— The cybersecurity community during the COVID-19 emergency
FBI offers US companies more details from investigations of health care hacking (CyberScoop) The FBI has provided U.S. companies more information on the extent of recent criminal and foreign government-backed hacking operations against the health care sector and warned of ongoing efforts to steal U.S. research data.
Using COVID-19 to Double Down on Cyber Norms (Council on Foreign Relations) The United States should use the COVID-19 pandemic as an opportunity to push for clearer guardrails to bound acceptable and unacceptable behavior in cyberspace.
Analysis | The Cybersecurity 202: Privacy experts fear a boom in coronavirus surveillance (Washington Post) Surveillance programs built to combat the pandemic may outlast it.
UK contact tracing app source code reveals 7 security holes (9to5Mac) Analysis of the source code for the UK contact tracing app has revealed no fewer than seven security flaws. One of these is that the random code ...
NHS App Has More Glaring Security Flaws and This is Just Getting Bloody Ridiculous Now (Gizmodo UK) By the time they get the app up to scratch, the pandemic will be over.
UK contact-tracing app set to miss official launch date as Google, Apple release API (ComputerWeekly) Government ministers aim to shore up contact-tracing strategy after junior minister concedes much-publicised app set miss-stated start date and Silicon Valley giants officially launch API for apps that follow different route than NHS
Estonia preparing to launch immunity passport for people recovered from virus (The Telegraph) The Baltic state is hoping the technology will help revive its economy as lockdown restrictions ease
Connected car data used to monitor movement under coronavirus lockdown (The Telegraph) Public authorities are keen to get a sense of where residents are going and why
Perspective | One of the first contact-tracing apps violates its own privacy policy (Washington Post) North and South Dakota’s Care19 coronavirus app sends your location data to more than just the government
Four states warn unemployment benefits applicants about data leaks (NBC News) The breaches stem from two incidents in which states hired contractors to quickly implement the Pandemic Unemployment Assistance program.
ZLoader Loads Again: New ZLoader Variant Returns (Proofpoint) In December 2019, Proofpoint researchers observed email campaigns widely distributing a new version of the ZLoader banking malware, which appears to be under active development.
()
Klobuchar, Moran Introduce Legislation to Protect Seniors from Scams During Coronavirus Pandemic (News Releases - U.S. Senator Amy Klobuchar) The Protecting Seniors from Emergency Scams Act would help prevent scammers from taking advantage of seniors during the coronavirus pandemic and future emergencies
The overlooked pandemic: Brazilian phishing attacks and how to handle them (Lexology) The Covid-19 pandemic has given rise to a global economic shutdown, causing many governments, including the Brazilian government, to look for…
Microsoft warns of Covid-19 phishing campaign as it open sources coronavirus threat intel (SC Magazine) Software company warns of threat that installs the NetSupport Manager remote administration tool to take over a system and execute commands remotely.
Four agencies warn banks and customers of COVID-19 scams (Fifth Domain) Criminals are using COVID-19 lures to trick banks and customers into providing personal and financial information.
Avoid Scams Related to Economic Payments, COVID-19 (CISA) The Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of the Treasury, the Internal Revenue Service (IRS), and the United States Secret Service (USSS) urge all Americans to be on the lookout for criminal fraud related to these economic impact payments—particularly fraud using coronavirus lures to steal personal and financial information, as well as the economic impact payments themselves—and for adversaries seeking to disrupt payment efforts.
Warning after increase in cyber and doorstep scams in Perthshire during lockdown (Daily Record) Cold callers offering cleaning kits and medical products
UK Government defies cyber centre warnings (Insurance Business) Risks of hacking and data privacy are on the rise
Businesses Are Turning to More Secure Communication Tools to Avoid Govt Overreach: Report (The Sociable) Businesses are turning to more secure communication tools to avoid government overreach, according to a new encryption platform report.
Top cyber cop fears workers will return to ‘malware sitting on computers’ (SC Magazine) With a surge in people going back to work a chief constable warns of cybersecurity breaches and vulnerabilities in offices that were "abandoned" in the coronavirus lockdown.
Why coronavirus is going to change the way we work forever (Computing) The pandemic is only accelerating trends that were already happening
For Many, Remote Work Is Becoming Permanent in Wake of Coronavirus (Wall Street Journal) Companies across the economy are considering a permanent shift to remote work in the aftermath of the coronavirus outbreak, following the lead of tech-sector giants.
()
Why security clearance needs may dip as teleworking grows (Defense Systems) Bill Evanina, the director of the National Counterintelligence and Security Center, said the intel community’s carte blanche need for top-secret security clearances may dwindle due to expanded telework abilities.
Do I Need a Traditional Office in the Post-COVID World? (PRWeb) A NYC area IT consultant and Cloud services provider addresses the question, “Do I need a Traditional Office in the Post-COVID World?” in a new article on the e
Analysis: The Long-Term Implications of 'Work From Home' (BankInfo Security) The latest edition of the ISMG Security Report features Retired General Keith Alexander, former NSA director, discussing the long-term security implications of the
COVID-19: Does Your Cyber Policy Cover Remote Working Cyber Risks? (JD Supra) Working from home has quickly become the new normal, but it may also be the reason your cyber insurer denies coverage for the next cyberattack. With...
Facebook to Shift Permanently Toward More Remote Work After Coronavirus (Wall Street Journal) The social-media giant plans to become a substantially remote workforce over the next decade, CEO Mark Zuckerberg said, as it moves to embrace the dispersed structure made necessary by the pandemic.
Mark Zuckerberg says half of Facebook staff will work from home permanently (The Telegraph) Tens of thousands of staff will not come into offices as company becomes biggest to shift to remote working even after pandemic
Mark Zuckerberg on taking his massive workforce remote (The Verge) ‘We’re going to be the most forward-leaning company on remote work at our scale,’ Facebook’s CEO says. Half the company could be remote someday
Why Silicon Valley saw coronavirus coming (The Telegraph) Techies in California responded to the pandemic early – so why did the industry see it coming where many others did not?
Florida COVID-19 dashboard designer faces cyber sexual harassment charges, DeSantis says (WGME) The woman who designed Florida's COVID-19 dashboard and later fired faces an open criminal investigation for sexual cyber-harassment and cyberstalking, Gov. DeSantis said Wednesday. Rebekah Jones | Photo:Leon County Sheriff’s Office 2019.
Cyber Attacks, Threats, and Vulnerabilities
NSO Group Impersonates Facebook Security Team to Spread Spyware — Report (Threatpost) An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.
Indonesia probes breach of data on more than two million voters (Reuters) Indonesia's election commission is investigating the release of 2.3 million voters' private information on a hacker website along with a threat to release of the data of about 200 million people, the agency said on Friday.
Cyber-Attack Hits a Large Number of Websites in Israel (Bloomberg) A large number of Israeli websites reported a cyber-attack during the past few hours, the Israel National Cyber Directorate said on Thursday.
Opinion | How Iranian hackers tried to phish me (Washington Post) The hack attempts were relentless and sophisticated. America should be on its guard.
Phishing in a Bucket: Utilizing Google Firebase Storage (Trustwave) Credential phishing is a real threat that's targeting organizations globally. Threat actors are finding smart and innovative ways to lure victims to covertly harvest their corporate credentials. Threat actors then use these credentials to get a foothold into an organization to further their malicious agendas.
Galp issues warning over phishing scams (Portugal Resident) Galp issues warning over phishing scams. Energy giant Galp is warning the public about two fake campaigns which are using the company’s name and logo.
Israeli researchers stop cyberattacks with discovery of major DDoS exploi (The Jerusalem Post) In addition to their study, the researchers also contacted Google, Microsoft, Cloudflare, Amazon, Dyn (now owned by Oracle), Verisign, and Quad9, leading them to update their DNS software.
Facebook Scraped Data Issue Surfaces in Vietnam (SafetyDetectives) The security research team, led by Anurag Sen, at Safety Detectives has uncovered a significant leak of Facebook data. As much as 3 gigabytes of scraped Faceboo
Hacker leaks 40 million user records from popular Wishbone app (ZDNet) UPDATE: The Wishbone database leaks online after a hacker began selling it earlier this week.
Hackers modify attack routine to deploy Ragnarok ransomware on networks protected by Sophos firewall (Computing) An SQL injection zero-day in the Sophos firewall was exploited to infiltrate corporate networks
A 2017 Magento Bug is Opening Up Online Shops for Hackers (Computer Business Review) Hackers are exploiting a 2017 Magento bug that allows them to take over a user’s e-commerce website and embed malicious code.
Mathway investigates data breach after 25M records sold on dark web (BleepingComputer) A data breach broker is selling a database that allegedly contains 25 million Mathway user records on a dark web marketplace.
Germany's Fresenius Medical Care confirms data leak in Serbia after hacker attack (Reuters) German dialysis provider Fresenius Medical Care (FMC) confirmed on Thursday that patient data from some of its dialysis centres in Serbia leaked after a recent hacker attack.
Hacked Law Firm May Have Had Unpatched Pulse Secure VPN (Data Breach Today) A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and
Hackers tried (and failed) to install ransomware using a zero-day in Sophos firewalls (ZDNet) Sophos acted quickly to put out a patch that stopped the hackers' attempts to deploy ransomware on enterprise networks protected by Sophos firewall devices.
Blox Tales #6: Subpoena-Themed Phishing With CAPTCHA Redirect (Armorblox) In this blog, we’ll focus on a new variant of the subpoena phishing attack that used multiple redirects, including a functioning CAPTCHA page, to lure users into giving up their Office 365 credentials.
Aberdeen Research Report: The Business Impact of Website Scraping (PerimeterX) Protect your web apps against account takeover, carding, denial of inventory, scalping, skewed analytics, digital skimming, Magecart, PII harvesting, scraping.
New phishing campaign bypasses multi-factor authentication (SC Magazine) Hack uses OAuth2 framework and OpenID Connect protocol to access user data, bypassing 2FA.
Microsoft warns of huge phishing campaign using Excel (Digit) Microsoft has warned of a major new phishing threat using legitimate tools built into Microsoft Excel to target unsuspecting victims.
Microsoft: Beware this massive phishing campaign using malicious Excel macros to hack PCs (ZDNet) Hundreds of different Excel files have been used to trick PC users into installing a remote access tool that attackers can use to control their machine.
Office 365 exposed some internal search results to other companies (Naked Security) It’s not clear how many accounts were involved, but Microsoft is said to have made URLs and metadata available so admins can investigate.
MilkmanVictory Ransomware Created for Purpose of Attacking Scammers (The State of Security) A hacking group claimed that it developed a new ransomware strain called "MilkanVictory" for the purpose of attacking scammers.
Schneider Electric EcoStruxure Operator Terminal Expert (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Low skill level to exploit/public exploits are available
Vendor: Schneider Electric
Equipment: EcoStruxure Operator Terminal Expert
Vulnerabilities: SQL Injection, Path Traversal, Argument Injection
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow unauthorized write access or remote code execution.
Johnson Controls Software House C-CURE 9000 and American Dynamics victor VMS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.9
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls
Equipment: Software House C•CURE 9000 and American Dynamics victor Video Management System
Vulnerability: Cleartext Storage of Sensitive Information
2.
()
Security Patches, Mitigations, and Software Updates
Cisco fixes critical RCE flaw in call center solution (Help Net Security) Cisco has patched a critical remote code execution hole (CVE-2020-3280) in Cisco Unified Contact Center Express, its "contact center in a box" solution.
Edge receives fix for escalation of privilege vulnerability (Windows Report | Error-free Tech Life) Microsoft has released a security patch for an escalation of priviliges vulnerability in the Chromium-based Edge browser.
()
Adobe releases critical out-of-band security update (BleepingComputer) Adobe has released an out-of-band security update for Adobe Character Animator that fixes a critical remote code execution vulnerability.
Privilege escalation vulnerability patched in Docker Desktop for Windows (ZDNet) The security flaw could be used to trick the service into connecting to malicious processes.
Twitter lets users limit who can reply to their tweets (The Telegraph) People who can't reply to posts as part of the new test will still be able to see and share them
Facebook rolls out feature to help women in India easily lock their accounts (TechCrunch) Facebook has rolled out a new safety feature in India that will enable users to easily lock their account so that people they are not friends with on the platform cannot view their posts and zoom into and download their profile picture and cover photo. The feature is especially aimed at women to gi…
Cyber Trends
Reflections on: "Dealing with Cyberattacks" (Cato Institute) Most of the changes to the realm of cyberspace in the last 7 years has reinforced the lessons of Martin Libicki’s chapter: cyberspace is unlikely to be a national security problem.
Governments being hit by cyberattacks harder, more often: Deloitte (ReinsuranceNews) Research from Deloitte has found governments are being held hostage by cyber attacks more frequently, with criminals expanding their attack base and
Securonix 2020 Insider Threat Report Warns of "Flight Risk Employees" (Solutions Review) Securonix today released the Securonix 2020 Insider Threat Report. One of the biggest threats may be "flight-risk" employees. Learn more here.
Marketplace
Smarsh Acquires Entreda, Leader in Cybersecurity Risk and Compliance Software for Wealth Management Industry (Smarsh) Smarsh Acquires Entreda, Leader in Cybersecurity Risk and Compliance Software for Wealth Management Industry
IBM Announces First Job Cuts Under New Chief Executive (Wall Street Journal) An unspecified number of layoffs come as a major economic slowdown triggered by the coronavirus pandemic causes many customers to dial back investments.
()
For Cyber Companies, There Is no Place Like Israel, Says Imperva CEO (CTECH) Pam Murphy was appointed CEO of Israeli information security company Imperva in January, replacing Chris Hylen, who stepped down following a severe security breach
Top 25 Cyber Execs to Watch in 2020: Northrop Grumman's Jennifer Walsmith (WashingtonExec) Transitioning from nearly 30 years in the intelligence community to private industry, Jennifer Walsmith brings to Northrop Grumman Corp. an expert ability
Top 25 Cyber Execs to Watch in 2020: CACI's Kevin McNeill (WashingtonExec) Following CACI’s acquisition of LGS Innovations last year, Kevin McNeill helped lead the successful integration of LGS’ cyber research and development
RunSafe Security Appoints Veteran Security Experts to Technical Advisory Board (Yahoo) RunSafe Security, a pioneer of a patented process to immunize software from cyber attacks without developer friction, today announced the launch of its new technical advisory board comprised of top security experts from both industry and academia. The board will inform RunSafe on broader trends in the
Buchanan & Edwards Board of Directors Welcomes New Member, Bill Weber (PRWeb) Buchanan & Edwards Inc., an award-winning and fast-growing technology leader delivering transformative solutions for the national security community, announced tod
Products, Services, and Solutions
Meet NordSec: The company behind NordVPN wants to be your one-stop privacy suite (ZDNet) In an exclusive interview with ZDNet, NordVPN co-founder Tomas Okman shares his five-year plan to make his business synonymous with digital privacy and cyber-security.
FireEye enables orgs to respond to security incidents faster with flexible and customizable modules (Help Net Security) FireEye, the intelligence-led security company, introduced a new Innovation Architecture behind FireEye Endpoint Security.
CrowdStrike Falcon bolsters Linux protection with ML prevention, custom and dynamic IoAs (Help Net Security) CrowdStrike Falcon platform is bolstering its Linux protection capabilities with additional features, including ML prevention, custom IoAs and dynamic IoAs.
RedSeal Helps Healthcare Organizations Reduce Cyber Risk (GlobeNewswire) MedTech Breakthrough Awards selects RedSeal as best overall healthcare cybersecurity solution
Thycotic DevOps Secrets Vault Now Provides Just-in-Time Access to Cloud Platforms with Dynamic Secrets (Thycotic) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the
Sixgill's new Darkfeed automated threat intelligence now available in the Anomali APP Store (Help Net Security) Sixgill announced that its new Darkfeed automated threat intelligence is available in the Anomali Preferred Partner (APP) Store.
ESET signs distribution partnership with Credence Security for southern Africa (ITP) Credence to offer ensure suite of ESET security products, including two-factor authentication, encryption, and endpoint protection
Technologies, Techniques, and Standards
NIST Wants Help Demonstrating Security Compliance in 5G (Nextgov) The new project will help develop interoperability among various components of the emerging network architecture.
Counter Threat Unit researchers publish Threat Group definitions (Securework) The goals of sharing these profiles are to provide insight into CTU characterizations, encourage feedback, and promote discussions within the security community.
Cyber Threat Group Profiles: Their Objectives, Aliases, and Malware Tools (Secureworks) Learn more about cyber threat groups, their objectives, aliases and the malware they employ.
Council Post: Security Will Continue To Put Philanthropy At Risk -- Here's What You Can Do (Forbes) Don't wait until you experience a breach to act.
EasyJet Cyber-Attack: How to Avoid an Easy Hack (The National Law Review) A cyber-attack on budget airline EasyJet that has resulted in the exposure of the email addresses and flight details of 9 million of its customers and the credit card details of 2,208 of them is a rem
Raytheon’s Joe Richard: Agencies Should Deploy Zero-Trust Concepts for Multilayered Cyber Defense (ExecutiveBiz) Joe Richard, a mission manager at Raytheon Technologies, has said that organizations should consider investing in cyber resilience capabilities to improve systems’ capacity to withstand sophisticated attacks while preventing data loss and downtimes.
Design and Innovation
Facebook leverages AI to improve kids’ safety in Messenger (VentureBeat) Facebook is rolling out an AI feature that gives users under the age of 18 tips on interacting with unfamiliar adults and avoiding scams.
Why Privacy Notices Turn Off Shoppers (HBS Working Knowledge) It seems counterintuitive, but website privacy notices appear to discourage shoppers from buying, according to Leslie John.
Security Lessons From Hacker-Themed Board Games (Bishop Fox) A way to prepare for real security events is to simulate them through gamification. Test your crisis management abilities with hacker themed board games.
Legendary Cryptographer on Building the First Blockchain in The '90s (Cointelegraph) Jean-Jacques Quisquater, a legendary cryptographer cited in the Bitcoin Whitepaper, discussed building the first blockchain
Academia
University of Texas – San Antonio to lead public-private cybersecurity manufacturing consortium (Daily Energy Insider) The U.S. Department of Energy (DOE) this week appointed the University of Texas – San Antonio to lead the Cybersecurity Manufacturing Innovation Institute (CyManll), a new public-private consortium focused on early-stage research and development.© Shutterstock ... Read More »
RIT team prepares for virtual cyber defense national championship (RIT) RIT’s cyber defense team is getting a first-hand look at the challenges of socially distanced business operations, as they prepare for a new format of the National Collegiate Cyber Defense Competition (CCDC). The annual championship is part of the nation’s largest college-level cyber defense competition, an extracurricular event that helps to train the next generation of cybersecurity experts.
Legislation, Policy, and Regulation
EU regulators seek public feedback before drafting new rules to regulate tech giants (Computing) It will help the European Commission to draft new Digital Services Act
China Plans New National-Security Laws for Hong Kong (Wall Street Journal) China signaled it will impose new national-security laws on Hong Kong, dealing a blow to the territory’s autonomy as Beijing seeks to stamp out widespread pro-democracy protests that have challenged leader Xi Jinping.
WSJ News Exclusive | Senators to Propose Bill Sanctioning Chinese Officials Over Hong Kong Security Law (Wall Street Journal) U.S. senators are introducing a bipartisan bill that would sanction Chinese officials and entities who enforce the new national-security laws in Hong Kong, and penalize banks that do business with the entities.
The US needs to rethink its overseas supply chain (Defense News) America's national security depends on having a deeper knowledge of the full supply chains of subcomponents, including how and where they are produced.
China is ‘significant emerging threat’ to US: Rep. Stefanik (New York Post) New York GOP Rep. Elise Stefanik, one of the lawmakers nominated to the new China Task Force, believes the secretive Communist nation is now among the biggest threats to the…
Letter to ByteDance on TikTok Data Privacy Concerns, Ties to Chinese Communist Party (Energy and Commerce Committee) “We are living through an unprecedented time due to the ongoing COVID-19 crisis. As a result of this pandemic, millions of our citizens, through no fault of their own, have no choice but to stay home. In doing so, they rely on the Internet to connect them to families, friends, and vital services. As a …
Senate confirms John Ratcliffe as next director of national intelligence in sharply divided vote (Washington Post) The Texas congressman, who withdrew an earlier nomination last year, faced doubts about his qualifications and willingness to stand up to Trump.
PolitiFact - Did U.S. senators vote to allow access to your internet history without a warrant? Not really. (@politifact) There was a vote against requiring warrants, but it was to maintain the status quo, not create a new access requirement.
()
Litigation, Investigation, and Law Enforcement
Journalist Who Helped Break Snowden's Story Reflects On His High-Stakes Reporting (NPR) Barton Gellman shared a Pulitzer for his reporting about former NSA contractor Edward Snowden and the country's secret surveillance program. His new book is Dark Mirror.
Suspect identified in NAS Corpus Christi shooting FBI says believed to be ‘terrorism related’ (Navy Times) NAS Corpus Christi on lockdown, shooter neutralized after active shooter incident.
Grandmother ordered to delete Facebook photos (BBC News) Privacy laws mean a grandmother needs her daughter's permission to post photos of her grandchildren.
How Nextdoor Courts Police and Public Officials (CityLab) The hyper-local social media platform Nextdoor is winning over local law enforcement and other government officials in the U.S., alarming civil rights advocates.
Law Firm Can't Blame First Republic For $300K Email Scam (Law360) A Boston law firm targeted by an email scam can't hold First Republic Bank responsible for processing a $337,000 counterfeit check and subsequent wire transfers because the bank was simply following the firm's directions, the Massachusetts intermediate-level appeals court ruled Wednesday.
9th Circ. Ruling Threatens Online Filters, Justices Told (Law360) The U.S. Supreme Court should review a Ninth Circuit decision that could undermine protections for online content filters, the Electronic Frontier Foundation said in an amicus brief Thursday.
Google's $7.5M Data Breach Deal Gets Initial Nod (Law360) A California federal judge on Thursday preliminarily approved Google's $7.5 million deal that would resolve a proposed class action over a yearslong data breach that exposed millions of accounts on the now-defunct Google+ social media platform.
EXCLUSIVE: Mahira Sharma: I am planning to approach Cyber Crime Cell against Shehnaz Gill’s fans (The Times of India) And now, it looks like some alleged ‘Shehnaz Gill fans’ have trained their guns on another fellow contestant — Mahira Sharma. She has been accused of
Bigg Boss 13 fame Hindustani Bhau files complaint with cyber cell against fake Twitter accounts under his name - Times of India (The Times of India) Bigg Boss 13 contestant Hindustani Bhau is unhappy with fake accounts under his name on Twitter. The internet star has now created a real account on t
DC Circ. Orders Judge To Respond To Flynn's Bias Claims (Law360) The D.C. Circuit has given U.S. District Judge Emmet Sullivan 10 days to respond to former national security adviser Michael Flynn's accusations that the judge is "biased" for not allowing the government to drop charges against him.
GPS-Tracking Richard Simmons Not Free Speech, Tabloid Told (Law360) A California state appellate court Thursday agreed with a lower court that the former owner of In Touch Weekly can't use free speech protections to knock out a suit from fitness guru Richard Simmons accusing the tabloid owner of paying a private investigator to place a GPS-tracker on his car.