Cyber Attacks, Threats, and Vulnerabilities
A Global Perspective of the SideWinder APT (AT&T Alien Labs) AT&T Alien Labs has conducted an investigation on the adversary group publicly known as SideWinder in order to historically document its highly active campaigns and identify a more complete picture of targets, motivations, and objectives.
Hackers used 4 zero-days to infect Windows and Android devices (Ars Technica) Boobytrapped websites are used by attackers to infect people who visited them.
Introducing the In-the-Wild Series (Google Project Zero) This is part 1 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other p...
Official: Number of Victims of Russian Hack Likely to Grow (SecurityWeek) William Evanina, director of the U.S. National Counterintelligence and Security Center, said he expected to see a “growth” in the number of victims linked to the SolarWinds hack.
SolarWinds Hack Forces Reckoning With Supply-Chain Security (Wall Street Journal) The hack of SolarWinds provided an unwanted holiday gift that will keep on giving to many companies: a jolt to the supply chains that help the digital economy run.
CES 2021: Microsoft's Brad Smith slams SolarWinds 'indiscriminate assault' (BBC News) The technology giant's president calls the hack a "danger that the world cannot afford".
'SolarLeaks' Site Claims to Offer Attack Victims' Data (BankInfo Security) A new leaks site claims to be selling data from Cisco, FireEye, Microsoft and SolarWinds that was stolen via the SolarWinds supply chain attack. Security experts
Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services (CISA) Background
These types of attacks frequently occurred when victim organizations’ employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services. Despite the use of security tools, affected organizations typically had weak cyber hygiene practices that allowed threat actors to conduct successful attacks.
()
CISA: Hackers bypassed MFA to access cloud service accounts (BleepingComputer) The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
SolarWinds confirms supply chain attack began in 2019 (SearchSecurity) SolarWinds president and CEO Sudhakar Ramakrishna published a new update Monday regarding the high-profile supply chain attack against SolarWinds. In the post, Ramakrishna dates the initial breach against the company back to September 2019.
SolarWinds Hack Followed Years of Warnings of Weak Cybersecurity (Bloomberg) Digital supply chain among the risks cited by Solarium and GAO. ‘It’s September 10th in cyberspace, and we are vulnerable’...
SolarWinds: What Hit Us Could Hit Others (KrebsOnSecurity) New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company's software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the…
Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments (CISA) CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices.
()
Updated macOS Cryptominer Uses Fresh Evasion Techniques (GovInfo Security) Sentinel Labs researchers have identified an updated version of the cryptominer OSAMiner that targets the macOS operating system to mine for monero. The latest
Scam-as-a-Service operation made more than $6.5 million in 2020 (ZDNet) "Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.
Facebook Sees Increase in Users Promoting Violent Events (Bloomberg) Company says it’s working with officials to flag gatherings. Terrorism, cyber experts helping find images calling for harm.
Indelible Discovers New Malfeasant Push Notification Rapidly Growing In Size (GlobeNewswire) PushBug Bypasses Many Security Controls and Missed By Typical Detective and Preventive Measures
New Zealand Central Bank Says Accellion Service at Heart of Cyberattack (SecurityWeek) The Reserve Bank of New Zealand – Te Pūtea Matua – says Accellion’s FTA (File Transfer Application) file sharing service was involved in a security incident disclosed on Sunday.
Internet slows for Melita customers as company faces cyberattack (Times of Malta) Updated 6.20pm
Internet services slowed for Melita customers on Wednesday afternoon as the telecommunications provider faced a cyberattack.
Customers of the country's largest internet provider reported being intermittently unable to load websites or send messages using online services starting...
Updated: Melita services returning to normal after company faces cyber-attack (The Malta Independent) Internet services for Melita customers are returning to normal after they slowed down on Wednesday afternoon following a cyber attack by criminals aiming to extort money. Many customers took
Cyber experts say advice from breached IoT device company Ubiquiti falls short (SC Media) A Ubiquiti NanoStation Wireless Bridge seen in operation. Ubiquiti experienced a breach that may have exposed customer data. (KN6KS/CC BY-NC 2.0) IoT
Brazil fuel distributor Ultrapar interrupts operations after cyber attack (Nasdaq) Brazil's Ultrapar Participações S.A. UGPA3.SA said it halted part of the operations at some of its subsidiaries as a preventative measure after a cyber attack, the fuel distribution company said in a statement.
Shopify Security Breach Exposes More Ledger Customers' Sensitive Data (BeInCrypto) A previous security breach at the e-commerce firm Shopify has exposed sensitive data belonging to some of its Ledger customers of around...
Security Patches, Mitigations, and Software Updates
Strengthening privacy and safety for youth on TikTok (Newsroom | TikTok) At TikTok, we know that creativity and expression are personal. And so is privacy. That's why we empower our community with a range of controls to manage their o
Old, on-premise systems targeted in Hackney ransomware attack (ComputerWeekly) Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology.
Cyber Trends
Cloud Networks: Shifting into hyperdrive (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
2021 Threat Predictions Report (McAfee Blogs) The Year 2020 brought a historic pandemic and bad actors leveraging COVID-19-themed threats to test our security operations and our unprecedented shift to
The Parler Bans Open a New Front in the 'Free Speech' Wars (Wired) Apple, Google, and Amazon booted the site from their own platforms. But who moderates the moderators?
()
The End of Social Media’s ‘View From Nowhere’ (Medium) Trump’s extremism is forcing tech companies to abandon the pretense of political objectivity — for now
Internet 3.0 and the Beginning of (Tech) History (Stratechery by Ben Thompson) The actions taken by Big Tech have a resonance that goes beyond the context of domestic U.S. politics. Even if they were right, they will still push the world to Internet 3.0.
The pandemic ushers in the next era of enterprise cloud adoption (InfoWorld) COVID-19 has pushed global cloud spend up even further, as companies look to modernize at a faster clip in response to more remote working and digital engagement with clients and customers.
Brazil continues to be a hotspot for cybercrime - Accenture (Smart Energy International) Brazil continues to be a hotspot for cybercrime and an estimated $100bn in lost revenue is expected to be recorded by companies by 2023.
Marketplace
Verizon Ventures invests in Vdoo to provide IoT device security (Verizon Ventures) Verizon Ventures welcomes Vdoo to its portfolio. As a leader in product security for embedded software, Vdoo is ushering in a new era of IoT security.
Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors (GlobeNewswire) Connectivity surge in telcos and utilities drives explosive demand for Vdoo’s Product Security Platform
LogRhythm Acquires Threat Detection Platform MistNet (BusinessWire) LogRhythm announces it has acquired MistNet, a cloud-based analytics platform that delivers vast network visibility and accurate threat detection.
CrowdStrike’s Debut Junk Bond Sale Gets $6 Billion in Demand (Bloomberg) Priced at 3%, one of the lowest ever for a first-time issuer. Cybersecurity needs have been high during the pandemic.
Cyware announces follow-on investment as part of its series A funding (Light Reading) Cyware today announced that it received follow-on investment to its Series A funding round.
Ellicott City's Huntress makes first cyber tech acquisition (Baltimore Business Journal) Huntress has acquired a technology and intellectual property portfolio from San Antonio-based startup Level Effect.
Huntress Acquires Cybersecurity Technology; Blends MDR and EDR (MSSP Alert) Huntress acquires network-aware EDR security technology from Level Effect. MSP & MSSP partners to gain blended EDR & MDR capabilities.
()
Scoop: Snapchat will permanently ban Trump's account (Axios) The company said it's taking action in the interest of public safety to ensure Trump can't "spread misinformation, hate speech, and incite violence" on its platform.
YouTube takes down Trump video, bans new uploads for a week (Axios) It's also axing comments throughout his channel.
Twitter CEO defends Trump ban while Telegram purges far-right channels (Computing) The move was necessary but sets a dangerous precedent, says Dorsey
Why Was Parler Shut Down? Here’s Why the Social Network Is Offline (Wall Street Journal) The social-media service popular among Trump backers was taken offline after several vendors it relied on to operate ceased providing support, saying the service violated their content-moderation rules.
Exclusive: Parler CEO says social media app, favored by Trump supporters, may not return (Reuters) Social media platform Parler, which has gone dark after being cut off by major service providers that accused the app of failing to police violent content, may never get back online, said its CEO John Matze.
Lockheed, Boeing, BAE Systems join wave of companies pausing political donations (Defense News) The corporate repercussions of the Jan. 6 assault on Congress continue.
Palo Alto Networks opens Australia cloud location (ComputerWeekly) The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services
Digital Realty Appoints Don Freese As Chief Information Security Officer (Digital Realty) Digital Realty (NYSE: DLR), a leading global provider of cloud- and carrier-neutral data center, colocation and interconnection solutions, announced today the appointment of Don Freese as Chief Information Security Officer.
VMware's Gelsinger takes top job at Intel (CRN) Virtualisation vendor's leader will return to old stomping ground when current CEO Bob Swan departs next month
Evolv Technology Expands Executive Team as Company Accelerates Growth Following Record Year (Evolv Technology) Eric Pyenson & A.J. De Rosa, a pair of executives with proven track records for guiding high-growth digital technology companies join Evolv.
Cybersecurity Vet Robert Carey Joins Cloudera to Lead Government-Focused Business (GovCon Wire) Cloudera (NYSE: CLDR) has appointed Robert Carey, a public sector cybersecurity veteran, as presiden
Introducing James Brear, Our New CEO (Swimlane) If, on the day we put $2,500 in a bank account to start Swimlane, someone told me by today this company would have over 100 employees worldwide, raised tens of millions of dollars, have a global customer base, be recognized across the industry by analysts and partners, and be winning business away from some of the biggest names in security… I don't know that I would have believed them.
Products, Services, and Solutions
Marsh Announces Second Round of Cyber Catalyst Designated Solutions (Marsh) Fifteen cybersecurity solutions have been awarded Cyber Catalyst℠ designations in the second round of the innovative evaluation program.
Ermetic Receives SOC 2 Type I Certification (BusinessWire) This certification validates that the Ermetic platform meets and exceeds the strictest industry standards for security and trust controls.
Ring adds end-to-end encryption to protect your video streams (The Verge) But it comes with some limitations.
Darktrace’s Cyber AI Analyst wins 2021 BIG Innovation award | Cambridge Network (Cambridge Network) Darktrace, the world’s leading cyber AI company, has announced that its Cyber AI Analyst technology has won the 2021 Business Intelligence Group (BIG) Award for Innovation. The annual awards programme recognises the organisations, products and people that bring new ideas to life.
Mastercard introduces Trust Center to help small businesses (IBS Intelligence) Mastercard creates Mastercard Trust Center aimed to help small businesses defend their assets, business and their reputation
New Malwarebytes Integrations Make Security Management, Billing and Licensing of Software Easier Than Ever for Managed Service Providers (Malwarebytes Press Center) Expanded management capabilities through integration with ConnectWise Manage and expansion of OneView cloud console to servers streamlines MSP business operations San Francisco, Calif.
IGEL Launches the UD Pocket2, a Portable Dual Mode USB Device for Secure End User Computing from Anywhere (IGEL) The UD Pocket2, dual mode USB device gives secure, manageable and rapid access to VDI and cloud workspaces for BYOD and work-from-home users on a broader range of x86-64 endpoint devices.
Lumen Enhances Business Operations through Network Orchestration and Automation with Itential (Itential) Itential® today announced a partnership with Lumen Technologies (NYSE: LUMN), effectively driving business transformation through increased productivity, efficiency, and customer experience.
Technologies, Techniques, and Standards
Happy First Birthday, NIST Privacy Framework! (NIST) Grab a cupcake or several—no judgement—and join us in celebrating the first birthday of the
Why cyberinsurance can save your business (TechRepublic) The threat of loss of an entire company from a cyberattack is real. Technology and user education help, but not enough.
Sports teams to get coaching on cybersecurity at NCSC summit (Yahoo) Among those attending the meeting will be 11 Premier League clubs and 35 teams from the English Football League, the NCSC said.
Academia
Home schooling – how to stay secure (Naked Security) Whether you’re new to home schooling or an old hand, it’s worth taking a moment to ensure you’re doing it securely.
Legislation, Policy, and Regulation
UK must be vigilant about China role in infrastructure, says PM (Reuters) Prime Minister Boris Johnson said on Wednesday Britain had to be vigilant about China's involvement in the country's critical infrastructure but added the government should not become Sinophobic.
WSJ News Exclusive | Americans Won’t Be Banned From Investing in Alibaba, Tencent and Baidu (Wall Street Journal) Alibaba, Baidu, and Tencent were among a dozen companies being examined for inclusion in a Defense Department list of firms deemed to support China’s military, intelligence and security services.
Tech Giants Hope for US Data Privacy Law (SecurityWeek) Google, Twitter and Amazon are hopeful that Joe Biden's incoming administration in the United States will enact a federal digital data law, senior company officials said at CES, the annual electronics and technology show.
Biden formally appoints NSA's Anne Neuberger to key national security position (TheHill) President-elect Joe Biden's transition team on Wednesday announced three key national security appointments, including tapping Anne Neuberger, a top official at the National Security Agency (NSA), to serve in a new
Democratic Control Could Break Gridlock On US Privacy Bill (Law360) Democratic Party control of the U.S. Senate raises the chances of federal data privacy legislation passing through the U.S. Congress, but it's unclear whether lawmakers will tackle the issue as a top priority during President-elect Joe Biden's first term, attorneys say.
The Cybersecurity 202: NSA cyber chief Anne Neuberger is heading to the Biden White House (Washington Post) Cybersecurity experts praised the choice of Anne Neuberger to join the Biden administration in a new cybersecurity-focused role at the White House.
Litigation, Investigation, and Law Enforcement
All the Capitol Rioters Should be Tracked Down (Foreign Policy) But not in ways that will only further entrench the surveillance state.
Parler is offline, but violent posts scraped by hackers will haunt users (Washington Post) Parler’s data was easily scraped from its site, a researcher said, as it fell off the Internet this week
Parler Data Hacktivism (Avast) Right-wing social network Parler was taken offline on January 11. But before that happened, online activists scraped and archived all of their data.
Does Trump's Second Impeachment Have Cybersecurity Impact? (BankInfo Security) President Donald Trump has been impeached by the House of Representatives on a charge of inciting an insurrection after a riot at the U.S. Capitol led to the death
Huawei CFO Meng Wanzhou asks Canada court to drop security detail to loosen bail conditions (Reuters) Lawyers for Huawei Chief Financial Officer Meng Wanzhou argued in a court on Tuesday to let her leave home without the security detail that was a condition of her bail since she was released after her December 2018 arrest.
Meng Wanzhou: Bullets sent in mail to Huawei's finance chief (BBC News) Under house arrest in Canada on bank fraud charges, Ms Meng has reportedly received death threats.
()
Fed. Circ. To Keep Sensitive Docs Offline After Data Breach (Law360) The Federal Circuit announced Wednesday that it will require highly sensitive material to be filed via paper copy following the discovery last week that the global SolarWinds software data breach also compromised the federal courts' case management system.