Cyber Attacks, Threats, and Vulnerabilities
Huge Cyber Attacks Attempt To Silence Black Rights Movement With DDoS Attacks (Forbes) George Floyd death results in disturbing rise in online attacks on anti-racist groups.
Chicago police officers’ radios crackled with rogue messages during weekend of chaos (Chicago Sun-Times) The city has launched an investigation to unmask those responsible for "jamming" its emergency radio system. Everything from anti-cop music to pro-cop slogans interrupted police dispatchers.
Social media users criticised for using George Floyd protests as photo-ops (The Telegraph) Celebrities have also been criticised for off-colour responses to the movement
()
Hackers and hucksters reinvigorate 'Anonymous' brand amid protests (Reuters) The amorphous internet activist movement known as Anonymous staged an online resurgence in the past week on the back of real-world protests against police brutality.
Islamic Hackers Group Claims Responsibility for Cyber-Attack That Exposed Personal Info of Hundreds of Israelis (Algemeiner) A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on …
System Takeover Through New SAP ASE Vulnerabilities (Trustwave) Organizations often store their most critical data in databases, which, in turn, are often necessarily exposed in untrusted or publicly exposed environments.
Ransomware gangs team up to form extortion cartel (BleepingComputer) Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence.
Trickbot Using BazarBackdoor to Gain Full Access to Targeted Networks (Security Intelligence) Security researchers observed the Trickbot operators using a new backdoor called "BazarBackdoor" to gain full access to targeted networks.
VMware Cloud Director Vulnerability Has Major Impact for Cloud Providers (SecurityWeek) A vulnerability patched recently in VMware Cloud Director has a major impact for cloud providers as it allows an attacker to take full control of all private clouds hosted on the same infrastructure
New Malware Hides Inside Rogue Virtual Machines (Data Center Knowledge) Security experts identify a new worrisome threat vector, but not all of them agree it has legs.
Researchers find exposed data on millions of users of quiz app, TVSmiles (TechCrunch) TVSmiles, a Berlin-based mobile native advertising app whose users earn digital currency in exchange for engaging with branded content such as quizzes, apps and videos, has suffered a data breach. Security researcher UpGuard disclosed in a report today that it found an unsecured Amazon S3 bucket on…
Ransomware gang is auctioning off victims’ confidential data (Ars Technica) New high-pressure tactic is designed to increase the chance of a hefty payout.
()
Ransomware gang says it breached one of NASA's IT contractors (ZDNet) DopplePaymer ransomware gang claims to have breached DMI, a major US IT and cybersecurity provider, and one of NASA IT contractors.
Hackers steal secrets from US nuclear missile contractor (Sky News) Cyber extortionists have stolen sensitive data from a company which supports the US Minuteman III nuclear deterrent.
Hacker posts database stolen from Dark Net free hosting provider DH (Naked Security) Some 7,600 dark-web sites were obliterated in an attack on the most popular provider of .onion free hosting services, Daniel’s Hosting.
Forget sextortion scams, we’re more worried about deepfake ransomware (TechRadar) Deepfake videos are becoming increasingly difficult to identify
Meal Kit Service Home Chef Concedes Major Breach by Shiny Hunters (CPO Magazine) Chicago based meal kit service Home Chef suffered a data breach likely to be orchestrated by hacking group Shiny Hunters which resulted in over 8 million user records being sold on dark web marketplace.
Evolution of Excel 4.0 Macro Weaponization (Lastline) Excel 4.0 macros are becoming increasingly popular for cyber criminals, as security vendors struggle to play catchup and detect them properly given that attackers are using a legitimate feature, not a vulnerability. We've been tracking these attacks. This blog post describes each wave of attacks, breaks down every technique discovered, and explains why each is significant, effective, or ineffective.
VivaVideo Identified As Spyware By Security Researchers (Android Headlines) VivaVideo, one of the most popular free video editing apps for Android, has been identified as a spyware app by security researchers.
The mystery of the expiring Sectigo web certificate (Naked Security) If you’re getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.
Election officials contradict Barr’s assertion that counterfeit mail ballots produced by a foreign country are a ‘real’ worry (Washington Post) The attorney general said in an interview that “it’d be very hard” to stop foreign governments from submitting phony ballots. Election officials said it would be virtually impossible for such fraud to succeed.
The "return" of fraudulent wire transfers (Help Net Security) Scammers trying to trick employees into performing fraudulent wire transfers are once again ramping up their efforts, law firm BakerHostetler has warned.
Digital risk monitoring firm has confirmed no data breach in BHIM app: NPCI (Hindoo Business Line) The National Payments Corporation of India has said there has been no data breach in the BHIM app. This was confirmed by an independent verification of recent news reports citing a data breach in the
Inductive Automation Ignition (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Inductive Automation
Equipment: Ignition
Vulnerabilities: Missing Authentication for Critical Function, Deserialization of Untrusted Data
2.
SWARCO CPU LS4000 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: SWARCO TRAFFIC SYSTEMS
Equipment: CPU LS4000
Vulnerability: Improper Access Control
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow access to the device and disturb operations with connected devices.
GE Grid Solutions Reason RT Clocks (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.6
ATTENTION: Low skill level to exploit/exploitable remotely
Vendor: GE
Equipment: Grid Solutions Reason RT Clocks
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow access to sensitive information, execution of arbitrary code, and cause the device to become unresponsive.
ABB Central Licensing System (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: ABB
Equipment: Central Licensing System (CLS)
Vulnerabilities: Information Exposure; Improper Restriction of XML External Entity Reference; Uncontrolled Resource Consumption; Permissions, Privilege, and Access Controls; Improper Access Control
2.
ICS Advisory (ICSA-20-154-02) ABB System 800xA Base (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: ABB
Equipment: System 800xA Base
Vulnerability: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to escalate privileges and cause system functions to stop or malfunction.
ICS Advisory (ICSA-20-154-03) ABB Multiple System 800xA Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: ABB
Equipment: System 800xA
Vulnerabilities: Incorrect Default Permissions
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to make the system node inaccessible or tamper with runtime data in the system.
ABB System 800xA (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.3
ATTENTION: Low skill level to exploit
Vendor: ABB
Equipment: System 800xA
Vulnerabilities: Incorrect Default Permissions
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, cause system functions to stop, and corrupt user applications.
'Online harassment is not a minor issue’: Kerala teacher reacts to cyber abuse (News Minute) A day after virtual classes began for schoolchildren in the state, a number of derogatory troll pages and online groups formed, harassing women teachers.
More people are searching how to be a hacker during lockdown (TechRadar) Research shows upwards trend in searches related to cybercrime
()
Security Patches, Mitigations, and Software Updates
Critical Exim bugs being patched but many servers still at risk (BleepingComputer) Patching Exim mail servers is not going fast enough and members of the Russian hacker group Sandworm are actively exploiting three critical vulnerabilities that allow executing remote command or code remotely.
()
T-Mobile OnePlus 7 Pro Gets April Security Patch With New OxygenOS Update (Android Headlines) OnePlus 7 Pro is the first ever premium flagship smartphone from OnePlus with no major compromises. At the beginning of this year, the T-Mobile OnePlus 7
Tor soups up onion sites with bountiful browser bump: No more tears trying to find the secure sites you want (Register) Latest Tor Browser iteration makes the dark web a bit more memorable
Tor’s latest release makes it easier to find secure onion services (ZDNet) Tor Browser 9.5 is also working towards making Dark Web addresses easier to remember.
Cyber Trends
A decade on from the Arab Spring, social media has changed how people protest (The Telegraph) Social media has the power to spread messages and bring people out onto the streets. It can also spread propaganda and disinformation
Security Teams Unprepared for COVID-19 Cyberthreats According to Primary Research Study (FireMon) Government departments and contractors are rapidly undergoing digital transformations to public and hybrid cloud infrastructures, and now more than ever require increased network visibility to reduce complexity and ensure security. Prior to COVID-19, government agencies already faced immense challenges in securing their on-premises, public and hybrid cloud systems from increasing data breaches and human-introduced misconfigurations. With the coronavirus, government sector Read more...
Rewind Ecommerce Survey (Rewind Backups) Ecommerce has quickly become a critical pillar of the global economy.
Cloud Adoption and Risk Report: Work From Home Edition (McAfee) In January 2020, the world began a dramatic shift to working from home which required a new set of tools, primarily delivered from the cloud.
How do industry verticals shape IAM priorities? (Help Net Security) IAM priorities differ by industry vertical, and a one-size-fits-all approach to IAM doesn’t work when every industry within that industry is unique.
Beware—Millions Of Android Users Must Delete This ‘Malicious’ Video App Now (Forbes) Android users are being warned that they are at risk and need to delete this popular video app right away—here's why.
Upstream’s Secure-D detects malware spike in Q1 2020 with 29,000 malicious Android apps at play, double 2019 figures (Global Security Mag Online) The total number of mobile applications identified as malicious in the first quarter of 2020 has doubled compared to the first quarter of 2019. This is according to new data released by Secure-D, Upstream’s full stack anti-fraud platform, covering 31 mobile operators in 20 countries at the beginning of 2020.
Most companies suffered a cloud data breach in the past 18 months (Help Net Security) Nearly 80% of the companies had experienced at least one cloud data breach in the past 18 months, and 43% reported 10 or more breaches.
New Survey Reveals Cybersecurity Training is Missing the Mark as Employees Work around Company Security Policies (GlobeNewswire) With Global Cybersecurity Threats on the Rise, Investment in Security Training is Essential to Drive Cultural Change and Business Success
Cybersecurity: Survey finds that half of us are cutting corners when teleworking (ZDNet) Distractions while working from home, pressure to hit deadlines and using personal devices are all creating additional security risks for remote workers.
Marketplace
1touch.io Secures $14 Million Series A Round for its Network-Based Dat (PRWeb) 1touch.io, a leading provider of data discovery, privacy, and security solutions, today announced it has secured a $14 million Series A round from leading investors
Israel’s Team8 raises $104M to make bigger cybersecurity and enterprise bets (TechCrunch) Team8, the Israel-based firm founded by a team of intelligence vets and backed by the likes of Intel, Microsoft, Walmart and Cisco to develop and spin out cybersecurity startups, is announcing a step change in its business model that underscores the huge amount of activity we’re seeing these …
Exostar to Be Acquired by Thoma Bravo (Infosecurity Magazine) Virginia software company agrees to be acquired by private equity firm Thoma Bravo
WatchGuard Technologies Completes Acquisition of Panda Security (GlobeNewswire) WatchGuard partners to realize immediate value from Panda Security’s advanced EDR solution through the Panda Security Early Access Program.
This Seattle security company may have snatched up a competitor at the perfect time (Puget Sound Business Journal) The pandemic has left employees working remote. Watchguard just bought a company that keeps their laptops safe.
Zscaler Wins DoD Secure Cloud Contract (Data Economy) Specialist cloud security firm Zscaler, Inc. (NASDAQ: ZS) has won a contract to power a secure cloud management solution for the US Defense Innovation Unit (DIU), a Department of Defense (DoD) organisation.
CrowdStrike Posts Surprise Profit, as Customers Bulk Up on Security Software (Barron's) The company now sees revenue of $185.8 million to $190.3 million for the July quarter, higher than the Wall Street consensus.
'Partners are leaving Symantec and joining us' - CrowdStrike CEO (CRN) George Kurtz takes aim at cybersecurity stalwart again as revenue soars
What It's Like To Be A Cybersecurity CEO In A Pandemic (Forbes) Imagine it's your job during the pandemic to keep over 900 employees informed and moving in the same direction daily, assure 19,000 customers, including many of the world's leading financial institutions, that your support teams are available
Ericsson Emerges as 5G Leader After U.S. Bruises Huawei (Wall Street Journal) The Trump administration’s increasingly aggressive effort to cripple China’s Huawei has presented Swedish company Ericsson with the opportunity to lead the rollout of 5G technology around the world.
Mark Zuckerberg defends Facebook as employee quits over refusal to act on Trump posts (The Telegraph) Software engineer Timothy Aveni says company is 'on the wrong side of history'
Facebook software engineer resigns with scathing criticism of the network’s refusal to act on ‘weaponized hatred’ (ZDNet) The former Facebook employee accuses the social network of allowing “politicians to radicalize individuals and glorify violence.”
()
Zuckerberg Defends Hands-Off Approach to Trump’s Posts (New York Times) In a call with Facebook employees, who have protested the inaction on Mr. Trump’s messages, Mr. Zuckerberg said his decision was “pretty thorough.”
()
Webcast: How to Hunt for Jobs like a Hacker (Black Hills Information Security) Job hunting? Looking for a career change? Still in college and want to know how to get started now in your career? If you answered yes to any of these questions, this might be the BHIS webcast for you. This webcast is an update to Jason’s popular recorded DerbyCon 2016 talk — How to Social […]
Products, Services, and Solutions
Cybersecurity Pioneer Cyemptive Technologies Announces New Version of Cyemptive Enterprise Scanner, the World’s First Scanning Technology That Preemptively Detects Problems in Files Before They Infect the System (Yahoo) Cyemptive Technologies Unveils New Version of World’s First Scanning Technology to Preemptively Detect Problems in Files Before They Infect the System
()
First Look: ReversingLabs Titanium Platform (SC Media) Understanding the when and where malicious payloads will be delivered is an ongoing concern for security teams.
By Light and FireEye to Train Cyber Mission Forces (BusinessWire) By Light Professional IT Services LLC and the intelligence-led security company, FireEye, Inc. (NASDAQ: FEYE) today announced the integration of Mandi
iValue partners with IRONSCALES for Anti-phishing protection solutions (CRN - India) This partnership is in collaboration with SRC Cyber Solutions LLP, who are pioneers in introducing niche and next-gen cybersecurity solutions into the Indian market
Pulse Secure Achieves Common Criteria Certification for Virtual Private Network and Network Access Control Solutions (GlobeNewswire) New NIAP Common Criteria certifications for Pulse Secure increase cyber security assurance for remote, cloud and on-premises user, endpoint and IoT visibility, compliant access and Zero Trust control
Avanan Introduces First-of-its-Kind Cloud-Based Security for Microsoft Teams (GlobeNewswire) Avanan, the leading security solution for cloud-based email and collaboration suites, announced today their new security product to protect Microsoft Teams.
Microsoft Takes On Zoom and Slack in a Battle for Your Work Computer (Wall Street Journal) The tech giant sees Teams, its group conferencing and collaboration software, as critical to its future. Some rivals say Microsoft has deployed sharp-elbowed business tactics to get in front.
New HP hardware directed at remote work (SearchEnterpriseDesktop) With a focus on remote work, a recent HP hardware announcement -- including 5G and 4G LTE laptops, anti-glare screens and a portable monitor -- look at making the home a more productive place.
Technologies, Techniques, and Standards
Analysis | The Cybersecurity 202: Chaos in primary elections offers troubling signs for November (Washington Post) Voters faced absentee ballots that didn’t arrive, long lines and confusion.
Primary voters in 8 states and D.C. faced some confusion, long lines and poor social distancing (Washington Post) Election officials have struggled with demand for absentee ballots and poll worker shortages, but no more than the usual glitches have arisen so far.
French virus tracing app goes live amid debate over privacy (AP NEWS) France is rolling out an official coronavirus contact-tracing app aimed at containing fresh outbreaks as lockdown restrictions gradually ease, becoming the first major European...
France’s StopCovid Tracing App Available as Country Reopens (Bloomberg) Voluntary downloads of the app will supplement human tracers. Less than half of citizens say they’re willing to use it.
To Build Its COVID-19 Task Force, Las Vegas Partnered With A Company Linked To UAE Intelligence (BuzzFeed News) Group 42 helped provide “vital testing materials" to Las Vegas. It also owns an app that spied on people.
Aston Martin CIO - WannaCry pushed us into a cyber security refresh (diginomica) The huge cyber-attack prompted the company to make changes – and SentinelOne proved itself when Aston Martin was hit by ransomware during the POC stage
UK's CAV PASS to incorporate new cyber safety tests for CAVs (teiss) CAVs will be subjected to cyber security tests as part of CAV PASS that will test CAVs against quality standards before they are allowed to run on UK roads.
Develop Your Cyber Resilience Plan (MIT Sloan Management Review) Understanding how cybersecurity and cyber resilience differ is key to effectively responding to cyberthreats.
Council Post: Mitigating Security Risks To Build A More Resilient, Future-Proof Way Of Working Remotely (Forbes) What is next in terms of data privacy and infrastructure security post-COVID-19?
The telework rush tested states' cybersecurity, IT maturity (StateScoop) States that had already adopted virtualization and cloud tech are faring best, and those that hadn't are rapidly catching up.
Security Best Practices to Protect Your Self-Storage Business From Cyber Attack (Inside Self-Storage) Cyber security is critical in today’s digital world, and self-storage operators must protect their data and assets from attack. Learn to keep your business and customers safe through these best practices.
Making online transaction during lockdown? You may lose money if not following these steps (The Financial Express) Safe online transaction tips during Coronavirus lockdown: consumers should exercise extra vigilance, and steer away from emails, apps and website links that have grammatical errors, insist on immediate actions, contain generic greetings or ask for personal information
Academia
The Quantum Institute of the University of Sherbrooke Joins the IBM Q Network (HPCwire) The Université de Sherbrooke is partnering with IBM to open an IBM Q Space at the Quantum Institute (IQ), the first of its kind in Canada.
Legislation, Policy, and Regulation
Zoom security: Here's how Germany got its wires crossed over video-chat privacy (ZDNet) Germany is notoriously picky about digital privacy, but official warnings over video meetings have just sown confusion.
Iran ‘opened a Pandora’s box’ in cyber attack on Israeli water system (JNS.org) The reported Israeli retaliation will give the Islamic Republic reason to think twice before launching a new cyber attack on Israeli civilian targets, according to Israeli defense experts.
The Past, Present, and Future of Russia’s Cyber Strategy and Forces (CCDCOE) Russian cyberattacks against military and civilian infrastructure in the West have become a persistent challenge...
A Deep Dive into Canada’s Overhaul of Its Foreign Intelligence and Cybersecurity Laws (Just Security) Learn more about the major national security legislation that the Canadian government passed in June 2019.
US continues push to keep China out of its telecom networks (Light Reading) Telecom companies including Huawei, Pacific Networks and ComNet are among those in heated legal disputes with US officials, who are aiming to turn the world against China.
Senator tells MPs Huawei puts US troops at risk (BBC News) Senator Tom Cotton also claimed that the US, UK and their allies could make superior 5G tech.
CYBERSECURITY: Trump's grid order blindsides electricity sector (E&E News) The Energy Department last summer quietly diverted a Denver-bound, Chinese-built grid transformer to search for suspected attack malware — an extraordinary move that would seem to warrant a confidential briefing with top U.S. utility executives.
'Rip and replace' strategy for U.S. bulk power systems (FCW) Department of Energy officials say they plan to use a recent executive order to tear out foreign-made parts and components if they believe they pose a national security or economic risk.
Agencies Face Limited Options For Twitter Crackdowns (Law360) President Donald Trump's executive order addressing perceived bias on social media platforms is expected to have few binding effects, but the order will likely trigger a flurry of activity anyway within the federal agencies charged with carrying it out.
Litigation, Investigation, and Law Enforcement
U.S. Secretary of Commerce Wilbur Ross Initiates Section 232 Investigation into Imports of Vanadium (U.S. Department of Commerce) U.S. Secretary of Commerce Wilbur Ross has initiated an investigation into whether the present quantities or circumstances of vanadium imports into the United States threaten to impair the national security. This decision follows review of the petition filed by domestic producers, AMG Vanadium LLC (Cambridge, OH), and U.S.
Lawsuit Says Trump’s Social Media Crackdown Violates Free Speech (New York Times) The nonprofit Center for Democracy and Technology argues that the president’s move against Twitter and other companies is retaliatory.
Google in $5bn lawsuit for tracking in 'private' mode (BBC News) The search engine giant says it is upfront about what data is collected when users browse incognito.
Google is sued in U.S. for tracking users' 'private' internet browsing (CRN Australia) Accused of illegally invading privacy of millions of users.
The FBI Finds ‘No Intel Indicating Antifa Involvement’ in Sunday’s Violence (The Nation) Trump wants to designate antifa a terrorist organization, despite lack of authority and evidence of wrongdoing.
DC Circ., Group Spar Over Deposing Clinton In Email Saga (Law360) A conservative watchdog's lower court victory ordering Hillary Clinton to sit for a sworn deposition over her use of a private email server as secretary of state appeared to be on shaky ground after the D.C. Circuit cast doubts on the presiding judge's authority to grant such relief.
Hacker who shared Apple employee details spared jail (Cult of Mac) An Australian hacker who pleaded guilty to accessing confidential employee information from Apple and sharing it on Twitter was spared jail.
Australian Hacker Avoids Jail After Posting Confidential Apple Employee Details on Twitter (MacRumors) An Australian man has been fined AU$5,000 and given an 18-month "recognizance," after he was found guilty of extracting employee details...