The recent boom in cyber-attacks is a reminder that we face increasingly sophisticated malicious adversaries. This can make understanding the risks to your attack surface feel overwhelming.
Not to worry! Read our latest e-book to learn what approaches your organization can take to manage your attack surface and better protect your organization from adversaries.
We're celebrating Independence Day at the CyberWire with a special discount on CyberWire Pro. Tune into tomorrow's episode of the CyberWire Daily podcast to find out how to redeem this offer. Stay cyber-aware by becoming a CyberWire Pro subscriber and get access to all of our public podcasts ad-free as well as our exclusive Pro podcasts, briefings, articles, and events.
Digital Shadows this morning updated its account of Amunet, an English-language cybercriminal forum launched in January 2022. Researchers have discovered a roadmap for 2022 on Amunet, explaining how the site plans to branch out as the year progresses. The roadmap highlights the January launch, followed by an intended launch of a “Leaks Circle,” in March, described as a “project for visualization of leaked sources,” which has not been identified by researchers. This is followed by the intent to launch their own cryptocurrency in May 2022, which has not been seen in the forum as of June, barring one post in early May explaining that those who shared leaked databases would earn forum credits that can be exchanged for cryptocurrency. In July 2022, the forum is anticipated to see the addition of a “Leaks Detector” that checks for “emails and corporate domains” in leaked databases. The final stop on the roadmap is set for October 2022, coined as a “Time-Back-Machine,” which is described as “A couple of hacking forums [...] returned as snapshots for public observation.”
While researchers regard Amunet in its current state as unremarkable when compared to other fora, these intended upgrades could be enough to lure threat actors into using it. The observations also provide an interesting perspective on how criminal groups try to differentiate themselves in the C2C market.
Avast has published a study of the way in which teenagers are earning money in the criminal-to-criminal cyber underworld market. The researchers found a malware-as-a-service family whose operators spent a lot of time on Discord and seemed to have an unusual set of interests. The criminal vendors offered some of the usual wares (info stealers, cryptojackers, ransomware, password scrapers, etc.) but their hearts appeared to be elsewhere. Their offerings instead emphasized "features like stealing gaming accounts, deleting Fortnite or Minecraft folders, or repeatedly opening a web browser with Pornhub." That is, Avast points out, the puerile stuff you'd expect from teenagers. It's a side hustle, done for pocket money and for the lulz, but it remains criminal nonetheless.
Killnet, operating again as the Cyber Spetsnaz, yesterday announced a campaign against Norway in its Telegram channel. The post led with a doctored photo of Norway's Foreign Minister Anniken Huitfeldt in which she's called "Mrs. Error" and made up to look like the Disney villainess Malificent. “Good morning Norway!" the introductory text read, "All units to battle.” This was followed by a list of Norwegian targets. The Russian complaint against Norway, as the Barents Observer reports, is that Norway isn't permitting Russian goods to transit Norwegian territory enroute to the island of Svalbard via the Russian port of Murmansk. Thus it has some similarity to the Russian complaint against Lithuania, which had prevented shipment of some goods to the non-contiguous province of Kaliningrad, and which also attracted the attention of Killnet. Svalbard is under Norwegian sovereignty, but a treaty guarantees Russian coal mining operations on the island. Members of Russia's Duma have questioned Norway's sovereignty given what they call Oslo's violations of the Svalbard treaty, and the AP reports that Norway's ambassador to Moscow was summoned to the Russian Foreign Ministry to give an explanation of Norwegian policy.
The cyber attacks claimed by Killnet have been distributed denial-of-service (DDoS) incidents. Several sites were disrupted for a matter of hours, but Norwegian authorities said the effects were limited and have been largely mitigated. Norway's NSM attributed the attacks to a "criminal pro-Russian group," and is investigating the group's possible ties to the Russian government.
Bloomberg reports that "XakNet," a nominally independent pro-Russian hacktivist group that's denied answering to Moscow, may in fact be tied to the Russian government. The source of the attribution is Mandiant. “It’s important we scrutinize the actors who claim to be Russian hacktivists because the intelligence services regularly use that façade to carry out their operations,” said John Hultquist, Mandiant’s vice president of intelligence analysis. “If we wait until after a major attack to ask who is really behind these personas, it may be too late.” This is unsurprising. Russian intelligence and security services have long operated nominally independent hacktivist groups. Guccifer 2.0's actions during the 2016 US elections are an example of the practice--the group was eventually associated with the GRU.
(A pronunciation note: the "X" is pronounced like an English "H," which has no exact equivalent in Russian, and sounds like the "ch" in "loch;" "HackNet" is close enough.)
While Russian cyberattacks have, like Russian ground forces, fallen far short of expectations in terms of effectiveness if not in terms of effort, NATO continues to prepare for renewed cyber offensives that could extend beyond the borders of Ukraine. Such cyberattacks as have extended to NATO members have not succeeded in achieving more than a nuisance level of effect. But Protocol discusses Russian capabilities with a variety of cybersecurity experts who say that desperation could drive Russia to attempt more extensive and more destructive cyberattacks. The views of former US Cybersecurity and Infrastructure Security Agency (CISA) director Chris Krebs are representative. "Once they [the Russians] start losing good options, they're going to start using some of their capabilities they've kept in reserve to strike back at the U.S. and say, 'Hey, wipe off the sanctions,'" he told Protocol. "How are they going to do it? It would be a highly visible, likely destructive attack."
Looking ahead to such an eventuality, NATO this week announced plans to increase resilience and organize a rapid-response capability to address Russian cyber threats. Why major, destructive Russian cyberattacks have yet to materialize remains open to debate. The Jerusalem Post reviews two of the leading explanations, overconfidence and poor preparation.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.
Today's issue includes events affecting Australia, Belarus, Brazil, China, Finland, France, Iran, Israel, NATO/OTAN, Portugal, Russia, Spain, Sweden, Ukraine, the United Kingdom, and the United States.
PIPEDREAM is a new modular ICS attack framework that an adversary could leverage to cause disruption, degradation, and possibly even destruction depending on targets and the industrial environment. Read our complete analysis of the PIPEDREAM malware, and get actionable guidance on what you can do to mitigate risk from a cyber attack. Download now →
Ukraine at D+126: Russia leaves Snake Island. DDoS in NATO's North. (The CyberWire) Russia abandons Snake Island in the Black Sea as the artillery war continues in the Donbas. The Cyber Spetsnaz conduct DDoS attacks against Norway (and the Svalbard treaty is the issue). NATO prepares for renewed Russian cyber ops, and Roskosmos releases satellite images of Western government buildings (apparently nothing more than you could get anywhere else).
Russia-Ukraine war: List of key events, day 127 (Al Jazeera) As the Russia-Ukraine war enters its 127th day, we take a look at the main developments.
Russia-Ukraine war: what we know on day 127 of the invasion (the Guardian) Nato says Moscow ‘most direct threat’ to security; Putin warns over installing military infrastructure in Finland and Sweden
Russia retreats from Snake Island (The Telegraph) Ukraine says remaining Russian forces fled the outpost on a speedboat after a number of missile attacks
Russia-Ukraine war: Russia withdraws from Snake Island and says Ukraine should demine waters – live news (the Guardian) Russian ministry of defence says withdrawal is goodwill gesture to facilitate grain exports, and asks that Ukraine demine its coastal waters
Ukraine says it has pushed Russian forces from Snake Island (the Guardian) Winning back vital Black Sea landmass could weaken any future Russia coastal land attack
Ukraine’s War of Attrition Exacts Heavy Toll on Both Sides (Wall Street Journal) Kyiv’s strategy to make Russian forces pay dearly for ever-smaller pockets of territory risks wearing down its own military, which has incurred heavy casualties defending and ultimately losing one grueling fight after another.
Ukraine war: Kremenchuk shopping centre attack claims fact-checked (BBC News) Russia's government and its supporters online spread a number of false claims after the bombing.
The CCTV footage that debunks Russia’s lies about Kremenchuk shopping centre attack (The Telegraph) The destruction of another civilian target leads experts to believe that Moscow might run low on high-precision firepower
Putin's partner in war crimes (Atlantic Council) Both Putin and Lukashenka, as well as the relevant officials and soldiers in their respective chains of command, should be charged with war crimes, crimes against humanity, and possibly genocide.
Pro-Russian hacker group says it attacked Norway (The Independent Barents Observer) “Good morning Norway! - All squads at battle,” was the short message the Killnet cyber attack cluster posted via its Telegram channel Wednesday morning. The announcement was framed by a manipulated photo of Norwegian Foreign Minister Anniken Huitfeldt, by the hackers named “Mrs. Error”.
Cyberattack hits Norway, pro-Russian hacker group fingered (AP NEWS) A cyberattack temporarily knocked out public and private websites in Norway in the past 24 hours, Norwegian authorities said Wednesday. Norwegian Prime Minister Jonas Gahr Støre said that to his knowledge the attack “has not caused any significant damage.”
Norway hit with cyberattack, temporarily suspending service (The Hill) Norway’s public and private sector websites were temporarily down on Wednesday following a cyberattack that targeted the country’s national data network, forcing it to suspend online services for s…
Norway blames "pro-Russian group" for cyber attack (Reuters) A number of institutions in Norway have been subjected to a so-called distributed denial-of-service (DDoS) cyber attack in the last 24 hours, the Norwegian NSM security authority said on Wednesday, blaming a "criminal pro-Russian group".
Norway accuses pro-Russian hackers of launching wave of DDoS attacks (The Record by Recorded Future) Norway accused pro-Russian hackers of launching several DDoS attacks at a number of critical organizations in the country.
Mandiant Finds Possible Link Between Kremlin, Pro-Russian ‘Hacktivists’ (Bloomberg) US officials and allies have warned about attacks from XakNet and related groups.
Russia publishes Pentagon coordinates, says Western satellites 'work for our enemy' (Reuters) Russia's space agency published the coordinates of Western defence headquarters including the U.S. Pentagon and the venue of NATO's summit on Tuesday, saying Western satellite operators were working for Russia's enemy - Ukraine.
Russian Space Agency Targeted in Cyberattack (Wall Street Journal) The website of Russia’s space agency was hit by a cyberattack after it posted satellite imagery and coordinates of the White House, the Pentagon and other Western decision-making bodies, the agency’s press service said. Dmitry Strugovets, the head of space agency Roscosmos’s press service, wrote We
Cyberattack hits Russian space agency site after sharing NATO photos (Jerusalem Post) The site of Russian space agency Roscosmos was targeted by hackers in a DDoS attack after it published satellite images of NATO buildings.
Ukraine lessons take center stage in Marines’ new information warfare plan (Marine Corps Times) Marine units risk becoming less resilient, officials said, when they “treat information as an afterthought."
NATO establishes program to coordinate rapid response to cyberattacks (POLITICO) The U.S. will offer “robust national capabilities” to support this program, according to a fact sheet put out by the White House on Wednesday.
Madrid Summit Declaration issued by NATO Heads of State and Government participating in the meeting of the North Atlantic Council in Madrid 29 June 2022 (NATO) We, the Heads of State and Government of the North Atlantic Alliance, have gathered in Madrid as war has returned to the European continent. We face a critical time for our security and international peace and stability.
Security experts brace for possible Russian cyberattacks (Protocol) A cyber escalation by Russia against the U.S. still remains possible, as soon as later this year, according to numerous experts.
Why did Russia's cyber warfare against Ukraine fizzle out? (Jerusalem Post) The vice president of the Microsoft Threat Intelligence Center grants insight into the sudden lack of aggression from Russia at the war's outbreak.
The War in Ukraine: Important lessons to be learnt from Ukraine’s cyber defence success (Geektime) Ukraine managed to thwart many Russian-sponsored cyber-attacks prior to and during the war. What lessons can states learn and apply?
Putin issues fresh warning to Finland and Sweden on installing Nato infrastructure (the Guardian) President says Moscow would respond ‘symmetrically’ to any deployments, and foreign ministry accuses Nato of trying to destabilise Russian society
Did Putin inadvertently create a stronger NATO? (Washington Post) Russia’s invasion of Ukraine has resulted in at least one major change to the global order: NATO expansion.
Historic NATO Meeting Extends Cybersecurity Collaboration to Asia-Pacific Allies (Nextgov.com) The security alliance is squaring off against Russia and China by building a coordination capability for rapidly responding to cyber attacks.
What Turkey won with its NATO leverage (Atlantic Council) Ankara got exactly what it wanted in exchange for paving the way for Sweden and Finland to join the Alliance.
Biden officials privately doubt that Ukraine can win back all of its territory (CNN) White House officials are losing confidence that Ukraine will ever be able to take back all of the land it has lost to Russia over the past four months of war, US officials told CNN, even with the heavier and more sophisticated weaponry the US and its allies plan to send.
Ukraine wins release of 144 soldiers in biggest prisoner swap of war (Reuters) Ukraine on Wednesday carried out its biggest exchange of prisoners of war since Russia invaded, securing the release of 144 of its soldiers, including 95 who defended Mariupol's steelworkers, Ukraine's military intelligence agency said.
Putin is learning from his mistakes. We are not (The Telegraph) Slashing the size of the British Army will leave us incapable of fulfilling our commitments to Nato
Fear of confronting Putin will lead to Russian victory in Ukraine (Atlantic Council) So far, the war in Ukraine has taught Vladimir Putin that NATO and the EU will go to great lengths to avoid confronting him. This has grave consequences for Ukraine itself and for the wider international community.
The dismal truth is that Putin is winning the economic war (The Telegraph) The French President seems to have lost his grasp of basic economics
Gedrosselte Gaslieferungen: Siemens Energy wehrt sich gegen Vorwürfe aus Russland (Spiegel) Russland liefert weniger Gas nach Deutschland und macht dafür auch Verzögerungen bei Reparaturen durch Siemens Energy verantwortlich. Das Unternehmen weist die Anschuldigungen zurück.
Zionist intelligence company cyberattacked by Iraqi hackers (Mehr News Agency) Two groups of Iraqi hackers have reportedly targeted the website of Zionist digital intelligence company Cellebrite, which provides solutions for retrieving information from electronic devices and analyzing the data.
Crypto crash threatens North Korea's stolen funds as it ramps up weapons tests (Reuters) The nosedive in cryptocurrency markets has wiped out millions of dollars in funds stolen by North Korean hackers, four digital investigators say, threatening a key source of funding for the sanctions-stricken country and its weapons programmes.
Reports of Disinformation Campaign Against Rare Earth Processing Facilities (U.S. Department of Defense) The Department of Defense is aware of the recent disinformation campaign, first reported by Mandiant, against Lynas Rare Earth Ltd., a rare earth element firm seeking to establish production capacity
Cyber Pirates Prowling Ship Controls Threaten Another Big Shock (Bloomberg) Coast Guard urges vigilance as ship systems probed ‘every day’. IMO guidelines haven’t done enough to protect against hacks.
Market differentiation: Cybercriminal forums’ unusual features designed to attract users (Digital Shadows) After a tumultuous few months at the start of the year in which each week seemed to bring a major development in the cybercrime scene, we’ve been enjoying a period of relative stability in the dark web. We have just about recovered from the closure of the English-language forum giant RaidForums, the bombshell leak of
CISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks (SecurityWeek) CISA says the Linux vulnerability tracked as CVE-2021-4034 and PwnKit has been exploited in attacks.
FabricScape: Escaping Service Fabric and Taking Over the Cluster (Unit 42) FabricScape (CVE-2022-30137) is a privilege escalation vulnerability of important severity in Microsoft's Service Fabric, commonly used with Azure.
Azure Service Fabric Vulnerability Can Lead to Cluster Takeover (SecurityWeek) A vulnerability in Azure Service Fabric allows an attacker to escalate privileges and take over entire Linux clusters.
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers (The Hacker News) A new vulnerability has been discovered in RARlab's UnRAR utility that also affects several other applications using it, including Zimbra Mail.
AstraLocker Ransomware Spread in ‘Smash and Grab’ Attacks (Decipher) A new variant of the AstraLocker found being deployed directly in Microsoft Office attachments reflects a focus by attackers on making a big impact and getting a quick payout.
2022 0-day In-the-Wild Exploitation…so far (Google Project Zero) Posted by Maddie Stone, Google Project Zero This blog post is an overview of a talk, “ 0-day In-the-Wild Exploitation in 2022…so far”,...
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens (ComputerWeekly.com) Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware.
Minors Use Discord Servers to Earn Extra Pocket Money Through Spreading Malware (PR Newswire) Avast (LSE: AVST), a global leader in digital security and privacy, has discovered an online community of minors constructing, exchanging and...
Walmart denies being hit by Yanluowang ransomware attack (BleepingComputer) American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers.
AMD claims potential attack from RansomHouse gang (CRN Australia) Says some 450 gigabytes of data stolen.
Hacker Impersonates TrustWallet in Crypto Phishing Scam (Vade Secure) This crypto scam features a TrustWallet phishing campaign luring users into divulging their recovery phrases on a sleek phishing page.
Destructive firmware attacks pose a significant threat to businesses (Help Net Security) Despite the risks that destructive firmware attacks pose to organizations, device security is not always a major consideration.
Bringing Ransomware Infrastructure Into the Light (Decipher) Researchers from Cisco Talos were able to de-anonymize the infrastructure used by several ransomware groups, including Quantum, Snatch, and DarkAngels.
Dark Web Price Index 2022 - Dark Web Prices of Personal Data (Privacy Affairs) To see just how prevalent items of personal data are being listed on the dark web in 2022, and at what price, we went on a data-gathering mission.
You scheduled an abortion. Planned Parenthood’s website could tell Facebook. (Washington Post) The organization left marketing trackers running on its scheduling pages
Hacktivism Against States Grows After Overturn of Roe v. Wade (GovTech) State and local governments need to prepare and respond to a new round of cyber attacks coming from groups claiming to be protesting the Supreme Court overturning Roe v. Wade last Friday.
La.’s unemployment claims website down after attempted malware attack (WGNO) Additionally, the agency said, according to GSI, there wasn’t a data breach and HiRE users’ personal information was not compromised. The outage is impacting nearly 11,000 people in Lou…
Service Fabric Privilege Escalation from Containerized Workloads on Linux (Microsoft Security Response Center) Under Coordinated Vulnerability Disclosure (CVD), cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric (SF) Linux clusters (CVE-2022-30137). The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control of the resource’s host SF node and the entire cluster.
Uncovering FabricScape (Palo Alto Networks Blog) Palo Alto Networks teams up with Microsoft to mitigate new cloud vulnerability (CVE-2022-30137).
Amazon Confirmed and Fixed a High Severity Vulnerability of Broken Authentication in Amazon Photos Android App (Checkmarx.com) Our research team at Checkmarx found that the Amazon Photos Android app could have allowed a malicious application, installed on the user’s phone, to steal their Amazon access token. The Android app has over 50 million downloads.
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird (CISA) Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Firefox 102 fixes address bar spoofing security hole (and helps with Follina!) (Naked Security) Firefox squashes a bug that helped phishers, and brings its own helping hand to Microsoft’s “Follina” saga.
Firefox 102 Patches 19 Vulnerabilities, Improves Privacy (SecurityWeek) Mozilla this week announced the availability of Firefox 102 in the stable channel with patches for 19 vulnerabilities, including four high-severity bugs.
Why more zero-day vulnerabilities are being found in the wild (CSO Online) With the number of zero-days spiking in the last 18 months, organizations need to increase their patching efforts. Software vendors can be more transparent, too.
84% of Consumers Have Used Peer-to-Peer Services (LendingTree) Peer-to-peer (P2P) service apps like PayPal and Venmo offer simple ways to make payments, but some users are losing money through mistakes and scams.
Q1 2022 Incident Response Insights from Tetra Defense (Arctic Wolf) Each quarter, Tetra Defense collects and analyzes data from its incident response engagements in the United States. Find insight and statistics that are vital to assessing the cyber threat landscape.
Connected Healthcare: A Cybersecurity Battlefield We Must Win (Trellix) The medical industry is at unique risk of attack due to the numerous purpose-built devices. Their lack of ubiquity creates a false sense of security and reduced scrutiny from the security research industry.
Cybersecurity startups, once the VC darling, hammered by layoffs (TechCrunch) Thousands have been laid off, despite startups raising huge amounts of cash and VC investments increasing year-over-year.
What drives private equity firms to acquire cybersecurity companies (Gulf Business) Over the last couple of years, cybersecurity is moving higher up the priority list, following a series of high-profile attacks globally.
Cybersecurity leaders are anticipating mass resignations within the year - here's why (ZDNet) The growing threat of attacks combined with industry skill gaps is leading to sky-high burnout rates among cybersecurity professionals.
Cleartrace Raises $20 Million Financing Led by ClearSky With Strategic Funding From Brookfield Renewable, EDF Energy North America, Tenaska, and Exelon to Help Companies Reach Decarbonization Goals (Business Wire) Cleartrace announced a $20M financing round led by ClearSky with investment from Brookfield Renewable, EDF Energy North America, Tenaska, and Exelon.
Cyolo Banks $60M Series B for ZTNA Technology (SecurityWeek) Israeli startup Cyolo raises a massive Series B round to compete in the market for zero trust networking access.
Token raises $13M and appoints CEO scale biometric authentication wearable business (Biometric Update |) Token has raised $13 million in a Series B funding round for solution development and demand generation and appointed John Gunn as CEO.
BT asks for more time as ban on Huawei equipment approaches (the Guardian) UK telecoms operator struggling to meet January 2023 deadline to remove all Chinese firm’s equipment from core network
'Huawei-phobia' is against globalization (China Daily) "Thanks to Huawei, China could participate in the NATO summit", says the headline of German-language media outlet Wirtschafts-Woche.
Red River appoints Dan Kent as CTO (Help Net Security) Red River announced that Dan Kent has been appointed Chief Technology Officer to oversee the company's expansive team of engineers.
Long-time Cybersecurity Leader John Watters Joins Metabase Q’s Board of Directors (Business Wire) Metabase Q, the end-to-end security platform for companies in Latin America, welcomes John Watters, President and COO of Mandiant, to its board
Babel Street Appoints New Executive Vice President of Sales and Senior Vice President of Marketing (PR Newswire) Babel Street, the world's leading AI-enabled data-to-knowledge company, today announced that Bryan Mulholland has joined the company as...
Now you can securely share 1Password files and documents with anyone (1Password Blog) 1Password customers can now securely share anything stored in 1Password, including documents and files, with anyone – even if they don’t use 1Password.
Vectra Becomes AWS Security Competency Partner (PR Newswire) Vectra AI, a leader in threat detection and response, today announced that it has become an Amazon Web Services (AWS) Security Competency...
Enveil ZeroReveal ML Encrypted Training enables secure usage of cross-silo data sources (Help Net Security) Enveil released its new encrypted training solution, ZeroReveal ML Encrypted Training (ZMET), to secure usage of cross-silo data sources.
Codenotary SBOM Operator for Kubernetes provides continuously updated info on software supply chain (Help Net Security) Codenotary launched SBOM Operator for Kubernetes in both its open source Community Attestation Service, as well as Codenotary’s Trustcenter.
London based startup launches open-source collaboration tools to help businesses avoid online surveillance. (Pressat) The London based...
Radware completes its Hacker's Almanac (iTWire) Security vendor Radware has completed its Hacker’s Almanac. Series III – the final instalment – focuses on threat intelligence and cyber defence. The Hacker's Almanac is a field guide for security analysts, professionals and executive decision-makers. "Understanding the threat landscape is o...
Synaptics Selects Allegro DVT’s VVC Compliance Streams (Business Wire) Synaptics Incorporated has selected Allegro DVT’s VVC test streams.
KnowBe4 Signs Partner Agreement With NEC Corporation (NEC) (Yahoo) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that it has signed a reseller agreement with NEC Corporation (NEC).
KnowBe4's Compliance Audit Readiness Assessment (CARA) Now Maps to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) (Yahoo) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that its CARA tool now maps to the NIST Cybersecurity Framework.
FirstLight Seeks to Close the Cyber Security Gap for Its Customers with Several New Cloud-Based Security Solutions (GlobeNewswire News Room) FirstLight, a leading provider of digital infrastructure services to...
Sysdig Announces Drift Control to Prevent Container Attacks at Runtime (Business Wire) Sysdig announced Drift Control to prevent container attacks at runtime.
SentinelOne Integrates with Torq, Streamlining SOC Workflows with Automated Incident Response (Business Wire) SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced a new integration with Torq, a no-code security automation platfo
Unified Group-IB. Meet Unified Risk Platform (PR Newswire) Group-IB, one of the global leaders in cybersecurity headquartered in Singapore, has today unveiled the Unified Risk Platform, an ecosystem of...
Internet Initiative Japan Selects Juniper Networks Virtual Firewalls to Enable Seamless and Secure Experiences for its New Cloud Network Service (Business Wire) Juniper Networks (NYSE: JNPR), a leader in secure, AI-driven networks, announced today that Internet Initiative Japan Inc. (IIJ), one of the country’s
CISA Calls for Expedited Adoption of Modern Authentication Ahead of Deadline (SecurityWeek) CISA is urging federal agencies and private organizations to switch to Modern Auth in Exchange Online before October 1, 2022.
U.S. Gov Agencies Face Looming Microsoft Exchange Online Modern Auth Deadline (Decipher) New guidance urges U.S. government agencies to expedite the switch to Modern Auth in Exchange Online ahead of Microsoft’s Oct. 1 deadline.
Healthcare Facilities Need a Holistic Digital Identity Strategy – Not Uncoordinated Solutions, New Imprivata Research Reveals (GlobeNewswire News Room) More than two-thirds believe identity management is important to their security strategy, yet less than half are using key identity and access management...
Do back offices mean backdoors? (WeLiveSecurity) The war in Europe is a reminder for shared service centers and shoring operations to re-examine their IT security posture.
Adapting industrial control system (ICS) security to the new normal (VentureBeat) Malware and ransomware attacks are the new normal -- ICS security needs to adapt to prevent the kinds of attacks seen in 2021.
How parents can talk about online safety and personal info protection with their kids (Help Net Security) This video provides insight into how parents can talk about online safety and personal info protection with their kids.
Securing the Metaverse and Web3 (SecurityWeek) Entrepreneurs, developers, law enforcement and governments need to collaborate now, so the opportunity to develop a safe and secure metaverse is not lost.
Research award establishes sole-source provider of post-quantum cryptography for agencies (FedScoop) The award, which could exceed $100 million, is intended to hasten agencies' adoption of encryption against forthcoming quantum computers.
The Cyber AB Launches Academic Advisory Council Backed by Thought Leaders from Across Higher Education (Business Wire) The Cyber AB Launches Academic Advisory Council
Monash University opens public bug bounty (iTnews) Websites, apps open to researchers.
New Jersey Students Claim Top Spots in National Cyber Competition (Insider NJ) New Jersey led the nation in the total number of scholars and finalists during this year’s CyberStart America competition, according to a recent report received by the New Jersey Cybersecurity and Communications[...]
EU Moves Closer to Strict Anti-Money Laundering Rules on Crypto (Bloomberg) Political hurdle cleared to enforce transaction declarations. Crypto industry criticized the regulation on privacy grounds.
A Cyber Persistence Way to Norms (Lawfare) Cyber persistence holds promise for norms because it aligns with core characteristics of cyberspace that motivate malicious behavior, addresses destabilizing behaviors, and builds momentum for new rules of customary law for the cyber context.
TSA Eases Pipeline Cybersecurity Rules Issued After Colonial Hack (Wall Street Journal) The Transportation Security Administration is loosening pipeline cybersecurity rules imposed after the hack of Colonial Pipeline last year, giving companies a longer window to report cyberattacks and more leeway to design their defenses.
TSA to change cybersecurity rules for pipelines following industry criticism (The Record by Recorded Future) TSA announced changes to a cybersecurity directive for U.S. pipelines after backlash from industry experts and trade groups.
Cyber Experts Discount Insurance in Ransomware Fight (MeriTalk) Federal cybersecurity leaders argued against the effectiveness of cyber insurance as a way to alleviate financial burdens associated with ransomware attacks during a hearing of the House Homeland Security Committee’s panel on intelligence and counterterrorism on June 28.
Congresswoman Promotes Cyber Insurance Amid Shifting Policy Landscape (Nextgov.com) The jury is still out on how using insurance policies to pay ransoms and re-establish systems after a cyberattack affects critical infrastructure organizations’ individual and collective resilience.
Facebook could be sued for addicting children under California bill (Ars Technica) If passed, it would likely impact social media users everywhere.
California Lawmakers Want To Sue Meta, TikTok for Kids’ Social Media Addictions (TheQuint) Government attorneys can soon sue social media companies for employing algorithms that make minors addicted.
New clearance ideas aim to make national security workforce more mobile, diverse (Federal News Network) Inconsistent policies and processes are making it harder for defense and intelligence agencies to recruit and retain the people with critical skills.
Cyber Security and the Indian Cyber Laws with its details (Kratikal Blogs) Cyber laws are unique to every country and enforced under law, and Compliances carry policies to engrave the path.
Ukraine arrests cybercrime gang operating over 400 phishing sites (BleepingComputer) The Ukrainian cyberpolice force arrested nine members of a criminal group that operated over 400 phishing websites crafted to appear like legitimate EU portals offering financial assistance to Ukrainians.
Is TikTok the Devil You Know or Worse? (Scott Schober) FCC Commissioner @BrendanCarrFCC just threw down the data protection gauntlet via Twitter regarding TikTok’s Chinese ownership and data privacy practices (and deceptions). Is this a real attempt to bolster the data privacy of US citizens or just a misguided distraction? And given recent U.S. Supreme Court rulings, is TikTok’s data harvesting any more dangerous to… Read More »
Listen Now: Can TikTok be trusted with users' data? (NPR One) Technology on NPR One | 5:09
European, U.S. Groups Plan Salvo of Privacy Complaints Against Google (Wall Street Journal) Complainants invoke ‘privacy-by-design’ provision of EU law in arguing that Google complicates opting out of data-collection.
Google account sign-up process targeted with GDPR complaints (TechCrunch) Consumer rights groups in Europe have filed a new series of privacy complaints against Google — accusing the advertising giant of deceptive design around the account creation process which they say steers users into agreeing to extensive and invasive processing of their data. The tech giant p…
10 Arrested for Involvement in Online Sexual Exploitation in Europe (HackRead) The arrests were made in Spain, Portugal, and France in a coordinated effort by Brazilian Federal Police and European law enforcement agencies.
'Money mule’ accounts have transferred $3 billion in the first half of 2022 (SC Magazine) Fraudulent financial transfers known as “money mule accounts have been on the rise as cybercriminals use botnet and hybrid bot technology to open the accounts on a wider basis, according to BioCatch.
DOJ Sues Booz Allen to Stop Deal for Defense Firm EverWatch (2) (Bloomberg Law) The Department of Justice sued to block Booz Allen Hamilton from acquiring defense firm EverWatch, citing concerns that the deal would harm competition for federal intelligence contracts.
Justice Department Sues to Block Booz Allen Hamilton’s Proposed Acquisition of EverWatch (US Department of Justice) The Department of Justice filed a civil antitrust lawsuit today to block Booz Allen Hamilton Holding Corporation’s (Booz Allen) proposed acquisition of EverWatch Corp. (EverWatch), a subsidiary of EC Defense Holdings LLC. The complaint, filed in the U.S. District Court for the District of Maryland, alleges that the merger agreement threatens imminent competition for a government contract to provide operational modeling and simulation services to the National Security Agency (NSA). Unless enjoined, the transaction would eliminate competition for this defense contract, leaving NSA to face a monopoly bidder.
Uber ex-security chief accused of hacking coverup must face fraud charges, judge rules (Reuters) A federal judge on Tuesday said a former Uber Technologies Inc security chief must face wire fraud charges over his alleged role in trying to cover up a 2016 hacking that exposed personal information of 57 million passengers and drivers.
For a complete running list of events, please visit the Event Tracker.
Impact 2022 (Boston and Virtual, Massachusetts, USA, Jul 12 - 14, 2022) Presented by CyberArk, Impact is the leading cybersecurity conference for forward-thinking professionals. Gain insights on privileged access management (PAM) and Identity Security to help secure your digital business from the next generation of attackers
The Diana Initiative Virtual Conference (Virtual, Jul 16, 2022) Back for the 6th year, The Diana Initiative is hosting a two-day diversity-driven conference committed to helping all underrepresented genders, sexualities, races and cultures in Information Security. The Diana Initiative features multiple speaker tracks, fully expanded villages with hands-on workshops, and a women-led Capture the Flag event.
The Diana Initiative Las Vegas Conference (Las Vegas, Nevada, USA, Aug 10 - 11, 2022) Back for the 6th year, The Diana Initiative is hosting a two-day diversity-driven conference committed to helping all underrepresented genders, sexualities, races and cultures in Information Security. The Diana Initiative features multiple speaker tracks, fully expanded villages with hands-on workshops, and a women-led Capture the Flag event.
Digital safety snacks: Protect yourself from online abuse with short videos and workshops (Virtual, Jun 13 - Jul 28, 2022) PEN America, the Online News Association, and the International Women’s Media Foundation have teamed up to create step-by-step videos and hands-on workshops to help you defend yourself against online abuse. We’ll explain how to protect your most sensitive accounts from hackers and how to dox yourself before someone else does. We want to empower you to feel safer and more secure while maintaining the public profile you need to do your job. This series will include eight short video episodes and four virtual workshops, when you can follow along to complete your digital wellness check, ask questions, and get help if you get stuck. You can join one, two or all four sessions.
Emerging Technology Showcase (Virtual, Jun 29 - 30, 2022) The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) will host an Emerging Technology Showcase on June 29-30. The event will highlight cutting-edge cybersecurity technologies and demonstrate how these solutions can mitigate cyber threats in the consumer-facing sector. The Emerging Technology Showcase is tailored for strategic leaders and cybersecurity practitioners from physical and online retailers, gaming properties, grocers, hotels, restaurants, consumer product manufacturers, or any company that handles consumer data.
Impact 2022 (Boston and Virtual, Massachusetts, USA, Jul 12 - 14, 2022) Presented by CyberArk, Impact is the leading cybersecurity conference for forward-thinking professionals. Gain insights on privileged access management (PAM) and Identity Security to help secure your digital business from the next generation of attackers
Economics of Cyber & Risk Management (Columbia, Maryland, USA, Jul 13, 2022) Businesses, government agencies, educational institutions, healthcare entities, and nonprofits alike are all grappling with IT (Information Technology) infrastructure challenges, and the pressures will not subside anytime soon. Teleworking, telehealth, virtual learning, and e-commerce are just a few daily practices being influenced by data security, access, and management. Simultaneously, labor shortages continue to challenge technology firms in their ability to combat digital adversaries. Future business profits undoubtedly will be linked to the cyber and risk management practices business entities put in place and the ongoing training their employees receive as they protect their data assets and intellectual property.
The Diana Initiative Virtual Conference (Virtual, Jul 16, 2022) Back for the 6th year, The Diana Initiative is hosting a two-day diversity-driven conference committed to helping all underrepresented genders, sexualities, races and cultures in Information Security. The Diana Initiative features multiple speaker tracks, fully expanded villages with hands-on workshops, and a women-led Capture the Flag event.
