Hurricane Panda and Charming Kitten get busy against US Presidential campaigns. Disinformation, and labeling state-sponsored news.

Cyber Attacks, Threats, and Vulnerabilities

Presidential Campaigns Targeted by Suspected Chinese, Iranian Hackers (Wall Street Journal) Google said that Joe Biden’s presidential campaign has been targeted by sophisticated cyberattacks originating in China and that Iranian hackers were trying to hit Donald Trump’s campaign staff.

Iran, China-backed hackers targeted Trump, Biden campaigns (TechCrunch) Google said there was no evidence of compromise.

China, Iran targeting presidential campaigns with hacking attempts, Google announces (Washington Post) The company says the efforts so far to hack staffers’ Gmail accounts have failed.

State-sponsored threat groups targeted email accounts of Trump and Biden campaign staff: Google (Computing) Biden campaign members says they are prepared for such attacks and were expecting them

Analysis | The Cybersecurity 202: Attempted hacks of Trump and Biden campaigns reveal a race to disrupt the 2020 general election (Washington Post) Google's revelations are likely just the tip of the spear.

Disinformation at heart of Gulf feud (AFP Fact Check) When rumours of an uprising in the tiny gas-rich state of Qatar emerged online last month, a flurry of videos and tweets showing gunfire and explosions purported to show the unrest. But there was no coup. Disinformation in the Gulf and more broadly in the Middle East has fuelled the ongoing diplomatic crisis between Qatar and Saudi Arabia along with Bahrain, the United Arab Emirates and Egypt.

China, Iran, and Russia worked together to call out US hypocrisy on BLM protests (ZDNet) Report from social media research group shows foreign diplomats and state-controlled media pounced on the US' abysmal handling of the BLM protests to attack the US as a beacon of freedom and further their own political goals.

Briefing: China, Iran, and Russia State Accounts on U.S. Protests (Graphika) State-controlled media outlets and official public diplomacy accounts in China, Iran, and Russia are focusing on the anti-racism protests in the United States, but they are primarily doing so in a way that furthers their existing narratives, rather than stoking American divisions.

Chinese Hackers Target Air-Gapped Systems With Custom USB Malware (SecurityWeek) For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family

NSA Sandworm Hacking Advisory Unlikely to Stall Russian Crew (MSSP Alert) National Security Agency (NSA) cybersecurity warning alleges Russian government-backed hacking group has been attacking vulnerable email servers for nearly a year.

DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling (Unit42) On March 15, Unit 42 published a blog providing an overview of DNS tunneling and how malware can use DNS queries and answers to act as a command and control channel. To supplement this blog, we have decided to describe a collection of tools that rely on DNS tunneling used by an adversary known as OilRig.

Understanding the Payload-Less Email Attacks Evading Your Security Team (Threatpost) Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk.

Council Post: The Future Of Ransomware 2.0 Attacks (Forbes) Cloud SaaS services are a perfect opportunity for cybercriminals, and there has never been a better time to target SaaS data.

CPA Canada discloses data breach affecting 329,000 individuals (BleepingComputer) Chartered Professional Accountants of Canada (CPA) today disclosed that a cyberattack against the CPA Canada website allowed unauthorized third parties to access the personal information of over 329,000 members and other stakeholders.

IT Services Giant Conduent Suffers Ransomware Attack, Data Breach (Computer Business Review) Conduent, a $4.4 billion by revenue IT services giant, has admitted that a ransomware attack hit its European operations, with data also stolen.

UCSF, Conduent are latest to suffer the slings and arrows of ransomware (SC Media) The University of California, San Francisco and Conduent have emerged as two of the latest prominent victims of apparent human-powered ransomware attacks.

Have I Been Pwned breach report email pwned entire firm's helldesk ticket system (Register) That's one way of making people check for updates

Medtronic Conexus Radio Frequency Telemetry Protocol (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, specific Medtronic implanted cardiac devices listed below Vulnerabilities: Improper Access Control, Cleartext Transmission of Sensitive Information 2.

100,000 company inboxes hit with voice message phishing (BleepingComputer) Attackers have been pounding employee inboxes at companies that still use private branch eXchange (PBX) telephone systems for communication, delivering phishing that bypasses email defenses.

Coronavirus: Cyber criminals target laid-off workers (ComputerWeekly) Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic.

Cyber crime alert! Fake chats created in the name of Sonam Bajwa, actress shares screenshot on social media (The Times of India) On one hand, where social media makes it convenient for Punjabi stars to be in touch with their fans, on the other, it also makes them an easy target

Security Patches, Mitigations, and Software Updates

Zoom Patches Two Serious Vulnerabilities Found by Cisco Researchers (SecurityWeek) Cisco Talos researchers discovered two vulnerabilities in the Zoom client application that can allow arbitrary file writing and could lead to remote code execution

Google rolls out updates for iOS apps and online services to support WebAuthn-capable security keys (SC Magazine) Two of the world’s biggest tech giants collaborate to support hardware security keys and devices that generate unique cryptographic keys.

Dropbox password manager uses zero-knowledge encryption (9to5Mac) A Dropbox password manager has been quietly added to the App Store, but it is currently listed as 'by invite.' This means that you can download it, but ...

Cyber Trends

Infrastructure Report: Cyber Concerns Haunt Financial Sector During Pandemic Recovery (Wall Street Journal) The launch of a major market infrastructure project and the continuing effects of the coronavirus pandemic are increasing cybersecurity risks in the financial sector.

Remote Work Jeopardizes Corporate Network Security: Report (CISO MAG) A recent survey from security firm CyberArk revealed how cyber habits of the remote workforce is compromising business systems and making sensitive data vulnerable to attacks.

'New Normal' Security Era Begins for US Agencies, Cloud Providers (E-Commerce Times) U.S. government agencies and cloud technology providers are heading toward a reset in how they cooperate on cybersecurity challenges. The expected growth of cloud use will create a more complex federal security landscape, according to a report from Thales. Federal agencies actually have moved ahead of businesses in cloud adoption, with 54 percent of agency data already embedded in the cloud.

Data breaches and malicious attacks soar despite US$124bn spent on security (SC Magazine) Figures compiled in the ForgeRock data breach report show massive spend alongside rocketing levels of data breaches.

Dutch organisations invest heavily in compliance – but in vain (ComputerWeekly) Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment.

Zoom In: Sapphire CEO on security after-effects of COVID-19 (CRN) In the latest video in CRN's Zoom In series, we quizzed Annabel Berry - CEO of security reseller and services firm Sapphire - on the main security threats in the...

Marketplace

Anti-Phishing Firm INKY Raises $20 Million (SecurityWeek) College Park, MD-based phish prevention firm INKY has raised $20 million in a Series B funding round led by Insight Partners. The money will be used to consolidate recent growth and expand the company and its platform into the global market.

VMware acquires network security firm Lastline, said to lay off 40% of staff (TechCrunch) VMware is acquiring network security firm Lastline, TechCrunch has learned. Since its launch in 2012, Lastline raised about $52.2 million, according to Crunchbase. Investors include Thomvest Ventures, which led the company’s $28.5 million Series C round in 2017; Redpoint and e.ventures, which…

RiskIQ Raises $15M in Series D Funding (FinSMEs) RiskIQ, a San Francisco, CA – based attack surface management company, raised $15m in Series D funding

RiskIQ | RiskIQ announces investment from National Grid Partners (RealWire) RiskIQ, the world leader in attack surface management, today is pleased to announce an investment from National Grid Partners (NGP), the venture and innovation arm of British multinational utility company National Grid plc

InCadence wins $16M biometrics contract with U.S. Marines and gets acquired by Xator Corporation (Biometric Update) InCadence has been acquired by Xator Corporation and tapped by the U.S. Marines to provide biometrics for battlefield identification in a $16 million contract, according to a report from Military &…

Not just a cyber force anymore, Team8 is going VC (GeekTime) Led by Sarit Firon & Liran Grinberg, the venture arm has already raised $104M, focusing investments on cybersecurity and various tech domains

CACI Awarded $1.5 Billion Contract to Provide Transport and Cybersecurity Services to National Geospatial-Intelligence Agency (BusinessWire) CACI International Inc (NYSE: CACI) announced today that it has been awarded its largest contract in company history, a single-award Indefinite Delive

Navy asks ViaSat to modernize cryptography in MIDS-LVT secure communications networking for military systems (Military & Aerospace Electronics) MIDS-LVT provides provide high-capacity, jam-resistant digital data and voice secure communications for aircraft, ships, and ground applications.

Elon Musk Calls for Amazon Breakup in Latest Spat With Jeff Bezos (Wall Street Journal) Elon Musk blasted Amazon.com and its founder Jeff Bezos, after the online retail giant rejected a book about the coronavirus pandemic, a clash that highlights the power some big tech companies wield over speech.

Huawei Is “Happy With Crappy” – Why Are Their Customers? (Forbes) The sexy headlines on Huawei have to do with the U.S./China dispute. The real problems facing the company are much more basic, operational, and unforgiving.

Zoom announced its intention to cooperate with security forces in different countries (Free News) The popularity of Zoom's online conferencing service has skyrocketed during quarantine due to COVID-19

Goodbye Naked Security? (Graham Cluley) I’ve been working in the computer security industry for almost thirty years.

Niagara Networks Expands Channel Partner Program For The Americas To Empower Regional Partners To Meet Visibility Needs For Security And Networking (MSP Insights) <p>Niagara Networks, the Open Visibility Platform pioneer, today announced its expansion of a robust channel program in the Americas focusing on strong, regional partners and offering collaborative working engagements.</p>

Altamira's board adds former execs of NSA, Raytheon (Washington Technology) Altamira Technologies' board of directors adds a pair of former executives from the National Security Agency and Raytheon.

Products, Services, and Solutions

New infosec products of the week: June 5, 2020 (Help Net Security) The featured information security products this week are from the following vendors: Checkmarx, Zyxel, BitSight and Lumu.

Volan Technology Launches First AI-Based Location Positioning System with Contract Tracing, Social Distancing and Temperature Tracking to Help Schools and Workplaces Safely Reopen (GlobeNewswire) Wireless Neural Mesh Network uses precise-location positioning and micro-geofencing to automate private contact tracing and dramatically improve incident response; Top Hotel in Las Vegas and schools in New Jersey and Ohio First to Pilot.

Signal app downloads spike as US protesters seek message encryption (Quartz) For privacy-conscious protesters in the US, Signal's encrypted messaging app can help preserve anonymity.

Why Citizen has become the unofficial social network for protests (Fast Company) The George Floyd demonstrations have made the police scanner app into an overnight hit. But it’s unclear whether the app is helping people stay safe or stoking their fears.

Quttera Announces Latest Enhancements to Website Malware Scanner API (Olean Times Herald) Quttera has introduced several new features in its Malware Scanner REST API.

Blue Ridge Networks Announces the Next Generation of LinkGuard™ Client (PR Newswire) Blue Ridge Networks today announced that it has launched the next generation of LinkGuard™ Client, an easy to use cybersecurity solution that...

Tandem Bank Deploys Trusona To Offer Passwordless Strong Customer Authentication (The Apache Junction & Gold Canyon News) Trusona, the pioneering leader in passwordless multi-factor authentication technology, today announced that Tandem Bank has selected and deployed Trusona to provide PSD2-compliant, passwordless

Unisys deploys Idemia biometric systems at Home Affairs (CRN Australia) For visa and citizenship applicants.

Druva and FireEye enable customers to instantly monitor, analyze, detect and respond to insider threats (Help Net Security) Druva announced the launch of an API integration with FireEye extending visibility and control over endpoint backup data.

MSSP OrbitalFire Launches SMB Cybersecurity Services Platform (MSSP Alert) Managed security services provider (MSSP) OrbitalFire announces a cybersecurity services platform for SMBs & plans to partner with IT services firms & MSPs.

Privitar and BigID Announce New Partnership and Product Integration to Help Organizations Achieve Greater Value and Faster Insights from Sensitive Data (Privitar) Data privacy leaders to kick off partnership with webinar focused on automating safe data analytics on June 11th

Spirent Collaborates with Rakuten Mobile on Core Network Testing (BusinessWire) Spirent collaborates with Rakuten Mobile on core network testing for current LTE and future 5G rollouts

Technologies, Techniques, and Standards

Australia has a new biometric border processing system (ZDNet) Unisys and Idemia to provide the Department of Home Affairs with a solution to conduct biometric matching on people entering Australia.

Widespread face mask use could make facial recognition less accurate (The Telegraph) Amazon's widely sold facial recognition technology is 'robust' enough to counter face masks, but Apple's technology falls short of the mark

Emsisoft releases free decryptor for RedRum ransomware (iTWire) Security firm Emsisoft has released a free decryptor for reclaiming files which have been encrypted by an early version of the Windows Tycoon ransomware; this version used to encrypt files with a ".id-.[].redrum" extension. Tycoon was originally known as RedRum. It uses AES256 GCM and RSA-10...

Remote workers need to up their game to keep organisations secure (SecurityBrief) According to the study, employees' habits, including password re-use and letting family members use corporate devices, are putting critical business systems and sensitive data at risk.

INSIGHT: Cybercrime Is Rising—How to Protect Your Financial Firm (Bloomberg Law) During the Covid-19 coronavirus pandemic, cybercriminals are increasingly targeting the financial services sector. Paul Hastings attorneys examine the rise of cybercrime and give best practices for regulatory oversight applicable to the financial advisory community.

Can law firms do more to protect themselves from cyber attack - or are they just sitting ducks? (The Global Legal Post) Responsibility for managing cyber risk cannot be outsourced; law firm leaders must have 'skin in the game', argues Martin Sutherland

Social Media: How to Quickly Investigate on TikTok (Security Boulevard) How to safely, securely and anonymously access and analyze TikTok content without downloading the app on your phone.

Design and Innovation

Labeling State-Controlled Media On Facebook (About Facebook) We’re starting to label state-controlled media outlets to help people better understand who’s behind the news they see on Facebook.

Signal goes Gaussian to take privacy to the next level: All your faces don't belong to us (Register) Blur tool brings privacy protection to images, in these troubled times

Meeting 5G’s Extreme IoT Security Demands with Network-Based Solutions (Security Magazine) According to a report from Cisco, 5G’s faster broadband (10 to 20 times faster than 4G) will enable 12 billion mobile-ready devices and IoT connections by 2022 compared to 9 billion in 2017. While this is great news for the rising number of smart device users globally, the increased connectivity can be taxing for IoT security.

Council Post: Quantum Here Today, Your Data Gone Tomorrow (Forbes) We should not rule out that the next scientific breakthrough in the following years will bring quantum to the public, cybercriminals and nation states — and the weakly encrypted data stolen and stored today could be easily accessible.

Academia

Marshall’s Collegiate Cyber Defense Team wins national championship (Huntington News) Marshall University’s Collegiate Cyber Defense Team recently won the national championship in the spring season of the National Cyber League (NCL). The team placed first out of 925 teams competing.

Legislation, Policy and Regulation

National Security Laws in General Are Not a Problem. Hong Kong’s Is. (The Diplomat) Many countries have national security laws. The central question lies in whether the laws primarily protect national security or suffocate civil and political liberties.

India and Australia sign military base and cyber accords (Reuters) India and Australia sealed an accord on Thursday to grant access to each other's military bases in order to facilitate mutual defence exchanges and exercises.

UK spy chief says no threat to Five Eyes alliance over Huawei (iTnews) Intelligence-sharing ties remain strong.

State Department says U.S. will reassess intelligence-sharing with Canada if it lets Huawei into 5G (CBC) The United States is prepared to reassess its intelligence-sharing arrangement with Canada if Huawei is given the green light to take part in building Canada's 5G networks, a State Department spokesperson said today.

Do Privacy Rights Override #COVID19 Surveillance Measures? (Infosecurity Magazine) Concerns raised by the public in the use of technological solutions to combat COVID-19 demonstrates the extent of their awareness of the risk.

NHS Tracing App: We Shouldn't Have to Sacrifice Our Privacy to Get Back to Normal (Gizmodo UK) We like normal, but that doesn't mean we should be throwing our data at the contact tracing app without thinking.

Major Cyber Command program will cost more than first thought (Fifth Domain) In its annual report on defense acquisition programs, GAO found that Cyber Command's Unified Platform did not initially include approved requirements or cost estimates.

Litigation, Investigation, and Enforcement

Russia angrily denies German allegations on 2015 cyberattack (Washington Post) The Russian Foreign Ministry has angrily rejected Germany’s allegations over Russian intelligence involvement in the hacking of the German parliament

Attorney General William P. Barr’s Remarks on Mr. George Floyd and Civil Unrest (US Department of Justice) Good afternoon. Over the Constitution Avenue entrance to this building is a Latin inscription that translates as “Everything is created by Law and Order.”[1] That ancient principle still holds true. Our free society depends on the rule of law — the assurance that ordinary citizens can go about their lives without being subject to arbitrary violence or fear. When the rule of law breaks down, the promise of America does too.

Google Search a Target of U.S. Antitrust Probes, Rival Says (Bloomberg) Private search engine DuckDuckGo has spoken to states, feds. U.S. authorities asking how to limit Google’s search business.

DHSC 'satisfied' after investigating Serco contract tracers data breach (Civil Service World) Outsourcer training coronavirus tracers was told to take "remedial measures" after sharing email addressers

Police warn of homophobic 4chan cyber attack on LGBT+ Pride month celebrations (The Independent) HIV fundraising event forced offline by 110 spam bots

Stalkerware sees all, and US laws haven't stopped its spread (CNET) Installing hidden spy software is illegal. It's also easy.

Google Says Spokeo Means 'It's Time To End' Decade-Old Suit (Law360) Google urged a California federal judge Thursday to dismiss a decade-old putative class action on remand from the U.S. Supreme Court that claims the tech giant violated privacy statutes by sharing users' search terms with third parties, saying the users "clearly" lack standing under Spokeo and "it's time to end this."

Zoom Ripped For Only Offering Paying Users Top Encryption (Law360) A consumer advocacy group on Thursday slammed Zoom Video Communications Inc.'s plan to only offer strengthened encryption protections to paying users, a move the video conferencing company says will help combat abuse on the platform.

Facebook Judge Rips $550M Biometric Privacy Deal (Law360) A California federal judge tore into Facebook's proposed $550 million biometric privacy settlement with a class of Illinois users Thursday, saying he won't yet grant preliminary approval and has many questions about a deal that gives users just 1.25% of what they could be entitled to under the Prairie State's biometric privacy law.

Hurricane Panda and Charming Kitten get busy against US Presidential campaigns. Disinformation, and labeling state-sponsored news.

Feedback Friday.

Aerospace news worthy of attention.