In the first issue of Creating Connections, Malek Ben Salem from Accenture discusses artificial intelligence as the new attack surface in cyberspace, and suggests steps you might take to protect your AI. Creating Connections also features pieces written by our very own ladies of the CyberWire, podcast interviews, events for women, and additional reading. Check it out and subscribe here.
More Signal. Less Noise.
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
YouTube quashes "coordinated influence operations." Microsoft renewal scam." US announces new Clean Network lines of effort.
Announcements
The CyberWire’s new newsletter for women in cybersecurity has launched.
Summary
YouTube announced late yesterday that it had banned 2596 accounts emanating from China, some of which had been engaging in "coordinated influence operations," TechCrunch reports. Google's Threat Analysis Group summed up its observations on the second quarter of 2020, and said that Chinese political influence campaigns spiked in May and June. Lower but still significant levels of activity were seen from Russian and Iranian actors.
IBM researchers, citing work by Abnormal Security, warn that there's an ongoing "Microsoft renewal scam" gurgling around in the Web. It represents itself as an Office 365 renewal email, and it presents relatively convincing landing pages.
US Secretary of State Pompeo has announced five new "lines of effort" under the US Clean Network program. These include "Clean Carrier" (aimed at disconnecting untrustworthy carriers from US telecommunications networks), "Clean Store" (which would remove untrusted applications from US mobile app stores), "Clean Apps" (intended to prevent untrusted smartphone manufacturers from pre-installing trusted apps in their own app stores), "Clean Cloud" (which would keep US personal data and intellectual property out of adversaries' cloud services), and "Clean Cable" (which would ensure that undersea cables aren't compromised by hostile intelligence services). All these measures are directed at China.
The US State Department is also offering bounties of up to $10 million under its Rewards for Justice program "for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities."
Notes.
Today's issue includes events affecting Australia, China, India, Romania, Russia, the United Kingdom, and the United States.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at the latest issue of Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
Cyber leadership session on-demand: Adopting a proactive, intelligence-led cyber mission
Leaders from the Navy, Government Accountability Office and Mandiant Security Validation took the virtual stage to discuss "Adopting a Proactive, Intelligence-Led Cyber Mission". Watch the on-demand webcast to join the discussion on how automated security validation, integrated with the latest threat intelligence and frontline expertise can validate the health of your infrastructure by testing against actual threats.
Sponsored Events
Future of Digital Identity: Self-Sovereign Identity & Verifiable Credentials (Online, August 6, 2020) Users and employees want control over their data. Self-Sovereign Identity is an identity paradigm poised as the next enterprise-ready solution. Learn more about the future of identity from international experts from organizations such as Bosch, Novartis, and NHS at our virtual event.
CyberTech Latin America (Online, August 11, 2020) Cybertech Latin America is a digital event bringing together government officials, industry experts, academics, leading companies, and startups. Topics include cyber for healthcare and for the financial sector, banking and e-commerce, logistics and transportation, digital transformation and a startup pitch showcase. Register for free.
AusCERT2020 (Online, September 15 - 18, 2020) AusCERT is Australia’s pioneer cyber emergency response team. Attend AusCERT2020 virtually and experience 4-days packed with world-class tutorials and presentations delivered to you by speakers from around the globe.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
YouTube bans thousands of Chinese accounts to combat ‘coordinated influence operations’ (TechCrunch) YouTube has banned a large number of Chinese accounts it said were engaging in “coordinated influence operations” on political issues, the company announced today; 2,596 accounts from China alone were taken down from April to June, compared with 277 in the first three months of 2020. &#…
‘It’s easy for anyone’ to spread disinformation, expert warns (WTOP) How the U.S. can combat disinformation campaigns Russia is not the only country trying to spread disinformation to influence Americans ahead of the 2020 presidential election…
Cambridge cybersecurity experts on how Liam Fox might fall prey to spear-phishing hack (Cambridge Independent) Darktrace, Featurespace and PureID on the mechanics of hacks - and how they defend against them
Twitter for Android vulnerability gave access to direct messages (BleepingComputer) Twitter today announced that it fixed a security vulnerability in the Twitter for Android app that could have allowed attackers to gain access to users' private Twitter data including direct messages.
A Flaw Used by Stuxnet Wasn't Fully Fixed (BankInfo Security) Vulnerabilities in the Microsoft Windows print spooler, an aging but important component, will be presented at the Black Hat security conference on Thursday. The
Users Beware: Spotting a Microsoft Renewal Scam (Security Intelligence) A new scam campaign targets users' payment card details and other information using fake Microsoft renewal emails. Learn how to educate enterprise users.
Tripwire Research: IoT Smart Lock Vulnerability Spotlights Bigger Issues (The State of Security) Craig Young brings awareness to the issues surrounding an IoT smart lock offering along with the centralized cloud computing that drives IoT.
Hackers can abuse Microsoft Teams updater to install malware (BleepingComputer) Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.
Microsoft Teams Updater Living off the Land (Trustwave) During this global pandemic COVID-19 situation, there has been an increasing trend of video conferencing solutions, Trustwave SpiderLabs are exercising extra vigilance in monitoring the video conferencing traffics.
Researcher Details Sophisticated macOS Attack via Office Document Macros (SecurityWeek) Hackers could deliver malware to a macOS system using an Office document containing macro code, simply by getting the victim to open the document
Researchers identify vulnerabilities in critical industrial equipment (Computing) Protocol gateways are critical to enabling Industry 4.0, and Trend Micro has found critical weaknesses in how they operate
Insecure satellite-based internet poses threat to transport safety (Computing) Satellite internet service providers are still vulnerable to attack methods discovered nearly 15 years ago
Dutch Hackers Found a Simple Way to Mess With Traffic Lights (Wired) By reverse engineering apps intended for cyclists, security researchers found they could cause delays in at least 10 cities from anywhere in the world.
High-Wattage IoT Botnets Can Manipulate Energy Market: Researchers (SecurityWeek) Researchers have described how a botnet powered by high-wattage IoT devices can manipulate the energy market.
Robot Character Analysis Reveals Trust Issues (McAfee Blogs) Retired Marine fighter pilot and Top Gun instructor Dave Berke said "Every single thing you do in your life, every decision you make, is an OODA Loop."
Canon hit by Maze Ransomware attack, 10TB data allegedly stolen (BleepingComputer) Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications.
UK Retail Giant Monsoon Has Vulnerability Exposing Sensitive Data (VPNpro) Report: Monsoon Accessorize uses an insecure version of Pulse Connect Secure VPN, exposing records of company and customer data. Read to learn more.
Report: Cybersecurity Firm’s Data Exposed, Among Others (vpnMentor) The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered an unsecured AWS S3 bucket with over 5.5 million files and more than
Lafayette pays $45,000 ransom after cyber-attack (Sentinel Colorado) "In a cost/benefit scenario of rebuilding the city's data versus paying the ransom, the ransom option far outweighed attempting to build," the city said in a statement. "The inconvenience of a lengthy service outage for residents was also taken into consideration."
DJI Statement On Further Misleading Claims About App Security (sUAS News - The Business of Drones) Today’s report from the Synacktiv digital security firm about DJI software includes further inaccuracies and misleading statements about how our products work, following similar reports from them last week. We want to make clear that DJI’s products protect user data; that DJI, like most software companies, continually updates products as real and perceived vulnerabilities come […]
Cyber Trends
Evil AI: These are the 20 most dangerous crimes that artificial intelligence will create (ZDNet) A new report tells us which criminal applications of AI we should really worry about.
Pandemic Elevates Security Chiefs to Corporate Leadership Roles (Wall Street Journal) Companies have faced an onslaught of attempted cyberattacks since the start of the pandemic. To make it through the turbulence, companies are relying on security experts who were sometimes sidelined by management in the past, but are now rising in the executive ranks.
Why a data security sting lurks in COVID-19’s long tail (Healthcare IT News) Hospital executive minds have understandably been distracted since the start of 2020, but the impact of the emergence of SarsCoV2 has not been limited to its physical toll. It has also torn into data security defences and exposed patient privacy, as explored in the latest issue of HIMSS Insights.
Marketplace
Ann Arbor cybersecurity firm Censys lands $15.5 million investment (Crain's Detroit Business) Ann Arbor-based cybersecurity startup Censys Inc. has closed on a $15.5 million Series A fundraising round. The funding, led by existing out-of-state investors, will allow the University of Michigan spin-out with deep connections to the Ann Arbor startup community to go on a hiring spree, likely…
Paving the Road to Mass Adoption: Draper Goren Holm Doubles Down on DeFi (Draper Goren Holm | Blockchain Venture Studio) Draper Goren Holm announces blockchain infrastructure investment and incubation of consumer DeFi product.
White Ops’ recent funding fast-tracks UK expansion (London Business News) White Ops, the global leader in collective protection against sophisticated bot attacks and fraud, have announced their expansion into the UK.
TikTok to spend $500 million on first EU data center in Ireland (ETCIO.com) The move to expand its operations within EU borders is part of TikTok’s global effort to prove itself a responsible internet citizen and a trustwort..
The real reason Microsoft wants to buy TikTok (Washington Post) More than merely appealing to the young users of TikTok, Microsoft could use the data culled from its videos to better compete against its AI rivals.
KnowBe4 Named a Winner in Black Unicorn Awards for 2020 (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that it has been named a winner i
Rackspace disappoints in IPO redux; shares off 18% from pricing level (NASDAQ:RXT) (Seeking Alpha) Rackspace Technology (NASDAQ:RXT) opens trading at $16.85 after the IPO was priced at $21 last night.
Products, Services, and Solutions
Technology Businesses Turn to CompTIA ISAO for Critical Threat Intelligence (CompTIA) Technology solution providers, managed services providers (MSPs) and other organizations searching for critical cybersecurity threat intelligence have a new resource available from CompTIA.
Calyptix Security Releases AccessEnforcer 5.0 Beta to Add Network Authentication for Microsoft RDP and SSH Access (PR Newswire) Calyptix Security Corporation, maker of the AccessEnforcer® UTM Firewall, today announced the release of AccessEnforcer 5.0 Beta at CompTIA...
CynergisTek Partners with Awake Security to Identify Adversaries in Healthcare Networks (BusinessWire) CynergisTek partners with Awake Security to offer compromise assessments to identify threat adversaries in healthcare networks.
Acuant Integrates iProov Patented Biometric Authentication Into Its Trusted Identity Platform (BusinessWire) iProov, the leading provider of biometric authentication technology for Genuine Presence Assurance, today announced that Acuant, a global leader in id
Rain Networks Chose Partnership with Comodo for Ransomware and Cyber Attack Protection (Yahoo) Rain Networks, chose to partner with Comodo for ransomware and cyber-attack protection. Hear more from Nathan Carter, Vice President Sales, Rain Networks about how this VAR expanded its security services for customers.
LastPass adding dark web monitoring to its Premium subscription (MobileSyrup) Available for Premium, Family and Business subscribers, LastPass' dark web monitoring will alert you when you've been caught in a breach.
Radiflow launches CIARA as first risk analysis platform based on ISA/IEC 62443 framework (Radiflow) Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture
Efficacy of Micro-Segmentation (Computer Business Review) Illumio Inc. engaged Bishop Fox to measure the effectiveness of micro-segmentation using the Illumio Adaptive Security Platform (ASP) as a control in limiting lateral network movement. The following report details the findings identified during the course of the engagement, which started on March 16, 2020. Goals: – Create a repeatable testing methodology that can be …
Ensighten Launches Client-Side Threat Intelligence Initiative and Invests in Machine Learning (PR Newswire) Ensighten, the leader in client-side website security and privacy compliance enforcement, today announced increased investment into threat...
Area 1 Security Launches New North American Partner Program (PR Newswire) Area 1 Security today announced its new partner program to allow partners to easily sell and deliver the industry's only preemptive,...
Kaspersky expands product array for security researchers with sandboxing technology (Intelligent CIO Africa) Cybersecurity vendor Kaspersky has revealed that its sandboxing technology is now available for use in customer networks. The on-premises Kaspersky Research Sandbox is designed for organisations with strict restrictions on data sharing, to enable them to build their internal security operations centres (SOCs) or computer emergency response teams (CERTs). The company said the solution helps […]
Fortinet Introduces the World’s First Hyperscale Firewall (GlobeNewswire) FortiGate 4400F is the Only Firewall Capable of Securing Hyperscale Data Centers and 5G Networks, Delivering the Industry’s Highest Performance with Security Compute Ratings of up to 13x
Technologies, Techniques, and Standards
Hackers Get Green Light to Test Election Voting Systems (Wall Street Journal) Election Systems & Software, the top U.S. seller of voting-machine technology, is calling a truce in its feud with computer-security researchers over the ways they probe for vulnerabilities of the company’s systems.
Voting Machine Makers Are Finally Playing Nice With Hackers (Wired) After years of secrecy, one major election tech company is giving more hackers a look under the hood.
CISA director: Paper record key to keeping 2020 election secure – Video (Digital Market News) What I wanna talk about is where we were in 2016 where we are today in the run up to 2020. And then talking about what we actually have to do to get ready, left
The Vigilante Hunting Down Cheaters in Video Games (Vice) This 24-year-old Iraqi who lives in London has spent two years hunting cheaters in Overwatch and Valorant, getting thousands of cheaters banned and helping gaming companies improve their games.
CISA Releases Cyber Workforce Tool (Meritalk) The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency released a new online tool designed to help individuals navigate career options in the field of cybersecurity.
States Are Deploying National Guard Cybersecurity Teams To Prevent Election Interference (KPBS Public Media) More than 30 states have asked the National Guard to help safeguard the 2020 election from cyber threats.
Design and Innovation
TikTok says it's going to fight election misinformation (NBC News) TikTok remains under intense U.S. government scrutiny and is the subject of a potential imminent sale to Microsoft.
TikTok tightens misinformation rules before 2020 election (Axios) The popular short-video app, under attack from President Trump, is seeking to tighten it rules.
Dopple-ganging up on Facial Recognition Systems (McAfee Blogs) Co-authored with Jesse Chick, OSU Senior and Former McAfee Intern, Primary Researcher. Special thanks to Dr. Catherine Huang, McAfee Advanced Analytics
Research and Development
Research Into Advanced Cryptography Wins Pandey $1 Million DARPA Award (SBU News) Professor Omkant Pandey of the Department of Computer Science, along with Sanjam Garg of the University of California, Berkeley, have been awarded a $1 million grant from the Defense Advanced Research Projects Agency (DARPA) to develop safe and secure verification methods for sensitive processes.
Academia
Check Point Software Partners with New York University to Close the Cybersecurity Workforce Gap (GlobeNewswire) Online eLearning program on cloud, network, endpoint, and mobile security now available to NYU’s Tandon School of Engineering to develop student’s cybersecurity knowledge
Legislation, Policy and Regulation
New Australian cybersecurity strategy will see Canberra get offensive (ZDNet) Powers to be created will allow the Commonwealth to actively defend networks.
Peter Dutton confirms Australia could spy on its own citizens under cybersecurity plan (the Guardian) Australian Signals Directorate will for the first time be able to identify suspects on home soil
Romanian Conditions for 5G Race Would Rule out Huawei (Balkan Insight) Without explicitly mentioning the Chinese giant, Romania has set out the terms it will apply to choose a partner to implement 5G technology – which clearly exclude China’s Huawei from the competition.
State Dept. Traces Russian Disinformation Links (New York Times) A new government report avoids direct discussion of American election interference by Moscow, despite lawmakers’ call for more information.
GEC Special Report: August 2020 Pillars of Russia’s Disinformation and Propaganda Ecosystem (United States Department of State) As the U.S. Government’s dedicated center for countering foreign disinformation and propaganda, the Global Engagement Center (GEC) at the U.S. Department of State has a mandate to expose and counter threats from malign actors that utilize these tactics.
The US is building a new Great Firewall (Quartz) The "Clean Network" initiative aims to root out Chinese apps and other tech products from the US internet, which some say is reminiscent of China's own digital wall.
Pompeo urges US companies to block downloads of Chinese apps (TheHill) The Trump administration is urging U.S.
Announcing the Expansion of the Clean Network to Safeguard America’s Assets (United States Department of State) The Clean Network program is the Trump Administration’s comprehensive approach to guarding our citizens’ privacy and our companies’ most sensitive information from aggressive intrusions by malign actors, such as the Chinese Communist Party.
US offers $10 million reward for hackers meddling in US elections (ZDNet) This includes attacks against US election officials, election infrastructure, voting machines, but also candidates and their staff.
The Domestic Legal Framework for U.S. Military Cyber Operations (Lawfare) With little fanfare and less public notice, Congress and the executive branch have cooperated effectively over the past decade to build a legal architecture for military cyber operations.
Why create more cyber units when talent might be lacking, wonders senator (C4ISRNET) One senator is concerned that unless the Pentagon retains its top cyber talent, adding more needed cyber teams might not make a difference.
CISA Reframing Cyber Hiring Approach; Christopher Krebs Quoted (Executive Gov) The Cybersecurity and Infrastructure Security Agency (CISA) is reassessing its cyber recruitment app
States Call on Facebook to Launch Hate-Speech Hotline (Wall Street Journal) Attorneys general for 19 states and the District of Columbia are calling on the social-media giant to take additional steps to combat harassment and hate speech on its platforms.
Litigation, Investigation, and Enforcement
Twitter hack court hearing 'zoom bombed' with pornography (The Telegraph) A judge was forced to suspend the virtual hearing after repeated interruptions
Risk Of Breaching Sanctions Adds To Ransomware Headache (Law360) Companies facing extortion demands from cybercriminals have encountered a new form of risk in recent months over whether paying such a ransom could violate sanctions issued by the U.S. Department of the Treasury, industry attorneys say.
Class-Action Lawsuit Claims TikTok Steals Kids' Data And Sends It To China (NPR) A lawsuit alleging that TikTok collects and sends American users' data to China could cost the company hundreds of millions of dollars. TikTok denies the allegations.
Ex-Justice Dept. official says Michael Flynn secretly ‘neutered’ Obama’s moves on Russia (Washington Post) Former deputy attorney general Sally Q. Yates told Congress on Wednesday that President Trump’s incoming national security adviser Michael Flynn in late 2016 had secretly “neutered” Obama administration actions toward Russia, prompting an investigation that consumed the early days of Trump’s presidency.
Yates Contradicts Strzok, Says Comey Brought Up Use of Archaic Law on Flynn (Epoch Times) Former Deputy Attorney General Sally Yates on Aug. 5 contradicted the content of notes written by an FBI ...
Coalfire security pros arrested for breaking into Iowa courthouse are still bitter (CyberScoop) The two security pros who were arrested for doing their job are still angry. Gary DeMurcurio and Justin Wynn, who work as penetration testers for Colorado-based security firm Coalfire Labs, were charged with burglary in September 2019 after they broke into an Iowa courthouse.
Black Hat: When penetration testing earns you a felony arrest record (ZDNet) Coalfire takes us through the story of security professionals arrested at a courthouse while conducting tests on behalf of the state.
Industry Events
newly Noted Events
Female Trailblazers in Cybersecurity (Online, August 25, 2020) ISA Cybersecurity, in partnership with CyberArk and Tenable, is proud to host a virtual roundtable that brings together leading women in cybersecurity to address today’s pressing industry issues by highlighting women’s vital roles through powerful stories. Join us for an interactive, 60-minute roundtable moderated by Kathleen Smith, Chief Marketing Officer at ClearedJobs.Net/CyberSecJobs.com, where inspiring cybersecurity and technology female leaders will share their insights and personal experiences on the rapid changes to the industry, the growing need for female representation and what they’ve done to impact the ecosystem today.
upcoming Events
WSIS Forum 2020 (Online, June 22 - September 10, 2020) The World Summit on the Information Society (WSIS) Forum 2020, celebrates 15 years of providing a multi-stakeholder platform to discuss, share experiences, showcase innovation, and foster partnerships in strengthening the impact of ICTs for sustainable development. Online sessions to be held from 22 June, 12:00-13:00 onwards, featuring a weekly program, including a series of thematic/country workshops which are hosted by WSIS Stakeholders, high-level policy sessions, special tracks on various themes, a virtual knowledge café, a Hackathon, WSIS Action Line meeting and a virtual exhibition addressing issues that are critical to WSIS implementation and follow-up in a multi-stakeholder setting.
Black Hat USA 2020. (Online, August 1 - 6, 2020) Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2020 opens with four days of technical Trainings (August 1-4) followed by the two-day main conference (August 5-6) featuring Briefings, Arsenal, Business Hall, and more.
Cyber HealthTech Conference (Atlanta, Georgia, USA, August 6, 2020) The Inaugural Cyber HealthTech Conference & Challenge is the premier global innovation conference dedicated to creating opportunities for senior leaders from health tech enterprises and startups from around the country to come together in the spirit of connection, innovation and acceleration. Advancements in cybersecurity and health technology play an ever increasing role in consumer behavior. For those of us in the Atlanta metro area, now is the time to be part of an innovative community focused on serving and growing the mobile on-demand economy.
Dolphin Tank®: Cyber Security (Online, August 12, 2020) Springboard Enterprises Dolphin Tank® Sessions offer entrepreneurs actionable insights and resources from knowledgeable people in the community. It’s not about sharks or piranhas but rather, “How can we help?” The objective is to provide connections and advice to enable entrepreneurs to overcome their challenges and capitalize on their opportunities. All presenting companies have at least one woman founder (who will present), have a full-time team of two or more, have raised at least a seed round of funding, is generating monthly recurring revenue and has developed a technology solution with applications in cyber security.
2nd Annual Charlotte Cyber Security Summit (Online, August 13, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from the U.S. Dept. of Homeland Security, IBM, Verizon, Darktrace and more about the latest threats facing your company.
Sponsor & Support
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.