The CyberWire is thrilled to announce the launch of our new newsletter, Creating Connections, focused on connecting women in the cybersecurity field across the globe. Brought to you by women in the industry, you're invited to join our league of cyber ladies and create lasting connections. We'd like to thank Malek Ben Salem and Sylvia Acevedo for their contributed pieces. Remember, we will continue publishing monthly on the first Monday of every month. Check it out and subscribe here.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
VPN server credentials compromised. Interpol reports on cybercrime trends. Oilrig gets stealthy. NSA's privacy advice.
Plaintext usernames, passwords, and IP addresses for more than nine-hundred Pulse Secure VPN enterprise servers are being shared on a Russian language hacker forum, a ZDNet investigation has found. All the compromised servers were running firmware vulnerable to CVE-2019-11510. The forum to which the data were posted is frequented by ransomware gangs.
Interpol yesterday released a report on cybercrime trends observed during the COVID-19 pandemic. There’s been a shift in targeting. Initially individuals and smaller organizations were the preferred targets, but more recently large companies, government agencies, and infrastructure have been the focus of threat actors.
ZDNet reports that Kaspersky has found that the Iranian threat group Oilrig (APT34) is using DNSExfiltrator, a utility that uses DNS-over-HTTPS (DoH) as an exfiltration channel that enables attackers to move data in more surreptitious ways.
The US National Security Agency has released an advisory on the risks associated with the geolocation data many systems and apps routinely collect. “Location data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations,” NSA’s warning said. The agency’s recommendations are addressed in the first instance to Government personnel, but they’re presented as applicable to anyone concerned about privacy: turn off location-sharing services, give apps minimal privileges, set browser options to prevent use of location data, turn off advertising permissions, and even disenabling features that track lost devices.
Today's issue includes events affecting Australia, Canada, China, the European Union, India, Iran, New Zealand, Russia, the United Kingdom, and the United States.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at the latest issue of Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
Leaders from the Navy, Government Accountability Office and Mandiant Security Validation took the virtual stage to discuss "Adopting a Proactive, Intelligence-Led Cyber Mission". Watch the on-demand webcast to join the discussion on how automated security validation, integrated with the latest threat intelligence and frontline expertise can validate the health of your infrastructure by testing against actual threats.