Cyber Attacks, Threats, and Vulnerabilities
Elon Musk confirms Russian hacking plot targeted Tesla factory (ZDNet) A Russian hacker tried to recruit a Tesla employee working for the company's factory in Sparks, Nevada.
Elon Musk confirms Tesla gigafactory was target of foiled cyberattack (MarketWatch) Elon Musk confirmed Thursday that the Tesla Inc. gigafactory in Nevada was the target of a cyberattack that was thwarted by the FBI.
A Tesla Employee Thwarted an Alleged Ransomware Plot (Wired) Elon Musk confirmed Thursday night that a ransomware gang had approached a Gigafactory employee with alleged promises of a big payout.
Tesla employee foregoes $1M payment, works with FBI to thwart cybersecurity attack (TESLARATI) Sometimes, the events that transpire inside a company could be just as exciting and nail-biting as the most popular thrillers in fiction. In Tesla’s case, such a scenario recently played out, as a worker in Gigafactory Nevada ended up turning down a $1 million incentive, working closely with the FBI, and thwarting a planned cybersecurity …
Russian cybercrime suspect arrested in $1m ransomware conspiracy (Naked Security) When ransomware hits, there are always 3 questions. How much? Did they pay? And the big one: How did the crooks get in?
Iranian hackers impersonate journalists to set up WhatsApp calls and gain victims' trust (ZDNet) Iranian hackers impersonated journalists from German TV Deutsche Welle and Israeli magazine Jewish Journal, and the Wall Street Journal in earlier attacks this year.
New Bait Used in Instagram Profile Hacking Scheme (Trend Micro) Hackers spread messages supposedly sent from Instagram Help Center claiming that the user's account is at risk of being deleted.
New Zealand stock exchange disrupted by fourth 'offshore' cyber attack (the Guardian) Intelligence cyber crime agencies called in to help after chaotic week of distributed denial of service attacks
New Zealand Deploys Spy Agency as Hackers Hit Stock Market (Yahoo) New Zealand called in its spy agency and activated security crisis plans to help defend the stock exchange from overseas attack, after hackers disrupted the market for a fourth straight day.“We as a government are treating this very seriously,” Finance Minister Grant Robertson said Friday
New Zealand's stock exchange resumes trading after facing disruption for fourth day in a row (CNBC) NZX said it experienced DDoS (distributed denial of service) attacks from overseas through its network service provider on Tuesday and Wednesday.
New Zealand stock exchange hit for fourth straight day by 'severe' cyberattack (CNN) Trading was disrupted on New Zealand's financial markets for a fourth consecutive day on Friday as the country's stock exchange struggled to repel a cyberattack that originated overseas.
New Zealand investigating stock market cyber attacks (Washington Post) New Zealand’s government and its foreign spy agency are getting involved after cyber attacks disrupted trading on the nation’s stock market several times this week
Billions of industrial IoT devices could be flawed (TechHQ) IBM's hacking team X-Force Red detected security flaws in a series of IoT connectivity chips that could potentially lead to massive risks.
Microsoft Warns of New 'Anubis' Info-Stealer Distributed in the Wild (SecurityWeek) Microsoft warns that a new info-stealer malware named Anubis is now actively distributed in the wild.
Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers (SecurityWeek) Avast security researchers have identified vulnerabilities in DVB-T2 devices that could allow attackers to ensnare them in botnets
Magecart’s Success Paves Way For Cybercriminal Credit Card 'Sniffer' Market (Threatpost) Magecart's successes have led to threat actors actively advertising 'sniffers' that can be injected into e-commerce websites in order to exfiltrate payment cards.
Emotet Returns with Massive Volumes, New Languages, and QBot (Proofpoint) On July 17, 2020, Proofpoint researchers posted about the return of threat actor TA542 and the Emotet malware. Before TA542’s return July 17, 2020, they were last seen February 7, 2020. This 161-day hiatus was the longest known break for this threat actor group. TA542 email campaigns are the most prevalent by message volume by a large margin, with only a few other actors coming close.
A Comprehensive Look at Emotet’s Summer 2020 Return (Proofpoint) TA542, an actor that distributes Emotet malware, took an extensive break from delivering malicious emails in 2020. They were absent from the landscape for over five months, last seen on February 7 before returning on July 17, 2020.
Qbot trojan hijacking email threads to carry out phishing campaigns (TechRepublic) The latest variant of this trojan extracts email threads from Outlook, which it uses for phishing attacks, says Check Point Research.
An Old Bot’s Nasty New Tricks: Exploring Qbot's Latest Attack Methods - Check Point Research (Check Point Research) Research By: Alex Ilgayev Introduction The notorious banking trojan Qbot has been in business for more than a decade. The malware, which has also been dubbed Qakbot and Pinkslipbot, was discovered in 2008 and is known for collecting browsing data and stealing banking credentials and other financial information from victims. It is highly structured, multi-layered,... Click to Read More
Covid-19 Phishing Campaign Bypasses Gateways, DMARC (Area 1 Security) Covid-19 phishing attack exploits need for face masks, thermometers to launch Agent Tesla malware (advanced Remote Access Trojan); bypasses gateways, DMARC.
Fall of the behemoth: Cybercriminal underground rocked by Empire’s apparent exit scam (Digital Shadows) English-language cybercriminal marketplace, Empire, have conducted an exit scam and made off with members' funds. This marks the latest in a long line of exit scams among dark web marketplaces --
“ALEXA, WHO IS THE NUMBER ONE CYBERCRIMINAL FORUM TO RULE THEM ALL?” (Digital Shadows) In June 2020, the administrator of the English-language cybercriminal carding forum Altenen announced a "big victory" for the site in terms of its website traffic rank statistics. The administrator
'Swipe carefully': Democratic campaign staffers warned of possible 'sting' on dating apps (CNN) Democratic Party security officials on Wednesday sent a warning to campaign staffers across the country that political opposition groups may be using dating apps to try to get dirt on them and their campaigns.
Michigan catches robocall spreading disinformation about voting by mail (StateScoop) Secretary of State Jocelyn Benson said she and the Michigan AG are investigating the call, which appears to be the work of two bumbling right-wing scam artists.
Researchers Hijack 28,000 Printers to Show How Easily They Can Be Hacked (SecurityWeek) Researchers have once again showed that many printers can still be hacked remotely; they hijacked 28,000 devices, but believe roughly half a million are vulnerable to attacks
Android Users Warned About 40 Malware-ridden Apps That Entice You With Free Trainers (Information Security Buzz) Researchers from White Ops Satori Threat Intelligence & Research team have warned about more than 40 apps that promise free shoes, but actually infect your smartphone with dangerous malware. If downloaded, the malware, dubbed TERRACOTTA, can be used to generate fraudulent ad impressions and bombard your smartphone with annoying ads.
Red Lion N-Tron 702-W, 702M12-W (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Red Lion
Equipment: N-Tron 702-W / 702M12-W
Vulnerabilities: Reflected Cross-site Scripting, Stored Cross-site Scripting, Cross-site Request Forgery, Hidden Functionality, Use of Unmaintained Third-Party Components
2.
OpenClinic GA (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available
Vendor: OpenClinic GA is a product of open-source collaboration on Source Forge
Equipment: OpenClinic GA
Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Improper Restriction of Excessive Authentication Attempts, Improper Authentication, Missing Authorization, Execution with Unnecessary Privileges, Unrestricted Upload of File with Dangerous Type, Path Traversal, Improper Authorization, Cross-site Scripting, Use of Unmaintained Third-Party Components, Insufficiently Protected Credentials, Hidden Functionality
Experian cyber breach was a “socially engineered” disaster (Stuff) The most astounding thing about the Experian security breach of 24-million South Africans’ personal data is not that the credit agency willingly gave the information to a “fraudster”, but that Experian will escape unpunished because of years-long delays in finalising the legislation.
Cyber attack on school system suspends remote learning for remainder of week (The Mountaineer) Haywood County Schools will not resume remote learning for students this week due to a ransomware attack.
Warning over 'sophisticated phishing scam' (Highland Radio) The Department of Social Protection's warning the public about a sophisticated phishing scam. It involves people receiving a text with a request for information. A link to a website that looks very similar to a genuine government web page is also included in the text. The Department says it never requests Bank account or […]
Security Patches, Mitigations, and Software Updates
Cisco Patches High-Severity Vulnerabilities in NX-OS Software (SecurityWeek) Cisco this week released patches for ten high-risk vulnerabilities in NX-OS software, including some that could lead to code execution and privilege escalation
Microsoft announces a simpler way for admins to secure Windows 10 PCs (MSPoweruser) This new setup experience is available in Microsoft 365 admin center for Microsoft 365 Business Premium customers.
Cyber Trends
'Doxing' identified as an ‘evolving threat’ within cyber risk landscape (Insurance Times) Furthermore, data breach severity has increased over the past year, with a heavy focus on the healthcare and pharmaceutical sectors
Threat Spotlight: Ransomware (Journey Notes) This blog post dives deep into what cybercriminals are now setting their sights on as ransomware targets, such as education and healthcare.
As E-commerce Expands, So Does Cybercrime (WWD) RiskIQ released data that shows the cost of cybercrime per minute.
New Research: 2020 Vulnerabilities Are on Target to Match or Exceed Last Year (RiskIQ) Today we released our 2020 Mid Year Vulnerability QuickView Report revealing that vulnerability reporting, still impacted by COVID-19, is beginning to return to normal.
Our VulnDB® team aggregated 11,121 vulnerabilities disclosed during the first half of 2020, and as the year progresses the total
All the carrier Samsung flagships that have received the August security patch (Android Police) Samsung got incredibly fast when it comes to security patches, often beating even Google to the punch. The story is different for carrier-issued updates,
Vietnam suffers most phishing attacks on small businesses in Southeast Asia (Retail News Asia) Vietnam led Southeast Asia in the number of phishing attacks targeting small enterprises in the first half of this year. There were more than 1.6 million
Marketplace
Tech Firms Filing to Go Public Warn Investors of Shifts in Privacy Rules (Wall Street Journal) Several tech companies that filed to go public over the past week warned investors that fast-changing legal frameworks to protect consumer privacy could threaten their bottom lines.
Berbix Closes $9M Series A To Fight Fraudulent Identification (Crunchbase News) Berbix creates an ID verification tool that uses machine learning techniques to instantly spot fraud.
Fastly to Acquire Web Application Security Firm Signal Sciences for $775 Million (SecurityWeek) Content delivery network (CDN) provider Fastly (NYSE: FSLY) has agreed to acquire web application security firm Signal Sciences for approximately $775 million in cash and stock.
Keeper Security Raises $60 Million in Investment (CIO Applications) Millions of consumers and thousands of businesses in over 100 countries trust Keeper for password...
Kaseya bolsters cyber security stack with latest acquisition (MicroscopeUK) MSP software supplier Kaseya snaps up anti-phishing service Graphus, and signals yet another acquisition on the horizon.
Palantir waves the flag and embraces its U.S. government roots (Inquirer) Palantir Technologies spent the past decade trying to shed its image as a tool of the U.S. government and sell its data-mining software to businesses. But in its pitch to institutional investors ahead of a public stock debut, the company will return to its roots.
Palantir’s stockmarket prospectus reveals both losses and promise (The Economist) A secretive software-maker says hello to the stockmarket—and goodbye to Silicon Valley
Cybersecurity firm wins US Government contract (Insider Media Ltd) A Lutterworth-based cybersecurity software company has won a multimillion-pound contract with the US Department of State.
Roland Cloutier, TikTok's security boss, makes his case. Carefully. (CyberScoop) Roland Cloutier, the global chief security officer for ByteDance, says he still doesn’t understand why the U.S. government has labeled TikTok as a national security threat.
Oracle Nears $20 Billion TikTok Deal With White House Support (Exclusive) (TheWrap) CEO Kevin Mayer resigns, corporate parent CEO and private equity investors at loggerheads over the deal as Microsoft bid falls behind
Walmart Joins Microsoft’s Pursuit of TikTok (Wall Street Journal) The world’s biggest retailer by revenue is teaming up with Microsoft to bid for TikTok’s U.S. operations, which have an asking price of about $30 billion.
Walmart leaps into TikTok acquisition fray, joining Microsoft’s bid (Washington Post) As time fades for TikTok to close a deal to sell its U.S. operations, Walmart says it will join Microsoft’s bid for the short-form video app.
Walmart wanted to be majority owner of TikTok, and was teamed up with Alphabet and SoftBank before Microsoft (CNBC) The U.S. government wanted a technology provider as the lead bidder on a deal for TikTok, pushing Walmart toward Microsoft and away from a consortium with SoftBank and Alphabet.
TikTok likely to announce sale of U.S. operations in the coming days in $20 billion to $30 billion range (CNBC) TikTok's suitors include Oracle and joint bid by Microsoft and Walmart.
Facebook Allows Ads to Be Served to Mainland China Users (Bloomberg) Facebook Inc. has been allowing advertisers to target users in mainland China, despite a ban on the company’s social networks there that prohibits citizens from accessing the apps.
Sequoia Makes Inc. 5000 List of Fastest-Growing Private Companies for Fifth Consecutive Year (PR Newswire) Sequoia Holdings LLC has secured a spot on Inc. Magazine's Inc. 5000 list of the country's fastest-growing private companies for the fifth year...
Dashlane Says The Secret Word, Finds Value In A Super Bowl Buy (Mediapost) Going into its big ad buy at the 2020 Super Bowl, password and security manager Dashlane knew that one shot of exposure wasn't enough.
Kudelski Security Expands Geographic Footprint Through Channel Program for Security Services (Kudelski Security) Rapid Growth and Industry Distinction Backs Services to be Offered Through Partner Network Globally; TechData is First Global Distributor to...
Coalfire Appoints Tech Power Players Akbari And Rueda To Board Of Directors (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, today announces two additions to its board of directors – Dr. Homaira...
Kenna Security Announces David La France As Vice President Of Engineering To Overcome Cultural And Engineering Challenges (Security Informed) Kenna Security, the enterprise provider in risk-based vulnerability management, has hired David La France to be its new vice president of engineering. In that role, he will oversee Kenna’s...
Products, Services, and Solutions
()
Aurionpro Solutions cyber arm integrates with FireEye to strengthen endpoint security (IndiaInfoline) Cyberinc Isla Browser Isolation platform combined with industry-leading threat detection gives organizations better protection against known and unknown threats.
Hillstone Networks Launches ADC For Better User Exp. (Arabian Marketer) Hillstone Networks states the global release of the Hillstone Application Delivery Controller (ADC), a high performance solution designed to deliver the most optimal application experience to the user.
WatchGuard protects against all know Wi-Fi security threat types, new report says (Wi-Fi NOW Events) There are still six know categories of Wi-Fi threats to be dealt with. There's one cost-efficient way of dealing with all of them, a new report says.
Spyse launches a new external threat intelligence solution to prevent cybersecurity risks (PR Newswire) Cybersecurity company Spyse announced the new external threat intelligence solution intended to identify potential vulnerabilities, entry...
BT Crowns McAfee, Palo Alto Networks, Fortinet ‘Critical’ Security Partners (SDxCentral) BT Security conducted its “largest-ever” security supplier appraisal, and a review of the entire security vendor ecosystem to determine which partners it will work with to provide managed security services. And McAfee, Palo Alto Networks, and Fortinet came out on top.
Fortinet Adds 6 Service Providers to SD-WAN Menagerie (SDxCentral) Fortinet announced a menagerie of service provider wins this week. Six service providers — Fusion Connect, HubOne, Kazteleport, Optical Networks, Thrive, and TNS — have added Fortinet’s Secure SD-WAN to their managed service portfolios.
City of Las Vegas utilises BitDam ATP to protect from advanced cyberthreats (Intelligent CIO North America) The City of Las Vegas is utilising BitDam ATP to protect from advanced cyberthreats across collaboration platforms and against bad actors aiming to penetrate its network. Since then, it has dramatically reduced its risk of being a victim to cyberthreats such as ransomware, malware, phishing and zero-day attacks, and saved millions of dollars in remediation […]
Essence Group announces new strategic partnership in Portugal to deliver connected home security solutions (PR Newswire) Essence Group, the leading global security solutions provider, has announced a new partnership with Portuguese smart access supplier, Chaviarte....
Technologies, Techniques, and Standards
NSA’s DevOps Security Lead Lists Eight Factors to Success (Meritalk) Software Development Operations, or DevOps, can go by many names. DevSecOps, inserts Security into the equation while DevSecEthOps throws ethics into the mix, but ultimately the goal of the process is to build secure software – fast.
The risks of supply chain threat sharing (FCW) Some of the most valuable data around supply chain threats – identifying suspicious or untrustworthy actors -- can often be legally perilous to share.
Detecting, preventing, and mititgating ransomware (Red Canary) Red Canary has worked hundreds of incident response engagements and learned a lot about preventing and mitigating ransomware.
Reverse Engineering a Smart Lock (Black Hills Information Security) Ray Felch // INTRODUCTION Recently I was afforded the opportunity to research the findings of a well-known security firm (F-Secure), who had discovered a vulnerability in the Guardtec KeyWe Smart Lock. The F-Secure people found that due to a design flaw, an attacker could intercept and decrypt traffic coming from a legitimate owner of the […]
Why Ransomware Targets No Longer Need to Wind Up as Ransomware Victims (McAfee Blogs) It was every administrator’s worst nightmare. A small district hospital in western Colorado lost access to 5 years’ worth of patient records after
Design and Innovation
Air Force thinks it’s cracked the code on BYOD (Federal News Network) The Air Force believes it’s created a successful proof-of-concept that would let airmen access military networks via their own devices, and is ready to start large-scale testing.
Research and Development
Bitglass Awarded Fundamental Patent for Cloud Access Control (BusinessWire) Bitglass, the Total Cloud Security Company, has been awarded U.S. Patent No. 10,757,090 for its fundamental invention of a SAML relay, for transparent
The future of artificial intelligence and quantum computing (Intelligent Aerospace) Size, weight, power consumption, and cooling technologies today block quantum computing from the embedded world, but new generations should yield advances in artificial intelligence and computer security.
Why some artificial intelligence is smart until it's dumb (Knowable) Machine learning — a form of artificial intelligence — has found uses in fields as diverse as particle physics and radiology, and its influence is growing. But so is the understanding of its limits.
Legislation, Policy, and Regulation
LGPD Update: Brazil’s Data Protection Law Moves Closer to Taking Effect (cyber/data/privacy insights) Brazil’s data protection law, Lei Geral de Proteção de Dados (LGPD) (English translation available here), took a significant step forward on August 26, 2020, when the Brazilian Senate rejected the …
The emerging threat of Indian cyber warfare against Pakistan (Daily Times) Technology, thoughessentially an element of national power has also become a pivotal national security risk for the nation statesin recent decades. The growing reliance of states on cyberspace and digital networks hasrevolutionized the present day threat spectrum. Widespread digital transformation of states and societies has eventually made cyber warfare a reality. All the states cognizant […]
Zimbabwe: Zim Under Cyber Attack From Regime Change Agents - Mnangagwa (allAfrica.com) President Emmerson Mnangagwa is convinced Zimbabwe is under a well-coordinated cyber-attack by its detractors who are bent on effecting regime change in the country.
International law governing cyberspace globally urgently needed to ensure human rights (NDO) A virtual executive seminar themed “International law governing cyberspace” was co-held by the Department of Foreign Relations under the Ministry of Public Security (MPS) in coordination with the Dutch Embassy and the EU delegation to Vietnam in Hanoi on August 27.
Big Tech Embraces New Cold War Nationalism (Foreign Policy) China’s rise has pushed Silicon Valley away from the values it once claimed to hold.
U.S., China trade jibes as military tensions worsen (Reuters) The United States and China traded jibes as military tensions grow between the world's two largest economies, with the U.S. defense chief vowing not to "cede an inch" in the Pacific and China saying Washington was risking soldiers' lives.
Huawei rule part two: you 'use', you lose (government contracts) (International Law Office) The Federal Acquisition Regulation Council recently published a long-awaited interim rule implementing Section 889(a)(1)(B) of the National Defence Authorisation Act 2019. Essentially, the new rule prohibits government agencies from entering into, extending or renewing a contract with contractors if they use any equipment, system or service that uses certain Chinese telecoms equipment or services as a substantial or essential component of any system or as critical technology as part of any system.
Will Poland Be an Anti-Huawei Force in the EU? (Diplomat) Mike Pompeo certainly hopes so. The incentives for Poland are less clear.
Bouygues to remove 3,000 Huawei mobile antennas in France by 2028 (Reuters) Bouygues will replace 3,000 Huawei-made mobile antennas in France by 2028 following a decision by the country's authorities to remove equipment made by the Chinese company from highly-populated areas, Bouygues's deputy CEO said on Thursday.
US Army Cyber Command to get new uniformed deputy (C4ISRNET) Brig. Gen. Paul Stanton, currently the deputy director of operations at U.S. Cyber Command, will be the deputy lead for operations at Army Cyber Command.
Litigation, Investigation, and Law Enforcement
Former Army Green Beret confessed to contact with Russian intelligence, feds say (Washington Post) A former Army Green Beret accused of conspiring to spy for Russia admitted to contacts with Russian intelligence agents in a written statement in the past year, federal prosecutors said Thursday.
U.S. Moves to Seize Cryptocurrency Accounts Linked to North Korean Heists (Wall Street Journal) U.S. authorities said the accounts were used by North Korean hackers who stole an estimated more than a quarter of a billion dollars from exchanges around the world.
DOJ and Cyber Command partner up in civil forfeiture claim targeting North Korea’s financial hacks (CyberScoop) The Department of Justice has filed a civil forfeiture complaint targeting the North Korean government’s hacking of two cryptocurrency exchanges last year.
US files lawsuit to seize cryptocurrency stolen by DPRK hackers (BleepingComputer) The U.S. Justice Department today filed a civil forfeiture complaint aiming to seize control of 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korean hackers in attacks against two unnamed cryptocurrency exchanges.
Is a Ransomware Attack a Reportable Data Breach? (CTOvision.com) Read Mark Rasch take a look at whether a ransomware attack can be classified as a data breach on Security Boulevard : One question that vexes security engineers, incident responders […]
Facebook Targets Secret Data Grabs, Fake Instagram 'Likes' (Law360) Facebook on Thursday launched separate lawsuits in the U.K. and U.S. taking aim at an app developer that allegedly used malicious software to collect personal data from unwitting Facebook users and a business that was purportedly built to artificially inflate likes, followers and other engagement metrics on Instagram.
Facebook sues maker of advertising SDK for refusing to participate in audit (ZDNet) Facebook also sued the operator of a website selling Instagram followers, likes, and comments.
Blackbaud Faces Class Action Lawsuit After Data Breach (The NonProfit Times) Blackbaud Faces Class Action Lawsuit After Data Breach
Fastly Sued by Investors for Failing to Disclose TikTok Ties (Bloomberg Law) Cloud computing company Fastly Inc. failed to disclose that controversial TikTok owner ByteDance Ltd. was its largest customer in the second quarter of 2020, leading to a drop in stock prices, according to an investor suit filed in federal court.
State cyber cell arrests third accused involved in multi-crore bank fraud (The Indian Express) The fraudster had siphoned off money from the account and transferred it to five different bank accounts, which were opened on a fake identity.
Ex-Singtel executive jailed for using customers’ IC numbers to redeem vouchers to buy Apple watches, earphones (TODAYonline) A Singtel employee exploited a loophole in the telecommunications company’s internal computer system, using the National Registration Identity Card (NRIC) numbers of 22 customers to redeem thousands of dollars worth of electronic vouchers.
FBI seeking information on man accused of hacking into SUNY Geneseo student’s Snapchat account (The Daily News) The FBI is asking for the public’s help as it continues to investigate a New York City man arrested Thursday on charges of hacking into multiple people’s Snapchat