Attacks, Threats, and Vulnerabilities
Updating the 2020 Summer Olympics Threat Assessment (Cyber Threat Alliance) The Cyber Threat Alliance (CTA) released our first threat assessment focusing on the 2020 Summer Olympics in Tokyo way back in February 2020. Around the release date, we were seeing stories of a novel coronavirus beginning to spread. Some of us were starting to get concerned about it here in the US, but it hadn’t... View Article
Cryptocurrency apps were heavily targeted by Android banking trojans in 2020 (The Record by Recorded Future) Android banking trojans had their most productive year to date in 2020, a year during which they more than doubled the number of apps they targeted for data theft.
The impact of TCP/IP vulnerabilities in healthcare devices (Forescout) Forescout Research Labs found and disclosed several critical vulnerabilities on TCP/IP stacks that affect hundreds of millions of IT, OT, IoT and IoMT devices: AMNESIA:33, NUMBER:JACK and NAME:WRECK. This research – collectively called Project Memoria – has the mission to uncover threats arising from this new class of vulnerabilities and to support the community in […]
21Nails: Multiple Vulnerabilities in Exim Mail Server (Qualys Security Blog) The Qualys Research Team has discovered multiple vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root…
Rust-Based Buer Malware Variant Emerges (Decipher) Cybercriminals have rewritten the Buer malware loader in the Rust programming language, in an attempt to avoid detection.
Alaska Court System Briefly Forced Offline Amid Cyber Threat (SecurityWeek) The Alaska Court System has temporarily disconnected most of its operations from the internet after a cybersecurity threat on Saturday, including its website and removing the ability to look up court records.
Tesla Car Hacked Remotely From Drone via Zero-Click Exploit (SecurityWeek) Researchers show how Tesla cars could have been hacked remotely, from a drone, without any user interaction.
Apple Warns of New Zero-Day Attacks on iOS, macOS (SecurityWeek) Apple’s problems with zero-day attacks continue with news of another mysterious in-the-wild compromise affecting iPhones, iPads and MacOS devices.
PoC exploit released for Microsoft Exchange bug dicovered by NSA (BleepingComputer) Technical documentation and proof-of-concept exploit (PoC) code has been released for a high-severity vulnerability in Microsoft Exchange Server that could let remote attackers execute code on unpatched machines.
Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys (The Hacker News) Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys
Breached Online Ordering Platforms Expose Hundreds of Restaurants (Gemini Advisory) 04 / 29 / 2021 Key Findings In the past 6 months, Gemini has reported on breaches of 5 companies that serve as online ordering platforms for restaurants through centralized platforms. This has led to the exposure of approximately 343,000 payment cards. Three of the affected platforms — Easy Ordering, MenuSifu, and E-Dining Express — […]
Scripps Health targeted by cyberattack (San Diego Union-Tribune) The hospital system was hit Saturday in attack that forced it to block patient access to online portals, divert some critical care patients
Cyberattack throws Southern California hospital system offline for days (Newsweek) Scripps Health in San Diego County was targeted by a cyberattack over the weekend, and the hospital system's website remained offline Monday afternoon.
Scripps Health Hit By Cyberattack (NBC 7 San Diego) Scripps Health confirmed Sunday their technology servers were hacked overnight, forcing the health care system to switch to offline chart systems and causing a disruption to their patient portals.
Ransomware Hits Scripps Health, Disrupting Critical Care, Online Portal (HealthITSecurity) This week's breach roundup is led by a ransomware attack on Scripps Health. The cyberattack over the weekend has resulted in EHR downtime procedures and the diversion of trauma patients.
Expert Analysis: Scripps Health Possible Ransomware Attack (Solutions Review) Scripps Health, a San Diego-based healthcare provider, disclosed suffering a cyber-attack that carries the signs of potential ransomware.
SmileDirect stock drops after cybersecurity incident, financial repercussions disclosed (MarketWatch) SmileDirectClub Inc. shares fell more than 7% in after-hours trading Monday afternoon, following official disclosure of a cybersecurity incident and its...
SmileDirectClub Shares Fall After Company Reports Cybersecurity Incident (Wall Street Journal) SmileDirectClub said a cyberattack last month disrupted the company’s operations and will hurt its sales this quarter.
Illinois AG Office Hit by Ransomware After Security Warning (GovTech) In February, a state audit indicated that the Illinois Attorney General's Office lacked proper cybersecurity protections. Three weeks ago, the office suffered a ransomware attack.
Clop Ransomware Detection: Threat Research Release, April 2021 | MarketScreener (MarketScreener) Clop Ransomware has been active since 2019 and has been...
Ransomware Thrives with Focus Directed Elsewhere (Loss Prevention Media) Ransomware attacks haven’t slowed much during the pandemic, and retailers are still vulnerable as evidenced by two recent attacks on Boggi Milano and Home Hardware.
Ransomware targeting Asean SMEs drops (Bangkok Post) The global cybersecurity company Kaspersky has reported a significant decrease in the number of ransomware attempts it detected and foiled last year among small and medium enterprise (SME) users in Southeast Asia.
Demanding answers: Pa. lawmakers want investigation after Target 11 exposes data breach (WPXI) A handful of state representatives gathered in Harrisburg Monday and demanded answers after a Target 11 investigation exposed the data breach last week.
The Technology Adoption Lifecycle of Genesis Market (Digital Shadows) This blog highlights work from Digital Shadows’ Dark Web Monitoring Solutions Guide, outlining popular dark web monitoring use cases and best practices.
Winner Pays: Lotto Scam Reaches End-Users (Avanan) An email posing as lottery winnings is just another way to grab personal information.
Telstra partner falls victim to cyber attack (ARN) Melbourne-based telco provider Schepisi Communications has fallen victim to a cyber attack, potentially exposing information associated with tens of thousands of SIM cards.
Security Patches, Mitigations, and Software Updates
VPN Patch Released For 24 Federal Agencies (Breaking Defense) The patch secures a zero-day vulnerability disclosed last month and is just one of four vulnerabilities being actively exploited in Pulse Connect Secure.
Pulse Secure releases patch for zero-day used to target defense firms (SC Media) Pulse Secure released a patch for the vulnerability hackers used to access networks of U.S. defense contractors and other government agencies.
Pulse Secure Ships Belated Fix for VPN Zero-Day (SecurityWeek) Embattled VPN technology vendor Pulse Secure ships patches for four major security vulnerabilities, including belated cover for an issue that’s already been exploited by advanced threat actors.
Apple fixes 2 iOS zero-day vulnerabilities actively used in attacks (BleepingComputer) Today, Apple has released security updates that fix two actively exploited iOS zero-day vulnerabilities in the Webkit engine used by hackers to attack iPhones, iPads, iPods, macOS, and Apple Watch devices.
Apple releases fixes for three WebKit zero-days, additional patches for a fourth (The Record by Recorded Future) Apple has released today security updates for multiple products to patch three zero-days and roll out additional patches for a fourth that the company said they might have been exploited in the wild.
Trends
A crisis in third-party remote access security (SecureLink) Over half of organizations have experienced a data breach caused by third parties that led to the misuse of sensitive or confidential information. An even larger number attribute the cause of the data breach to granting too much access to third parties. Even though outsourcing business functions to third-party vendors seems like an easy win for businesses, there’s a cost and a very real threat to granting third parties access into your internal systems and networks.
State of Cybersecurity 2021 (ISACA) The state of cybersecurity in 2021
Cloud Native Application Security Report (Snyk) New research reveals 60% of organizations have increased security concerns since adopting cloud native. Read the full State of Cloud Native Application Security report for all of the latest trends.
Deepfake Attacks Are About to Surge, Experts Warn (Threatpost) New deepfake products and services are cropping up across the Dark Web.
Bank of America Tech Chief Says Cyber Attacks Have Surged ‘Dramatically’ (Bloomberg) Bank of America Corp. is devoting more resources to fighting cyberattacks after seeing a jump in threats amid the pandemic.
Americans Have Real Concerns for Vaccine Passport Privacy (NordVPN) Over one third (35%) of Americans would prefer a chip to a vaccine passport.
Kansas and Rhode Island suffered the most identity thefts in 2020 (Atlas VPN) Due to the coronavirus pandemic, many people lost jobs in the United States. Fraudsters did not hesitate to use this panic to claim unemployment insurance instead of the ones that needed it the most, and some states were not prepared at all.
Marketplace
Cybersecurity M&A Roundup: 31 Deals Announced in April 2021 (SecurityWeek) Tens of cybersecurity mergers and acquisitions were announced in April 2021, including by Atos, Mastercard, Rapid7, Thoma Bravo and Accenture.
VC Daily: Cyber Deals to Rise, DataTribe Says (Wall Street Journal) Despite the venture-capital sector having its best quarter on record, the cybersecurity sector looked to be a laggard, at least on paper. In a new report, cybersecurity-focused venture firm DataTribe noted a drop in both deal count and size, while valuations rose.
Looking back at April: Over $2B in funding flows through Israel's startup ecosystem (Geektime) A new Unicorn, five acquisitions, and one exceptional day of VC funding. This what Israeli startups did in April
The 16 Largest NYC Tech Startup Funding Rounds of April 2021 (AlleyWatch) Everything you need to need to know about the largest NYC startup funding rounds of April 2021; broken down by industry, stage, investors, and more…
Aryaka Acquires Cloud-Based SASE Platform Secucloud GmbH (Security Informed) Aryaka®, the front-runner in fully managed Cloud-First WAN and SASE solutions, announced that it has acquired Secucloud GmbH, a proven SASE platform provider, delivering network security from the...
Why We Acquired Secucloud, And What Does It Mean For Our Customers? (Aryaka) Acquiring Secucloud was a means to deliver a managed SASE offering while providing customers and partners a greater choice for various deployment use-cases.
Persona Secures $50M in Series B Funding to Become the Identity Layer of the Internet (BusinessWire) Persona, the identity infrastructure company offering businesses the building blocks to create a personalized identity verification experience for any
Our Series B and the future of Persona (Persona blog) We’ve raised $50 million to bring us one step closer to becoming the identity layer of the internet.
Tenable completes acquisition of Alsid (Intelligent CIO Africa) Cyber exposure company Tenable Holdings, has announced that it has completed the acquisition of Alsid, a provider of secure Active Directory solution. Under the terms of the agreement, Tenable acquired Alsid for a total purchase price of approximately US$98 million in cash, subject to customary purchase price adjustments. The acquisition was completed on April 26, […]
Imperva to Buy API Security Firm CloudVector (Dark Reading) The deal is intended to expand Imperva's API security portfolio, officials say.
Container Management Solution Provider Portainer.io Raises $6M Series A Round from Bessemer Venture Partners, Sonae IM, and Movac to Accelerate Global Expansion (PR Newswire) Portainer.io, creator of Portainer CE, announced today their $6 million Series A round led by Bessemer Venture Partners, joined by prominent...
Acronis, the global leader in cyber protection, receives more than $250M investment at a $2.5B valuation (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
LiveAction Acquires CounterFlow AI to Expand Network Security Offerings (LiveAction) LiveAction, the leader in network performance management, today announced it has acquired CounterFlow AI, a leading network detection and response (NDR) provider.
Personal cyber insurance market poised for explosive growth (Insurance Business) There is no safe space when it comes to cyber risk
Kaspersky Expands Footprint in Nigeria and Ghana (IT News Africa) Kaspersky has partnered with DataGroupIT to grow its cybersecurity business within Nigeria and Ghana. “DataGroupIT is a well-known distributor in Africa with a clear value-add when it comes to generating focused business growth, especially in the enterprise segment. It also has the capacity to support the Kaspersky business logistically and provide valuable technical expertise on […]
ReversingLabs Wins Trust Award For Best Threat Intelligence Technology at SC Awards 2021 (GlobeNewswire) ReversingLabs, the leading provider of explainable threat intelligence solutions, today announced that its Titanium Platform was recognized as the Trust Award Winner in the Best Threat Intelligence Technology category for the 2021 SC Awards.
Bishop Fox’s CAST Named Winner of Best Emerging Technology Category in SC Awards 2021 (Yahoo) Continuous Attack Surface Testing (CAST) Managed Security Service Wins Award for Cutting-Edge Innovation by Addressing Today’s Rapidly-Evolving Threats to Organizations
Best Threat Detection Technology: Intezer Analyze (SC Media) Intezer Analyze runs over a subscription-based SaaS service with pricing based on the number of daily file uploads contracted.
Securonix Named Best SIEM Solution in the 2021 SC Awards (BusinessWire) Securonix, Inc., a leader in Next-Gen SIEM, has been named the Trust Award Winner in the “Best SIEM Solution” category for the 2021 SC Awards.
Security Executive of the Year | Shawn Henry, CrowdStrike (SC Media) Shawn Henry made CrowdStrike more than just a security company – it’s become a household name thanks in part to his leadership, with the well known 2016 Democratic National Committee investigation serving as just one example of his influence.
Security Innovator of the Year | Jeremy Brown, Trinity Cyber (SC Media) Jeremy Brown helped Trinity Cyber develop counter maneuvers for a DNS exploit requiring deep parsing of a certain kind of traffic, then deployed to all clients in less than two days.
Andy Ellis, Operating Partner at YL Ventures, Inducted into CSO Hall of Fame (GlobeNewswire) Honorees to be recognized at the CSO50 Conference + Awards
Digital Guardian Adds 2SB to its Synergy Partner Program and Appoints Sebastien LE GOFF as Regional Sales Manager (Digital Guardian) Latest developments underline Digital Guardian’s increased European investment amid market surge
Assured Information Security promotes Richard Hughes (Observer-Dispatch) Richard Hughes has been promoted to operations manager at Assured Information Security (AIS).
Qualys names Sumedh Thakar as new CEO (ITP) Thakar has been with Qualys for nearly 20 years in various positions starting as a software engineer
Products, Services, and Solutions
ThreatQuotient Launches Data-Driven Approach to SOAR and XDR, Accelerating Detection & Response (RealWire) Leader in security operations solutions continues industry-first innovations with a new platform capability to streamline and simplify automation and orchestration
Synopsys to Showcase New Application Security Orchestration Solution at RSA Conference (PR Newswire) Synopsys, Inc. (Nasdaq: SNPS) today announced it will showcase the Software Integrity Group's new Intelligent Orchestration solution at RSA...
IRONSCALES Channel Program Relaunches with Enhanced Partner Benefits and Sales Strategy (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced that it has relaunched its Channel Partner Program with enhanced benefits.
Bell introduces BSURE: the Bell Security Unified Response Environment (PR Newswire) Bell today announced the launch of the Bell Security Unified Response Environment (BSURE), a new service that combines Bell's proven national...
Palo Alto Prisma Cloud targets unprotected VMs and container security - (Enterprise Times) Palo Alto has released the latest update to its Prisma Cloud, cloud native security platform with four new features to improve security
Qualys Expands Its Endpoint Security Solution with Real-Time Malware Protection (Security Boulevard) Qualys Multi-Vector EDR combines proactive anti-malware technology with real-time, cloud-based detection and response providing comprehensive endpoint protection against the latest malicious threats like ransomware
Coalfire Achieves ISO 20000-1 and ISO 22301 (Coalfire.com) Coalfire ISO, the conformity assessment body arm of Coalfire, has received ISO/IEC 20000-1:2018 (“ISO 20000-1”) and ISO 22301:2019 (“ISO 22301”) accreditation through the ANSI National Accreditation Board (ANAB).
NetReveal Data Privacy Agent: Comply with data protection regulations (BAE Systems) Balance data privacy requirements while detecting, investigating and reporting suspicious fraud and financial crime activities
Incognia Launches Location Identity Solution for Mobile App Developers (GlobeNewswire) Incognia offers a free developer edition of its frictionless mobile fraud prevention solution
LEVL Releases Device Intelligence Platform for Hospitality Network Industry (PR Newswire) LEVL Technologies, Inc. today released its LEVL-IQ™ device intelligence and identity platform, which resolves issues caused by MAC address...
Swiss digital banking alternative, CrescoFin, partners with Veriff to reduce identity fraud online (Finextra) Veriff, a global identity verification provider is partnering with Swiss digital banking alternative, CrescoFin, to provide a solution that reduces the risk of identity fraud for their global customer base.
Bittium Has Received a Spanish National Security Rating for Bittium SafeMove® Mobile VPN Data Encryption Software (News Powered by Cision) The Spanish security authority Centro Criptológico Nacional (CCN) has granted Difusión Limitada (equivalent to Restricted) security level approval for Bittium SafeMove® Mobile VPN software. The Bittium SafeMove Mobile VPN software is targeted for the security and government markets.
StorageOS Announces Significant Enhancements to Its Kubernetes Storage Platform with Launch of Version 2.4 (StorageOS) StorageOS Announces Significant Enhancements to Its Kubernetes Storage Platform with Launch of Version 2.4
Technologies, Techniques, and Standards
Differentially Private Synthetic Data (NIST) In this series, we've examined several different ways to answer queries over data using differential privacy.
Cybersecurity contingency planning needs a face-lift (SearchSecurity) The recent countrywide and worldwide events in 2020 showed how companies need to sit down and reevaluate their cybersecurity contingency plans.
Can zero trust really protect government from cyberattacks? (GCN) Zero trust is exactly what the U.S. government needs to protect its most sensitive data and operations, but it requires enormous planning to implement effectively and will need constant tweaking.
The Ticking Time Bomb in Every Company's Code (Dark Reading) Developers must weigh the benefits and risks of using third-party code in Web apps.
Kubestriker: A security auditing tool for Kubernetes clusters (Help Net Security) Kubestriker is an open-source and platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.
Design and Innovation
NIST previews post-quantum cryptography challenges (GCN) A new white paper starts the discussion on what will be required to move from public-key to quantum-resistant encryption.
Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms (NIST) Cryptographic technologies are used throughout government and industry to authenticate the source and protect the confidentiality and integrity of information that we communicate and store. The paper describes the impact of quantum computing technology on classical cryptography, particularly on public-key cryptographic systems.
Academia
Plymouth State launches cybersecurity ‘bootcamp’ with Israeli firm (Concord Monitor) Plymouth State University is launching a new cybersecurity certificate course in partnership with a private company, a first for the school that reflects how colleges are figuring out how they can adapt to a host of challenges and changes.“It’s...
Parkville High School students to participate in Cybersecurity Project Symposium (Nottingham MD) Five Baltimore County high schools will partner with Cisco Systems Networking Company to host a Virtual Cisco Cybersecurity Project Symposium on Wednesday, May 5. The participating high schools — Eastern Technical, New Town, Parkville, Sollers Point, and Western School of Technology – all offer Cisco-IT Networking completer programs. “This is our inaugural systemwide cybersecurity symposium,” said Howard L. Jackson, …
NSA Teams With National Cryptologic Foundation to Promote Cyberecurity Awareness (Executive Gov) The National Security Agency (NSA) has launched a partnership with the National Cryptologic Foundati
School Mobile Apps Student Data Sharing Behavior (Me2B Alliance) The Me2B Alliance Product Testing team audited and analyzed a random sample of 73 mobile applications used by 38 schools in 14 states across the U.S., covering at least a half a million people (students, their families, educators, etc.) who use those apps. The audit methodology mainly consisted of examining data flow from the apps to external third-party vendors, by evaluating the SDKs included in each app. This report details and summarizes the audit findings.
Legislation, Policy, and Regulation
The Cyber Cold War Is Here (The Nation) The US government has refused to engage the rest of the world in regulating hostile cyber activities as it continues to launch offensive cyber operations abroad.
Cybersecurity Ignorance Is Dangerous (Foreign Policy) A new book gets the policy recommendations right while making technical errors that could undermine trust in its conclusions.
Halifax Security Forum bucks Canadian government and Chinese pressure, awards Taiwan's president (POLITICO) Amid controversy and heated politics with Beijing, the event's organizers will honor Tsai Ing-wen with the John McCain Prize for Leadership in Public Service.
Opinion: Iran has weaponized pop culture against its truth-telling journalists (The Globe and Mail) With its popular TV show ‘Gando,’ Iran’s state broadcaster has woven cruel and dangerous propaganda against people like me into blockbuster entertainment
European Authorities Scrutinize Data Flows to U.S. (Wall Street Journal) European privacy regulators and courts are looking into how companies transfer personal information to the U.S. and have ordered suspensions of some data flows.
A Clean Slate for Executive Order 13920: The Bulk Power Order (JD Supra) Last week, the Biden Administration through the Department of Energy, took actions regarding Executive Order 13920 (the “Bulk Power Order”). Such...
If the U.S. is going to get serious about cybersecurity, it should start with hiring (Marketplace) The unemployment rate in the cybersecurity field is close to 0%.
CISA Needs More Money Lawmakers Tell House Appropriations Committee (MSSP Alert) The Cybersecurity and Infrastructure Security Agency's (CISA) needs at least $400 million more in its FY 2022 budget, CISA advocates say.
The Cybersecurity 202: The Biden administration will prioritize cybersecurity in the distribution of $1 billion in federal IT funding (Washington Post) Cybersecurity defenses will take top priority in the spending of $1 billion in tech modernization funding passed by Congress earlier this year, according to plans shared first with The Cybersecurity 202.
Biden team may partner with private firms to monitor extremist chatter online (CNN) The Biden administration is considering using outside firms to track extremist chatter by Americans online, an effort that would expand the government's ability to gather intelligence but could draw criticism over surveillance of US citizens.
JUST IN: Space Force Wants More Cyber Teams (National Defense) The Space Force is in talks with Cyber Command and the Air Force to bring more specialized cyber personnel into the fold, said the deputy commander of Space Operations Command May 3.
Proposed legislation would create National Guard type program to fight cyber attacks (KIITV) Experts say 64% of the world's data breaches happen to an American.
FTC: Corporate Boards Have Important Role In Data Security (JD Supra) “Contrary to popular belief, data security begins with the Board of Directors, not the IT Department. A corporate board that prioritizes data security...
DoJ Launching Four-Month Effort to Re-Assess Cyber Threat Strategy (Meritalk) The Department of Justice (DoJ) is launching a four-month effort to reevaluate its strategies to combat cybersecurity threats in light of increases in ransomware and supply-chain attacks and the tendency of attackers to use U.S.-based infrastructure to launch their exploits, said the United States Deputy Attorney General Lisa Monaco on April 30 at a security conference in Germany.
Litigation, Investigation, and Law Enforcement
Supreme Court Curtails FTC Authority to Obtain Monetary Relief via Section 13(b) (cyber/data/privacy insights) The FTC’s toolkit to enforce unfair and deceptive practices in the privacy and cybersecurity realm was reduced last week when the Supreme Court ruled that Section 13 of the FTC Act does not allow for monetary relief. Read more about the decision and its impact. The FTC retains authority to obtain mo
Your Car Is Spying on You, and a CBP Contract Shows the Risks (The Intercept) A “vehicle forensics kit” can reveal where you’ve driven, what doors you opened, and who your friends are.
Amazon knew seller data was used to boost company sales (POLITICO) Internal report flagged lack of controls over access to seller data.
Where Was Proud Boys Intel? Top Senator Grills FBI Over Capitol Attack (Forbes) Senate Judiciary Chair Dick Durbin cited “deeply troubling reports” that the FBI “failed to use its sources in the Proud Boys” to warn of the attack.
Plaid Wins Partial Toss Of Privacy Suit Over Banking Data (Law360) A California federal magistrate judge has partially granted the dismissal of a putative class action accusing Plaid Inc. of accessing and selling the personal banking data of users of apps like Venmo and Stripe without their consent, leaving invasion of privacy and anti-phishing claims intact.
Clearview AI Says Facial Data Collection Isn't Breaking BIPA (Law360) Clearview AI told an Illinois federal judge that enjoining it from collecting state residents' biometric facial data would violate the U.S Constitution and likely force the company to stop operating nationwide.