Chinese intelligence services collect against Biden campaign. DDoS that wasn't. Federal cyberstalking case.

Cyber Attacks, Threats, and Vulnerabilities

T-Mobile hit by phone calling, text message outage (TechCrunch) The cell giant said it's "working to resolve" the outage.

T-Mobile network outage affects thousands of customers in the US, experts reject claims of DDoS attack (Computing) Widespread routing issue affected T-Mobile's voice and text service, the company reveals

No, The U.S. Has Not Suffered The Biggest Cyber-Attack In History: Here’s What Actually Happened (Forbes) The U.S. did not fall victim to the biggest cyber-attack in history yesterday. So what did happen?

‘Vendetta’ hackers are posing as Taiwan's CDC in data-theft campaign (CyberScoop) The hacking group, Vendetta, has only surfaced in the last two months, according to research from Spain's Telefonica Group.

Human rights activists in India have been targeted by another spyware campaign (CyberScoop) Activists in India were targeted by a coordinated spyware campaign last year, according to Amnesty International and Citizen Lab researchers.

India: Human Rights Defenders Targeted by a Coordinated Spyware Operation (Amnesty) Amnesty International and the Citizen Lab have uncovered a coordinated spyware campaign targeting at least nine human rights defenders (HRDs) in India.

China-backed Hackers Target Biden Campaign in Early Sign of 2020 Election Interference (Voice of America) Google announced earlier this month that Chinese-backed hackers were observed targeting former Vice President Joe Biden's campaign staff. The internet giant said that hackers did not appear to compromise the campaign’s security, but the surveillance was a reminder of Russia’s interference in the 2016 election. Analysts say China’s primary motive for breaking into a campaign is to collect intelligence such as Biden’s proposals for U.S. policy on China, although hackers could later try to use stolen intelligence to interfere in the campaign itself.

Security Experts Find Vulnerability in Trump Campaign App (Newsmax) Security researchers have identified a vulnerability in the mobile app used by President Donald Trump’s campaign that could allow hackers access to user data “similar to usernames and passwords,” according to a report released on Monday.

Researchers identify slew of new malware variants linked to North Korea (NK News - North Korea News) An unusually-high number of new malware variants linked to North Korean hackers may indicate a phase of increasing attacks against foreign targets, cybersecurity researchers told NK News on Tuesday. Malware analysts at Intezer identified ten new samples attributed to the Lazarus Group within the past two weeks, a number that is “not common at all” …

This dangerous new keylogger could change the entire malware space (TechRadar) Mass Logger is frequently updated with new features that help it avoid detection

New Mass Logger Malware Could Be Massive (Cofense) Cofense Intelligence is tracking a recently released keylogger named “Mass Logger” which could significantly impact the keylogger market and the phishing threat landscape.

Report: Niche Dating Apps Expose 100,000s of Users in Massive Data Breach (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach leaking incredibly sensitive data from numerous niche dating and hook up

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More (Wired) 3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users.

Bahrain coronavirus app shares data with gameshow (BBC News) Amnesty International is warning about privacy concerns in Bahrain’s coronavirus contact-tracing app.

BigDebIT Vulnerabilities Put Thousands of Oracle E-Business Suite Customers’ Financials at Risk (Onapsis) Today, Onapsis is releasing a Threat Research Report about critical vulnerabilities that the Onapsis Research Labs found in the Oracle E-Business Suite and worked with the Oracle Security Response Team to fix in Oracle’s January 2020 Critical Patch Update.

How Kubeflow Clusters Were Targeted Recently By Hackers For Crypto-Mining (Analytics India Magazine) Crypto mining attacks in containerised environments are not new. Researchers have found different kinds of crypto mining activities running inside misconfigured containers. Microsoft, in April, had disclosed large-scale crypto-mining attacks against Kubernetes clusters which were discovered by Azure Security Center, thus helping users protect Kubernetes clusters from security threats. We have seen how Microsoft is…

Microsoft Azure users leave front door open for cryptomining crooks (Naked Security) Microsoft has discovered a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud.

Malware Attack on GitHub Repositories a Disturbing Development for Open Source Projects (CPO Magazine) More than two dozen open source projects hosted on GitHub repositories had fallen victim to new malware ‘Octopus Scanner’ that allows cyber criminals to gain control over the code.

SMBleedingGhost Writeup Part II: Unauthenticated Memory Read - Preparing the Ground for an RCE (ZecOps Blog) In our previous blog post, we demonstrated how the SMBGhost bug (CVE-2020-0796) can be exploited for local privilege escalation. A brief reminder: CVE-2020-0796, also known as “SMBGhost”, is a bug in the compression mechanism of SMBv3.1.1. The bug affects Windows 10 versions 1903 and 1909, and it was announced and patched by Microsoft about … SMBleedingGhost Writeup Part II: Unauthenticated Memory Read – Preparing the Ground for an RCE Read More »

Why Facebook could be the reason your Windows 10 PC just got a virus (Express) RESEARCHERS have issued a call to Facebook Messenger users to update their app in order to avoid vicious malware attacks from cyber crooks. Here's what you need to know - and what you need to do - to keep your Windows PC safe.

Vulnerabilities in D-Link router raises concerns over remote worker IT security (SC Magazine) Hackers could use D-link router flaws to exfiltrate data and upload malware

NHS: 100+ Email Accounts Hijacked in Phishing Campaign (Infosecurity Magazine) NCSC says credential harvesting operation has been ongoing since 2018

Vulnerability Summary for the Week of June 8, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

COVID-19 tests, PPE and antivirual drugs find a home on the dark web (Naked Security) COVID-19 testing kits, Hydroxychloroquine and PPE – it’s all for sale on the dark web.

Appliance repairer in the dark after ransomware attack on F&P Appliances (Stuff) Ransomware attack on F&P Appliances meant a lot of unhappy clients for Michael Gibbs.

As city computers held hostage, FBI warns of increase in ransomware attacks (WBIR) The attack began Thursday morning in Knoxville. A city spokesperson won't say how many services are still impacted.

Thousands of Oklahoma residents are victims of false unemployment claims (KHBS) Police say school employees seem to be the hardest hit by ID theft and fraudulent claims.

Florida woman’s identity used to steal unemployment benefits from Massachusetts (WKMG) Monica DaSilva is the first known Florida target of what may be an interstate plot to use a taxpayer’s identity to apply for unemployment benefits in another state.

Good detection, poor recovery as retail giants Intersport, Claire's & Icing hit by web skimming (SC Magazine) Web skimming hackers Magecart have breached three retail web stores including sports shop Intersport and two of the largest retail chains on the planet, Claire’s and Icing, according to reports.

Cyber Trends

The Exabeam 2020 State of the SOC Report (Exabeam) The Exabeam 2020 State of the SOC Report is based on the results of a May 2020 survey of security professionals from the U.S., U.K., Canada, Australia and Germany who are involved in the management of security operations centers (SOC) across CISO, CIO, management, and analyst roles.

Children and Cybercrime in the Time of COVID-19: Arkose Labs Survey Reveals New Findings (GlobeNewswire) 95% of children surveyed are spending more time online, making fraud prevention essential

Mobile Threats Delivered by Adult Content Double (Infosecurity Magazine) Mobile threats distributed via adult content doubled in 2019

Ryuk Continues to Dominate Ransomware Response Cases (Dark Reading) Analysis reveals how Ryuk's operators are changing their techniques and using new means to break in.

Check Point: Banking Trojans Dominate Top 10 Malware List in May (IT News Online) Check Point Research said its latest Global Threat Index for May 2020 found several malicious spam campaigns distributing the Ursnif banking trojan, which caused it to jump up 19 places to 5th in the Top Malware list.

Poor Data Security Policies Affect Businesses During the Pandemic (CISO MAG) A new research from secure payments provider PCI Pal uncovered that most consumers may not trust organizations with poor cybersecurity practices

Ransomware in 2020: what, why, and whether to pay? (TechRadar) Ransonware increasingly used for phishing attacks

Cybersecurity related jobs spike by 6% in 4 months (People Matters) Postings show the largest jump between April and May 2020. Searches saw the greatest increase between the same period.

46% of C-level executives had been targeted by spyware in 2019 (Atlas VPN) According to data compiled by Atlas VPN, 46% of C-level officers suffered from a spyware attack last year. IT specialists revealed that senior management and C-suite executives are most likely to suffer from a malicious attack within the company.

Marketplace

Novetta Acquires WaveStrike (PR Newswire) Novetta, a leader in advanced analytics technology, today announced the acquisition of WaveStrike, based in Annapolis Junction, MD. Novetta's...

Australian enterprise cybersecurity firm Kasada raises $10M (SiliconANGLE) Australian enterprise cybersecurity firm Kasada Pty Ltd. announced today it has raised $10 million in new funding to fuel its expansion into the U.S., develop new products and build out its sales and marketing team.

West of England diversifies by buying into cyber warrior Astaara | TradeWinds (TradeWinds | Latest shipping and maritime news) Investment in risk insurance firm thought to be first by P&I club

IBM Buys Cloud Security Startup Spanugo To Boost Compliance (CRN) IBM has agreed to purchase early-stage cybersecurity vendor Spanugo to fulfill the compliance and protection needs of clients in highly regulated industries.

Salt Security Closes $20 Million Series A Funding Round Led by Tenaya Capital (BusinessWire) Salt Security announces it has raised $20 million in Series A funding led by Tenaya Capital.

Kasada Raises $10 Million in Series B Funding to Fuel Rapid U.S. Expansion and Enhance Its Web Traffic Integrity Solution (PR Newswire) Kasada, a leading web traffic security solution and services provider, today announced that it has raised $10 million in Series B funding. The...

Open Raven Raises $15M Series A Funding to Prevent Cloud Breaches Driven by Modern Complexity (BusinessWire) Open Raven, the cloud native data security platform that prevents breaches driven by modern speed and sprawl, today announced that it raised $15 milli

FIME expands testing & consultancy offering with the acquisition of CETECOM Payment activities in the U.S. (FIME) Payments testing and consultancy expert, FIME has announced its acquisition of CETECOM U.S.’s payment activities. FIME’s expanded expertise and services will enable the U.S. payment ecosystem to define, design, deliver and test innovative, secure and digital payments products.

Enveil Awarded as a Technology Pioneer by World Economic Forum (GlobeNewswire) Pioneering data security company recognized for its contributions in the field of data privacy and security

Penten, Quintessence Labs win millions in Defence Innovation Hub deals (ARN) Cyber security solutions providers Penten and Quintessence Labs are among the handful security specialists awarded contracts as part of the federal government’s Defence Innovation Hub program.

Alion Awarded $75M Research, Development, Test, And Evaluation Of All Navy Minotaur Software Platforms For Naval Air Systems Command (NAVAIR) And Naval Surface Warfare Center (NSWC), Crane (PR Newswire) Alion Science and Technology announces today that it has been awarded a contract totaling $75M to support research, development, test, and...

Facebook says it doesn’t need news stories for its business and won’t pay to share them in Australia (the Guardian) Social media giant rejects ACCC proposal, saying it could cut out news completely without any significant impact on its business

Building an Innovation Ecosystem in the Desert (Israel Defense) Beersheba positioning itself as an innovation hub through collaboration between academia, industry, and government

Invixium Opens US Headquarters in Norwalk, CT (Invixium) Continues Global Expansion with New Office and Hires in Sales and Marketing

Optiv Bolsters Executive Team With Chief Services Officer David Martin (BusinessWire) Optiv Security today announced that it has named David Martin as the company’s chief services officer.

Vectra Appoints Marc Gemassmer as Chief Revenue Officer (PR Newswire) Vectra AI, the leader in network threat detection and response (NDR), today announced the appointment of Marc Gemassmer as Chief Revenue...

Admiral Mark Heinrich, USN, Retired Joins KnectIQ (Yahoo) KnectIQ Inc., an innovator in cybersecurity, announced today that Admiral Mark Heinrich, USN, Ret. has joined the firm's advisory board.

Products, Services, and Solutions

Rebyc Security rolls out cyber security services for remote working (South Charlotte Weekly) Rebyc Security has introduced cyber security penetration testing services to help address new and growing insecurities in remote working arenas. The services – designed to…

Augmenting Endpoint Defenses with the Attivo Networks® EDN Solution (Attivo) The Attivo Networks® ThreatDefend® Platform enhances an organization’s defenses by providing visibility and early detection into in-network lateral movement and other attack activities that have evaded existing security controls.

Aon Expands Cyber Risk Assessment to Address Exposures of Remote Work (Insurance Journal) Aon has expanded the scope of CyQu Enterprise, a cyber risk assessment methodology, to help analyze the cyber security impacts of recent network access or

Expansion adds on-prem access to Acronis Cyber Protect solution (Security Brief) The flagship Acronis Cyber Protect product has this week launched a new expansion, enabling IT managers and teams to test the solution for themselves through a new beta release.

CyFlare deploys the Stellar Cyber platform as the core of its SOC service (Help Net Security) Stellar Cyber announced that CyFlare has deployed the Stellar Cyber platform as the core of its Security Operations Center (SOC) service.

KnowBe4 Simplifies and Centralizes Phishing Campaign Management (GlobeNewswire) The KnowBe4 Managed Phishing Campaign feature helps to create and manage phishing campaigns across multiple KnowBe4 accounts from a single interface

Thycotic Launches Global Secret Server Certification Program (PR Newswire) Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organizations worldwide, including 25 of the Fortune...

Rofori Launches CyberKnights Talent Assessment, Development, and Retention Portal (PR Newswire) Rofori Corporation is announcing the launch of its CyberKnights Talent Assessment, Development, and Retention Portal. There are over 500,000...

Corelight - Newsroom - Corelight Moves Toward Open NDR Platform with Powerful Suricata IDS/IPS Integration and Enhancements to Encrypted Traffic Collection (Corelight) Zeek / Bro is the world's most powerful framework for transforming network traffic into actionable data for analysis, forensics, and real-time response.

Technologies, Techniques, and Standards

Initial lessons learned as COVID-19 exposes critical gaps in information security (Global Compliance News) As the COVID-19 pandemic stretched across the globe, companies shifted to remote working environments and many reduced staff, all without much of an opportunity to prepare.

Reducing the cyber security risk of home working (Computing) Home working shouldn't prioritise productivity at the expense of security, but in some cases this is exactly what's happening

Political Groups Track Protesters’ Cellphone Data (Wall Street Journal) Advocacy and voter-registration groups are gathering a trove of data from protests by tracking the cellphones of participants and sending them messages about registering to vote or taking other actions.

Are we seeing the beginning of an awareness of physics issues in power grid security and reliability (Control Global) A university researcher in power electronics with a joint appointment at one of the DOE national laboratories spoke at a meeting recorded in the local paper

An Army of Volunteers Is Taking On Vaccine Disinformation Online (Wired) Anti-vaccine messages on social media have tripled since the pandemic began. One public health group wants to teach pro-vaccine Americans to fight fire with fire.

NYSBA Eyes Mandatory Cybersecurity CLE Credit, Citing Attorneys' Heightened Cyberrisk (New York Law Journal) The NYBSA approved a recommendation that would require New York attorneys to take one CLE cybersecurity credit every two years. The proposal, however, is time limited, and still has to be approved by New York CLE board.

Pen partners with the police on cyber certification scheme for SMEs (Insurance Age) The Gallagher-owned MGA says SMEs who achieve the certification and then buy cyber insurance from Pen through their broker will receive a premium discount.

For the first time, Cyber Command’s major exercise will use new training platform (Fifth Domain) U.S. Cyber Command’s annual training exercise will rely entirely on a new platform this year, a move that will allow most participants to compete remotely.

New collaboration tools and controls have made DoD telework safer (C4ISRNET) Cyber Command, in partnership with the Pentagon and the military services, have leveraged new tools to ensure greater continuity of operations during the coronavirus pandemic.

Research and Development

U.K. Government Invests £10 Million to Develop Cybersecurity Technologies (Homeland Security Today) The British government will provide £10 million over four years to develop groundbreaking cybersecurity technologies.

Why People Are More Honest When Writing on Their Smartphones (Wall Street Journal) We should believe the feelings expressed in tweets written on phones more than those written on PCs, researchers say.

China Reports Progress in Ultra-Secure Satellite Transmission (New York Times) Researchers enlisted quantum physics to send a “secret key” for encrypting and decrypting messages between two stations 700 miles apart.

Legislation, Policy and Regulation

Out of the Political Trenches: Next Steps for Encryption Policy (Carnegie Europe) The way societies adapt to the coronavirus pandemic in the long term could require governments to revisit their stances toward encryption.

Norway pulls its coronavirus contacts-tracing app after privacy watchdog’s warning (TechCrunch) One of the first national coronavirus contacts-tracing apps to be launched in Europe is being suspended in Norway after the country’s data protection authority raised concerns that the software, called “Smittestopp,” poses a disproportionate threat to user privacy — includin…

Norway deletes contact-tracing app data as problems mount (The Telegraph) It comes as other apps around the world, including in Australia and Singapore, run into technical difficulties

Covid-19 contact-tracing app forced to delete data (BBC News) Norway has to halt use of its app and researchers report a major flaw in Australia's tool.

China Warms to Idea of Four More Years of Trump Presidency (Bloomberg) Erosion of U.S. alliances outweighs trade blows, officials say. China-U.S. ties to deteriorate no matter who wins, they say.

Congress wants to know who is using spyware against the US (Naked Security) A 2021 intelligence funding draft bill mandates a report on surveillance vendors and which countries or other actors are using spyware.

U.S. companies can work with Huawei on 5G, other standards: Commerce Department (Reuters) The United States on Monday confirmed a Reuters report that it will amend its prohibitions on U.S. companies doing business with China's Huawei [HWT.UL] to allow them to work together on setting standards for next-generation 5G networks.

Josh Hawley readying broadside against big tech’s ad business, legal shield (POLITICO) An individual close to the plan says it links legal protections to halting some targeted ads.

Analysis | The Cybersecurity 202: First DHS chief Tom Ridge knocks Trump’s attacks on voting by mail (Washington Post) Mail voting ensures people aren’t disenfranchised during the pandemic, the former Pennsylvania Republican governor says.

What Constitutes Reasonable Security Per Calif. Privacy Law? (Law360) Designing reasonable policies and procedures under the California Consumer Privacy Act — even in the absence of clear statutory guidance — is a task that may become more urgent as plaintiffs already have taken advantage of the act's private right of action, say attorneys at Buckley.

Departing U.S. Transportation Command director advanced solutions to cyberspace challenges (Team McChord) Since joining U.S. Transportation Command two years ago, U.S. Air Force Brig. Gen. Robert Lyman, director, Command, Control, Communications, and Cyber Systems Directorate, TCJ6, has emphasized

Litigation, Investigation, and Enforcement

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found (Washington Post) The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded.

Justice Department Charges Former eBay Staff With ‘Cyberstalking Campaign’ (Wall Street Journal) The Justice Department has charged six former workers at eBay with leading a cyberstalking campaign that targeted the editor and publisher of a newsletter the company viewed as critical of it.

Former eBay executives charged with cyberstalking after allegedly sending bloody pig mask to bloggers (Washington Post) The Justice Department announced the charges in U.S. District Court in Massachusetts on Monday.

Former eBay employees harassed couple who wrote critical newsletter articles, prosecutors say (NBC News) The company allegedly harassed the people behind a newsletter and then offered to help stop the harassment.

Prosecutors: Former eBay employees sent live bugs, pig mask to bloggers (Silicon Valley Business Journal) Prosecutors say the "harassing and disturbing deliveries" to the victims' Massachusetts home included flying larvae and live spiders, a box of live cockroaches, a book of advice on how to survive the death of a spouse, and pornography mailed to their next door's neighbor but in the couples' names, and Halloween masks featuring the face of a bloody pig.

6 eBay Employees Charged With Sending Bloody Pig Mask To Natick Couple (CBS Boston) U.S. Attorney for Massachusetts Andrew Lelling announced charges against six people for cyberstalking.

eBay Inc. Issues Statement Regarding Indictments of Previously Terminated Employees (eBay) eBay Inc. (NASDAQ: EBAY) today commented on indictments separately announced by the U.S. Attorney's Office in Massachusetts against several former eBay employees. Neither the Company nor any current eBay employee was indicted. In order to preserve the integrity of the government’s investigation, eBay did not previously communicate about this matter. In light of today’s public announcement by the government, eBay is now addressing this matter publicly.

U.S. Supreme Court to Weigh in on Computer Fraud and Abuse Act (CFAA) for the First Time (JD Supra) For the first time, the U.S. Supreme Court has taken up a case involving the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030. In United...

Huawei CFO’s Lawyers Say She Is Falsely Accused by U.S. (Wall Street Journal) Lawyers for Huawei finance chief Meng Wanzhou told a Canadian court that the U.S. has wrongly accused her of lying to banks about the Chinese company’s business ties to Iran.

Fifty-four scientists have lost their jobs as a result of NIH probe into foreign ties (Science | AAAS) New data reveal extent of ongoing investigation

CenturyLink Exposed 2.8 Million Customer Records, Lawsuit Claims (1) (Bloomberg Law) CenturyLink Inc. exposed more than 2.8 million consumer records because of weak security in violation of consumer protection rules, a lawsuit in federal court in Washington state alleges.

Jeff Bezos Willing to Testify in House Antitrust Probe (Wall Street Journal) Lawyers for Amazon.com told House lawmakers that CEO Jeff Bezos is willing to testify at a hearing this summer alongside other tech leaders.

Apple Faces Two EU Antitrust Probes Over Apps (Wall Street Journal) European Union antitrust authorities launched two probes into whether Apple violated competition laws through its Apple Pay service and its App Store, escalating the bloc’s long-running battle with the tech giant.

Platforms, Cybersecurity Groups Blast Online Filters Ruling (Law360) The trade group behind Google, Amazon, Facebook and other internet platforms joined cybersecurity interests last week urging the U.S. Supreme Court to review a Ninth Circuit decision they say will open the floodgates to litigation against online filtering and other safeguards.

Sanders' Presidential Campaign Hit With Suit Over Auto Texts (Law360) Sen. Bernie Sanders' suspended presidential campaign was slapped with a putative class action in Minnesota federal court Monday accusing it of illegally blasting prospective voters with unsolicited text messages, a filing that comes a week after President Donald Trump's reelection campaign failed to shake similar robotext litigation.

Trivia Tuesday