Cyber Attacks, Threats, and Vulnerabilities
Suspected Iranian hacking campaign targets European energy companies (ZDNet) Researchers at Recorded Future have linked trojan malware intrusions and espionage to a state-backed hacking operation working out of Iran.
European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019 (Recorded Future) Insikt Group identified a PupyRAT C2 server communicating with a mail server for a European energy sector organization starting late last year.
Saudi foreign minister calls claim that Crown Prince hacked Bezos phone 'absurd' (Reuters) Saudi Arabia's Foreign Minister Prince Faisal bin Farhan Al Saud said on We...
As Mohammed Bin Salman Allegedly Hacked Jeff Bezos, A Network Of Accounts On Twitter Were Pushing Saudi Propaganda (BuzzFeed News) A UN official said the goal is “intimidating, creating fear, and ultimately controlling or silencing.”
Opinion | Jeff Bezos’s Phone Hack Should Terrify Everyone (New York Times) Those with the most to lose don’t always safeguard their privacy very well. You can do better.
The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks (Unit42) Unit 42 observed several malware families typically associated with the Konni Group primarily targetting a US government agency at the height of the US interacting with North Korea.
Euro Cup and Olympics Ticket Reseller Hit by MageCart (BleepingComputer) Site belonging to a reseller of tickets for Euro Cup and the Tokyo Summer Olympics, two major sports events happening later this year, have been infected with JavaScript that steals payment card details.
FDA issues cybersecurity warning on GE medical equipment that monitors patients (CNBC) The Food and Drug Administration released a warning on Thursday to health-care providers, facilities and consumers about a vulnerability in certain electronic health-care data equipment made by General Electric.
GE CARESCAPE, ApexPro, and Clinical Information Center systems (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: GE
Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 Monitors
Vulnerabilities: Unprotected Storage of Credentials, Improper Input Validation, Use of Hard-coded Credentials, Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Inadequate Encryption Strength
Security Advisory for Signed TLS Certificate Private Key Disclosure on Some Routers, PSV-2020-0105 (NETGEAR) NETGEAR is aware of a Transport Layer Security (TLS) certificate private key disclosure vulnerability on the following product models:
R8900
R9000
RAX120
XR700
These products use Certificate Authority-signed certificates to provide secure HTTPS access to the router web interface. You might see a security certificate error or warning when you try to access your router’s web interface using HTTPS.
NETGEAR plans to release firmware hotfixes for all affected products as soon as possible.
That text you got about a package isn’t from FedEx. It’s a scam. (Washington Post) The ‘smishing’ campaign starts by asking users to set up delivery preferences and ends with a request for credit card information
()
LastPass Mistakenly Removes Extension from Chrome Store, Causes Outage (BleepingComputer) An accidental outage was caused by LastPass yesterday by mistakenly removing the LastPass extension from the Chrome Web Store, leading to users seeing 404 errors when trying to download and install it on their devices.
US County Suffers Two Cyber-attacks in Three Weeks (Infosecurity Magazine) Albany County has been targeted twice in three weeks by cyber-criminals
Cyber attack knocks Tillamook County employee computers offline (KGW) The computer problem was noticed Wednesday morning and affects both computer and phone systems
Security Patches, Mitigations, and Software Updates
Citrix: These are new patches for your vulnerable servers (ZDNet) Citrix has released a fresh set of patches for ADC and NetScaler bug, with more patches due out tomorrow.
()
Sonos’s tone-deaf legacy product policy angers customers (Naked Security) Stopping software updates for legacy kit is nothing new, but it’s the way the company has done it that has Sonos customers’ hackles up.
Cyber Trends
Von Spaß-Hackern zur organisierten Kriminalität (IT-BUSINESS) Die Hacking-Versuche von früher waren der unschuldige Anfang der kriminellen Untergrundszene von heute. Laut Kai Figge von G Data spielt Künstliche Intelligenz sowohl auf der hellen wie auch auf der dunklen Seite des Internets eine immer wichtigere Rolle.
5G promises faster speeds and greater security risks (TechRepublic) TechRepublic's Karen Roby talks with Radware exec Mike O'Malley about the growing security risks that accompany 5G for providers, smart cities, and the enterprise.
The terrifying power and reach of the unregulated $12bn spyware industry (The Telegraph) Joaquín Archivaldo Guzmán, known as El Chapo, was holed up in the Mexican city of Los Mochis, Sinola.
The Cybersecurity 202: Disinformation threat pushes Doomsday Clock closer to midnight (Washington Post) Online disinformation campaigns are not just a threat to the 2020 election. They may be a harbinger of the end of the world.
Current Time - Bulletin of the Atomic Scientists (Bulletin of the Atomic Scientists) It is 100 seconds to midnight.
The State of Vulnerabilities in 2019 | Imperva (Imperva) As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrating it into a single repository, and assessing each vulnerability’s priority. …
Voice of the Channel and 2020 Predictions (Untangle) The latest Untangle survey explored the current state and trends of Channel Partners. Untangle surveyed a segment of these international security professionals to understand current cybersecurity trends the channel is seeing, as well as their predictions
Marketplace
Should Investors Trust the Cybersecurity Sector? (TheStreet) A former NYSE trader weighs in on the cyber security sector.
Cybersecurity SPAC SCVX Corp. files for a $200 million IPO (Nasdaq) SCVX Corp., a blank check company led by industry veterans targeting the cybersecurity sector, filed on Monday with the SEC to raise up to $200 million in an initial public offering. The Washington, DC-based company plans to raise $200 million by offering 20 million units at $10
CloudKnox Secures $12M in Funding to Further Accelerate Customer Growth and Product Innovation (CloudKnox) CloudKnox Security, a leader in identity authorization for hybrid and multi-cloud environments, today announced that it closed $12M in a new round of funding. Led by Sorenson Ventures with participation from early investors, including ClearSky Security, Dell Technologies Capital and Foundation Capital, the round brings CloudKnox’s total funding to $22.75M.
White Ops Adds Former FBI Computer Scientist Dr. Russell Handorf as Principal Threat Intelligence Hacker (BusinessWire) White Ops, the global leader in bot mitigation, verifying the humanity of more than 1 trillion digital interactions per week, today announced the appo
Products, Services, and Solutions
SlashNext Announces Multi-Vector Phishing Protection Solutions For Mobile Devices And Endpoint Web Browsers (PR Newswire) SlashNext, a leading provider of real-time anti-phishing and incident response solutions, today announced two new products designed to protect...
LocatorX Launches Product Certificate Authority™ to Fight Product Counterfeiting (Globe Newswire) LocatorX, which provides accurate, inexpensive and flexible tracking technology to companies across a variety of industries, today announced the launch of its Product Certificate Authority™ (PCA) solution to further help manufacturers, retailers and consumers fight product counterfeiting at every level.
Invixium Launches IXM WEB 2.1, an All-in-One Platform for Access Control and Workforce Management (Invixium) Revolutionary new software IXM WEB 2.1 will be available to existing customers with an Annual Support Contract (ASC).
Ooh, watch out Google. You've got competition. Verizon has a new 'privacy-focused' search engine (Register) Yep, the Verizon that sold subscribers' location data
Technologies, Techniques, and Standards
Mitigating Cloud Vulnerabilities (National Security Agency) While careful cloud adoption can enhance an organization’s security posture, cloud services can introduce risks that organizations should understand and address both during the procurement process and while operating in the cloud.
Deployed 82nd Airborne unit told to use these encrypted messaging apps on government cell phones (Military Times) “Unfortunately, those apps are more secure than texting in the clear, which is more or less the alternative. Granted, if a hostile party has access to the handset, that encryption isn’t particularly helpful.”
Elections Globally Are Under Threat. Here's How to Protect Them (Wired) A new report calls for safeguards to reduce the dangers posed by misinformation, online extremism, and social media manipulation.
Inside the World's Highest-Stakes Industrial Hacking Contest (Wired) At Pwn2Own, hackers had no trouble dismantling systems that help run everything from car washes to nuclear plants.
Design and Innovation
DEVCON Announces Protect Elect 2020: Providing Free Access to Security Software For Media Companies (MarTechSeries) Industry-Leading Influencers and 10 Major Fortune 500 Media Companies to Launch Public Research Initiative to Defeat the Weaponization of Marketing
Research and Development
Projects funded for autonomous vehicle cyber security (The Engineer) Seven projects whose participants include Honda, Thales and WMG have won funding to develop cyber security solutions for connected and autonomous vehicles.
Academia
CSU offering new cybersecurity degree (https://www.wtvm.com) CSU’s nexus cybersecurity degree will give students hands-on experience in efforts to fill positions with qualified candidates.
IU Maurer cybersecurity programs keep pace with technology (The Indiana Lawyer) In his practice at Mallor Grodner in Bloomington, attorney D. Michael Allen is seeing more and more cases that have a digital component. While he learned on the job, he also enrolled in the IU Maurer School of Law cybersecurity master’s program.
UT Dallas announces cybersecurity degree program (impact) Implementation of the program was motivated by the rising threat of cyber attacks, according to the university.
Students learn about the growing industry of cybersecurity (KGNS) The twisted, dark web was a topic of conversation for students while being educated on the dangers of modern-day technology.
Terre Haute college ranks as one of the best for its cybersecurity program (WTHI News) Some of the nation's best in cybersecurity are coming out of Terre Haute.
Enhancing a law enforcement career with a Penn State cybersecurity education (Penn State University) With a law enforcement career spanning more than 20 years and an established private investigations firm of his own, Ron Long could be considered an expert in the field of investigative work. Now, he’s pursuing a degree in security and risk analysis through Penn State World Campus to better understand how the internet is changing the dynamic of police and investigative work in the country.
Legislation, Policy, and Regulation
Why the Saudi Crown Prince Needs Cyberweapons (Yahoo) It’s hard to underestimate just how much damage Crown Prince Mohammed bin Salman of Saudi Arabia has done to his country in the last 15 months. Yet it’s also difficult to see how the U.S. can defend its interests in the region without his cooperation.
Canada ready to 'impose costs' on malicious cyberactors, advisers tell Trudeau - 660 NEWS (660 NEWS) Canada will work with allies to strike back at foreign cyberattackers and “impose costs” that make them understand the price of their wrongdoing, advisers have told Prime Minister Justin Trudeau. “Malicious state-sponsored cyber acts affect national security and economic prosperity interests,” says a newly released briefing note to Trudeau on the dangers to Canada from the …
Brussels steps up disinformation fight, Facebook warns of free expression (New Europe) Facebook has warned over freedom of expression as the European Union considers measures to stop disinformation campaigns across online platforms.
Nick Clegg, Facebook’s VP for Global Affairs warned that in the online world, “the scope of what we deem to be acceptable speech has narrowed over rece
Media Freedom Groups Express Unease Over Ukrainian Disinformation Bill (RadioFreeEurope/RadioLiberty) Media freedom watchdogs and journalists’ associations are expressing concern over a bill aimed at combating Russian disinformation.
()
Outdated laws put UK's cybersecurity at risk: report (Andalou Agency) Laws meant to prevent hacking also expose cybersecurity researchers to risk of prosecution, says CLRNN - Anadolu Agency
Huawei is a cyber-security risk (The Economist) But risks can be managed
Pentagon Blocks Clampdown on Huawei Sales (Wall Street Journal) The Commerce Department has withdrawn proposed regulations making it harder for U.S. companies to sell to Huawei from their overseas facilities following objections from the Pentagon and the Treasury Department.
What new documents say about US-partner cyber operations (Fifth Domain) New documents made available through Freedom of Information Act shed light on anti-ISIS cyber operations.
The Big Change in Cybersecurity Regulation That No One Is Talking About (JD Supra) The close of 2019 witnessed a significant development in data security law that impacts companies regulated with respect to or engaged in the trading...
Iran tension ‘heightened awareness’ for state and local cybersecurity, CISA chief says (StateScoop) Chris Krebs, the Department of Homeland Security’s top cybersecurity official, told a group of mayors to use the moment as an opportunity to improve their defenses against ransomware.
States name three ways feds can help with cybersecurity (StateScoop) NASCIO is still looking for regulatory reform, along with the passage of two cybersecurity aid bills.
Information sharing anchors CISA crisis response strategy (Federal News Network) CISA thinks of itself as the nation’s risk advisor. To that end, Director Chris Krebs shared five areas of focus for the next few years, and six tips for a successful cybersecurity program.
After Russian Hack Of Illinois Voter Database In 2016, State Beefed Up Election Cybersecurity (CBS News) Three-and-a-half years after a Russian breach of voter databases, the fight against foreign influence on voters continues nationwide.
Mendocino County increasing preparations to combat cybersecurity threats (The Ukiah Daily Journal) The Mendocino County Board of Supervisors on Tuesday heard a presentation on the growing threat to cybersecurity in Mendocino County and what the county can do to protect itself from cyberattacks i…
A bill to amend the Foreign Intelligence Surveillance Act of 1978 to protect privacy rights, and for other purposes. (US Senate) Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
3 SECTION 1. SHORT TITLE; TABLE OF CONTENTS.
4 (a) SHORT TITLE.—This Act may be cited as the
5 ‘‘Safeguarding Americans’ Private Records Act of 2020’’.
Secret Service to launch private-sector cybercrime council (CyberScoop) The Secret Service has recently hand-picked a small group of private-sector cybersecurity experts to advise the agency’s investigations team on how it can better take down cybercriminals, CyberScoop has learned.
How to eliminate ransomware: No one pay, ever. And get compensation (SC Magazine) In 2020 “A local government somewhere will ban public-sector ransomware payments,” suggested Markus Braendle, CEO, Airbus CyberSecurity. Now extrapolate that thought.
Litigation, Investigation, and Law Enforcement
How a Russian disinfo op got Trump impeached (POLITICO) The Kremlin may have been laying the groundwork for blaming Ukraine for 2016 as early as 2015.
()
U.N. Suggests Bezos’ Phone Was Hacked Using Saudi Crown Prince’s Account (Wall Street Journal) Two United Nations officials called for further investigation into the alleged hacking of Washington Post owner Jeff Bezos’ phone, suggesting it was an attempt to influence news coverage of Saudi Arabia.
Think Your iPhone 11 Is Secure? FBI Cracks Through Apple's 'Walled Garden,' Again (International Business Times) FBI has been repeatedly requesting Apple for unrestricted access to its iPhones since the 2015 San Bernardino shooting.
()
A la carte Phone Hacking Is Scary, But Better Than Government Backdoor | Digital Trends (Digital Trends) Law enforcement says it's easier than ever to break into a person's phone, even as the government continues to demand encryption backdoors. But a private company hacking your phone is still better than your government having full access, say ex-NSA and ex-CIA analysts.
Warren calls for Brazil to drop charges against Glenn Greenwald (TheHill) Sen. Elizabeth Warren (D-Mass.) called on Brazil to drop cyber crime charges against an American journalist who reported on leaked cell phone messages from Brazilian officials in a story raising concerns about corruption inside the government.
Analysis | The Cybersecurity 202: Glenn Greenwald says Brazil charges are part of a global trend to criminalize journalism (Washington Post) Even in democracies, the American journalist says, "there’s a real struggle to make the law fit criminalizing leaks of this sort.”
Another Poor Cybersecurity Audit at State Department Draws Scrutiny (Nextgov.com) Auditors have been reporting weaknesses in IT security controls for over a decade.
Equifax Breach Affected 147 Million, but Most Sit Out Settlement (New York Times) A little more than 10 percent of consumers affected by the Equifax breach had made settlement claims as of Dec. 1.
Lawsuit: Lax cybersecurity let hackers get away with $1.7M (MahoningMatters.com) A Boardman manufacturer suffered a "catastrophic" cybersecurity breach in January 2018, according to a new civil suit.
Another Methbot suspect, Sergey Denisoff, arrested more than a year after initial charges (CyberScoop) U.S. police have arrested another suspect in connection with an advertising fraud conspiracy that relied on run-of-the-mill hacking techniques to scam American companies out of roughly $30 million, according to new court documents.
Wells Fargo Ex-CEO Banned, to Pay $17 Million in Fake-Account Scandal (Wall Street Journal) A regulator barred John Stumpf from the banking industry over the firm’s fake-accounts scandal, an extraordinary sanction for a top executive at a large bank.
Metropolitan Police to roll-out live facial recognition across London (Computing) Met plans to use live facial recognition at 'specific location' in London to 'help protect the vulnerable'