Cyber Attacks, Threats, and Vulnerabilities
Reporting for Duty (Stanford Internet Observatory) An investigation into a network of Pakistan-based Facebook and Instagram accounts suspended for coordinated inauthentic behavior reveals mass reporting to silence critics of Islam and Pakistan.
Facebook Nabs Russia-Linked Campaign to Fuel US Chaos (SecurityWeek) Facebook caught an emerging Russia-linked campaign to fuel political chaos in the US, working off a tip from the FBI.
Facebook takes down Russian operation that recruited U.S. journalists, amid rising concerns about election misinformation (Washington Post) The social media giant acted against a small network of pages and accounts that directed users to a fake left-leaning news site called Peace Data
Facebook Has Removed Fake Accounts From A Washington PR Firm And Russian Trolls (BuzzFeed News) The fake pages, groups, and profiles tried to sow political chaos around the world.
Russia's IRA used phony news accounts on Facebook to discuss QAnon, coronavirus (CyberScoop) Russia’s troll farm again is trying to use Facebook to inflame divisions in the U.S. ahead of a presidential election. Facebook on Tuesday said it removed 13 accounts and two pages, which had 14,000 followers, affiliated with the Internet Research Agency, a Russian organization with a long history of using fake social media accounts to exploit political tension.
After FBI tip, Facebook says it uncovered Russian meddling (CNN) People associated with the infamous St. Petersburg troll group that was part of Russia's attempt to interfere in the 2016 US presidential election are trying to target Americans again, Facebook announced Tuesday after receiving a tip from the FBI.
Facebook catches Russian trolls targeting Corbyn supporters (The Telegraph) The covert influence plot used fake accounts with AI-generated faces to push articles and adverts meant to sow division in the British Left
Russians Again Targeting Americans With Disinformation, Facebook Says (New York Times) The company said it had been warned by the F.B.I. that a so-called troll farm in St. Petersburg set up a network of fake user accounts and a website.
IRA Again: Unlucky Thirteen (Graphika) Facebook Takes Down Small, Recently Created Network Linked to Internet Research Agency
The Peace Data message to our readers (Peacedata) On September 1, 2020 The New York Times, Reuters, CNN and other corporate media sources published the articles slandering our
August 2020 Coordinated Inauthentic Behavior Report (About Facebook) We’re sharing information about the three networks we removed in August as part of our regular CIB reports.
China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks (Threatpost) The RAT has been distributed in various campaigns over the past six months, targeting both European officials and Tibetan dissidents.
Chinese APT TA413 Resumes Targeting of Tibet Following COVID-19 Themed Economic Espionage Campaign Delivering Sepulcher Malware Targeting Europe (Proofpoint) Beginning in the first half of 2020, the rapid international spread of the COVID-19 virus introduced a shift within the threat landscape towards pandemic-themed social engineering lures.
CISA and FBI say they have not seen cyber-attacks this year on voter registration databases (ZDNet) CISA and the FBI issue a joint statement about election and voter database hacking threats after a misleading article in Russian media today.
U.S. Election 2020—Have Russian Hackers Stolen Millions Of Voter Registrations? (Forbes) Russian media reports of 7.6 million hacked Michigan voter registration records went viral this week, but are they accurate?
SOS denies Russian ‘data breach’ of Michigan voter info (Michigan Advance) The personal information of 7.6 million Michigan voters was obtained and posted on a Russian hacker site in an apparent attempt to solicit money from the U.S. government, the Russian newspaper Kommersant reported Tuesday. Millions of voters from other key swing states including North Carolina and Florida were also targeted in the dark web database, […]
US Homeland Security, FBI Say No Cyber Attacks on Voter Registration Databases Took Place (Sputnik) A Russian newspaper earlier in the day alleged that hackers had stolen and posted data from millions of American voters.
NZX regains ground after 'rough couple of days' (Stuff) The market made a "strong return to green" on Wednesday, buoyed by gains across several major stocks.
MetService anticipates future DDoS cyberattacks in coming days (Stuff) Cybercriminals have been launching a series of DDoS attacks on New Zealand websites.
AusCERT says alleged DoE hack came from a third-party (ZDNet) AusCERT says a data breach occurred at K7Maths, a company providing services to schools.
Iranian Hackers Target Critical Vulnerability in F5's BIG-IP (SecurityWeek) A hacking group believed to be linked to the Iranian government exploited a critical vulnerability (CVE-2020-5902) in F5 Networks' BIG-IP application delivery controller (ADC)
Norwegian Parliament discloses cyber-attack on internal email system (ZDNet) Norway's Parliament, Stortinget, says hackers gained access and downloaded content for "a small number of parliamentary representatives and employees."
Hackers Attack Norway's Parliament (SecurityWeek) Norway's parliament said it had been the target of a "vast" cyber attack that enabled hackers to access the emails of some lawmakers.
Norway's parliament says it was hit by 'significant' cyber attack (Reuters) The Norwegian parliament suffered a cyber attack during the past week and the e-mail accounts of several elected members as well as employees were hacked, the national assembly and a counter-intelligence agency said on Tuesday.
ESET Research discovers KryptoCibule: The multitasking multicurrency cryptostealer (PCR) ESET researchers have discovered a previously undocumented trojan malware family that spreads throug
Slack users unwittingly phished with malicious payloads (SC Media) Since late June, the platform’s file storage domain – slack-files.com – appeared to pop up with far more regularity on the Phish Alert Button,
Credit card data smuggled via private Telegram channel (BleepingComputer) Security researchers noticed that some cybercriminals attacking online stores are using private Telegram channels to steal credit card information from customers making a purchase on victim sites.
Cisco Says Hackers Targeting Zero-Days in Carrier-Grade Routers (SecurityWeek) Hackers are exploiting two unpatched vulnerabilities (CVE-2020-3566 and CVE-2020-3569) in the DVMRP feature of Cisco's IOS XR software that runs on many carrier-grade routers.
Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers (Help Net Security) A technical support intervention has revealed two actively exploited zero-day vulnerabilities affecting Cisco enterprise-grade routers.
The most popular brand websites that hackers use for typosquatting campaigns (CyberScoop) New Palo Alto Networks research dives in on the top most-imitated typosquatting websites for credential-stealing, financially-motivated hacks.
Cyber-Criminals Mimicking Global Brand Domain Names to Launch Scams (Infosecurity Magazine) Cyber-squatting is being used to launch a variety of attacks including phishing
Ransomware attacks continue to dominate the threat landscape (TechRepublic) Cybercriminals are increasingly exploiting the Cobalt Strike testing toolkit to carry out ransomware campaigns, says Cisco Talos Incident Response.
COVID-19 scammers are using data-breach fears to get information from Canadians (Record.com) Scammers are now luring Canadians with promises of protecting them against data breaches, Canadian Cyber Centre says.
Hiding in Plain Sight || Part 2 (Medium) We recently uncovered a really peculiar piece of malware.
Mitsubishi Electric Multiple Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Multiple Products
Vulnerability: Predictable Exact Value from Previous Values
2. RISK EVALUATION
Successful exploitation of this vulnerability could be used to hijack TCP sessions and allow remote command execution.
Construction firm Stefanutti Stocks hit by cyberattack (TechCentral) JSE-listed construction company Stefanutti Stocks was hit by a cyberattack on the morning of 31 August, it said in a statement to shareholders.
Hackers delete Bykea database, company unaffected due to backups (Profit by Pakistan Today) Early on Tuesday morning, Bykea experienced a breach wherein hackers managed to infiltrate and delete an entire database, though the company remained unaffected because the attack was caught e
Paying the price: school system faces stolen data in cyber attack (The Mountaineer) School officials faced a sticky wicket over the past week when deciding whether to pay the ransom sought by the criminal cyber actors.
Security Patches, Mitigations, and Software Updates
Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit (CyberScoop) Unidentified hackers are trying to exploit vulnerabilities in router software made by Cisco while the networking giant scrambles to address the issues.
Cyber Trends
APT-style mercenary groups challenge the threat models of many organizations (CSO Online) APT-for-hire services will broaden the scope of who is vulnerable to that type of attack. Small- and medium-sized companies in particular need to rethink their threat models.
Enterprise Security and IT Teams Think Their Vulnerability Management Programs Are More Mature Than They Actually Are (Vulcan Cyber) 2020 is the worst. Already notorious for its epic struggles, 2020 is now on pace to deliver the most disclosed vulnerabilities ever.
More households now sharing digital services, says cybersecurity firm (The Star Online) A study by Kaspersky found that housemates were increasingly sharing access to their online subscriptions, going beyond a WiFi account to streaming services, gaming subscriptions and food delivery apps.
Child Identity Theft: Parent Awareness, Behaviors, and Attitudes (Security.org) Written by Aliza Vigderman Last Updated: September 1st, 2020 Childhood is supposed to be a carefree time where kids can learn and grow in a safe environment, without having to worry about (or even know about) things like identity theft. However, children can fall victim to identity theft, especially if a parent isn’t monitoring their … Continued
Remote Learning During Pandemic Brings Privacy Risks (Wall Street Journal) The mass shift to remote learning in many U.S. school districts is pushing students to use apps and other digital tools that could expose personal data such as names, locations and device identifiers, according to privacy experts.
Interest in VPNs surges by 1150% in the Philippines (Atlas VPN) According to Atlas VPN investigation, interest in VPNs surged by 1150% in the Philippines due to a special mobile game offer. To honor Brazil’s day of independence, which will happen on September 7, 2020, Moonton, a mobile game developer, prepared a gift for Brazilians - multiple free skins on their mobile game - Mobile Legends.
Marketplace
FireMon Secures $40 Million Debt Financing (SecurityWeek) Network security policy management provider FireMon has secured $40 million in debt financing from Silicon Valley Bank (SVB).
Software Maker Security First Files for Bankruptcy (Wall Street Journal) Security First, a cybersecurity software company that counts major Trump supporter Robert Mercer among its shareholders, filed for bankruptcy with plans to sell its business to ESW Capital for roughly $6 million.
WSJ News Exclusive | TikTok Deal Talks Are Snarled Over Fate of App’s Algorithms (Wall Street Journal) Deal talks for TikTok’s U.S. operations have been complicated by the key question of whether the app’s core algorithms can be included as part of a deal, according to people familiar with the matter.
WSJ News Exclusive | TikTok Deal Talks Are Snarled Over Fate of App’s Algorithms (Wall Street Journal) Deal talks for TikTok’s U.S. operations have been complicated by the key question of whether the app’s core algorithms can be included as part of a deal, according to people familiar with the matter.
China's Huawei Shifts Investment from U.S. to Russia (The Moscow Times) Huawei founder says U.S. sanctions have pushed the Chinese telecoms giant closer to Russia.
SynED and US VALOR Help Bring Veterans Into the Cybersecurity Workforce (PR Newswire) America's veterans just received another hand-up. No stranger to challenges and helping keep the country safe, US VALOR (Veterans Advancing...
Coalfire Appointed to PCI Standards Roundtable (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, today announced it has been appointed to its second term on the Payment...
Thycotic Named Gold Winner in 15th Annual 2020 IT World Awards® (PR Newswire) Thycotic, a provider of privileged access management (PAM) solutions to more than 10,000 organizations worldwide, including 25 of the Fortune...
Netskope Appoints John Martin to Chief Product Officer (PR Newswire) Netskope, the leading security cloud, today announced the appointment of John Martin to Chief Product Officer. In this position, Martin is...
BlueVoyant Strengthened with the Appointments of Influential Leaders to its Board of Directors and Advisory Board (PR Newswire) BlueVoyant, a global expert-driven cybersecurity services company, today announced the appointment of Debora Plunkett and Ariel Litvin to the...
Products, Services, and Solutions
Morphisec Releases Education Cybersecurity Threat Index as K-12 and Hi (PRWeb) Fifty-two percent of K-12 educators in the U.S. say their school has not warned them about the dangers of ransomware as they prepare to s
Akamai, CISA, and CIS Join Forces to Improve SLTT Cyber Defenses (Akamai) Cybercriminals continue to target U.S. state, local, tribal, and territorial (SLTT) government organizations. In 2019, there were more than 100 ransomware attacks -- including an attack on Baltimore's IT systems that locked out thousands of computers and disrupted nearly every city service. This attack is estimated to have cost the city as much as $18 million.
DH2i Announces Support for Microsoft Azure Shared Disks and New Azure Disk Storage Enhancements (DH2i) DH2i is pleased to share that our DxEnterprise software fully supports the newly released Azure shared disks - the industry's first cloud block storage. Check out our resources in this press release for more info.
InfoComply Selects Acuant Verification To Improve Protection And Processing Of Personal Data (MarTech Series) Acuant announces partnership to help enterprise customers protect, save and process the personal data of consumers while procuring their valid consent
Nozomi Networks Delivers OT & IoT Cybersecurity Via the Schneider Electric Exchange (Nozomi Networks) Schneider Electric customers get faster access to cybersecurity expertise alongside the industry-leading OT and IoT visibility and security they need for digital transformation
Recorded Future Solves Today's Security Challenges With Intelligence (PR Newswire) Recorded Future, the largest security intelligence provider, today announced the further optimization of the Recorded Future Security...
GlobalPlatform Simplifies Secure User Authentication with Standardized API - GlobalPlatform (GlobalPlatform) Secure Element Broker Interface defines standard to simplify and bring greater trust to the authentication of digital services on smartphones and biometric-enabled cards.
Ideagen : Launches First Cloud Version of Industry Leading Q-Pulse Software (MarketScreener) Leading international provider of governance, risk and compliance software, Ideagen Plc, has announced the first cloud version of its industry leading quality, health & safety and environmental...
WISeKey & iStorage Team Up to Secure Your Digital Life (AiThority) WISeKey, and iStorage, the award-winning and trusted global leader of hardware encrypted data storage and cloud encryption devices.
Secureworks Welcomes Arrow Electronics to its Global Partner Program (GlobeNewswire) Distribution agreement delivers scalable, complementary security solutions to channel partners in North America
QuoLab Announces Partnership with C5 Capital, Increasing Foothold in the Federal Marketplace (BusinessWire) QuoLab Technologies announces partnership with C5 Capital, aimed at increasing its presence in the federal marketplace.
Researchers Conducted An Endurance Test To Determine The Best Security Product For Android: Avira, Bitdefender, G Data, Norton Trend Micro Are On Top, Google's Performance Is Still Not Satisfactory (Digital Information World) AV-TEST examined fourteen security applications for Android, and the study was conducted on Android 8.0 (Oreo version).
Technologies, Techniques, and Standards
Does Your Board Really Understand Your Cyber Risks? (Harvard Business Review) Your risk assessment shouldn’t be geared toward technical experts alone.
Gotcha — you've been hacked! (PropertyCasualty360) Successful cyberattacks can lock down data and computer access, and stop a company’s operations in seconds.
Beware CISOs: attack vectors are coming from inside the house (SC Media) As employees work beyond an office network, CISOs may lose a lot of the critical visibility into network traffic.
Design and Innovation
Deepfake detection tool unveiled by Microsoft (BBC News) The tech firm has created a way to spot computer-manipulated videos and photos.
New Steps to Combat Disinformation (Microsoft on the Issues) Today, Microsoft announces two new technologies to help battle disinformation – Newsguard, which will allow users to check the accuracy of the content they are reading, and Video Authenticator, which can detect deepfakes and other synthetic meda – as part of our Defending Democracy Program.
Facebook notifies people it can remove or block content to avoid regulatory risk (CNET) The social network is updating its terms of service.
Critics want Twitter to halt its trending lists. Instead, Twitter will make tweaks. (NBC News) Twitter said it would provide more context for trending topics by selecting a "representative tweet" for some trends.
Research and Development
NTT Research to Collaborate With UCLA and Georgetown on Cryptography and Blockchain (AiThority) NTT Research, a division of NTT announced that its Cryptography and Information Security (CIS) Lab has reached joint research agreements
()
Academia
Purdue University Global cybersecurity bachelor’s degree program accredited by ABET (Purdue University) The Purdue University Global Bachelor of Science degree program in cybersecurity has been accredited by the Computing Accreditation Commission of ABET, the global accreditor of college and university programs in applied and natural science, computing, engineering and engineering technology.
ESET Announces Winners of 2020 Women in Cybersecurity Scholarship Awards (PR Newswire) ESET, a global leader in cybersecurity, today announced the winners of the fifth annual ESET Women in Cybersecurity Scholarship. Designed to...
Fortinet expands Security Academy Program (TahawulTech) Fortinet has added more than 20 new academic institutions and nonprofits worldwide have recently joined Fortinet’s Security Academy Program.
Legislation, Policy, and Regulation
Building the Grand Strategy for Cybersecurity (SIGNAL Magazine) “If you’re playing defense, you are losing.” Cyber leaders scramble to find a grand strategy for cybersecurity amid growing threats. [Part 2 in 2-part series]
The Kremlin’s Plot Against Democracy (Foreign Affairs) How Russia Updated Its 2016 Playbook for 2020
NZX cyberattacks a wakeup call (Newsroom) The NZX cyberattacks represent a wakeup call, but also a huge opportunity for NZ to be proactive in protecting itself in the highly likely event of a potentially worse cyberattack.
Trump Insists on Compensation for U.S. in Any TikTok Sale (Bloomberg) President Donald Trump said he’s told people involved in the sale of the U.S. assets of ByteDance Ltd.’s TikTok that the deal must be struck by Sept. 15 and the federal government must be “well compensated,” or the service will be shut down.
Barr tightens rules on surveillance of political candidates and advisers (Washington Post) Attorney General William P. Barr imposed new rules Tuesday tightening the use of government surveillance on political candidates or their staffers — a move likely to cheer conservatives who have long criticized how the FBI investigated the Trump campaign in 2016.
Should Google’s Ad Market Be Regulated Like the Stock Market? (Wired) A leading antitrust scholar says yes. Congress may be listening.
Pentagon’s central AI office wants to standardize its acquisition process (C4ISRNET) The Joint Artificial Intelligence Center is “considering” starting a competition for a 501(c) nonprofit manager or managers of its prototype “Artificial Intelligence Acquisition Business Model” that looks to use other transaction authorities to more quickly purchase AI products.
Litigation, Investigation, and Law Enforcement
()
GCSB 'getting on top' of cyber attacks against NZX, other businesses, says Andrew Little (New Zealand Herald) The Government Communications Security Bureau is getting on top of the cyber attacks that have seen the NZX website crash for the past five trading days.
French Paper Attacked in 2015 Reprints Muhammad Caricatures (New York Times) The French satirical paper whose staff was decimated in a violent attack by Islamic extremists in 2015 is reprinting caricatures of the Prophet Muhammad cited by the killers, declaring "history cannot be rewritten nor erased."
A Saudi Prince's Attempt to Silence Critics on Twitter (Wired) An ongoing investigation reveals how Mohammed bin Salman's team allegedly infiltrated the platform—and got away with it.
Colorado Man Sentenced to 11 Years in Prison for Moderating Disputes on Darknet Marketplace AlphaBay (US Department of Justice) A Colorado man was sentenced today by U.S. District Court Judge Dale A. Drozd to 11 years in prison.
Twitter Hack May Have Had Another Mastermind: A 16-Year-Old (New York Times) On Tuesday, federal agents served a Massachusetts teenager with a search warrant. He appears to have played a significant role in the July 15 Twitter attack, investigators and fellow hackers said.
Amazon Is Spying on Its Workers in Closed Facebook Groups, Internal Reports Show (Vice) The company is surveilling dozens of private Facebook groups in the United States, the United Kingdom, and Spain, according to an internal web tool and reports left on the open internet.
Why Jeff Bezos is hiring ex-spooks to keep tabs on his employees (The Telegraph) Former secret service agents are sought to join Amazon's intelligence unit to track employees, terrorists and political leaders
Amazon Is Openly Hiring Union-Busters (Gizmodo) Jeff Bezos obviously doesn’t want a union in his company. Amazon’s increasingly flippant statements about protest activity have made that clear, as have years of leaks in the press that detail the sort of anti-labor reeducation workers are subjected to, how company brass discuss labor leaders, and the sheer resources involved in making sure individual stores don’t come loose from Amazon’s grip.
Cyber security NSW investigates drivers licence data breach (Mirage News) Investigations by Cyber Security NSW into an apparent data breach of scanned NSW driver licences has confirmed a commercial entity is responsible...
Hospital data breach of women who had stillbirths results in 'no further action' (Andover Advertiser) A DATA breach which saw personal details of women who had suffered stillbirths published online has resulted in no further action being taken.