Alleviate the stress with an open-source security suite that protects your online services, with no false positives and no extra effort from you. With CrowdSec, you gain the most comprehensive community-sourced threat intelligence to accelerate your security response. And, you can filter out all background noise to focus only on what really matters. Don’t fight alone, let the crowd support you. Get started with CrowdSec for free!
Happy New Year, CyberWire readers! As a special thank you, we would like to offer you a free practice test from CyberVista, as well as three free months of CyberWire Pro. Visit thecyberwire.com/promo and use the code PROLEARN to redeem the offer.
Cyber disruptions to the UK’s Royal Mail service, first reported on Wednesday as a “cyber incident,” has now been identified as a ransomware attack, linked to the Russian-affiliated LockBit gang, Computing reports today. The Telegraph broke the news of the confirmed ransomware attack yesterday, with attribution to LockBit, or an actor using the gang’s encryptor. The attack was behind the encryption of devices used for shipping internationally, and ransom notes were reportedly printed on printers intended for customs dockets. The ransom note claims to be "LockBit Black Ransomware," with links to Tor sites used by LockBit operators and a ‘Decryption ID’ said by multiple security researchers to be unusable, Bleeping Computer confirmed yesterday. When Bleeping Computer reached out for comment, LockBit Support claimed that the gang “did not attack Royal Mail and they blamed it on other threat actors using their leaked builder.” There is “no end in sight” to service disruption, stressed a Royal Mail spokesperson, the BBC reported last night. For more on the Royal Mail ransomware attack, see CyberWire Pro.
Leaders, decision-makers and influencers across cyber read the CyberWire Daily Briefing as well as our other popular newsletters and podcasts every day. Why not put your company's message where the decision-makers are? Contact us to find out how (hint, it's really easy!).
The Guardian has confirmed that it sustained a ransomware attack last month. The Guardian Media Group’s CEO Anna Bateson and the Guardian’s editor-in-chief Katharine Viner sent an email to employees on Wednesday stating that the firm had suffered a “highly sophisticated cyber-attack involving unauthorised third-party access to parts of our network.” The attackers were able to access personal data of the company’s UK employees. Graham Cluley explains that these data included “names, addresses, dates of birth, National Insurance numbers, bank account details, salary information, and identity documents such as passports.” For more on the Guardian breach, see CyberWire Pro.
Researchers at At-Bay believe a critical Citrix vulnerability is being exploited by the Royal ransomware gang. Citrix disclosed CVE-2022-27510 on November 8th, 2022. The vulnerability “allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway.” At-Bay researchers last week observed what appears to be the first known exploitation of the flaw in the wild. The researchers recommend that organizations apply Citrix’s patches and mitigations as soon as possible. For more on Royal's exploitation of Citrix, see CyberWire Pro.
Computing wrote Friday morning that the FAA continues to attribute Wednesday’s NOTAM outage to a damaged database file. A source speaking to CNN claimed that air traffic controllers recognized the system issue on Tuesday afternoon, intending to reboot the system during less congested hours, on Wednesday morning. The reboot took place as planned, though the system still "wasn't completely pushing out the pertinent information that it needed for safe flight, and it appeared that it was taking longer to do that," according to CNN’s source, which led to the eventual grounding order. A senior government official cited aging infrastructure as a contributing factor, noting that the system is “30 years old and not scheduled to be updated for another six years,” according to NBC News. For background on the NOTAM outage, see CyberWire Pro.
The US Cybersecurity and Infrastructure Security Agency (CISA) has released its 2022 Year in Review. The report is organized into four topical sections, any one of which you may jump to at the links below:
GitHub has taken down accounts associated with the Russian hacktivist auxiliary group NoName057(16). CyberScoop quotes a GitHub representative: "We disabled the accounts in accordance with GitHub’s Acceptable Use Policies, which prohibit posting content that directly supports unlawful active attacks or uses GitHub as a means to deliver malicious executables." Like so many other Russian auxiliaries, NoName057(16) has specialized in distributed denial-of-service (DDoS) attacks, and it's crowed high over them in its Telegram channel. The group's new year's greetings (quoted by SentinelOne from NoName057(16)'s Telegram feed) show some representative crowing: "Did any of us know at the start of the year that something like this would happen? Did we, ordinary programmers and difficult guys from the darknet, know that we would need to go to the real and digital frontiers? Did anyone know that the issues of protecting the Motherland and the re-education of the 'civilized' world would be carried out by us as well?" the NoNames ask, rhetorically. "No. No one knew. But the current situation has divided everything into 'before' and 'after'. We don't know how long the NWO will last, how many spears we'll break, and how many bumps we'll hit. One thing we know for sure: we will win! We will definitely win! Even if the whole world is against us, they will lose for one simple reason: the right guys are not with them. And it's total! Holiday greetings! We all have strength, perseverance and perseverance! There is nowhere to retreat, there will be no other Motherland.".
Russia has taken exception to Reuters' report, last week, that the Cold River group, widely believed to operate on behalf of a Russian intelligence and security service (probably the FSB), had attempted to compromise workers at the US Brookhaven, Argonne, and Lawrence Livermore National Laboratories. "The latest pseudo investigation was unfortunately published by Reuters news agency," Maria Zakharova, Russia's Foreign Ministry spokeswoman, said yesterday in a press briefing. "There was no evidence given, no facts," she added, but did not further elaborate. Reuters stands by its story, as indeed Reuters should.
Brookings offers some reflection on last May's Positive Hack Days, the annual conference organized by the Russian security firm Positive Technologies, a company now under US sanctions for its cooperation with Russian intelligence services. The essay sees an increasingly isolated "cyber ecosystem" in which the Russian cyber sector has now become a closed system, with aspirations to autarky. The aforementioned Maria Zakharova called it the "creation of a multi-polar world," which is one way of looking at it.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.
Yesterday the US Cybersecurity and Infrastructure Administration (CISA) released twelve Industrial Control Systems (ICS) advisories. They affect Sewio RTLS Studio, RONDS Equipment Predictive Maintenance Solution, InHand Networks InRouter, Panasonic Sanyo CCTV Network Camera, SAUTER Controls Nova 200 – 220 Series (PLC 6), Johnson Controls Metasys, Hitachi Energy Lumada APM, Siemens S7-1500 CPU devices, Siemens Mendix SAML Module, Siemens Automation License Manager, Siemens Solid Edge before V2023 MP1, and Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A).
Today's issue includes events affecting Bulgaria, Japan, NATO/OTAN, Russia, Sweden, Ukraine, the United Kingdom, and the United States.
Monday is the US holiday of Dr. Martin Luther King, Jr. Day, and the CyberWire won't be publishing. We'll be back as usual on Tuesday. In the meantime, best wishes on the occasion to all who'll be observing the holiday with us.
Ukraine at D+323: Fighting in Soledar and industrial mobilization. (CyberWire) Russia claims victory in Soledar, but Ukraine says fighting continues. Industrial mobilization challenges the Kremlin. GitHub ejects Russian hacktivist auxiliaries.
Russia-Ukraine war: List of key events, day 324 (Al Jazeera) As the Russia-Ukraine war enters its 324th day, we take a look at the main developments.
Moscow Says It Has Seized Ukrainian Town of Soledar (Wall Sreet Journal) Ukrainian officials say battles are continuing for control of the eastern town.
Russian Offensive Campaign Assessment, January 12, 2023 (Institute for the Study of War) Russian forces’ likely capture of Soledar on January 11 is not an operationally significant development and is unlikely to presage an imminent Russian encirclement of Bakhmut. Geolocated footage posted on January 11 and 12 indicates that Russian forces l
Ukraine's Battlefields Are Freezing. Here's What That Means for the War. (Military.com) Temperatures in eastern Ukraine have been well below freezing in recent days, hardening the ground and opening a window for potential winter offensives by both sides.
Rifts in Russian military command seen amid Ukraine fighting (AP NEWS) As Russian troops wage a ferocious house-to-house fight for control of strongholds in eastern Ukraine, a parallel battle is unfolding in the top echelons of military power in Moscow, with President Vladimir Putin reshuffling his top generals while rival camps try to win his favor.
The good and bad of Gerasimov’s ‘promotion’ (POLITICO) The naming of Valery Gerasimov<b> </b>to lead Russian troops in Ukraine shows Vladimir Putin is flailing tactically.
Russia’s new commander reflects Putin’s plan to push for victory in Ukraine (Washington Post) With the appointment of Gen. Valery Gerasimov, Russia’s highest-ranking military officer, as direct operational commander of the troubled war in Ukraine, President Vladimir Putin has doubled down on his conviction that the invasion’s objectives can be achieved without new leadership — and is now turning to a trusted confidant who will carry out his orders without question, analysts said.
Why Putin's command shake-up is doomed to fail (The Telegraph) Putin's generals cannot answer the key questions he faces - nor can they silence the critics of his stuttering invasion
Putin scolds defence industry minister in televised meeting for ‘fooling around’ (the Guardian) Russian leader publicly berated Denis Manturov, eye-rolling and shuffling papers during the live call, as his war in Ukraine caused fresh problems
General Says U.S. Values Allies' Assistance to Ukraine (U.S. Department of Defense) The U.S. respects the sovereign decisions of NATO and other allied nations regarding their security assistance to Ukraine, the Pentagon press secretary said.
Readout of Secretary of Defense Lloyd Austin's Call With Swedish Minister of Defence Pål Jonson (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III spoke by phone with his Swedish counterpart, Minister for Defence Pål Jonson.
Never mind Britain: Germany looks for US to lead the way on battle tanks to Ukraine (POLITICO) Chancellor Scholz says deliveries of heavy weapons depend on coordination ‘with our transatlantic partner.’
What is a 'main battle tank,' and how will Ukraine use them? (Breaking Defense) European nations are poised to send Ukraine main battle tanks. But Western MBTs will require different training, tactics, and logistical support than the smaller Soviet-derived designs Ukrainian troops are used to.
The West reaps multiple benefits from backing Ukraine against Russia (Atlantic Council) Ukraine is often viewed as being heavily reliant on Western support but the relationship is mutually beneficial and provides the West with enhanced security along with valuable intelligence, writes Taras Kuzio.
The Long War in Ukraine (Foreign Affairs) The West needs to plan for a protracted conflict with Russia.
Russia’s largest hacking conference reflects isolated cyber ecosystem (Brookings) One of Russia’s largest hacking conferences showcases nationalist propaganda and increasing technological isolation.
GitHub disables pro-Russian hacktivist DDoS pages (CyberScoop) NoName057 used the software development platform to carry out DDoS attacks on targets in a variety of NATO nations.
Russia criticises Reuters story on Russian hackers targeting U.S. nuclear scientists (Reuters) Russia's Foreign Ministry on Thursday criticised Reuters for spreading what it said was poorly sourced anti-Russian propaganda with a story about a Russian hacking team which targeted three nuclear research laboratories.
Putin running out of options in global pressure campaign (Yahoo) As the Russia-Ukraine war nears the end of its first year, Moscow is struggling to find leverage to wear down Western resolve to aid Kyiv. With its battlefield wins now few and far between, an economy crippled by harsh sanctions, and increasing international isolation, Russian President Vladimir Putin is running out of options to expand…
Ukraine war impacts spare parts supply for Indian military: Army chief (Defense News) Experts say up to 60% of Indian defense equipment comes from Russia.
Russia soldier jailed for refusing to join Ukraine war (Al Jazeera) Russian court sentenced Marsel Kandarov to five years in jail for refusing to take part in ‘special military operation’.
‘Dark Pink’ hackers target state and military organizations in Asia, Europe (The Record from Recorded Future News) A new hacking group dubbed “Dark Pink” is targeting government and military agencies in Asia and Europe with phishing emails.
RAT malware campaign tries to evade detection using polyglot files (BleepingComputer) Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools.
Aflac's Japan says US partner leaked cancer customer info (Register) Zurich’s Japanese outpost also leaks a couple of million records
Aflac, Zurich Policyholders in Japan Affected by Data Leaks (Bank Info Security) Personal information for more than 1.3 million Aflac cancer insurance policyholders and almost 760,000 Zurich Insurance auto insurance policyholders in Japan has
Japan Units of Aflac, Zurich See 2 M. Customers' Data Breached (Nippon.com) Tokyo, Jan. 10 (Jiji Press)--Aflac Life Insurance Japan Ltd. and Zurich Insurance Co., the Japanese unit of Zu…
Royal Mail hit by Russia-linked ransomware attack (BBC News) The group is working "around the clock" to resolve severe disruption to overseas deliveries.
Russia-linked hackers behind Royal Mail cyber attack (The Telegraph) Lockbit’s ransomware scrambled software on machines used to send international post
Royal Mail cyberattack linked to LockBit ransomware operation (BleepingComputer) A cyberattack on Royal Mail, UK's largest mail delivery service, has been linked to the LockBit ransomware operation.
Royal Mail cyberattack linked to Lockbit gang (Computing) The Russia-linked Lockbit ransomware gang has been linked to a cyberattack that disrupted Royal Mail's international export services this week.
Royal Mail halts international services after cyberattack (BleepingComputer) The Royal Mail, UK's leading mail delivery service, has stopped its international shipping services due to "severe service disruption" caused by what it described as a "cyber incident."
Corrupt software introduced by contractors took down FAA system, officials say (NBC News) This system, installed in 1993, runs the Notice to Air Missions system, or NOTAM, which sends pilots vital information they need to fly.
'Old tech and damaged database' to blame for FAA outage (Computing) An error in a Notice to Air Missions system, which grounded flights across the USA earlier this week, was caused by a damaged database file, the Federal Aviation Administration has said.
Crypto-inspired Magecart skimmer surfaces via digital crime haven (Malwarebytes) One criminal scheme often leads to another. This blog digs into a credit card skimmer and its ties with other malicious services.
Researchers Find 'Digital Crime Haven' While Investigating Magecart Activity (Dark Reading) A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more.
Windows zero day patched but exploitation activity unclear (TechTarget) Avast detected a recently patched Windows zero-day flaw being exploited in the wild and urged users to patch.
TX Insurance Administrator Discloses Healthcare Data Breach (Health IT Security) Bay Bridge Administrators (BBA) experienced a data security incident that impacted individuals enrolled in some employment insurance benefits.
Laid-Off Workers Are Flooded With Fake Job Offers (Wall Street Journal) The rise of virtual hiring and remote work have made it easier to swindle job seekers, and fraudsters see new opportunity in recent job cuts, authorities say.
Microsoft's VALL-E will usher in new era of cyber crime (IT PRO) With its ability to synthesise speech from short audio clips, Microsoft's VALL-E poses a worrying development in the realm of deepfakes
Public warned of scammers impersonating UK Police (3FM) The public are being warned of a recent phone scam where callers pretend to be UK Police.
CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog (The Record from Recorded Future News) CISA added a new zero day bug to its known exploited vulnerability list this week after Microsoft confirmed it was being used in attacks.
Juniper Networks Releases Security Updates for Multiple Products (CISA) Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms (CISA) Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update.
Sewio RTLS Studio (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sewio Equipment: RTLS Studio Vulnerabilities: Use of Hard-coded Password, OS Command Injection, Out-of-bounds Write, Cross-Site Request Forgery, Improper Input Validation, Cross-site Scripting 2.
RONDS Equipment Predictive Maintenance Solution (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: RONDS Equipment: Equipment Predictive Maintenance (EPM) Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized user to leak login credentials and download files.
InHand Networks InRouter (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: InRouter302, InRouter615 Vulnerabilities: Cleartext Transmission of Sensitive Information, OS Command Injection, Use of a One-way Hash with a Predictable Salt, Improper Access Control, Use of Insufficiently Random Values 2.
Panasonic Sanyo CCTV Network Camera (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Panasonic Equipment: Sanyo CCTV Network Camera Vulnerability: Cross-Site Request Forgery (CSRF) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to perform actions via HTTP without validity checks.
SAUTER Controls Nova 200 – 220 Series (PLC 6) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series (PLC 6) Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2.
Johnson Controls Metasys (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposed credentials in plain text to unauthenticated users.
Hitachi Energy Lumada APM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Lumada APM Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to any Power BI reports installed or manipulate asset issue comments on assets.
Siemens S7-1500 CPU devices (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Mendix SAML Module (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Automation License Manager (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Siemens Solid Edge before V2023 MP1 (CISA) Beginning January 10, 2023, CISA will no longer be updating historical security advisories for Siemens product vulnerabilities. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1.
Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Philips Equipment: Patient Information Center iX (PIC iX) and Efficia CM Series Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Cryptographic Algorithm 2.
WatchGuard's Cybersecurity Predictions (WatchGuard Technologies) 2023 cybersecurity predictions from the WatchGuard Threat Lab, including Zero Trust, space hacks, cyber insurance, password-less authentication, and more
Trends in Credential Stuffing and How to Identify It (ThreatX Labs) There are various, distinct forms of brute force-based attacks. In this report, we focus on a variant called distributed botnet-based credential stuffing.
Anatomy of a Targeted Credential Stuffing Attack (ThreatX Labs) One of the main challenges that security operation centers (SOC) and threat hunting teams run into is trying to determine what is noise vs. a targeted attack when looking at millions (or even billions!) of requests in their logs.
Telegram Bot Abuse For Phishing Increased By 800% in 2022 (Infosecurity Magazine) The growth is associated with using HTML attachments as a delivery method in credential phishing
CISA Releases 2022 Year in Review (Cybersecurity and Infrastructure Security Agency) Year in Review Highlight’s CISA’s Growth and Extensive Work to Protect Nation’s Critical Infrastructure
2022 Year In Review (CISA) Our 2022 CISA Year in Review in January lays out the tremendous work by our teammates and partners over the past year. Organized around the four goals outlined in our Strategic Plan, it highlights key achievements toward our vision of ensuring secure and resilient critical infrastructure for the American people.
SailPoint Acquires SecZetta to Provide Comprehensive Identity Security for Non-Employee Identities (Business Wire) SailPoint Technologies, Inc., a leader in enterprise identity security, today announced it has acquired SecZetta, a leading provider of third-party id
Inbenta, a provider of AI-powered chatbots and more, lands $40M (TechCrunch) Inbenta, a company developing AI-powered chatbot and search technologies, has raised $40 million in a venture funding round.
Safe-T Group Announces Corporate Rebranding Changes Name to Alarum Technologies Ltd. to Reflect Core Values of its Growing Business (GlobeNewswire News Room) Safe-T Group Ltd. (Nasdaq: SFET) (TASE: SFET) (“Safe-T” or the “Company”), a global provider of...
IBM Announces $725M Quantum Computing Deal with Australian Government (HPC Wire) IBM Australia has announced the signing of the next iteration of the Whole-of-Government Arrangement with the Digital Transformation Agency (DTA) on behalf of the Commonwealth of Australia.
How Data Security Breaches Affect Your Company’s Value (American Security Today) Corporate victims to a data security breach can have dire effects on not just the company’s value, but also its brand image and reputation
Twitter Orders Staff Members At Asia Headquarters To Clear Desks And Work From Home (Deadline) Staff members at Twitter’s Asia headquarters in Singapore have been told to clear their desks and work from home indefinitely, according to a new report. An email sent Wednesday informed staff that…
Versa Networks named 2022 CyberSecured Awards winner (SecurityBrief Asia) Versa SASE 5G Edge won for delivering the industry’s only complete SASE integration of cloud security, networking, SD-WAN, secure access, and analytics.
Coalfire CPO Vineet Seth to Join anecdotes' Advisory Board (PR Newswire) anecdotes, the leading security compliance technology provider, announced today the appointment of Vineet Seth to the company's advisory board....
Wallarm adds Cybersecurity Leaders to its Board of Advisors (Business Wire) Wallarm, the end-to-end API security company, is pleased to introduce the newest cybersecurity luminaries to join the company’s already impressive Boa
Castellum, Inc. Announces Alan R. Lynn to Join Advisory Board (GlobeNewswire News Room) POTOMAC, Md., Jan. 13, 2023 (GLOBE NEWSWIRE) -- Castellum, Inc. (NYSE American: CTM) announces Alan “Al” Lynn has joined the Company’s Advisory Board....
Aryaka Delivers Mission-Critical Managed Network and Security Offering for Retailers at NRF 2023 (PR Newswire) Join Aryaka®, the leader in Unified SASE solutions, at NRF booth #1805, January 14-17, at the Javits Center in New York City to learn more...
Beyond Identity Receives FIDO2 Certification (Beyond Identity) Enterprises now have a standards-based path to accelerate passwordless phishing-resistant authentication
ChicMe Chooses Forter to Optimize Customer Experience and Support New Market Expansion (Business Wire) Online retailer ChicMe has chosen Forter to help with its global expansion by improving payment processing.
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward (ReversingLabs) Learn how A1000 can reduce risks (and workload and tool costs) while ensuring privacy. Plus, how it reduces MTTD, and prioritizes malware for triage.
Divilo announces new partnership with ThetaRay FXCompared.com (FXcompared) Divilo, a provider of business-to-business financial services, has confirmed that it will be working with ThetaRay’s AI-led transaction monitoring service to help with its online money transfer service. Read more about the international payments market with our money transfers news.
CISA's Joint Cyber Defense Collaborative Taps SentinelOne for Threat Intelligence (MSSP Alert) As a Joint Cyber Defense Collaborative (JCDC) member, SentinelOne will provide threat intelligence to help combat cyberattacks.
authID® Integrates Verified™ CloudConnect™ with Okta Workforce Identity Cloud, Expands Offerings across Workforce and Customer Identity (Yahoo) Combining Verified with Okta’s Workforce and Customer Identity Clouds delivers authID’s phishing-resistant Human Factor Authentication™ that eliminates the risks of passwords and credential compromise for both workforce and customer applications DENVER, Jan. 12, 2023 (GLOBE NEWSWIRE) -- authID [Nasdaq: AUID] a leading provider of secure identity authentication solutions, today announced the integration of Verified CloudConnect with Okta’s Workforce Identity Cloud and the expanded availability of
NVIDIA Helps Retail Industry Tackle Its $100 Billion Shrink Problem (NVIDIA Blog) To make it easier for developers to quickly build and roll out applications designed to prevent theft, NVIDIA today announced three Retail AI Workflows, built on its Metropolis microservices.
Getting Cybersecurity Protection Via Your DNS: Opportunities and Challenges (DomainTools) Joe St Sauver discusses cybersecurity protection via DNS as a way to help prevent employees from navigating to potential malware-infected or phishing sites.
Patch Where it Hurts: Effective Vulnerability Management in 2023 (The Hacker News) Businesses are taking an average of 215 days to patch reported vulnerabilities. Even critical vulnerabilities are taking over 6 months to fix.
How to Block Scam Calls, the Top Source of Fraud Against Older Adults (Wall Street Journal) Virtual assistants, call blocking and robocall apps can keep con artists at bay.
US spies lag rivals in seizing on data hiding in plain sight (AP NEWS) As alarms began to go off globally about a novel coronavirus spreading in China , officials in Washington turned to the intelligence agencies for insights about the threat the virus posed to America.
DoraHacks and Cryptosat Run the First Cryptographic Trusted-Setup for Zero-Knowledge in Space (Yahoo) DoraHacks, a leading global hackathon organizer and open source incentive platform, and Cryptosat, which develops and launches crypto-satellites into space to enable novel cryptographic applications, announced today that they have successfully performed the first experiment to initiate a Zero-Knowledge (ZK) proof system in space.
Quantum computers threaten our whole cybersecurity infrastructure: Here's how scientists can bulletproof it (Phys.org) Thirteen, 53 and 433. That's the size of quantum computers in terms of quantum bits, or qubits, which has significantly grown in the last years due to important public and private investments and initiatives. Obviously, it is not only a mere question of quantity: the quality of the prepared qubits is as important as their number for a quantum computer to beat our existing classical computers, that is, to attain what's called the "quantum advantage". Yet it is conceivable that soon quantum-computing devices delivering such an advantage will be available. How would this affect our daily lives?
DOD, Japan MOD Sign Technology and Security of Supply Arrangements (U.S. Department of Defense) Secretary of Defense Lloyd J. Austin III and Japanese Defense Minister Yasukazu Hamada signed a bilateral Research, Development, Test and Evaluation Memorandum of Understanding and a bilateral,
Re-upping a spy agency’s snooping power this year will be a complicated task for Congress (Washington Post) National Security Agency and U.S. Cyber Command chief Gen. Paul Nakasone forcefully made the case Thursday for Congress to renew an expiring surveillance power, saying it has helped disrupt cyberattacks and patch digital vulnerabilities.
NSA director pushes Congress to renew surveillance powers (Stars and Stripes) A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats.
Keynote Speech by GEN Paul M. Nakasone, Commander, USCYBERCOM, Director NSA/Chief, Central (National Security Agency/Central Security Service) Keynote Speech by GEN Paul M. Nakasone, Commander, USCYBERCOM, Director NSA/Chief, Central Security Service at the Privacy and Civil Liberties Oversight Board Public Forum on FISA Section 702 on
FCC identifies challenges in getting Huawei rip-and-replace program fully functional (Inside Cybersecurity) The Federal Communications Commission is facing challenges in completing its rip-and-replace program to remove untrustworthy equipment from Huawei and ZTE that the government has deemed a national security risk, according to a Tuesday report to Congress.
Wisconsin, North Carolina ban TikTok from state devices on security concerns (MarketScreener) The governors of Wisconsin and North Carolina on Thursday signed orders banning TikTok on government devices due to cyber security concerns, joining other states and the federal government in... | January 13, 2023
Google Says Supreme Court Ruling Could Potentially Upend the Internet (Wall Street Journal) A case challenging the liability shield protecting websites such as YouTube and Facebook could result in both widespread censorship and a proliferation of offensive content, Google said in a court filing.
SEC sues Covington law firm for names of 300 clients caught up in hack (Reuters) The U.S. Securities and Exchange Commission has sued law firm Covington & Burling for details about nearly 300 of the firm's clients whose information was accessed or stolen by hackers in a previously undisclosed cyberattack, court documents show.
SEC Demands That Covington & Burling "Name Names" (The National Law Review) Earlier this week, the United States Securities and Exchange Commission filed a&nbsp;complaint&nbsp;against one of the country&#39;s leading law firms - Covington & Burling LLP.&nbsp; According to
SEC Accuses Law Firm Covington of Stalling Cyberattack Probe (1) (Bloomberg Law) The Securities and Exchange Commission has accused law firm Covington & Burling of failing to comply with a subpoena for information about a 2020 cyberattack on the firm that potentially exposed client data.
Live Updates: Garland Names Special Counsel in Biden Documents Case (New York Times) The appointment of Robert K. Hur by Attorney General Merrick Garland came after the discovery of two batches of classified documents from Mr. Biden’s time as vice president. One set was recovered from a storage space in the garage of his home in Wilmington, Del.
Ex-U.S. attorney Robert Hur appointed special counsel to investigate Biden docs (Maryland Daily Record) Attorney General Merrick Garland appointed Robert Hur as special counsel to investigate classified documents found at Joe Biden’s home and at an office.
Opinion If Trump’s classified document mishandling was ‘irresponsible,’ so is Biden’s (Washington Post) After the Justice Department released a staged photo of classified documents — including some marked “Top Secret/SCI” (sensitive compartmented information) — which the FBI had spread on the floor of former president Donald Trump’s Mar-a-Lago estate, President Biden was asked on “60 Minutes” what he thought when he saw that picture.
Joe Biden may have broken the Espionage Act. It’s so broad that you may have, too | Trevor Timm (the Guardian) The Espionage Act is incredibly broad and spares literally no one. Readers of this newspaper may even have violated it
The S.B.F. Chronicles, Part 4: Alameda, We Have a Problem (Puck) Among the first to sniff out the infamous balance sheet of Alameda Research, S.B.F.’s now defunct hedge fund, was a young doctor turned financial sleuth whose analysis helped facilitate FTX’s demise. This is the fourth in a series.
Sam Bankman-Fried sticks to his script (Axios) The disgraced FTX founder also addresses his Robinhood contradiction.
SEC charges Gemini and Genesis with unregistered securities offering (The Block) The program has been the subject of a public fight between the two erstwhile corporate partners.
Nexo Office Raided by Bulgarian Police in Wide Investigation (Bloomberg) More than 300 personell take part in Bulgarian operation. Probe comes four months after US states move against Nexo.
GAO rules Booz Allen has no conflict in $860M VA award (Washington Technology) This is the second time in 12 months that protestors unsuccessfully raised conflict-of-interest allegations against Booz Allen over a large Veterans Affairs win.
For a complete running list of events, please visit the Event Tracker.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Jan 9 - 13, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Insider Threat Program Development - Management Training Course (Laurel, Maryland, USA, Jan 30 - 31, 2023) The training course will be taught at the Johns Hopkins University Applied Physics Laboratory, in Laurel, Maryland. This highly sought after and very comprehensive 2 day training course will ensure the Insider Threat Program (ITP) Manager/ Senior Official (Insider Threat Analyst, FSO, CSO, CISO, Etc.), and others who support the ITP (Human Resources, IT, Network Security, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / ITP Working Group. Our student satisfaction levels are in the exceptional range. Over 900+ individuals have attended this training course and received ITP Manager Certificates.
CybertechGlobal Tel Aviv (Tel Aviv, Israel, Jan 30 - Feb 1, 2023) Cyber is all around us—it is one of the most trending topics in the tech and business arenas. It is a whole-encompassing industry that is not only about threats, but also covers the scope of digitalization and opportunities in the realm of innovation. From Tel Aviv and Rome, to Tokyo, Singapore, Panama, and more, Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe. Our conferences and exhibitions serve as the go-to place to make business happen and learn all about the latest technological innovations, challenges, and solutions to combating threats within the global cyber arena. Cybertech events feature top executives, government officials, leading decision-makers from a wide range of sectors including critical infrastructure, insurance, retail, health and government, defense, R&D, manufacturing, automotive, and more! Multinational corporations, startups, private and corporate investors, venture capital firms, experts, and clients—come and meet all the key players from the cyber industry and be immersed in everything there is to offer. Cyber. We live it. Breathe it. All at the forefront of global innovation.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Feb 6 - 10, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Tech Days (Barcleona (and virtual), Spain, Feb 13 - 15, 2023) The PKI and cryptography landscape is in a state of constant evolution. Emergence of post-quantum cryptography, new PKI and IoT use cases, and rapid growth of machine identities are all serious challenges. At Tech Days 2023, we say “Game On.”
