Cyber Attacks, Threats, and Vulnerabilities
Taiwan says China behind cyberattacks on government agencies, emails (Reuters) Taiwan said on Wednesday hacking groups linked to the Chinese government had attacked at least 10 government agencies and some 6,000 email accounts of government officials in an "infiltration" to steal important data.
U.S. Army Report Describes North Korea's Cyber Warfare Capabilities (SecurityWeek) A report published recently by the U.S. Army describes North Korea’s cyber warfare capabilities, saying that many of its thousands of cyber warriors are operating from China, India, Malaysia and Russia
The Attack That Broke Twitter Is Hitting Dozens of Companies (WIRED) “Phone spear phishing” attacks have been on the rise since a bitcoin scam took over the social media platform in July.
Twitter hack was "probably" the result of a vishing attack (Verdict) A vishing campaign could be behind Twitter's recent breach, which saw many high-profile accounts taken over by attackers.
Vishing Becomes Suspect in Recent Social Media Breach (ZeroFOX) It's probable that the major social media breach involving high-profile figures may have been due to a targeted vishing attack.
FritzFrog malware attacks Linux servers over SSH to mine Monero (BleepingComputer) A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world, since at least January 2020.
New FritzFrog P2P botnet has breached at least 500 enterprise, government servers (ZDNet) The botnet kills off competing processes on Linux systems before mining cryptocurrency.
HTML smuggling technique behind 'Duri' campaign to deliver malware, researchers warn (Computing) The attack can evade network security solutions, including firewalls, legacy proxies and sandboxes
Vulnerability Allowing Full Server Takeover Found in Concrete5 CMS (SecurityWeek) A remote code execution (RCE) vulnerability addressed recently in Concrete5 exposed numerous websites to attacks
Detecting WastedLocker Ransomware Using Security Analytics (Securonix) Securonixis actively investigating the Wastedlocker ransomware attacks. Here are key details and recommendations that can be used to detect the attack.
()
CVE-2020-10029: Buffer overflow in GNU libc trigonometry functions?!? (ForAllSecure) CVE-2020-10029 Vulnerabilities in the glibc functions cosl, sinl, sincosl, and tanl are due to an underlying common function. They ar fixed in glibc 2.32.
Voidcrypt Ransomware Actively Spreading in the Wild (SonicWall) The SonicWall Capture Labs threat research team observed reports of a new variant family of VoidCrypt ransomware...actively spreading in the wild.
Report: AI Company Leaks Over 2.5M Medical Records (PCMAG) The leaked data relates to car accidents and includes names, insurance records, medical diagnosis notes, and payment records.
()
Thousands of CRA and government accounts disabled after cyberattack - Saanich News (Saanich News) Federal authorities scrambling for answers
Government denies successful cyber attack shows failure of systems (IT World Canada) 'The system worked,' acting CIO tells reporters, noting only 11,000 of 12 million accounts were compromised
Student information, financial info published in suspected RMC data leak after cyber attack (Global News) Data suspected to be from the Royal Military College of Canada has been leaked on the dark web following a cyber attack at the institution in July.
Carnival Hit by Ransomware Attack (Wall Street Journal) Carnival said it has detected a ransomware attack that it expects included unauthorized access to personal data of guests and employees.
Social media data broker exposes nearly 235 million profiles scraped from Instagram, TikTok, and Youtube (Comparitech) Social Data says it only takes public data from public profiles, but scraping is strictly against most social networks' terms of use.
Kids' details hacked in popular city charity cyber-attack (BirminghamLive) Names, dates of birth and addresses and phone numbers could all have been accessed, parents warned
Cybersecurity breach of software firm, Blackbaud, may impact healthcare charity donors and patients (Dotmed) The Cybercrime industry represents an over trillion-dollar industry that is ever-changing and growing all the time—a threat to all companies around the world.
How Hackers Bled 118 Bitcoins Out of Covid Researchers in U.S. (Bloomberg) Transcripts reveal University of California at San Francisco’s weeklong negotiation to free its ransomware-locked servers. The haggling worked, sort of.
Sick of political campaign spam? Resist hitting unsubscribe—it could lead to identity theft (Yahoo Sports) One way to prevent the “unsubscribe scam” from wreaking havoc on your life is by investing in powerful anti-malware software like MalwareBytes.
Security Patches, Mitigations, and Software Updates
Microsoft is killing off insecure Cloud App Security cipher suites (BleepingComputer) Microsoft today announced that some insecure cipher suites currently supported by Microsoft Cloud App Security (MCAS) will be removed later this year.
Cyber Trends
Remotely Exploitable ICS Vulnerabilities on Rise, as Reliance on Remote Access to Industrial Networks Increases During COVID-19 (Claroty) New report from Claroty researchers finds latest ICS vulnerabilities most prevalent in energy, critical manufacturing, and water & wastewater sectors of critical infrastructure
Saved By The Bell? Insecure Student Devices Must Be Addressed (RBS) In March, the 2019-20 school year ended abruptly for many school districts due to COVID-19. Teachers and parents tried to pivot,conducting virtual classes in order to make the best of a very bad situation. Unfortunately, for many schools it turned out to be quite a struggle just to figure out what
US military personnel lost over $379 million to scams in the last 5 years (Atlas VPN) According to Atlas VPN investigation, US Military personnel lost $379.6 million to various scams from 2015 through June 30, 2020. Military consumers made more than 680,000 reports about fraud, identity theft, or other consumer issues to the Federal Trade Commission (FTC).
Marketplace
Cyware Raises $10M for its Cyber Fusion Solution to Automate Threat Intelligence and Response (Security Boulevard) Cyber fusion and threat intelligence automation leader to accelerate growth and expand market presence NEW YORK, Aug. 18, 2020 /PRNewswire/ -- Cyware, the
Austin’s SpyCloud raises $30 million to grow team, products (Austin Statesman) Austin-based cybersecurity firm SpyCloud has raised $30 million to grow the company’s team and product offerings.
What's Israeli phone-hacking firm Cellebrite doing in sanctioned Belarus (Haaretz) Thousands of protesters were arrested and beaten in demonstrations against President Lukashenko. Israeli human rights activists are calling on the Defense Ministry to halt export of hacking technology to Belarus
The man who built a spyware empire says it’s time to come out of the shadows (MIT Technology Review) Shalev Hulio wants to explain himself. Normally, silence and secrecy are inherent in the spy business. For nine full years, Hulio never talked publicly about his billion-dollar hacking company—even when his hacking tools were linked to scandal or he was accused of being complicit in human rights abuses around the world. Lately, though, he’s speaking…
Huawei Releases Statement on Establishing a Global Cyber Security Assurance System (Business Review) Following the latest evolutions in the telecom industry and growing concerns regarding cyber security, Huawei, the Chinese multinational technology company headquartered in Shenzhen, through its CEO, Ren Zhengfei, released a statement on establishing a global cyber security assurance system, which the company committed to review and update accordingly on a yearly basis.
Silicon Valley's battle to seize control of the world's subsea Internet cables (The Telegraph) Tech giants are fighting for control of infrastructure that serves as the essential plumbing of the internet
Oracle 'in talks for TikTok takeover' (The Telegraph) Bytedance has until the middle of November to sell the US parts of TikTok or face a ban in the country
Proofpoint shares rise after Morgan Stanley's valuation-related upgrade (NASDAQ:PFPT) (Seeking Alpha) Seeing Proofpoint (NASDAQ:PFPT) shares as undervalued, Morgan Stanley upgrades the company from Equal-Weight to Overweight and nudges the price target up $3 to $134.
CrowdStrike: Pricey, But Attractive (Seeking Alpha) Global digitization wave is driving demand for cyber-security platforms. CrowdStrike is growing faster than the overall market. Investors should be aware of risks such as stock volatility and competitive pressures.
Kasada Recognized by CB Insights as a 2020 Cyber Defender (PR Newswire) Kasada, a leading global online traffic integrity solution and services provider, today announced that it has been recognized by CB Insights as...
Infrascale Primed for Growth, Relocates Headquarters to Reston, Virgin (PRWeb) Infrascale, a cloud-based data protection company providing industry-leading backup and disaster recovery solutions, today announced that it has officially mov
Trinity Cyber, Inc. Appoints Thomas P. Bossert President (PR Newswire) Trinity Cyber today announces that Thomas P. Bossert, a globally recognized security leader, has taken over as President to promote growth and...
CyVision Technologies, Inc. Adds Nationally Recognized Cyber and Homeland Security Experts to Board of Advisors (GlobeNewswire) CyVision Technologies, Inc., a leading provider of cyber vulnerability assessments, today announced that Paul Goldenberg, chairman and president of Cardinal Pont Strategies, and John “Jack” Donohue, Cardinal Point’s senior advisor–national security, have been appointed to serve on its board of advisors.
Grant Schneider steps down as federal CISO, heads to private sector (CyberScoop) Grant Schneider, who has spent nearly three decades in the federal government, is leaving his post as the Trump administration’s chief information security officer for the private sector. Schneider is joining the Washington, D.C., office of law firm Venable as a senior director of cybersecurity services, the firm said in a statement Tuesday.
Products, Services, and Solutions
Sequitur Labs Locks Down Boundary Smart Home Alarms with EmSPARK Security Suite (Yahoo) Sequitur Labs Locks Down Boundary Smart Home Alarms with EmSPARK Security Suite
Datadobi and Melillo Consulting Join Forces to Address Growing Healthcare Data Management Market (Datadobi) Datadobi, the global leader in unstructured data migration software, and Melillo Consulting, technology solutions integrator catering to Fortune 500 companies, today announced they have joined forces to address the growing healthcare data management market.
How to Use Signal Encrypted Messaging (Wired) The best end-to-end encrypted messaging app has a host of security features. Here are the ones you should care about.
Academy for women in cybersecurity opens for applications (Silicon Republic) Smarttech247’s specialist six-week course is aimed at women looking to develop skills in cybertech and infosec.
CrowdStrike Store Continues Momentum With Diverse Applications That Bolster Unified Approach to Security Through the Falcon Platform (Yahoo) CrowdStrike today announced the addition of applications from Illumio, Obsidian and SecurityAdvisor to the CrowdStrike Store.
General Dynamics Receives NSA Certification for Data at Rest Security Tech (ExecutiveBiz) The National Security Agency has certified a compact device General Dynamics' mission systems un
Dispel and Industry Partners Collaborate to Secure Industrial Control Systems in NCCoE Manufacturing Project (TylerPaper.com) Dispel today announced their collaboration in the National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence (NCCoE) Protecting Information and
Mocana to provide cybersecurity support to US Air Force (Airforce Technology) Software company Mocana has received a contract to provide cybersecurity support to the US Air Force (USAF). The contract is worth $1.5m.
ConnectWise Continues Leading the Charge of Cybersecurity Education Offerings for TSPs (GlobeNewswire) Company outlines details on its new IT Nation Secure conference and the expansion of the ConnectWise Certify training series
Forcepoint Delivers Global Enterprises New Remote Browser Isolation Solution Powered by Ericom (PR Newswire) Global cybersecurity leader Forcepoint, and Ericom Software, a leader in secure web and application access solutions, today announced a...
RackTop Launches New Features in Latest Release to Facilitate Hybrid Cloud Security and Data Protection (PR Newswire) RackTop Systems, the pioneer of CyberConverged data security and leader in secure network attached storage technology, today announced the...
Technologies, Techniques, and Standards
Multiple Uninstallers Released for China-Linked 'GoldenSpy' Malware (SecurityWeek) Trustwave’s security researchers have identified a total of five uninstallers meant to remove the GoldenSpy backdoor from infected computers
GoldenSpy Chapter 5 : Multiple GoldenSpy Uninstaller Variants Discovered (Trustwave) Trustwave identified a significant malicious campaign on mandatory tax invoice software, which is required to conduct business in China. The campaign, we dubbed GoldenSpy, is an embedded backdoor in the software package, which allows full remote command and control of the victim’s system via arbitrary code execution.
The benefits of providing employees with an identity compromise solution (Help Net Security) Employees find significant value in having access to an identity compromise solution, according to ITRC and Aura Identity Guard.
Report: Firewall Best Practices to Block Ransomware (Sophos News) Ransomware continues to plague organizations, with over half of companies surveyed across 26 countries revealing that they were hit by ransomware in the last year. Modern firewalls are highly effec…
5 ways to keep your personal data safe from hackers (Bradford Telegraph and Argus) NEW research reveals that nearly half (49) of UK adults have not installed or didn't know whether their mobile phone has security software.
How SPF, DKIM, and DMARC Authentication Works to Increase Inbox Penetration (Testing) Rates (Black Hills Information Security) Want a quick fix? Almost every marketing platform we’ve seen has decent tutorials on authorizing outbound email with SPF and DKIM authorization.
Webcast: What Can Docker Do for Me? (Black Hills Information Security) Are you tired of spinning up an entire OS in a VM just to run a tool? Have you ever struggled to install a program you needed? When was the last time you spent hours troubleshooting a complex install process or resolving dependency conflicts? We’ve certainly experienced each of these problems ourselves. But since we […]
Research and Development
Mercury Systems Awarded Patent for Cyberattack Protection Technology (GlobeNewswire) Mercury Systems, Inc. (NASDAQ: MRCY, www.mrcy.com), a leader in trusted, secure mission-critical technologies for aerospace and defense, announced the receipt of a new U.S. patent covering various methods to protect controller area network (CAN)-based systems from malicious cyberattacks.
DARPA Wants Wargame AI To Never Fight Fair (Breaking Defense) Gamebreaker is about building an AI that can play a wargame in the best and most unfair way against its opponents.
What’s next for the US Navy’s future airborne jammer? (C4ISRNET) The Navy is targeting February for initial procurement of its updated airborne jamming pod.
Academia
Raytheon Technologies invests in new transformational STEM high school (PR Newswire) Raytheon Technologies (NYSE: RTX) gave a $4 million grant to the newly formed Alabama School of Cyber Technology and Engineering (ASCTE) to...
CyberHero Kristi Rice Brings Cybersecurity Education to Rural Virginia (PR Newswire) In a place where some communities do not have Internet access, cybersecurity education is thriving thanks in part to Kristi Rice's efforts over...
Legislation, Policy, and Regulation
As protests grow, Putin shows no sign of propping up Belarus' leader (NBC News) Analysis: Alexander Lukashenko is signaling for help to his last standing ally: Russia. But will Vladimir Putin step in?
The Woman Who Started a Revolution in Minsk (Foreign Policy) As protests swell across the country, Belarusians are calling for the return of the unlikely politician Svetlana Tikhanovskaya.
For 2020 Election, Threat is Bigger than Russia (Connecting Vets) As November approaches and a new general election is on the minds of most Americans, preserving the security of that election is on the minds of cyber experts at U.S. Cyber Command and the National Security Agency.
NSA Cybersecurity Directorate's Anne Neuberger on protecting the elections (CBS News) On "Intelligence Matters," Mike Morell talks with Anne Neuberger about lessons learned about deterring Russia in the 2018 midterm elections.
'What we see is fear': Outgoing EU envoy says 'draconian' security law not a solution to Hong Kong's political crisis | Hong Kong Free Press HKFP (Hong Kong Free Press HKFP) The outgoing senior EU diplomat in Hong Kong has told HKFP that the “draconian” national security law was not a solution to the city’s political crisis, as she observed growing fear and self-censorship among Hongkongers. “I never thought I would see such a different Hong Kong on my departure,” said Carmen Cano, who took office […]
New sanctions deal 'lethal blow' to Huawei. China decries US bullying (CNN) The United States has cut off Huawei's access to vital, advanced computer chips, striking a deadly blow to the Chinese tech champion.
China Slams US 'Abuse' Over New Huawei Sanctions (SecurityWeek) Beijing on Tuesday hit out at new US sanctions against telecom giant Huawei, accusing Washington of an "abuse of national power" to block the rise of Chinese companies.
Funding the removal of Huawei in our networks is smart investment (TheHill) There are several risks from this firm to online networks.
TikTok Ramps Up Defense Against US Accusations (SecurityWeek) TikTok has stepped up its defense against US accusations that the popular video app is a national security threat, denouncing what it called "rumors and misinformation" about its links to the Chinese government
Trump gives nod to Oracle buyout of TikTok in US (BBC News) Oracle's chairman Larry Ellison is a supporter of the US president and held a fundraiser for him this year.
Senate's latest Russia report backs new rules for cyber vendors (FCW) Federal investigators may need new authorities to probe cybersecurity breaches in sensitive non-governmental networks, according to the declassified version of the Senate Select Committee on Intelligence's report on foreign interference in the 2016 election.
CISA Releases Updated Guidance on Essential Critical Infrastructure Workers (CISA) Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an update to its Essential Critical Infrastructure Workers Guidance. Version 4.0 provides guidance on how jurisdictions and critical infrastructure owners can use the list to assist in prioritizing the ability of essential workers to work safely while supporting ongoing infrastructure operations across the nation.
CISA Alert AA20-205A addressed OT networks but did not address control systems (Control Global) IT and OT networks are under continuing attacks with varying degrees of impacts.
Navy information warfare project received $400 million funding boost (C4ISRNET) NAVWAR's information warfare research project went through its $100 million in funding a year early.
Legislating peace and security: Part II (The World from PRX) This week, Critical State digs into new research about legislative oversight when it comes to security issues. As historian Peter Roady writes in a new article in the Journal of Policy History, the National Security Agency has escaped congressional oversight with two words: "It's classified."
‘We better get worried if Bill gets silenced’
(POLITICO) Career intelligence official William Evanina may be the one man standing in the way of Russian election interference. But the president’s dismissal of the threat puts him in an awkward spot.
Schneider leaving federal CISO role for private sector (Federal News Network) Grant Schneider, the federal chief information security officer, is leaving federal service after almost 28 years, including the last two in his current role.
California DMV Is Selling Drivers' Data to Private Investigators (Vice) An internal document obtained by Motherboard lists the commercial requesters for California DMV data.
Nellis Airman commissions through Cyberspace Force Development (DVIDS) A network intelligence analyst assigned to the 57th Information Aggressor Squadron, was recently selected to commission as a Cyberspace Warfare Operations, Cyberspace Effects Operations Officer through the Cyberspace Direct Commissioning Board.
Litigation, Investigation, and Law Enforcement
(U) Report of the Select Committee on Intelligence, United States Senate, on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 5: Counterintelligence Threats and Vulnerabilities (Select Committee on Intelligence, United States Senate) The Committee found that the Russian government engaged in an aggressive, multifaceted effort to influence, or attempt to influence, the outcome of the 2016 presidential election. Parts of this effort are outlined in the Committee's earlier volumes on election security, social media, the Obama Administration's response to the threat, and the January 2017 Intelligence Community Assessment (ICA).
Putin Ordered 2016 Democratic Hack, Republican-Led Senate Panel Says (Bloomberg) Russian President Vladimir Putin ordered the 2016 hacking of Democratic Party accounts and the release of emails intended to harm Hillary Clinton’s campaign, the Senate Intelligence Committee concluded in the final report of its Russia probe, which also found no evidence that President Donald Trump colluded with Moscow.
Six revelations in Senate intel report on 2016 Russian interference (NBC News) The bipartisan report provides new details on Trump’s conversations with Roger Stone and the activities of the president’s former campaign chairman Paul Manafort.
Senate Panel’s Russia Probe Found Counterintelligence Risks in Trump’s 2016 Campaign (Wall Street Journal) Members of the 2016 Trump campaign posed a major counterintelligence risk to the U.S. due to their frequent contacts with people with close ties to the Russian government, a bipartisan Senate investigation has concluded.
FBI gave Steele dossier ‘unjustified credence,’ Senate Intel Committee says (New York Post) The FBI bungled its response to Russian meddling in the 2016 presidential election by giving “unjustified credence” to a controversial dossier of unverified allegations against President Trump, the…
The Cybersecurity 202: Democrats use Senate’s Russia report to make their closing argument against Trump (Washington Post) Democrats are pointing to the final volume of a bipartisan Senate investigation into Russia’s 2016 election interference to make their closing argument in this presidential race: that President Trump won’t stand up to Russian hacking if he’s reelected.
President Trump should grant Edward Snowden a pardon (Orange County Register) President Trump on Saturday indicated that he’s considering pardoning whistleblower Edward Snowden. We strongly encourage the president to do so.
Trump Says He Will Pardon a 'Very Important' Person on Tuesday (New York Times) President Donald Trump said on Monday he would pardon a "very, very important" person on Tuesday, but added it would not be leaker Edward Snowden or former national security adviser Michael Flynn.
Facebook Faces Hate-Speech Questioning by Indian Lawmakers After Journal Article (Wall Street Journal) Indian lawmakers are gearing up to question Facebook about extremist posts, after a Wall Street Journal article detailed what current and former company employees said was a pattern of favoritism toward the ruling party and Hindu hard-liners.
FCC Plans To Share Chinese Telecom Info With DOJ (Law360) The Federal Communications Commission has said it plans on passing along to the U.S. Department of Justice confidential business information given to the FCC by a Chinese telecom that the commission is currently scrutinizing over national security concerns.
()
NY Cybersecurity Rules Pack Wallop In Enforcement Debut (Law360) New York's financial services regulator demonstrated an appetite for policing data security missteps, even if consumers aren't obviously harmed, by targeting a data leak at insurer First American for its first enforcement action under the state's novel cybersecurity rules.
LinkedIn Says 9th Circ. Qualcomm Ruling OKs Bot Block (Law360) LinkedIn Inc. has urged a California federal court to consider a recent Ninth Circuit decision in a Federal Trade Commission antitrust case against Qualcomm, saying the ruling backs up the professional networking site's argument that it has no duty to let rival startup hiQ use automated bots to scrape its data.
Marriott faces London lawsuit over vast data breach (Reuters) Marriott International, a leading hotel operator, is facing a London class action brought by millions of former guests demanding compensation after their personal records were hacked in one of the largest data breaches in history.
Prosecutors seek prison for former Fort Riley soldier who sought to overthrow the government (Army Times) A former Army soldier who prosecutors said is a Satanist who hoped to overthrow the U.S. government should spend around three years in prison for providing viable instructions for building explosive devices to people who wanted to commit violence, the government argued Tuesday.