Primitive Bear, the Wagner Group, and tension in the Near Abroad. Beijing goes spearphishing in Taipei. Hidden Cobra's back, already. Leaving Silicon Valley.

Cyber Attacks, Threats, and Vulnerabilities

NSDC reveals signs of Russian special services' large cyberattack on Ukraine's govt agencies before Independence Day (Interfax-Ukraine) The National Cyber Coordination Centre (NCCC) within the National Security and Defense Council of Ukraine (NSDC) has discovered the activation of the Gamaredon hacking group, which is monitored by the special services of the Russian Federation."

FBI, DHS expose North Korean government malware used in fake job posting campaign (CyberScoop) The FBI and DHS exposed malware North Korean government hackers have been using to target defense contractors in the military and energy sectors this year.

US Alert Reveals New North Korean BLINDINGCAN RAT (Infosecurity Magazine) Malware was used to target defense contractors

MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN (CISA) This Malware Analysis Report (MAR) is the result of analytic efforts between Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). Working with U.S. Government partners, DHS and FBI identified Remote Access Trojan (RAT) malware variants used by the North Korean government. This malware variant has been identified as BLINDINGCAN. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https[:]//www[.]us-cert.gov/hiddencobra.

Taiwan accuses Chinese hackers of aggressive attacks on government agencies (CyberScoop) The Taiwanese government on Wednesday accused Chinese government-linked hackers of targeting 10 Taiwanese government agencies and 6,000 email accounts of officials in an escalation of Beijing’s long-running espionage on the island.

China says Taiwan hacking allegations are 'malicious slander' (Reuters) China on Thursday branded as "malicious slander" accusations from Taiwan about hacking attacks linked to the Chinese government, further adding to tensions between Beijing and Taipei.

Ukraine security, intel agencies say Wagner PMC story Russian setup (UNIAN) It was Russian media resources that first started spinning the version of Ukraine's alleged involvement in the deployment of Russian mercenaries in Belarus.

Bolton: Russia, China 'undoubtedly' interfering in 2020 U.S. elections (CyberScoop) Russia and China are “undoubtedly” working to interfere in the 2020 presidential election in the U.S., Trump’s former national security adviser John Bolton said Tuesday.

IBM Db2 Shared Memory Vulnerability (CVE-2020-4414) (Trustwave) I’ve recently blogged about a shared memory vulnerability in Cisco WebEx Meetings Client on Windows where any user can read memory dedicated to trace data. It turns out that this is a common problem. IBM Db2 is affected by the exact same type of problem. Developers forgot to put explicit memory protections around the shared memory used by the Db2 trace facility. This allows any local users read and write access to that memory area.

Fake TikTok Beta Steals TikTok, Facebook, and Instagram Credentials (SonicWall) The popular social media app TikTok is getting banned in a number of countries. Fraudsters are using this opportunity to spread fake TikTok apps in an effort to infect and scam more victims. SonicWall Capture Labs threats research team identified one such fake TikTok app that tries to steal victim’s credentials of TikTok account by showing a fake login page.

Lucifer cryptomining DDoS malware now targets Linux systems (BleepingComputer) A hybrid DDoS botnet known for turning vulnerable Windows devices into Monero cryptomining bots is now also scanning for and infecting Linux systems.

Fake news on Covid-19 government initatives boost phishing in Brazil (ZDNet) About one in eight Internet users have accessed a website with malicious content during the first months of the pandemic, research suggests.

Facebook removes hundreds of QAnon groups, citing public safety risks (Reuters) Facebook Inc Facebook said on Wednesday it had removed nearly 800 QAnon conspiracy groups for posts celebrating violence, showing intent to use weapons, or attracting followers with patterns of violent behavior.

Onapsis discovers critical RECON vulnerability that puts SAP customers at risk | TahawulTech.com (TahawulTech.com) In its July patch day, SAP released 20 new or updated Security Notes. While the number of critical notes was …

WannaRen ransomware author contacts security firm to share decryption key (ZDNet) A major ransomware outbreak hit China back in April.

Konica Minolta smacked by ransomware attack - report (Insurance Business) Firm on the receiving end of a relatively new type of malware

Did Jack Daniels Thwart a Ransomware Attack or Not? (Cointelegraph) Jack Daniels says it successfully fended off the attack, but the REvil ransomware gang has put stolen data up for auction on the darknet

Experian South Africa discloses data breach impacting 24 million customers (ZDNet) Experian said the attacker was identified and its data deleted from the fraudster's devices.

Newly Patched Alexa Flaws a Red Flag for Home Workers (Dark Reading) Alexa could serve as an entry point to home and corporate networks. Security experts point to the need for manufacturers to work closely with enterprise security teams to spot and shut down IoT device flaws.

Truth-in-advertising policy fails to curb fleeceware (Sophos News) More restrictive rules about how publishers offer subscriptions may alleviate some fleeceware problems

Gmail, Drive, Meet and other Google services hit by 'service disruption' (Computing) Users around the world report problems with Google's cloud services

Security Patches, Mitigations, and Software Updates

Microsoft's out of band security update fixes flaw in Windows Remote Access service (Computing) The vulnerabilities could allow threat actors to gain elevated privileges on a victim's machine

Google is fixing this key feature on Chrome because of a security ‘risk’ (Fox News) Autofill on the Chrome browser is handy but there are holes, says Google.

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs (Threatpost) Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.

Cyber Trends

Sonatype’s 2020 State of the Software Supply Chain Report finds 430% Increase in Next Generation Open Source Cyber Attacks (GlobeNewswire) Study also finds 51% of organizations require more than a week to remediate new zero day vulnerabilities

Kleptopredation in a Digital World (Infosecurity Magazine) How malicious cyber actors increasingly leverage a hunting strategy borrowed from the world of marine biology, called Kleptopredation

Fortinet Research Demonstrates Enterprises Must Adapt to Address Telework Security Challenges Long-term (GlobeNewswire) 2020 Remote Workforce Cybersecurity Report Shows How Organizations Are Increasing Investments to Secure Remote Work at Scale

Majority of airlines at risk of email frauds, says Proofpoint study (Gulf News) That's because they still have not implemented strictest guidelines on 'domain messaging'

Enterprises Beware: New Malwarebytes Report Reveals Massive Gaps in Cybersecurity as Employees Work at Home (PR Newswire) MalwarebytesTM, a leading provider of advanced endpoint protection and remediation solutions, today announced the findings from its latest...

Remote working linked to data breach in 66% Indian firms: Survey (Telangana Today) The study suggests that Covid-19 has accelerated the introduction of remote working by at least five years for 59 percent of organisations in India, yet, organisations must address relevant security challenges.

Oman reports 193K phishing attacks in Q2 (Zawya) Saudi Arabia with 973,061 phishing attacks was the biggest target in Q2 2020

Marketplace

SpyCloud Raises $30 Million in Funding to Tackle Surge in Online Fraud During #COVID19 (Infosecurity Magazine) SpyCloud will use the investment to grow its anti-fraud capabilities

Konica Minolta acquires KC cybersecurity firm Depth Security (Kansas City Business Journal) A Kansas City-based cybersecurity consulting company has a new owner.

Ottawa cybersecurity company Titus cuts 20% of staff following acquisition by U.S. firm (Ottawa Business Journal) Ottawa firm that makes software that allows users to classify emails and attachments according to their level of security had about 130 employees before this week's layoffs.

After Norwegian acquisition, KnowBe4 wants to become a powerhouse in research (Tampa Bay Business Journal) It's a step that will allow the company to conduct and publish reports centered around cybersecurity.

Businesses Opt to Outsource Cybersecurity Services (Infosecurity Magazine) UK businesses opt for outsourced partners for cybersecurity services

IBM to retrain 3,000 veterans on cybersecurity (Human Resources Director) Veterans in Australia may soon be joining the digital frontlines: upholding the country’s cybersecurity

Security Current Announces Inaugural CISO Choice Awards and Notable CISO Board of Judges (PR Newswire) Security Current today announced the launch of a first of its kind vendor recognition, the CISO Choice Awards, and the luminaries on the CISO...

Zero Day Initiative — 15 Years of the Zero Day Initiative (Zero Day Initiative) Starting in 2005, 3Com  announced  a new program called the Zero Day Initiative. The plan was to financially reward researchers who discover previously unknown software vulnerabilities (“zero-day vulnerabilities”) and disclose them responsibly. The information about the vulnerabili

Indiana Cybersecurity, Huawei and the New Normal (Inside Indiana Business) Remote working and frequent teleconferencing comprise essential elements of doing business in today’s “New Normal.” Consequently, maintaining secure connectivity built on reliable and safe technology

Thycotic Named a Leader in the 2020 Gartner Magic Quadrant for Privileged Access Management (Thycotic) Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organizations worldwide,

Microsoft plans to establish IoT Center of Excellence in Taiwan (Focus Taiwan) Taipei, Aug. 20 (CNA) Microsoft is planning to establish an Internet of Things (IoT) research and training center in Taiwan to accelerate the development of some of the country's key industries, the company and the Ministry of Economic Affairs (MOEA) jointly announced on Wednesday.

San Francisco faces exodus as tech workers escape the office (The Telegraph) Tech workers are waving goodbye for now, but some in Silicon Valley argue that the masses will soon come crawling back

Data-analysis giant Palantir to move HQ from Palo Alto to Denver (Silicon Valley Business Journal) Palantir quietly changed its headquarters destination on its website, its social media pages and its Wikipedia entry — changes believed to have been made Tuesday.

Data-analysis giant Palantir is moving its headquarters to Denver (Denver Business Journal) The company, which has drawn protests because of controversial work, had recently discussed the potential of a move to Colorado.

Company adding St. Louis technology center gets part of $990M contract (St. Louis Business Journal) The firm will provide digital solutions, the "alignment of organizational models, and data-driven performance management" across 10 Department of Defense lines of business.

Cyber security company launches in NZ from a base in Wellington (Wellington Scoop) CyberCX, with its headquarters in Wellington, is unifying New Zealand’s best cyber security talent, expertise and capability to create the country’s leading full-service cyber security operator.

Safe-T Appoints Former CEO and board member of CyberSponse Inc. and Former Head of the Civilian Division, Israel National Cyber Bureau, to its Advisory Committee (GlobeNewswire) Safe-T® Group Ltd. (NASDAQ, TASE: SFET), a provider of Secure Access solutions for on-premise and hybrid cloud environments, is pleased to announce the addition of new members to its Advisory Committee.

SAIC names senior VP of strategy (Virginia Business) Reston-based Fortune 500 defense contractor Science Applications International Corp. (SAIC) announced Tuesday it has hired Nyla Beth Gawel as senior vice president of strategy. With more than two decades of experience, Gawel was most recently the director of public sector strategy with Verizon Business Group, where she led strategy and development for the company’s public…

Thycotic appoints 3 new execs in APAC hiring spree (IT Brief) The extensive management shakeup in the region comes after the recent establishment of the company’s Singapore office.

International Assoc. of Certified ISAOs Welcomes Steven Bradley, Director Cognitive Security Intelligence Center/CS-ISAO (EIN Presswire) The International Association of Certified ISAOs (IACI), a non-profit global public- and private-sector information sharing association, is thrilled to announce the selection of Steven Bradley as the Director of the Cognitive Security Intelligence Center (CSIC) including the CS Information Sharing & Analysis Organization (CS-ISAO) to combat disinformation, misinformation and malign influence.

Products, Services, and Solutions

Bugcrowd Launches a Merger and Acquisition Assessment to Rapidly Evaluate the Security Posture of M&A Targets and Mitigate Cyber Risk Post Acquisition | Bugcrowd (Bugcrowd) Pre-packaged, security testing solution facilitates rapid evidence-based due diligence on an acquisition or merger target to accelerate complex M&A process

DCC, FireEye sign agreement to provide security solutions to SA, SADC channel (ITWeb) Drive Control Corporation will distribute the entire range of FireEye offerings, including its Mandiant Threat Intelligence platform.

Datadog Achieves FedRAMP Moderate-Impact “In Process” Status (BusinessWire) Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today announced it has achieved “In Process” status on the

ThreatConnect integrates its TIP and SOAR platform with Microsoft Graph Security API (Help Net Security) ThreatConnect has joined the Microsoft Intelligent Security Association and will integrate with Microsoft Graph Security API.

Buguroo behavioral biometrics fight bank fraud in ZA, HSBC Malaysia deploys Nuance voice biometrics (Biometric Update) South Africa’s Puleng Technologies has partnered with buguroo to bring behavioral biometrics to the fight against bank fraud in South Africa, according to a company announcement. Puleng will offer …

Certes Networks Enters Into an Extended Partnership with Help AG (Certes Networks) Certes Networks enters into an extended partnership with leading cybersecurity services provider in the Middle East

Technologies, Techniques, and Standards

Rise of 5G drives intelligence community to refine cyber threat information sharing practices (Federal News Network) Intelligence and cybersecurity agency officials warn that moving more core functions to the edge of networks could create a larger attack surface.

Ransomware Negotiations Revealed: Flattery and Empathy Works (Cointelegraph) New details reveal the unusual strategies employed by ransomware negotiators in a recent attack on the University of California

Experts Warn Online Voting Tech Isn't Ready For 2020 (Law360) As state and local governments work to prepare voting infrastructure ahead of the November presidential election, regulators in the communications sector have one clear message: Don't use the internet.

What enterprises should consider when it comes to IoT security (Help Net Security) Many enterprises have realized that the IoT presents tremendous business opportunities. Here are some tips on how to secure the journey.

The Pandemic is Pushing the Pentagon Toward Classified Telework (Nextgov.com) The Defense Information Systems Agency and the U.S. Air Force are expanding their classified remote work capabilities.

Air & Space Forces Add Cyber To All-Domain Ops Data Library (Breaking Defense) "Data is key to space. It's critical to all-domain operations; it's a centerpiece to it all," says Maj. Gen. Kim Crider.

177th Fighter Wing Communications Flight Updates Defense (DVIDS) Members of the 177th Communications Flight (177th CF) at the 177th Fighter Wing, here, have bolstered the Wing’s defenses by undergoing invaluable training that pertains to cybersecurity, administration certifications, security certifications, field-related collegiate training and many more versatile tools and techniques.

Design and Innovation

Putting Cyber Software First (SIGNAL Magazine) The Air Force software factory LevelUp Code Works aims for rapid development and delivery of cyber solutions.

AFWERX Announces Final Selection of Participating Teams Across the Globe Vying to Build the Base of the Future (Digital Journal) AFWERX, the catalyst for fostering innovation within the U.S. Air Force, announces the selection of the top 92 participating teams from across the globe competing in the Base of the Future Challenge. The diverse group of teams - originating from the vast regions of North America, Europe, Australia and other allied countries - represent entrepreneurial startups, businesses, large enterprises, academic institutions and research labs who are all vying to build the Base of the Future and modernize the Department of Defense.

Research and Development

Small business grant program to fund cybersecurity research (Technology Decisions) A new industry support program has been launched to recuit small businesses to fight against cyber threats by developing ambitious capabilities for the ADF.

Academia

Fearing coronavirus, a Michigan college tracks its students with a flawed app (TechCrunch) Students have no way to opt out of the location tracking.

Colleges Face Education Challenge on Cybersecurity (Wall Street Journal) Remote learning and warnings from government agencies that nation-state hackers are targeting universities are spurring a sharper focus on cybersecurity at universities. Those involved in research related to treatments for Covid-19 are at particular risk, the agencies say.

It's Time for Western Universities to Cut Their Ties to China (Foreign Policy) In their crass hunger for Chinese money, universities have become China’s fifth column in the West.

Legislation, Policy and Regulation

Rights activists raise alarm over Israeli cellphone hacking tech sold to Belarus (Times of Israel) Lobbyists urge Defense Ministry to curb export of Cellebrite's technology to Lukashenko regime as long-time dictator cracks down on opposition

U.S., China agree to Phase 1 trade talks, says commerce ministry (Seeking Alpha) China's commerce ministry says trade talks with the United States will happen "in the coming days" to evaluate progress on the Phase 1 deal that went into effect in February.Earlier this week, White House Chief of Staff Mark Meadows said no new high-level trade talks were on the schedule, but talks were underway regarding deal implementation.The deal required China to import an additional $77B of U.S.

The TikTok Ban: Eliminating a National Security Threat or Limiting Free Speech? (The Cornell Daily Sun) “I think [China] uses its censorship to nefarious ends, but the American version is also not all that appealing,” said Friedman. “It’s not to say that there should be no controls, but the political content of our speech should at least be protected on the Internet.”

With the clock ticking, a House committee looks to election security (FCW) Election readiness, the cybersecurity fallout from COVID-induced telework and network monitoring and will be key areas of focus for House Homeland Security Democrats this year.

Litigation, Investigation, and Enforcement

Ex-FBI Atty Pleads Guilty To Altering Email In Russia Probe (Law360) A former FBI attorney pled guilty Wednesday in D.C. federal court to doctoring an email the agency used as a part of its application in 2017 to support the surveillance of Carter Page, then foreign policy adviser to Donald Trump's presidential campaign.

Sen. Angus King says Senate intel report shows 'serious and disturbing' Russian link to Trump 2016 campaign (Yahoo News) Sen. Angus King today ridiculed the claim by the Senate Intelligence Committee's acting chair, Sen. Marco Rubio, that a report released by the panel this week found “absolutely no evidence of collusion.”

Cyber Jihad Lab (CJL) Impact: MEMRI's Ongoing Work – And Major Report On Terrorist Use Of Cryptocurrency – Preceded U.S. Government's Seizure Of Millions In Cryptocurrency From Al-Qaeda, ISIS, Hamas Donation Campaigns (MEMRI) The U.S. Government's "Largest Ever Seizure Of Cryptocurrency In The Terrorism Context"

Coronavirus disrupts terrorists, but they lurk awaiting comeback (Washington Examiner) The coronavirus pandemic has disrupted operations of the Islamic State and Hezbollah, but intelligence experts say extremist organizations are building out their ranks and preparing for a comeback.

Marriott faces fresh data breach woes as London lawsuit launched | Verdict (Verdict) Marriott International faces a London class-action lawsuit over a 2018 data breach that saw 339m customers have their personal data stolen by hackers.

Opposition Mounts to Trump's Proposed Pardon for Edward Snowden (Military.com) The former CIA contractor fled to Russia in 2013 after espionage charges were unveiled against him.

Ill. Privacy Law Doesn't Flout State Constitution, Judge Says (Law360) An Illinois federal judge on Wednesday rejected several arguments that a fingerprint database manager lobbed in its bid to escape a former indoor trampoline park worker's scanning privacy suit, including the company's claim that the law governing biometrics violate the state's constitution.

Citi Widens Hunt for Revlon Loan Payments as Lenders Question Mistake (Wall Street Journal) Citigroup widened its effort to claw back money it wired to Revlon lenders, suing more investment firms that say they don’t believe a major financial institution sent them portions of a $900 million payment by mistake.

Altice Calls Claims Over '19 Data Breach Too 'Speculative' (Law360) Cable giant Altice USA has urged a New York federal court to dismiss a lawsuit brought by current and former employees whose data may have been exposed in a 2019 data breach, arguing that the claims are too "speculative" to have constitutional standing.