Cyber Attacks, Threats, and Vulnerabilities
Norway's Parliament Says It Was Hit by 'Significant' Cyber Attack (New York Times) The Norwegian parliament suffered a cyber attack during the past week and the e-mail accounts of several elected members as well as employees were hacked, the national assembly and a counter-intelligence agency said on Tuesday.
Revisiting Typosquatting and the 2020 US Presidential Election (Digital Shadows) In October 2019, Digital Shadows’ Photon Research Team embarked on an adventure involving election typosquats that could potentially affect the presidential election and its candidates.
The Russian Election Hack That Wasn’t (This Time) (Foreign Policy) Viral Russian report shows it’s still too easy to fall for misinformation online.
Germany Is Losing the Fight Against QAnon (Foreign Policy) The German government beat back the coronavirus pandemic—but has largely given up against conspiracy theories.
Chinese Hackers Targeted European Officials in Phishing Campaign (Bloomberg) A Chinese nation-state hacker group targeted European government officials, diplomats, non-profits and other global organizations in a phishing campaign designed to gather intelligence about global economies reeling from the pandemic, according to cybersecurity experts.
TikTok Ad Scams: Insufficient Moderation Leaves 'For You' Page Filled with Dubious Apps, Products and Services (Tenable®) TikTok’s popular “#ForYou” page has become a habitat for scammers peddling fake mobile applications, diet pills, drop-shipped goods, fake gift cards and more.
Inter: The Magecart Skimming Tool Now on More than 1,500 Sites (RiskIQ) Digital web skimming attacks continue to increase. By now, anyone running an e-commerce shop is aware of the dangers of groups like Magecart, which infect a website every 16 minutes.
The Inter Skimmer Kit (RiskIQ) The Inter Skimmer kit is a prolific digital skimming solution used by several different Magecart actors.
No Rest for the Wicked: Evilnum Unleashes PyVil RAT (Cybereason) In this research, we dive into the recent activity of the Evilnum group and explore its new infection chain and tools.
Complex new attack targets managed service providers, hiding in Google traffic (SC Media) Managed service providers are being targeted with malware that uses a complex mixture of strategies to go unnoticed, according to Huntress Labs. The
Attackers abuse Google DNS over HTTPS to download malware (BleepingComputer) Earlier this year, BleepingComputer reported on hackers hiding malware in fake Windows error logs.
Severe 0-day security vulnerability found by Seravo in WP File Manager (Seravo) Severe 0-day security vulnerability found by Seravo’s security research in popular WordPress plugin – update WP File Manager immediately…
Hackers actively exploiting severe bug in over 300K WordPress sites (BleepingComputer) Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.
KryptoCibule: The multitasking multicurrency cryptostealer (WeLiveSecurity) ESET researchers analyze a previously undocumented trojan that is distributed via malicious torrents and uses a range of tricks to squeeze cryptocoins from its victims.
Cobalt Strike: The New Favorite Among Thieves - Infocyte (Infocyte) Cobalt Strike can proactively test network defenses against advanced cyber attacks. Now there's an uptick in use by cybercriminals seeking financial gain.
55% of Cybersquatted Domains Are Malicious or Potentially Fraudulent (Dark Reading) The largest online companies, such as Apple and PayPal, and banks are being targeted by cybersquatters, who are also taking advantage of the pandemic, a study finds.
Most IoT Hardware Dangerously Easy to Crack (Dark Reading) Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
Northumbria University suffers major disruption after cyber attack (ComputerWeekly.com) Some exams cancelled as university appoints external specialists to investigate incident.
Northumbria Uni Campus Closed After Serious Cyber-Attack (Infosecurity Magazine) Northumbria Uni Campus Closed After Serious Cyber-Attack. University suffers “significant operational disruption”
Warning over £1,000 fake Asda voucher scam (WalesOnline) You could end up losing huge amounts of money
Business Maverick: Despite its claims of containing a massive security breach, Experian info surfaces on internet (Daily Maverick) Data broker Experian has confirmed that – notwithstanding early claims that the security breach at the SA operation, which affected 24-million South Africans, had been contained – the information has in fact leaked out on to the internet, which in effect massively amps up the consequences of the breach.
Investigation continues after data breach confirmed in one mountain county school district (WLOS) The Haywood County Schools district continues fighting a ransomware attack. School officials have now alerted staff, students and parents that some data was stolen in that attack. Caption: WLOS. Work is under way to determine the extent of the data breach and to protect the personal information of those impacted. The attack shut down remote learning at Haywood County schools for a full week. Repairs were made and online instruction resumed this week.
Smithsonian confirms that its donor data was potentially breached in ransomware attack (Art Newspaper) Hacking of Blackbaud software systems exposed hundreds of clients, including other US and UK nonprofits
Spectrum Health Foundation impacted by nationwide hack (WOODTV.com) The Spectrum Health Foundation has been impacted by a data breach along with thousands of other nonprofit organizations nationwide.
Local hospitals disclose data breach blamed on national software company (The Buffalo News) Hackers that victimized a prominent software company grabbed data from Catholic Health patients and Roswell Park Alliance Foundation donors.
Cyberattack Partially Blamed For Miami-Dade County Public Schools Virtual Tech Issues (CBS Miami) t was a cyberattack. That is what caused problems for Miami-Dade County Public School students and teachers to get access to virtual platforms on Tuesday, for the second day in a row.
The Joys of Owning an ‘OG’ Email Account (KrebsOnSecurity) When you own a short email address at a popular email provider, you are bound to get gobs of spam, and more than a few alerts about random people trying to seize control over the account. If your account name is short and desirable enough, this kind of activity can make the account less reliable…
‘John Wick’: How Keeanu Reeves’ character inspired hackers targeted PM Modi’s website Twitter handle (Hindustan Times) The tweets, which have since been taken down, asked the followers to donate to the PM National Relief Fund through cryptocurrency.
Security Patches, Mitigations, and Software Updates
Cisco fixes critical code execution bug in Jabber for Windows (BleepingComputer) Cisco today addressed a critical severity remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows software.
Router vendor has patched some zero-days, but leaves others wide open - CyberScoop (CyberScoop) A researcher found 10 previously undisclosed vulnerabilities in MoFi Networks routers that could allow attackers to steal passwords and data from networks.
Cyber Trends
Bitglass 2020 Insider Threat Report: 61% of Companies Have Experienced an Insider Attack over the Last Year (BusinessWire) Bitglass, the Total Cloud Security company, has released its 2020 Insider Threat Report, which uncovers the state of enterprise security as it pertain
Biannual ICS Risk & Vulnerability Report - 1H 2020 (Claroty) This report details The Claroty Research Team’s assessment of all industrial control system (ICS) vulnerabilities disclosed during the first half of 2020.
Navy CIO: ‘Malicious Cyber Actors’ Attacking Military Telework Infrastructure (USNI News) Aa Adversaries are taking on the Navy’s shift to remote work in the wake of the coronavirus pandemic, according to the service’s chief information officer. Speaking at the Department of the Navy’s Gold Coast Small Business Procurement event today, Navy CIO Aaron Weis said the service saw a jump in malicious activity as employees began …
BEC Wire Transfers Average $80K Per Attack (Threatpost) That number represents a big uptick over Q1.
Vulcan Cyber Study Reveals IT Leaders Overestimate Vulnerability Management Program Maturity (PR Newswire) Vulcan Cyber®, the vulnerability remediation company, today announced the results of a research project conducted to better gauge the maturity...
Women, Minorities Underrepresented in Cyber Security, DOD Expert Says (U.S. DEPARTMENT OF DEFENSE) Women and minorities are underrepresented in the cyber security workforce, according to a panel of women cyber leaders participating in a virtual panel discussion on women in cyber leadership.
Socioeconomic status and cyber: the new 'digital divide' (SC Media) Institutions in poor or underserved regions are less equipped to fight off cyberattacks than their well-funded counterparts in affluent cities, experts say.
Why digital distancing needs to be the ‘new normal’ in Australia (Intelligent CIO APAC) Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black, introduces us to the concept of ‘digital distancing’ and tells us how to practice it. COVID-19 has shaken up Australian workplaces and has forced many organizations to move to remote working to contain the spread of the virus. In an effort to practice ‘social distancing’, […]
Marketplace
Exclusive: Anvilogic Lands $4.4M Seed For Collaborative SOC Content Platform (Crunchbase News) Detecting cyber threats is often difficult, but Anvilogic thinks it can be done through collaboration with other security domain experts.
Veterans as a Source of Cybersecurity Talent; Tim Callahan, Air Force Vet and Aflac SVP and Global CISO (Boots About Business) One source of cybersecurity talent is veterans because that have a natural inclination to protect information and gauging risk, according to Tim Callahan, SVP and global chief information security officer (CISO) at Aflac.
Lauren Knausenberger on LinkedIn: AFVentures Fellowship | 11 comments (LinkedIn) Another awesome opportunity for 25 lucky cyber colleagues in the DOD to fully immerse with top DOD cyber warriors and the best commercial cyber minds. ... 11 comments on LinkedIn
AFVentures Fellowship (Shift) Shift's AFVentures Fellowship connects the best and brightest from the United States Air Force with leading venture capital firms and technology startups for a six-week, highly intensive innovation immersion program.
7 tips for troops transitioning to civilian world from a former Navy officer and career coach (Military Times) For military personnel either in the process of transitioning to civilian life or soon looking forward to that life change, career coach and Navy veteran Tom Wolfe offers stories of triumph and misstep from other veterans who have been there.
‘Invest in Yourself,’ Female Federal CISOs Tell Women Seeking Cyber Jobs (Nextgov.com) Three female federal chief information security officers discussed how women can advance their careers in the cybersecurity field at a Wednesday webinar.
The Hidden Costs of Losing Security Talent (Dark Reading) One person's exit can set off a chain of costly events.
Chief Executives Face Rising Accountability for Cyber Lapses (Wall Street Journal) The top boss should expect to be held personally liable for damaging cyberattacks, analysts say.
Scotland announces five new hubs to nurture tech startups (Computing) The hubs will support at least 300 startups with infrastructure, mentoring and training by 2025
Apple fires shot at Google in new privacy ad (Yahoo) Apple has released a new privacy-focused commercial that takes shots at competitors like Google and Amazon.
ReliaQuest Named Official Cybersecurity Partner of the Tampa Bay Buccaneers (Tampa Bay Buccaneers) Company’s GreyMatter platform will help protect the Buccaneers and their fans from cyber threats
Axis Security Named TiE50 Award Winner at TiEcon (PR Newswire) Axis Security, the secure application access company, today announced that it has been selected as a 2020 TiE50 Winner in the prestigious TiE50...
Area 1 Security Appoints Steve Pataky as Chief Revenue Officer (PR Newswire) Area 1 Security, the first and only preemptive Cloud Email Security and anti-BEC fraud provider, today announced the appointment of noted...
Blake Moore Named Wickr Strategy, Operations VP; Joel Wallenstrom Quoted (ExecutiveBiz) Blake Moore, a 15-year Department of Defense veteran, has joined collaboration platforms provider Wi
Former Ford Motor Company CEO Mark Fields Joins the Board of Directors of Tanium (BusinessWire) Tanium, the provider of unified endpoint management and security built for the world's most demanding IT environments, today announced that Mark Field
Products, Services, and Solutions
Smarsh Enterprise Discovery Now Available Through Microsoft’s One Commercial Partner Program (BusinessWire) Smarsh®, enabling organizations to manage the risk and uncover the value within their electronic communications, today announced that Enterprise Disco
InfoComply Selects Acuant Verification To Improve Protection And Processing Of Personal Data (MarTech Series) Acuant announces partnership to help enterprise customers protect, save and process the personal data of consumers while procuring their valid consent
Volterra Unveils Distributed Load Balancer, API Gateway and API Security to Simplify and Secure Distributed Cloud-Native Applications (BusinessWire) Volterra , an innovator in distributed cloud services, today announced new capabilities for its VoltMesh service to provide globally distributed netwo
VMRay Signs Technology Partnership With Anomali Featuring Free Daily Malware Reports to Customers (GlobeNewswire) Leading Malware Analysis Solution Available Via Anomali ThreatStream Opens the Door for Security Teams to Unlock Unprecedented Threat Intelligence and Visibility
Attivo Networks covers 27 out of the 33 defense techniques identified in MITRE Shield (Intelligent CIO North America) Attivo Networks, an award-winning leader in cyber deception and attacker lateral movement threat detection, has announced that its solutions provide organizations with a vast majority – 82% – of the active defense measures presented in MITRE Shield. The ThreatDefend Platform components – ADSecure, BOTsink and Endpoint Detection Net (EDN) – represent the industry’s most comprehensive […]
Zoom Calls On CrowdStrike To Help Beef Up Security Posture (CRN) Zoom tapped CrowdStrike to help the videoconferencing giant protect its critical cloud and Linux workloads following the rapid transition to working and socializing from home.
RedLegg's Managed Security Services Now Powered by Palo Alto Network's Cortex XSOAR, Offers Automation Services (PR Newswire) RedLegg announced today that they have partnered with Palo Alto Networks, replacing their home-grown automation and analysis platform with...
Acronis SCS Hardened Backup Software Now Common Criteria-Certified (PR Newswire) Acronis SCS, an American cyber protection and edge data security company serving the US public sector, announced Acronis SCS Cyber Backup 12.5...
Offensive Security expands Proving Grounds family of training labs with PG Play and PG Practice (Help Net Security) Offensive Security introduced new products to the Proving Grounds family of training labs -- PG Play and PG Practice.
Verizon achieves milestone in future-proofing data from hackers (Verizon) Verizon is working today to ensure that communications tomorrow are safe from hackers.
Asia Pioneer, Blackpanda is Shaping Cyber Incident Response During COVID-19 (Yahoo) Blackpanda is hyper-focused on providing best-in-class digital forensics and cyber incident response. With a team of elite risk and cyber security experts from international special forces, intelligence, digital forensics, and law enforcement backgrounds, Blackpanda is shaping incident response and digital
Technologies, Techniques, and Standards
Improving Vulnerability Disclosure Together (Officially) (CISA) An open redirect – which can be used to give off-site malicious content the appearance of legitimacy – may not be on par with a fire, yet serious vulnerabilities in internet systems cause real-world, negative impacts every day. In many instances, a trained eye can spot critical deficiencies and yet have no one to report it to. It shouldn’t be hard to tell the government of potential cybersecurity issues — but it will be unless we’re intentional about making it easier.
US Navy eyes permanent solution for post-pandemic collaboration tools (C4ISRNET) Navy Chief Information Officer Aaron Weis outlined plans to replace the Defense Department's Commercial Virtual Remote Environment.
Cybereason: Why ‘Culture Is Critical’ When Building Election Infrastructure (CRN) While the COVID-19 pandemic has disrupted election calendars across the country, Boston-based cybersecurity vendor Cybereason shares with CRNtv what the channel needs to know about election security in 2020.
How to Seamlessly Enforce CCPA Guidelines in the Age of COVID-19 (CPO Magazine) Ensuring data privacy and compliance with regulations like the CCPA involves layered, complex challenges for any business especially in the age of COVID-19.
8 lessons from the Garmin ransomware attack (TechBeacon) There are ways to prepare for ransomware attacks, but the best long-term play is to invest in security to hit the bad actors right in their ROI.
Global DDoS attacks: What they are, how they work, and how to defend against them (Security Brief) Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.
Design and Innovation
Facebook to Limit Political Ads Week Before Election, Label Premature Calls (Wall Street Journal) Facebook will prohibit new political advertisements in the week before the U.S. presidential election in November and seek to flag premature claims of victory by candidates, CEO Mark Zuckerberg said.
UK's first commercial quantum computer to be developed by US startup Rigetti (Computing) The new machine will be based in Abingdon in Oxfordshire
Private Intel Firm Buys Location Data to Track People to their 'Doorstep' (Vice) The data comes from hundreds of ordinary apps installed on peoples’ phones around the world.
Research and Development
USAF Seeks Better Ways to Process Electronic Intelligence (Defense One) The Air Force Research Lab is looking for white papers outlining new technologies and methodologies for signal processing.
Academia
Innovation Campus welcomes new leader, launches inaugural class of students (Virginia Tech) Lance Collins started at Virginia Tech just a few days before the first Innovation Campus class — 79 students based in the Washington, D.C., region pursuing master’s degrees in computer science and computer engineering — started their fall semester.
Legislation, Policy, and Regulation
India bans another 118 'Chinese' apps, including PUBG (MediaNama) India on Wednesday banned 118 more apps, including popular gaming app PUBG, for allegedly being engaged in activities which are “prejudicial to sovereignty and integrity of India, defence of India, security of state and public order”. The IT Ministry said that the Indian Cyber Crime Coordination Centre and Home Ministry have sent an “exhaustive recommendation” […]
Why the world finds it extremely difficult to trust Chinese technology companies anymore (Republic World) There has been controversy surrounding many of the Chinese technology companies and their exponential growth. The simple reason being China is not a democracy.
End China’s Infection of the US Power Grid (Real Clear Energy) China and “probably one or two other” countries can shut down the U.S. power grid through a cyberattack. This disturbing revelation was made by Admiral Michael Rogers, former head of the National Security Agency, to Congress – in November 2014.
Regulators Issue Huawei, ZTE Interim Rule (National Defense) The Federal Acquisition Regulatory Council recently released an interim rule governing Section 889(a)(1)(B) of the 2019 National Defense Authorization Act. All U.S. government prime contractors should take heed.
Trump Administration Significantly Enhances Export Control Supply Chain Restrictions on Huawei (The National Law Review) INTRODUCTION
The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) recently adopted measures substantially impacting Huawei-affiliated companies and their non-
OMB, CISA release a trifecta of cyber guidance (Federal News Network) OMB released the final vulnerability disclosure policy (VDP) and DHS published the related binding operational directive and implementation guidance so agencies can get started with developing these…
CISA Orders Companies To Set Up Vulnerability Disclosure Applications (Editorials 360) Out of scores of federal civilian companies, solely a handful of them have official packages to work with exterior safety researchers to seek out and repair software program bugs — a course of that’s commonplace within the non-public sector. From a report: Now, to place an finish to the feet-dragging, the Division of Homeland Safety’s …
Rubio says Senate Intel will get election briefings despite Ratcliffe order (POLITICO) The House Intelligence Committee, run by Democrats, has seen its election security briefings canceled.
U.S. Agencies Must Adopt Vulnerability-Disclosure Policies by March 2021 (Threatpost) U.S. agencies must implement vulnerability disclosure policies by March 2021, according to a new CISA mandate.
OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research (Nextgov.com) CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.
DHS cyber agency issues order boosting cybersecurity vulnerability reporting (TheHill) The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a final directive requiring all federal agencies to develop and publish cyber vulnerability disclosur
‘We May Be Losing The Race’ For AI With China: Bob Work (Breaking Defense) Robert Work, who pushed hard for AI under Obama, calls for major reforms to catch up with China and Russia. His model? Adm. Rickover's creation of the nuclear Navy in the 1950s.
Standardization of insurance policies could improve defense contractors’ cybersecurity (C4ISRNET) A new report recommends DoD create standards for cyber insurance for the defense industrial base.
Cyber talent program places its first class of new feds (Federal Times) The Cybersecurity Talent Initiative, launched by the Partnership for Public Service, placed it's first 10 cyber professionals in federal agencies.
Navy Decouples Research Chief and N94 Positions (USNI News) The chief of naval research will cease serving in a dual role as the Navy’s director of innovation, technology requirements, and test and evaluation (OPNAV N94), according to a recent service memo obtained by USNI News. The document, dated Aug. 18 and signed by both Navy acquisition executive James Geurts and Vice Chief of Naval …
U.S. Seeks to Expand Biometric Data It Collects From Immigrants (Wall Street Journal) A Homeland Security proposal could require immigrants to submit iris scans, voice recordings and DNA samples with their applications.
California Legislature Passes One-Year Extension of CCPA’s Human Resources and B2B Exemptions (cyber/data/privacy insights) On August 30, 2020, the California Legislature passed Assembly Bill 1281, which would extend until January 1, 2022 the exemptions under the California Consumer Privacy Act for certain human resourc…
Litigation, Investigation, and Law Enforcement
The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time (Wired) Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims.
Homeland Security Blocked Warnings of Russian Campaign Against Biden (New York Times) The department’s leaders declined to publish a memo describing Russian attempts to question Joseph R. Biden Jr.’s health, prompting new scrutiny of political influence at the department.
DHS withheld bulletin warning of Russian planned attack on Biden's mental health: report (TheHill) The Department of Homeland Security (DHS) in July withheld an analysis meant for its federal, state and local law enforcement partners that warned Russia would attempt to push “allegations about the poor mental health” of Democratic presidential n
NSA watchdog finds abusive behavior, grift at senior levels (CyberScoop) The National Security Agency’s Office of the Inspector General determined that multiple senior executive leaders and top officials at the intelligence agency recently have engaged in abusive behavior, misusing their positions, and fudging timesheets.
Can You Use Outside Counsel to Preserve Work Product Protection for A Forensic Breach Report? (JD Supra) The answer, maybe, but it depends on the facts in each case. Merely because a company has its outside legal counsel directly retain a...
The Trump-Alfa Bank Server Mystery Resurfaces (Just Security) Russia's Alfa Bank's new lawsuits in Florida and Pennsylvania and the Senate Intelligence report spotlight a continuing puzzle about 2016 election.
U.S. court: Mass surveillance program exposed by Snowden was illegal (1450 99.7 WHTC) By Raphael Satter
(Reuters) - Seven years after former National Security Agency contractor Edward Snowden blew the whistle on the mass surveillance of Americans' telephone records, an appeals court has found the program was unlawful - and that the U.S. intelligence leaders who publicly defended it were not telling the truth.
In a ruling handed dow…
Verizon Sued by Dissident Claiming Yahoo Ties to China Crackdown (Bloomberg.com) The Verizon Communications Inc. subsidiary that acquired Yahoo! Inc. in 2017 was sued in the U.S. by a Chinese activist over an alleged secret pact between Beijing and former Yahoo executives that led to the torture of dissidents.
U.S. Secret Service joining investigation of Miami-Dade schools’ cyber attack (WPLG) Multiple law enforcement agencies are looking into how Miami-Dade School District's online learning platform was breached.