The second issue of Creating Connections, our monthly newsletter focused on women in cybersecurity, is out today. Creating Connections brings you resources and thought leadership from women in the industry. In this issue, Andrea Little Limbago from Interos keeps it real and gives us the skinny on techtonics, Dr. Margaret Cunningham from Forcepoint helps you understand user security habits with Behavioral Analytics, and there's much more. Subscribe to join our league of cyber ladies.
Use Recorded Future Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now at no cost.
Thanos tries something new. Emotet warning from three Governments. Service NSW breach update. Biomedical espionage.
Early Friday Palo Alto Networks’ Unit 42 reported a Thanos campaign against two (unidentified) government organizations in the Middle East and North Africa. This variant overwrites master boot records to deliver its demand for “20,000$” [sic] in Bitcoin, which is both unusual and, from the attackers’ perspective, arguably counterproductive. CyberScoop quotes Recorded Future as observing that the attack may be a destructive wiper posing as ransomware. The good news, such as it is, seems to be that the attempt to overwrite the master boot record was bungled, unsuccessful. Bleeping Computer notes that Thanos affiliates were less than fully successful in more traditional June attacks against European targets.
French, Japanese, and New Zealand cyber authorities have warned that email-borne Emotet campaigns are hitting targets in their countries. Many of the payloads are carried in malicious pdf attachments.
The Sydney Morning Herald has updates on the Service New South Wales data breach: forty-seven compromised employee email accounts were used to obtain personal data of 186,000 customers and staffers.
Georgian authorities confirm that cyberespionage against the Lugar Lab biomedical research center in Tiblisi took COVID-19 research files. There's no attribution yet (although Russia has long been interested in the Lab), but Georgia’s Foreign Ministry says it won’t hesitate to name the perpetrators once they're identified.
The incident at the Lugar Lab isn’t a one-off: the New York Times reports that COVID-19 research has become a common target for collection by espionage agencies. CyberScoop has an account of US efforts to secure vaccine research.
Today's issue includes events affecting Argentina, Australia, Chile, China, France, Georgia, Greece, Iran, Israel, Italy, Japan, New Zealand, Russia, Saudi Arabia, the United Kingdom, and the United States.
In a remote work world, managing and securing endpoints has never been more important. Tanium provides unified endpoint management and security built for the world's most demanding IT environments, including all six branches of the Armed Forces. Join Tanium at this year’s Converge 2020 virtual event to learn about the latest advances in endpoint management and security. Go to converge.tanium.com and enter promo code ‘Cyberwire’ to receive a 15% discount on a Lab Pass.