Cyber Attacks, Threats, and Vulnerabilities
NZX website down again having started the day well (New Zealand Herald) NZX is working closely with network service provider Spark and the GCSB.
NZX may only have itself to blame for cyberattacks (Stuff) OPINION: Is this a focus on cost-cutting coming back to bite the stock exchange?
NZX attacks embarrassing and unusual, head of TUANZ says (RNZ) The head of the Telecommunications Users Association of New Zealand says the attacks on the NZX are highly unusual and serve as a good reminder for corporates to make sure their defences are up.
Iranian hackers are selling access to compromised companies on an underground forum (ZDNet) The Iranian hacker group who's been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers.
PIONEER KITTEN: Targets & Methods [Adversary Profile] (CrowdStrike) PIONEER KITTEN is an Iran-based adversary that's highly opportunistic and has been active since at least 2017. Learn about its origins, methods, targets, and more.
Credit cards stolen via Telegram messages in first documented web skimmer variant (Malwarebytes) The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection.
Apple mistakenly approved a widely used malware to run on Macs (TechCrunch) Researchers say they've found the first Mac malware 'notarized' by Apple.
Apple's notarization process fails to protect (Malwarebytes Labs) Apple introduced the concept of notarization to ensure any new software submitted to the App Store is malware-free. But is it all for show?
Hackers are backdooring QNAP NAS devices with 3-year old RCE bug (BleepingComputer) Hackers are scanning for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions, trying to exploit a remote code execution (RCE) vulnerability addressed by QNAP in a previous release.
Cisco warns of actively exploited bug in carrier-grade routers (BleepingComputer) Cisco warned over the weekend that threat actors are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability in the company's Cisco IOS XR software that runs on carrier-grade routers.
Cisco issues alert for zero-day DVMRP vulnerability being actively exploited by attackers (Computing) The bug in carrier-grade routers could allow a remote hacker to exhaust target device's process memory by sending crafted IGMP traffic
Commodified Cybercrime Infrastructure: Exploring the Underground Services Market for Cybercriminals (Trend Micro) The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.
Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files (KnowBe4) Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files
Vulnerability Summary for the Week of August 24, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA.
American Payroll Association discloses credit card theft incident (BleepingComputer) The American Payroll Association (APA) disclosed a data breach affecting members and customers after attackers successfully planted a web skimmer on the organization's website login and online store checkout pages.
Surge in School Cyberattacks Expected, Ransomware Leading Threat (Channel Futures) The FBI has issued a warning that school cyberattacks will increase with the rise in remote learning due to the COVID-19 pandemic.
Stolen Fortnite Accounts Earn Hackers Millions Per Year (Threatpost) More than 2 billion breached Fortnite accounts have gone up for sale in underground forums so far in 2020 alone.
Security Patches, Mitigations, and Software Updates
Patch Priority Index for August 2020 (The State of Security) Tripwire's August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple.
Cyber Trends
Phishing Attacks Have Multiplied Since the Start of the Pandemic, Leaving Companies More Vulnerable and Strapped for Time (GreatHorn) New research from GreatHorn reveals a significant spike in phishing attempts since the pandemic began, leading to more frequent successful attacks and a heavier burden on IT teams to constantly remediate incidents WALTHAM, MA– September 1, 2020 – According to new survey data from GreatHorn, the frequency of phishing threats has risen considerably throughout the […]
()
A critical look at the CSIS Report “Dismissing Cyber Catastrophe” (Control Global) Jim Lewis is a Sr VP at the Center for Strategic and International Studies (CSIS). He wrote the article “Dismissing Cyber Catastrophe” dated August 17, 2020...
Marketplace
ZIM, Konfidas launch cybersecurity consulting company (The Jerusalem Post) Levi, Konfidas’s founder, said that the maritime and logistics industries have witnessed an unprecedented rise in cyberattacks in recent years.
TikTok deal to sell U.S. business could be announced as soon as Tuesday (CNBC) Microsoft, in partnership with Walmart, and Oracle are the top contenders to win the deal.
TrueFort Named TiE50 Winner for 2020 (WFMJ) Application Detection and Response Platform Provider Recognized for Reversing Traditional Infrastructure Approach to Security
Life on the front lines of next cyber fight (Australian Financial Review) The nation's chief information security officers earn their titles and offices in the C-suite the hard way.
White Hat Hackers on the Trail of Cybercriminals (Now. Powered by Northrop Grumman) White hat hackers find flaws in computer systems before cybercriminals do.
Proofpoint tasks 20-year security veteran with running APJ (Channel Asia) Proofpoint has appointed Alex Lei as new regional leader of Asia Pacific and Japan, recruiting the industry veteran from Dell Technologies.
Products, Services, and Solutions
Proofpoint Launches Security Awareness Training for SMBs to Reduce Successful Phishing and Malware Infections by up to 90 Percent (GlobeNewswire) Cybersecurity leader’s award-wining solution delivers the right training to the right people at the right time
ReversingLabs Titanium Platform Delivers ROI of 397 Percent According to Independent Research Firm Analysis (GlobeNewswire) Study Finds Overall Security Analyst Productivity Doubled with Use of the Titanium Platform
US Homeland Security Can Now Track Privacy Crypto Monero (Decrypt) The popular privacy coin might not be so private anymore, as CipherTrace claims to have developed tools to trace it.
Attivo Networks Covers 27 out of the 33 Defense Techniques Identified in MITRE Shield (Yahoo) Attivo Networks®, an award-winning leader in cyber deception and attacker lateral movement threat detection, today announced that its solutions provide organizations with a vast majority – 82 percent – of the active defense measures presented in MITRE Shield. The ThreatDefend® Platform components – ADSecure
Developer-Centric Application Security Company StackHawk Announces its General Availability Launch (PR Newswire) StackHawk, the software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit...
U.S. Department of Defense Selects Forescout to Protect Millions of Mission Critical Devices Across Global Networks (Forescout) Multi-year “Comply to Connect” (C2C) program delivers enterprise-wide capabilities to secure DoD networks Forescout provides foundational cybersecurity capabilities for C2C, and has been implemented by the Navy and U.S. Marine Corps, the pathfinders for C2C SAN JOSE, Calif., Sept. 1, 2020 – Forescout Technologies, Inc., the leader in Enterprise of Things security, today announced it was selected by […]
Stellar Releases BitRaser®, a Powerful Data Erasure and Diagnostic Tool (PR Newswire) Stellar, a global leader in data recovery, data erasure, and data migration solutions, today announced the release of BitRaser®, a simple,...
TunnelBear Circumvents Iran VPN Block, Launches 10GB Monthly Offer in the Country (BusinessWire) As TunnelBear supports individuals in countries like Venezuela and Belarus that have recently experienced internet censorship by providing short-term
Technologies, Techniques, and Standards
Alert (AA20-245A) Technical Approaches to Uncovering and Remediating Malicious Activity (CISA) This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.
Trusted Connectivity Alliance Publishes Recommendations to Enhance Subscriber Privacy in 5G (Global Security Mag Online) Trusted Connectivity Alliance (TCA), formerly SIMalliance, has published a white paper outlining the clear benefits of 5G SIM capabilities to protect the most prominent personal data involved in mobile communications – the International Mobile Subscriber Identity (IMSI). The paper has already been welcomed by Eurosmart, and the digital security organisation has expressed its full support for Trusted Connectivity Alliance’s recommendations.
How DHS is Securing Data in the Telework Era (Government CIO) Zero trust is more than verifying users, it's also verifying infrastructure.
How government is delivering better election security (GCN) While it becomes increasingly difficult to ensure the security and integrity of the 2020 election, plenty of progress has been made on the cybersecurity front since 2016, experts say.
Design and Innovation
()
The Blurred Lines and Closed Loops of Google Search (Wired) Seemingly small design tweaks to the search results interface may change how and where people find information online.
Research and Development
Facebook’s new research project will show how it influenced the 2020 election — after it's over (Protocol) To study its impact on the 2020 election, Facebook will ask some people to stop using Facebook
Legislation, Policy, and Regulation
What is the rationale behind election interference? (C4ISRNET) Attacking the American cognitive space, in pursuit of split and division in this democratic republic, has an obvious goal. But what is the Russian return on investment?
North Korea denies ATM hacking scheme (ATM Marketplace) North Korean authorities are publicly denying the U.S. government's claim the country is involved in a financial cybercrime campaign targeting international ATMs. The denial was released in a press statement from North Korea's National Coordination Committee for Anti-Money Laundering and…
Readying cyber-defence! Need a more pro-active regulator to keep citizens informed (Financial Express) Need a more pro-active regulator to keep citizens informed
Coalition countering Huawei faces hurdles (Asia Times) This summer has seen the tech war between China and the US take on new dimensions. From new export controls via the US Department of Commerce banning the sale of US semiconductor “software” and “te…
U.S. Increasingly Uses Trade Blacklist for Foreign Policy Goals (Wall Street Journal) In the past, the list was more closely tied to violations of U.S. export control regulations, international trade experts say.
Bad Cyber Actors Don’t Fear the Law. We Can Change That. (Defense One) Better coordination among law enforcement agencies at home and abroad are key to the layered deterrence strategy we need.
The Department of Homeland Security is broken. Here’s what it needs in a boss. (Washington Post) Even in normal times, the job is hard to fill. And these aren’t normal times.
()
Litigation, Investigation, and Law Enforcement
Fresh Snowden Reports Have One Lawmaker Questioning if Congress Was Surveilled (Nextgov.com) It follows the release of new allegations related to Edward Snowden.
Proposed class action lawsuit launched against CRA over data breaches (Insurance Business) Lawsuit says the actions of the agency in response to the data breach incidents were "reprehensible"
Class Action Lawsuit Questions Blackbaud's Hacker Payoff (BankInfo Security) Blackbaud is one of a growing number of organizations that say they paid ransomware attackers primarily for their promise to delete exfiltrated data. A class-action
ALP calls for action after data breach affects 50,000 NSW drivers (Echonetdaily) NSW Labor is demanding the state government notify more than 50,000 motorists whose licences were exposed through an unsecured cloud storage site.
Facebook sues UK-based app developer for illegally collecting user data (teiss) Facebook has sued app developer Fatih Haltas and his company MobiBurn for using a malicious SDK to collect user data.
UK man arrives to face charges in US after alleged $2 million email scam (CyberScoop) A man charged as part of a business email compromise money laundering scheme that allegedly defrauded victims out of $2 million over the course of at least six years is set to face a judge in U.S. court in the Southern District of New York.
Ministry of Justice has not informed people of data breach (ERR) The Ministry of Justice has not informed approximately 1,000 people who sought legal advice and whose data was accidentally made public. According to the ministry, the article published by ERR at the end of July is enough.
Chinese researcher charged with destroying evidence relating to illegal transfer of US tech (ZDNet) If convicted, the researcher could face up to 20 years of prison time.
Chinese Researcher Arrested for Destroying Evidence of Data Transfer to China (SecurityWeek) Chinese researcher Guan Lei was observed throwing a damaged hard drive into a trash dumpster near his residence, and was arrested.
Doorbell Cameras Like Ring Give Early Warning of Police Searches, FBI Warned (The Intercept) Two leaked documents show how a monitoring tool used by police has been turned against them.
Should CEOs take responsibility for cyber-physical security incidents? (Information Age) Gartner predicts that 75% of CEOs will be liable for cyber-physical security incidents by 2024, as the financial impact of breaches grows
75% CEOs will be personally liable for hackings by 2024: Report (Sify) New Delhi, Sep 1 (IANS) As cyber incidents increase globally, three out of four CEOs will be personally liable for hacking events by 2024 as they will not be able to plead ignorance or retreat behind insurance policies, a Gartner report said on Tuesday.
Amazon's surveillance can boost output and possibly limit unions: study (Reuters) Amazon.com relies on extensive worker surveillance to boost employee output and potentially limit unionization efforts around the United States, says a research paper issued on Monday by the Open Markets Institute.