Cyber Attacks, Threats, and Vulnerabilities
List of 2020 election meddlers includes Cuba, Saudi Arabia and North Korea, US intelligence official says (CyberScoop) Cuba, Saudi Arabia, and North Korea are running information operations to influence U.S. elections, according to a top U.S. counterintelligence official.
Taiwan urges blocking 11 China-linked phishing domains (Taiwan News) Taiwan authorities name two hacking groups backed by China government — Taidoor and Blacktech
Threat hunters track down Chinese hackers as they forage forums for tools (SC Media) Secureworks has found evidence of Chinese state-sponsored hackers adopting and abusing publicly available tools found on Chinese hacking forums.
Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government (Threatpost) The group has added a management console and a USB worming function to its main malware, Crimson RAT.
Transparent Tribe APT targets government, military by infecting USB devices (ZDNet) The hacking group is focused on campaigns in India and Afghanistan.
Imperva Research Labs Records Largest DDoS Attacks of the Year as COVID-19 Shutdowns Continue (imperva) July 2020 Cyber Threat Index automated threats on the rise, with almost all attacks against eCommerce sites conducted by bots REDWOOD SHORES, Calif. – Aug. 20, 2020 – Today, Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, published its July 2020 Cyber Threat Index Report. The report […]
QakBot (QBot) Maldoc Campaign Introduces Two New Techniques into Its Arsenal (Morphisec) The QakBot malware has introduced two new techniques into its arsenal
Default Credentials Expose Cisco ENCS, CSP Appliances to Attacks (SecurityWeek) Cisco has patched a critical default credentials vulnerability that allows a remote attacker to access Cisco ENCS 5400-W series and CSP 5000-W series appliances with admin privileges
CyberArk Discloses Potential Security Flaw in Kubernetes Agent Software (Container Journal) CyberArk, a provider of access management tools, today issued an advisory describing multiple potential misconfigurations of kubelet, the agent software
French police warning over email 'phishing' scam (Connexion France) Fake email urges recipients to apply for a €1,500 grant from the French government's Covid-19 solidarity fund for small businesses
University of Utah hit by ransomware, pays $457K ransom (BleepingComputer) The University of Utah has paid a $457,000 ransomware to prevent threat actors from releasing files stolen during a ransomware attack.
MITRE shares this year's top 25 most dangerous software bugs (BleepingComputer) MITRE today shared a list of the top 25 most common and dangerous weaknesses plaguing software during the last two previous years.
CWE -
2020 CWE Top 25 Most Dangerous Software Weaknesses (MItRE) Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.
A popular fertility app shared data without user consent, researchers say (Washington Post) Fertility app Premom says it offers more than a half-million users a “simple, effective and affordable solution for all trying to conceive.”
Treck TCP/IP Stack (Update G) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely
Vendor: Treck Inc.
Equipment: TCP/IP
Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control
Philips SureSigns VS4 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.3
ATTENTION: Exploitable remotely
Vendor: Philips
Equipment: SureSigns VS4
Vulnerabilities: Improper Input Validation, Improper Access Control, Improper Authentication
2.
Zoom hackers target Columbine High School call with threats of '2020 Columbine remake' (Fox News) Hackers on Tuesday disrupted a Columbine High School Zoom meeting with threats of a "2020 Columbine remake."
Texas County Notified Thousands of Residents of Data Breach (Government Technology) More than 2,000 residents in North Texas received letters notifying them that their personal information may have been compromised during a July cyberattack against the Cooke County Sheriff’s Office.
Regional District of Okanagan-Similkameen works to address ransomware attack (Keremeos Review) Internet and email taken offline following attempted attack on Aug. 11
Malware accesses data for some ECHN patients (Journal Inquirer) A Pennsylvania health care system affiliated with Prospect ECHN suffered a malware attack on its computer network back in June, but officials with the company say no patient data was
Baugo Community Schools dealing with cyber attack (WNDU) Cyber attacks have been directed at the internet service provider for Baugo Community Schools.
Hackers interrupt online classes of two Beaumont schools (Press Enterprise) Offensive language and graphic images were seen Monday, Aug. 17, and Tuesday, Aug. 18, in courses at Beaumont High School and Mountain View Middle School
CRA restores online services following cyberattack incidents (Insurance Business) Agency "sincerely regrets" the impact; experts call for agency to employ better standards
Home workers face chaos as Google services crash worldwide (The Telegraph) The brief outage points to the threats posed by an industry that is dominated by so few companies
We are at the mercy of Google's cloud services – and it could cost us dearly (The Telegraph) Such is the public and private sector’s dependence on Google and its rivals that the five-hour outage will likely be felt at GDP level
Honor Among Thieves: Dark Web Marketplaces Rise and Fall on Unspoken Digital 'Pirate's Code' (CPO Magazine) Dark web marketplaces have a constant tension between maintaining customer service while simultaneously trying to get away with manipulative or even outright customer-hostile measures.
How a security researcher spots a phishing email attempt (SearchSecurity) Ever wonder what happens to cybercriminals who to try to scam security experts out of money? University College London professor Steven Murdoch explains how he engaged a would-be scammer and why what he learned could help others spot phishing emails.
Security Patches, Mitigations, and Software Updates
Google Patches Email Spoofing Vulnerability After Public Disclosure (SecurityWeek) Google has patched a Gmail/G Suite email spoofing vulnerability that was reported to the company nearly 140 days ago, but the fix only came after its public disclosure
Malware can no longer disable Microsoft Defender via the Registry (BleepingComputer) Microsoft has removed the ability to disable Microsoft Defender and third-party security software via the Registry to prevent malware from tampering with protection settings.
Cyber Trends
Enterprises Beware: New Malwarebytes Report Reveals Massive Gaps in Cybersecurity as Employees Work at Home - Malwarebytes Press Center (Malwarebytes Press Center) Survey of IT and cybersecurity decision makers reveals 20 percent of organizations experienced a breach as a result of remote work Santa Clara, Calif. – August 20, 2020 – MalwarebytesTM, a leading provider of advanced endpoint protection and remediation solutions, today announced the findings from its latest report, Enduring from Home: COVID-19’s Impact on Business... Read more
Enduring from home: COVID-19’s impact on business security (Malwarebytes) In March, for companies across the United States, “business as usual” became business uncharted, as the novel coronavirus spread throughout the nation at an unchecked pace.
CISOs should put ad fraud security on their radars (TechRepublic) Digital advertising has vulnerabilities, and this type of cybercrime will cost businesses $100 million a day by 2023, but goes almost completely unnoticed, according to adtech company TrafficGuard.
Hackers difficult to distinguish from legitimate users - study (ITBrief) Almost half of all actions by attackers are identical to the usual activities of users and admins, a new report has found.
The cybersecurity skills shortage is getting worse (CSO Online) New research from ESG and ISSA illustrates a lack of advancement in bridging the cybersecurity skill shortage gap.
Marketplace
New Cybersecurity Company to Help Midwestern Manufacturers Protect Department of Defense Data, Secure Business (PR Newswire) Federal cybersecurity compliance is considered vital to national security and critical to manufacturers. Failure to comply could result in...
Why Herjavec Group Acquired Securience (MSSP Alert) Aaron Jamieson & Doug Chin explain why Herjavec Group acquired Securience, and what the future holds for the MSSP's identity & access management (IAM) practice.
KBR rocks quiet M&A market to buy a Chantilly government contractor (Washington Business Journal) The local company enters this sale after making a series of M&A moves itself.
()
German cybersecurity startup that connects ethical hackers to find vulnerabilities in software gets €24.4M funding (Silicon Canals) Cobalt, a cybersecurity platform that connects human penetration testers with companies looking to test the robustness of their software gets funded.
Cybersecurity becomes UK's fastest growing start-up sector in during Covid-19 (Private Equity Wire) Funding for UK cybersecurity start-ups has increased by a staggering 940 per cent since the beginning of lockdown - with GBP496 million being raised in the first half of 2020, almost outstripping the 2019 total of GBP521 million.
Huawei, long resilient, suffers under tougher US pressure (AP NEWS) For nearly a decade, Huawei kept worldwide sales growing as Washington told U.S. phone companies not to buy its network equipment and lobbied allies to reject China's first global...
Huawei said the U.S. couldn’t ‘crush’ it. Trump is starving it instead (Fortune) The Chinese telecoms equipment giant is running out of chips. Politics may provide the only lifeline.
Opinion: TikTok's time is nearly up (IFLR) Decoupling the US assets of Chinese-owned application TikTok from its parent company may be the only way to protect national security, but it won't be easy.
Why Palo Alto (PANW) is Poised to Beat Earnings Estimates Again (Yahoo) Palo Alto (PANW) has an impressive earnings surprise history and currently possesses the right combination of the two key ingredients for a likely beat in its next quarterly report.
Palantir and Amazon pick Denver (Fortune) Here’s what Palantir’s move to Denver might mean.
Nyla Beth Gawel Joins SAIC as Senior VP, Strategy (Homeland Security Today) Nyla Beth Gawel has joined Science Applications International Corp. (NYSE: SAIC) as senior vice president of strategy. In this new role, she will be responsible for developing the company’s strategy to drive significant organic growth and market leadership, working with leaders across the organization to ensure strategic business plans are successfully executed. Gawel brings years…
TrapX Security Names Cybersecurity Veteran as Board Advisor (BusinessWire) TrapX Security, the global leader in deception-based cyber defense solutions, has appointed Joseph Tso, a more then 20-year veteran of the cybersecuri
Products, Services, and Solutions
Snow Software Expands Cloud Visibility to Help IT Teams Cut Costs and Minimize Risk | Snow Software (Snow Software) New capabilities include BYOL optimization, enterprise SaaS management and more to directly address growing cloud challenges
New at Snow: Introducing BYOL Optimization, Expanded SaaS Visibility, SAP Enhancements and More (Snow Software) We're proud to announce several releases across our portfolio of products. See how you can take advantage of what’s new at Snow.
Bricata and Garland Technology Announce Partnership (PR Newswire) Garland Technology, a leading provider of network test access point (TAP), packet broker, and cloud visibility solutions, today announced a...
BigID Introduces Hyperscan(™) for Speeding Unstructured File Scans at Scale (BusinessWire) BigID, the leader in data discovery and intelligence for privacy, protection and perspective, today introduced Hyperscan technology for scanning large
()
Rofori Offers a Cybersecurity Risk Assessment Solution to Ease Transition for SMEs to the new DOD Cybersecurity Maturity Model Certification (CMMC) Standard (PR Newswire) Rofori Corporation is announcing the availability of its Cybersecurity Maturity Model Certification (CMMC) Risk Assessment. The CMMC Risk...
ConnectWise Expands Security Education for MSPs, TSPs (Channelnomics) Company also announces first cybersecurity-focused conference scheduled for the fall
New Validation Allows Gigamon to Deliver Best-in-Class Security Solutions to the Government Sector (BusinessWire) Gigamon achieves FIPS 140-2 Level 2 Validation by the National Institute of Standards and Technology (NIST) for its Inline Decryption Platform
Petey Vid Surpasses A Half Billion Videos In Their Video Search Engine (PRWeb) The privacy-centric video search engine Petey Vid continues to reach new heights, as this week, they announce having indexed more than half a billion (530 million)
New infosec products of the week: August 21, 2020 (Help Net Security) The featured infosec products this week are from Offensive Security, Elastic, RackTop Systems, Lacework, and NinjaRMM.
Technologies, Techniques, and Standards
HELP WANTED: Growing a Workforce for Managing Privacy Risk (NIST) It’s a very different world that we’re living in from the one in which we published the
Building the Federal Profile For IoT Device Cybersecurity: Next Steps for Securing Federal Systems (NIST) RECORDING: Captioning will be available by Monday, August 3, 2020.
Understanding the gist of NIST (ITProPortal) Here are three principles for security leaders to consider when assessing their security command centers.
As Remote Work Continues, Companies Fret Over How to Monitor Employees’ Data Handling (Wall Street Journal) Corporate cybersecurity leaders are concerned that it may be easier for employees to expose data or create openings for hackers while working remotely during the pandemic. But companies have limited capabilities to monitor certain violations of data policies.
The Law and Policy of Client-Side Scanning (Lawfare) The idea—which aims to develop systems to scan photographs and messages before they are sent or received by users—is attractive, but it has far too many technical, legal and policy uncertainties to be ripe for adoption at this time.
The Pandemic is Pushing the Pentagon Toward Classified Telework (Defense One) The risk-averse agency has cracked small-scale remote handling of secret and top-secret information. The challenge is doing it at scale.
()
Cloud Advisory Board Securealities Report (Coalfire) Coalfire, in collaboration with our Cloud Advisory Board (CAB), developed this research report as a way to give back to the cyber community by helping leaders maximize cybersecurity in the cloud. Material for the report was developed based on our direct experience in secure cloud migrations and real-world insights from our board members.
()
Twitter Hack: The Spotlight that Insider Threats Need (Dark Reading) The high profile attack should spur serious board-level conversations around the importance of insider threat prevention.
Why Some Data Centers Don't Patch and Why They Should (Data Center Knowledge) Despite costly consequences, many data center operators don't get around to patching serious security vulnerabilities until it's too late.
()
Myth #1: Network Security Compliance Is Not All About Rules and Access Control (FireMon) This is part 1 of a 4-part series addressing compliance myths and what you need to know about uniting compliance and security in a hybrid environment People are confused about what compliance really is. They usually think about compliance in terms of regulations or industry requirements, which are sets of rules that exist on paper. Read more...
How Isolation Changes Incident Response (Menlo Security) The benefits of isolation increase as more users are shielded, reducing the impact of phishing attacks when responding to security incidents.
Stop the Cyber-Attack Cycle with Privileged Access Management (Infosecurity Magazine) Securing privileged access helps shrink the attack surface
‘The old paradigm of the castle-and-moat approach to security is dead’ (Silicon Republic) Terence Jackson of Thycotic spoke to Siliconrepublic.com about changes in cybersecurity and why he believes identity is the new perimeter.
Is Your Browser a Good Enough Password Manager? (Gizmodo Australia) Web browsers were once used simply for browsing the web. But now they can perform all kinds of tricks, including managing passwords. With new features like password suggestions and data breach warnings being added all the time, are these built-in password managers ready to take on the dedicated third-party tools?...
What does antivirus software really do? (Windows Central) Ever wonder what antivirus software actually does on your computer? Let's take a look at some of the basics now.
How to Keep APIs secure from bot attacks (iTWire) The widespread adoption of mobile IoT devices, emerging ‘serverless’ architectures hosted in public clouds, and the growing dependency on machine-to-machine communication, are reasons to make changes to modern application architec...
Mock U.S. Cyberattack Tests Nation's Infrastructure Defenses (MSSP Alert) A simulated cyber attack against U.S. critical infrastructure has shown the nation’s defenses and partners are better prepared for the real thing, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) said.
()
Better Business Bureau Offers Prevention Tips Following Cyber Attacks on CRA (VOCM) The Better Business Bureau is offering some advice on cyber attacks and how to avoid them following recent rep...
US Cyber Command’s training platform can now use operational cyber tools (C4ISRNET) The Persistent Cyber Training Environment has been piloted with operational units for mission rehearsal and integrated with other cyber tools and capabilities that will be used by forces during operations.
Here’s what US Cyber Command wants next for its training platform (C4ISRNET) What are cyber officials seeking from industry, and why do they want it?
Design and Innovation
Sex, lies, and video games: Inside Roblox’s war on porn (Fast Company) Roblox is waging a technological shadow war against condo games: digital sex parties where kids act like adults. With more than half of Americans under 16 playing Roblox, can the company regain control of its own platform?
Legislation, Policy, and Regulation
A Robust Cybersecurity Policy is Need of the Hour: Experts (CXOToday) The draft of National Cyber Security Strategy 2020 that envisages creating a secure cyberspace in India is likely to be finalized this year. The first comp
WSJ News Exclusive | How China Targets Scientists via Global Network of Recruiting Stations (Wall Street Journal) China is targeting top scientific and technological expertise in the U.S. and other advanced nations through an expanding network of more than 600 talent-recruitment stations around the world, a new report has found.
U.S. Allies Reject Trump Administration Bid to Reinstate Iran Sanctions, Opening Diplomatic Rift (Wall Street Journal) The U.S.’s closest allies on Thursday rebuked the Trump administration over its effort to reinstate international sanctions on Iran, opening a rift in the United Nations Security Council.
Biden prepping to ramp up U.S. cyber defenses — while keeping some Trump policies (POLITICO) Former cybersecurity officials familiar with the Democratic nominee’s planning predict a more stable, focused “evolution” of the president's approach, not the total break that other policy areas would see.
Pentagon Extends Deadline for Contractors' Ban on Chinese Equipment (Defense One) Vendors will get additional time to comply, but the department is not seeking mass extensions, Acquisition Chief Ellen Lord told reporters.
Pentagon’s acquisition chief wants microelectronics production to return to the US (C4ISRNET) The industry is at an
CISA infrastructure security executive heading back to private sector (Federal News Network) Brian Harrell, the assistant director for infrastructure security, is leaving the agency after 21 months at CISA. Steve Harris will take over on an interim basis.
Litigation, Investigation, and Law Enforcement
EU Regulators Wrangle Over Twitter Data Privacy Penalty (SecurityWeek) European Union privacy regulators are wrangling over the penalty Ireland’s data privacy watchdog was set to issue Twitter for a data breach, pushing back the case’s long awaited conclusion under the bloc’s tough new data privacy rules.
WSJ News Exclusive | Twitter Data Case Sparks Dispute, Delay Among EU Privacy Regulators (Wall Street Journal) European Union privacy regulators are clashing over how much—if anything—to fine Twitter for its handling of a data breach disclosed last year, delaying progress of the most advanced cross-border privacy case involving a U.S. tech company under the EU’s strict new privacy law.
Trump asks Supreme Court to let him block critics on Twitter (TheHill) The Trump administration on Thursday asked the Supreme Court to reverse a lower court ruling that found President Trump violated the First Amendment by blocking his critics on Twitter.
Former Uber Executive Charged With Paying 'Hush Money' To Conceal Massive Breach (NPR) Federal prosecutors allege Uber's former chief security officer Joe Sullivan covered up the breach and arranged a $100,000 payment to the hackers.
Former Uber Security Chief Charged With Concealing Hack (New York Times) Joe Sullivan, who led Uber’s security team through the company’s most tumultuous period, was fired by the company’s newly installed chief executive in 2017.
Former Chief Security Officer For Uber Charged With Obstruction Of Justice (Department of Justice U.S. Attorney’s Office Northern District of California) Joseph Sullivan Allegedly Tried to Cover Up 2016 Hack That Compromised Data Of Millions Of Users and Drivers
New York Brothers Accused In $19M Amazon Vendor Scam (Ossining-Croton-On-Hudson, NY Patch) They ran the e-commerce scheme from their parents' basement and made its address the name of their WhatsApp group, prosecutors alleged.
RCMP investigating after soldiers’ personal data leaked in cyberattack at RMC (The Globe and Mail) RCMP and intelligence agencies are helping the DND investigate the ransomware group now publishing documents onto the dark web
Facebook Says NSO Can't Sidestep Discovery In Hacking Suit (Law360) Israeli spyware company NSO Group can't press pause on a suit accusing it of hacking WhatsApp users' phones just because it decided to appeal its failed motion to dismiss, Facebook told the California federal judge overseeing the case.
IOOF hit with lawsuit alleging cybersecurity failure (Australian Financial Review) ASIC alleges IOOF subsidiary RI Advice "failed to have adequate cybersecurity systems" in place for its almost 300 financial planners.
TBI says child cyber crime attempts on the rise (WSMV Nashville) State leaders are flagging a troubling trend in cyber crimes targeting children.
Gov. Lee discusses child cyber crime during conference (WBBJ TV) Gov. Lee held a press conference Thursday afternoon to touch on a few concerning topics, most importantly regarding child cyber crime. “As a father and grandfather, I am very considered about it,” Gov. Lee said. Director of Tennessee Bureau of Investigation David B. Rausch says with the recent switch to virtual learning, cyber predators are preparing to...