Cyber Attacks, Threats, and Vulnerabilities
Fact Check: Govt Warning Of Massive Phishing Attack Is Real (The Logical Indian) The Logical Indian Fact Check team investigates the claim that a phishing attack is expected to be launched from June 21 onwards in major metropolitan cities of the country.
Self-Propagating Lucifer Malware Targets Windows Systems (Threatpost) A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities.
Lucifer: Devilish malware that abuses critical vulnerabilities on Windows machines (ZDNet) Researchers say the powerful malware has been “wreaking havoc” on Windows hosts.
Glupteba – the malware that gets secret messages from the Bitcoin blockchain (Naked Security) And you thought the Bitcoin blockchain was all about cryptocurrency!
Glupteba: Hidden Malware Delivery in Plain Sight (Sophos) Inside a self-concealing malware distribution framework with a security-resistant ecosystem
Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex (Morphisec) The Morphisec Labs team has tracked an obfuscated VBScript package in campaigns since March 2020. Initially, the malware campaign was focused on targets within Germany, but has since moved on to additional targets--excluding any IP address within Russia or North Korea.
Largest Ever Recorded Packet Per Second-Based DDoS Attack Mitigated by Akamai (Akamai) On June 21, 2020, Akamai mitigated the largest packet per second (PPS) distributed denial-of-service (DDoS) attack ever recorded on the Akamai platform. The attack generated 809 million packets per second (Mpps), targeting a large European bank.
There are DDoS attacks, then there's this 809 million packet-per-second tsunami Akamai says it just caught (Register) Bank on the receiving end of massive 418Gbps traffic barrage
Evil Corp's 'WastedLocker' Campaign Demands Big Ransoms (BankInfo Security) The Evil Corp cybercrime group, originally known for the Dridex banking Trojan, is now using new ransomware called WastedLocker, demanding ransom payments of...
47 ‘games’ on the Google Play store will display incessant adverts (Tech Advisor) Android users should watch out for these and other apps which cause constant adverts to pop up and cover your screen.
Threat Spotlight: New cryptominer malware variant (Journey Notes) Barracuda researchers discovered a new cryptominer malware variant that's targeting both Windows and Linus machines.
CryptoCore hacker group stole over $200M from cryptocurrency exchanges (Security Affairs) The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges. The CryptoCore group, […]
Someone Has Been on a $200M Crypto Exchange Hacking Spree (Cointelegraph) CryptoCore reportedly launched a phishing campaign against several crypto exchanges and managed to steal $200 million in two years
ESET Researchers Discover New Android Ransomware, Provide a Decryptor | Information Security Buzz (Information Security Buzz) A new ransomware family, which ESET detects as CryCryptor, has been targeting Android users in Canada under the guise of an official COVID-19 tracing app. ESET put an end to the attack.
Frost & Sullivan databases available for sale on a hacker forum (Security Affairs) U.S. business consulting firm Frost & Sullivan suffered a data breach, a threat actor is offering for sale its databases on a hacker forum. U.S. firm Frost & Sullivan suffered a data breach, data from an unsecured backup that were exposed on the Internet was sold by a threat actor on a hacker forum. Frost […]
Personal Data of 350,000+ Social Media Influencers and Users Compromised Following Preen.Me Hack (RBS) The personal information of an estimated 100,000+ social media influencers has been compromised and partially leaked, following the breach of social media marketing company, Preen.Me. Furthermore, as a result of this breach, over 250,000 social media users have had their information fully exposed on
Critical Bugs and Backdoor Found in GeoVision's Fingerprint and Card Scanners (The Hacker News) Critical RCE Flaws and Backdoor Found in GeoVisions Fingerprint and Card Scanners
Docker Images Containing Cryptojacking Malware Distributed via Docker Hub (The Hacker News) Infected Cryptocurrency-Mining Docker Images Distributed Through Docker Hub
Q&A: Eugene Spafford on the Risks of Internet Voting (Dark Reading) Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.
Hackers are still running coronavirus-related campaigns, CrowdStrike warns (CyberScoop) Although shelter-in-place orders have begun to ease in many locations, hackers are still running coronavirus-related spearphishing and disinformation.
Ex-CIA exec: Covid-19 created ideal 'crisis' conditions for cyberattackers (SC Media) Covid-19 has created ideal crisis conditions within orgs, which malicous hackers can take advantage of to pull off successful attacks, an ex-CIA exec warns.
Understanding Encrypted Attack Types and How They Work (Avast) Understanding the types of encrypted web attacks and the factors driving their success.
Kaspersky reviews password stealers that target gaming (Manila Standard) Gaming platforms represent an industry with a multi-million user audience. Cybercriminals are fully aware of this, utilizing various types of malware to profit from gamers. To understand the extent of exploitation, Kaspersky reviewed threats targeting major gaming platforms and found at least four malware specimens that are capable of stealing users account data from platforms such as Battle.net, Origin and Uplay, in order to resell it afterwards. However, these Trojans are not just looking to affect gameplay but your banking details could also be at risk.
Telegram: Breach Exposed Millions Of Users' Data (PYMNTS.com) Messaging app Telegram said a breach has exposed a database containing the personal information of millions of users, including phone numbers and unique IDs.
LG Electronics allegedly hit by Maze ransomware attack (BleepingComputer) Maze ransomware operators have claimed on their website that they breached and locked the network of the South Korean multinational LG Electronics.
CHI St. Luke's Health-Memorial reports patient information data breach (The Lufkin Daily News) CHI St. Luke’s Health-Memorial reported Monday that an unauthorized third party gained access to patient information on April 23.
Choice Health Management Services, LLC Provides Notice of a Data Breach (InsuranceNewsNet) --Choice Health Management Services, LLC is providing notice on behalf of Universal Health Care/ Blumenthal, Inc., Brian Center Nursing/ St. Andrews, LLC, Catawba Valley Assisted Living, LLC, Universal Health Care/Lenoir, Inc., Litchford Falls Healthcare& Rehabilitation Center, Saturn Health, Inc., Universal Health Care/Brunswick, Inc., Universal Health...
Grace & Porta Benefits Provides Notice of a Data Breach (Yahoo) Grace & Porta Benefits ("Grace & Porta") provides notice of an incident that may affect the security of some information relating to certain individuals associated with Grace & Porta.
Event fraud (Professional Security) Hackers are using fake admission tickets for cancelled London events as the bait to hide malware in Microsoft Word documents, according to a cybersecurity firm.
Shayna Jack shaken by cyber attack: lawyer (Yahoo Sports) Australian swimmer Shayna Jack has been left "incredibly shaken" by a cyber attack as she prepares to appeal her four-year ban for a doping violation.
Netflix warns Irish users to beware of phishing scam (Extra.ie) Netflix has warned Irish users to beware of a phishing scam circulating at the moment, which targets customers of the streaming service. The scam involves recipients being sent an email purporting to be from Netflix. The email informs the targeted customer that their account has been suspended due a failed payment.
FBI warns K12 schools of ransomware attacks via RDP (ZDNet) The FBI has issued a security alert warning K12 schools of the "ransomware threat" during the COVID-19 pandemic.
Virgin Media down in London (Computing) Virgin Media says its working hard to fix the problems
Clay County Health Center opens privacy investigation into its COVID-19 dashboard (KMBC) Investigation acknowledged after KMBC 9 News received tip about personally identifiable information
Security Patches, Mitigations, and Software Updates
List of Ripple20 vulnerability advisories, patches, and updates (BleepingComputer) The dust is far from settled following the disclosure of the 19 vulnerabilities in the TCP/IP stack from Treck, collectively referred to as Ripple20, which could help attackers take full control of vulnerable devices on the network.
iOS 14, macOS Big Sur, Safari to give us ‘No, thanks!’ option for ad tracking (Naked Security) At WWDC, Apple promised to double down on data protection in its upcoming iOS 14, macOS Big Sur, and Safari releases.
VMware Patches Several Vulnerabilities Allowing Code Execution on Hypervisor (SecurityWeek) VMware addresses 10 vulnerabilities in ESXi, Workstation and Fusion products, including serious flaws that can be exploited for code execution on the hypervisor
Google will now auto-delete location and search history by default for new users (The Verge) This is one setting you will want to check out.
Apple's Latest Privacy Announcement Could Be More Impactful than CCPA or GDPR (Adweek) Apple’s iOS 14 privacy updates make ad targeting using its IDFA tool an opt-in requirement, creating a significant hurdle for third-party ad tech.
Cyber Trends
Sponsored content: What treadmills tell us about the state of the office during Covid-19. (The CyberWire) (This article was contributed and sponsored by Extrahop.) Everything from IP phones to printers to treadmills in your office gym connect to a network somewhere—except now there’s nobody in the building to turn them off. A recent security report from ExtraHop did find that most businesses remembered to shut down the exercise equipment when shuttering their doors in an attempt to slow the spread of COVID-19, but can the same be said for other connected devices?
Instant Messaging Mayhem - Communication Channel of Choice for Cybercriminals (IntSights) Cybercriminals are migrating from traditional dark web forums and black markets to instant messaging.
There’s No Vaccine For Data Leaks: Why One Cyber Attack Leads To Another (Forbes) Response and recovery after a cyberattack often create a false sense of security for businesses and their customers. The reality is that many significant risks are escalated after a breach, leveraging data lost previously.
Phishing isn't going anywhere – it’s just getting more sophisticated (TechHQ) 15,000 Wells Fargo customers were targeted by malicious calendar invites in an example of the evolving form of phishing attacks.
Ransomware operators now threatening to publish stolen details in extortion threats (CyberScoop) Ransomware operators aren't just demanding ransom from victims anymore — they’re also running hack-and-leak extortion operations, CrowdStrike says.
Krebs Calls COVID-19 ‘Biggest Driver’ of Cyber Modernization (Meritalk) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs called the COVID-19 pandemic – and the quick switch to telework stemming from efforts to curtail the spread of the virus – one of the “biggest drivers” of IT and cyber modernization in recent times.
Marketplace
Job Anxiety Spills Into Tech Sector (Wall Street Journal) Nearly half of the technology workers at companies world-wide are worried about losing their jobs this year as employers downsize to cope with the economic aftershocks of the coronavirus pandemic, according to a recent study.
Utilities Team Up to Face Growing Cybersecurity Risks to Supply Chains (Wall Street Journal) Southern Co. has joined American Electric Power in a partnership to vet vendors and analyze potential risks to the thousands of firms that comprise their supply chains, company officials said.
Dell Technologies Stock Rises on VMware Spinoff Talk (Channel Futures) Dell Technologies stock rose double digits on talk that the vendor may unload its 81% stake in VMware. Dell's stake in VMware is valued at $50 billion.
Five big things to know about Dell selling (or buying) VMware (CRN Australia) Sending shockwaves throughout the IT world.
Siemens acquires UltraSoC to help customers detect, mitigate and eliminate risks throughout the SoC lifecycle (Help Net Security) Siemens has signed an agreement to acquire Cambridge, UK-based UltraSoC Technologies, a provider of instrumentation and analytics solutions.
Privacy assistant Jumbo raises $8 million and releases major update (TechCrunch) A year after its initial release, Jumbo has two important pieces of news to announce. First, the company has released a major update of its app that protects your privacy on online services. Second, the company has raised an $8 million Series A funding round. If you’re not familiar with Jumbo, the …
Announcing the PlayStation Bug Bounty Program (PlayStation.Blog) In collaboration with security platform HackerOne.
New York Moves to Lure Crypto Startups as BitLicense Turns Five (Nasdaq) Five years after throwing up a wall around its market few crypto startups could scale a wall known as the BitLicense â New York is handing down a ladder.
Amazon Will Show Made-in-China Labels for India as Tensions Rise (Bloomberg) Amazon.com Inc. and Walmart Inc.’s Flipkart have agreed to compel merchants to start prominently displaying “country of origin“ for all goods sold online in India, bowing to regulatory demands as tensions with China escalate.
Google to pay some publishers in Australia, Brazil, Germany for content (Reuters) Alphabet's Google on Thursday took a step to resolving its spat with publishers, saying it would pay some media groups in Australia, Brazil and Germany for high-quality content and expects to do more deals with others.
Proofpoint's Dip Due To Short-Term Concerns A Great Buying Opportunity (Seeking Alpha) Proofpoint has missed the recent bull run among cyber stocks, largely weighed down by short-term concerns related to COVID-19.
FireEye Merits A Deeper Look (Seeking Alpha) FireEye, Inc. has lost approximately a third of its value since mid-February when rumors of a possible deal with Cisco Systems were circulating. The company is still fumbling with profitability, but its high growth businesses (cloud subscription and professional services) now account for more than half its top line.
Zoom hires security executive from Salesforce as chief information security officer (CNBC) As Zoom tries to ramp up its security offerings to meet surging consumer demand, the company has hired Jason Lee from Salesforce to run security development.
ReliaQuest Adds Proven Industry Leaders to Accelerate Company Growth (PR Newswire) ReliaQuest, a leader in enterprise cybersecurity, today announced the addition of two accomplished executives to its growing team: Erin Sweeney...
Products, Services, and Solutions
Nucleus Cyber Releases Advanced Information Protection Capabilities for Microsoft Teams (Nucleus Cyber) Nucleus Cyber today announced the latest release of NC Protect with new security features and rapid deployment for Microsoft Teams.
StorageCraft Unifies Entire Business Continuity Stack With ShadowXafe 4.0 (Yahoo) StorageCraft®, whose mission is to protect all data and ensure its constant availability, today announced a significant upgrade of ShadowXafe, the company's flagship data and system backup and recovery software. Available immediately, ShadowXafe 4.0 gives users the ability to enhance and extend their
ConnectWise Announces Industry’s First Global Cybersecurity Framework for MSPs and New Security Product Offering (GlobeNewswire) Company Unveils IT Nation Secure, a cybersecurity education and training program, updates to products and new product branding
ioXt Alliance Adds Four Authorized Labs to Certification Program (BusinessWire) Today, the ioXt Alliance, the Global Standard for IoT Security, announced the addition of four Authorized Labs to the ioXt Certification Program: 7lay
Cape Privacy launches security-conscious collaboration platform for data science (VentureBeat) Cape Privacy, a startup based in New York, is developing a security-conscious collaboration platform for AI and data science work.
A new version of ID Quantique’s QRNG Quantis Appliance is now available (EIN News) The Quantis Appliance 2.0 features IDQ's latest QRNG technology in a robust chassis to provide true entropy for security and cryptographic applications.
Technologies, Techniques, and Standards
Standards Australia to set cyber security standards (Information Age) New task force to establish baseline.
How to secure cloud-based collaboration (Cloud Security Alliance) We can secure information across multiple enterprise clouds
Cybersecurity Brief: Mitigating the Cost of Data Breach Fines with NAPM (Accedian) Cybersecurity is a critical facet of running a digital business. Though nefarious actors have plagued the Internet as long as it has existed, their tactics have grown significantly more sophisticated.
Q&A: Trust nothing and forget perimeters: It's all about intrinsic security (SiliconANGLE) Most chief information security officers are well aware that building extrinsic security is key to protecting high-value assets, services, and workloads, enclosed within a perimeter.
Debunking the Myth That Greater Compliance Makes IT More Secure (Business 2 Community) Bottom Line: Excelling at compliance doesn’t protect any business from being hacked, yet pursuing a continuous risk management strategy helps.…
3 Key Ways to Bolster Healthcare Cybersecurity with MFA, Training (HealthITSecurity) Although many healthcare organizations are operating with fewer resources and security staff than other industries, there are small, but effective ways for providers to strengthen its security posture
Why identity-based, distributed controls are better suited to address cloud-era threats (Help Net Security) The SASE approach provides the agility to rapidly deliver security capabilities when and where they are needed without compromising on effectiveness.
Design and Innovation
Council Post: Beyond Sorcery: Deep Learning’s Power Of Prediction (Forbes) Deep learning’s application to cybersecurity has enabled companies to achieve an efficient prevention-approach to cyberthreats.
Academia
Analysis | The Cybersecurity 202: Few students are getting serious cybersecurity training. That's bad news for the U.S. workforce. (Washington Post) The problem is worse in lower-income districts, a survey finds
Citadel cybersecurity program paving the way for SC public colleges (Post and Courier) Cybersecurity education in South Carolina is advancing at the state's only military college. A recent multi-million dollar federal grant will help fund the first cybersecurity scholarship and bachelor's program among
Washtenaw Community College Has Been Designated A National Center Of Academic Excellence in Cyber Defense Education (Yahoo) Washtenaw Community College has been designated a National Center of Academic Excellence in Cyber Defense Education by the United States National Security Agency (NSA) and the Department of Homeland Security (DHS).
NKU launches region’s first cybersecurity program (Lane Report) The new College of Informatics program takes an innovative approach to risk management, ethical hacking and secure software development.
Legislation, Policy, and Regulation
A month after cyberattack in Iran, Israeli Military Intel units honored for 'successful covert operation' (Haaretz) Certificates of appreciation given to intel units after cyberattack attributed to Israel hit Iranian port, causing massive backups
Commission report: EU data protection rules empower citizens and are fit for the digital age (European Commission) Today, just over two years after its entry into application, the European Commission published an evaluation report on the General Data Protection Regulation (GDPR).
GDPR’s two-year review flags lack of ‘vigorous’ enforcement (TechCrunch) It’s more than two years since a flagship update to the European Union’s data protection regime moved into the application phase. Yet the General Data Protection Regulation (GDPR) has been dogged by criticism of a failure of enforcement related to major cross-border complaints — l…
Exclusive: Trump administration says Huawei, Hikvision backed by Chinese military (Reuters) The Trump administration has determined that top Chinese firms, including telecoms equipment giant Huawei Technologies and video surveillance company Hikvision <002415.SZ>, are owned or controlled by the Chinese military, laying the groundwork for new U.S. financial sanctions.
Last minute calls to delay Huawei research facility in Cambridge as deadline looms (The Telegraph) Huawei will use the Cambridgeshire site to carry out Broadband research, the company has said
Don't expect Huawei on DHS's supply chain task force any time soon (CyberScoop) A U.S. cybersecurity task force dedicated to protecting data throughout American networks aims to have a diverse set of opinions.
Former UK Labour deputy leader wants to know how the NHS's contact-tracing app will ensure user privacy (Register) This is the Apple-Google API one, not the 'world-beating' one
Republicans push bill requiring tech companies to help access encrypted data (CNET) The proposed legislation is Congress' latest attempt to weaken encryption from tech giants.
After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors (Register) Lawmakers will attempt to bend the laws of mathematics to their will
Graham, Cotton introduce yet another attempt to torpedo encryption (Ars Technica) “Limited encryption loophole” is an oxymoron.
New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire (Threatpost) The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts.
Key Solarium recommendations find a home in the defense bill (Defense Systems) Lawmakers declined to add a mandate for a White House Cyber Director position, citing jurisdictional issues.
Senate wants more clarity on cyber ops (Fifth Domain) The Senate's version of the NDAA requires a formal framework for Cyber Command's so-called hunt forward operations.
CMMC opens application process for future cyber assessors (Federal News Network) The organization administering the Cybersecurity Certification Model Certification Program opened applications for five types of participants.
The DOD wants better cybersecurity for its contractors. The first steps haven’t been easy. (FedScoop) One of the biggest, most complicated projects in the defense industrial base isn’t a new weapons system or cloud computing environment.
Senate wants better threat sharing between Pentagon and industry (Defense News) The Senate's version of the National Defense Authorization Act includes several provisions to improve cybersecurity of the defense industrial base.
FISA’s Current Controversies and Room for Improvement (Part Two) (Council on Foreign Relations) President Trump’s claims of improper surveillance during his 2016 presidential campaign and the ensuing highly publicized inquiries by the executive branch and Congress have all created an atmosphere where the Foreign Intelligence Surveillance Act (FISA) has become almost impossibly political.
Litigation, Investigation, and Law Enforcement
WikiLeaks founder Julian Assange accused of conspiring with Anonymous and LulzSec in new US indictment (CyberScoop) The new indictment broadens the U.S. government's case against the WikiLeaks founder to include more hacking allegations.
Julian Assange charged with conspiring with "Anonymous"-affiliated hackers (Axios) Assange is jailed in the U.K. awaiting possible extradition to the U.S.
Justice Department broadens case against Julian Assange (Washington Post) The new allegations include information almost used to charge him in 2011.
Morocco journalist Radi summoned for another inquiry | Saad Guerraoui | MEO (MEO) Public prosecutor summons journalist Omar Radi for probe into his alleged involvement in case of receiving "funds from abroad in connection with intelligence services."
WSJ News Exclusive | House Investigating Company Selling Phone Location Data to Government Agencies (Wall Street Journal) A Democratic-led committee said it was conducting an investigation of the products sold by data broker Venntel.
Lawmakers want answers on Juniper backdoors (Defense Systems) Members of Congress are pressing Juniper's CEO for details of an internal probe into how modified code for a compromised NSA encryption algorithm wound up in the company's firewall products.
Appeals court orders judge to dismiss criminal case against Michael Flynn (Washington Post) The decision blocks U.S. District Judge Emmet G. Sullivan from scrutinizing the Justice Department’s move to drop its prosecution of the former Trump national security adviser.
Republicans eye Defense Department official in Flynn leaks case (Washington Examiner) The head of a Department of Defense think tank, under scrutiny by Republican lawmakers for his alleged role in its counterintelligence surveillance efforts of President Trump in the 2016 campaign and transition, managed to have his job responsibilities rewritten to escape oversight by Congress.
Joe Biden may have ‘personally raised’ idea to investigate Michael Flynn (New York Post) Former Vice President Joe Biden appears to have “personally raised the idea” of investigating Michael Flynn for potentially having violated the obscure Logan Act during his phone calls …
Flynn Case Raises Questions Of Appellate Courts' Power (Law360) An appellate panel's decision ordering a judge to dismiss charges against former national security adviser Michael Flynn could face review by the full D.C. Circuit over issues of judicial authority and questions about whether the appeals court overstepped its own bounds.
‘Crush This Lady.’ Inside eBay’s Bizarre Campaign Against a Blog Critic. (Wall Street Journal) Security employees at the online marketplace allegedly orchestrated deliveries of live cockroaches, pornographic videos and a mask of a bloody pig’s head. The U.S. attorney’s office is investigating whether eBay targeted any other critics with harassment campaigns.
Wrongfully Accused by an Algorithm (New York Times) In what may be the first known case of its kind, a faulty facial recognition match led to a Michigan man’s arrest for a crime he did not commit.
Devin Nunes can’t sue Twitter over statements by fake cow, judge rules (Fresno Bee) A judge has ruled that Rep. Devin Nunes has no right to sue Twitter over statements made by a fake Internet cow, someone parodying his mother and a Republican strategist.
File Your Claim in the Yahoo Data Breach Settlement (NerdWallet) You have until July 20 to file a claim in the $117.5 million settlement for data breaches at Yahoo. But how much you'll get, and when, is uncertain.