Cyber Attacks, Threats, and Vulnerabilities
New Zealand Stock Exchange disrupted for third day following cyber attack (Computing) NZX says it is experiencing DDoS attacks originating abroad
Federal Agencies Warn North Korean Hackers Have Upgraded Their Cash-Out Schemes (Nextgov.com) A joint alert shared details of tactics and malware used by a state subgroup the U.S. government calls the BeagleBoyz.
U.S. Warns of Global Bank Heist Campaign by North Korean Hackers (Wall Street Journal) Hackers tied to the North Korean government are trying to rob banks across the globe by draining ATMs and initiating fraudulent transfers, an effort by the cash-strapped regime to fund its nuclear weapons program, government agencies said Wednesday.
North Korea-backed 'BeagleBoyz' group is targeting banks arompound the globe, US agencies warn (Computing) The primary aim of the campaign is to fund the North Korean government
US publicly blames North Korean cyber scheme in attempt to protect the private sector (C4ISRNET) A joint statement discloses an ongoing campaign targeting ATMs around the world, which the U.S. government has attributed to North Korea.
FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks (CISA) This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
Security in the spotlight as the US heads into elections (CSO Online) A new report and tabletop exercise show how the upcoming US elections could be disrupted at the local government level without hacking the election itself.
US officials: No signs of foreign targeting of mail-in vote (Star Tribune) U.S. officials said Wednesday there has been no intelligence to suggest that foreign countries are working to undermine mail-in voting and no signs of any coordinated effort to commit widespread fraud through the vote-by-mail process, despite numerous claims made by President Donald Trump in recent months.
'No coordinated national voter fraud effort during a major election': FBI (ABC7 Chicago) The FBI's announcement contradicts the president's warnings.
Black voters are being targeted in disinformation campaigns, echoing the 2016 Russian playbook (Washington Post) Four years after Russian operatives used social media in a bid to exacerbate racial divisions in the United States and suppress Black voter turnout, such tactics have spread across a wide range of deceptive online campaigns operated from numerous nations — including from within the United States itself.
Facebook removes page using image of LeBron James over ‘voter suppression tactics’ (Washington Post) Facebook on Friday deleted a page using an image of LeBron James, among other deceptive tactics, to spread false and misleading claims about mail-in voting, a day after The Washington Post raised questions about the online operation.
'Black holes': India's coronavirus apps raise privacy fears (Reuters) Harinder Kaur was not surprised when people slammed their doors in her face as she walked into neighbourhoods in the northern state of Punjab armed with a smartphone and a long list of health and travel-related questions.
DDoS-for-Hire Threat Landscape Continues to Grow (Radware) Over the last two years corporations, independents researchers and law enforcement agencies around the world have attempted to curb the growtch of the DDoS-for-Hire industry through a series of takedowns and arrests.
QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money (The Hacker News) A New Malware Campaign Spreading QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money
Group with Numerous Faces: Chronicle of UltraRank's Deceptive JS-Sniffer Campaigns (PR Newswire) Group-IB, a global threat hunting and intelligence company headquartered in Singapore, today released its report "UltraRank: the unexpected...
UltraRank: The unexpected twist of a JS-sniffer triple threat (Group-IB) New stage in JS-sniffers research. From analyzing malware families to identifying threat actors
Google Android Qualcomm Crypto Engine Driver Application privilege escalation (Sesin) A vulnerability classified as critical was found in Google Android (Smartphone Operating System) (affected version unknown). Affected by this vulnerability is an unknown functionality of the component Qualcomm Crypto Engine Driver.
LinkedIn Job Seeker Phishing Campaign Spreads Agent Tesla (Zscaler) Zscaler research team observed, bad actors are using a spoofed LinkedIn site to lure job seekers, steal credentials, and launch the Agent Tesla malware.
Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages (Proofpoint) In late March 2020, Proofpoint researchers began tracking a new actor with a penchant for using NanoCore and later AsyncRAT, popular commodity remote access trojans (RATs). Dubbed TA2719 by Proofpoint, the actor uses localized lures with colorful images that impersonate local banks, law enforcement, and shipping services.
Magento Multiversion (1.x/2.x) Backdoor (Sucuri) The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to use it for the foreseeable future.
Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere (Ars Technica) If you haven't updated Pulse Secure VPN, now would be an excellent time to do so.
Data#3 hit by network cyber security incident (ARN) Publicly-listed IT provider Data#3 has been hit by what it calls a "cyber security network incident," involving an overseas third party.
Ransomware Has Gone Corporate—and Gotten More Cruel (Wired) The DarkSide operators are just the latest group to adopt a veneer of professionalism—while at the same time escalating the consequences of their attacks.
Ransomware attacks have doubled year-on-year in April-July, says cybersecurity firm Seqrite (ETCIO.com) The Seqrite Quarterly Threat Report said there was a visible shift in the behaviour of threat actors, with multiple ransomware families now capable of..
Why are people still getting phished? (ITWeb) How you deal with a staff member who clicks a phishing link is a key part of your security posture.
“Chrome considered harmful” – the Law of Unintended Consequences (Naked Security) A well-written article on the APNIC blog has provoked a thoughtful response from the Chromium coders – and we can all learn from it!
Captcha gotcha? Don't fall for it (Sidney Herald) Have you ever found yourself staring at a wobbly letter trying to decide if it is an X or a Y, just to prove to a website that you’re not
Understanding Carnival's ransomware attack, hitting two different data types (CIO Dive) Last week the cruise line disclosed a ransomware attack that impacted employee and customer data. The security divisions can get murky.
Canadian Courier Companies Suffer Ransomware Attack (ASI) Hackers are now threatening to release customers’ information on the dark web.
'Dirty, rotten, lowdown scoundrels' responsible for cyber attack, superintendent says (WLOS) Haywood County Schools will be closed for the rest of the week due to a cyber attack. They've already been closed since Monday when the ransomware attack hit. Caption: WLOS. The school system is having to bring in experts to rebuild their network. The investigation into the cyber attack on the district's computers involves local authorities, all the way up to the federal level including the National Guard. “The Guard is very proficient in cyber security,” says Superintendent Dr. Bill Nolte.
College group hit by cyber attack (BBC News) Luminate Education Group said the attack had caused "operational disruption" to its IT infrastructure.
Lombard Insurance engages SA authorities after data breach (ITWeb) While the insurer is working with the Information Regulator, it has yet to disclose what information was accessed by the hackers or the number of people affected.
Victims of CRA hackers vulnerable to other cyberattacks, experts say (Peterborough Examiner) The warning comes after the federal government admitted that hackers accessed the Canada Revenue Agency or GCKey accounts of an estimated 11,200 Canad...
Security Patches, Mitigations, and Software Updates
Chrome 85 Released With 20 Security Fixes (SecurityWeek) Chrome 85 was released in the stable version with 20 security fixes inside, including patches for 14 vulnerabilities disclosed by external researchers
Cyber Trends
New Research: 2020 Vulnerabilities Are on Target to Match or Exceed Last Year (RiskBased Security) Today we released our 2020 Mid Year Vulnerability QuickView Report revealing that vulnerability reporting, still impacted by COVID-19, is beginning to return to normal. Our VulnDB® team aggregated 11,121 vulnerabilities disclosed during the first half of 2020, and as the year progresses the total...
The Vast Majority of Exploits Become Available Before CVEs Are Published (TechNadu) CVE publication is nowadays clearly running behind exploits, in at least four out of five flaws, and that is not including black market flaw trades.
Securing the Pandemic-Disrupted Workplace: Trend Micro 2020 Midyear Cybersecurity Report (Trend Micro) Our 2020 Midyear Security Roundup delves into the pertinent challenges faced amid a pandemic, including Covid-19-related threats and targeted ransomware attacks. Read more as we share how to secure systems in this increasingly precarious landscape.
Want to create loyal customers? Get on the bleeding edge of data security (TechRepublic) The public is increasingly wary of the privacy of their data. Companies reliant on it should take this as a sign of the future of customer loyalty, says data privacy firm Privitar.
Evolve or die: The cybersecurity industry’s challenges in the post-coronavirus world (CTECH) Organizations must be ready to adopt changes in order to ensure we can securely conduct our new remotely-managed lives
60 Seconds In Cybersecurity: Here’s What Happens In Just One Malicious Internet Minute (Forbes) What can happen in a single malicious internet minute? Quite a lot, actually.
The Evil Internet Minute 2020 (RiskIQ) Every minute, $11,400,000 will be lost to cybercrime and top companies pay $24.7 due to security breaches.
Tech Companies Adapt Collaborative Culture to Remote Work (Wall Street Journal) Technology executives are finding ways for their teams to collaborate and be productive as fully remote work persists during the coronavirus pandemic.
Good news: Stalkerware survey results show majority of people aren’t creepy (Malwarebytes Labs) Stalkerware survey results are in. See how more than 4500 Labs readers responded when asked, "Have you ever used an app to monitor your partner's phone?"
CERT NZ: Kiwis lose $7.8m to cyber attacks; incident reports soar (Security Brief) “The increase on reporting and reduction in financial loss could mean that New Zealanders are developing a heightened awareness of cybersecurity threats as we’ve become more dependent on digital services.
Marketplace
After adding customers and service upgrades, Blackpoint Cyber raises $7M Series B (Technical.ly Baltimore) The Ellicott City-based company's service mixes a security operations center and tech platform to respond to cybersecurity threats. It's looking to hire.
Kaseya Boots Security with Acquisition of Phishing Defense Platform (Channel Futures) The acquisition of this phishing defense platform advances Kaseya’s IT infrastructure and security management solutions for MSPs and SMBs.
Secretive Palantir Lifts Veil Before Wall Street Stock Sale (SecurityWeek) Palantir said it believes current instability including “systematic failures of government institutions to provide for the public” present a growth opportunity for its business.
What’s a Palantir? The Tech Industry’s Next Big I.P.O. (New York Times) A tech start-up named for objects in “The Lord of the Rings” has become a major government contractor. But what it does is not easy to understand.
Palantir's public filing reveals plenty about its federal ambitions (Washington Technology) Palantir filing to go public says a lot about the company and the work it does for the government, but the S-1 registration statement for the data and analytics software company also leaves some gaps to be filled.
Palantir's real strength is its business model (Washington Technology) As Palantir heads to the public markets, it's good to revisit how the software company cracked the federal market and why it will continue to be a challenge to traditional GovCon firms.
Facebook Says Apple’s New iPhone Update Will Disrupt Online Advertising (Wall Street Journal) Facebook says privacy changes that Apple has made to its newest operating system will cripple the social-media giant’s ability to serve targeted ads to iPhone users while they use outside apps.
How TikTok’s Talks With Microsoft Turned Into a Soap Opera (New York Times) Neither side wanted a big deal. But what began as talks about a small investment ballooned with interventions from President Trump.
TikTok CEO Kevin Mayer Quits as Trump Pushes Chinese App to Sell U.S. Business (Wall Street Journal) Chief Executive Kevin Mayer said he is leaving the social-media platform after being on the job for about three months, as the company comes under increasing pressure from the White House over its ties to China.
Symantec shakeup creates fresh opening to shift security strategies (CyberScoop) Carbon Black’s integration into VMware stands in contrast to Broadcom’s plans for Symantec, leaving agencies at a crossroads with their security strategies.
SAIC Wins $286M in Natsec Contracts in Q2 (WashingtonExec) Science Applications International Corp. has secured over $286 million in national security contracts during the second quarter of fiscal year 2021. The
NetApp thrills investors with Q1 earnings, and plans to lay off 5% of workforce (Silicon Valley Business Journal) The cloud data services and data management company announced it would cut more than 500 employees as it reported better-than-anticipated first-quarter results.
Kudelski Security Recognized as a Leader in Managed Security Services Evaluation (AiThority) Kudelski Security, the cybersecurity division within the Kudelski Group, announced that it has been recognized by Forrester as a leader in their report.
Finalists Announced for the Finovate Awards! (Finovate) The Finovate Awards recognize the best and brightest of the fintech industry, and while we aren’t able to hold an in-person gala dinner this year, it’s more important than ever that we recognize the strong work being done by those across the fintech spectrum who are pushing the industry forward. We had a record number Read more...
Two new sales directors arrive at Zscaler (iTWire) Cloud security vendor Zscaler has appointed two regional sales directors for Australia and New Zealand. "These new sales director appointments in the region are testament to the strengthening of our business in Australia and New Zealand and market demand for innovative security in a cloud-first...
Products, Services, and Solutions
Tempered Expands Zero-Trust Software Defined Perimeter Platform to Secure Critical Infrastructure, Distributed Organizations (BusinessWire) Tempered announced new hardware and software designed to protect data, applications and devices across on-premise, remote and cloud environments.
Datadobi Announces DobiProtect for File and Object Data (BusinessWire) Datadobi today announced DobiProtect enhancements to help companies maintain the highest standards of business continuity.
nCipher nShield HSMs achieve Red Hat Container certification (nCipher Security) Simplified cryptography for container and Kubernetes application development
Don't be next! Prevent DarkSide's mutating mutex with Minerva (MInervva) DarkSide ransomware is a new and dangerous malware that threatens its victim not only with its data encryption functionality but also with leaking the stolen information on the dark web. Utilizing our Vaccination module that simulates static and dynamic mutex names, Minerva Labs product defends your endpoints, using the malware’s tools against itself, thus preventing the DarkSide malware
Druva Announces Partnership and Channel Expansion with Tech Data (Druva) Druva, Inc., the leader in Cloud Data Protection and Management, today announced the launch of a new distributor partnership with Tech Data, a global IT distributor and solutions aggregator.
GrammaTech Releases Open Source API Security Tool (SecurityWeek) Application security testing company GrammaTech has released SWAP Detector, an open source tool designed to detect API usage errors
Thycotic Deploys Advanced Machine Learning to Control Dangerous Applications on Endpoints (StreetInsider) Thycotic, a provider of Privileged Access Management (PAM)...
Avast Business Announces New Partnership With BCN Telecom (AiThority) Avast, announced that it has partnered with BCN Telecom to protect its customers with Avast Business SIG full-protocol managed firewall services.
Pulse Secure NAC Extends Zero Trust Network Assurance As Users And IoT Devices Return To A Hybrid Workplace (Security Informed) Pulse Secure announced new features to its Network Access Control (NAC) solution, Pulse Policy Secure (PPS), that enhance endpoint and IoT device visibility, compliance, remediation, and threat...
Technologies, Techniques, and Standards
Better Security Starts With Better Employee Training (Security Boulevard) Employees continue to be the most significant risk factor when it comes to security. According to a study by Kaspersky Lab, 52% of businesses say
Why Attys Shouldn't Dawdle On Preparing For A Data Breach (Law360) Law firms and legal departments often think they're immune to a data breach, and when it happens to them, many teams are forced to rush to implement a plan, a Wilson Allen consultant said Wednesday during a virtual legal technology conference, urging attorneys to think ahead.
In This New Normal, Every "Work From Home" Computer is a Potential Entry Point For Hackers. Here is What Small Businesses Can Do (Yahoo) As businesses begin to re-open and the workplace weighs the shift from brick and mortar to work from home offices, companies are faced with how to navigate these challenging times. To quickly enable work from home policies organizations have sometimes allowed their security policies to be more flexible
Design and Innovation
Google Has a More Efficient Way to Report Urgent Bugs (Search Engine Journal) Google is introducing a more efficient process for reporting urgent bugs and security issues.
Research and Development
White House announces creation of AI and quantum research institutes (VentureBeat) The White House announced the creation of AI and quantum research institutes funded by billions in venture and taxpayer dollars.
White House Announces $1 Billion Plan to Create AI, Quantum Institutes (Wall Street Journal) The effort is designed to ensure the U.S. remains globally competitive in AI and quantum technologies, administration officials said.
White House Office of Technology Policy, National Science Foundation and Department of Energy Announce Over $1 Billion in Awards for Artificial Intelligence and Quantum Information Science Research Institutes (Energy.gov) White House Office of Technology Policy, National Science Foundation and Department of Energy Announce Over $1 Billion in Awards for Artificial Intelligence and Quantum Information Science Research Institutes
Department of Energy selects Argonne, Fermilab to lead two multi-million-dollar national quantum research centers (University of Chicago News) Department of Energy selects Argonne, Fermilab to lead two multi-million-dollar national quantum research centers
Academia
Research Lab at USF Sarasota-Manatee Campus Receives $30,000 Grant (Sarasota Magazine) The Laboratory for Advancement of Crossdisciplinary Innovation was founded by USF professors Giti Javidi and Ehsan Sheybani.
Why Higher Ed Should Prepare for Uncommon Malware Attacks (EdTech) As cybercriminals take advantage of new attack opportunities in the remote work landscape, schools must be prepared to handle malware from unexpected vectors.
Kaspersky advances cybersecurity research with new program for universities (Security Brief) The dedicated program reportedly helps institutions become better equipped at understanding the latest and most prevalent industrial cybersecurity threats.
Legislation, Policy, and Regulation
China launches campaign on cyberspace environment for minors
(Xinhua) Chinese authorities have issued a circular announcing the launch of a special campaign to enhance the cyberspace environment for minors, the Ministry of Education (MOE) said on Wednesday.
The Dark Side of China: The Evolution of a Global Cyber Power (Intsights) Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape.
U.S. Sanctions Chinese Firms and Executives Active in Contested South China Sea (Wall Street Journal) The U.S. unveiled visa and export restrictions against Chinese state-owned companies and their executives involved in advancing Beijing’s territorial claims in the contested South China Sea.
U.S. Adds 38 New Huawei Affiliates to Entity List While Again Expanding Foreign-Produced Direct Product Rule (Global Trade Magazine) BIS added 38 additional Huawei affiliates to the Entity List. This action now brings the total number of Entity List-designated Huawei affiliates to 152.
U.S. Firms in China Say Trump’s WeChat Ban Will Hit Them Where It Hurts (Wall Street Journal) U.S. businesses in China are pushing back against a looming Trump administration ban on Tencent’s WeChat app, with a report shedding light on just how vital the tool is to companies doing business in the world’s second-largest economy.
NCSC departing boss reflects on China, Russia and trust in tech (BBC News) The departing head of the National Cyber Security Centre reflects on the threats he has faced.
TikTok Faces Government Restrictions on U.K. Expansion Drive (Bloomberg) Popular app may be banned from moving user data out of country. But Johnson unlikely to impose outright ban on London office.
U.S. helps allies fight cyberattacks (US Embassy in Georgia) Cybersecurity experts from the U.S. Cyber Command are working with other nations to identify malware and network attacks.
How Cyber Command is taking the fight abroad (Defense Systems) The head of U.S. Cyber Command defends 'persistent engagement' strategy with adversaries, explaining that proactive cyber operations won't lead the U.S. into an 'all out war.'
CISA Releases 5G Security Strategy (Decipher) The United States Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has released the National Strategy to Secure 5G for securely deploying 5G networks in the United States.
Trump's agenda promises 'great cybersecurity.' What does that mean? (SC Media) The new strategy document is short on details, but here are some areas that the market can expect to take center stage once Trump does announce a detailed policy.
SEC to Allow Businesses More Flexibility in Disclosing Risk, Legal Information (Wall Street Journal) In a 3-2 vote, the regulator approved key changes to Regulation S-K, the first significant modifications in over 30 years.
We need workforce development for cybersecurity in the energy sector (TheHill) We need to be prepared and pay renewed attention to resilient systems — and developing the trained workforce that understands and can manage them.
4 workforce development steps for any DoD cyber resilience strategy (C4ISRNET) A ready cyber force must be supported by highly trained individuals who can access a variety of training tools on demand with intuitive interfaces.
The Cybersecurity 202: DHS will run a war room for a week or more to protect November election (Washington Post) It's not just Election Day that the Department of Homeland Security is worried about: A surge in mail ballots and early voting is forcing government officials to prepare for a longer battle to protect the democratic process against hacking and disinformation.
$180 million investment to expand NSW's cyber security (Mirage News) The funding will train the next generation of cyber security experts to support the state's cyber defences. ...
NSW pledges AU$60m to build an army of cyber experts (iTMunch) The NSW government plans to quadruple its size of its cyber army by injecting funds of AU$60 million over the next 3 years. New South Wales plans to do so as a
NYC Council on Thursday moves to boost cybersecurity (New York Daily News) 'The greatest challenges we will face in the future are the pandemic, catastrophic climate events, terrorism and cyber attacks on critical infrastructure,' Councilman Ritchie Torres said Wednesday.
Litigation, Investigation, and Law Enforcement
FBI warns corporations about Chinese theft (The Washington Times) Chinese technology theft costs the American economy $225 billion to $600 billion annually in stolen trade secrets, pirated software and counterfeit goods, according to a new FBI report.
What are the latest GDPR security breach enforcement trends? (ComputerWeekly) Fieldfisher’s Kirsten Whitfield runs the rule over the latest trends in cyber security, data protection and General Data Protection Regulation (GDPR).
Ghanaian Extradited to U.S. for Cybercrimes That Caused Millions in Losses (SecurityWeek) A man from Ghana was recently extradited to the United States over his role in various types of cybercrime schemes that caused millions of dollars in losses
Participant in Phony Tech Support Scheme Pleads Guilty (SecurityWeek) A man authorities say participated in a scam to steal victims’ banking information by offering phony computer tech support services has pleaded guilty, federal prosecutors say.
Unredacted suit shows Google’s own engineers confused by privacy settings (Ars Technica) Users could make change, but it was "difficult enough that people won’t," one employee wrote.
Global Raid Targets Sparks Group, Major TV and Movie Piracy Group (Vice) Three members of the “Sparks Group," which cracked movies and TV shows for torrent sites ahead of their release, were arrested in a global law enforcement raid.
Huawei loses groundbreaking global patents case in London (Light Reading) English courts can set licensing rates for global standard essential patents, says Unwired Planet v Huawei, a decision that positions London as a patent hub.
Weather Channel app to change practices after LA lawsuit (AP NEWS) The operator of The Weather Channel mobile app has agreed to change how it informs users about its location-tracking practices and sale of personal data as part of a settlement...
Russian Arrested After Offering $1 Million to U.S. Company Employee for Planting Malware (The Hacker News) A Russian extortion gang member arrested in the United States after he traveled there to met an employee of a targeted company and offered him $1 million in bitcoins as a bribe for planting a data-stealing malware into the company's systems.
Apple co-founder Steve Wozniak Sues YouTube After Bitcoin Scam Using His Image Remains Online For Weeks... (Global Crypto Press Association) Crypto's home for live, breaking real time cryptocurrency news. Covering Bitcoin, Ethereum, ICO's and Blockchain Technology along with current prices.