Cyber Attacks, Threats, and Vulnerabilities
Hidden Cobra - from a shed skin to the viper’s nest (ReversingLabs) Enriching public threat intelligence
Twitter bans DDoSecrets account over 'BlueLeaks' police data dump (ZDNet) Twitter said DDoSecrets account leaked and promoted BlueLeaks, a huge collection of files stolen from more than 200 US police departments and fusion training centers.
SixLittleMonkeys Malware Resurfaces with with API-like Programming Enhancements (MSSP Alert) SixLittleMonkeys, an advanced persistent threat (APT) actor, applies API -style coding to its malware, Kaspersky researchers report.
Twitter discloses billing info leak after 'data security incident' (BleepingComputer) Twitter has disclosed a 'Data Security Incident' that caused the billing information for Twitter advertisers to be stored in the browser's cache. This bug would have allowed other users on the computer to see this data.
Twitter apologises for business data breach (BBC News) The social media firm says personal information of business advertisers' clients may be affected.
Fears over ‘worrying’ Twitter breach as personal details are compromised (SC Magazine) Industry experts express concern as Twitter emails business clients to admit personal data like email addresses have potentially been compromised.
Introducing Nulledflix - Nulled forum’s own streaming service (Digital Shadows) Lockdowns implemented during the COVID-19 (aka coronavirus) pandemic have forced people around the world to spend a large part of their leisure time indoors and required us all to find ways to fill the time. Some people have taken up baking as a new hobby, others prefer to read or paint, but many settle for a good movie or binge-watch their favorite TV show. The latter option has proven to be particularly popular: There have been multiple reports of streaming services’ membership and revenue increasing following the implementation of lockdown.
Cop Comedy Riskiest Show to Watch Online (Infosecurity Magazine) US police sitcom named show most targeted by malicious threat actors
European victims refuse to bow to Thanos ransomware (BleepingComputer) A Thanos ransomware campaign targeting mid-level employees of multiple organizations from Austria, Switzerland, and Germany was met by the victims' refusal to pay the ransoms demanded to have their data decrypted.
Avast Discovers 47 Android Adware Apps (Avast) Avast researchers discover 47 apps on Play Store with intrusive ads and stealth features.
Airtel upgrades security measures amid likely cyberattacks (ETCIO.com) Bharti Airtel said it witnessed an increase in such cyberattacks during its security operation and has now accordingly upgraded the SOC to a higher th..
Wells Fargo customers targeted with phishing attacks using calendar invites (American Banker) In a new twist on an old scam, cybercriminals have tried to get thousands of people to surrender their Wells bank account information by sending authentic-looking emails containing malicious links that lead to a fake website bearing the company's name.
BD Alaris PCU (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Becton, Dickinson and Company (BD)
Equipment: Alaris PCU
Vulnerability: Uncontrolled Resource Consumption
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-20-170-06 BD Alaris PCU that was published June 18, 2020, on the ICS webpage on us-cert.gov.
Baxter Sigma Spectrum Infusion Pumps (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Baxter
Equipment: Sigma Spectrum Infusion Pumps
Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on a Resource After Expiration or Release
2.
Baxter Phoenix Hemodialysis Delivery System (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Baxter
Equipment: Phoenix Hemodialysis Delivery System
Vulnerability: Cleartext Transmission of Sensitive Information
2.
Baxter PrismaFlex and PrisMax (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Baxter
Equipment: PrismaFlex and PrisMax
Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password
2.
Baxter ExactaMix (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Baxter
Equipment: Baxter ExactaMix EM 2400 & EM 1200
Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Missing Encryption of Sensitive Data, Improper Access Control, Exposure of Resource to Wrong Sphere, Improper Input Validation
2.
ABB Device Library Wizard (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: ABB
Equipment: Device Library Wizard
Vulnerability: Insecure Storage of Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a low-level user to escalate privileges and fully compromise the device.
Honeywell ControlEdge PLC and RTU (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Remotely exploitable/low skill level to exploit
Vendor: Honeywell
Equipment: ControlEdge PLC and RTU
Vulnerabilities: Cleartext Transmission of Sensitive Information
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to obtain passwords and session tokens.
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L and FX Series CPU Modules (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: MELSEC
Vulnerability: Cleartext Transmission of Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow information disclosure, information tampering, unauthorized operation, or a denial-of-service condition.
Security Patches, Mitigations, and Software Updates
Windows 10's Mail app is deleting Gmail users' emails (BetaNews) An update from last month seems to have introduced a bug into the Mail app which is causing problems with Gmail accounts.
Cyber Trends
Sponsored content: What treadmills tell us about the state of the office during Covid-19. (The CyberWire) (This article was contributed and sponsored by Extrahop.) Everything from IP phones to printers to treadmills in your office gym connect to a network somewhere—except now there’s nobody in the building to turn them off. A recent security report from ExtraHop did find that most businesses remembered to shut down the exercise equipment when shuttering their doors in an attempt to slow the spread of COVID-19, but can the same be said for other connected devices?
The Cost of Privacy Report 2020 (Okta) Reporting on the State of Digital Identity in 2020.
The Indelible Impact of COVID-19 on Cybersecurity (Bitdefender) Half of infosec professionals (50%) revealed that their organisations didn’t have a contingency plan in place, or didn’t know if they did, for a situation like COVID-19 or a similar scenario.
Internet Security Report - Q1 2020 (WatchGuard Technologies) The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Their smart, practical security advice contained in the Internet Security Report will enable you to better protect your organization in the ever-changing threat landscape.
Over Two-Thirds of Malware Hidden by HTTPS in Q1 (Infosecurity Magazine) Watchguard warns of evasive attackers
Embedded Hardware Security Shipments to Hit 5 Billion by 2024, Driven by Increasing IoT Cyber Protection Demands (ABI Research) As cybercriminals find new ways to gain access to devices, new secure embedded hardware can block their points of entry
Akamai CEO Sees an Increase in Devices Going to Malware Sites (Bloomberg) Tom Leighton, chief executive officer of Akamai Technologies Inc., says cyber attacks are on the rise with so many individuals working from home. He speaks on "Bloomberg Technology."
Imperva Research Labs Reveals Abnormal Increase in DDoS Attack Length, Despite Popularity of Short Term Attacks (Imperva) May 2020 Cyber Threat Index also finds ATO attacks primarily targeted loyalty card programs and streaming services
Covid-19: Africa under cyber-attack (Bedfordview Edenvale News) The report highlighted how vulnerable users were when it came to recognising cyber-threats and managing their risk profiles.
Kiwi culture makes easy victims for hackers (New Zealand Herald) Why fraudsters are increasingly turning attention toward this part of the world.
Marketplace
WSJ News Exclusive | Dell Explores Spinoff of $50 Billion Stake in VMware (Wall Street Journal) Dell is considering a spinoff and other options for its stake in the cloud-software giant, as the PC maker seeks to boost the value of its shares.
SecurityGate.io announces Series A funding with Houston Ventures for accelerating innovation to transform cybersecurity management in OT/ICS operational environments (PR Newswire) SecurityGate.io, a cybersecurity software company that helps organizations become leaders and experts at managing cyber risk in OT/ICS...
Atos to acquire Paladion (ETCIO.com) This acquisition will bring Managed Detection and Response capabilities to the Atos portfolio.
HSBC raises $7M to expand relationship with Privitar (Help Net Security) Privitar announced that HSBC has joined its Series C growth round with a $7 million investment, bringing the funding round total to $87 million.
Opora relies on Jerusalem Venture to make mark in US (Intelligence Online) Jerusalem Venture Partners (JVP) is getting back into cyber, participating in a round of seed funding for the Israeli threat
AE Industrial Partners acquires NuWave Solutions to expand advanced analytics and AI domains (Help Net Security) AE Industrial Partners has acquired a majority interest in NuWave Solutions, a data management, advanced analytics, AI, ML, and cloud solutions provider.
Palantir adds 3 to board, including a woman, as it prepares to go public (Silicon Valley Business Journal) Wall Street Journal reporter Alexandra Wolfe Schiff, who is also the daughter of Tom Wolfe, the late journalist and author of books that included "The Bonfire of the Vanities" and "The Electric Kool-Aid Acid Test," is joining Palantir's board. She wrote about co-founder Peter Thiel and Silicon Valley in a 2017 book titled, "Valley of the Gods."
GCHQ Innovation Co-Lab launches in Greater Manchester (BusinessCloud) Based at The Landing, scheme will give start-ups and SMEs access to world-class GCHQ technologists
Brazil suspends WhatsApp's new payments system (ETCIO.com) Brazil's central bank effectively suspended a newly-launched system allowing users of Facebook Inc's WhatsApp messaging service to send money via chat..
Security takes boardroom priority at India’s financial sector (ETCIO.com) With management taking a keen interest in cybersecurity, not just CIOs and CISOs, even COOs are getting involved in building a robust security posture..
Blue Hexagon Named as a Representative Vendor in the 2020 Gartner Market Guide for Network Detection and Response (Valdosta Daily Times) Blue Hexagon, deep learning innovator of Cyber AI You Can Trust (™) to stop cyber adversaries and malware in real time before infiltration, was recognized in the Gartner Market Guide for Network Detection and Response.
Amid Surging Customer Demand and Growth in the Application Protection Market, Virsec Appoints New CEO (BusinessWire) Virsec, the industry leader in protecting critical applications during runtime, today announced that Dave Furneaux has been appointed CEO of the rapid
Juniper Networks Appoints New Chief Information Officer (GlobeNewswire) Sharon Mandell will lead the ongoing enhancement of Juniper’s IT infrastructure and applications architectures of the company
NTT appoints Simon Walsh as CEO for the Americas (Olean Times Herald) NTT Ltd., a world-leading global technology services provider, today announced Simon Walsh as Chief Executive Officer (CEO) for its Americas business. Walsh will
Products, Services, and Solutions
YouAttest Launches First Cloud-Based Identity Auditing and Compliance Solution for Okta's Identity Cloud (PR Newswire) YouAttest, an innovator in the Identity Governance & Administration (IGA) market today announced the general availability of YouAttest's...
Armis Launches New Global Reseller Channel Program (PR Newswire) Armis®, the leading enterprise IoT security company, today announced the Armis Reseller Channel (ARC) program designed to create long-term...
ZL Technologies Solves Compliance Challenges for Financial Institutions with Advancements to its Platform (GlobeNewswire) New offering leverages powerful lexical engine and ML models to provide compliance departments with better oversight across employee communications
Peak Trust Selects Keeper's Robust Zero-Knowledge Architecture to Secure Clients' Confidential Financial Information (PR Newswire) Peak Trust, an independent trust company dedicated to offering personal trust administration for families and individuals, has selected Keeper...
Frost & Sullivan Report Finds BlackBerry Solutions Address 96% of the Enterprise Threat Landscape (MarTech Series) BlackBerry Limited announced findings from an independent Frost & Sullivan report which concludes that BlackBerry can secure all IoT endpoints, and upwards of 96% of all cyberthreats.
Blueliv and King & Union Announce Strategic Partnership for Threat Intelligence Services (King & Union) US-based cyber vendor harnesses Blueliv threat intelligence for its Avalon Cyber Analysis Platform and new suite of Culper Group services...
K2 Cyber Security and SYNNEX Corporation Sign Agreement for Distribution of K2 Security Platform (BusinessWire) K2 Cyber Security signs distribution agreement with SYNNEX Corp. to bring application workload protection solution to SYNNEX channel partners
Microsoft releases first public preview of its Defender antivirus on Android (ZDNet) UPDATE: Microsoft Defender ATP for Linux has also exited public preview and is now generally available for all users.
Claranet Cyber Security wants to help businesses secure their endpoints (Bestgamingpro) Claranet Cyber Safety has introduced the launch of its new Endpoint Detection and Response service as a part of its rising Managed Safety Providers portfolio. Endpoint Detection and Response (EDR) serves as a substitute for antivirus software program by offering real-time monitoring and detection of malicious occasions on endpoints. EDR is ready to acknowledge indicators […]
Plurilock Releases New Version of ADAPT MFA Product with Broad Standar (PRWeb) Plurilock Security Solutions, Inc., leading provider of device-free and frictionless authentication solutions, this week announced the Summer 2020 release of
Helping MNOs to Maximize Revenues & Protect Margins for Entire Android Portfolio (Trustonic) Our strategic partnership with Samsung empowers MNOs & the wider telco ecosystem to curb losses & grow revenues with a single platform to manage their entire Android portfolio.
Sompo Japan to offer cyberattack insurance with variable premiums (Nikkei Asian Review) Hitachi Solutions to help measure policy risk in covering IoT-exposed factories
Nuspire Improves the Cybersecurity Service Experience with the Launch of HALO (Nuspire) Revolutionary client experience focused approach to cybersecurity identifies and stops breaches
IRONSCALES Deploys Natural Language Processing to Automatically Preven (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced that it has deployed natural language processing (NLP), using advanced
Technologies, Techniques, and Standards
Cloud misconfigurations and security: 5 ways to avoid your next fail (TechBeacon) Here's how to securely configure your cloud services and keep them safe.
HITRUST Releases Version 9.4 of the HITRUST CSF Incorporating the DoD CMMC, and Approach to Community Standards (HITRUST) Latest release of the HITRUST CSF furthers benefits towards One Framework, One Assessment, Globally™
Forcepoint Makes the Case for the Future of Cloud-Powered Cybersecurity (TechSpective) Forcepoint is hosting the SASE CyberSummit today. SASE is an acronym for Secure Access Service Edge—essentially redefining the “perimeter” from a
Inside-Out Security: The Path to Dynamic Data Protection (CSO Online) Today’s organizations must move beyond focusing on external security threats and instead become more user, data, and behavior centric.
NCDOC Wins a Federal Capture-The-Flag Competition (DVIDS) Navy Cyber Defense Operations Command (NCDOC) participated and won the Tanium’s Federal Virtual Capture the Flag (CTF) Challenge on June 17 and18.
The standard Periodic Table of DevOps tools v4 launched (SC Magazine) This free, interactive Periodic Table of DevOps Tools quickly shows many of the leading tools and where they fit in the software delivery landscape.
Fixing all vulnerabilities is unrealistic, you need to zero in on what matters (Help Net Security) It's nearly impossible to remediate every vulnerability, rendering the ability to properly prioritize remediation all the more critical.
Analysis | The Cybersecurity 202: Here's why all election officials should pay attention to Kentucky's primary (Washington Post) The state overcame challenges to run a relatively smooth primary during the pandemic.
Design and Innovation
The US Intel Community Is Being Disrupted (Defense One) Intelligence agencies aren’t businesses, but they'd better learn from private-sector giants gone by.
Korean IT firms employ AI to maintain decorum in cyberspace (Pulse) The Korean IT names have employed artificial intelligence (AI) programs to oversee decorum in online communities. Game publisher Nexon has recently developed a machine learning-based text detection technology to block...
Academia
Illinois Cyber Security Scholars Program (ICSSP) (University of Illinois) The Information Trust Institute (ITI) at the University of Illinois at Urbana-Champaign is an interdisciplinary research center addressing all aspects of information trust.
Legislation, Policy, and Regulation
European Authorities Aim to Make National Coronavirus Apps Work Across Borders (Wall Street Journal) The European Union is rushing to figure out how it can make national coronavirus contact-tracing apps compatible with each other as countries begin to reopen their borders, but privacy regulators worry this could present big risks to personal data.
The Fait Accompli and Persistent Engagement in Cyberspace (War on the Rocks) The Democratic People’s Republic of Korea has illicitly generated $2 billion to upgrade its weapons of mass destruction and missile programs by employing
China Hits Back At Cyberattack Claims (Channel News) China is expected to come down heavily on Australian exports as tensions heat up over claims it was responsible for state based cyber-attacks on our government agencies and businesses.
Ex US secretary of homeland security to help develop Australia’s new cyber security strategy (The Mandarin) The federal government has appointed Kirstjen Nielsen to provide advice on Australia's cyber security strategy, set to be released this year.
Electric equipment imported from China to be tested for malware (Zee News) The decision falls in line with the Aatmanirbhar Bharat' vision, that aims to promote domestic manufacturing and reduce import content in large infrastructure projects.
New UK Government powers to scrutinise M&A deals on public health and national security grounds (Lexology) On 21 June 2020, the UK Government announced that it is introducing emergency legislation that will bolster its powers to scrutinise, and potentially…
()
The DOD wants better cybersecurity for its contractors. The first steps haven’t been easy. (FedScoop) One of the biggest, most complicated projects in the defense industrial base isn’t a new weapons system or cloud computing environment.
Graham, Cotton, Blackburn Introduce Balanced Solution to Bolster National Security, End Use of Warrant-Proof Encryption that Shields Criminal Activity (United States Senate Committee on the Judiciary) Senate Judiciary Committee Chairman Lindsey Graham (R-South Carolina) and U.S. Senators Tom Cotton (R-Arkansas) and Marsha Blackburn (R-Tennessee) today introduced the Lawful Access to Encrypted Data Act, a bill to bolster national security interests and better protect communities across the country by ending the use of “warrant-proof” encrypted technology by terrorists and other bad actors to conceal illicit behavior.
FERC Issues White Paper on Cybersecurity Incentives (Lexology) On June 18, 2020, the Federal Energy Regulatory Commission (FERC or the “Commission”) issued a Cybersecurity Incentives Policy White Paper (the…
Presidential Executive Order 13920 was not due to a malware event - recent and upcoming events will discuss the event (Control Global) There continues to be a lack of understanding about control system cyber security. What’s worse, there is a growing schism between network security/threat analysts and electrical, mechanical, control system, safety and other domain system engineers.
DoD’s two top research officials announce departure (Federal News Network) Undersecretary of Defense for Research and Engineering Michael Griffin and Lisa Porter, who is the deputy, will step down July 10.
Litigation, Investigation, and Law Enforcement
Germany Can Enforce Facebook Data Collection Order (Law360) Germany's high court has dealt Facebook a blow in a landmark case that connects privacy and antitrust concerns, allowing the country's competition authority to enforce an order requiring the social network to change the way it collects user data.
Full 9th Circ. Won't Reconsider Facebook Wiretap Ruling (Law360) The full Ninth Circuit on Tuesday shot down Facebook's request to reconsider a panel's ruling that users could move forward with several wiretap and privacy claims, refusing to take another look at the company's argument that the panel's finding conflicts with precedent and "fundamentally" alters the meaning of wiretapping.
Probes Done, No Rulings In Irish Facebook, WhatsApp Cases (Law360) Ireland's data protection watchdog said Tuesday that it had finished probes into both Facebook and its subsidiary WhatsApp's compliance with EU privacy law, but it remains unclear when it will issue decisions in the closely watched cases.
10,000 easyJet Customers Form Group Class Action over Cyber Attack Data Leak (Euro Weekly News Spain) According to reports, more than 10,000 people have joined a group class action against easyJet after personal details of nine million customers were News Article
Judge Sends Episcopal Health Data Breach Lawsuit Back to State Court (HealthITSecurity) A data breach lawsuit against New York's Episcopal Health Services has been sent back to state level courts, citing a lack of standing for a federal lawsuit as the patients' claims fall under HIPAA.
FBI probing racist emails sent to thousands affiliated with major universities: reports (TheHill) The FBI is investigating several recent incidents of racist emails being sent to thousands of affiliates of major institutions including Harvard University, Stanford University, and Iowa State University, according
Cisco issues warcry to counterfeit traders after Gen-X duo banned (CRN) Having agreed seven-figure settlement with Cisco in 2018, Alan Gould and Kelley Stewart receive 12-year ban from Insolvency Service