Cyber Attacks, Threats, and Vulnerabilities
Someone duped Twitter verification to spread racist disinformation on U.S. coronavirus vaccine (CyberScoop) Suspected Iranian actors duped Twitter's verified scheme so they could spread racist disinformation about the search for a coronavirus vaccine in the U.S.
Pro-Iran Troll Posed as WHO Official to Push Racist Coronavirus Hoax (The Daily Beast) They managed to trick Twitter into giving them a verified account. And then the trolls used it to push horrifically racist disinformation about a COVID-19 vaccine.
North Korean hackers are targeting Israel's defense sector, Israel Ministry of Defense claims (CyberScoop) North Korean government-linked hackers have been targeting the Israeli defense sector with fake job offers, Israel’s Ministry of Defense said.
Defense Establishment thwarts cyberattack targeting Israeli companies (The Jerusalem Post) The attempted cyberattack was conducted by an international cyber group called "Lazarus” - an organization that is backed by a foreign country.
How Telegram Users Found A Way Through Belarus's Internet Lockdown (RadioFreeEurope/RadioLiberty) The Internet has largely been shut down in Belarus ever since the country’s disputed presidential election on August 9. However, the social-media platform Telegram has largely continued operation and has become the go-to resource for protesters seeking information and coordination.
We found 350 million email adresses on an unsecured server (CyberNews) The emails were left on a publicly accessible Amazon server, allowing anyone to access the unencrypted data without any kind of authorization.
A Big Catch: Cloud Phishing from Google App Engine and Azure App Service (Netskope) Threat actors are leveraging top tier cloud apps to host phishing baits. Netskope Threat Labs has identified an ongoing O365 phishing campaign hosted in Google App Engine with the credential harvester mostly hosted in Azure App Service. This phishing campaign typically targets O365 users via phishing emails with a direct link or attachment. The campaign […]
ReVoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations (ZDNet) Academics detail a new attack on 4G encrypted calls. Attack works only when the attacker is on the same base station (mobile tower) as the victim.
Tesla RAT adapts, evolves to thwart security (SC Media) It may be unsophisticated but the Agent Tesla RAT is “street-wise,” adapting and evolving just enough to wreak havoc on organizations’ security efforts.
A popular malware variant has learned to swipe passwords from browsers and VPNs (pcgamer) Teaching old malware new tricks.
Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon's Alexa (Check Point Research) Introduction & Motivation “Please lower the temperature of the AC, it’s getting humid in here,” said Eric to Alexa, who turned the AC to a cooler temperature in the living room. No, Alexa is not Eric’s partner, wife or friend. Alexa is his virtual assistant and this scenario which would have been considered somewhat futuristic... Click to Read More
Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data (Threatpost) Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
Why You Must Beware What You Ask Amazon Alexa (Forbes) How Alexa's security put 200 million users at risk...
An advanced group specializing in corporate espionage is on a hacking spree (CyberScoop) A Russian-speaking hacking group specializing in corporate espionage has targeted 26 commercial organizations since 2018 in attempts to steal vast amounts of data from the private sector, according to new findings.
RedCurl. The pentest you didn’t know about (Group-IB) Research of the new espionage APT-group RedCurl and its elaborate attacks on enterprise companies in North America, Europe and CIS
Avaddon: The Latest RaaS (Ransomware-as-a-Service) to Jump on the Extortion Bandwagon (DomainTools) Dissecting the Avaddon Ransomware Loader & Further Operations
Mekotio: These aren’t the security updates you’re looking for… (WeLiveSecurity) ESET researchers dissect Mekotio, a banking trojan that targets mainly Latin American countries and uses a SQL database as a C&C server.
Maze Reportedly Posts Exfiltrated Canon USA Data (BankInfo Security) The Maze ransomware group has posted on its darknet site some data it claims it stole during a recent attack against Canon USA, according to the security firm
Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.
For a downloadable copy of IOCs, see STIX file.
US cybersecurity agency warns of fake COVID-19 Small Business Administration loan website (FOX 5 DC) The Cybersecurity and Infrastructure Security Agency (CISA) said an email that directs people to a fake SBA COVID-19 loan website has been stealing people’s information.
Scammers tell people they're fired or may have COVID-19 (USA TODAY) The Federal Trade Commission received 83,858 fraud reports through Aug. 9 relating to COVID-19 and economic stimulus. Consumers lost $105.7 million.
Ransomware Attacks Cornerstone Building Brands ($CNR) (MSSP Alert) Cornerstone Building Brands ($CNR), a provider of commercial and residential building supplies, discloses ransomware attack & investigation in SEC filing.
Email Phishing Scam Targets Maryland's Firearms Dealers (CBS Baltimore) A new email phishing scam is targeting Maryland's firearms dealers.
Refund emails from City of White Rock a ‘phishing’ scam (Peace Arch News) IT staff work to nullify security breach in ‘classic phishing campaign’
Blox Tales #12: Verizon Credential Phishing (Armorblox) This blog will focus on a credential phishing attempt where attackers sent an email resembling a secure message from Verizon Support. Clicking the email link took targets to Verizon lookalike site with a phishing flow that aimed to steal user IDs, Verizon passwords, phone numbers, and email account passwords.
Irony, thy name is SANS: 28k records nicked from infosec training org after staffer's email account phished (Register) Names, email addresses, phone numbers, job titles, company names, country of residence etc. pinched
Third Party Data Breach Exposes Personal Information of 7.5+ Million Users of 'Dave' Banking App (CPO Magazine) While there was no unauthorized access of user accounts for the third party breach, Dave’s users can expect phishing and identity fraud scams based on the information that was breached.
Bletchley Park's software supplier's computer system is hacked in data breach ransomware attack (Milton Keynes) Software containing personal details of Bletchley Park members and donors was attacked by hacker demanding a ransom.
FGCU, NCH among several hit with data breach to donor info (WINK NEWS) Several organizations in Southwest Florida, including FGCU NCH and the Pace Center for Girls, were affected by a data breach but say no sensitive information was taken. However, WINK News’ Safety & Security Specialist says a breach like this can have long-term consequences. FGCU indicates critical information from donors, such as social security numbers and …
NCH Healthcare System's donor database vendor falls victim to cyber attack (Naples Daily News) This is the second time in recent years that NCH has been the victim of cyberattacks.
Arnot Health employees potentially affected by Magellan Health ransomware attack (WETM) Approximately 1,150 Arnot Health employees’ and family members’ health insurance accounts may have been compromised in a data security incident involving Magellan Health,…
SEPTA Says No Rider, Employee Data Compromised During Malware Attack (LevittownNow.com) SEPTA's information technology systems have been impacted by a malware attack.
Here's what Flintshire Council has done after data breach saw details of hundreds of residents made public (The Leader) A COUNCIL has apologised and notified an information watchdog after a data breach saw the personal details of hundreds of respondents to a major…
Metropolitan Community College hit by ransomware attack (Kansas City Business Journal) The attacker had access to data between March and June. All those affected were contacted.
The Return of Anonymous (The Atlantic) The infamous hacker group reemerges from the shadows.
QAnon Followers Are Hijacking the #SaveTheChildren Movement (New York Times) Fans of the pro-Trump conspiracy theory are clogging anti-trafficking hotlines, infiltrating Facebook groups and raising false fears about child exploitation.
Security Patches, Mitigations, and Software Updates
Citrix Fixes XenMobile Vulnerability Found by Positive Technologies (News Break) Positive Technologies expert Andrey Medov has discovered a vulnerability in Citrix XenMobile enterprise mobility management solution. When following a specially crafted URL, attackers could read arbitrary files outside the web server root directory, including configuration files and encryption keys for sensitive data. To exploit the vulnerability, no authorization was needed.
Citrix Endpoint Management (CEM) Security Update (Citrix) Multiple vulnerabilities have been discovered in Citrix Endpoint Management (CEM), also referred to as XenMobile.
Signal adds message requests to stop spam and protect user privacy (ZDNet) New feature lets Signal users control who can text or voice call, add them to groups.
Cyber Trends
You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that (Register) Three little words: Patches, passwords, policies
Most security pros are concerned about human error exposing cloud data (Help Net Security) 93% are concerned about human error accidentally exposing their cloud data, according to a new Tripwire survey of security professionals.
2020 Cyber Threat Trends—Which Predictions Came True (Booz Allen Hamilton) An updated look at 2020's Cyber Threat Trends Report to see which cyber trends predictions have come true, including APTs, elections, drones, clones, malware, and more.
Report: Over half of the world's phishing attacks in Q1 2020 targeted Canadians (Insurance Business Magazine) Many of the cyber fraud attempts were related to the pandemic
Marketplace
Cybersecurity Firms Post Strong Quarter Despite Gloomy Economy (Wall Street Journal) The coronavirus pandemic and resulting lockdowns have left few bright spots in the global economy. The cybersecurity industry might be one of them.
OnSolve Announces Acquisition of Stabilitas, an AI-driven Intelligence Platform for Situational Awareness (Chronicle-Tribune) OnSolve, the global leader of mass notification and critical communication solutions for enterprise, small business, and government organizations, today announced the acquisition of Stabilitas, a situational awareness provider that leverages artificial intelligence and machine learning to identify adverse events, analyze the risks posed by those events, and provide stakeholders with actionable threat intelligence.
VMware lays off dozens of local workers in second 'workforce rebalancing' of 2020 (Silicon Valley Business Journal) A spokesman for the Palo Alto company said VMware was working to “realign resources and investments to opportunities at scale.”
Why Are So Many Former 8200 Members Successful Entrepreneurs? (Cyber Security Hub) The importance of having experience with cyber technology to performing well in the top cyber job is paramount. While we've been continuing to discuss a proactive posture, having defense in the blood is absolutely necessary at any level of cyber security.
5 Reasons Why A Cybersecurity Certification Is Worth It (Programming Insider) Hardly a few years ago, building a career in the IT sector was limited to mainframe computers and network support. IT professionals were only responsible for ensuring that the technology is working correctly within their
ByteDance in talks with India’s Reliance for investment in TikTok (TechCrunch) Chinese giant ByteDance is engaging in early discussions with Reliance Industries Limited, the parent firm of telecom giant Jio Platforms, for financially backing TikTok’s business in India in a move to potentially save the popular video app’s fate in its biggest market by users, two pe…
Calling All Hunters: FireEye Announces Bug Bounty Program (FireEye) To ensure we are continually improving our environment and security posture, FireEye is introducing its public bug bounty program specific to our corporate infrastructure.
Wheeler Appointed as Maritime Sector Chief at InfraGard San Diego (Security Today) Allied Universal®, has announced the appointment of Robert J. Wheeler, vice president – Aviation/Maritime Operations for Allied Universal’s National Government Services as Maritime Sector Chief at InfraGard San Diego.
Products, Services, and Solutions
iProov Partners With Evernym to Simplify Onboarding and Device Binding for Personal Identity Management (BusinessWire) iProov, the leading provider of biometric authentication technology for Genuine Presence Assurance, today announced its partnership with self-sovereig
TrueFort Partners with airloom to Expand into Australia and New Zealand Markets (BusinessWire) TrueFort chose airloom because they are trusted by Australia and New Zealand’s leading financial, insurance, retail, media and energy companies.
Cooler Screens Provides Consumers Better In-Store Experiences By Takin (PRWeb) Cooler Screens, the world’s largest in-store digital media platform at the retail point-of-sale, is bringing the best of online shopping to brick-and-mortar retail
Netpoleon strengthens cyber security portfolio with SentinelOne (ARN) Network security distributor Netpoleon has added cyber security platform SentinelOne to its portfolio.
TicTac Data Recovery & Cyber Security Partners with Comodo to Stop Ransomware with Auto Containment Technology (Yahoo) TicTac Data Recovery & Cyber Security partners with Comodo to stop ransomware with advanced endpoint protection and auto containment technology. Hear more from the largest data recovery company in Greece.
Juniper Sprinkles Mist AI, WiFi 6 Across AP Line (SDxCentral) Juniper Networks drove WiFi 6 and its recent Mist artificial intelligence (AI) updates up and down its access point (AP) lineup with four new APs targeted at different vertical markets.
Technologies, Techniques, and Standards
Staff Spotlight: NIST Usable Cybersecurity Security and Privacy of Smart Home Devices (NIST) In March, we highlighted the work that NIST conducts in...
Cloud Security Best Practices Report (Tripwire) To find out how organizations are making progress in cloud cybersecurity, Tripwire surveyed cybersecurity professionals about top concerns like risk management, configuration security, and cloud compliance.
Google, Facebook and Others Broaden Group to Secure U.S. Election (New York Times) More tech companies met with government agencies on Wednesday to fight disinformation on social media.
Legacy Systems: Seven Things to Know When Sunsetting (Security Intelligence) Phasing out a legacy system is not an easy task; learn what you need to consider to replace your legacy system and build better security protocols.
Design and Innovation
How Facebook and Other Sites Manipulate Your Privacy Choices (Wired) Social media platforms repeatedly use so-called dark patterns to nudge you toward giving away more of your data.
Research and Development
StackRox Receives DHS S&T Silicon Valley Innovation Program Phase III Award to Deliver Container and Kubernetes Security to Financial Service Institutions (StackRox) Collaboration between StackRox and DHS S&T Enables Financial Services Sector to Protect Critical Cloud-Native Applications
DARPA wants stronger security for Internet of Things devices (C4ISRNET) The Pentagon research arm wants quantum-resistant cryptography.
Quantum communication takes a major leap with satellite-based experiment (Space.com) A new experiment increases the distance between two communicating parties from 62 miles (100 km) to 756 miles (1,200 km.)
The Army wants to reduce electronic signatures of its command posts (C4ISRNET) Command Post survivability and mobility is a major focus of the next set of new network tools.
Academia
Stafford summer camp gives teens hands-on lessons in drones, robots and cybersecurity (Fredericksburg.com) American Cyber League offers summer camp at Quantico Cyber Hub to interest teens in cyber careers.
Legislation, Policy, and Regulation
Why haven’t we ‘solved’ cybersecurity? (Federal News Network) We won’t achieve holistic cybersecurity anytime soon without empowered national leadership, an understanding of the problems we need to solve, a comprehensive roadmap for prioritizing efforts that…
Democracy’s Squad: India’s Change of Heart and the Future of the Quad (War on the Rocks) In November 2017, an international grouping left for dead a decade earlier was brought back to life. Amid mounting concerns over China’s increasingly
Analysts Predict 'More Heat' for TikTok, Huawei as Indians Get Cautious About Choosing Chinese Firms (Sputnik) New Delhi (Sputnik): Following India’s ban on a total of 121 Chinese apps, TikTok’s parent company ByteDance has reportedly frozen hiring in the country. Although the...
TikTok users 'voluntarily' giving their data to China, Justice official says (CyberScoop) U.S. officials have repeatedly expressed concern that China could use the 2014 and 2015 hacks of the Office of Personnel Management and health care insurer Anthem to build data profiles on Americans for intelligence recruitment (allegations Beijing denies). But TikTok, the popular video-sharing application, is a different type of data collection opportunity for China because Americans are willingly handing the information over, a senior Department of Justice official alleged Wednesday.
The Cybersecurity 202: The TikTok ban is just a proxy battle in the U.S.-China tech war (Washington Post) Does President Trump’s plan to ban TikTok over national security concerns seem a little over the top for an app where teenagers share silly dance videos? Think about it as a proxy battle in an increasing tense conflict over whether China or the West will control the future of technology.
WSJ News Exclusive | Corporate America Worries WeChat Ban Could Be Bad for Business (Wall Street Journal) More than a dozen major U.S. multinational companies raised concerns in a call with White House officials Tuesday about the potentially broad scope and impact of Mr. Trump’s executive order targeting WeChat.
Litigation, Investigation, and Law Enforcement
3 Nigerians indicted for stealing personal information from Minn. company, then filing fake tax returns (Star Tribune) Three Nigerian nationals stole W-2 and other personal information from Bloomington firm as part of a tax fraud scheme.
When Private Security Cameras Are Police Surveillance Tools (Wired) Civil rights activists warn of "mission creep," as cameras installed to prevent break-ins are increasingly used to monitor protesters and communities of color.
Kentucky Rep. Comer Blasts Twitter Response To Hacking (Law360) Republican Rep. James Comer criticized Twitter's "alarming" response to a major hack in July that affected high-profile accounts, raising concerns in a letter to its CEO Jack Dorsey about the social media giant's ability to protect the security of its users.
Class action complaint filed in response to BJC data breach (STLtoday.com) The complaint argues that BJC did not make sufficient efforts to protect patients' data, and seeks to establish a class action case on behalf of patients impacted by the incident.
Disbarred Fla. Atty Gets Cyberstalking Injunction Overturned (Law360) A recently disbarred attorney won reversal of an injunction that the Florida Supreme Court cited in its decision to rescind her license, with a state appeals court finding Wednesday that harassing online posts she directed at another attorney did not meet the definition of cyberstalking under state law.