Alarm over DDoS produces threat inflation. False flags, cosplayers, and wannabes. Cyberspace Solarium sees lessons for cyber in the pandemic.

Cyber Attacks, Threats, and Vulnerabilities

Israel, Iran reportedly trade cyber-blows as part of ongoing tensions (Famagusta Gazette) Media outlets reported on Monday that in a recent thwarted Iranian cyber-attack on Israeli water systems, there was an attempt to change the chlorine levels in the water, putting hundreds of Israelis

False Rumors And Doctored Images Went Viral During The D.C. Protests (NPR) Some of the rumors claimed that authorities shut down cell phone signals in order to cover up violent police reprisals, but reporters on the scene say that is not true.

Anonymous, aiming for relevance, spins old data as new hacks (CyberScoop) Anonymous, the once-formidable hacking collective, continued its transformation into a cohort of social media opportunists over the weekend by claiming to “leak” files and personal information that, in some cases, has been available for years.

'Anonymous' Is Going Viral Again, But Is It Really Back? (Vice) The infamous hacktivist group is all over the news again during the George Floyd protests. We spoke to a former member and the foremost academic who has studied the movement to understand what's happening.

Analysis | The Cybersecurity 202: Protest goes online in Minneapolis as city, police websites hit by cyberattacks (Washington Post) Hacktivism is back amid protests over George Floyd's death.

Analysis | The Cybersecurity 202: Anonymous hacking collective seeks to help protests against police brutality (Washington Post) But their efforts may be more flash than substance.

Did Hacktivist Group Anonymous Take Down Minneapolis PD Website? (Variety) The internet was abuzz late Saturday night with speculation that Anonymous — the decentralized hacker collective — had successfully disabled the Minneapolis Police Department website, i…

Minneapolis city systems temporarily brought down by cyberattack (TheHill) City government systems in Minneapolis were temporarily brought down by a cyberattack early Thursday at the same time the city was grappling with raging protests over the police killing of George Floyd.

Governor: Minnesota hit by cyberattack as efforts to contain protests ramped up (TheHill) Minnesota Gov. Tim Walz (D) said state computers were the target of a cyber attack Saturday, the fourth night of demonstrations after the death of George Floyd.

Twitter became a major vehicle for misinformation about unrest in D.C. (Washington Post) Started by an account with just three followers, the hashtag exploded in popularity, generating about half a million tweets in its first nine hours after being created.

Russia and China target US protests on social media (POLITICO) Both countries have flooded Twitter with hashtags and other content experts say is aimed at sowing dissent across the country.

White nationalist group posing as antifa called for violence on Twitter (NBC News) Other misinformation and misleading claims spread across Twitter on Sunday night and into Monday related to the protests.

'Dream access' vulnerability as US NSA warns The Return of the WIZard is back (SC Magazine) Potential for major damage with Exim machines likely to be exposed while experts warn more 'aggressive and brazen' threats are likely.

Github uncovers malicious ‘Octopus Scanner’ targeting developers (Naked Security) GitHub has uncovered a form of malware that spreads via infected repositories on its system.

G Suite Marketplace primed for a privacy scandal, researchers warn (ZDNet) G Suite apps that have access to Drive and Gmail data found communicating with undisclosed external services.

New Technique Improves Effectiveness of Timing Channel Attacks (SecurityWeek) Two researchers have discovered a new timing channel attack technique that remains effective even if multiple processes are running on a system

Critical Exim bugs being patched but many servers still at risk (BleepingComputer) Patching Exim mail servers is not going fast enough and members of the Russian hacker group Sandworm are actively exploiting three critical vulnerabilities that allow executing remote command or code remotely.

Experts: #COVID19 Test and Trace Could Lead to Phishing Deluge (Infosecurity Magazine) Experts: #COVID19 Test and Trace Could Lead to Phishing Deluge. Spoofed text messages in particular raise major concerns

Contact-tracer spoofing is already happening – and it's dangerously simple to do (Register) I'm from the government, and I'm here to help you and your friends

VMware Cloud Director vulnerability could lead to hijack of enterprise server infrastructure (ZDNet) The security flaw handed over the keys to enterprise infrastructure.

ESET researchers detect a new trick used by malware to slip into the official Android app store (Intelligent CISO) ESET researchers discovered an extremely stealthy – yet surprisingly simple – technique that allowed Android malware to stay under the radar. Analysing the DEFENSOR ID app that was – at the time – available on the official Android app store, ESET researchers learned the app misused accessibility services but required no other suspicious permission nor […]

Tax refunds & grants anyone? – How not to fall for simple phishing (Forcepoint) Phishing campaigns abusing the name of the UK’s HMRC (tax office) are familiar to us here at Forcepoint X-Labs. What should a user be looking for when they encounter such an email? Or indeed, what should an automated or machine learning system look for in the same email? As you build user awareness programs across your employee base it’s always useful to have recent examples, so we dissect an example below.

Hackers revive years-old malware to exploit mass remote working (IT PRO) Strains that rely on social engineering are once again growing in popularity

Report: e-Learning Platform Exposes Private Data of Students Across the Globe (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently discovered a data breach belonging to the Spanish e-Learning platform

Michigan State hit by ransomware threatening leak of student and financial data (EdScoop) A blog associated with the NetWalker malware posted screenshots of file directories and a student’s passport, saying the files will be published if a ransom is not paid.

Ransomware attack causes system outage at telecom firm (Business Insurance) South Africa-based telecommunications firm Telkom SA SOC Ltd. suffered a ransomware attack, which led to outages across of its several systems.

Cybercrime tactics and techniques (Malwarebytes) The coronavirus pandemic has left the world looking very different at the end of the quarter than it did at the beginning.

Cyber vulnerabilities of self-driving cars laid bare in study by tech giants (SC Magazine) Government-backed project by telecoms and tech giants develops cybersecurity blueprint for self-driving cars at a critical time with projected growth worth £28 billion expected by 2035.

Smart cars vulnerable to hack that could enable ‘remote control’ (SC Magazine) A memory corruption vulnerability in GNU Glibc leaves smart vehicles open to attack according to Cisco's Customer Experience Assessment & Penetration Team (CX APT).

Financial data of 70 lakh BHIM users compromised says cyber security company, NPCI denies claim (Moneycontrol) The company stated it reached out to the website’s developers on May 5 and then approached India’s cybersecurity authority – Computer Emergency Response Team (CERT-In) on May 22, after which the breach was closed.

Data of over 7 million BHIM users exposed in CSC website breach: Report (ETtech.com) National Payments Corporation of India, however, denied any security breach at BHIM app itself

Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues (Register) Web sites and services tied to older versions of OpenSSL and GnuTLS have been dropping like flies

Global Phishing Pandemic? You Be the Judge. (INKY) COVID-19 related phishing scams are leading to an unprecedented rise in cybercrime and its associated loss. Countries from all over the world seems to be targeting U.S. companies and their remote employees. See what phish INKY has caught and learn how to protect your company from falling victim.

Vulnerability Summary for the Week of May 25, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

Security Patches, Mitigations, and Software Updates

Cloud infrastructure operators should quickly patch VMware Cloud Director flaw (CSO Online) Left unpatched, this command injection flaw could allow attackers to take control of a virtualized cloud infrastructure.

Facebook to verify identities on accounts that churn out viral posts (Naked Security) Hopefully it’s a COVID-19 version of what it did post-2016 elections, when it required verification of those buying political or issue ads.

No password required! “Sign in with Apple” account takeover flaw patched (Naked Security) A bug bounty hunter found a way to login using “Sign in with Apple”… but without the part where you have to put in a password.

Cyber Trends

LastPass Study Finds Identity and Access Management Strategies Vary by Vertical, Finance Focused on Security Integrations, while IT Prioritizes Multifactor Authentication (LogMeIn) LastPass by LogMeIn today released findings of a new report conducted in partnership with Vanson Bourne to understand how IT and security professionals across a variety of industries including finance, IT and media are managing their identity and access management (IAM) programs.

Healthcare - the new number one target for cybercrime (SC Magazine) Asked why he robbed banks, bank robber Willie Sutton quipped, "because that's where the money is." Now healthcare's the target & cybercrimals might well respond, “because that’s where the data is.”

White House says security incidents at US federal agencies went down in 2019 (ZDNet) US federal agencies reported 28,581 cyber-security incidents in 2019, down by 8% from 31,107 in 2018.

Police Disruption Erodes Trust on Dark Web (Infosecurity Magazine) Police Disruption Erodes Trust on Dark Web. Trend Micro sees cyber-criminals take to Discord and Shoppy to sell

Shifts in Underground Markets: Past, Present, and Future (Trend Micro) This research paper presents a wide-ranging view of dark web marketplaces and underground cybercriminal forums.

We Need to Protect Ourselves Against ‘Cyber Pandemic’ Says Check Point CEO (CTECH) Check Point founder and CEO Gil Shwed cautions about new reality and access for hackers as part of ‘The New Tomorrow’ online summit, co-hosted by the Israeli-American Council and the Peres Center for Peace and Innovation, which kicked off Sunday evening headlined by Shwed and bestselling author, behavioral economist, and entrepreneur Dan Ariely

6 hard truths security pros must learn to live with (CSO Online) Crafty hackers, unwitting users, a relentless workload — working in IT security is all about accepting this as business as usual and pushing forward anyway.

Global IT spending on enterprise software to witness first drop in 10 years, to reach $426bn in 2020 (BuyShares) Data obtained by Buyshares.co.uk indicates that in 2020, the global IT enterprise software spending will reach $426 billion, the first drop in ten years.

Not all IT budgets are being cut, some are increasing (Help Net Security) Even with the economic challenges that COVID-19 has posed for businesses, almost 38% of enterprises are keeping their IT budgets unchanged.

2020 Mobile Phishing Report from Lookout shows 37% sequential increase in the first quarter of 2020 (PR Newswire) Lookout, Inc., the leader in mobile security, today released its 2020 Mobile Phishing Spotlight Report that reveals there was a 37 percent...

The State of Mobile Phishing (Lookout) The mobile security landscape is constantly evolving. With more reliance than ever on mobile devices for both personal and business use, the entire world is looking at mobile accessibility as the vehicle to higher connectivity and better productivity.

Cyber Warfare Growing: From Academic Background to Current Events (Government Technology) As I read the new book, “Cyber Warfare — Truth, Tactics, and Strategies” by Chase Cunningham, global cyberattacks can be seen all around us now, if we look in the right places. Here’s my review of the topic, and the book.

Online retailers could lose £5.9bn through cyberattacks, new research shows (Retail Times) Online retailers could lose a staggering £5.9 billion through severe data breaches each year, based on the average cost and frequency of cyberattacks in the e-commerce sector, research reveals.

87 million credential stuffing attacks target US daily (Atlas VPN) According to Atlas VPN investigation, hackers carry out 87 million credential stuffing attacks on US citizens daily. Credential stuffing is a cyber-attack where fraudsters use large numbers of stolen credentials to log into individuals’ or companies’ accounts.

MariaDB Survey Reveals COVID-19’s Impact on Cloud Adoption (BusinessWire) MariaDB® Corporation today announced the results of a new global survey that looked at the initial COVID-19 impact on businesses moving to the cloud a

Marketplace

Thycotic Extends PAM Cloud Leadership with Acquisition of Onion ID (PR Newswire) /PRNewswire/ -- Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100,...

Zscaler Acquires Edgewise Networks (Zscaler) Zscaler today announced it has acquired Edgewise Networks, a pioneer in securing application-to-application communications for public clouds and data centers.

Cybersecurity Startups Feel a Pinch on Funding and Sales (Wall Street Journal) Venture capital is still flowing, but deals take longer and sometimes result in less investment.

Pandemic to Jumpstart Spending on Data Tools at Manufacturers (Wall Street Journal) Being able to monitor production remotely during the pandemic has made the case for even more data capabilities.

Global CyberTech100 list recognizes the tech companies providing critical cyber defences to financial institutions (One News Page [UK]) Tuesday 2 June, 2020The world’s most innovative providers of digital solutions helping financial services firms fight off cyber attacks and protect their data

CyberTech 100 (Fintech Mobile) The CYBERTECH100 is an annual list of 100 of the world’s most innovative CyberTech companies. These are the companies every financial institution needs to know about as they consider and develop their information security and financial crime fighting strategies.

Raytheon Intelligence & Space and Boldend partner to enhance cyber operational tools (Raytheon) Raytheon Intelligence & Space has established a strategic relationship with Boldend, a San Diego based, next-generation defense contractor.

Facebook staff in 'virtual walkout' over Mark Zuckerberg's response to Trump protest posts (The Telegraph) Multiple employees criticise hands-off approach to posts in rare public show of disagreement

Zuckerberg faces growing internal revolt at Facebook over how to handle Trump's posts (The Telegraph) Many senior Facebook employees made the decision to speak out publicly about their frustration with their employer

Facebook Employees Stage Virtual Walkout to Protest Trump Posts (New York Times) While Twitter started labeling some of the president’s inflammatory messages, Facebook’s chief executive, Mark Zuckerberg, has said his company should leave them alone.

RedSeal Appoints New CEO, Bryan Barney, Former Head of Symantec’s Enterprise Security Group (RedSeal) Ray Rothrock, cybersecurity, energy, and venture investing visionary, transitions to Executive Chairman

Cybersecurity Talent: Forcepoint Hires MSSP Expert Myrna Soto (MSSP Alert) Human-centric cybersecurity company Forcepoint hires Digital Hands veteran Myrna Soto as its chief strategy & trust officer.

NS8 Announces Cybersecurity Leader Tiffany O. Kleemann as President (PR Newswire) NS8, an online fraud prevention company, today announced that Tiffany O. Kleemann has been named as its first President. Kleemann is the former...

Products, Services, and Solutions

Cryptomathic First to Launch Full Lifecycle & HSM-Agnostic ‘Bring Your Own Key’ Solution for Microsoft Azure Key Vault (Cryptomathic) Cryptomathic CKMS supports BYOK for Microsoft Azure Key Vault while retaining lifecycle control of critical keys and HSM-agnostic functionality.

YouAttest Launches First Cloud-Based Identity Auditing and Compliance Solution for Okta's Identity Cloud (PR Newswire) YouAttest, an innovator in the Identity Governance & Administration (IGA) market today announced the general availability of YouAttest's...

New BitSight Innovations Help Organizations Achieve a Higher Standard for Third-Party Risk Management (BitSight) BitSight announces new capabilities within its TPRM solution that provide intelligent recommendations, operational guidance, & risk prioritization. Learn more!

South Korea’s SK Telecom to Help Myanmar Boost Cybersecurity (The Irrawaddy) Cyber experts from Korea’s biggest telecom firm will help Myanmar’s NCSC set up a Security Operation Center to spot cybersecurity weaknesses and respond to threats.

Dragos Platform 1.6 Advances Industrial Cybersecurity, Reduces Risk From Adversary Threats (Dragos) Dragos, Inc., provider of the Dragos Platform, the industry's most trusted industrial asset identification, threat detection and response technology, today announced the immediate availability of Dragos Platform 1.6.

Datadobi Offers Ultimate Unstructured Data Migration Flexibility with S3-to-S3 Object Migration Support (Datadobi) DobiMigrate 5.9 provides the ability to migrate or reorganize file and object storage data to the optimal accessible storage service.

Technologies, Techniques, and Standards

More than just a milestone in the Botnet Roadmap towards more securable IoT devices (NIST) Internet of Things (IoT) devices offer tremendous capabilities to users.

NISTIR 8259: Foundational Cybersecurity Activities for IoT Device Manufacturers (NIST) Internet of Things (IoT) devices often lack device cybersecurity capabilities their customers—organizations and individuals—can use to help mitigate their cybersecurity risks...

NISTIR 8259A: IoT Device Cybersecurity Capability Core Baseline (NIST) Device cybersecurity capabilities are cybersecurity features or functions that computing devices provide through their own technical means (i.e., device hardware and software)...

NIS security regulations proving effective, but more work to do (ComputerWeekly.com) The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report.

DOD's third attempt to implement IPv6 isn't going well (ZDNet) First two attempts failed citing security concerns. This time, the DOD is woefully behind on its own implementation plan.

Video Conferencing Security for Businesses Isn't a New Issue, It Just Came Into Focus (Security Intelligence) Video conferencing has suddenly become a critical tool for businesses. Here are some tips for increased privacy and control.

Exclusive: Philadelphia's new voting machines under scrutiny in Tuesday's elections (Reuters) When Pennsylvania holds primary elections on Tuesday, some election security advocates will be watching closely to see if more than 2,000 new voting machines acquired last year by Philadelphia and two other counties perform without glitches.

Don’t let the fear of hackers limit your cyber defence (Intelligent CISO) Russell Coleman, Coordinated Disclosure Advisor at HackerOne, offers a deeper insight into ethical hacking and discusses the benefits such as its ability to offer organisations an additional layer of protection. People love new technology and in the connected digital world we live in today, this tends to mean immersive tech experiences, new devices and more […]

Webcast: Linux Command-Line Dojo II - Return Of The Sensei (Black Hills Information Security) Last month’s Linux webcast with Hal was a rousing success! He actually broke the record for the most live attendees on a Black Hills webcast. So, of course, we asked him to come back. The crowd in the Command Line Dojo was so large that some of the questions got lost in the shuffle. Sensei […]

Design and Innovation

Why your voice is your new password (InsiderPro) Google now lets some users verify purchases using voice alone. It’s just the beginning. Welcome to the future of biometric ID and verification.

Twitter takes action against Rep. Matt Gaetz for glorifying violence (The Verge) But the platform didn’t remove it

Inside Twitter’s Decision to Take Action on Trump’s Tweets (Wall Street Journal) A weeks-old policy about virus misinformation laid the groundwork for the social platform’s steps this past week to push back on the president’s posts.

Facebook Suspends Russian Colorist For 'Dangerous' WWII Images (Radio Free Europe | Radio Liberty) One of the world’s leading colorists of historic photos fears she will be banned permanently from Facebook and Instagram after multiple suspensions of her accounts.

Towards one database to rule them all (Computing) Databases have become silos and this needs to change, says graph guru Marko Rodriguez

Research and Development

£1m of defence innovation funding includes cyber/physical integration (SC Magazine) Integration of information and physical activity across all domains is identified by the MOD as a priority for £1 million of defence innovation funding within its Innovation Focus Areas.

£400,000 funding to boost the security of consumer smart devices (SC Magazine) The UK Government's digital infrastructure minister Matt Warman announces a £400,000 funding pot for innovators to design schemes to boost the security of internet-connected products.

Legislation, Policy and Regulation

Cybersecurity Lessons from the Pandemic (Cyberspace Solarium Commission) The COVID-19 pandemic is challenging our resilience on a national scale and illustrates the challenges with building and maintaining resilience in a modern, connected world.

Interview: India's National Cyber Security Coordinator Lt Gen. Rajesh Pant (MediaNama) Lt Gen. (Dr) Rajesh Pant, India's National Cyber Security Coordinator, discusses the National Cyber Security Strategy, E2E encryption, Kudankulam, OEWG and more.

EU to impose sanctions on Russia hackers for cyber attack on German Bundestag – journalist (UNIAN) In particular, sanctions include a travel ban and asset freeze.

Germany Calls in Russian Envoy Over Hack Attack (New York Times) Germany's foreign ministry called in the Russian ambassador in Berlin on Thursday to complain "in the strongest possible terms" about a hack attack on the German lower house of parliament in 2015 and discuss possible sanctions against those responsible.

North Korea accuses U.S. of hurting its image with cyber threat warning (Reuters) North Korea accused the United States of smear tactics on Friday after Washington renewed accusations last month that Pyongyang was responsible for malicious cyber attacks.

Out of Favor With Australia’s Central Government, China Targets States (Wall Street Journal) The leader of one of Australia’s biggest states has touted an infrastructure deal with Beijing as a way to create jobs in a coronavirus-afflicted economy. But others worry Chinese money may end up funding projects that are a national-security risk.

Feds step in to help Queensland with cyber security (CRN Australia) Three new AustCyber nodes opened to boost state's cyber posture.

Members of Congress to unveil bipartisan bill to regulate contact-tracing apps, fearing potential privacy abuses (Washington Post) Senate lawmakers plan to unveil a bipartisan bill on Monday that would regulate contact-tracing and exposure-notification apps, seeking to ensure new digital tools meant to combat the coronavirus don’t come at the expense of users’ privacy.

WSJ News Exclusive | Semiconductor Industry to Lobby for Billions to Boost U.S. Manufacturing (Wall Street Journal) Federal funds will be sought for factory building and research to keep the U.S. ahead of China and others generous in subsidizing their companies.

U.S. Ban on Huawei isn't About Cyber Security, But 5G Leadership Race (PC Tech Magazine) U.S. ban on Huawei is not greatly about cyber security and national security concerns as continuously stated. It’s all about the state of 5G leadership.

Must finish work on impact of U.S. sanctions before any Huawei update, says UK PM's spokesman (Reuters) The first step for any decision on Chinese telecoms company Huawei is for Britain's National Cyber Security Centre (NCSC) to finish its work on the impact of U.S. sanctions, a spokesman for British Prime Minister Boris Johnson said on Monday.

Chinese telecom firms urge FCC not to block U.S. operations (Reuters) Pacific Networks Corp and its wholly owned subsidiary ComNet (USA) LLC on Monday urged the Federal Communications Commission (FCC) not to shut down its U.S. operations.

Khanna calls for internet 'fairness doctrine' in response to controversial Trump tweets (TheHill) Rep. Ro Khanna (D-Calif.) called for a social media “fairness doctrine” to allow experts to respond to flagged posts, pointing to the conflict stirred up this week when Twitter flagged some of President Trump’s tweets.

Litigation, Investigation, and Enforcement

Human-Rights Groups Ask Police to Hunt Hackers Attacking Hospitals (Wall Street Journal) The International Committee of the Red Cross and other human-rights groups are urging law enforcement to move against hackers targeting hospitals during the coronavirus pandemic.

Privacy group to challenge UK over test and trace data retention (IT PRO) Open Rights Group threatens legal action over decision to retain personal health data for up to two decades

Tips to SEC Surge as Working From Home Emboldens Whistleblowers (Wall Street Journal) The U.S. Securities and Exchange Commission received about 4,000 tips, complaints and referrals of possible corporate wrongdoings from mid-March to mid-May, 35% more than in the same period last year. Lawyers chalk up the increase to the fact that many would-be tipsters are working from the privacy of their home.

Crime agency turns to Google ads to deter teen DDoS hackers (Naked Security) The UK’s National Crime Agency has hit on a simple way to stop teens from being sucked into cybercrime – using Google Ads.

New Yorker caught carrying stolen card data through JFK busted, US says (CyberScoop) Vitalii Antonenko was charged in Massachusetts on multiple counts of conspiracy - to commit computer hacking, launder money and stolen payment card numbers.

Suspected Hacker Faces Money Laundering, Conspiracy Charges (GovInfo Security) A New York City man is facing federal charges after FBI agents arrested him at John F. Kennedy Airport with a PC allegedly containing thousands of stolen credit

Case files discredit Kemp's accusation that Democrats tried to hack Georgia election (Atlanta Journal Constitution) Newly released case files from the GBI reveal no evidence to support Georgia Republican Brian Kemp's accusation that the Democratic Party attempted to hack election websites. Instead, the website tests were scans by the U.S. Department of Homeland Security.

Alarm over DDoS produces threat inflation. False flags, cosplayers, and wannabes. Cyberspace Solarium lessons from the pandemic.

Trivia Tuesday

Aerospace news worthy of attention.