The CyberWire is pleased to announce the launch of our new newsletter focused on connecting women in the cybersecurity field across the globe! The publication will launch on August 3rd, and will appear on the first Monday of every month. It's brought to you by women in the industry, and you're invited to join our league of cyber ladies and create lasting connections. Learn more or subscribe here.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Big Tech's testimony. "BootHole." Bogus COVID-19 contact-tracing apps. Netwalker warning. China denies hacking the Vatican.
Amazon, Apple, Google, and Facebook completed (by WebEx) yesterday’s testimony before the US House Judiciary Committee’s anti-trust subcommittee. Messrs. Bezos, Cook, Pichai, and Zuckerberg hewed to foreseeable lines during their testimony (the Telegraph thought they emerged “unharmed”), but observers thought the Congressional inquisitors generally well-prepared. The House subcommittee was interested in both anti-competitive practices and the roles the platforms have assumed in moderating content and influencing elections. The Wall Street Journal sees the central issue raised in the session as the economic and social power big data analytics have enabled Big Tech to concentrate.
Eclypsium has found a vulnerability, “BootHole,” that affects the GRUB2 bootloader used by most Linux systems. It could be exploited to gain the ability to execute arbitrary code even when secure boot is enabled. An attacker would need either administrative privileges or physical access to a device to infect it, however, which as Ars Technica points out, if the attacker has those, you’ve got a lot of other problems to worry about.
EclecticIQ and its partners at ThreatFabric report that malicious Android packages have been found presenting themselves as legitimate, government-backed COVID-19 contact-tracing apps.
According to BleepingComputer, the FBI has issued a warning that Netwalker ransomware is being deployed against government agencies, both in the US and internationally.
China says that it’s always been firmly opposed to cyberespionage and that anyone (like Recorded Future, whose report has been widely cited) who thinks Beijing hacked the Vatican needs to put up or shut up, Global News writes.
Today's issue includes events affecting Canada, China, the Holy See, India, Ireland, Israel, the Democratic Peoples Republic of Korea, Latvia, Lithuania, New Zealand, Poland, Russia, Singapore, Turkey, the United Kingdom, and the United States.
Subscribe to CyberWire Pro to gain exclusive access to actionable reporting, analysis and insights on the global information security industry reshaping our world. CyberWire Pro is an independent news service you can depend on to stay informed, and save time. This unique offer includes access to exclusive podcasts, briefings, webinars, and much more! Visit thecyberwire.com/pro to learn more.