Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline's ransomware incident.
DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks (CISA) This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.
Colonial Pipeline Attack: Lessons Learned for Ransomware Protection (Verve Industrial) How to leverage lessons learned from the Colonial Pipeline ransomware attack to prepare for cyber-related threats in oil & gas.
CISA Lacks Key Data On Colonial Pipeline Hack (Breaking Defense) CISA and FBI issue a joint advisory on DarkSide ransomware. "There is no immediate mission impact" from fuel shortage on DoD, a Pentagon spokesman said. Colonial temporarily restored operations between North Carolina and Maryland last night. Russia denies involvement. DarkSide's business model complicates attribution.
The Cybersecurity 202: Officials call for greater TSA accountability after Colonial Pipeline cyberattack (Washington Post) Concerns about the security of America's pipelines have roiled Washington since a major pipeline providing 45 percent of the East Coast's fuel was taken offline Friday after a cyberattack. The incident has highlighted the vulnerabilities in America's aging infrastructure, a problem officials and experts say has been worsened by a lack of cybersecurity regulations.
Protecting Critical Infrastructure: Colonial Pipeline, DarkSide, and Ransomware (Fortinet Blog) Cybercriminals known as DarkSide gained access to the US Colonial Pipeline network in a ransomware attack. Learn about the details to date from the FortiGuard Labs team and next steps to take to de…
Shining a Light on DARKSIDE Ransomware Operations (FireEye) The creators of DARKSIDE ransomware and their affiliates have launched a global crime spree affecting organizations in more than 15 countries and multiple industry verticals.
DarkSide Ransomware Links to REvil Group Difficult to Dismiss (Flashpoint) Strong indicators tie ransomware group "DarkSide" to another Russian variant “REvil” RaaS operation, including much of the underlying code.
A Closer Look at the DarkSide Ransomware Gang (KrebsOnSecurity) The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on…
How a Key U.S. Pipeline Got Knocked Out by Hackers (Washington Post) One of the most important energy pipelines in the U.S. has been closed by a cyberattack. Colonial Pipeline -- a critical source of supply for the New York region -- was the victim of the biggest ransomware attack on a U.S. fuel pipeline and halted all operations on its system late Friday. It’s the latest such attack on U.S. critical infrastructure.
Meet DarkSide, the ransomware gang blamed for the Colonial Pipeline attack (CyberScoop) The cybercriminal syndicate accused of causing one of the largest U.S. pipeline operators to shut down is known for running an enterprise that vets criminal customers and avoids targeting Russian-speaking organizations, according to analysts who have tracked the group.
Colonial Pipeline Cites Progress As Biden Administration Responds To Cyber Attack (Forbes) Colonial Pipeline cited progress Tuesday night in recovering from last Friday’s cyber attack that forced the shutdown of 5,500 miles of their pipelines. Ironically, the company’s main website was also out of service temporarily.
U.S. Government works to combat the worst cyber attack on American infrastructure (KTIV) Several government agencies are working to undo the damage caused by a weekend cyber attack that forced the shutdown of a massive pipeline carrying nearly half the fuel used by the East Coast.
CYBERSECURITY: Pipeline hackers wear a 'bull's‑eye.' Will Biden act? (E&E News) The hackers who shut down half the fuel supplies to the U.S. East Coast said they just wanted "to make money."
Assessing Whether a Nation-State Had a Role in Pipeline Attack (BankInfo Security) Tom Kellerman of VMware Carbon Black shares his opinions about whether a nation-state was behind the recent ransomware attack on Colonial Pipeline and what the U.S.
How cyberattack on major US pipeline has become a diplomatic issue between US and Russia (ThePrint) Shutdown of largest US gasoline pipeline underscores how vulnerable the country’s cyber infra is to criminals & national adversaries like Russia, China and Iran, say experts.
Colonial Pipeline cyber attack and the high stakes for Biden, business world relationship (CNBC) The Colonial Pipeline hack is an example of why it's critical the federal government and business world create a deeper cybersecurity defense relationship.
Colonial Pipeline attack underscores US energy's vulnerability (TheHill) The ransomware attack on Colonial Pipeline, the largest supplier of oil to the Northeast region of the United States, is underscoring just how vulnerable critical U.S.
Why is the energy industry prone to cyber attacks? (The National) Globally, around 61% of companies surveyed by Mimecast said they were affected by a ransomware attack
The Colonial Pipeline cyberattack – Did IT/OT convergence contribute to the attack (Control Global) Many people are talking about the need to regulate pipelines for cyber security.
Colonial Pipeline attack embodies security risk to nation's critical infrastructure (Construction Dive) Security experts warned for years about attacks against critical infrastructure, but one analyst called this the most brazen yet.
What does the Colonial Pipeline cyber attack mean for Texas’ economy? (KXAN Austin) A prolonged shutdown of the Colonial Pipeline — shuttered after falling victim to a ransomware attack on Sunday — could send ripple effects through the Texas economy, according to energy experts.…
Cyberattack on US pipeline could affect gas prices (MyStateline.com) TAMPA, Fla. (WFLA) — A cyberattack on a vital U.S. pipeline is threatening to send gas prices skyrocketing across the country. The Georgia-based Colonial Pipeline was forced to shut down the pipeli…
Colonial Pipeline Cyberattack Could Boost Security Stocks (Barron's) Stocks like CrowdStrike Holdings, Okta, Palo Alto Networks, and Zscaler could benefit, says RBC Capital's Matthew Hedberg.
Shares Of Cybersecurity Firms Up As Colonial Pipeline Attack Reveals Challenges (Investing.com) Shares Of Cybersecurity Firms Up As Colonial Pipeline Attack Reveals Challenges
Energy secretary: No need to hoard gasoline amid pipeline shutdown (ABC News) Energy Secretary Jennifer Granholm said the Colonial Pipeline "should be substantially operational by the end of this week and over the weekend.”
Attacks, Threats, and Vulnerabilities
WiFi devices going back to 1997 vulnerable to new Frag Attacks (The Record by Recorded Future) A Belgian security researcher has discovered a series of vulnerabilities that impact the WiFi standard, with some bugs dating back as far back as 1997 and affecting devices sold for the past 24 years.
TeaBot, a new Android malware targeting banks in Europe (Cleafy) TeaBot, a new Android malware targeting European banks, has been discovered in Italy by the threat intelligence team of Cleafy: here's the technical analysis.
Security Report: Insecure Protocol Usage Exposes Organizations to Cybersecurity Risk (Extrahop) As organizations around the world have learned the hard way in recent years, insecure protocols with known vulnerabilities expose your business to serious cyber risk. But even in the wake of costly events like WannaCry and NotPetya, many organizations still allow—knowingly or unknowingly—insecure and deprecated protocols to run in their environments.
Adobe: Windows Users Hit by PDF Reader Zero-Day (SecurityWeek) Adobe warns that a "priority 1" security vulnerability (CVE-2021-28550) has been exploited in the wild in “limited attacks targeting Adobe Reader users on Windows.”
XcodeGhost Malware Discovered in 2015 Impacted 128 Million iOS Users (SecurityWeek) Documents submitted in a court case involving Apple revealed that the XcodeGhost malware discovered in 2015 impacted 128 million iOS users.
EPHEMERAL LOCKPICKER – Malware Fuels Novel Intrusion Lifecycle (Kroll) EPHEMERAL LOCKPICKER is a PowerShell toolkit with simple but effective backdoors that precedes LuckyDay ransomware delivery. Learn more
Subscribe Now: A Subscription to Phishing (Avanan) A spoofed subscription notice leads to a credential harvesting site.
Apple AirTag jailbroken already – hacked in rickroll attack (Naked Security) Ooooh, look! A shiny button-like object!
Zix tricks: Phishing campaign creates false illusion that its emails are safe (SC Media) A credentials phishing campaign was found to leverage Zix, in hopes that potential victims would be lulled into a false sense of security.
eBook: Executive Impersonations - Characteristics and Trends (GreatHorn) Download the eBook to understand today's data and trends around executive impersonations - a prominent example of BEC attacks.
Security at risk as PC users continue to use end-of-life Windows 7 (Security Brief) Updating your OS is an essential element of security that should not be overlooked.
Nearly all Microsoft 365 customers have suffered email data breaches (TechRadar) 85% of Microsoft 365 business customers affected
Aqua Security Researchers Discover 90% of Companies Are Vulnerable to Security Breaches Due to Cloud Misconfigurations (Aqua) Latest research from Team Nautilus reveals majority of organizations fail to fix cloud misconfiguration issues in a timely manner
Energy Tech Firm Hit in Ransomware Attack (Wall Street Journal) Volue, a Norwegian company that provides technology to European energy firms, is working to restore critical software services to customers after a ransomware attack.
Beyond Colonial Pipeline, Ransomware Cyberattacks Are a Growing Threat (Wall Street Journal) The cyberattack that knocked offline an essential U.S. gasoline pipeline shows how the dangerous, professional-scale hack-for-ransom threat is spreading rapidly.
Ransomware tracker: Threat groups focus on vulnerable targets (The Record by Recorded Future) As the recent attack against Colonial Pipeline shows, ransomware groups consider just about any organization to be fair game.
The New Ransomware Threat: Triple Extortion (Check Point Software) Global surge in ransomware attacks hits 102% increase this year compared to the beginning of 2020, and shows no sign of slowing down Number of
Now ransomware is inundating public school systems (Secuirity Magazine) Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is paid. Few, however, are aware that ransomware is targeting a new set of highly vulnerable victims en masse. In recent months, the majority of successful ransomware attacks have struck K-12 schools nationwide, casting a whole new light on the number of Americans highly susceptible to a cyberattack.
FBI warns of cybercriminals abusing search ads to promote phishing sites (The Record by Recorded Future) The Federal Bureau of Investigation says that cybercrime gangs are using search results and search engine ads to lure victims on phishing sites for financial institutions in order to collect their login credentials.
Lessons learned from the iPhone call recording app vulnerability (Security Magazine) News quickly spread about a vulnerable call recording app for iPhone named “Call Recorder,” or “Acr call recorder,” as its listing in the Apple App Store states.
Ransomware gang leaks data from Metropolitan Police Department (BleepingComputer) Babuk ransomware operators have leaked what they claim are personal files belongin to police officers from the Metropolitan Police Department after negotiations went stale.
Scripps Health patients frustrated after May 1 cyber attack (cbs8.com) Scripps Health is saying very little about its security measures and only issued a written statement saying the network outage was caused by malware.
Hackers Stole Data On Nearly 200,000 Veterans Seeking Disability Benefits (Forbes) The database, Fowler discovered, belonged to North Carolina-based United Valor Solutions.
Security Patches, Mitigations, and Software Updates
May 2021 Security Updates (Microsoft Security Response Center) This release consists of security updates for the following products, features and roles.
Adobe Security Bulletin (Adobe) Security update available for Adobe Acrobat and Reader | APSB21-09
Zero Day Initiative — The May 2021 Security Update Review (Zero Day Initiative) It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microsoft are released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patches for May 2021 For May, Adobe released
Microsoft Patch Tuesday: 55 Vulnerabilities, 4 Critical, 3 Publicly Known (SecurityWeek) Microsoft’s monthly security patch release for May 2021 includes cover for 55 documented vulnerabilities, some serious enough to expose Windows users to remote code execution attacks.
Microsoft's Security Patches for May Address 55 Vulnerabilities (Redmondmag) Just four CVEs were described as 'Critical' in severity. Also included in the May bunch were patches for 50 'Important' vulnerabilities, plus one deemed 'Moderate.'
SAP Security Patch Day May 2021 (Onapsis) SAP® has released 14 new and updated SAP Security Notes on its May 2021 patch release, including the notes that were released since last Patch Day. As part of this month’s patch release, there are three HotNews notes and three High Priority notes.
Siemens Addresses 60 Vulnerabilities Introduced by Third-Party Components (SecurityWeek) Siemens has released over a dozen advisories for May 2021 Patch Tuesday and they address 60 vulnerabilities introduced by third-party components.
Siemens Industrial Products (Update M) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Industrial Products
Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption
2.
Siemens Products using TightVNC (Update A) (CISA) 1. EXECUTIVE SUMMARY
--------- Begin Update A Part 1 of 5 ---------
This advisory was previously released with a set of Siemens products considered to be affected. Following further investigation by the Siemens’ team, it was determined all products previously advised are not affected by any vulnerability listed in this advisory or Siemens Security Advisory SSA-478893
Mitsubishi Electric GOT and Tension Controller (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric Corporation
Equipment: GOT and Tension Controller
Vulnerability: Out-of-bounds Read
2.
Siemens SIMARIS Configuration (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.4
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMARIS configuration
Vulnerability: Incorrect Default Permissions
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-040-08 Siemens SIMARIS configuration that was published February 9, 2021, on the ICS webpage on us-cert.cisa.gov.
Siemens SCALANCE and SIMATIC libcurl (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE and SIMATIC
Vulnerability: Out-of-bounds Read
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-068-10 Siemens SCALANCE and SIMATIC libcurl that was published March 9, 2021, on the ICS webpage on us-cert.cisa.gov.
Siemens TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC3220, SENTRON PAC4200
Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write
2.
Siemens SIMATIC S7-1500 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: SIMATIC S7-1500 CPU 1518F-4
Vulnerabilities: Improper Initialization, Improper Restriction of Operations within the Bounds of a Memory Buffer
2. RISK EVALUATION
Successful exploitation of these Intel product vulnerabilities could allow unauthorized privilege escalation.
Siemens SCALANCE W1750D (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SCALANCE W1750D
Vulnerabilities: Improper Authentication, Classic Buffer Overflow, Command Injection, Improper Input Validation, Race Condition, Cross-site Scripting
2.
Siemens SINAMICS Medium Voltage Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.7
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SINAMICS Medium Voltage Products
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain full remote access to the HMI.
Siemens SIMATIC SmartVNC HMI WinCC Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SIMATIC HMIs/WinCC Products
Vulnerabilities: Access of Memory Location After End of Buffer, Improper Handling of Exceptional Conditions, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Resource Consumption
2.
Siemens SIMATIC UltraVNC HMI WinCC Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC HMIs/WinCC Products
Vulnerabilities: Improper Initialization, Out-of-bounds Read, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Access of Memory Location After End of Buffer, Improper Null Termination
2.
Siemens SCALANCE XM-400 and XR-500 Devices (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SCALANCE XM-400, XR-500
Vulnerability: Incorrect Calculation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to create a permanent denial-of-service condition.
Siemens Mendix Excel Importer Module (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mendix, a subsidiary of Siemens
Equipment: Mendix Excel Importer Module
Vulnerability: Generation of Error Message Containing Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability could expose information to unauthorized parties.
Siemens Tecnomatix Plant Simulation (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Tecnomatix Plant Simulation
Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could lead to arbitrary code execution.
Siemens SIMATIC NET CP343-1 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC CP343-1 devices
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service condition.
Siemens SNMP Implementation of WinCC Runtime (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SNMP Implementation of WinCC Runtime
Vulnerability: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of this vulnerability could crash the SNMP service and require a manual restart of the device to resume operation of the service.
Siemens Mendix Database Replication Module (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Mendix Database Replication Module
Vulnerability: Generation of Error Message Containing Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information.
Siemens SINAMICS Medium Voltage Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.7
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SINAMICS Medium Voltage Products
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain full remote access to the HMI.
Siemens Linux Based Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.4
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: Linux based products
Vulnerability: Use of Insufficiently Random Values
2. RISK EVALUATION
Successful exploitation of this vulnerability could compromise confidentiality and integrity.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Siemens Linux based products are affected:
Mitsubishi Electric GOT and Tension Controller (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Exploitable remotely
Vendor: Mitsubishi Electric
Equipment: GOT and Tension Controller
Vulnerability: Buffer Access with Incorrect Length Value
2. RISK EVALUATION
Successful exploitation of this vulnerability may be able to stop the communication function of the products, requiring a reset to regain functionality.
Omron CX-One (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Omron
Equipment: CX-One
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow arbitrary code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of CX-One, an automation software suite, are affected:
Trends
2021 Global Threat Intelligence Report (NTT) We are reminded that in a world of evolving cyberthreats, we need to stay ahead of the curve to secure the next horizon of cyber resilience. Read more
NTT Global Threat Intelligence Report 2021 (NTT) We believe that technology can help meet heightened customer expectations.
Elevate Security and Cyentia Institute Launch First Annual Study on Employee Cybersecurity Risk in the Workplace, Finds Current Solutions Do Little to Reduce Human Error (Elevate Security) Report examines real world attack data behind cybersecurity’s biggest unsolved problem; security training has no significant effect at organizational level, increasing simulation exercises can be counterproductive
Elevating Human Attack Surface Management (Elevate Security) Every year, enterprises spend millions on security technology and training - only to be caught on the hamster wheel of responding to incidents caused by recurrent human errors. Incredibly, human error has played a role
Security Incident Response (Red Canary) Organizations need to implement a structured, detailed, and well-practiced incident response plan. Will you be ready if a security incident occurs?
Facebook is observing a 'steady growth' in disinformation-for-hire services (CyberScoop) A surge in disinformation campaigns outsourcing operations to firms to meddle in local politics is raising content moderation questions.
HP Wolf Security Study Reveals Growing Cyber Security Risk Driven by Remote Work (HP Inc.) HP Inc. released its HP Wolf Security Blurred Lines & Blindspots Report, a comprehensive global study assessing organizational cyber risk in an era of remote work.
Vulcan Cyber Research Reveals Most Enterprise Cyber Security Teams Lack the Ability to Remediate Risk (Vulcan) Benchmark study finds most cyber security organizations lack the tooling and resources to remediate risk and deliver enterprise cyber hygiene
CEOs and CISOs Doubling Down on Cybersecurity, Converged Approaches, According to WSJ Intelligence and Forcepoint Survey (PR Newswire) Global cybersecurity leader Forcepoint, in partnership with WSJ Intelligence, today revealed that enterprise leaders who previously viewed...
2021 Voice of the CISO Report (Proofpoint) There's no question that 2020 was a challenging year. The pandemic placed an enormous strain on the global economy, and cyber criminals took advantage of that and accelerated their nefarious activities.
Cryptocurrency: Adoption and Consumer Sentiment, 2021 (Security.org) Written by: Aliza Vigderman | May 11th, 2021 This year, cryptocurrencies have received more media attention and seen higher trading volume and prices. In addition, topics such as safety, liquidity and volatility have been hotly debated across cable news channels, message boards and family dinner tables. The purpose of this report is to understand the … Continued
Marketplace
As Ransomware Proliferates, Insuring for It Becomes Costly and Questioned (Wall Street Journal) With hackers seeking out companies with cyber insurance, insurers are pulling back and jacking up premiums as attacks show no sign of abating.
XSOC CORP Emerges from Stealth and Launches Four Foundational Patent Pending Cryptographic Systems Built to Secure Critical Data Today and Long Into The Future (BusinessWire) XSOC CORP Emerges from Stealth and Launches Four Foundational Patent Pending Cryptographic Systems to Secure Critical Data Today and Into The Future
Cycode raises $20M to secure DevOps pipelines (TechCrunch) Israeli security startup Cycode, which specializes in helping enterprises secure their DevOps pipelines and prevent code tampering, today announced that it has raised a $20 million Series A funding round led by Insight Partners. Seed investor YL Ventures also participated in this round, which bring…
DevOps Security Startup Cycode Raises $20 Million (SecurityWeek) Cycode, an Israeli startup focused on securing DevOps tools, has raised $20 million in Series A funding.
SecureLink Acquires Leading Data Governance Company Maize Analytics (GlobeNewswire) Maize Analytics' machine learning capabilities strengthens SecureLink’s ecosystem of third-party remote access and security solutions
Cybersecurity startup Panaseer raises $26.5M Series B led by AllegisCyber Capital (TechCrunch) Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding led by AllegisCyber Capital. Existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor Nationa…
Panaseer raises $26.5m in series B funding to solve cybersecurity's biggest challenge (Yahoo Finance) Panaseer, the first Continuous Controls Monitoring platform for enterprise security, today announces it has secured $26.5 million in series B funding. The financing round was led by AllegisCyber Capital with participation from existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor, National Grid Partners. Panaseer's total funding to date is now $43m.
HelpSystems Acquires Beyond Security to Continue Expansion of Cybersecurity Portfolio (HelpSystems) Vulnerability management platform identifies cybersecurity problems, building on strong infrastructure protection suite
San Jose startup SiMa.ai has raised $80M to develop its machine learning chips (Silicon Valley Business Journal) Chip designer SiMa Technologies Inc. has raised $80 million in new funding.
Microsoft outlines plan to store European cloud data in the EU (Computing) Engineering work to redesign the cloud has already started, according to the company
Lumen Wins U.S. Navy JAG Connectivity Contract (PR Newswire) Lumen Technologies (NYSE: LUMN) announced today it recently won a task order to provide secure high-speed connectivity, WiFi, unified...
Is the Avast share price one of the best FTSE 100 opportunities right now? (Yahoo) Jabran Khan explores whether the current Avast share price could be one of the best FTSE 100 opportunities for his portfolio right now. The post Is the Avast share price one of the best FTSE 100 opportunities right now? appeared first on The Motley Fool UK.
Onfido reaches new heights with company’s best quarterly revenue earnings to date (Onfido) 93% increase in year-over-year revenue. Alex Valle joins company as Chief Product Officer
Skybox Security Wins Best Vulnerability Management Solution (PR Newswire) Skybox Security, a global leader in security posture management, today announced it won Best Vulnerability Management Solution at the 2021 SC...
Axis Security Named to Inc. Magazine's Best Workplaces 2021 (PR Newswire) Axis Security, the leader in Zero Trust Network Access (ZTNA), has been named to Inc. magazine's annual list of the Best Workplaces for 2021....
Frost & Sullivan Names BlackBerry an Innovator in Healthcare Cybersecurity (BlackBerry) BlackBerry Limited (NYSE: BB; TSX: BB) today announced Frost & Sullivan has named BlackBerry an innovator in its latest US Healthcare Cybersecurity Market report. Frost & Sullivan studied over fifty companies and the top cyber threats as the basis for its report. BlackBerry also announced University Health Network (UHN) has selected BlackBerry Spark® to protect its entire public research and teaching hospital network.
Neustar’s Michael Kaczmarek Named a Ponemon Fellow (BusinessWire) Neustar’s Michael Kaczmarek named a Ponemon Fellow
Trusona Announces Two Strategic Additions To Advisory Board (PR Newswire) Trusona, the pioneering leader in passwordless identity authentication, today announces the strategic appointment of two new members to the...
VMware promotes Raghu Raghuram to be its new CEO (Silicon Valley Business Journal) Raghu Raghuram has been with the Palo Alto-based company for nearly 18 years, most recently as chief operating officer of its products and cloud services.
Products, Services, and Solutions
TokenEx Achieves Rigorous ISO/IEC 27001:2013 Certification (Tokenex) TokenEx, a leader in protecting the world's most sensitive data, achieves rigorous ISO/IEC 27001:2013 certification for its Cloud Data Protection Platform
Exabeam Reinvents Security Analytics with Fusion XDR and Fusion SIEM Cloud Products to Address Security at Scale (BusinessWire) Exabeam, the security analytics and automation company, today announced Exabeam Fusion XDR and Exabeam Fusion SIEM, two new powerful cloud-delivered s
Horizon Controls Group Partners With Verve Industrial (GlobeNewswire) New Agreement Improves Operational Technology Security Posture for Pharmaceutical Clients Wrestling With Expanding Threat Landscape
New SecurID Enhancements Accelerate Your IAM Journey to the Cloud (BusinessWire) May 11, 2021 - SID at Gartner IAM
CloudKnox Joins AWS ISV Accelerate Program (BusinessWire) CloudKnox Security announced that it is joining the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program.
Owl Cyber Defense Announces the Release of IXD - The World’s First Industrial Cross Domain Solution (GlobeNewswire) Technology represents revolutionary cybersecurity development for industrial and critical infrastructure networks
Fugue Announces IaC Security for AWS CloudFormation in Regula, the Open-Source Policy Engine (Fugue) Teams can now use Regula to secure their AWS CloudFormation and Terraform configurations prior to deployment—and apply those same rules to running cloud environments using Fugue.
Menlo Security Working with Child Cyber Safety Expert to Educate Parents and Students About Staying Safe Online (BusinessWire) Social media is the least trusted platform for children according to 55 percent of respondents to an online poll1 about cyber parenting run by Menlo S
InfoSec Global and Airbus Announce Strategic Partnership to Enhance Cybersecurity Through Cryptographic Agility Management (PR Newswire) InfoSec Global Schweiz, a pioneer and leading provider of cryptographic agility management solutions, and Airbus Defence and Space and Airbus...
Cobalt Iron Compass Now Supports Google Cloud Platform Virtual Machine Snapshots (BusinessWire) Cobalt Iron Compass now supports Google Cloud Platform virtual machine snapshots.
DexProtector's Arrival on Bitrise a Vital Step Toward Safer Mobile Apps (PR Newswire) Licel has announced that its product, DexProtector, is now a Verified Step on Bitrise. That means developers using the Bitrise platform can...
Infosim® and MTN Group formalize partnership to ensure network quality and availability with StableNet® (unn | UNITED NEWS NETWORK GmbH) Infosim® GmbH & Co. KG and MTN Group, together with its Operating Company (OpCos) MTN-Nigeria Communications PLC, have announced a...
BenQ Joins Microsoft's Azure Certified Device Program to Help Businesses Find the Right Device to Support IoT Goals (InGear) BenQ's CP Series DuoBoard is Now an Azure Certified Device, Validating Its Exceptional Performance and Compatibility With Azure's Cloud Services
Enya Launches Public Testnet of OMGX - OMG Network's Next-Generation Ethereum Scaling Solution (PR Newswire) Enya, a leading provider of software frameworks for privacy-preserving computation, in partnership with OMG Network, a pioneer in Ethereum...
iboss Introduces Industry-First SASE Cloud Offering Based on Unlimited (PRWeb) iboss, the leading Secure Access Service Edge (SASE) cloud security provider, today announced the availability of an industry-first “unlimited” license package that al
Acuant Strengthens Anti-Money Laundering and Cryptocurrency Compliance Solutions with Blockchain Analysis Leader Chainalysis (GlobeNewswire) Acuant, the global trusted identity platform for fraud prevention and AML compliance, today announced its partnership with Chainalysis, the blockchain analysis company, to help financial institutions and cryptocurrency businesses assess risk, automate workflows, safeguard against illicit transactions and protect their reputations with superior Anti-Money Laundering (AML) solutions.
Okta and TWOSENSE.AI Join Forces on the Future of Identity Security: Continuous Authentication (TWOSENSE.AI) TWOSENSE.AI provides software-based continuous authentication in the workplace, for better security with better productivity. We provide Continuous Identity Assurance, with the goal of automating human effort and human error out of Identity Security completely.We’ve been working wit
FacePhi Biometría S A : Revelock and FacePhi team up to boost banks' fraud defenses with continuous biometric user verification (MarketScreener) Partnership to provide users uninterrupted fraud protection throughout their entire online or mobile banking journeys based on digital onboarding with document verification and authentication...
NEC Corp. Launches NEC National Security Systems (WashingtonExec) NEC Corp. of America has launched its newest company, NEC National Security Systems, Inc., a Foreign Ownership, Control or Influence-mitigated subsidiary
Progress Releases MOVEit 2021 with Advanced Security, Usability and Integration Capabilities (GlobeNewswire) New release makes it easier than ever to securely share sensitive files across more systems
Sonobi Partners with HUMAN (Formerly White Ops) to Safeguard Platform from Sophisticated Bot Fraud (PR Newswire) Sonobi, an ad-tech company that enables premium publishers and buyers to directly collaborate and build consumer-focused campaigns, announced...
DigiCert Now Automates Security Certificate Management (eWEEK) New Automation Manager from DigiCert automates certificate management to help companies stop outages caused by certificate expiration.
Microsoft, Darktrace Partner For Cloud Security (PYMNTS) With concerns over sensitive data on the rise, Microsoft is linking up with cybersecurity company Darktrace to offer AI-based defense.
HP Introduces Hybrid Work Print Solutions with HP Wolf Security (HP Inc.) HP Inc. announced enhanced print services and solutions with HP Wolf Security that allow IT departments to help boost workforce productivity while also helping to protect corporate networks and data[1]. As part of these enhancements, HP today introduced a new Flexworker offering, Internet Printing through HP Advance[2] and HP Secure Print[3] compatibility for Universal Print from Microsoft.
HP Inc. Introduces Integrated Security Offering (HP Inc.) HP Inc. introduced HP Wolf Security, a newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services to protect customers from growing cyber threats.[3]
Moody’s and Team8 Announce Investment in VisibleRisk as It Launches Cyber Rating (BusinessWire) Moody’s Corporation (NYSE:MCO) and Team8, a global venture group, today announced the completion of a $25 million investment in VisibleRisk, a joint v
NetSTAR Announces Enhancements to WebApp Compass Application Categorization Solution (PR Newswire) NetSTAR, the global leader in OEM integrated solutions for web categorization and threat intelligence, announced today the global availability...
ZeroNorth Introduces Rapid Integration Connector to Support Broad Range of AppSec and Security Scan Tools (ZeroNorth) ZeroNorth, the only company to unite security, DevOps and the business for the good of software, today introduced its Rapid Integration Connector, which allows customers to integrate data from a wide range of application security (AppSec) tools into the …
Venafi Announces Groundbreaking Machine Identity Management Solution That Leverages Intel Software Guard Extensions (BusinessWire) Combined solution protects private keys when they are distributed to cloud services or used in runtime, even in untrusted, shared cloud environments.
Salt Security Enhances Developer Insights on Industry’s Only Full Lifecycle API Security Platform (Salt) Salt augments existing “shift left” features to provide more remediation insights earlier in the API lifecycle to help organizations better secure their API-driven applications
CyberGRX Attack Scenario Analytics to Provide Critical Cyber Defense Insights (BusinessWire) CyberGRX introduces new Attack Scenario Analytics capability that provides additional context to risk findings
CybelAngel Expands Cloud Coverage for Data Breach Prevention (BusinessWire) CybelAngel announced the most comprehensive Data Breach Prevention in the Cloud service, detecting data leaking from the top Cloud storage providers
Technologies, Techniques, and Standards
Why Automation and Zero Trust Go Hand-in-Hand (Security Intelligence) Enabling zero trust can come with a logistical nightmare. Take a look at how automation can help overcome some of those hurdles.
What is the value of better data in third-party risk assessments? (RiskRecon) RiskRecon has teamed with the Cyentia Institute to examine what models produce the most useful data for third-party cyber risk assessments.
3 Cybersecurity Myths to Bust (Dark Reading) Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks.
When the adversarial view of the attack surface is missing, DX becomes riskier (Help Net Security) Digital transformation has lots of uncontrolled change. Roughly 63% of IT leaders are not confident in their ability to operate securely.
Design and Innovation
Treasury Seeks Info on Online Blockchain Transaction Tracking Tools (GovCon Wire) Looking for the latest GovCon News? Check out our story: Treasury Seeks Info on Online Blockchain Transaction Tracking Tools. Click to read more!
RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment (The Last Watchdog) By patiently slipping past the best cybersecurity systems money can buy and evading detection for 16 months, the perpetrators of the SolarWinds hack reminded us just how much heavy lifting still needs to get done to make digital commerce as secure as it needs to be. Related: DHS launches 60-day cybersecurity sprints Obviously, one change […]
Academia
NSA Congratulates the NCF on their 25th Anniversary and Announces Partnership (Homeland Security Today) This year marks the 25th Anniversary for the National Cryptologic Foundation (NCF), formerly known as the National Cryptologic Museum Foundation. In celebration of this silver jubilee, the National Security Agency (NSA) is announcing a commitment to strengthen our partnership with the NCF with a focus on increasing educational and public engagement opportunities centered on cybersecurity.
Cybersecurity program graduates first students (Virginia Tech) The program, known as BIT-Cyber, is a specialty in the business information technology major in the Pamplin College of Business. A hallmark of the program, launched in fall 2019, is its requirement of an extended field study or internship in the final semester to help prepare students for the workplace.
CloudCover donates $500,000 to name Global Cybersecurity Institute conference center (RIT) Event and discussion space dedicated to sharing latest in cybersecurity technology
Acronis Cyber Foundation expands footprint to Peru, opening its first computer classroom in the area (Acronis) For information about Acronis and Acronis' products or to schedule an interview, please send an email or get through to Acronis' representative, using media contacts.
Legislation, Policy, and Regulation
All the tech within the 2021 Australian Budget (ZDNet) Here's a summary of the Australian government's digital economy strategy, as well as the rest of the tech-related investments made as part of the 2021-22 federal Budget.
China Threatens Retaliation Against Ericsson if Sweden Doesn’t Drop Huawei 5G Ban (Wall Street Journal) Beijing is giving Sweden one last chance to reverse its ban on telecommunications-equipment giant Huawei before it could retaliate against rival Ericsson.
U.S. Agrees to Remove Xiaomi From Blacklist After Lawsuit (Bloonberg) U.S. to vacate order designating company as military-linked. Xiaomi had sued U.S. government following the Trump order.
The Colonial Pipeline ransomware attack and the SolarWinds hack were all but inevitable – why national cyber defense is a ‘wicked’ problem (GCN) Recognizing that hackers in the service of foreign adversaries are dedicated, thorough and not constrained by any rules is important for anticipating their next moves and reinforcing and improving U.S. national cyber defenses.
Senators Want FISMA Changes on Cyberattack Reporting (Meritalk) The chairman and ranking member of the Senate Homeland Security and Governmental Affairs Committee said today they are interested in changing the Federal Information Security Management Act (FISMA) to make sure that Congress gets timely notifications about major cyberattacks that have a national impact.
Senators discuss federal cybersecurity following SolarWinds hack (KHON2) A ransomware attack and shutdown of the largest fuel pipeline in the U.S. has led to panic at the pump over fears of shortages and gas price increases.
CISA's Wales backs new response, recovery fund (FCW) Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, said the funding would go toward expanding CISA's incident response teams with additional contractors and developing new technologies to be used by those teams.
SolarWinds Opened the Door for Cybersecurity Culture Overhaul at DHS (Government CIO) DHS and CISA want to lead the federal register and private industry by example.
Congress mulls $500 million in grants to help states upgrade cybersecurity (Roll Call) The money would help state and local governments, under frequent attack, upgrade their equipment and cybersecurity.
Gov't May Lean On Private Sector To Stop Next Critical Hack (Law360) Convincing private businesses to open up to the government about cybercrime could be key in preventing future hacks of U.S. critical infrastructure, a risk underscored by a ransomware attack that has shuttered one of the nation's largest fuel pipelines.
FTC To Lean On State AGs After High Court Ruling, Head Says (Law360) The Federal Trade Commission is planning to partner "more frequently and more enthusiastically" with state attorneys general to press consumer protection and privacy enforcement actions in the wake of a recent U.S. Supreme Court ruling that slashed the FTC's ability to pursue monetary relief from lawbreakers, the agency's acting chair said Tuesday.
Space Force Looks to Boost Cyber Defenses of Satellites with Acquisition Reorganization (Air Force Magazine) The restructuring of Space Force acquisition authorities is designed in part to ensure proper cybersecurity testing and monitoring of new programs.
Litigation, Investigation, and Law Enforcement
'We owe this to our people': Lawmakers want answers on directed-energy attacks (POLITICO) Lawmakers want the Biden administration to figure out who is behind the directed-energy attacks and properly care for victims.