Cyber Attacks, Threats, and Vulnerabilities
Telstra backtracks on cyber attack claim (The Islander) Telstra has had to backtrack on its claims a major outage that upset home internet services was caused by a "malicious" cyber attack on its servers. Telstra r...
Cybercriminals Could Be Cloning Payment Cards Using Stolen EVM Data (SecurityWeek) Cybercriminals could be stealing data from EMV payment cards and using it to create magnetic stripe cards which they can use for card-present transactions
Confirmed: Garmin received decryptor for WastedLocker ransomware (BleepingComputer) BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack.
Ransomware feared as possible saboteur for November election (Star Tribune) Federal authorities say one of the gravest threats to the November election is a well-timed ransomware attack that could paralyze voting operations. The threat isn't just from foreign governments, but any fortune-seeking criminal.
Zoom & Doom: How INKY Unraveled A Credential Harvesting Phishing Scam (INKY) As the number of COVID-19 cases continues to rise, so do the number of phishing attacks made on vulnerable businesses. One of the latest schemes involves Zoom video conferencing impersonators. See how INKY caught them.
Phishing Email Uses Google Ad Redirect to Steal Microsoft Credentials (The State of Security) Security researchers came across a phishing email that used a Google Ad redirect as a part of its efforts to steal victims' Microsoft credentials.
Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers (Notebookcheck) According to Pangu Team, a Chinese hacker group, an “unpatchable” exploit has been uncovered for Apple’s Secure Enclave, the co-processor that stores keys for Face ID, Touch ID, and passwords. This potentially puts the personal data and biometric information of millions of iPhone and iPad users at risk.
Democrats warned of targeting by hackers posing as Facebook (CNN) Democratic campaigns were warned Thursday that hackers posing as Facebook could be targeting them in an effort to gain access to their Facebook account credentials, according to a copy of a security alert obtained by CNN.
'Payment sent' - travel giant CWT pays $4.5 million ransom to cyber criminals (ET CIO) The attackers used a strain of ransomware called Ragnar Locker, which encrypts computer files and renders them unusable until the victim pays for acce..
'Payment sent' - travel giant CWT pays $4.5 million ransom to cyber criminals (Reuters) U.S. travel management firm CWT paid $4.5 million this week to hackers who stole reams of sensitive corporate files and said they had knocked 30,000 computers offline, according to a record of the ransom negotiations seen by Reuters.
First rule of Ransomware Club is do not pay the ransom, but it looks like Carlson Wagonlit Travel didn't get the memo (Register) $4.5m may have gone into crims' pockets after bookings biz hit by Ragnar Locker nasty
Havenly discloses data breach after 1.3M accounts leaked online (BleepingComputer) Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum.
Crypto Firm Ledger’s Breach Hits One Million Customers (Infosecurity Magazine) Marketing database exposed in June attack
Athens ISD will not pay ransom after cyber attack, recovers data (TylerPaper) Athens ISD has recovered its school data and will not pay a ransom payment after a cyber attack locked their server data, the school district said Friday.
Children Stream on Twitch—Where Potential Predators Find Them (Wired) A WIRED investigation found dozens of channels belong to children apparently under 13 and anonymous chat participants sending inappropriate messages their way.
Cal State Northridge targeted in cyber-attack (KGTV) Officials at Cal State Northridge confirmed Sunday that the school was targeted in an attempted cyber-attack.
Why a Data Breach at a Genealogy Site Has Privacy Experts Worried (New York Times) Nearly two-thirds of GEDmatch’s users opt out of helping law enforcement. For a brief window this month, that didn’t matter.
Security Patches, Mitigations, and Software Updates
BootHole fixes causing boot problems across multiple Linux distros (ZDNet) Debian, Ubuntu, Red Hat, CentOS, Fedora users reports issues with booting or dual-booting their devices.
Red Hat's BootHole Patches Cause Systems to Hang (SecurityWeek) Red Hat has told customers not to install the package updates released in response to the BootHole vulnerability after users reported that their systems hung after applying the updates.
Autofill Through Biometric Authentication Coming to Chrome (SecurityWeek) Google this week announced a series of security and ease-of-use improvements for the Autofill feature in Chrome
Google: Eleven zero-days detected in the wild in the first half of 2020 (ZDNet) A report from Google's Project Zero also looks at 2019 zero-day statistics and draws some interesting conclusions.
Microsoft has the highest rate of zero-days detected in the wild, but not all is as it seems (The Daily Swig) Google’s Project Zero argues that detection bias might be at play when we consider zero-day vulnerability rates in popular products
Mobile Threats Report | Network Detection and Response (Gigamon) Mobile devices greatly expand the attack surface protect your network with six mobile security best practices.
Cloud Security Report | June 2020 | Wandera (Wandera) This month’s cloud security report looks at the trend in non-compliance, a big brand being used for online phishing, the top apps leaking your location, an update on financial institution phishing, a roundup of May’s cybersecurity news, and the latest from our data science team.
Tanium Report: 90 Percent of Organizations Experienced an Increase in Cyberattacks (AiThority) Tanium announced the results of a global survey of 1,000 CXOs revealing the ongoing effects of COVID-19 on enterprise and government organizations.
Kaspersky Announces Global Call for Cybersecurity Startups (Fast Mode) As part of its Open Innovation Program, the Kaspersky Innovation Hub (iHub) is announcing a new call for startups that are developing cybersecurity solutions
Gamifying cybersecurity: This Estonian-born startup raises €13.46M to help upskill employees with hands-on experience (Silicon Canals) Estonia-based cybersecurity training startup has successfully secured €13.46 million in Series A funding round
SensePost rebrands to Orange Cyberdefense (My Broadband) South African-based cybersecurity company SensePost has announced that it is rebranding to Orange Cyberdefense from 1 August 2020. The name of its ethical hacking team will remain SensePost.
Ex-BAE security startup seeks to SOC it to security risks (IDG Connect) Most startups come from humble stock: garage and dorm-room kids with dreams or else richly funded scions of Silicon Valley, replete with contacts and connections. Few come from ancient industrial names but SOC.OS does.
Exclusive: TikTok's Chinese owner offers to forego stake to clinch U.S. deal - sources (Reuters) China's ByteDance has agreed to divest the U.S. operations of TikTok completely in a bid to save a deal with the White House, after President Donald Trump said on Friday he had decided to ban the popular short-video app, two people familiar with the matter said on Saturday.
Microsoft confirms plans to buy TikTok after 'personal' talk with Donald Trump (The Telegraph) The company said it was 'prepared to continue' talks to rescue the stricken Chinese app – though a deal is not certain
Microsoft to continue discussions on potential TikTok purchase in the United States (The Official Microsoft Blog) Following a conversation between Microsoft CEO Satya Nadella and President Donald J. Trump, Microsoft is prepared to continue discussions to explore a purchase of TikTok in the United States.
Microsoft Said to Be in Talks to Buy TikTok, as Trump Weighs Curtailing App (New York Times) The discussions come as TikTok’s ownership by a Chinese company is under scrutiny by the White House and lawmakers.
Microsoft Is in Talks to Acquire TikTok, as U.S. Considers Banning the App (Wall Street Journal) Microsoft is in advanced talks to acquire the U.S. operations of the Chinese-owned video app TikTok, according to people with knowledge of the discussions, in a deal that would be a concession to White House pressure and make the software giant a major player in social media.
Microsoft’s Talks to Buy TikTok Follow Headwinds for Investor Plan (The Information) Microsoft is in serious talks to acquire TikTok, the hugely popular Chinese-owned video app, The Information has confirmed, after separate talks for a U.S. investor group to buy the app ran into headwinds on both political and business grounds.Senior ByteDance executives see Microsoft as more ...
UK telecommunications group BT says Huawei ban has not affected operations (Deccan Chronicle) UK this month reversed the decision in January to allow China’s controversial technology leader to roll out Britain’s fast new data network.
Salient CRGT Awarded $22M Contract for Department of Defense, Joint Staff Actions Division Support Services (PR Newswire) Salient CRGT has been awarded a $22M contract in support of the Joint Staff Actions Division for Program Management, Program Planning and...
Contracting offices join forces to tackle Sixteenth Air Force Information Warfare mission (Sixteenth Air Force) As Sixteenth Air Force (Air Forces Cyber) reached full operational capability earlier this month, solidifying the convergence of intelligence, surveillance and reconnaissance (ISR), cyber,
Ethereum Foundation Announces Ethereum (ETH) 2.0 Security Team (CryptoComes) Ethereum Foundation's Justin Drake announced that the EF is hiring security experts that are tasked with the security and tokenomics development of Ethereum (ETH) 2.0.
Big Tech's online empires will one day fall (The Telegraph) Despite the scale of the world's largest tech companies, they too, will eventually face a decline of their own
Products, Services, and Solutions
CYSEC and Leaf Space partner to offer end-to-end cyber security protection for satellite communications (Cysec Systems) Leaf Space, an Italian company providing ground segment services for smallsats has signed an MoU consolidating a partnership agreement with CYSEC, a Swiss cybersecurity company, to offer end-to-end cyber security protection for satellite communications.
Announcing the new Okta Developer Certification (Okta) Over the past few months, I have been working on a side project that I am really excited about. If you know me well, you probably know I enjoy using my side projects to help other teams meet their goals (and if you don’t, I am a Senior Security H@X0R at Okta.
Sophos Phish Threat (SC Media) The main Sophos Phish Threat dashboard shows many useful statistics regarding active campaigns, such as the ratio of end users who have fallen for
Technologies, Techniques, and Standards
Election Vulnerability Reporting Guide (CISA) This resource provides election administrators with a step-by-step guide, list of resources, and a template for establishing a successful vulnerability disclosure program to address possible vulnerabilities in their state and local election systems. The six steps include:
Trusted Internet Connections (CISA) The Trusted Internet Connections (TIC) initiative optimizes and standardizes the security of individual external network connections, to include connections to the Internet, currently in use by the federal government.
Cybersecurity: Preventing Infection in a Body of Data (Journal of Petroleum Technology) The oil and gas industry is increasingly characterized by complex connectivity, but our digital dependency brings a new realm of cyber risks. Are we cyber-ready?
The role of insurance in managing cyber risks (Continuity Central) The international business continuity management news, jobs and information portal
Why disaster recovery is the last line of defence against ransomware (Blocks and Files) Criminals need two things to make a ransomware attack work for them; a penetrated IT security system, and inadequate or non-existent backup and disaster recovery. Sadly, this is an all too common state of affairs, as illustrated by Garmin, the latest high-profile victim of ransomware. At time of writing, the company is slowly restoring its …
Quality Control: Keeping Your Detections Fresh (Gigamon ATR Blog) In “So, you want to be a detection engineer?” we examined the thought process behind creating detection rules. While I like to think every detection rule I write will last…
Secure your data: 6 cybersecurity solutions in the COVID-19 era (In the Black) Discover the ways to protect against new or increased cybersecurity risks, covering endpoints, secure email, and VPNs, among others. Read now.
Dousing Cyber Risks to Water Infrastructure (Mirage News) The Australian Cyber Security Centre (ACSC) is inviting organisations from the water and wastewater sectors to participate in a national, two-day cyber...
How to use Radare2 for reverse engineering (Security Boulevard) Introduction This article defines reverse-engineering as it is used in the analysis of software. We will explain in detail how to use radare2 for reverse engineering. It exposes techniques that can... Go on to the site to read the full article
Research and Development
CWI's Léo Ducas involved in finalists of NIST Post-Quantum Cryptography Standardization (CWI) In its process to develop the first cryptographic standard to protect sensitive electronic data against the threat of quantum computers, the US National Institute of Standards and Technology (NIST) announced the finalists. Léo Ducas from CWI's Cryptology group is involved in several finalists of this standardization process.
Mathematical Mesh alpha release promises better end-to-end encryption (CSO Online) Web pioneer proposes a new cryptographic system that relies on threshold key infrastructure to improve end-to-end encryption.
'Quantum rainbow' — photons of switching colors allow room-temperature quantum computing (Purdue) A new quantum random walk technique developed by engineers at Purdue University could eventually allow computers to search through data at speeds beyond that of conventional computers.
Athens State receives designation for cyber defense education (Enewscourier.com) Athens State University has received a national designation for one of its areas of study.
Georgetown takes new cybersecurity measures in response to national attacks (The Georgetown Voice) All Georgetown students will now be required to install DUO to access university systems for the coming semester, the university announced on July 21.
Local student wins 2020 Deloitte Team Tech Challenge (Santa Monica Daily Press) Jackson Salumbides, a prospective senior at Samohi, was selected to participate in the 2020 Deloitte Team Tech Challenge, where participants received instruction and mentorship before being put in teams that sought to identify a community problem.
Legislation, Policy, and Regulation
Russia pledges reciprocal steps after EU sanctions for alleged cyberattacks (Reuters) Russia's Foreign Ministry said on Friday it would respond with reciprocal measures to European Union travel and financial sanctions against a department of Russia's military intelligence service for alleged cyberattacks.
U.S. Slaps Sanctions on Xinjiang’s Vast Paramilitary Settler Corps (Foreign Policy) Beijing is likely to react strongly to the first targeting of high-level officials and a government body.
How fair are practices of tech giants in India? (ET CIO) If the tech giants are suspected of crushing competition and lax about privacy and data protection in the US, they could be doing so in India too
Trump to Order China’s ByteDance to Sell TikTok in U.S. (Bloomberg) President Donald Trump plans to announce a decision ordering China’s ByteDance Ltd. to divest its ownership of the music-video app TikTok, which is popular with U.S. teens, according to people familiar with the matter.
Trump says he plans to bar TikTok from operating in the U.S. (Washington Post) “As far as TikTok is concerned, we’re banning them from the United States,” he told reporters aboard Air Force One.
U.S. to act on China software beyond TikTok, Pompeo says (Los Angeles Times) The Trump administration will announce measures shortly against “a broad array” of Chinese-owned software deemed to pose national security risks, Secretary of State Michael R. Pompeo said.
Trump takes aim at Chinese tech firms (The Telegraph) Microsoft deal to buy TikTok put on hold after President threatens to ban the app and take wider action on national security grounds
US to widen action against Chinese tech groups beyond TikTok (Financial Times) Pompeo vows further clampdown as ByteDance tries to salvage sale talks with Microsoft
Langevin Applauds EU Cyber Sanctions (Meritalk) Rep. Jim Langevin, D-R.I., chairman of the House Armed Services Committee's Subcommittee on Intelligence and Emerging Threats and Capabilities, voiced support at a July 30 subcommittee hearing for the European Union’s placement of sanctions on Russian, Chinese, and North Korean entities for their role in high-profile cyber attacks.
The US is a ‘cheap date’ in cyberspace. A commission has ideas to change that. (C4ISRNET) A top member of the Cyber Solarium Commission outlined a two-pronged approach for better cyber deterrence.
Solarium commissioners focus on cyber director, better attribution (FCW) Negotiations between the House and Senate on a $740 billion defense authorization bill will determine which recommendations from the Cyberspace Solarium Commission make it into law.
US announces visa restrictions for employees of Huawei and other Chinese tech companies (WGOW) Secretary of State Mike Pompeo on Wednesday announced visa restrictions on employees of Chinese technology companies, including Huawei, in the latest Trump administration move against Beijing.
Republican HEALS Would Rip and Replace Broadband (Benton Foundation) Not much broadband in GOP proposal
Sinotech: The U.S. and China Order Consulate Closures as Huawei Tensions Heat Up in Europe (Lawfare) Lawfare's biweekly roundup of U.S.-China technology policy and national security news.
Huawei-watching cyber security unit gets new chief (Capacity) The UK’s cyber security centre, which has played a leading part in examining the security of Huawei equipment in critical infrastructure, is to get a new head.
DHS official to be reassigned after intelligence collection on journalists (CNN) The Department of Homeland Security official who oversaw the intelligence division at the department is being reassigned after it was revealed his office had gathered intelligence reports on two US journalists, according to a source familiar with the matter.
Cuccinelli relaxed oversight of DHS intel office (POLITICO) The No. 2 official at the Department of Homeland Security greenlit a move to reduce the role of an internal civil liberties watchdog in intelligence reports.
Litigation, Investigation, and Law Enforcement
Bail in Twitter hack: $725,000. Tampa teen’s assets: $3 million in Bitcoin (Tampa Bay Times) Graham Ivan Clark, 17, is accused of hacking prominent Twitter accounts. Prosecutors and the defense argued over whether the teen's considerable assets were legally obtained.
Three People Are Charged in Twitter Hack (Wall Street Journal) Three individuals have been charged in connection with the July 15 hack of Twitter, including a 17-year-old male that authorities have arrested and accused of being the mastermind of the scheme.
Florida Teen Charged in Massive Twitter Hack, Bitcoin Theft (SecurityWeek) A Florida teen hacked the Twitter accounts of prominent politicians, celebrities and technology moguls to scam people around globe out of more than $100,000 in Bitcoin, authorities said Friday.
Tampa teen accused of being ‘mastermind’ behind Twitter hack that targeted high-profile accounts (WFLA) A Tampa teenager is in jail, accused of being the “mastermind” behind a hack on the social media website Twitter that caused limited access to the site and high-profile accounts, accord…
Cops Arrest 17-Year-Old Suspect in Massive Twitter Hack (Vice) The arrest comes after hackers hijacked some of the most high profile accounts on the social network by leveraging an internal Twitter tool.
Three Charged in July 15 Twitter Compromise (KrebsOnSecurity) Three individuals have been charged for their alleged roles in the July 15 hack on Twitter, an incident that resulted in Twitter profiles for some of the world's most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam.
How the FBI tracked down the Twitter hackers (ZDNet) A timeline of the Twitter hack composed from court documents published today.
From Minecraft Tricks to Twitter Hack: A Florida Teen’s Troubled Online Path (New York Times) The teenage “mastermind” of the recent Twitter breach, who had a difficult family life, poured his energy into video games and cryptocurrency.
Malware author pleads guilty for role in transnational cybercrime organization responsible for more than $568 million in losses (US Immigration and Customs Enforcement) Valerian Chiochiu, aka “Onassis,” “Flagler,” “Socrate,” and “Eclessiastes,” 30, pleaded guilty before U.S. District Court Judge James C. Mahan in the District of Nevada. Chiochiu is a national of the
109 people arrested in $5.7 bln PlusToken pyramid scheme (CGTN) Chinese police have arrested 27 primary suspects and 82 core members in the PlusToken pyramid scheme, according to the country's public security authority.
Should privacy act terms of service violations be a crime? (Includes interview) (Digital Journal) Researchers have warned that if violations of a company’s “terms of service” are deemed to be illegal, this risks stalling important research into voting systems, medical devices and other key equipment.
Amnesty International vs. Morocco and Israel (The Jerusalem Post) Lately Amnesty has been targeting Israel through its fixation on Pegasus, a software that can be “injected” into smartphones to track the user’s location, calls, messages, etc.
Amnesty International and Qatari information warfare (Israel Hayom) A recent report by the NGO attacking Morocco for its alleged use of Israeli software to surveil a journalist is part of a disturbing pattern.
Human Rights Media Announces Petition Against Reddit.com for Unfair Trampling of Free Speech and Opinion (PR Newswire) A Change.org petition has been created to demand transparency and the protection of free speech on the popular social-media website Reddit.com....
DynCorp continues battle for $700M intelligence contract (Washington Technology) DynCorp International is now into round three of protests over a $700 million Army intelligence contract that went to CACI International nearly 15 months ago.