Cyber Attacks, Threats, and Vulnerabilities
Russia's GRU Hackers Hit US Government and Energy Targets (Wired) A previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus.
Federal agencies warn foreign hackers are targeting critical infrastructure (TheHill) The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that foreign hackers are attempting to target U.S.
NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems | CISA (US-CERT) Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations.
Protect Operational Technologies and Control Systems against Cyber Attacks (CISA) Cyber actors have demonstrated their willingness to conduct cyber attacks against critical infrastructure by exploiting Internet-accessible Operational Technology (OT) assets. Due to the increase in adversary capabilities and activities, the criticality to U.S. national security and way of life, and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign powers attempting to harm to US interests or retaliate for perceived US aggressive.
Who is behind APT29? What we know about this nation-state cybercrime group (The Daily Swig) APT29 has been accused of targeting coronavirus vaccine organizations, but this is not the first time the group has attracted global attention
Could Large-Scale IIoT Failures Be on the Horizon? (BankInfo Security) The rapid pace of change in the industrial internet of things means organizations will have to pay close attention to security, according to a new report from the
Cyber Team Affiliated With Iran-Backed Factions In Iraq Hacks U.S.-Based Iraqi-American YouTuber (MEMRI) On July 22, 2020, Sabreen News, a Telegram channel affiliated with Iran-backed factions in Iraq, published a statement on behalf of Ma'sida [i.e. lions] Cyber Team, in which it claimed responsibility for the hacking of the social media accounts of Anas Ebraheem, an Iraqi-American social media influencer.[1]
Garmin services and production go down after ransomware attack (ZDNet) Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident.
Garmin knocked out by ransomware attack (Graham Cluley) Will fitness tracker manufacturer be able to step up its security?
()
Spanish state-owned railway infrastructure manager ADIF infected with ransomware (Security Affairs) ADIF, a Spanish state-owned railway infrastructure manager under the responsibility of the Ministry of Development, was hit by REVil ransomware operators. Administrador de Infraestructuras Ferroviarias (ADIF), a Spanish state-owned railway infrastructure manager was hit by REVil ransomware operators. ADIF (Administrador de Infraestructuras Ferroviarias) is charged with the management of most of Spain’s railway infrastructure, that is the track, signaling and stations. It was formed in 2005 […]
Connecting Kinsing malware to Citrix and SaltStack campaigns (Red Canary) Red Canary Intel traced a Kinsing malware campaign to some Citrix ADC exploits, with help from a Monero wallet address and Shakespeare’s Hamlet.
White Ops Uncovers Advanced Mobile App Ad Fraud Scheme (AdExchanger) White Ops has uncovered a mobile ad fraud operation with unusually sophisticated and patient tactics to embed itself in mobile phones, the company said Thursday. The investigation, dubbed CHARTREUSEBLUR (most of the 29 perpetrating apps used “blur” in the name, and apparently the White Ops threat research team is fond of the liqueur chartreuse), rounded... Continue reading »
Malware of the Day - Taidoor - Active Countermeasures (Active Countermeasures) What is Malware of the Day? Malware of the Day: TAIDOOR Lab Setup Malware: Taidoor AKA: The Taidoor Campaign, a BKDR_SIMBOT […]
OnePlus' latest security blooper is arguably its silliest one yet (Android Authority) It might seem minimal, but this could lead to future security headaches for hundreds of OnePlus customers.
App for Chinese DJI drones could give hackers full control of users' phones, researchers say - CyberScoop (CyberScoop) The Android application used to operate drones from DJI, a Chinese firm, could allow hackers gain full control of users’ phones, researchers say.
Popular Chinese-Made Drone Is Found to Have Security Weakness (New York Times) Researchers found a potential vulnerability in an app that helps power the drones, highlighting U.S. officials’ concerns that Beijing could get access to information about Americans.
The Cybersecurity 202: Drone vulnerabilities add to U.S.-China spying tensions (Washington Post) Researchers are warning about cybersecurity vulnerabilities in an Android app that powers a popular Chinese-made drone they say could help the Chinese government scoop up reams of information.
Exclusive: More than 1,000 people at Twitter had ability to aid hack of accounts (Reuters) More than a thousand Twitter employees and contractors as of earlier this year had access to internal tools that could change user account settings and hand control to others, two former employees said, making it hard to defend against the hacking that occurred last week.
Twitter CEO apologizes for hack, confirms some private messages were accessed (Washington Post) Twitter said the direct messages of 36 accounts were accessed in the security breach last week
Dutch lawmaker Wilders says Twitter hack could expose dissidents (Reuters) A Dutch politician whose "verified" Twitter account was among those taken over by hackers this month told Reuters on Thursday the company believes his private messages had been accessed, potentially exposing dissidents in other countries.
Twitter Cryptocurrency Scam Echoes Previous Schemes on YouTube (Bloomberg) Lawsuit alleges YouTube accounts targeted with phishing emails. Crypto companies worry scams give digital currency a bad rap.
Several universities in UK, US and Canada hit by malware attack; data lost (WION) Almost 10 universities in the United Kingdom, the United States of America and Canada have been hit by a malware in their cloud computing provider, Blackbaud.
UK universities lose data to ransomware attack (BBC News) At least seven UK universities and one in Canada were affected by attack on a cloud computing provider.
At least seven British universities hit by ransomware attack on cloud provider (Computing) Cloud services provider Blackbaud paid a ransom after being promised stolen data would be destroyed
Could we see an increase in ransomware attacks at colleges? (WBEN 930am) As many colleges and universities around the country are moving to at least some form of online module come fall, can we expect similar attacks at a greater rate?
Raft of Healthcare Breaches Continue (Bitdefender Business Insights) Raft of Healthcare Breaches Continue
‘Curveball’ cyber attack leaves Australian TV networks in the dark (The Sydney Morning Herald) Broadcasters may have to wait until next week for ratings to resume.
Schneider Electric Triconex TriStation and Tricon Communication Module (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Schneider Electric
Equipment: Triconex TriStation and Triconex Tricon Communication Module
Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption, Hidden Functionality, Improper Access Control
2.
Nine cyberattacks that will remind you of your ex (Atlantic Council) Just as you should be wary of reconnecting with someone who should probably be left in the past, keep an eye out for an increase in cyber incidents.
Let’s Talk About TikTok (Black Hills Information Security) Derek Banks // I recently heard something on the news that caught my attention. I suppose that isn’t abnormal these days, but this in particular was the first time I had heard of anything like it. The US Government was considering banning a popular application in use on mobile devices. Not just on government devices, […]
()
Cyber-attack warning before summer transfer window (Sky Sports) Football clubs have been urged to review their cyber security before this summer's transfer window after a Premier League club nearly lost £1m in a hacked deal.
Email Security Features Fail to Prevent Phishable 'From' Addresses (Dark Reading) The security features for verifying the source of an email header fail to work together properly in many implementations, according to a team of researchers.
Security Patches, Mitigations, and Software Updates
Patch released for Cisco ASA firewall vulnerability discovered by Positive Technologies (Positive Technologies) Patch released for Cisco ASA firewall vulnerability discovered by Positive Technologies
Cyber Trends
Cybersecurity in the Pandemic: Part II (CyberVista) Halfway through 2020, the United States is exeriencing extremely high unemployement rates. However, cybersecurity job growth is back in full force
Barracuda research uncovers a specialized economy emerging around email account takeover (Barracuda Networks) New report looks at how scammers are getting access to email accounts, how they’re using compromised accounts, and how businesses can protect against these attacks
Spear Phishing: Top Threats and Trends Vol. 4 (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.
A third of millennials think they're 'too boring' to be victim of cyber attack (Security Brief) While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.
Marketplace
()
Fortinet's Latest Acquisition Is Further Proof Cloud Is the Future of Cybersecurity (The Motley Fool) The quiet cybersecurity leader continues to build on its lead in a new era.
Invicti Security Delivers Another Quarter of Outstanding Results (PR Newswire) Invicti Security™, a leader in Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) today announced...
Manchester to launch cybersecurity innovation hub (Smart Cities World) An operator is currently being sought for the Manchester Digital Security Innovation Hub, which will be based in Heron House, alongside GCHQ.
IAI Welcomes Siemplify to the Israeli Cyber Consortium (Israel Defense) The new member's platform is seen as amplifying the capabilities of the group to offer national-scale cyber solutions to countries around the world
NSO Group Pitched Its Spyware to the Secret Service (Vice) Emails obtained by Motherboard show the U.S.-branch of NSO Group was pitching its product to U.S. agencies as recently as 2018.
Internal Google Program Taps Data on Rival Android Apps (The Information) When YouTube was planning the rollout of its rival to TikTok in India earlier this month, employees turned to a valuable source of market research: how people in the country were using TikTok and its competitors on Android, the mobile operating system controlled by YouTube parent company ...
“Facebook Is Hurting People At Scale”: Mark Zuckerberg’s Employees Reckon With The Social Network They’ve Built (BuzzFeed News) As the US heads toward a crucial and contentious presidential election, the world's largest social network is facing an unprecedented cultural crisis.
Products, Services, and Solutions
Digital Guardian Achieves SOC 2 Certification (AiThority) Digital Guardian, a leader in data loss prevention, announced the successful completion of its Service Organization Control (SOC) 2 certification
Cyware Partners with Sixgill to Deliver Proactive Threat Intelligence Solution (PR Newswire) Cyware, the leading provider of threat intelligence and cyber fusion solutions, today announced a new partnership with Sixgill, a leading...
CRITICALSTART's TEAMARES Launches DeimosC2 (PR Newswire) TEAMARES, the offensive security and incident response arm of CRITICALSTART, a leading provider of Managed Detection and Response (MDR)...
Tanium Brings Intelligence to the Edge with Zero-Infrastructure Endpoint Management and Security (Dark Reading) Tanium as a Service provides enterprise-grade visibility and control across complex distributed environments for both IT operations and security.
SBRC ethical hacker to provide "offensive security" advice to Scots firms (Digit) The SBRC has appointed a new ethical hacker to help provide "offensive security" advice for businesses across the country.
Cyberfish Delivers Real-Time In-Attachment Phishing Detection (MSSP Alert) Cyberfish adds a real-time in-attachment phishing detection module to its cybersecurity solution for MSSPs, MSPs and small & medium-sized businesses (SMBs).
Technologies, Techniques, and Standards
An Updated Guide to Do-It-Yourself Network Segmentation (Bishop Fox) Bishop Fox's updated guide to do-it-yourself network segmentation shows how to practically and inexpensively ensure network security for home or business .
Memes, the pandemic and the new tactics of information warfare (C4ISRNET) The COVID-19 pandemic is evidence that Russia and China have accelerated adoption of their age-old influence and disinformation tactics to the modern era, national security experts and military leaders said.
Pandemic Pushes DISA to Take Zero Trust Approach to Cybersecurity (MeriTalk) To help secure the scattered telework environment, the Defense Information Systems Agency (DISA) has switched to a zero-trust architecture to protect its network from adversaries.
You own your cloud's security—so lock it down (TechBeacon) By understanding the why, you can adapt your approach and harden your cloud security posture. Here's how.
Passwords for everything. Why are they still terrible? (CIO Dive) Passwords are the cockroaches of cybersecurity, yet the methods for managing them don't have to live forever.
Design and Innovation
US Air Force seeks research to boost operational technology’s cybersecurity (C4ISRNET) The service is looking for assistance in defensive and possibly offensive cybersecurity of operational technology.
Facebook is simulating users’ bad behavior using AI (The Verge) Facebook simulates spam, scams, and selling drugs using AI
Facebook tests a new Page design with a cleaner layout and no more ‘Like’ button (TechCrunch) Facebook is testing a new design for Facebook Pages that will, among other things, remove the “Like” count, offer a cleaner and more readable layout, and make it easier for those who operate Pages to actually use and manage them. These features and others were initially tested with a sm…
Research and Development
U.S. hatches plan to build a quantum Internet that might be unhackable (Washington Post) The new network would sit alongside the existing Web, offering a more secure way to send and process information
In Push for Better Cybersecurity, U.S. Energy Department Outlines a National Quantum Internet (Wall Street Journal) The project will be funded by a portion of the $1.275 billion budget allocated as part of President Trump’s National Quantum Initiative, an effort to accelerate research and development in quantum information science.
Legislation, Policy, and Regulation
TikTok Really Is the Central Front in the U.S.-China Tech War (Foreign Policy) The video app has gone viral worldwide—and will set the precedent for how free societies handle China’s social networks.
China orders U.S. to shut Chengdu consulate, retaliating for Houston (Reuters) China ordered the United States to close its consulate in the city of Chengdu on Friday, responding to a U.S. demand this week that China close its Houston consulate, as relations between the world's two largest economies deteriorate.
What a Shift in Britain's Foreign Policy Means for the US (Defense One) Britain seems to be rejoining the fray, thinking strategically again.
With Cold War Language, Pompeo Defines Trump’s Plan for ‘Totalitarian’ China (Defense One) In the fourth major China policy speech by administration leaders in the past month, Pompeo says the US can’t go back to the era of engagement.
Here’s Why Australia Is Spending $1.35 Billion On Cybersecurity (TechBullion) Cybersecurity is something that all Australians – both in business and in their personal lives – need to take more seriously now than ever before. The Australian government recently announced that it would be investing $Aus1.35 billion in cybersecurity over the next decade in the wake of an increased number of attacks targeting the country. […]
New York bans use of facial recognition in schools statewide (VentureBeat) New York state passed legislation that would ban the use of facial recognition in schools, if signed by Governor Andrew Cuomo.
DOD's cyber chief to exit this month (FCW) The Pentagon’s lead cybersecurity expert, Jack Wilmer, is leaving his post for an industry role at the end of July.
()
Litigation, Investigation, and Law Enforcement
Spyware Firm NSO Again Tries to Squash Facebook WhatsApp Suit (Bloomberg Law) Israeli spyware maker NSO Group is trying to overturn a federal court decision that let Facebook Inc. and its WhatsApp platform move forward with a lawsuit alleging that NSO targeted 1,400 users with malware.
Brussels Report: Privacy Regulators Worry About Volume of New Work From EU Data Ruling
(Wall Street Journal) A ruling by the European Union’s top court complicates how companies transfer data outside the bloc, and has also introduced a number of new headaches for the people tasked with ensuring the rules are followed.
The unacknowledged trauma of Facebook’s foreign content moderators (Rest of World) Thousands of foreign moderators keep the worst content off Facebook but receive little support for the traumatic work. Could that change?
EU demands major concessions from Google over Fitbit deal (Ars Technica) Pledge required that health data will not be used to improve search engine.
Facebook adds $100 million to facial recognition settlement (Fortune) Facebook users in Illinois can expect to collect $200 to $400.
Facebook Proposes $650 Million to Settle Biometric Privacy Case (Bloomberg) Facebook Inc. proposed increasing its settlement offer to $650 million to resolve a lawsuit in which users claim the company illegally gathered biometric data through a photo-tagging tool.
4 Experts Agree: Craig Wright's Latest Cryptography Claims Are 'Nonsense' (CoinDesk) We asked four expert cryptographers about Craig Wright’s “cryptographic evidence” that he is Bitcoin’s creator Satoshi Nakamoto. They aren't buying it.