Vigilante vs. Emotet. Fintech breach. Garmin ransomware said to be WastedLocker. Cloudflare user list exposed. Influence ops.

Cyber Attacks, Threats, and Vulnerabilities

Russia’s GRU hackers hit US government and energy targets (Ars Technica) A previously unreported Fancy Bear campaign persisted for well over a year.

Cozy Bear: Russian cyberthreat to COVID-19 vaccine research identical to a skilled intrusion in 2016 US elections (Tech2) While some patriotic hackers in Russia may indeed operate independently of Moscow, others seem to have strong ties to national intelligence services.

OT networks pose growing cyber risk (IT-Online) The security of operational technology (OT) networks are a growing concern as it involves the world’s factories, utilities, healthcare, public transportation companies, energy facilities, and more–all of which have seen an enormous transformation in recent years. However, along with these efficiency gains–including supervisory control and data acquisition (SCADA) systems that are now connected to the […]

US Intelligence Official Warns of Foreign Interference in US Elections (Voice of America) The director of the U.S. National Counterintelligence and Security Center has warned that Russia, China, Iran and other countries are meddling in U.S. political campaigns as the November 3 general election draws closer. “We see our adversaries seeking to compromise the private communications of U.S.

Yaël Eisenstat: 'Facebook is ripe for manipulation and viral misinformation' (the Guardian) The ex-CIA officer on why she lasted only six months at Facebook and her fears about its role in the forthcoming US election

Report suggests local election officials’ emails could be at risk for phishing attempts (The Verge) Foreign hackers have already tried to target the emails of Trump and Biden campaign staffers

Phishing Election Administrators (Area 1 Security) New analysis of 10,000 state and local election administrators’ email security reveals phishing and cyberattack risks ahead of Election Day.

NCCC detects data leakage from Cloudflare service threatening security of public, private resources (Interfax-Ukraine) Specialists of the National Coordination Center for Cybersecurity at the National Security and Defense Council of Ukraine (NSDC) have detected in DarkNet a list of almost 3 million websites that use Cloudflare service to protect against DDoS and a number of other cyberattacks.

3 million sites that use Cloudflare exposed (The Cyber Shafarat - Treadstone 71) Quote: This was reported by the National Security and Defense Council of Ukraine. The so-called DarkNet has published a list of almost 3 million sites that use Cloudflare to protect against DDoS and other attacks. According to the National Security and Defense Council, the list merged into DarkNet contains real IP-addresses of sites, which posesContinue reading "3 million sites that use Cloudflare exposed"

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs (ZDNet) Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure.

A mysterious vigilante is sabotaging one of the world’s most dangerous malware strains (TechRadar) Emotet malware payloads replaced with animated GIFs

Cerberus banking Trojan team breaks up, source code goes to auction (ZDNet) The Android malware’s operator is hoping the code and client list will net them up to $100,000.

Cerberus Android malware source code offered for sale for $100,000 (BleepingComputer) The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money.

CISA confirms hackers are exploiting F5 flaw on federal and private networks (CyberScoop) CISA said the unidentified malicious hackers had for weeks been scanning federal agencies’ networks for a flaw in a popular software made by F5 Networks.

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902 (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902 on June 30, 2020.[1] Unpatched F5 BIG-IP devices are an attractive target for malicious actors.

Dave data breach affects 7.5 million users, leaked on hacker forum (BleepingComputer) Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums.

Tech unicorn Dave admits to security breach impacting 7.5 million users (ZDNet) Dave user data is now available for download on a public hacking forum.

US Fintech Giant Dave Admits Customer Data Breach (Infosecurity Magazine) Over 7.5 million records published on dark web forum

Source code from dozens of companies leaked online (BleepingComputer) Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure.

Garmin services returning after alleged cyber-attack (BBC News) The popular GPS brand appears to be partly up and running after a weekend-long outage.

Garmin wearables back online after reported cyberattack (Silicon Republic) Sources have said that Garmin was targeted in a cyberattack using WastedLocker ransomware, which resulted in an outage in its fitness tracking service.

Garmin outage caused by confirmed WastedLocker ransomware attack (BleepingComputer) Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage.

This Russian hacker is likely behind ransomware attack on Garmin (India Today) Garmin is battling a ransomware attack and is struggling to take control of its networks. Now details emerge of a 33-year-old Russian hacker, Maksim Yakubets, who is likely behind it.

Garmin 'ordered to pay $10m by Russian hackers to end four-day cyber attack' (The Sun) RUSSIAN hackers Evil Corp reportedly ordered Garmin to pay $10million to end a debilitating ransomware attack that has left millions of customers unable to use their devices for four days. The GPS …

Will Garmin pay $10m ransom to end ransomware attack with 3 day outage (Mail Online) Garmin is being asked to pay a $10 million ransom after a cyberattack has taken down its systems and apps including its website for five days. Maksim Yakubets, 33, is believed to be behind it.

Charities hit by Blackbaud ransomware attack (Third Sector) YoungMinds, which was caught up in the breach, urges supporters to be wary of unexpected communication

Homeless Charity Crisis Suffers Data Breach Via Software Vendor Blackbaud (Fr24) A leading homeless charity has become the latest victim in a major data breach that has seen six UK universities and several businesses attacked by hackers.

University of Sussex confirms it was victim of Blackbaud cyber-attack (Sussex Express) The University of Sussex has confirmed it was a victim of a cyber-attack that compromised a software supplier around the world.

University of Reading hacked and data stolen for ransom (Reading Chronicle) NEWS that the University of Reading was hacked and its data held for ransom has led to a statement being issued to the public by officials this week.

Blackbaud university ransomware – the danger of supply chain attacks (TechHQ) A reminder of the risks of supply chain attacks has been dealt, with more than 20 universities victim to a cyber-attack via cloud provider Blackbaud.

A question of trust: University and supplier on the hook for data breach (ComputerWeekly.com) Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions.

Fall-Out from Blackbaud Ransomware Attack (The National Law Review) As a follow-up to last week's post on the importance of due diligence regarding high-risk vendors&rsquo; security practices, Blackbaud, a global company providing financial and fundraising...

Security Incident (Blackbaud) The Cybercrime industry represents an over trillion-dollar industry that is ever-changing and growing all the time—a threat to all companies around the world.

Ministry of Justice potentially caught up in research company hack (1 NEWS) Police admitted last week the hack may have compromised contact details of people who have called them.

Sports team nearly paid a $1.25m transfer fee… to cybercrooks (Naked Security) If a crook is already inside your email, occasionally adding in believable emails of their own… how on earth do you spot the fake ones?

PayPal scam: Major warning issued after fraudsters pose as payment website (Bournemouth Echo) A major warning has been issued of a scam involving fraudsters posing as payment website PayPal.

The Cold War Bunker That Became Home to a Dark-Web Empire (The New Yorker) An eccentric Dutchman began living in a giant underground facility built by the German military—and ran a server farm beloved by cybercriminals.

Hackers create specialised economy around hijacked email data (Telangana Today) More than one-third of the hijacked accounts analysed by researchers at Barracuda, a leading provider of cloud-enabled security and data protection solutions, had attackers dwelling in the account for more than one week.

Security Patches, Mitigations, and Software Updates

ASUS routers could be reflashed with malware – patch now! (Naked Security) Responsible disclosure means the bugs are already fixed – but don’t forget to check that you applied the patch.

Cyber Trends

The First Digitally Literate Country (Medium) In response to a 2007 Russian cyberattack, the Estonian government made cybersecurity education and the expansion of digital services…

Over 30 years after the ‘first’ attack, the cyber threat landscape reaches the next evolution: offensive AI - teiss (teiss) The world’s’ first cyber-attack’ hit the headlines in 1988. It was the Morris Worm – a personal project of the Harvard graduate Robert Tappan Morris which came to infect an estimated 10% of the 60,000 computers online at the time, prompting a seismic shift in attitudes to computer security.

Most Famous Hacking Groups of 2020 (Technowize) These famous hacking groups with their technical knowledge use bugs or exploits to break into several computer systems.

Hackers Are Teaming Up to Compromise Your Email | CDOTrends (CDOTrends) A new underground economy is flourishing thanks to poor email practices.

What causes employees to create cybersecurity incidents? - (Enterprise Times) Tessian has looked at the psychology of human error when it comes to cybersecurity mistakes. Is your business failing to support its employees?

Marketplace

Israeli cloud security startup Mitiga gets $7 million in seed funding for incident response tech stack and service (Tech.eu) Israeli cloud security startup Mitiga has raised $7 million in seed funding to scale its ‘incident response’ (IR) technology and service. The round was joined by Clearsky Security, Glilot Capital, Flint Capital, Rain Capital and DNX Ventures. The company has created an incident readiness and response tech stack, which is customised to each client’s organisation. …

CYSEC raises USD 531,000 for cybersecurity solution (Digital Ship) Start-up CYSEC has received a Tech Growth loan of 500,000 Swiss francs (approximately USD 531,000) from the Foundation for Technological Innovation (F...

Changes to Fifth Domain’s cyber coverage (Fifth Domain) The Fifth Domain newsletter will come out every Tuesday, as opposed to every business day.

WSJ News Exclusive | Google to Keep Employees Home Until Summer 2021 Amid Coronavirus Pandemic (Wall Street Journal) The tech giant will keep its employees home until at least next July, people familiar with the matter said, making the search-engine giant the first major U.S. corporation to formalize such an extended timetable.

Intel weighs exit from manufacturing chips (Seattle Time) Intel CEO Bob Swan spent almost an hour on Thursday discussing an idea that would once have been unthinkable for the world’s largest semiconductor company: Not manufacturing its own chips. Intel’s shares tumbled 16% on Friday.

Harvard University Just Sent a Huge Buy Signal for These 3 Cybersecurity Stocks (The Motley Fool) Pay attention to this move from America's oldest and richest university.

The 'i' in iPhone 11 now stands for India-made: Apple for the first time makes a top-of-the-line model in the country (The Economic Times) The company hasnt cut prices as it also sells iPhone 11 handsets made in China in India but industry executives said that could be an option later on. Local production saves Apple 22% import duty.

Ahead of testimony, Facebook, Twitter, Snapchat under fire from Presidential campaigns (NASDAQ:FB) (Seeking Alpha) Technology companies are due to speak to Congress about competition concerns next week, and will likely struggle to get a sympathetic ear in the next Administration, regardless of which party wins, if recent advertising on social media is any indication.

Darktrace drops Nicole Eagan as dual chief executive ahead of float (The Telegraph) Darktrace is planning an IPO that could value it at £2bn

Panaseer appoints industry leaders as it gears for growth (WFMZ) Panaseer, an enterprise cybersecurity company, has established a new world-class Advisory Board that includes prominent figures in leadership, sustainability, business and

KnowBe4's Perry Carpenter Accepted Into Forbes Business Council (Yahoo) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced that Perry Carpenter, chief evangelist and strategy officer, has been accepted into the Forbes Business Council, the foremost growth and networking organization for successful

Products, Services, and Solutions

New CyberSaint Updates Empower Organizations to Dynamically Manage Cybersecurity and IT Risk Across the Risk Management Lifecycle (BusinessWire) Updates to the CyberStrong platform allow customers to dynamically manage their unique Organizational, Strategic, and Business Process risk posture

Forcepoint Dynamic Edge Protection Delivers Industry's First True Data-Centric SASE Solutions (Yahoo) Global cybersecurity leader Forcepoint today announced the introduction of its Dynamic Edge Protection suite of cloud-native SASE solutions featuring new Cloud Security Gateway and Private Access offerings. With today's introduction, Forcepoint is delivering the industry's most comprehensive

Leavemark Social and Data Storage Hybrid App Launches to Android Users (WFMZ.com) Leavemark, a recently launched Facebook rival, offers an ad-free data storage and social media hybrid app that enables users to archive life's most

Dragos and Fortinet Partner to Broaden Cybersecurity Across Industrial Networks (BusinessWire) Dragos and Fortinet Partner to Broaden Cybersecurity Across Industrial Networks

Infinigate Partners with SentinelOne To Rapidly Accelerate Next-Generation Cybersecurity Growth Across Europe (Yahoo) SentinelOne, the autonomous cybersecurity platform company, today announced it has signed a distribution agreement with Infinigate, one of the leading Value Added Distributors (VAD) for cybersecurity solutions in Europe. The partnership enables SentinelOne to attract additional resellers and leverage

Forcepoint Dynamic Edge Protection Delivers Industry's First True Data-Centric SASE Solutions (PR Newswire) Global cybersecurity leader Forcepoint today announced the introduction of its Dynamic Edge Protection suite of cloud-native SASE solutions...

Technologies, Techniques, and Standards

How firms are keeping staff and secrets safe from hackers now everyone is working remotely (CNBC) Security chiefs from McLaren, Revolut, and Facebook explained what they're doing to keep their companies safe during the lockdown.

How California election officials are fighting disinformation (High Country News) Authorities expect widespread false information campaigns ahead of the November election.

Differential Privacy for Privacy-Preserving Data Analysis: An Introduction to our Blog Series (NIST Differential Privacy Blog) Does your organization want to aggregate and analyze data to learn trends, but in a way that protects privacy? Or perhaps you are already using differential privacy tools, but want to expand (or share) your knowledge? In either case, this blog series is for you.

Academia

It's time to tap the next generation of cyber defenders (Help Net Security) Cybercriminals accelerate the sophistication of their attack methods. A solution for organizations may lie in the next generation of cyber defenders.

Legislation, Policy and Regulation

Australian Cyber Security Centre, DTA unveil new rules for secure cloud services (iTWire) New guidelines have been released by the Australian Cyber Security Centre and the Digital Transformation Agency to enable the adoption of secure cloud services across the public and private sector. These guidelines are intended to replace the old Cloud Services Certification Program and the Informat...

Afridi condemns draconian laws to shrink cyber space for Kashmiris (Brecorder) Chairman of the Parliamentary Committee on Kashmir Shehryar Khan Afridi has condemned the draconian laws...

A Cultural Revolution 2.0 is sweeping through Hong Kong’s offices and schools (Quartz) Doctors, civil servants, and teachers describe an unprecedented wave of political repression as words and actions are monitored for anti-government sentiment.

Huawei's 5G equipment pose no security risk: LG Uplus - ET Telecom (ETTelecom.com) Faced with mounting pressure to replace Huawei 5G equipment, South Korean telecom giant LG Uplus has stressed the Chinese firm's telecom equipment doe..

Opinion | Europe’s Huawei Stumbling Block (Wall Street Journal) Will Germany choose narrow self-interest over the West’s security?

France says it’s not banning Huawei, though phaseout is underway (Press Herald) The pressure to reverse course comes from the U.S., which has warned that Huawei's systems could be infiltrated by hackers or hostile states.

The UK’s Huawei decision is emblematic of the new tech Cold War (NS Tech) <p>After months of prevaricating, the UK recently made the decision to lock Chinese telecoms company Huawei out of its 5G network. In January, the UK had decided to limit the company’s share of the ne

US dangles financial aid to anti-Huawei campaign in Asia (Nikkei Asian Review) Washington urges Japan and Australia's cooperation on 'clean' 5G paths

Both the UK and the US have cancelled Huawei. Should NZ be next? (The Spinoff) Huawei is stoking tensions overseas, causing some countries to ban its technology from their 5G networks. But what does that mean for us? Last week the UK announced it would be banning the country’s mobile providers from buying 5G equipment from Huawei, previously a major technology provider for

EU insists European companies could replace Huawei in 5G network (euronews) Nokia and Ericsson can replace Huawei if the Chinese tech giant were to be sidelined for security reasons, the European Commission said on Friday.

TikTok Could Be Tougher Target for Trump Administration (Wall Street Journal) The Trump administration’s efforts to thwart a perceived security threat from video-sharing app TikTok faces challenges beyond those it faced when taking on other Chinese-owned businesses such as Huawei.

US Senate approves amendment to bolster cybersecurity in FY 2021 NDAA (Security Magazine) The US Senate passed a bipartisan amendment to the FY 2021 National Defense Authorization Act (NDAA) to require the Department of Homeland Security to establish a Cybersecurity State Coordinator position in every state.

Cyberattack Attribution and International Law (Just Security) Earlier this week, the U.S. Department of Justice unsealed an indictment accusing two men linked to China’s Ministry of State Security of a decade-long campaign of hacking dissidents, human rights activists, and a variety of private sector targets, including most recently entities working on COVID-19 treatments, tests, and vaccines. This cyberattack attribution follows on the …

Don’t Rush to Judge the CIA’s Covert Cyber Offensive (World Politics Review) In light of past CIA transgressions, the current handwringing over its covert offensive cyberattacks is not unwarranted. Yet, as often happens with sensational stories about American spycraft, there is a risk that reporting about the campaign obscures what it means for the future of cyberwarfare at the global level.

Where do Space Force and Space Command fit into the Pentagon’s cyber plans? (C4ISRNET) Space Force is looking to transition Air Force cyber operators to its ranks within the next year, however, those forces will not be part of the joint U.S. Cyber Command cyber mission force quite yet.

How the Defense Department is reorganizing for information warfare (C4ISRNET) America’s adversaries have targeted the military’s weaknesses via information warfare in recent years and as a result the Department of Defense has made a series of moves to reorganize and better defend against such threats.

Army Cyber Command ceremony heralds its arrival at new headquarters at Fort Gordon (DVIDS) U.S. Army Cyber Command (ARCYBER) officially signaled the arrival of its headquarters at Fort Gordon, Ga., with the uncasing of its colors in a brief ceremony there July 24, 2020.

Ex-PSG commander is new military intel chief (Inquirer) President Rodrigo Duterte has appointed the former head of the Presidential Security Group (PSG) as the new military intelligence chief. Brig. Gen. Jose Eriel Niembra is the...

Litigation, Investigation, and Enforcement

China Operative Pleads Guilty to Spying in U.S. (Wall Street Journal) A political-risk consultant funded by China pleaded guilty Friday in federal court in Washington to tapping U.S. government employees for sensitive information for Beijing, the latest in a flurry of criminal cases accusing Chinese authorities of directing illegal activities in the U.S.

Was China's Houston Consulate Trying to Steal the Coronavirus Vaccine? (Foreign Policy) China’s efforts to use the Houston consulate to steal science and technology secrets were “particularly aggressive and particularly successful,” Trump administration indicates.

China: U.S. claims about Chinese hackers stealing secrets 'purely fabricated' (CGTN) The Chinese Embassy in Belgium on Saturday refuted U.S. accusations that China uses "hackers," overseas personnel and agencies to steal intellectual property and confidential business information around the world, including Belgium, stating the allegations are "purely fabricated."

Report: Israel's Shin Bet tracking Israeli phones for over 2 years (i24NEWS) Program, launched long before the pandemic, was not subject to parliamentary oversight

HSBC Defends Cooperation With U.S. Prosecutors, Denies Setting Trap for Huawei (Wall Street Journal) HSBC Holdings issued a statement defending its cooperation with U.S. prosecutors in a case against China’s Huawei Technologies after Chinese state media said the bank had set Huawei up.

ACCC hauls Google to court over personal data use (CRN Australia) Alleges tech giant misled customers on scope of collected data.

The four horsemen of big tech brace for their Washington interrogation (The Telegraph) Cook, Zuckerberg, Bezos and Pichai are set to face US politicians. It will not be a friendly chat

Exclusive: Big Tech antitrust hearing gets new date (Axios) The CEOs of Apple, Facebook, Amazon and Google will now testify Wednesday.

Fears of Cambridge Analytica Style Manipulation of Ugandan Election as Museveni Hires Israeli ICT Firm for Campaigns (KahawaTungu) Uganda seems to have plucked a page from the public Cambridge analytica scandal that played into the politics in Kenya, India, Australia, the US, UK and other countries.Through meticulous planning

COVID-19 Vaccine Hacking May Prompt Data Security Rethink (Law360) Warnings that cyberattackers backed by the Chinese and Russian governments are targeting COVID-19 vaccine research drive home the need for companies to think beyond their regulatory obligations to protect personal information and to ensure that their intellectual property is shielded from evolving cyber threats.

No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs (TechCrunch) European data watchdogs have issued updated guidance in the wake of last week’s landmark ruling striking down a flagship transatlantic data transfer mechanism called Privacy Shield. In an FAQ on the Schrems II judgement, the European Data Protection Board (EDPB) warns there will be no regulat…

Police Requests for Google Users’ Location Histories Face New Scrutiny (Wall Street Journal) Police officers’ use of a type of warrant to monitor Google users’ locations en masse is facing its first legal and political challenges, as scrutiny of law enforcement tactics grows.

What Trademark Owners Need to Know to Avoid Reverse Domain Name Hijacking (CircleID) A cybersecurity company recently attempted reverse domain name hijacking for an exact match domain name of its brand, and in so doing, failed in both its bid to take ownership of the domain and potentially damaged their reputation by using this somewhat nefarious tactic and abusing the Uniform Domain Name Dispute Resolution Policy (UDPR) process.

Apple, Amazon, Facebook and Google CEO congressional hearing officially delayed (CNBC) The hearing was initially set to take place on Monday, but was postponed due to memorial services for the late Rep. John Lewis, D-Ga.

Trustify founder Danny Boice charged with fraud, money laundering (Washington Business Journal) The company had pitched a platform that connected people with private investigators.

One journalist’s wary, frustrating relationship with Edward Snowden (Virginian-Pilot) In addition to his fears about the panoply of foreign intelligence services that had an interest in stealing the documents in his possession, Barton Gellman became alarmed by what was contained in the documents themselves.

A Put-Up Job (Mercatus Center) With so many big stories breaking, it’s hard to get attention even for important news about the FBI’s and CIA’s misdeeds. Still, the wrongdoing at James Comey’s FBI and John Brennan’s CIA was serious, as the news this week amply demonstrates.On July 17, we learned that the FBI knew, just as Donald Trump’s presidency was beginning, that there was no evidence his campaign had colluded with Russia. That’s the significance of a memo written by FBI agent Peter Strzok in mid-February 2017 and just released.The news matters for three reasons.