Cyber Attacks, Threats, and Vulnerabilities
Secondary Infektion (Graphika) Forgeries, interference, and attacks on Kremlin critics across six years and 300 sites and platforms
()
Russian disinformation operation relied on forgeries, fake posts on 300 platforms, new report says (Washington Post) The targets, all enemies of Russian President Vladimir Putin, were falsely accused of murder, incompetence, alcoholism and more.
Super secretive Russian disinfo operation discovered dating back to 2014 (ZDNet) Researchers uncover six-years-worth of Russian attempts to mold international politics using fake news and forged documents.
Indo-China border clash leads to heightened fears around cyber security (ETTelecom.com) The Indian government and corporates are gearing up to boost their cyber security, expecting booby traps, phishing, honey traps, leaked document cases..
Intel agencies red-flag use of 52 mobile apps with links to China: Complete list (Hindustan Times) The National Security Council Secretariat has backed the recommendation to block or discourage use of 52 mobile apps
Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies (WeLiveSecurity) ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus group.
Operation In(ter)ception: Targeted Attacks Against European Aerospace and Military Companies (ESET) At the end of last year, we discovered targeted attacks against aerospace and military companies in Europe and the Middle East.
How spies used LinkedIn to hack European defense companies (CyberScoop) employees at two European aerospace and defense companies were hacked via LinkedIn from September to December 2019, according to ESET.
North Korea's state hackers caught engaging in BEC scams (ZDNet) ESET researchers said they spotted North Korean state-sponsored hackers attempting to steal money from targets they initially breached for cyber-espionage purposes.
Pushing for a Cyber 9/11, al-Qaeda Recruits for ‘e-Jihad’ to ‘Ruthlessly Exploit’ Vulnerabilities (Homeland Security Today) Terror group encourages hacking power grid, financial sector, aviation, water systems, emergency response systems.
Ripple20: 19 Zero-Day Vulnerabilities Amplified by the Supply Chain (JSOF) The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given the name Ripple20, affect hundreds of millions of devices (or more) and include multiple remote code execution vulnerabilities.
A Legion of Bugs Puts Hundreds of Millions of IoT Devices at Risk (Wired) The so-called Ripple20 vulnerabilities affect equipment found in data centers, power grids, and more.
Ripple20 vulnerabilities will haunt the IoT landscape for years to come (ZDNet) Security researchers disclose 19 vulnerabilities impacting a TCP/IP library found at the base of many IoT products.
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack (Help Net Security) 19 vulnerabilities - some of them allowing RCE - have been discovered in a TCP/IP stack/library used in hundreds of millions of IoT devices.
Millions of Connected Devices Have Exploitable TCP/IP Flaws (BankInfo Security) Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of
Exploiting a crisis: How cybercriminals behaved during the outbreak (Microsoft Security) Cybercriminals adapted their tactics to match what was going on in the world, and what we saw in the threat environment was parallel to the uptick in COVID-19 headlines and the desire for more information.
Financial firms facing serious hacking threat in COVID-19 era (TheHill) Lawmakers on Tuesday received a loud warning about the danger of hackers zeroing in on financial institutions as prime targets during the COVID-19 pandemic.
Virtual Hearing - Cybercriminals and Fraudsters: How Bad Actors Are Exploiting the Financial... (US House Committee on Financial Services) Connect with the House Financial Services Committee Get the latest news: https://financialservices.house.gov/ Follow us on Facebook: https://www.facebook.com...
Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services (Register) Then again, cloud providers aren't exactly playing the smart game either
Ursnif banking Trojan joins May’s most wanted list (ITWeb) The Ursnif banking Trojan is capable of stealing e-mail and banking credentials.
T-Mobile outage caused by configuration error, not a DDoS attack (BleepingComputer) Rumors began circulating on Twitter yesterday that the U.S. was under a massive DDoS attack. It turned out to be an outage on T-Mobile caused by a configuration error.
845GB of racy dating app records exposed to entire internet via leaky AWS buckets (Register) We've kept this story safe for work... which is perhaps a little odd because you're all working from home anyway
Look out, online gamers: Hackers want your passwords and accounts (Tom's Guide) Kaspersky warns gamers of security threats
Hosting Provider Hit With Largest-Ever DDoS Attack (Dark Reading) Likely looking to make a statement, attackers targeted specific websites hosted by a single provider with a 1.44 terabit-per-second distributed denial-of-service attack, according to Akamai.
Mitsubishi Electric MELSEC iQ-R series (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: MELSEC iQ-R series
Vulnerability: Resource Exhaustion
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled “ICSA-20-161-02 Mitsubishi Electric MELSEC iQ-R series” that was published June 9, 2020 to the ICS webpage on us-cert.gov.
Treck TCP/IP Stack (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely
Vendor: Treck Inc.
Equipment: TCP/IP
Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control
Avon recovering after mysterious cyber-security incident (ZDNet) Parts of the Avon It network has been down since last week, according to SEC documents.
()
Claire's Magecart hit is a serious cyber attack (Includes interview) (Digital Journal) Hackers have successfully breached the websites of the U.S. accessory giant Claire’s, plus a subsidiary company called Icing. Through this, they have gained access to customer credit card data. This represents a significant retail issue.
Attackers give Lion deadline for paying ransom of US$800,000 (iTWire) Australian drinks manufacturer Lion is facing a ransom demand of US$800,000 to decrypt its files from a group that used the REvil ransomware to attack the company's site. Security sources have told iTWire that the group has given Lion time until 19 June to pay up, and threatened to double the ra...
Calls grow for government action after Lion receives US$800,000 ransomware demand (Stuff) Emisoft securty expert backs call for law change to make ransomware racket less profitable.
New Orleans tech chief says city continues to recover after cyberattack, though coronavirus has brought new challenges (NOLA.com) Six months after a cyberattack shut down New Orleans' government and exposed flaws in its computer systems, the city has mostly recovered even as the coronavirus pandemic delivers a new
Cyber Trends
New 4iQ Report Shows Uptick in Nation State Misinformation Campaigns, Cyber Attacks on Healthcare Sector Amid COVID-19 (PR Newswire) 4iQ, a leader in Adversary Intelligence, today released its COVID-19 Threat Report, which explores a host of notable scams that have surfaced...
Weakest Link Still Prevails: Overreliance on Passwords Continues to Compromise Data Security, Finds Thales (BusinessWire) According to the 2020 Thales Access Management Index – U.S./Brazil Edition1– four out of ten US and Brazilian IT security professionals still see user
Domain Security Blind Spots Put Global Enterprises at Serious Risk According to New Research from CSC’s Digital Brand Services Division (BusinessWire) CSC, a world leader in business, legal, tax, and domain security, today released its 2020 Domain Security Report: Forbes Global 2000 Companies from th
How Technology has Increased Cybersecurity Vulnerability (Enterprise Security) Cybersecurity has become vulnerable due to the advent of technologies as cybercriminals are using them to their benefit.
Can we keep our 'grey zone' edge over our enemies? (TheHill) China is simultaneously testing American and Taiwanese resolve, garroting Hong Kong and flaunting its military capabilities to smaller rivals.
Businesses with Fewer Than 10 Employees Continue to Underestimate Cyber Threats Even as More Work Remotely, New Cyber Readiness Institute Survey Find (Cyber Readiness Institute) With 89% of small businesses moving to a remote workforce during Covid-19 stay-at-home orders, there remains a significant gap between the perceived importance of cybersecurity protections for businesses with fewer than 10 employees and those with more than 10 employees.
Marketplace
Sécurité informatique : Quarkslab lève 5 millions d'euros (Les Echos) Ce financement permet à ce spécialiste de la sécurité des logiciels de renforcer son positionnement sur le marché et d'accélérer son développement, notamment à l'international.
Los Angeles-based Open Raven raises $15 million from KPCB for its security tech to secure hybrid clouds (TechCrunch) Open Raven, the Los Angeles-based security startup founded by a team of cybersecurity veterans from CrowdStrike and SourceClear, has closed on $15 million in new financing only four months after emerging from stealth and in the middle of a pandemic. The company already boasted an impressive roster…
()
Digital.ai Acquires Numerify and Experitest – Accelerating Journey to Become the Industry’s Intelligent, End-to-End Value Stream Management Solution (BusinessWire) Digital.ai Acquires Numerify and Experitest Accelerating Journey to Become the Industry’s Intelligent, End-to-End Value Stream Management Solution
Google is threatening to cut ad revenue from ZeroHedge and The Federalist for violating its policies on race-related content (Business Insider) Google said the sites violated its policies by failing to moderate comment sections that broke Google's rules on race-related content.
Instagram will review how harassment and verification rules affect Black users (Engadget) Instagram’s top executive says the company will review its harassment and verification policies, as well as how the app recommends content.
Civil Rights Groups Push for Facebook Ad Boycott (Wall Street Journal) Groups including the Anti-Defamation League and the NAACP, are encouraging big advertisers to pull spending to protest what they say is the company’s failure to make its platform a less-hostile place.
Instagram is becoming a go-to news source for younger readers (Washington Post) Young people in the U.S. have especially turned to Instagram as a source of news during the coronavirus pandemic.
GlobeX Data Signs Distribution Agreement with Largest Cybersecurity Distributor in Central, Latin America and Spain Covering Population of 385 Million (Stockhouse) GlobeX Data Ltd. (OTCQB:SWISF) (CSE:SWIS) ("GlobeX" or the "Company"), the leader in Swiss hosted cyber security and Internet privacy solutions for secure data management and secure communications, is pleased to announce that it has signed an exclusive Master Distribution Agreement with Tasloko S.L., the holding company of Spanish based IT, cybersecurity and cloud solutions distributor Micronet, S.A. and all its affiliated companies ("Micronet").
AGMA Adds De La Rue to Membership Roster (GlobeNewswire) Global Product Authentication Solutions Leader Joins Technology Consortium to Combat Threats to IP
Valimail Leads DMARC Vendors Worldwide (PR Newswire) Valimail, the leading provider of zero-trust, identity-based anti-phishing solutions, announced that as of June 1 it now manages DMARC for more...
IronNet Cybersecurity Wins Fortress Cyber Security Award for Second Consecutive Year (PR Newswire) IronNet Cybersecurity, Inc., the leading provider of Collective Defense and network behavioral analysis, announced today the company has been...
Coalfire Named To Washington Post Top Workplaces (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, was honored today as a Top Workplace by the Washington Post. Criteria...
Delve Labs Called One of the "Vendors Who Shaped the Year" in Leading Analyst Firm Report (Morningstar) Delve Labs, the vulnerability management solution leveraging machine learning to automate vulnerability management scanning and prioritization, has been included in the IDC, "Worldwide Device Vulnerability Management Market Shares, 2019: Finding the Transitional Elements Between Device Assessment Scanning and Risk-Based Remediation" (Doc # US46284720, May 2020) report.
Exclusive: How the pandemic influenced Infoblox's search for new HQ (Silicon Valley Business Journal) The network security company said employees' requests for more flexibility to work from home and the Covid-19 pandemic informed its decision to relocate.
Norton Rose Fulbright enhances data protection, privacy and cybersecurity practice with new Houston partner (GlobeNewswire) Global law firm Norton Rose Fulbright today announced that Will Daugherty, a data protection, privacy and cybersecurity lawyer with a focus on risk mitigation, incident response and compliance, has joined as a partner in its Houston office.
()
Skybox Security Announces Claire Darling as Chief Marketing Officer (PR Newswire) Skybox® Security, a global leader in cybersecurity management solutions, today announced Claire Darling joins the company as chief marketing...
Mark Elliot joins BioCatch as Chief Marketing Officer (Help Net Security) BioCatch announced that Mark Elliot has joined the senior leadership team as Chief Marketing Officer to lead marketing efforts and grow the brand globally.
Automox Appoints CrowdStrike Co-Founder Dmitri Alperovitch to Board of Directors (BusinessWire) Automox appoints CrowdStrike co-founder Dmitri Alperovitch to its board of directors.
Products, Services, and Solutions
BlackBerry and Bell to Deliver Enhanced Mobile Threat Defense to Enterprise Customers (PR Newswire) BlackBerry Limited (NYSE: BB; TSX: BB) and Bell (TSX, NYSE: BCE) today announced a new partnership to provide enhanced secure communications to...
Acunetix Releases Business Logic Recorder (Security Boulevard) New feature enables vulnerability scanning deeper into web applications AUSTIN, TEXAS – June 16, 2020 – Acunetix, a global leader in automated web
Threat Intelligence Firm IntSights Unveils First Partner Program (Channel Futures) Threat intelligence firm IntSights Tuesday unveiled its first partner program to extend its threat protection suite to enterprises around the world.
HackerOne launches penetration testing to empower digital transformation (Security Brief) “In today’s agile environments, pentest platforms should seamlessly integrate with every aspect of the software development lifecycle so that findings are quickly pushed to the right developer and vulnerabilities are fixed faster.
Dropbox announces family plan, password manager, and other security tools (VentureBeat) Dropbox has announced a slew of new features for personal and business users today, including a family plan, password manager, and computer backup tool.
()
Santander uses ThetaRay’s artificial intuition to bolster its AML defences (Euromoney) As card fraud, identity theft and cybercrime surge, international banks need cutting edge technology to protect the weak spots in their correspondent networks.
KnowBe4 Simplifies and Centralizes Phishing Campaign Management (GlobeNewswire) The KnowBe4 Managed Phishing Campaign feature helps to create and manage phishing campaigns across multiple KnowBe4 accounts from a single interface
()
CyberArk Alero Improves Remote User Security with New Authentication Options (BusinessWire) CyberArk announced new advancements for CyberArk Alero.
BeyondTrust Announces Integration with the SailPoint Predictive Identity™ Platform (GlobeNewswire) Integration with SailPoint’s SaaS identity platform allows BeyondTrust customers to uplift their existing Privilege Access Management and Identity Governance solutions to the cloud
RIA in a Box Launches Cybersecurity Insurance Offering to Provide RIAs Access to Industry Leading Coverage (Yahoo) RIA in a Box, a leading provider of compliance, operations, and registration solutions for the wealth management industry, today announced a partnership with ProWriters and AssetSure that offers registered investment adviser (RIA) firms centralized access to cybersecurity insurance from top providers
Secure Exchange Solutions Receives HITRUST® CSF and NIST Cybersecurity, Accreditations Reaffirming Commitment to Security and Privacy (PR Newswire) Secure Exchange Solutions (SES), a leading provider of cloud-based clinical data exchange and AI-powered technologies, today announced the...
Levi Strauss & Co. Continues to Protect Its Brands Online During COVID Crisis With BrandShield’s Help (ReBlonde) BrandShield, the cybersecurity company offering online threat intelligence for companies globally, announces it has neutralized over 150 phishing websites targeting the Levi Strauss & Co‘s brand as part of their scam. The number of sites taken down has doubled compared with previous months.
Technologies, Techniques, and Standards
EU sets framework for contact tracing apps that work across borders (Engadget) The Commission has agreed on a set of technical specifications that will allow info to be exchanged between national contract tracing apps.
()
Webcast: Linux Forensics Magical Mystery Tour With Hal Pomeranz (Black Hills Information Security) One of our favorite BHIS guest presenters, Hal Pomeranz, returns for more of the Linux goodness. Roll up for a magical tour through the mysteries of Linux file systems! Relative atime updates, block groups, and allocation strategies, deleted directory entries, and even more will be revealed! This information will help you understand your Linux timelines […]
Webcast: A Blue Team’s Perspective on Red Team Hack Tools (Black Hills Infosec) Kent and Jordan are back to continue their journey to make the world a better place. This time around, they will be reviewing a series of tools commonly used on pentests to identify flaws in Active Directory and general network design and implementation.
Design and Innovation
ESET CTO: AI needs "a human involved" to be an effective cybersecurity tool (Verdict) Artificial Intelligence is most effective in cybersecurity with "a human involved", according to the CTO of internet security company ESET.
()
Launching The Largest Voting Information Effort in US History (About Facebook) We’re building a Voting Information Center to give millions of people accurate information about how to register and vote.
Research and Development
Analysis | The Cybersecurity 202: How secure are electronic pollbooks and vote reporting tools? This new program aims to find out (Washington Post) Voting machines aren't the only election security concern.
US Air Force Awards Shift5, Inc Phase II Small Business Innovation Research Contract (Yahoo) Shift5, Inc., a cybersecurity company, announces that it has been awarded a $1.5M Phase II Small Business Innovative Research (SBIR) contract from the US Air Force through the AFWERX SBIR technology innovation program. AFWERX's mission is to enhance the effectiveness of the Air Force by enabling
Legislation, Policy, and Regulation
Israel And Greece Sign an Agreement on Cybersecurity Info-Sharing (CISO MAG | Cyber Security Magazine) The Israel National Cyber Directorate and the Ministry of Digital Governance of the Hellenic Republic have signed a cooperative agreement on cybersecurity
Germany's contact tracing app provokes privacy concerns (The Telegraph) Norway suspended its contact tracing app earlier this week following separate privacy concerns
()
‘Don’t buy Huawei or we’ll rethink investment,’ US tells Brazil (Capacity Media) The US is pushing Brazil to ban Huawei and instead insist its telecoms companies use Scandinavian suppliers Ericsson and Nokia for their 5G networks, with US financial help.
WSJ News Exclusive | Justice Department to Propose Limiting Internet Firms’ Protections (Wall Street Journal) The Justice Department is set to propose a roll back of legal protections that online platforms have enjoyed for more than two decades, in an effort to make tech companies more responsible in how they police their content, according to a Trump administration official.
Pelosi calls on advertisers to pressure social media platforms over misinformation (TheHill) Speaker Nancy Pelosi (D-Calif.) on Tuesday urged advertisers to pressure social media platforms to tackle misinformation more aggressively.
()
Electronic Control Systems Security (Civil Defense Radio) Joe Weiss, an electronic control systems cybersecurity expert, gives us his insight into what may have brought about the latest Presidential Executive Order on securing the national bulk power system and components.
Litigation, Investigation, and Law Enforcement
Read the 2017 report by the CIA’s WikiLeaks Task Force (Washington Post) An elite hacker unit's failure to secure its systems enabled a massive theft of data in 2016 that found its way onto WikiLeaks a year later, a task force report said. The theft was the result of a culture that prioritized "building cyber weapons at the expense of" system security, the report said.
Multiple “CIA failures” led to theft of agency’s top-secret hacking tools (Ars Technica) Vault 7, the worst data theft in CIA history, could have been avoided, report finds.
Newly unclassified report finds CIA security failures led to massive 2017 breach (TheHill) A newly unclassified internal CIA report found that a massive 2017 data breach of the agency that enabled classified information to be sent to WikiLeaks was caused by the CIA failing to secure its own systems.
CIA unaware of Vault 7 theft until WikiLeaks dump (SearchSecurity) The CIA did not realize that the infamous 'Vault 7' hacking tools had been stolen until WikiLeaks published them a year after they were stolen by an insider threat, according to an internal task force report.
Report: Lax cybersecurity at CIA unit led to Vault 7 leaks (FCW) An internal CIA report pins the theft of valuable hacking tools in 2016 on a workplace culture that didn't do enough to emphasize cybersecurity.
CIA’s ‘Lax’ Security Led to Massive Theft of Hacking Tools, Internal Report Finds (Wall Street Journal) A “woefully lax” security culture at the Central Intelligence Agency that favored building cyber weapons over protecting its own computer systems permitted the 2016 theft of top-secret hacking tools, according to an internal report.
Former eBay Execs Allegedly Made Life Hell for Critics (Wired) Surveillance. Harassment. A live cockroach delivery. US attorneys have charged six former eBay workers in association with an outrageous cyberstalking campaign.
eBay staff charged with cyberstalking, sending fetal pig and spiders (Naked Security) 6 execs and employees have been charged with cyberharassing a couple who published an e-commerce newsletter sometimes critical of the company.
()
U.S. Sanctions Nigerian Cyber Actors for Targeting U.S. Businesses and Individuals (Mirage News) Technological advancements that provide greater interconnectivity also offer greater opportunity for exploitation by malicious actors who target at-risk...
Nebraska Democrats call for their Senate nominee to drop out of race (TheHill) The Nebraska Democratic Party (NDP) on Tuesday called on its nominee in the state’s Senate race to suspend his campaign after he made sexually offensive comments about a staffer in a text message sent to her and other employees.