Cyber Attacks, Threats, and Vulnerabilities
Exclusive: Obscure Indian cyber firm spied on politicians, investors worldwide (Reuters) A little-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.
Arm CPUs impacted by rare side-channel attack (ZDNet) Arm issues guidance to developers to mitigate new "straight-line speculation" attack.
()
Honda probes suspected cyberattack after factories hit by network glitch (The Japan Times) Honda Motor Co. on Tuesday continued to restrict its employees from using work computers following an internal network issue that could be due to a cyberat
Honda’s global operations halted by ransomware attack (TechCrunch) The Snake ransomware is believed to be the cause.
Honda hit by cyber attack, some production disrupted (Reuters) Honda Motor Co <7267.T> suspended some of its auto and motorcycle production globally as the Japanese car giant grappled with a suspected cyber attack, a spokesman said on Tuesday.
Honda Halts Output at Some Plants After Cyber Attack (Assembly) Honda Motor Co. said a cyberattack has disrupted its internal network and brought some of its assembly plants around the world to a standstill.
Honda Cyber-Attack Halts Plants in India and Brazil (NDTV Gadgets 360) The cyber-attack at the beginning of the week targeted Honda's internal servers and spread a virus through the company's systems
Thanos Ransomware First to Weaponize RIPlace Tactic (Threatpost) Researchers say the new Thanos ransomware-as-a-service is the first ransomware family to feature the weaponized RIPlace tactic.
Cyber Criminals Unleash A Phony Recovery Tool On Ransomware Victims (Forbes) Unsuspecting victims wind up with folders full of unusable files, encrypted with Stop DJVU and held for ransoms of nearly $1,000.
Honda disrupted by cyberattack; Maze & Ragnar Locker groups team up (SC Media) Automobile manufacturer Honda has reportedly suffered an apparent ransomware attack that has disrupted its global operations.
Windows Group Policy flaw lets attackers gain admin privileges (BleepingComputer) Microsoft has fixed a vulnerability in all current Windows versions that allow an attacker to exploit the Windows Group Policy feature to take full control over a computer. This vulnerability affects all Windows versions since Windows Server 2008.
Scammers using SEO to lure victims (Avast) Don’t be duped by top ranked search results that seem to be too good to be true
The New Kid On The Cyber Block Data Manipulation (BW CIOWORLD) Security-Data is the most valuable resource today driving our economies, making it a prime target for hackers with ill intent to manipulate for their personal gain.
APT29 Emulation ATT&CK Evaluations 2019 (MITRE ATT&CK® EVALUATIONS) APT29 is a threat group that has been attributed to the Russian government and has operated since at least 2008.
We setup a honeypot to see how long for hackers find unsecured database (Comparitech) If you think leaving user data exposed online for "just a day" is no big deal, think again. We setup a honeypot to see just how quickly hackers find unsecured data.
Advantech WebAccess Node (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess Node
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could crash the application being accessed; a buffer overflow condition may allow remote code execution.
Mitsubishi Electric MELSEC iQ-R series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: MELSEC iQ-R series
Vulnerability: Resource Exhaustion
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause the Ethernet port to enter a denial-of-service condition.
Siemens LOGO! (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.4
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: LOGO!
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to read and modify device configurations and obtain project files from affected devices.
Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK
Vulnerability: Unquoted Search Path or Element
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges.
Siemens SIMATIC, SINAMICS (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC, SINAMICS
Vulnerabilities: Uncontrolled Search Path Element, Heap-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to affect the availability of the devices under certain conditions.
Siemens SINUMERIK (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SINUMERIK
Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After End of Buffer, Off-by-one Error, Improper Null Termination, Improper Initialization
2.
OSIsoft PI System (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: OSIsoft
Equipment: PI System
Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer Dereference, Improper Input Validation, Cross-site Scripting, Insertion of Sensitive Information into Log File
2.
Siemens Industrial Products (Update G) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: Industrial Products
--------- Begin Update G Part 1 of 4 ---------
Siemens SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update H) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM
Vulnerability: Out-of-bounds Read
2.
Philips PageWriter TC10, TC20, TC30, TC50, and TC70 Cardiographs (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.1
ATTENTION: Low skill level to exploit
Vendor: Philips
Equipment: PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs
Vulnerabilities: Improper Input Validation, Use of Hard Coded Credentials
2.
Nintendo reveals that an additional 140,000 accounts were hacked (CNET) On top of the 160,000 it acknowledged back in April, that brings the total to 300,000.
Babylon Health data breach: GP app users able to see other people's consultations (the Guardian) User alerted company after finding about 50 recordings of appointments that did not apply to him
Natura’s Avon suffers ‘cyber incident’ weeks after major data breach (Cosmetics Business) The Brazilian cosmetics owner said it is working ‘diligently’ to mitigate the effects of the latest incident
IBM Cloud suffers prolonged outage (TechCrunch) The IBM Cloud is currently suffering a major outage, and with that, multiple services that are hosted on the platform are also down, including everybody’s favorite tech news aggregator, Techmeme. It looks like the problems started around 2:30pm PT and spread from there. Best we can tell, this…
IBM Cloud suffers global outage, bringing down customer websites (Computing) The issue has been resolved now, according to IBM
()
Security Patches, Mitigations, and Software Updates
Microsoft June 2020 Patch Tuesday: largest ever with 129 fixes (BleepingComputer) Today is Microsoft's June 2020 Patch Tuesday, and as many Windows administrators will be routinely screaming at computers, please be nice to them!
Microsoft Patch Tuesday, June 2020 Edition (KrebsOnSecurity) Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there…
Microsoft pushes fixes for 128 security bugs in June, 2020 Patch Tuesday (Sophos News) In this month’s Patch Tuesday, a total of 128 security vulnerabilities have been patched in Microsoft products, a slight increase compared to the last few months. Only twelve of the vulnerabi…
Patch Tuesday: Fixes for LNK, SMB, and SharePoint Bugs (TrendLabs Security Intelligence Blog) This month’s Patch Tuesday had the highest number of entries so far in 2020 — a whopping 129, a continuation of the trend seen from the previous months. The update includes fixes for LNK, SMB, SharePoint, and Win32k vulnerabilities.
Intel patched 22 vulnerabilities in the June 2020 Platform Update (BleepingComputer) Intel addressed 25 vulnerabilities today as part of its June 2020 Patch Tuesday, with two of them being rated as critical security flaws after receiving CVSS scores of 9.8.
Cyber Trends
Restrictive Privileged Access Management Can Lead to Risky User Behaviors, According to SSH.COM (BusinessWire) New Research from SSH.COM Reveals that Restrictive IT Access Emboldens Employees to Seek Workarounds that Threaten Corporate Data
Netwrix reveals five cyber security trends to watch in 2020 and beyond (Netwrix) The rapid transition to remote office has shifted focus away from cybersecurity, enabling threat actors to take advantage of loosened security policies.
Email is biggest security risk, old devices aren't getting patched, and local cyber 'incidents' (ZDNet) 51% of organisations surveyed by Mimecast have suffered a ransomware attack, meanwhile NTT says ageing devices are causing network vulnerabilities, and two local companies have been struck by 'cyber incidents'.
Ransomware Hits Soar With No Relief In Sight, Insurer Says (Law360) Ransomware attacks continued to climb during the first quarter of 2020, specialty insurer Beazley Group reported Tuesday, and companies shouldn't expect any reprieve in the coming months as attackers keep seizing on the security holes and economic fears that the COVID-19 pandemic has created.
Identity Theft and Credit Card Monitoring Consumer Shopping Study: 2020 (Security.org) Last Updated: June 9th, 2020 By Gabe Turner and the Security.org Research Team Billions of private records are breached every year, from email addresses to names and phone numbers to sensitive banking information. In fact, during just the first half of last year, more than 4.1 billion records were exposed in hacks and other cyberattacks, … Continued
2020 Global Network Insights Report (NTT) The pace of change in business and the market is ever-increasing. To accommodate this, organizations’ infrastructure is also under pressure to change.
No Excuses: Why Brands Must Manage PII Better (Akamai) Consumer retail is a major economic driver around the world. Global retail revenue was estimated at $24 trillion in 2018, split between $21.2 trillion of in-store spend and $2.8 trillion online....
Report: Average data breach costs public companies $116M (Compliance Week) An Audit Analytics report on cyber-security breaches at public companies found the sensitivity of customer information stolen-along with length of time it took companies to report breaches-greatly affected the financial damage the breaches caused.
Why remote workers across APAC say they're vulnerable to cyber threats (Tech Wire Asia) Senior staff in surveyed nations believe devices used while working from home could be better secured against advanced cyber threats.
Military members are disproportionately affected by cybercrime: Here’s why and how to avoid it (Military Times) Cybercriminals are targeting America's military personnel and families, but steps can be made to avoid becoming a victim.
Marketplace
NS8 Raises $123 Million Series A, Now Among Fastest Growing Fraud Prevention Platforms in the World (Yahoo) NS8, an online fraud prevention company, announced the company has successfully closed $123 million in venture funding led by Lightspeed Venture Partners and AXA Venture Partners (AVP).
Concourse Labs Raises $15.2 Million in Series A Funding led by ForgePoint Capital to Accelerate Enterprise Digital Transformation by Automating Cloud Governance. (Concourse) Concourse Labs, a company that accelerates enterprise digital transformation through automated cloud governance today emerged from stealth mode announcing $15.2 million in Series A funding. The round was led by ForgePoint Capital, with existing investors 83North and Capri Ventures participating.
Sophos undertakes company restructuring, staff cuts due to COVID-19: reports (CRN Australia) Three months after being acquired by private equity firm Thoma Bravo.
()
British start-ups in turmoil with two-fifths in need of urgent cash (The Telegraph) Two-fifths of the businesses believe they had less than 12 months of funds
Wing Venture Capital Raises $450 Million Third Fund (Monterey County Weekly) Wing Venture Capital announced today that it has raised Wing Three, a $450 million pool of capital dedicated to early stage investing
How One CEO Is Maximizing Cybersecurity With Network Metadata (Forbes) It has never been more apparent that current cybersecurity testing practices are not enough.
Canalys: Seven vendors crowned “Champion” in 2020 Cybersecurity Leadership Matrix (Canalys) Seven cybersecurity vendors have attained Champion status in the Canalys Cybersecurity Leadership Matrix 2020.
Stage 2 Security Hires Jacob Groth as Chief Technology Officer (CTO) (PR Newswire) A leader in Adversary Simulation, Protection and Prevention services, Stage 2 Security (S2) http://www.stage2sec.com is excited to announce...
Netskope Announces David Fairman as Chief Security Officer for Asia-Pacific Region (PR Newswire) Netskope, the leading security cloud, today announced the appointment of David Fairman to Chief Security Officer (CSO), APAC. With his global...
ColorTokens Boosts ANZ Presence, Appoints Elvis Jusic as Regional Director Sales (PR Newswire) ColorTokens Inc. a leading innovator in cyber security, today announced the appointment of Elvis Jusic to Regional Director of Sales for...
Products, Services, and Solutions
Sixgill and King & Union Join Forces for Next-Gen Threat Intelligence Visualization (PR Newswire) Sixgill, a leading threat intelligence company, has partnered with King & Union to provide users of its Avalon Cyber Analysis Platform with...
One Identity Safeguard for Privileged Passwords 6.6 Now Tames Disperse Use of Personal Passwords for Corporate Accounts (GlobeNewswire) One Identity, a proven leader in identity-centered security, today introduced a new feature within One Identity Safeguard for Privileged Passwords 6.6, which manages and secures the use of corporate personal passwords to access corporate third-party accounts.
A10 Networks Launches Turnkey OEM Application Delivery and Security Solutions (A10 Networks) New Solutions Provide Application Reliability and User Protection with Advanced Load Balancing and SSL Visibility
WatchGuard brings simplified, flexible security to small, home and midsize office environments (Security Info Watch) Upgraded Firebox T Series appliances offer heightened HTTPS throughput, advanced security services, integrated SD-WAN, PoE and more
CYSEC and Build38 partner to facilitate the secure deployment of Mobile App Protection (Cysec Systems) Build38 GmbH, the global provider of Mobile Application Security made in Germany, is partnering with CYSEC SA from Switzerland to offer a fully-integrated solution combining mobile and backend deployments for Enterprise customers.
Z-CERT and EclecticIQ Cooperate to Bring Benefits of CTI to Dutch Healthcare Sector (PR Newswire) EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions and the operator of Fusion Center, and Z-CERT, the...
Get the latest news on application protection (PerimeterX) Protect your web apps against account takeover, carding, denial of inventory, scalping, skewed analytics, digital skimming, Magecart, PII harvesting, scraping.
GlobalPlatform’s technical evolution – new initiatives, built on strong foundations (GlobalPlatform) The standard for secure digital services and devices
Vectra integrates threat detection with Microsoft security (BetaNews) Network threat detection and response company Vectra AI is announcing deep product integration with Microsoft Defender Advanced Threat Protection (ATP) and Microsoft Azure Sentinel to allow enterprises to better protect their networks.
Thycotic Offers Free Digital Toolkit to Help Secure Remote Worker Access (PR Newswire) Thycotic, provider of Privileged Access Management (PAM) solutions for more than 10,000 organizations worldwide, including 25 of the Fortune...
ThreatQuotient Granted DoDIN-Level Authority to Operate (ThreatQuotient) ThreatQ is the first threat-centric security operations platform to be approved for a DoD-wide ATO.
IRONSCALES Expands Threat Assessment Capabilities; Launches Email Secu (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced another industry’s first with Phishing Emulator™.
Instana Achieves Certified SOC 2 Type 2 Compliance for Data Security (Instana) Instana is now SOC2 Type II Compliant certified, showcasing our commitment to security for all our users, customers and partners.
Netsurion Introduces Remote Workforce Security to Provide Portable, Comprehensive Cybersecurity in the WFH Era (GlobeNewswire) Netsurion, a leading managed security services provider, today released Remote Workforce Threat Detection, a new built-in feature of its best-in-class EventTracker SIEM platform that provides portable and comprehensive protection against cybersecurity threats in the emerging Work-From-Home (WFH) era.
Siemplify Unveils Industry’s First Cloud-Native SOAR Platform (Siemplify) Siemplify, the leading independent provider of security orchestration, automation and response (SOAR), today...
Versa Networks Launches Industry's First SASE Solution Delivering Leading Secure SD-WAN Capabilities to Remote and Working from Home Employees (PR Newswire) Versa Networks, the Secure SD-WAN leader, today launched Versa Secure Access, the industry's first solution delivering leading Secure SD-WAN...
Technologies, Techniques, and Standards
Analysis | The Cybersecurity 202: Georgia’s primary debacle should sound alarm bells for November (Washington Post) The state’s primary day snafus were all predictable
Cyber Command creates new malware sharing portal with National Guard (Fifth Domain) The new portal, called Cyber 9-Line, allows states through their National Guard to report malware samples to Cyber Command, which can then turn its vast resources to the problem.
CISA focuses on building agency trust in data as part of upcoming CDM dashboard (Federal News Network) The new dashboard puts a focus on building agency trust in the underlying reporting data behind the dashboard and related algorithms.
“Cyber 9-Line” Improves Cybersecurity and Enables Election Integrity (U.S. Cyber Command) When Dorchester County reported a ransomware attack on a majority of its servers this past January, Maryland turned to a program recently established by U.S. Cyber Command and the National Guard.
Covid-19 data store has transformed NHS resource planning, says official (NS Tech) A data analytics project designed to predict demand on the health service at both a local and national level has had a transformative impact on NHS resource planning during the coronavirus crisis,
Autonomous Cyber is Re-Shaping the Federal Information Security Landscape (MeriTalk) Autonomous cybersecurity is changing the way the government protects and secures its crucial data. By leveraging artificial intelligence and machine learning, agencies can respond to cyber threats in real time and more efficiently than ever. MeriTalk connected with Dr. Matt McFadden, Cyber Director, GDIT to discuss this burgeoning field.
Design and Innovation
Fundamental Changes In Economics Of Security (Semiconductor Engineering) More and higher value data, thinner chips and a shifting customer base are forcing long-overdue changes in semiconductor security.
LGU+ claims to be 'industry-first' to apply quantum-resistant cryptography technology to customer-only network equipment (Aju Business Daily) LGU+, a mobile carrier in South Korea, claimed to be "industry-first" to apply quantum-resistant cryptography technology to customer-only network equipment. The new technology can be applied to next-generation wired and wireless networks as well as various 5G services.
()
Twitter system to identify 5G coronavirus conspiracy tweets goes haywire (The Telegraph) A new system designed to limit coronavirus misinformation has suffered constant errors, drawing scorn and mockery from users
How Facebook Fact-Checking Can Backfire (Intelligencer) The “implied truth effect” means that Facebook’s fact-checking process may be worse than doing nothing.
Debunked child trafficking conspiracy theory trends on Twitter (The Telegraph) The "For you" section of the Twitter app prominently featured the Pizzagate conspiracy theory for some users on Tuesday
Academia
CyberTitan III National Finalists will hear remarks from Defence Minister Harjit Singh Sajjan and cyber security industry experts this June 8-10 (IT Business) The CyberTitan III National Finals are this Monday, June 8 with the Awards Presentation on Wednesday, June 10. For the occasion, the
ISRO Announces Cyberspace Competition for School Students: Here are the Details (Data Quest Indai) ISRO has announced that the organization will hold an online cyberspace competition (ICC 2020) for students from classes 1 to 12
Legislation, Policy, and Regulation
A ‘new normal’ in cyberwar should scare us to action (The Japan Times) Israel and Iran appear to be engaged in tit-for-tat cyberattacks on each other’s physical infrastructure. While attacks on information technologies — phish
NATO chief says on Huawei: UK review of 5G security is important (Reuters) The head of the NATO military alliance said on Wednesday that the West could not ignore the rise of China and so it was important that Britain had a review of the role of Huawei in its 5G network to ensure its security.
UK to Launch Huawei Cyber Security Review Amid US Trade Tensions (CPO Magazine) U.K. government is starting cyber security reviews on Huawei amid U.S. trade sanctions to measure its potential for espionage using 5G infrastructure as a backdoor.
Opinion | Huawei and the U.S.-China Tech War (Wall Street Journal) Computer chips are the first battlefield of the great power rivalry.
US telcos asked to rip out Huawei and replace it with a quandary (Light Reading) The FCC has been tasked with ripping Huawei's equipment out of US wireless networks. Now it has to figure out what goes in its place.
Senate report: Chinese telecom firms operated in US without proper oversight for decades (TheHill) Three Chinese telecommunications firms were allowed to operate for roughly 20 years in the U.S.
Republican senators push FCC to act on Trump social media order (Reuters) Four Republican U.S. senators on Tuesday urged the Federal Communications Commission (FCC) to review whether to revise liability protections for internet companies after President Donald Trump urged action.
DHS’s cyber wing pledges to invest more in industrial control systems security (CyberScoop) DHS's cybersecurity division, CISA, unveiled a strategy Tuesday to help protect industrial control systems from being hacked.
Cyber Command is getting a new deputy commander (Fifth Domain) Cyber Command's next deputy commander is a familiar face.
Litigation, Investigation, and Law Enforcement
Facebook Helped the FBI Hack a Child Predator (Vice) Facebook paid a cybersecurity firm six figures to develop a zero-day in Tails to identify a man who extorted and threatened girls.
Equifax’s Latest Breach Settlement Is Skimpy to Plaintiffs, Critics Say (Wall Street Journal) Most of the money would go to security measures at Equifax, not to community banks and credit unions affected by the breach.
Senior official estimates $30 billion in stimulus funds will be stolen through coronavirus scams (TheHill) A top official with the U.S. Secret Service said Tuesday that coronavirus-related fraud could lead to $30 billion in federal relief funds being stolen by criminals.
FCC Floats $225M Fine Over Spoofed Health Insurance Calls (Law360) The Federal Communications Commission on Tuesday floated its largest to date fine against a robocaller that allegedly copped the caller IDs of the likes of Cigna, Aetna and Blue Cross Blue Shield to sell health plans from lower-profile providers.
SRA to beef up AML monitoring of law firms (Legal Futures) The Solicitors Regulation Authority is to beef up its monitoring of firms’ anti-money laundering efforts and begin a review of continuing competence.
Former Harvard Chemistry Chair Indicted for False Statements About China Funding (Epoch Times) The former chair of Harvard University's chemistry department was indicted on June 9 on charges of making false ...
Facebook Sues Indian Firm for Registering Impostor Domains (CISO MAG) Facebook filed a lawsuit in Virginia against 12 hoax domain names registered by Indian-based proxy service provider Compsys Domain Solutions Private Ltd.
LAPD Got Tech Demos from Israeli Phone Hacking Firm NSO Group (Vice) Emails obtained by Motherboard also reveal new details about previously unreported NSO Group products.
No evidence of unauthorized data transfers by top Chinese drone manufacturer: study (TheHill) Drones manufactured by Da Jiang Innovation that were previously used by the U.S. government have not transferred data to the Chinese company or China’s government, according to a report published Tuesday by consulting firm Booz Allen Hamilton.