Cyber Attacks, Threats, and Vulnerabilities
Ex-IDF Intelligence official: Russian cyber, disinformation trends converge with vaccine (The Jerusalem Post) Russian President Vladimir Putin is interested in depicting his country as winning the vaccine race.
US Army report says many North Korean hackers operate from abroad (ZDNet) US Army says many North Korean hackers are actually located outside the hermit kingdom, in countries like Belarus, China, India, Malaysia, and Russia.
Why insurance companies might be stuck paying ransoms to North Korean hackers | NK News (NK News - North Korea News) The Lazarus Group, North Korea’s premier hacking team, appears to have started using ransomware to attack victims and extort money out of them, according to a recent analysis by Kaspersky Labs, a cybersecurity company. Ransomware attacks typically involve deploying malware on a computer system that blocks access to it unless a ransom is paid. While …
()
Turkish Hackers Launch Cyberwar Against Greek Government Websites (Greek Reporter) Turkish hackers attacked the website of the Region of Eastern Macedonia and Thrace on Tuesday uploading a photo of the Turkish research vessel Oruç Reis
Nearly 9,000 GC Key accounts were hacked during CRA cyber attack, feds say (Global News) Watch Nearly 9,000 GC Key accounts were hacked during CRA cyber attack, feds say Video Online, on GlobalNews.ca
Canadians can 'learn from this lesson': Cyber security expert (BNN) The Canada Revenue Agency’s online services remain suspended after 5,500 accounts were affected in cyberattacks disclosed over the weekend. Scott Jones, Head of the Canadian Centre for Cyber Security joins BNN Bloomberg to weigh in. He discusses ways in which Canadians can avoid being hacked.
Swiss state-owned companies targeted by phishing scams (SWI swissinfo.ch) Swiss Post and the national railway operator have warned their clients about fake emails asking for personal passwords, credit card numbers or cash payments.
New Attack Alert: Duri (Menlo Security) Menlo Security has been closely monitoring a novel attack we are naming “Duri,” which leverages Data URLs to download malicious files to users’ devices. Fortunately, Menlo Security’s isolation stops the attack from infecting the endpoint. Here’s what we know.
US Government Agencies Issue Alert Over Taidoor Malware Attack in Chinese Cyber Espionage Campaigns (CPO Magazine) Three US government agencies issue a joint alert over Taidoor malware attack in Chinese cyber espionage campaigns targeting governments and organizations.
Phishing with Canva: Bad Guys Exploit Graphic Design Platform (KnowBe4) Phishing with Canva: Bad Guys Exploit Graphic Design Platform
New phishing campaign abuses a trio of enterprise cloud services (BleepingComputer) A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login credentials.
TeamTNT is the first cryptomining bot that steals AWS credentials (Security Affairs) Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since […]
Updated cryptojacking worm steals AWS credentials (Help Net Security) A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals AWS credentials.
()
Carnival hit by ransomware attack, guest and employee data accessed (Reuters) Cruise operator Carnival Corp said on Monday it launched an investigation into a ransomware attack on one of its brand's information technology systems.
Cruise operator Carnival hit by ransomware (CyberScoop) Carnival, the world’s biggest cruise line operator, suffered a ransomware attack on Saturday that exposed personal data on customers and employees, the company said in a Securities and Exchange Commission filing.
Carnival Corporation hit by ransomware cyber attack (Proactiveinvestors UK) The attack gained unauthorized access that also included the download of certain data files.
Carnival Corp launches probe after detecting ransomware attack (Deccan Herald) Carnival Corp said on Monday it launched an investigation after the cruise operator detected a ransomware attack that accessed and encrypted a portion of information technology systems of one of its brands. Carnival, which operates AIDA, Carnival and Princess cruises among others, in a filing said
()
Business technology giant Konica Minolta hit by new ransomware (BleepingComputer) Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned.
Cyber attack shuts Konica Minolta production for a week (Business Insurance) Japanese technology firm Konica Minolta Inc. suffered a ransomware attack at the end of July, downing its product supply and support site for nearly a week.
'EmoCrash' Exploit Stoppered Emotet For 6 Months (Threatpost) A researcher developed a killswitch exploiting a buffer overflow in Emotet – preventing the malware from infecting systems for six months.
()
Ransomware Hits Leading US Medical Debt Collector R1 RCM Inc. (HackRead) Previously, R1 RCM Inc., under different name had several incidents involving thefts of laptops containing unencrypted patient data.
UCI cyber-physical security researchers highlight vulnerability of solar inverters (University of California Irvine) Device hidden in a coffee cup could destabilize the power grid, triggering a blackout
Vulnerability Summary for the Week of August 10, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Cyber attack forces Ponca City Public Schools to delay first day of classes (KOKH) Ponca City Public Schools announced it will be delaying the first day of school due to a cyber attack. According to reports, the district's servers were attacked by ransomware. RELATED |Moore student attends 1st day of school after testing positive for COVID-19. Officials say all student data was encrypted; however, student or personnel personal or financial information was not disclosed. Reports say the district is currently working with an FBI cyber-security unit to combat further attacks.
Ponca City Public Schools Address Cyber Attack (News on 6) Ponca City Schools said it’s working with the FBI and rebuilding the data that was lost, after the district’s network was attacked by hackers over the weekend.
Security Patches, Mitigations, and Software Updates
Microsoft Put Off Fixing Zero Day for 2 Years (KrebsOnSecurity) A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem.
Cyber Trends
Almost 40% of businesses have sacked staff due to a breach of company cybersecurity policy since the start of the COVID-19 outbreak (Centrify) 39% of UK business decision makers have admitted to dismissing staff members due to a breach of company cyber security policy since the start of the COVID-19 outbreak, according to new research from Centrify, a leading provider of Identity-Centric Privileged Access Management (PAM) solutions.
More than 90% of Global Airlines Exposed to Email Fraud Risk (Proofpoint) The COVID-19 pandemic saw international travel halted and while many regions are still unable to travel, a number of countries worldwide are slowly ungrounding their airlines.
Cybercriminals Appear to Back off From Coronavirus Scams | The Record by Recorded Future (The Record by Recorded Future) As the coronavirus outbreak brought the U.S. and many other countries to a standstill earlier this year, cybercriminals circulated COVID-19
During the pandemic a digital crimewave has flooded the internet (The Economist) The rush to remote working has outpaced cyber-security
Study Reveals 62% of Blue Teams Struggle to Catch Red Teams in Adversary Simulation Exercises (BusinessWire) Exabeam today released new research that reveals 62% of blue teams struggle to catch red teams in adversary simulation exercises.
There’s a growing blind spot for your security team during the pandemic: IoT devices (ZDNet) Businesses may not be able to dictate what devices employees keep on their home networks, there are still many options available to IT departments to protect company assets.
Why do healthcare organizations have a target on their back? (Help Net Security) Healthcare organizations are a big target. They need to understand the interconnected relationship between cybersecurity and patient care.
A Big Miss: Just 21% of Organizations Use Cloud Access Security Brokers (Channel Futures) A new Cloud Security Alliance report commissioned by Proofpoint identifies the gaps in the use of cloud security access brokers.
Kiwis warned of cyber apathy (Reseller News) New Zealanders’ concern about hacking and viruses has declined in the last year, from 48 per cent of the population being 'seriously concerned' in 2019, down to 40 per cent this year.
Marketplace
Advent International Completes Tender Offer for Shares of Forescout Technologies (BusinessWire) Advent International (“Advent”), one of the largest and most experienced global private equity investors, and Forescout Technologies, Inc. (“Forescout
Well Health acquires services division of cybersecurity startup Cycura for $2.55 million (BetaKit) Well Health Technologies, a publicly-traded healthtech company, has acquired the services division of Toronto-based cybersecurity startup Cycura.
Keeper Security Closes $60 Million in Growth Funding (Keeper Security) Investment supports continued global expansion and positions Keeper to address critical, growing need for essential cybersecurity solutions. Trusted by over one million customers globally, Keeper will use funding to accelerate product innovation and global sales for its identity and access management solutions.
Insight-led $60M Investment Gives Keeper Security Room To Grow (Crunchbase News) This is Keeper's first equity raise. Its cybersecurity platform prevents password-related data breaches and cyberthreats.
Cyware Raises $10M for its Cyber Fusion Solution to Automate Threat Intelligence and Response (PR Newswire) Cyware, the leading provider of cyber fusion solutions, has raised a $10 million Series A round to enhance its threat intelligence automation,...
Xalles Holdings Inc. (OTC Stock Symbol: XALL) completes acquisition of Adaptive Metadata Solutions and is projected to generate at least $5 million in revenue for 2020 | MarketScreener (SURPERFORMANCE) XALL has a beautiful chart and it ready for the next leg up. First exclusive implementer of U.S. Bank's PowerTrack service, from first transaction to world's largest transportation payment.
Boulder’s NDP LLC inks $80M Space Force cybersecurity contract (Boulder Daily Camera) Net-centric Design Professional LLC announced it was recently awarded an $80.3 million contract to provide cybersecurity services for the U.S. Space Force.
Keyfactor Ranks as Fastest Growing Digital Key and Certificate Automat (PRWeb) Keyfactor, the leader in crypto-agility solutions, ranked as fastest growing digital key and certificate automation provider on the 2020 Inc. Magazine Inc. 5000,
Oracle shows interest in TikTok (Computing) Oracle's interest in buying TikTok poses a threat to Microsoft's play for the app
Afilias Joins Global Encryption Coalition to Promote Internet Security (PR Newswire) Afilias, the world's second largest domain name registry, today announced that it has joined the Global Encryption Coalition...
How arms dealers might have snuck into your cybersecurity ETF (Wealth Manager) New research shows that companies with revenues drawn from this controversial industry often fall into this fast-growing sector.
StackRox Expands in EMEA to Meet Global Demand for Kubernetes-Native Security (PR Newswire) Virtual KubeCon EU -- StackRox, the leader in container and Kubernetes security, today announced it has launched operations in EMEA to provide...
Kris Hansen appointed to new APAC role with Thycotic (ITWire) Privileged access management (PAM) solutions provider Thycotic has appointed Kris Hansen as Strategic Alliance Director, APAC. Hansen was previously Thycotic’s Director of International MSP Sales and the company says that in his new role he will work with every major systems integrator (SI) and mana...
Infocyte Appoints Virginia Satrom as Vice President of Marketing (Infocyte) Infocyte announced today that it has expanded its executive leadership team with the appointment of Virginia Satrom as Vice President of Marketing.
CACI taps former Raytheon exec to lead national security business (Washington Business Journal) Todd Probert will lead the Arlington company's National Security and Innovative Solutions (NSIS) sector, succeeding Kevin Kelly.
Products, Services, and Solutions
()
Asigra Announces Deep MFA Backup System Cyber Defenses (Global Security Mag Online) Asigra Inc. announced general availability of Asigra Cloud Backup with Deep MFA, making it among the most heavily defended backup platforms on the market. Deep Multi-Factor Authentication provides mission-critical layers of protection to secure policy settings and controls to prevent backup data deletions or malicious encryption caused by the use of malware (including ransomware) by criminal organizations or human error.
Companies Team Up to Offer Cloud Auditing Certificate (Infosecurity Magazine) Cloud Security Alliance and ISACA to bring Certificate of Cloud Auditing Knowledge to market
Barracuda Re-engineers SD-WAN for Cloud-native (CDOTrends) New Barracuda CloudGen WAN service directly targets top public cloud security concerns.
Vodafone launches security service for laptops to combat cyber threats (Mobile News) The service is available to businesses of all sizes
Fornetix’s VaultCore™ Now an Embedded Security Solution (PRWeb) Fornetix, LLC today announced the selection of Dell Technologies Design Solutions to deliver its VaultCore™ encryption key management system on Dell Technolo
Idemia NSS advances in Base of the Future AFWERX challenges with biometric identity checks (Biometric Update) Idemia National Security Solutions (NSS) is providing biometric technology as one of the 92 finalists in the Base of the Future AFWERX Challenges run by the U.S. Air Force and the Department of Def…
Recorded Future Launches News Site to Tell the Untold Stories of Cyber Intelligence (Recorded Future) Recorded Future, the largest security intelligence provider, today announced that it has launched The Record by Recorded Future. The cyber intelligence news site will expertly source stories from the Recorded Future Security Intelligence Platform and global research analysts, and the broader cybersecurity community. Editorial content will tell the untold …
Netsurion Adds Deep Learning-Based Endpoint Threat Prevention with Deep Instinct Partnership (Netsurion) The partnership with Deep Instinct significantly bolsters Netsurion’s ability to provide the four layers of the predict, prevent, detect, and respond cybersecurity model to all elements of a corporate network.
Tenable Enhances Industry’s First Unified Solution for Reducing Risk in Converged IT/OT Environments (GlobeNewswire) Tenable.ot now uses industry’s #1 vulnerability assessment solution, Nessus, to secure OT and IT assets in a single solution
GroupSense Offers Special Package of Services to Protect Elections from Misinformation, Disinformation and Cyber Attacks (PR Newswire) GroupSense, a threat intelligence company, today announced a special package of its Election Threat Protection offering for state and city...
Thycotic Releases Next-Gen Identity Bridge to Accelerate Adoption of Key Enterprise Platforms (PR Newswire) Thycotic, a provider of Privileged Access Management (PAM) solutions for more than 10,000 organizations worldwide, including 25 of the Fortune...
Protegrity Achieves Certification on Cloudera Data Platform (BusinessWire) Protegrity, the data-security solutions provider, today announced that it has been certified on the Cloudera Data Platform (CDP). Protegrity’s data-pr
Saviynt Delivers Multi-Cloud & Google Cloud Platform Support in New Cloud PAM Release (Odessa American) Saviynt ( www.saviynt.com ), a Gartner leading cloud-first Identity Governance and Administration solution, today announced a significant update to their Intelligent Identity Platform.
Zerto Announces Membership in CNCF to Support the Growth and Evolution of the Cloud Native Ecosystem (BusinessWire) Today, Zerto announced its membership to the Cloud Native Computing Foundation, which builds sustainable ecosystems for cloud native software.
Kasten's Capabilities to Scale Cross-Border Hybrid Cloud Deployments (Kasten) Kasten: Advanced Backup Automation & Infrastructure Portability Capabilities Support Growing Kubernetes Adoption in Europe & Regional Data Sovereignty Laws
Senserva Debuts Security Platform for Managing Microsoft 365 and Azure Active Directory Accounts with Deep Security and Compliance Risk Assessment (Senserva) SenservaPro Delivers an Incredibly Fast and Rich Interactive User Interface for Easily Identifying Areas Needing Security Focus on Environments of Any Size
KnowBe4 Launches New Research Arm With First Report on Security Culture (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has launched a new...
Technologies, Techniques, and Standards
Don't Remove Stalkerware Before Reading This Article (Security Intelligence) Handling stalkerware apps in an enterprise setting should be done carefully. Find out what makes stalkerware different from other attacks.
CISA hosts Cyber Storm 2020 with government, industry and international partners (Security Magazine) The Cybersecurity and Infrastructure Security Agency (CISA) was joined by government, industry and international partners for Cyber Storm 2020, a national cyber exercise designed to simulate response to a cyber crisis impacting the nation’s critical infrastructure.
Election insecurity: Why just a handful of counties has the U.S. cybersecurity watchdog worried (NBC News) Experts are focused on newer types of attacks such as ransomware — and the possible domino effect that a few attacks could have on the nation's faith in the election.
Are You Using the Full Potential of Your SOC? 5 Trends That Will Reshape Modern Security Operations (Bitdefender) As cybercrime methods have become more sophisticated, so has the structure of the organizations behind them.
Remote working means appreciate your system administrator (Includes interview) (Digital Journal) If your network is secure, your computer is up and running, and your printer is jam-free during the COVID-19 pandemic, this will be a sign that you have an efficient IT department, says Raif Mehmet, VP EMEA at Bitglass.
How to handle Amazon S3 bucket pen testing complexity (SearchCloudSecurity) Amazon S3 bucket pen testing is distinct from traditional pen testing in that it's not always possible to remediate the flaws found. Security researcher Benjamin Caudill discussed the challenges of AWS pen testing and what skills will help cloud security pros succeed in the arena.
The Security Case for Containerized Cloud Architecture (Container Journal) Cloud-based containerized architecture is critical for cybersecurity and is especially relevant in the era of remote work As COVID-19 cases spike across
Prevent-ilation: Airing out the Myths of Preventing Cyber Attacks (Infosecurity Magazine) There is no foolproof method to ensuring you do not experience sinister cyber activity
Introducing Intrinsic Cybersecurity (CIO) Security, like other IT processes, has been compartmentalised at businesses.
()
()
Design and Innovation
Israel, US seek to fund joint projects in energy cybersecurity (Times of Israel) Companies, research institutes, and universities are called to apply for funding to develop tools and tech in the field of cybersecurity for critical energy infrastructure
Research and Development
South Korea Academics to Use IOTA for Provenance as a Way of Improving Healthcare Supply Chain (BTC Manager) An academic team from the Department of Computer Engineering, Kyung Hee University, Yongin, is developing an IOTA-based system to improve the supply chain of medical equipment with support from the Institute of Information & Communications Technology Planning & Evaluation (IITP) grant which is directly funded by the South Korean government.
()
Academia
()
Legislation, Policy, and Regulation
The greatest contest ever – privacy versus security (ComputerWeekly) Elliot Rose of PA Consulting explores the technical, legal and ethical challenges around the privacy versus security debate.
European Leaders Urge Russia Not to Intervene in Belarus (Foreign Policy) After a violent crackdown on protesters, Belarus’s leader has lost all credibility in the eyes of his people, Lithuania’s foreign minister says.
Putin Has No Good Options As Belarus Crisis Surges (RadioFreeEurope/RadioLiberty) Moscow has been largely silent amid ongoing protests in Belarus of a scale rarely seen in the region. As embattled leader Alyaksandr Lukashenka implores President Putin for help, analysts say Russia has no good options to end the standoff.
The Kremlin’s Plot Against Democracy (Foreign Affairs) How Russia Updated Its 2016 Playbook for 2020
Dutton confirms he's spying on us - and he's not done yet (The Big Smoke) Earlier this month, Peter Dutton has confirmed that he's broadened the scope of spying on Australian citizens, but he claims it is for the greater good.
The great cybersecurity fraud: government won't comply with its own rules (Crikey) The government constantly insists Australia is under cyber attack — yet nearly three quarters of its departments fail to do even the basics of cybersecurity.
US confident on Israel Huawei, ZTE ban (Mobile World Live) The US’ global campaign to prevent Chinese vendors supplying equipment for 5G networks moved to ...
Huawei and ZTE Designated as Threats to National Security (Lexology) On June 30, 2020, the Federal Communications Commission's (FCC) Public Safety and Homeland Security Bureau (PSHSB) made final the Commission's prior…
Trump Administration Widens Huawei Dragnet (New York Times) The Commerce Department placed new restrictions on the Chinese tech giant’s ability to work with the global chip industry.
U.S. Tightens Restrictions on Huawei’s Access to Chips (Wall Street Journal) The Commerce Department issued new rules restricting Huawei Technologies Co.’s access to foreign-made chips, further tightening U.S. curbs on the Chinese telecom company’s ability to obtain crucial components.
U.S. tightens restrictions on Huawei yet again, underscoring the difficulty of closing trade routes (Washington Post) U.S. officials said they are aiming to stop the Chinese company from evading trade ban
The US is making it even harder for Huawei phones to get Android updates (The Verge) The US is further tightening restrictions on the Chinese phone manufacturer.
Breaking Down Trump's WeChat and TikTok Ban: What to Expect (CPO Magazine) The Trump administration set the internet ablaze when it issued an executive order that sets a firm date for a TikTok ban. That Tencent-owned WeChat would also be included was something of a surprise.
Cyberspace Solarium Commissioners Intro $28B Bill to Upgrade SLG Legacy IT (Meritalk) Three members of the Cyberspace Solarium Commission – Rep. Jim Langevin, D-R.I., Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis. – introduced bicameral legislation to appropriate $28 billion in new Federal aid and establish programs to enhance state and local government modernization and cybersecurity.
Direct commissions for Army cyber officers finally gaining steam, two-star says (Army Times) “The authority to direct appoint officers was last used on this scale during World War II,” said an Army Talent Management Task Force official.
CCPA Regulations Take Effect August 14, 2020, California AG Announces Final Revisions (cyber/data/privacy insights) On August 14, 2020, the California Attorney General announced that the state’s Office of Administrative Law approved the AG’s proposed regulations pursuant to the California Consumer Privacy Act. T…
The California Consumer Privacy Act Regulations Are Finally Here, But Wait There’s More… (Lexology) On August 14, 2020, California’s Office of Administrative Law (“OAL”) approved the final version of the implementing regulations for the California…
NY Unified Court System Backs Move to Shield Judges' Personal Info, DiFiore Says | New York Law Journal (New York Law Journal) DiFiore’s comments come weeks after an “anti-feminist” lawyer was named as the primary suspect in a shooting that killed a federal judge’s son and injured her husband.
Litigation, Investigation, and Law Enforcement
US intelligence indicates Iran paid bounties to Taliban for targeting American troops in Afghanistan (CNN) US intelligence agencies assessed that Iran offered bounties to Taliban fighters for targeting American and coalition troops in Afghanistan, identifying payments linked to at least six attacks carried out by the militant group just last year alone, including a suicide bombing at a US air base in December, CNN has learned.
Snowden pardon plan draws bipartisan scorn from key defense lawmakers (Military Times) House Armed Services Committee leaders said the move would be an insult to U.S. defense and intelligence workers.
Google giving far-right users' data to law enforcement, documents reveal (the Guardian) Exclusive: in some cases Google did not necessarily ban users who were often threatening violence or expressing extremist views
Secret Service Bought Phone Location Data from Apps, Contract Confirms (Vice) An internal Secret Service document describes the purchase of Locate X, a product that uses location data harvested from ordinary apps.
()
GDPR accusations against Oracle and Salesforce 'without merit' (CRN) European data privacy body suing tech giants over firms' adtech processing and sharing of personal data
Partnerships to Fight Financial Crime Gain Momentum (Wall Street Journal) Banks have teamed up with governments in nearly 20 countries to more directly share real-time information on suspicious activity.
Six Suspects Face 275 Felony Complaints Related to Data Breach at Property Management Firm (Noozhawk) Rental applications filed with Wolfe & Associates between 2017 and 2020 may have been compromised
Newton Police: Attempted Fraud Scam Leads to Arrest of Wisconsin Man (TAPinto) A Wisconsin man is facing charges for fraud. On August 6 Newton Police Department received a report that a man was trying to extort money from a victim by threatening to expose the...