Cyber Attacks, Threats, and Vulnerabilities
Chinese embassy calls for Twitter inquiry after porn clip liked (BBC News) The Chinese UK ambassador's account liked an adult clip as well as posts critical of Beijing.
Chinese embassy demands Twitter probe after ambassador account likes porn tweet (The Verge) And tweets critical of the Chinese Communist Party.
Disinformation, mail-in ballots top election security concerns (SearchSecurity) The state of election security for 2020 is in a better place. While there have been no voter database intrusion or campaign leaks, threat actors are waging disinformation campaigns around controversial topics like mail-in ballots and the U.S. Postal Service.
Bob Woodward’s Florida Election Hacking Claims Seemingly News to Florida Election Official (Vice) The legendary journalist reportedly claims the NSA and CIA have evidence that Washington County election systems have been infected by Russian malware; the county election supervisor has no related records.
New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption (The Hacker News) Raccoon Attack — A new timing vulnerability could allow attackers to break SSL/TLS encryption and read sensitive communication.
Faking it: the thriving business of “fake alert” web scams (Sophos News) Tech support scams and “scarevertising” for questionable mobile apps use ad networks to find their unwitting victims.
Understanding BEC and EAC Attacks: Gift Card Scams (Proofpoint) Business Email Compromise (BEC) and Email Account Compromise (EAC) afflict businesses of all sizes across every industry. More money is lost to this type of attack than any other cybercriminal activity.
Researchers Uncover 89 Zero-Days in CMS Platforms (Infosecurity Magazine) Over 100,000 sites may be exposed to exploitation
K-Electric struck by ‘ransomware’ (DAWN.COM) Some services frozen but power supply unaffected; hackers demand $3.8m ransom to unfreeze.
Blackbaud security breach hits 11 systems: Atrium, NorthShore University, UK HealthCare & more. (Becker's Hospital Review) The Blackbaud security breach affected more than 25,000 nonprofit organizations worldwide, including many health systems in the U.S.
Computer System Restoration Update - Samaritan Health (Samaritan Health) Samaritan Health continues to work to restore its computer system after taking it offline as a precaution on July 25 due to security concerns involving malware. Steady progress has been made as we restore our systems and network slowly and methodically to ensure a thorough and safe process. Below is our latest update. The following … Continue reading "Computer System Restoration Update" Read more
Pickens Co. Schools prepare for second day of eLearning following cyber attack (FOX Carolina) Students and teachers in Pickens County are preparing for their second day of eLearning after a cyber attack left them unable to login for two
Cyber attack hits Fort Dodge public schools (Radio Iowa) The Fort Dodge Community School District was hit by a cyber attack on Wednesday. Officials with the Fort Dodge Community School District issued a statement Wednesday afternoon that said the district was hit by a cyber attack. The attack took down servers for the district and disabled internet and phone services. The district then made […]
Cyber Trends
Ransomware: Huge rise in attacks this year as cyber criminals hunt bigger pay days (ZDNet) Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone - and attackers are continually evolving their tactics.
From VPNs to zero trust, coronavirus shaped security priorities (CIO Dive) While there are differences in security priorities pre-pandemic, a lot of hurdles were related to scale.
Bitdefender: 40 Pct Of Pandemic Emails Spam (PYMNTS.com) A new report from Bitdefender says four out of 10 pandemic-themed emails in the first half of the year on average were tagged as spam.
Firms lose crucial data as hackers have field day in pandemic (The Standard) 75 per cent of firms sampled in Kenya reported increased cybersecurity threats, with the number lower in South Africa at 46 per cent.
Small Business Owners Say Employee Social Media Use Is a Security Issue, New Cyber Readiness Institute Survey Finds (Cyber Readiness Institute) The recent national debate over the use of TikTok and other social media applications on work devices has heightened security concerns for the owners of small and medium-sized businesses (SMBs).
Remote staff overestimating knowledge of cybersecurity basics (Security Brief) ‘Unconscious incompetence’ is one of the most difficult issues to identify and solve with security awareness training.
3rd Annual Penetration Risk Report Reveals Surprising Trends, Offers New Recommendations (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, released its 3rd Annual Penetration Risk Report, based on over 800...
Penetration risk report finds cloud service providers far more secure than enterprises (Security Magazine) The 2020 Penetration Risk Report also says cloud environments are most vulnerable to two types of attacks and medium-sized enterprises are the slowest to improve network security.
DDoS attacks against educational resources grew by 350% in H1 2020 (Hindustan Times Tech) Globally, the total number of DDoS attacks increased by 80% in the first quarter of 2020 compared to the same time last year. Attacks on educational resources accounted for a large portion of this growth.
African executives say cyber threats rise during COVID-19 era
(Xinhua) The threat of attack on digital infrastructure owned by Africa-based enterprises has increased during the COVID-19 era, executives said during a virtual briefing on Wednesday.
Phase of Uncertainty Declared for Cyber Security in Iceland (Iceland Monitor) For the first time ever, CERT-IS, Iceland’s computer emergency response team, declared a phase of uncertainty for cyber security in Iceland yesterday.
Marketplace
Coalition's 2020 Cyber Insurance Claims Report (Coalition) Our inaugural 2020 Cyber Insurance Claims Report uses real Coalition data from policyholder claims to highlight the biggest cyber threats facing businesses today. You'll learn about the most common cyber threats, how to prevent them, and what to do when you can't.
SaaS Ventures is aiming for a $50M second fund. Here's the plan to invest it. (Washington Business Journal) Bethesda venture firm SaaS Ventures has raised about $22 million so far for its second fund — but is aiming for about $50 million by early 2021.
StackRox Secures $26.5 Million in Funding and Drives 240%+ Revenue Growth with Industry's only Kubernetes-Native Container Security Platform (PR Newswire) StackRox, the leader in container and Kubernetes security, announced today that it has secured an additional $26.5 million in funding and...
Israeli cybersecurity co Pcysys raises $25m (Globes) Pcysys (Proactive Cybersystems) has developed PenTera, an Automated Penetration Testing platform.
Detroit-based AaDya Security Launches the First All-in-one Cybersecurity Platform, Marzo4, and Closes $2.7M in Seed Round (BusinessWire) AaDya Security, a Detroit-based startup founded by cybersecurity veteran Raffaele Mautone in March of 2019, closed a $2.7M seed round and launched Mar
Panther Labs Raises $15M Series A to Reinvent SIEM for Cloud-First Security Teams (PR Newswire) /PRNewswire/ -- Panther Labs, a cybersecurity startup led by Airbnb and AWS alumni, has raised $15 million in Series A funding to accelerate development of its...
After raising $200M, Boston unicorn CEO eyes IPO (Boston Business Journal) Boston-based Snyk Ltd., which arrived at a $1 billion valuation earlier this year, raised another late-stage round while eyeing an IPO, its CEO said.
Big data firm Sumo Logic aims to raise $310 million in U.S. IPO (Reuters) Big data firm Sumo Logic Inc said on Tuesday it was looking to raise $310.8 million in a U.S. initial public offering that could value the company at over $2.07 billion.
Canadian software provider Lightspeed POS files for a $376 million US IPO (Nasdaq) Lightspeed POS, a Canadian cloud-based POS software provider, filed on Wednesday with the SEC to raise up to $376 million in an initial public offering.
Palantir is being valued around $10.5 billion ahead of direct listing as investors question growth story (CNBC) In updated prospectus on Wednesday, Palantir said it has 1.64 billion shares outstanding as of Sept. 1, which indicates a valuation of about $10.5 billion.
Significant Social And Governance Risks At Palantir (ValueWalk) As Palantir files S-1 with SEC in bid for listing on NYSE, fresh concerns emerge regarding contracts with government agencies
Love us or leave us alone, Palantir CEO tells potential investors (Silicon Valley Business Journal) How that message goes over after the company's Wall Street debut on Sept. 23 will likely depend on whether Palantir can turn its first operating profit in 17 years into a regular net profit.
INX crosses minimum $7.5 million threshold for its security token IPO, now accepting BTC, ETH and USDC (Yahoo) Crypto exchange INX, which recently launched its security token initial public offering (IPO), has crossed the minimum $7.5 million threshold imposed by the U.S. Securities and Exchange Commission (SEC).The post INX crosses minimum $7.5 million threshold for its security token IPO, now accepting BTC,
Infoblox secures Warburg Pincus investment (Private Equity Wire) Infoblox, a specialist in Secure Cloud-Managed Network Services, has secured a significant investment from private equity growth investment firm Warburg Pincus.
Force 3 Awarded ITES-SW2 Contract (GlobeNewswire) Force 3 utilizes new contract to help government agencies modernize their IT, save time and cut costs
Toka Awarded World Bank-Financed Contract to Strengthen Moldova’s National Cybersecurity Readiness (GlobeNewswire) Project will modernize mobile device and data security for the Government of Moldova
CrowdStrike Continues to Win Big After Broadcom's Symantec Acquisition | The Motley Fool (The Motley Fool) Security needs have undeniably changed, and the industry landscape is changing with them.
TikTok, U.S. Discuss Ways to Avoid Sale (Washington Post) Talks have been under way for months but gained prominence amid geopolitical wrangling
Verizon, Samsung partner to develop 5G network (Rome Daily Sentinel) Samsung Electronics Co. will develop 5G network infrastructure for Verizon Communications under a $6.65 billion deal announced Monday.
Bugcrowd Expands Its Advisory Board With the Appointment of Two Distinguished Industry Executives (BusinessWire) Bugcrowd, the #1 crowdsourced cybersecurity company, today announced the addition of two board advisory members, Norma Lane, chief human resources off
Former NSA chief Keith Alexander has joined Amazon’s board of directors (The Verge) A surveillance-friendly choice.
The U.S. Secret Service Selects Tom Kellermann to Serve on Inaugural Cyber Investigations Advisory Board (VMware Carbon Black) Cybersecurity has become a recurring global news headline. From ransomware to data breaches, cyberattacks continue to be one of the biggest threats to both the private and public sectors. Earlier this year, the FBI reported a 400 percent increase in cybercrime1. And for the public sector, this is all compounded by the ripple effects of …
Gagan Gulati joins Behavox as Chief Product Officer (Help Net Security) Gagan Gulati, a veteran technology executive from Microsoft, has joined Behavox as its Chief Product Officer (CPO).
GrammaTech Appoints Michael Kelley as CFO (BusinessWire) New CFO joins GrammaTech from Arxan Technologies, which was acquired by Digital.ai, a TPG company in April 2020.
SparkCognition Adds Jim Moffatt and Ron Sugar to Advisory Board (AiThority) SparkCognition announce that it has added Mr. Jim Moffatt, former Chairman and CEO of Deloitte Consulting, and Dr. Ron Sugar, former Chairman and CEO of Northrop Grumman Corporation and current Chairman of Uber, to its Advisory Board.
Products, Services, and Solutions
Armis Achieves FedRAMP Ready Milestone (Armis) Leader in Enterprise-class Device Security Brings Agentless Platform to Federal Marketplace to Support Digital Transformation and Federal Cloud Adoption
Keeper Security Issues Warning About Heightened Ransomware Attacks Amid COVID-19 Pandemic (PR Newswire) Keeper Security, provider of the highly-rated cybersecurity platform for preventing password-related data breaches and cyberthreats, today...
CloudKnox Leads Newly Defined Cloud Infrastructure Entitlement Management (CIEM) Market with Unmatched Capabilities (BusinessWire) CloudKnox Security announces its position at the forefront of the emerging Cloud Infrastructure Entitlement Management (CIEM) market.
Global Learning Systems Responds to Increased Phishing Attacks With Free Vulnerability Phish Test (PRLog) Global Learning Systems Responds to Increased Phishing Attacks With Free Vulnerability Phish Test. With upticks in phishing and social engineering threats and two-thirds of America's workforce working remotely, free managed SecurePhish™ test lets companies evaluate risk exposure and better prepare employees...
Atomicorp Announces Availability of Atomic Enterprise OSSEC on Red Hat Marketplace (INSIDENOVA.COM) Atomicorp today announced that Atomic Enterprise OSSEC is now available through Red Hat Marketplace. Red Hat Marketplace is an open cloud marketplace for
Proofpoint Launches People-Centric Enterprise Data Loss Prevention (DLP) and Introduces Nexus People Risk Explorer (GlobeNewswire) Cybersecurity leader also enhances its CASB and BEC/EAC protection to reduce risk across all key channels
42Gears Announces Zero-Day Readiness for Android 11 (PR Newswire) As the wait for Android 11 finally ends, 42Gears proudly announces zero-day readiness for the latest update of the Android platform. 42Gears, a...
Liquid Telecom sets up cyber security unit as threats grow (The Zimbabwe Daily) Liquid Telecoms has unveiled a cyber security unit which offers end-to-end protection of data on digital devices in response to the rise in cyber security threats during the COVID-19 period. BY EVE…
Technologies, Techniques, and Standards
CFTC to Issue Guidance on Corporate Compliance Programs (Wall Street Journal) The U.S. Commodity Futures Trading Commission is expected to issue guidance detailing how it will evaluate corporate compliance programs—the latest effort by a U.S. enforcement agency to get companies to invest in programs that prevent regulatory infractions.
FBI adds iris recognition to its growing biometrics portfolio (Federal News Network) The FBI’s Criminal Justice Information Services, nearly seven years after piloting the concept, will add iris recognition technology to its portfolio of identification services for law enforcement…
Catch me if You Can: Protecting Mobile Subscriber Privacy in 5G (TCA) 5G presents opportunities for MNOs to address privacy concerns and protect the most prominent personal data involved in mobile communications – the IMSI.
Distance Learning Advice For Parents (Avast) Use these parent to parent tips to prepare your entire family for going back to school (and work) online.
Threat Intelligence: Moving on From the Needle in a Hash Stack (Computer Business Review) It's time to move beyond finding a "needle in a hash stack" when it comes to threat intelligence, warns "Grifter".
Webcast: When Worlds Collide: OSS Hunting & Adversarial Simulation (Black Hills Information Security) Worlds collide as Black Hills Information Security (BHIS) brings together legendary developers in open source software (OSS) hunting and adversarial emulation projects for a discussion on the current state of the landscape and what’s coming next. As our panel hosts, Jordan and Kent (Atomic Purple Team, PlumHound), continue to focus on advocating and evangelizing for […]
Zero Trust cybersecurity: Never trust, always verify (Deloitte) A Deloitte poll conducted in July 2020 found that 37.4% of professionals at organizations adopting zero trust say COVID-19 has sped-up their organizations’ zer…
Design and Innovation
5G security suffering from too many cooks in the kitchen (Light Reading) The Department of Homeland Security's cybersecurity agency said it's going to 'analyze components from 5G vendors,' but the details of the program are unclear at best.
Coming to Hospitals: The Sensors Will See You Now (Wall Street Journal) Artificial-intelligence-powered systems that can analyze and give real-time feedback on patients and those caring for them are set to transform how health care is delivered, according to a Stanford University study.
Research and Development
New machine learning-assisted method rapidly classifies quantum sources (Purdue University) For quantum optical technologies to become more practical, there is a need for large-scale integration of quantum photonic circuits on chips.
Academia
Sequoia Partners with CERIAS, Information Security Research Institute at Purdue University (PR Newswire) Today, Sequoia Holdings LLC announced a partnership with the Center for Education and Research in Information Assurance and Security (CERIAS),...
Legislation, Policy, and Regulation
The Law of (Future) Armed Conflict: LOAC, Technology, and the Changing Character of Warfare (Modern War Institute) Can the law of armed conflict—a sometimes nebulous body of international law developed incrementally over centuries through both custom and treaty—keep up with the unprecedented pace of development in military technology and weaponry? Reports that may seem like science fiction detailing technological breakthroughs are all around us. Global powers are infiltrating the civilian electrical power […]
The Kremlin’s Plot Against Democracy (Foreign Affairs) How Russia Updated Its 2016 Playbook for 2020
Changes to Japan’s data privacy law echo Europe’s GDPR (The Daily Swig) Revisions bear welcome similarities to EU’s data protection legislation
Huawei fears it may be excluded from Poland's 5G network (Reuters) Poland's planned criteria for assessing the risk of telecoms equipment providers are political and may be aimed at excluding Huawei [HWT.UL] from developing the country's 5G network, the Chinese company said on Wednesday.
BNamericas - Huawei: Most vulnerabilities are on OTT side... (BNamericas.com) Commenting on US accusations against the Chinese company, Marcelo Motta, director of global cybersecurity governance at Huawei Brasil, said that all of the c...
American executives pay the price of US-China cold war (South China Morning Post) China links are increasingly stressful and unpredictable for American professionals in business, think tanks and academia.
Cyber, but in space (FCW) A White House memo proposes that space-based technology must have cybersecurity built in at the design stage while also allowing flexibility for operators to adapt on the fly.
Secret Service Announces Cyber Investigations Advisory Board (US Secret Service) Today, the United States Secret Service announced its Cyber Investigations Advisory Board (CIAB).
Eliminating geographic bias could be key in information fight (C4ISRNET) Success in geopolitical competition requires a rethinking of geographic boundaries, according to a top American general.
Sen. Warner Knocks Congress On Election Security, IOT & Huawei (Breaking Defense) “Even though there's been a great deal of bipartisan legislation proposed, the majority leader [Sen. Mitch McConnell] has not let any of these bills come to the floor,” the Virginia Democrat said.
Litigation, Investigation, and Law Enforcement
WSJ News Exclusive | Ireland to Order Facebook to Stop Sending User Data to U.S. (Wall Street Journal) Ireland’s privacy regulator is seeking Facebook’s response to a preliminary order to suspend the company’s data transfers to the U.S. because of concerns over American government surveillance practices.
Irish data regulator orders Facebook to stop sending personal data to the US (independent) Ireland’s data protection commissioner has issued Facebook with a preliminary order to stop sending data transfers from EU users to the US.
Trump national security adviser never sought to dictate intel community's focus - spokeswoman (Reuters) White House national security adviser Robert O'Brien never sought to dictate the intelligence community’s focus on threats to the integrity of U.S. elections or on any other topic, White House spokeswoman Sarah Matthews said on Wednesday.
U.S. intelligence official told to halt Russian 2020 election meddling threat assessments: whistleblower (Reuters) Acting U.S. Homeland Security Secretary Chad Wolf told a former top aide to stop providing assessments of the threat of Russian interference in the Nov. 3 election and to play down U.S. white supremacist activity, according to a whistleblower complaint released on Wednesday.
D.H.S. Downplayed Threats From Russia and White Supremacists, Whistle-Blower Says (New York Times) Brian Murphy, the former head of the Department of Homeland Security’s intelligence division, accused senior leaders of warping the agency around President Trump’s political interests.
6th Circ. Backs Narrow Take On Computer Fraud Law Scope (Law360) The Sixth Circuit ruled Wednesday that the federal Computer Fraud and Abuse Act doesn't bar employees from misusing company information they are authorized to access, deepening the circuit split on a question that recently caught the attention of the U.S. Supreme Court.
Attys Vying To Lead TikTok Privacy MDL Trade Barbs (Law360) Attorneys vying to lead multidistrict litigation alleging privacy violations by video app TikTok lifted the curtain on the behind-the-scenes tensions surrounding a potential settlement Tuesday, each accusing the other side of imperiling plaintiffs' best chances for a positive outcome.
Oakmont man pleads guilty to stealing nearly $200K from cyber security company (TribLIVE.com) An Oakmont man who pleaded guilty to stealing more than $190,000 from his employer will serve 18 months of house arrest. Andrew Wolniak, 32, pleaded guilty to theft, receiving stolen property and access device fraud on Tuesday before Allegheny County Common Pleas Judge Kevin G. Sasinoski. Wolniak worked as a