Cyber Attacks, Threats, and Vulnerabilities
Major Explosion Rocks Iran Again, the 3rd Blast in 3 Weeks (New York Times) The precise location of Friday’s explosion was unclear, but analysts said there are several military and training facilities in the area.
Powerful Conti Ransomware Emerges (SecurityWeek) A new ransomware family packs multiple unique features, including to improve performance and give its operators the option to only target networked SMB shares
Conti ransomware shows signs of being Ryuk's successor (BleepingComputer) The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing.
Zoom zero-day flaw allows code execution on victim's Windows machine (Help Net Security) A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim's computer.
Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 (The Hacker News) A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older.
Backdoor accounts discovered in 29 FTTH devices from Chinese vendor C-Data (ZDNet) The backdoor accounts grant access to a secret Telnet admin account running on the devices' external WAN interface.
Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data (Security Affairs) Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data. The CDATA OLTs are sold under different brands, including Cdata, OptiLink, V-SOL CN, and BLIY. Some of the […]
Kasa Camera Vulnerability Discovery: Responsible Disclosures Feel Like Groundhog Day, Again (Cequence) As developers use APIs to build platforms that allow for more rapid feature releases, an equal amount of emphasis must be placed on security.
Attackers are probing Citrix controllers and gateways through recently patched flaws (Help Net Security) Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance.
FYI: Someone's scanning gateways, looking for those security holes Citrix told you not to worry too much about (Register) Hackers hit honeypots hours after CISO downplays risk, proof-of-concept exploit code emerges
How bad bots are targeting the healthcare sector (Imperva) Credential cracking, or password spraying, is one of the most effective ways for cybercriminals to get access to user accounts. It refers to the brute-force automated cracking, or pairing of usernames and passwords by using sophisticated high-speed bots. According to a National Cyber Awareness report from May 2020, cybersecurity agencies have been investigating large-scale password […]
USB storage devices: Convenient security nightmares (Help Net Security) Effective implementation of USB control and encryption can significantly minimize a number of risks that enterprises battle on a daily basis.
Fake Zoom notifications used to steal Office 365 credentials (SC Magazine) Hackers use spoofed video conferencing messages to steal Office 365 credentials as part of a ransomware campaign.
Smartwatch vulnerability allowed hackers to overdose dementia patients (HackRead) The vulnerability also allowed hackers to send life-threatening messages to patients.
June 2020's Most Wanted Malware: Notorious Phorpiex Botnet Rises Again, Doubling Its Global Impact On Organizations (Benzinga) Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ:CHKP), a leading...
Phoenix Contact Automation Worx Software Suite (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Phoenix Contact
Equipment: Automation Worx Software Suite
Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read
2. RISK EVALUATION
Successful exploitation could allow an attacker to execute arbitrary code under the privileges of the application.
Rockwell Automation Logix Designer Studio 5000 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 3.6
ATTENTION: Low skill level to exploit
Vendor: Rockwell Automation
Equipment: Logix Designer Studio 5000
Vulnerability: Improper Restriction of XML External Entity Reference
2.
Rockwell Automation FactoryTalk Linx Software (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Rockwell Automation
Equipment: FactoryTalk Linx Software
Vulnerabilities: Improper Input Validation, Path Traversal, Unrestricted Upload of File with Dangerous Type
2.
Data brokers track everywhere you go, but their days may be numbered (TechCrunch) Data brokers have access to intensely personal aspects of your life, including knowing everywhere you go.
()
Cyber Attackers Hit Bond Giant TCW, MetWest Funds (Institutional Investor) The $212 billion asset manager had to revert to backup systems but kept trading.
Motives unclear as cyber attack shuts down RMC network (Kingstonist News) Kingston’s Royal Military College is one of four military training schools in Canada targeted in a mysterious cyber attack. Discovered on the morning of Friday, Jul. 3, 2020, the attack has temporarily disabled the University’s online network.
Cyber-Attack Downs Alabama County’s Network (Infosecurity Magazine) Chilton County’s computer network disrupted by suspected ransomware attack
Cyber attack targets Surry County schools (Mt. Airy News) Earlier this week, Surry County Schools were victim of a ransomware cyber attack, according to Dr. Tracey Lewis, the school system’s director of Communications/teacher recruitment & retention.
Pubs and restaurants failing on cyber fraud protection (ComputerWeekly) Virtually all of the UK’s most popular restaurant and pub brands are failing to proactively block fraudulent emails from reaching their targets.
Security Patches, Mitigations, and Software Updates
Zoom working on patching zero-day disclosed in Windows client (ZDNet) Security firm has disclosed today a zero-day vulnerability in Zoom's Windows client.
Verizon Adds Protection Against SIM Swapping Hacks in Mobile App (Motherboard) Verizon’s new feature ‘Number Lock’ add an extra layer of security, but it’s not foolproof.
KingComposer patches XSS flaw impacting 100,000 WordPress websites (ZDNet) The vulnerability could be exploited to execute malicious payloads in visitor browsers.
Delivering Peace of Mind About New Citrix Emerging Threat (Bishop Fox) CITRIX announced 11 CVEs that impact its ADC, Gateway, and SDWAN WANOP products. Bishop Fox's Continuous Attack Surface Testing team protected our clients.
JioMeet App introduces new security features, refreshed UI for better user experience (India Today) JioMeet has brought in a host of new features to prevent hackers and to ensure user security.
Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle (Register) You've got less than 42 hours to regenerate your certs
Cyber Trends
()
Marketplace
Former CRN Fast50 winner Basis Networks acquired by CyberCX (CRN Australia) Under the same umbrella of Sense of Security, Enosys, CQR and more.
Herjavec Group, Global Cybersecurity Leader, Accelerates Growth with Acquisition of Award-Winning Identity Management Firm (PR Newswire) Robert Herjavec, leading investor on the Emmy Award-winning show, Shark Tank, and Founder & CEO of global cybersecurity firm, Herjavec Group,...
Herjavec Group acquires identity management and security consulting firm Securience (IT World Canada) Global cybersecurity firm Herjavec Group today announced the acquisition of Securience, a prominent identity and access management, IT security consulting firm in the U.K.
Telefónica invests in cybersecurity company Nozomi Networks (FierceTelecom) Telefónica, through its venture capital arm Telefónica Innovation Ventures, has made an investment in cyber security company Nozomi Networks. Telefónica's investment—the amount wasn't disclosed—added additional cybersecurity capabilities across industrial environments in the face of evolving threats to critical assets.
PQShield raises £5.5m seed funding (UKTN (UK Tech News)) PQShield, the post-quantum cryptography startup has announced a significant seed investment from Kindred Capital, Crane Venture Partners, Oxford Sciences Innovation and angel investors including Andre Crawford-Brunt, Deutsche Bank’s former global head of equities. The RSA and Elliptic Curve cryptographic standards of today are very easily breakable by quantum computers, completely undermining the confidentiality and integrity …
Cybersecurity ETF (HACK) Hits New 52-Week High (Yahoo) The cyber-security ETF hit a 52-week high. Can it gain further?
Companies can't resist the white-hot IPO market (Axios) Expect more to start taking advantage of their share price to raise new equity.
TikTok Considers Changes to Distance App From Chinese Roots (Wall Street Journal) ByteDance is considering changing the corporate structure of its popular short-video app TikTok, as it comes under increasing scrutiny in its biggest markets over its Chinese ties.
TikTok a national security threat? In an abstract way (9to5Mac) Earlier this week, the White House suggested that it might declare TikTok a national security threat, Secretary of State Mike Pompeo stating that ...
Zoom Is Fighting Rumors In India That It's A Chinese Company (BuzzFeed News) Following the Indian government's ban of 59 apps owned by Chinese companies, the video app company is reminding people it's American.
Google bans stalkerware ads (ZDNet) New Google Ads policy that bans stalkerware enters into effect on August 11.
Dawne Hickton Notes Cyber Business Opportunity From Jacobs-KeyW Combination - GovCon Wire (GovCon Wire) Dawne Hickton, executive vice president and chief operating officer...
Open Raven Expands Leadership Team with Appointment of Three Key Go-to-Market Executives (Yahoo) Open Raven today announced a significant expansion of its leadership team with the appointment of three cloud and security industry veterans.
Immersive Labs Adds Tenable Co-Founder and Security Industry Veteran Jack Huffard to its Board of Directors as Demand for Improving and Measuring Cyber Talent Grows (Valdosta Daily Times) Immersive Labs, the company empowering organizations to equip, exercise, and evidence human cyber capabilities, announced Jack Huffard, a co-founder and board member of Tenable (Nasdaq: TENB) will join its board of directors to help drive growth.
Ryan Fairchild Named Novetta Enterprise Solutions VP; Brian Hobbs Quoted (GovCon Wire) Ryan Fairchild, a 17-year defense and intelligence industry veteran, has joined Novetta as vice pres
Illumio Appoints James Love as Chief Revenue Officer (GlobeNewswire) Industry Veteran Joins Illumio to Lead All Revenue-Generating Operations and Strengthen Channel Program
Products, Services, and Solutions
Cybrary Offers 7 Free Courses to Encourage Cybersecurity and IT Education in the Wake of COVID-19 (PR Newswire) Cybrary, the world's largest online cybersecurity career development platform, today announced it is offering seven free courses for the month...
Onfido sees record adoption of its identity verification technology announcing 264% year-over-year US growth (Onfido) Fueled by key business wins, new $100M funding and key executive hires
Imperva Unveils Cloud Data Security Solution for Cloud Data Compliance in Minutes (Imperva) New SaaS offering provides customers with the fast path to security and compliance controls over data in the cloud without halting digital transformation journeys
KnowBe4’s “The Inside Man” Series Wins 2020 NYX Video Award (GlobeNewswire) Binge-worthy, Netflix quality series is the gold winner in the e-learning category
If Your Password Is ‘Password,’ You Need This App (The Daily Beast) Keeper Security will help keep you and your family safe from password-related data breaches and cyberthreats.
SANS Institute intros online gamified learning experience with CyberStart game (ITP.net) The initiative aims to develop cybersecurity experts to teach complex security concepts promoting self-exploration and investigation over traditional learning methods
SANS partners with Elevate Security to shift the industry paradigm to solve for the human element (Help Net Security) SANS Institute partners with Elevate Security, a human risk management platform nominated by RSA Conference as a top ten most innovative startup.
Imperva Unveils Cloud Data Security Solution for Cloud Data Compliance in Minutes (GlobeNewswire) New SaaS offering provides customers with the fast path to security and compliance controls over data in the cloud without halting digital transformation journeys
Xage Security Introduces the First Universal Multi-Factor Authentication for Industrial Operations (StreetInsider.com) Today, Xage Security introduces a new universal Multiple-Factor Authentication (MFA) offering, enabling industrial organizations to protect their entire operation, across a variety of assets even those...
Google open-sources network security scanner Tsunami (Computing) The project code was released on GitHub last month
Technologies, Techniques, and Standards
Responsible Use of Positioning, Navigation and Timing Services (NIST) President Trump recently signed the Executive Order (EO) on Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services...
()
How cyber warfare laws limit risk on a digital battleground (SearchSecurity) It's impossible to be bulletproof from cyber war attacks and collateral damage, but organizations can improve survivability by implementing key cyber warfare laws to bolster their security strategies. Retired Navy cryptologist and author Chase Cunningham explained how in this book excerpt.
Accelerate CMMC Compliance with NIST and DFARS (Security Boulevard) The CMMC’s goal is to strengthen the cybersecurity of defense contractors, especially for the numerous small and medium-sized organizations. Many companies however are wondering how they can get started on the path towards compliance. We recently spoke with Jonathan Hard of H2L Solutions on this very topic. Jonathan’s company focuses on helping clients develop The post Accelerate CMMC Compliance with NIST and DFARS appeared first on PreVeil.
()
How to Protect a New Computer from Harm (Hacked) Getting a new computer can be an exciting time, but you shouldn’t let your guard down. When you first get your new PC or laptop, you need […]
Design and Innovation
Descartes Labs to provide data fusion platform to the Air Force (C4ISRNET) The company's geospatial analytics platform will ingest and fuse data from multiple sources, including satellite sensors, to provide near-real-time analytics for the U.S. Air Force.
Academia
UCCS now a founding member of the Space ISAC (UCCS Communique) UCCS joins organizations including Lockheed Martin, Booz Allen Hamilton and Northrop Grumman in facilitating collaboration across the global space industry.
Legislation, Policy, and Regulation
Beijing Launches a Global Assault on Free Speech (Foreign Policy) Hong Kong’s cruel new law doesn’t just affect the city.
Hong Kong's Security Law Puts Big Tech at a Crossroads (Wired) As China exerts more power over the city, companies like Facebook and Google have stopped handing over data—for now.
U.S. Sanctions Chinese Officials Over Alleged Human Rights Abuses in Muslim Xinjiang Region (Wall Street Journal) The sanctions on senior officials in China’s Xinjiang region accuse them and the region’s police of being complicit in human-rights violations against the Muslim population in northwest China.
U.S. Imposes Sanctions on Chinese Officials Over Mass Detention of Muslims (New York Times) The measure, over human rights abuses against mainly the Uighur ethnic group, is likely to ratchet up tensions between Washington and Beijing.
China says it will hit back against new U.S. sanctions over Uighur rights (Reuters) China said on Friday it would take "reciprocal measures" against the United States after Washington imposed sanctions on senior Chinese officials over alleged human rights abuses against the Uighur Muslim minority.
German intel warns against giving data to Chinese tech firms (AP NEWS) Germany's domestic intelligence agency is warning consumers that personal data they provide to Chinese payment companies or other tech firms could end up in the hands of China's...
Ottawa likely to follow U.S., U.K. national security bans of Huawei, experts say (Global News) As Canada's allies ban Huawei odds that Ottawa will take similar actions are increasing.
Greg Clark ties Huawei’s UK boss in knots (The Telegraph) UK's Huawei VP Jeremy Thompson insists staff 'free to express views, but says he has no opinion on Hong Kong
UK risks throwing away relationship with China, says Huawei's UK boss (The Telegraph) UK operators may be forced to begin stripping out Huawei kit from 5G networks as soon as the end of this year
UK cyber security centre continuing work on Huawei, says PM's spokesman (Investing.com) UK cyber security centre continuing work on Huawei, says PM's spokesman
BT, Vodafone Need 5 Years to Drop Huawei Without ‘Blackouts’ (Bloomberg) Could cost Vodafone lower end of “single-figure billions”. BT has trialled swapping Huawei antenna to Nokia, Ericsson.
Exclusive: TIM excludes Huawei from 5G core equipment tender in Italy, Brazil (Reuters) Telecom Italia (TIM) has excluded China's Huawei Technologies from a tender for 5G equipment for the core network it is preparing to build in Italy and Brasil, two sources familiar with the matter said on Thursday.
U.S. government may finalize ban on federal contractors using equipment from Huawei this week (TechCrunch) The Trump administration is set to finalize regulations this week that ban the United States government from working with contractors who use technology from five Chinese companies: Huawei, ZTE, Hikvision, Dahua and Hytera Communications, according to a Reuters report. The ban was first introduced …
US government’s Huawei ban moving too fast, contractors say (Defense News) Trade groups say that companies, still reeling from the economic effects of the coronavirus pandemic, need more time to comply with a ban on Chinese tech.
TIA promises to end the Huawei security debate, once and for all (Light Reading) TIA is building a global standard and benchmarking tool that can measure the risks present in each vendor's supply chain in real time.
Can the Trump Administration Really Ban TikTok? (New York Magazine) The proxy conflict between China and the United States over the shape of the internet continues, even in the midst of a pandemic.
Ajit Pai is making lots of enemies on the road to 5G (POLITICO) In moving to free up Wi-Fi and bolster superfast service, Pai has alienated some industries, congressional committees and Trump Cabinet leaders.
U.S. Secret Service Shares How Crypto Is Viewed From A Law Enforcement Perspective (Forbes) "How the crime was committed, via crypto or not, or what form of money was stolen, is often irrelevant to the prosecution and therefore not quantified for statistical purposes...more study is needed on the benefits and drawbacks of doing so." Jonah Hill, Senior Cyber Policy Advisor, Secret Service
Litigation, Investigation, and Law Enforcement
Supreme Court will review Facebook's unsolicited text appeal (NASDAQ:FB) (Seeking Alpha) The Supreme Court agrees to hear Facebook's (NASDAQ:FB) appeal of a lawsuit accusing the social networking giant of violating federal law by sending users unsolicited text messages.Last summer, a federal appeals court decision revived the class action suit.
Justices Set To Rattle TCPA Landscape With Autodialer Case (Law360) The U.S. Supreme Court on Thursday jumped into the raging debate over what qualifies as an autodialer under the Telephone Consumer Protection Act, a move that's widely expected to determine whether robocall and text message litigation that exposes companies to hefty statutory penalties dries up or continues to boom.
()
()
Microsoft takes legal action against COVID-19-related cybercrime - Microsoft on the Issues (Microsoft on the Issues) Today, a U.S. court unsealed detaiils of Microsoft’s work disrupting cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers around the world. Our civil case has resulted in a court order allowing Microsoft to seize control of key domains so they can no longer be used to execute cyberattacks.
Microsoft sues to halt COVID-19 hackers: (Becker's Hospital Review) Microsoft is taking legal action to prevent cybercriminals from defrauding its users worldwide.
Secret Service merging electronic and financial crime task forces to combat cybercrime (CyberScoop) The Secret Service is combining its Electronic Crimes and Financial Crimes Task Forces into one unified network amid a broader reorganization.
IBM Counsel and Others Weigh Slack's Impact on Corporate Investigations (Corporate Counsel) A Hanzo webinar held Thursday looked at how the prevalence of collaboration platforms like Slack are impacting corporate investigations. While the process is more or less the same, investigators will likely find themselves with a lot more surface area to cover and potentially some new leads.
Exclusive: Google can ward off EU antitrust probe into Fitbit deal with data pledge (Reuters) Google may be able to stave off a full-scale EU antitrust investigation into its planned $2.1 billion bid for Fitbit by pledging not to use Fitbit's health data to help it target ads, people familiar with the matter said.
Illinois Auditor General finds 'weakness in cybersecurity' within IDES from 2017-2019 (WREX) The Illinois Auditor General has released a two year compliance report for the state's Department of Employment Security.