Cyber Attacks, Threats, and Vulnerabilities
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.
Chinese intelligence is building detailed profiles on tens of thousands of citizens worldwide, leaked database suggests (Computing) Names include 52,000 Americans, 35,000 Australians, 10,000 Indians, 9,700 British, 5,000 Canadians, 1,400 Malaysians and 793 New Zealanders
Georgia’s pro-Russian party provokes ethnic and religious tensions ahead of parliamentary elections (Medium) The Alliance of Patriots installed anti-Turkish billboards in the streets of Georgia while launching anti-Turkish ads on Facebook
WHO Director-General Attacked on Twitter with CCP-Related Memes (bellingcat) Tedros Adhanom Ghebreyesus, the Director-General of the World Health Organization (WHO), tweets daily out of WHO headquarters in Geneva, Switzerland. But within minutes of many of his tweets going live, he is flooded with personal attacks, memes, and slurs. While social networks like Twitter should be a space for legitimate criticism of institutions like the …
FBI Releases Statement on Misinformation Related to Wildfires (Federal Bureau of Investigation) FBI Portland and local law enforcement agencies have been receiving false reports that extremists are responsible for setting wildfires in Oregon.
Facebook Finally Cracks Down on Bogus Propaganda About Oregon Wildfires (Gizmodo) As emergency responders in Oregon struggle to contain a record 900,000 acres of wildfires across the state, local police have been fighting to contain a torrent of bogus rumors spreading online. Throughout Thursday and Friday, tens of thousands of users shared posts blaming extremists on both sides of the aisle (but mostly antifa) for setting the blaze. The bulk of these falsehoods coalesced on Facebook, and now the platform says it’s enforcing a hard crackdown. Better late than never, I suppose.
ExtraHop Threat Research Team Finds One in Three IT Environments Vulnerable to Ripple20 Threat (ExtraHop) Report from ExtraHop predicts broad exploitation of devices in a wide range of industries utilizing Treck software
Unprecedented Levels of Ransom DDoS Extortion Attacks (Akamai) The FBI has released a flash warning that thousands of organizations around the world, and across multiple industries, have been threatened with DDoS attacks unless they pay a bitcoin ransom. This ransom DDoS, or RDoS, threat was covered by Akamai's Security Intelligence Response Team (SIRT) in a Security Alert released on August 17, 2020.
TikTok Spyware (Zscaler) Spyware portraying as TikTok Pro app.
New Twitter phishing scam inspired from Twitter's latest security response (HackRead) Crooks are using the July 15th’s cyberattack on Twitter to carry out phishing scam designed to steal the login credentials of unsuspected users.
When Hackers Take Advantage of Your Trusted Vendors (Akamai) As JavaScript-based client-side attacks continue to evolve, we see how attackers are getting more sophisticated and employing more advanced techniques. Unfortunately, it has been proven many times that any website partner can be exploited to carry out an attack. In the past month, we witnessed one of the most popular and trusted vendors being used as a credit card data exfiltration vector -- Google Analytics.
US Court Documents Published in Ransomware Attack (Infosecurity Magazine) Cyber-attackers hit Louisiana court with ransomware, publish stolen documents online
Porn site users targeted with malicious ads redirecting to exploit kits, malware (ZDNet) Adult ad networks abused in last hurrah attacks before Flash and IE near EOL.
()
Hacker group Malsmoke exploit Adobe, IE browser to target porn surfers (Business Standard) Microsoft has announced to end support for Adobe Flash Player on Microsoft Edge and Internet Explorer 11 at the end of 2020
Razer data leak exposes personal information of gamers (BleepingComputer) Gaming hardware manufacturer Razer has suffered a data leak after an unsecured database for their online store was exposed online.
Expert commentary: Razer Gaming Fans Caught Up in Data Leak From misconfigured Elasticsearch (Information Security Buzz) A cloud misconfiguration at the gaming-gear merchant potentially exposed 100,000 customers to phishing and fraud.
Report: Popular Marketing Tool Exposes Dating Site Users in Massive Data Leak (vpnMentor) vpnMentor’s research team recently received a report from an anonymous ethical hacker about a massive data leak exposing users of over 70 adult dating and e-commerce websites from
Report - Mailfire - 2020 by vpnMentor (YouTube) The video demonstrates Mailfire's unsecured database that the vpnMentor research team discovered. You can see the number of records growing with each update,...
‘Criminal’ Android apps you should delete (NewsComAu) Android phone owners are being warned over 22 dodgy apps that drain your battery life – and could land you with a big phone bill.
Tower Semiconductor Expects Cyber Attack To Hit Q3 Results (Report Door) Israel-based chipmaker Tower Semiconductor said it expects the recently disclosed cyber attack to impact its third-quarter results. The stock fell 1.3% in
Cloud Vendor Breach Harms Philanthropists (onShore Security) This week, NorthShore University HealthSystem and Northwestern Memorial HealthCare disclosed that their data management vendor had been subject to a ransomware attack earlier this year, and had paid the criminal’s demand, assured that the copied data in their possession was destroyed and that no further misuse of the data could take place.
Hackers Break Into FCPS Network, Hold Info for Ransom (NBC4 Washington) Hackers have broken into Fairfax County Public Schools computer network and say they’re holding personal information for ransom.
Fairfax County schools hit by Maze ransomware, student data leaked (BleepingComputer) Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening.
UPDATED: Fairfax County schools ransomware attack didn't disrupt remote learning; FBI continues investigation (INSIDENOVA.COM) Officials with Fairfax County Public Schools say a recent ransomeware attack didn't disrupt distance learning during the first week of school.
City of Hartford Hit with Ransomware Attack, Causing School Delay (The National Law Review) Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning, in school or a hybrid model all summer. The daily monitoring of th
Back to school ransomware attacks (Security Magazine) Recently, schools throughout the U.S. have endured delays in reopening after experiencing massive ransomware attacks that force the shutdown of critical information technology systems.
Free VPNs are a privacy nightmare. You shouldn’t download them (WIRED UK) Downloading any old free VPN from Android’s Play Store or the App Store can be problematic. Data harvesting, leaks and logging are just the start
Georgia Zoom Trial Interrupted With 9/11 Images, Porn (Law360) A Georgia federal court Zoom hearing on the state's use of electronic voting machines was interrupted mid-testimony Friday morning when images of the Sept. 11 attacks, pornography and a hand-drawn swastika took over screens.
‘You want to play’: Gambling apps have an audience enthralled — even if they can’t win (NBC News) NBC News spoke to 21 people who said they were hooked on casino-style apps and had spent significant sums of money. The industry is almost entirely unregulated.
Security Patches, Mitigations, and Software Updates
“Better late than never”: Zoom boosts security with 2FA | Verdict (Verdict) Zoom has added two-factor authentication (2FA) to its video communications platform, a long-awaited feature that will provide a security boost.
Cyber Trends
State of Cybersecurity Industry Exposure at Dark Web (Immuniweb) 97% of the leading cybersecurity companies have had their data exposed on the Dark Web in 2020, with over 160,000 high or critical incidents that may jeopardize their clients.
Research report reveals increase in attacks on cloud native infrastructure (Aqua) Aqua’s research team reveals: attacks are growing in both scope & sophistication, exposing potential gaps in the cloud native toolchain
'The C-Suite Report' Simplified: 4 Key Takeaways (Security Boulevard) The recently published "The C-Suite Report: The Current and Future State of Cybersecurity" by Forcepoint in partnership with WSJ Intelligence has
A New Report Unveils the Most Vulnerable Sectors and Departments to Phishing Attacks (Pressat) Cyber attacks cause great harm to the business world due to their evolving nature and it is expected that cyber attacks will cost businesses 6 trillion dollars worldwide next year. Keepnet Labs reveals its latest research on the most vulnerable sectors and internal departments affected by cyber attacks.
Trucking Firms Grapple With Cybersecurity Amid New Regulation and Risks (Wall Street Journal) Companies in the commercial trucking and hauling industry in the European Union and some parts of Asia are under pressure to improve safeguards against cyberattacks to comply with a new United Nations regulation.
Stakeholders Harp on Robust Cybersecurity Architecture for Financial Services in Nigeria (ProShare) Financial Institutions Training Centre (FITC) Nigeria in collaboration with Nigeria Interbank Settlement System Plc (NIBSS) organized the Think Nnovation 2020 cyber security conference virtually which had as its theme: "Combatting CyberCrime - Strategies for Strengthening Emerging Markets."
In uncertain times, CISOs have a golden opportunity (Help Net Security) CISOs now have a golden opportunity to show that even in times of uncertainty, cybersecurity investment can be managed quickly.
Marketplace
CenturyLink is now Lumen (Monroe News-Star) With a new brand name and purpose, Lumen is ready to enable “amazing things” through its technology platform
VMware employees who move may see pay cuts, report says (Silicon Valley Business Journal) Employees at the Palo Alto software giant may see changes to their compensation if they move to a less expensive area, Bloomberg reported Friday.
()
Tech company sees layoffs after CEO abruptly resigns amid SEC investigation (Las Vegas Review-Journal) A Las Vegas company that sells fraud prevention software has begun mass layoff days after its CEO abruptly resigned, throwing the company into a tailspin and prompting an internal investigation.
Fraud Prevention Startup NS8 Lays Off Hundreds, CEO Departs Amid SEC Fraud Investigation (Forbes) Months after raising more than $100 million, Las Vegas-based fraud detection company NS8 laid off hundreds and disclosed an SEC probe for fraud. Its former CEO disputes the new management's account.
Deloitte: First Of Big Four To Break Up Business (PYMNTS) Deloitte will be the first "Big Four" auditor to break its auditing business off with new government regulations.
Tampa tech giants weigh in on potential KnowBe4 IPO: 'It's another path being forged' (Tampa Bay Business Journal) ConnectWise, TriBridge and A-LIGN founders give their thoughts on what a public tech company could mean for Tampa Bay.
Nvidia to buy Arm for $40 billion (Computing) Arm will retain its headquarters in Cambridge and receive more support from Nvidia for its R&D efforts
Nvidia to buy Arm Limited from SoftBank for $40B in largest-ever chip deal (Silicon Valley Business Journal) The deal in cash and stock would be the largest ever made in the semiconductor industry and would strengthen Nvidia's reach in artificial intelligence.
ARM: UK-based chip designer sold to US firm Nvidia (BBC News) The new owner of the Cambridge-based chip designer has promised to keep its headquarters in the UK.
Nvidia vows to invest in Britain as part of Arm deal (Reuters) The head of Nvidia Corp <NVDA.O> vowed to step up investment in Britain and increase jobs there as part of its $40 billion purchase of chip designer Arm, following complaints from an Arm co-founder that the deal would destroy the company.
Oracle Wins Bid for TikTok in U.S., Beating Microsoft (Wall Street Journal) Oracle beat out Microsoft in a deal to salvage the U.S. operations of the video-sharing app that has been caught in the middle of a geopolitical standoff. The deal is likely not to be structured as an outright sale, people with the matter said.
Oracle Chosen as TikTok’s Tech Partner, as Microsoft’s Bid Is Rejected (New York Times) The moves came as the clock ticks down on President Trump’s executive order to block the Chinese-owned social media app.
ByteDance not interested in selling TikTok's US operations to Microsoft or Oracle (Computing) Reports pour cold water on earlier stories that Oracle had been accepted as a buyer
TikTok rejects Microsoft bid for U.S. operations (NASDAQ:MSFT) (Seeking Alpha) TikTok owner ByteDance (BDNCE) has rejected the bid from Microsoft (NASDAQ:MSFT), backed by Walmart (NYSE:WMT), for its U.S. operations.
Oracle Wins Bid for TikTok in U.S., Beating Microsoft (Wall Street Journal) Oracle beat out Microsoft in a deal to salvage the U.S. operations of the video-sharing app that has been caught in the middle of a geopolitical standoff. The deal is likely not to be structured as an outright sale, people with the matter said.
()
CrowdStrike - Three Reasons Why This Company Will Dominate Cyber Security (NASDAQ:CRWD) (Seeking Alpha) The mini tech correction showed that growth momentum stocks could explode up and fizzle out just as fast. But CrowdStrike is not one of them.
Google’s Sundar Pichai Is a Really Nice Guy. Is That Enough? (Wall Street Journal) Those who know the chief executive say he’s a thoughtful, kind person whose low-key style helped him get the job. He’s now contending with possible antitrust lawsuits, a recent revenue drop and pressure to take the company in new directions.
Naval Dome Opens North American Cyber Hub And Expands Leadership Team As Part Of Wider Expansion (Hellenic Shipping News) As part of wider expansion plans, maritime cyber security systems pioneer Naval Dome has established a significant presence in the Americas with the opening of
Products, Services, and Solutions
Kaspersky GReAT shares expertise on threat hunting with YARA in new online training course (Manila Standard) Kaspersky is unveiling a new online self-study course, entitled Hunt APTs with YARA like a GReAT Ninja. Armed with this training, any IT security professional interested in the topic can learn from the Kaspersky Global Research Analysis Teams best practices on threat hunting with YARA. In addition to the practical insights from the companys world-renowned cybersecurity experts, participants will receive access to a special virtual lab, where they can practice their new skills, analyzing samples and testing YARA rules.
NTT teams up with Thales to secure hybrid and multi-clouds (Telecompaper) NTT has partnered with Thales to secure hybrid and multi-clouds. NTT will contribute its security practise with consulting, integration capability and managed security services, including traditional security services (network, vulnerability, end point).
NTT named as a Leader in IDC managed security services report (ChannelLife) NTT Ltd has been named as a Leader in IDC’s Marketscape: Asia/Pacific Managed Security Services 2020 Vendor Assessment
()
The Federal Government: Ransomware’s Most Desirable Target (Votiro) As threat actors enhance their arsenals and develop more strategic tactics to target government agencies, how do these agencies assess their risk? More importantly, how can we protect these vulnerable ecosystems?
()
Siemplify and Check Point Software Partner to Enhance and Accelerate Orchestration, Automation and Response in Security Operations Centers (Siemplify) NEW YORK – Sept. 10, 2020 – Siemplify, the leading independent provider of security orchestration, automation and response (SOAR), today announced...
Technologies, Techniques, and Standards
Attacks on cyber firms are embarrassing, but transparency can ease fallout (SC Media) Infosec company Cygilant was hit with a NetWalker ransomware attack. In such cases, the best response is generally for the firm to be upfront & transparent.
CYBER.ORG Kicks Off National K-12 Cybersecurity Learning Standards Development (BusinessWire) CYBER.ORG today announced the kickoff of the development of the K-12 cybersecurity learning standards that can be used in schools and districts around
Cyber security expert offers Zoom safety tips following porn incident in Leander (KVUE) After a group of fourth-graders had their class interrupted by a pornographic video, teachers and parents are re-evaluating Zoom calls.
The Safest Ways to Log In to Your Computer (Wired) Passwords, keyfobs, fingerprints—there are lots of ways to gain access to your laptop or desktop. Here are the best and most secure.
RiskIQ Campaign Observations (RiskIQ) RiskIQ observations of United State presidential candidate infrastucture registrations.
Design and Innovation
Pentagon’s AI center to field new psychological operations tool (C4ISRNET) A new project in the Joint Artificial Intelligence Center seeks to unburden operators by ingesting information and identifying trends.
Hanwha Systems joins state project to secure technology in quantum cryptography communication (Aju Daily) Hanwha Systems, a major defense contractor in South Korea, will join a state project to secure global technology competitiveness in quantum cryptography communication. A quantum cryptography communication network will be established at the companys headquarters and data ce...
Google's Autocomplete Ban on Politics Has Some Glitches (Wired) The search giant tweaks its algorithm after WIRED finds it would suggest “Donate Biden,” but not “Donate Trump.”
TANSTAAFL! The tragedy of the commons meets open source software (Synopsys Software Integrity Blog) Open source projects can become victims of their own success. What can developers do to secure their open source software?
Research and Development
Twilight of the Human Hacker (Center for Public Integrity) Secretive Pentagon research program looks to replace hackers with AI
Staff Spotlight: NIST Post-Quantum Cryptography (NIST) In July, NIST announced the third-round candidates for the
Legislation, Policy, and Regulation
Al Qaeda’s Leader Is Old, Bumbling—and a Terrorist Mastermind (Foreign Policy) Ayman al-Zawahiri isn’t trying to plan another 9/11 attack—because he doesn’t need to.
What Russia Really Has in Mind for Belarus (Foreign Affairs) And Why Western Leaders Must Act
Data protection representative actions consultation opened (Pinsent Masons) The UK government is considering whether to allow non-profit organisations tomake data protection regulatory complaints and bring court claims on behalf of individuals without their consent.
Exclusive: China would rather see TikTok U.S. close than a forced sale (Reuters) Beijing opposes a forced sale of TikTok's U.S. operations by its Chinese owner ByteDance, and would prefer to see the short video app shut down in the United States, three people with direct knowledge of the matter said on Friday.
U.S&China: A hybrid war (Frontline) The Donald Trump administration’s tactics of intimidation against China, including threats to expel Chinese tech companies and the deployment of warships in the South China Sea, have only prompted retaliation in kind from China.
How the Evolving U.S.-China ‘Tech Cold War’ Helps Taiwan (The National Interest) In the heart of this “Great Game” between Washington and Beijing, the technology-driven entrepreneurial and democratic Taiwan is likely the most important geopolitical factor that has greater implications for the United States and China—both domestically and globally.
Australia minister warns foreign journalists amid China spat (Martinsville Bulletin) A senior Australian government minister on Sunday warned foreign journalists working in the country they might come under the scrutiny of federal agencies if they provide a
Culture clash: has Australia miscalculated in its feud with China? (the Guardian) Scott Morrison’s resolve in the face of pressure from Beijing is being sorely tested
Exclusive: Canada looks set for a fight over C$1 billion compensation for Huawei gear (Reuters) Canada is signaling it might not compensate major telecommunications providers if the federal government bans equipment made by China's Huawei from 5G networks, setting up a potential fight over a bill that could hit C$1 billion ($758 million).
Canada has effectively moved to block China's Huawei from 5G, but can't say so (ETTelecom) Canada is the only member of the Five Eyes intelligence-sharing network that has not formally blocked Huawei from 5G networks, but it has effectively ..
Everyone Wants to Crack Down on China—Except Silicon Valley (Wired) Many Democrats agree with Trump on curbing the country’s influence. But a Biden administration, influenced by tech, may strike a different tone.
It will take more than attacks on Huawei to win the tech cold war (the Guardian) Banning the Chinese giant from using US components won’t stop a company that’s too big to fail
China two steps ahead on cyber, says former NSA director (Financial Review) A former head of the US National Security Agency has warned Australia and other Western nations are at a disadvantage in their rising cyber battles with China, because China is willing to take more drastic actions to advance its interests.
More Aggressive and Less Ambitious: Cyber Command’s Evolving Approach (War on the Rocks) This year, U.S. Cyber Command celebrated its tenth birthday. It has much to celebrate: It achieved the status of a unified combatant command, its budget
DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding (Nextgov.com) It’s unclear where money for crucial tools such as continuous monitoring will come from.
Patriot Act Coauthor Michael Chertoff Touts More Election Security as Federal ID System Looms (MintPress News) Calls for a federal ID system with AI-driven tracking and surveillance are intensifying under the guise of 2020 election security.
US Firm Faces Backlash After Belarus Makes use of Its Tech To Block Web (Editorials 360) Senators Dick Durbin and Marco Rubio are criticizing Sandvine Inc., the U.S. firm whose know-how helped Belarus block a lot of the web throughout a disputed presidental election final month. Bloomberg reviews: The private-equity-backed know-how agency demonstrated its tools to a authorities safety workforce in Belarus in Might, two individuals with data of the matter …
Senator Says He Still Worries About 'Ideological' Bias Online (Law360) Utah's Sen. Mike Lee is one of the Senate's most outspoken critics of supposed social media censorship of conservatives, and he said Thursday he was unhappy with the response his concerns received from Google, Facebook and Twitter.
Pentagon announces nomination of new DISA director (C4ISRNET) The Pentagon also announced a new director of the Joint Artificial Intelligence Center.
Litigation, Investigation, and Law Enforcement
U.S. Prosecutors Step Up Pressure on North Korea (Wall Street Journal) U.S. prosecutors asked a federal judge to order the forfeiture of funds associated with a former North Korea employee and related front company of Chinese telecom ZTE.
Charges, sanctions revive specter of Russian interference (AP NEWS) The Trump administration on Thursday charged a Russian national in a sweeping plot to sow distrust in the American political process and imposed sanctions against a Russia-linked...
Russian Project Lakhta Member Charged with Wire Fraud Conspiracy (US Department of Justice) A criminal complaint was filed today charging a Russian national for his alleged role in a conspiracy to use the stolen identities of real U.S. persons to open fraudulent accounts at banking and cryptocurrency exchanges.
UNITED STATES OF AMERICA v. ARTEM MIKHAYLOVICH LIFSHITS, Defendant (US Department of Justice) AFFIDAVIT IN SUPPORT OF A CRIMINAL COMPLAINT AND ARREST WARRANT
WSJ News Exclusive | FBI Sweep of China Researchers Leads to Cat-and-Mouse Tactics (Wall Street Journal) A search by U.S. authorities for Chinese researchers with ties to China’s military is leading to intensifying cat-and-mouse tactics involving what prosecutors say are foiled escapes, evidence tossed into a dumpster and a chase through an airport.
Swiss Data Protection Authority Finds Swiss-US Privacy Shield Inadequate (cyber/data/privacy insights) Key Takeaways: Switzerland aligns with the Schrems II decision+5,000 organizations impacted by the Swiss announcementContractual and technical measures, on an ad hoc basis, could be put in place to…
BlueLeaks Documents Bolster Whistleblower Account of Intelligence Tampering at Homeland Security (The Intercept) The Department of Homeland Security has become an armed extension of Trumpism.
A sheriff launched an algorithm to predict who might commit a crime. Dozens of people said they were harassed by deputies for no reason. (Business Insider) A new report sheds light on the pitfalls of "predictive policing" and casts doubt on AI-powered tools meant to fight crime.
State sanctioned secrecy: NSA's criminality shield (TheHill) Americans should not have to rely on whistleblowers to reveal our government is targeting us for unconstitutional surveillance behind a shield of secrecy. Nor should executive branch bureaucrats be able to conceal their misconduct behind false claims that exposing their ineptitude or criminality would involve “compromising sources and methods.”
Facebook Fights Irish Privacy Watchdog’s Data-Transfer Curbs (Bloomberg Law) Facebook Inc. sought to derail proposals by the Irish data protection watchdog that the tech giant warns could curb transfers of vast amounts of commercial data across the Atlantic.
A year after espionage arrest, RCMP still hasn't acted on calls for tighter security (CBC) The RCMP has flagged ways to tighten its security protocols in response to the Cameron Ortis espionage case — but not one of those changes has been implemented in the year since his arrest.
The 20-Year Hunt for the Man Behind the Love Bug Virus (Wired) For two decades, Onel de Guzman has been suspected of unleashing the groundbreaking virus. But he's never confessed to anything—until now.
The Intercept Promised to Reveal Everything. Then Its Own Scandal Hit. (New York Times) Internal documents show how a source ended up in jail — and the fallout in the newsroom.
Publishers Are Taking the Internet to Court (The Nation) In a lawsuit against the Internet Archive, the largest corporations in publishing want to change what it means to own a book.