable tool that helps drive advancement and alignment throughout the cybersecurity industry. It has standardized the interpretation of an attacker’s approach and provided a common language to describe threat group behaviours.
Next Peak Launches Geo Cyber Risk Index (Next Peak) Providing Cyber Leaders with Multidimensional View of Country Specific Risks to Monitor Global Cyber Exposure
HackerOne Founding Vulnerability - Day of Incorporation (OpenSea) HackerOne is celebrating its day of incorporation through this one-of-a-kind NFT. The unique licensed artwork depicts our founding vulnerability — a simple bug in Facebook Mail (the predecessor of Facebook Messenger) that co-found
Atakama Signs Strategic Partnership with Nth Generation (PR Newswire) Atakama Inc., the data security company that introduced their innovative multi-factor file-level encryption software, is excited to announce...
Sequitur Labs Presents Best Practices for Securing AI/ML Models at the Edge (BusinessWire) Sequitur Labs Presents Best Practices for Securing AI/ML Models at the Edge
Cybereason Excels in 2020 MITRE Engenuity ATT&CK Evaluations (Cybereason) The MITRE Evaluation validates Cybereason’s future-ready attack protection, and superior prevention, detection and response capabilities.
TruSTAR Introduces API 2.0, Operationalizing Data Orchestration and Normalization for a New Era in Intelligence Management (PR Newswire) TruSTAR, a leader in data-centric intelligence integration and automation, today announced API 2.0, the latest version of TruSTAR's API-First...
VMware supports distributed workforces with SASE security, global POP network (SiliconANGLE) VMware Inc. today extended its Workspace ONE endpoint management technology to provide better support for distributed workforces.
LogRhythm Chooses Cybersecurity Specialist Distology as Its Value-Added Distributor in the UK and Ireland (LogRhythm) The exclusive distribution deal expands Distology’s solutions portfolio and enables more VARs to capture new revenue from real-time cybersecurity solutions.
Nextgen adds Forcepoint to expanding Singapore portfolio (Channel Asia) Nextgen has signed a distribution agreement with Forcepoint in Singapore amid plans to roll-out secure access service edge solutions via the channel.
Vipre streamlines the business security journey with new defence bundles (TechCentral.ie) In association with Vipre Vipre UK & Ireland has announced the release of its latest cybersecurity defence bundles, providing businesses with protection at their core, edge or across the entire business network. The latest packages marry the essential security foundations of e-mail and endpoint protection with the emerging necessities of security awareness training, web access...
ThycoticCentrify Announces Research Showing Promising Adoption of Cloud Identity and Access Management Measures (Centrify) Santa Clara, Calif. and Washington D.C. ― April 21, 2021 ― ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, today announced new research that reveals promising cloud-based identity and access management (IAM) adoption in the enterprise space.
ThycoticCentrify Successfully Completes SOC 2 Type ll Compliance Recertification (PR Newswire) ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders...
Palo Alto Networks Establishes World-Class Cybersecurity Consulting Group (Yahoo) Palo Alto Networks (NYSE: PANW) today announced it is establishing a new cybersecurity consulting group to help enterprises respond to emerging threats as they navigate an increase in costly, crippling cyberattacks.
Blumira Announces Strategic Partnership With Access-Interactive (Blumira) Through a new partnership, Access Interactive customers will be able to access to Blumira’s cost-effective and easy-to-operate threat detection and response solution to help them effectively protect against cybersecurity breaches.
Skyflow Launches First-Ever Data Privacy Vault for Fintechs, Delivered as an API (BusinessWire) The Skyflow Payments Data Privacy Vault lets fintech developers quickly build innovative apps without worrying about security, privacy or compliance
Merlin Cyber Launches FedRAMP Managed Service to Accelerate SaaS Companies’ Ability to Pursue $200B Public Sector IT Market (BusinessWire) Merlin Cyber today launched Constellation GovCloud™, a managed service that is designed to accelerate FedRAMP authorization for SaaS companies.
Zerto Unlocks Continuous Cloud Protection with New Data Protection Solutions for AWS Workloads (BusinessWire) Zerto opened its annual ZertoCON event with the announcement of new data protection solutions for Amazon Web Services (AWS) workloads.
CyberGRX Partners with Recorded Future to Incorporate Third-Party Intelligence Into CyberGRX Risk Profiles (BusinessWire) CyberGRX announces a strategic partnership with Recorded Future to empower customers to better understand their vendor risk profile.
F Secure Oyj : Secure's Detection and Response Capabilities Shine in 3rd MITRE Engenuity ATT&CK Evaluation (MarketScreener) Helsinki, Finland - April 21, 2021: Today, F-Secure published its analysis of the company's performance in MITRE Engenuity's third ATT&CK® Evaluation. The evaluation pitted... | April 21, 2021
Technologies, Techniques, and Standards
Russian intelligence agency SVR sets up dark web whistleblowing platform (The Record by Recorded Future) The SVR, Russia's main intelligence service, has deployed a system similar to the SecureDrop whistleblowing platform to allow Russians living abroad to safely send anonymous tips via the Tor network about national security threats.
NCSC platform for sharing cyber threat intelligence undergoing revamp (Future Scot) A platform for sharing cyber threat intelligence between industry and government in the UK – run by the National Cyber Security Centre (NCSC) – is undergoing a revamp.
A cyber tool that started at DARPA moves to Cyber Command (C4ISRNET) The DoD officially transitioned a prototyping project as the baseline for a critical cyber tools for Cyber Command's cyber mission force.
DHS Plans $300 Million Law Enforcement Data Analytics Platform (Bloomberg Government) U.S. Immigration and Customs Enforcement (ICE), an arm of the Department of Homeland Security (DHS), seeks up to three industry partners to help it build the agency’s next-generation investigations support platform.
Why OTPs ceased catching those OTP (on the prowl) (Pindrop) One-Time Passwords (OTPs) were created to help enhance security, as they can protect you from an identity theft attack. Are they still effective in 2021?
Space Command to launch Joint Cyber Center (FedScoop) The unified combatant command overseeing the military’s joint operations in space is working to stand up a Joint Cyber Center, its commander told senators Tuesday.
How to use employee personal data monitoring to close security gaps (Security Magazine) With more powerful malware, a tightening regulatory environment, and greater consumer security consciousness raising the stakes for organizational cybersecurity, understanding how personal data monitoring impacts cybersecurity has never been more vital.
Biometrics Experts and New Study Highlight How Behavioral Biometrics Supports Strict Regulation and Offers Better Data Privacy Protections (BusinessWire) BehavioSec announced new findings that organizations and consumers can feel more comfortable with wider use of behavioral biometrics.
What in the World Does It Take to Be an Effective CISO? (The State of Security) What in the world does it take to be an effective CISO? In order to find out, Zoe Rose spoke with several of her CISO friends.
Design and Innovation
How Face Recognition Can Destroy Anonymity (Wired) Cameras are everywhere, and increasingly powerful software can pick an individual out of a crowd. Except sometimes algorithms get it wrong.
Academia
US Cyber Games Launches a Cyber Open and Combine to Find the Best Cybersecurity Athletes for the Inaugural US Cyber Team (PR Newswire) Today marks the kickoff of the inaugural US Cyber Games™ led by Katzcy, in cooperation with the National Initiative for Cybersecurity Education...
IBM donating more than $10 million to Miami Dade College to teach skills of the future (Miami Herald) Artificial intelligence. Cloud computing. Cybersecurity. Quantum computing. These are the fields for a future that has already arrived. Miami Dade College is making sure its students are ready for them.
Legislation, Policy, and Regulation
U.S. Helping Ukraine Foil Russian Cyberattacks as Hacking Spikes: Sources (US News and World Report) U.S. News has learned that Ukraine, working with U.S. partners, has foiled at least 350 Russian cyberattacks in recent weeks while Moscow’s forces mass on the border.
Emergency Directive 21-03: Mitigate Pulse Secure Product Vulnerabilities (CISA) CISA has observed active exploitation of vulnerabilities in Pulse Connect Secure products, a widely used SSL remote access solution. Successful exploitation of these vulnerabilities could allow an attacker to place webshells on the appliance to gain persistent system access into the appliance operating the vulnerable software. CISA has no knowledge of other affected Pulse Secure products (including the Pulse Secure Access client).
Biden Administration Takes Bold Action to Protect Electricity Operations from Increasing Cyber Threats (Energy.gov) DOE kicks off 100-day plan to address cybersecurity risks to the U.S. electric system, and seeks input from stakeholders on safeguarding U.S. critical energy infrastructure.
Energy Dept. Yanks Grid Supply Ban Amid Cybersecurity Push (Law360) The U.S. Department of Energy on Tuesday revoked a Trump-era order blocking the use of electrical equipment from China and other countries deemed to be potential national security risks as it launched an initiative to bolster grid security and secure energy supply chains.
US Takes Steps to Protect Electric System From Cyberattacks (SecurityWeek) The Biden administration is taking steps to protect the country’s electric system from cyberattacks through a new 100-day initiative combining federal government agencies and private industry.
Biden Pushes to Protect Power Companies’ Supply Chains (Wall Street Journal) The Biden administration’s cybersecurity push could limit power companies’ reliance on Chinese suppliers.
Biden administration unveils effort to strengthen cybersecurity of power grid (WENY) The Biden administration kicked off a 100-day effort on Tuesday to beef up cybersecurity in the nation's power grid, calling for industry leaders to install technologies...
White House outlines 100-day plan to upgrade U.S. cyberdefenses (UPI) The White House said Tuesday that President Joe Biden's administration is beginning a 100-day plan to guard critical U.S. electric infrastructure against sophisticated cyber threats.
Biden’s Sanctions Targeting Russian Cyber Behavior Could Backfire (World Politics Review) Last week, the Biden administration imposed economic sanctions on Russia in response to an act of cyber espionage. It seems that the U.S. is finally getting serious about standing up to Russian cyber behavior. But from the perspective of international law, the move is controversial and could potentially backfire.
Expand U.S. Cyber Command to Better Secure American Infrastructure (International Policy Digest) Expanding the capabilities of U.S. Cyber Command, or USCYBERCOM, makes sense given the cyber-threat landscape.
House passes legislation to elevate cybersecurity at the State Department (TheHill) The House on Tuesday approved bipartisan legislation aimed at elevating cybersecurity at the State Department through prioritizing and reorganizing a key department on the heels of multiple major foreign cyberattack
Lawmakers want to end 8-year debate over the definition of data centers (Federal News Network) GAO told the House that CIO authorities improved across five agencies over the course of the FITARA scorecard.
The White House Appoints eSentire Strategic Advisor, Amit Mital, as Sr. Director in the National Security Council and Special Assistant to the President (GlobeNewswire) eSentire, Inc., the leading global Managed Detection and Response (MDR) cybersecurity services provider, today announced that its Strategic Advisor, Amit Mital, has been appointed by the White House as Senior Director in the National Security Council and Special Assistant to the President.
Litigation, Investigation, and Law Enforcement
Iowa Workforce Development denies data breach despite reports of fraud (KCCI) Some Iowans are locked out of their account, going weeks without payments
Mexican judge moves to block personal data from biometric cellphone registry (Reuters) A Mexican judge on Tuesday blocked part of a federal telecommunications law requiring cellphone users to give telecom providers their personal data for a biometric registry.
TikTok sued in UK on behalf of millions of European children (Computing) The lawsuit alleges that the Chinese app has breached data protection rules by collecting childrens' personal data without warning or the consent of guardians
Exclusive Secure and Trusted AI Report in Response to EU AI Regulations: Retrospective, Trends, Predictions (PR Newswire) Adversa, a leader in Trusted AI research and advisory, has published extensive research on the security and trustworthiness of artificial...
FTC issues stern warning: Biased AI may break the law (Protocol) In a blog post this week, the Federal Trade Commission signaled that it's taking a hard look at bias in AI, warning businesses that selling or using such systems could constitute a violation of federal law. "The FTC Act prohibits unfair or deceptive practices," the post reads. "That would include th...