Cyber Attacks, Threats, and Vulnerabilities
What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds (Register) Beijing's snoops don't even need zero-days to break into valuable networks
CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs (ZDNet) CISA says attacks have started a year ago and some have been successful.
()
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.
Chinese firm harvests social media posts, data of prominent Americans and military (Washington Post) Biographies and service records of aircraft carrier captains and up-and-coming officers in the U.S. Navy. Real-time tweets originating from overseas U.S. military installations. Profiles and family maps of foreign leaders, including their relatives and children. Records of social media chatter among China watchers in Washington.
Government needs proof of foul play to probe China company's data mining (The Economic Times) On Monday, the Indian Express reported that Zhenhua Data had links to the Chinese government and the Chinese Communist Party and was monitoring over 10,000 Indian individuals and organisations as part of its global database of “foreign targets”.
()
Iran Says US Vote Hack Allegation 'Absurd' (SecurityWeek) Tehran on Friday hit back at allegations by Microsoft that Iran based hackers had targeted the US presidential campaigns, declaring it does not care about the election's outcome
Election security status: Some progress on ballot integrity, but not on Russian interference (CSO Online) With the election less than two months away, government and election officials say voting itself is more secure, but Russian disinformation remains largely unaddressed.
Nearly 2000 Magento stores hacked over the weekend, largest campaign ever (Sansec) Over the weekend, almost two thousand Magento stores across the world have been hacked in the largest automated campaign to date.
()
Zerologon attack lets hackers take over enterprise networks: Patch now (ZDNet) Microsoft patches one of the most severe bugs ever reported to the company.
Exploit code for 'Zerologon' bug impacting Windows Netlogon Remote Protocol published on Github (Computing) The vulnerability could allow an attacker to have access to an organisation's Active Directory domain controllers
Databases stores, cloud storage and services at risk from exposed access keys finds new research (Digital Shadows) Digital Shadows, the leader in digital risk protection, has today revealed new research looking at the growing problem of company access keys
Access Keys Exposed: More Than 40% Are For Database Stores (Digital Shadows) By now, we've all heard news about AWS keys leaked by a developer on GitHub. While this can cause damaging headlines for the company, fortunately GitHub responded and can now automatically invalidate
New Vulnerabilities Bypass Multi-Factor Authentication for Microsoft 365 (Proofpoint) Proofpoint researchers recently discovered critical vulnerabilities in multi-factor authentication (MFA) implementation in cloud environments where WS-Trust is enabled.
A bug in Joe Biden’s campaign app exposed private voter data (TechCrunch) Anyone could look up private voter information on millions of Americans.
Staples discloses data breach exposing customer info (BleepingComputer) Giant office retail company Staples informed some of its customers that data related to their orders has been accessed without authorization.
More Printers Could Mean Security Problems for Home-Bound Workers (Dark Reading) Tricked-out home offices have led to an influx in printers, many of which have not been set up securely, leaving workers and their companies vulnerable.
Major German shopping site leaks customer data (SafetyDetectives) A publicly-listed multinational retailer with millions of dollars in annual revenues was discovered to be operating a completely unsecured server, thereby publi
VA data breach exposes personal information for 46,000 veterans (Federal News Network) The Department of Veterans Affairs has identified 46,000 veterans as potential victims of a recent cybersecurity breach involving one of its online applications.
VA notifies Veterans of compromised personal information (VA.gov | Veterans Affairs) The U.S. Department of Veterans Affairs (VA) Office of Management today announced a data breach involving the personal information of approximately 46,000 Veterans and actions taken by the department to prevent and mitigate any potential harm to those individuals.
Vulnerability Summary for the Week of September 7, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
GTCC working to keep students safe after cyber attack (myfox8.com) In-person classes were suspended Monday after the Guilford technical Community College network was compromised. Leaders with GTCC told FOX8 late Saturday night, the sc…
Ulrich gives update on district’s cyber attack (messengernews.net) Nearly a week after a cyber attack shut down the phone and internet systems across the Fort Dodge Community School District, Superintendent Jesse Ulrich gave the school board an update on Monday night. On Wednesday, phone lines and internet service in all of the district’s buildings went down as a result of a cyber attack […]
Cyber Trends
U.S. Election Security, Part 1: Voting Systems Vendors’ Cybersecurity is Improving (BitSight) Are voting system vendors improving their cybersecurity for the 2020 U.S. election? The latest BitSight research contains some surprising results.
University Project Tracks Ransomware Attacks on Critical Infrastructure (SecurityWeek) Researchers at Temple University have been tracking ransomware attacks on critical infrastructure and they are providing the data for free
Virtual crime moves to the next phase (Australian Financial Review) Forget the view of cyber criminals as pizza-eating, opportunistic amateurs.
A new study by SecureAge reveals many consumers feel privacy takes priority over prevention (SecureAge Technology) Most US consumers believe in the effectiveness of contact tracing apps to curb the spread of Covid-19, yet a majority are concerned about personal data collection. About SecureAge Technology SecureAge ... Read More
Americans Protective of Personal Data, Even in a Pandemic – What This Means for Businesses and Government Organizations (Unisys) The Unisys Security Index™ showed that almost half of Americans actively do not wish to share their personal data with companies or government agencies during the pandemic, even if doing so could bring potential benefits.
MariaDB Cloud Survey Reveals Top Cloud Trends (MariaDB) MariaDB survey finds IT decision-makers reaching to the cloud for data warehouses and databases.
Marketplace
Fastly Will Acquire Signal Sciences to Invest in Cybersecurity (The Motley Fool) The deal offers important synergies between both companies.
WSJ News Exclusive | ViacomCBS to Sell CNET to Red Ventures for $500 Million (Wall Street Journal) The sale of tech-website network CNET to Red Ventures fits ViacomCBS’s strategy to focus on video streaming.
AaDya Security: $2.7 Million Funding And Cybersecurity Platform Marzo4 Launch (Pulse 2.0) AaDya Security, a Detroit-based cybersecurity platform company, announced recently it has closed $2.7 million in funding and launched an all-in-one cybersecurity platform called Marzo4.
As Sumo Logic readies for IPO, can it threaten Splunk? (VentureBeat) The world is plagued by a pandemic, forest fires, and chaotic weather, but take a pause to consider the upcoming battle between Sumo Logic and Splunk.
WSJ News Exclusive | Microsoft Seeks Startup Partnerships in Battle With Amazon Over Cloud (Wall Street Journal) Microsoft and Amazon are embracing a new tactic to win the supercharged battle for cloud-computing business, luring fast-growing startups by promising to help sell their services.
Oracle confirms deal with TikTok-owner ByteDance to become 'trusted technology provider' (CNBC) The deal could make Oracle a bigger force in advertising and make it more relevant to young consumers.
Oracle confirms it has taken down Microsoft in TikTok tech battle (CRN Australia) Wins deal to “serve as the trusted technology provider” for ByteDance.
TikTok Enlists Oracle to Evade Trump's Executive Order (eCommerce Times) A proposal to avoid the banning of the popular social media app TikTok was submitted to the U.S. Treasury Department over the weekend. The plan submitted by ByteDance, which owns TikTok, calls for the company to enlist Oracle as a "trusted technology provider" in order to address national security concerns raised about the video-sharing software by the Trump administration.
5 big things to know about the $40B Nvidia-Arm acquisition (CRN Australia) The deal is likely to face heavy scrutiny from industry players and regulators.
Senetas points to Australia's cybersecurity credentials with new Middle East deal (Stockhead) Cyber security company Senetas (ASX:SEN) flagged a new deal this morning, announcing a sales agreement into the Middle Eastern market. The order was booked via its global distribution partner, French multinational Thales. Senetas said the deal marked the largest order yet for its CN9000 Ethernet encryptors — a hardware product that provides end-to-end encryption and […]
Fast-growing California software firm picks Ottawa for new global R&D hub (Ottawa Business Journal) Gigamon's customers include eight of the world’s 10 largest banks as well as eight of the top 10 global telecom service providers.
Cyber Risk Management Leader Axio Strengthens Management Team with Director of Cyber Risk Engineering (BusinessWire) Axio, a leading cyber risk management Software-as-a-Service company, announced today the appointment of Eric Cardwell as the company’s Director of Cyb
Radware Announces Changes to Its Board of Directors (AiThority) Radware, a leading provider of cyber security and application delivery solutions, announced that its board of directors has appointed Mr. Stanley B. Stern and Ms. Naama Zeldis
IDEMIA Welcomes Andrew Boyd as its new CEO at IDEMIA National Security Solutions (PR Newswire) IDEMIA, the global leader in Augmented Identity, announced today the appointment of Andrew Boyd to the position of President and CEO IDEMIA...
BlackCloak Appoints Chief Information Security Officer and Head of Sales & Marketing to Enhance Leadership Team (PR Newswire) BlackCloak, Inc., the cybersecurity industry's leading provider of Concierge Cybersecurity™ for Executives, High-Profile, and High-Net-Worth...
Products, Services, and Solutions
Code42 Unveils Incydr: Detection and Response for Insider Threats (Code42) Code42, the insider risk detection and response leader, today announced the Code42 IncydrTM product, a new SaaS offering that protects organizations’ intellectual property, source code and trade secrets. The SaaS solution is built to mitigate exposure from data exfiltration and directly addresses the gaps in security solutions for insider threats, the cause of 66% of …
SAM Seamless Network Launches a Data-Driven Threat Intelligence Solution for Endpoint Security Vendors to Protect Unmanaged IoT Devices on Enterprise Networks (PR Newswire) SAM Seamless Network, the intuitive security platform for unmanaged networks, today launched SAM Intelligence Service, a complementary solution...
Thycotic Automates and Extends Privileged Access Security in DevOps Environments (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today...
Nozomi Networks Authorized To Be a CVE Numbering Authority (GlobeNewswire) Becomes first OT & IoT security specialist to join the globally recognized program
CUJO AI Digital Life Protection Services Deployed at Scale Across Five Leading North American Operators, Now Available in Over 25 Million Homes (PR Newswire) CUJO AI, the global leader in the development and application of artificial intelligence to improve the security, control, and privacy of...
U.S. Department of Defense Leads the Industry with Cloud-Based Internet Isolation Program (Menlo Security) Menlo Security team is delivering a next-generation security platform to secure the Department of Defense (DoD) networks worldwide by isolating all web traffic.
()
Darktrace Immune System Version 5 redefines enterprise security (Cambridge Network) Darktrace, the world’s leading cyber AI company, has launched Version 5 of its self-learning, self-defending Darktrace Immune System, allowing security teams to meet the novel challenges presented by more dynamic ways of working.
Comodo Announces Plans to Open Source Endpoint Detection and Response (EDR) Product (Yahoo) Comodo, the world’s leader of next-generation cybersecurity will make its Endpoint Detection and Response (EDR) product available as open source. It will be available on GitHub shortly.
A New App That Will Find Stolen Smartphones and Protect Your Children from Danger (PR Newswire) The best part of the Hammer Security App is that it alerts parents when children are in danger but what really impressed the Mexican media was...
Beyond Identity Joins ForgeRock’s Trust Network of Certified Technology Partners to Deliver Passwordless Single Sign-On and Risk-Based Authorization (Beyond Identity) Integration Unifies Beyond Identity’s Passwordless Authentication and Risk-Based Authorization With ForgeRock’s Identity and Access Management to Enhance User Experiences While Strengthening Enterprise Security
Technologies, Techniques, and Standards
"I Have Blood On My Hands": A Whistleblower Says Facebook Ignored Global Political Manipulation (BuzzFeed News) A 6,600-word internal memo from a fired Facebook data scientist details how the social network knew about specific examples of global political manipulation — and failed to act.
()
UK government releases toolkit to easily disclose vulnerabilities (BleepingComputer) The National Cyber Security Centre (NCSC) in the U.K. has released a guideline to help companies implement a vulnerability disclosure process or improve it if one is already set up.
()
()
()
Deception in Cyber – OODA Research Report (OODA Loop) OODA is pleased to release our first specialized research report focusing on the use of Deception technologies in the cybersecurity domain. We have seen first-hand the benefits of deception platforms and concepts of operation to reducing risk, and most strongly recommend organizations implement deception technologies.
()
The Importance of Threat Hunting Automation for XDR (Hunters) Download this 2020 cybersecurity survey report to learn about the potential value of threat hunting automation for Extended Detection & Response - XDR
Intel, homeland security leaders react to Senate passage of cybersecurity bill (Intelligence Community News) From IC Insider Siren By John Randles, CEO of Siren Traditional vs Open Source Traditional intelligence sources include Human Intelligence (HUMINT) and Signals
Design and Innovation
EU tests platform to link up coronavirus tracing apps (Reuters) Several European countries have started testing a technology platform that will allow national coronavirus tracing apps to 'talk' to one another to better tackle the pandemic, the European Commission said on Monday.
RiskIQ Announces a Microsite to Visualize U.S. Presidential Candidate Web Infrastructure (GlobeNewswire) More than 390,000 Websites Have Appeared Since July 4th, 2020
Legislation, Policy, and Regulation
Israel's Peace Deals Are a Strategic Nightmare for Iran (Foreign Policy) The Abraham Accord is threatening decades of foreign-policy planning in Tehran.
()
Is This How the TikTok Saga Ends? (New York Times) An unexpected, late twist in the long-running drama over the sale of the Chinese video app.
()
Section 230 Is a Government License to Build Rage Machines (Wired) The law serves as Facebook and Google’s get-out-of-jail-free card for conspiracies and disinformation. It’s time for strong amendments.
Hurd, Kelly Bill Protecting American and Government Information from Hacking Passes (Congressman Will Hurd) Today, Reps. Will Hurd (R-Texas) and Robin Kelly’s (D-Ill.) cybersecurity legislation, the Internet of Things (IoT) Cybersecurity Improvement Act of 2020, passed the House of Representatives.
Litigation, Investigation, and Law Enforcement
DHS asks Schiff to reconsider expanded probe after whistleblower complaint, declines additional interview requests (TheHill) The Department of Homeland Security (DHS) is pressing House Intelligence Committee Chairman Adam Schiff (D-Calif.) to reconsider his panel's expanded investigation into the agency after a whistleblower complaint raised new allegations while d
Researchers urge Supreme Court to narrow an anti-hacking law, despite Voatz argument (CyberScoop) A group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word before the Supreme Court takes up a case with major implications for computer research.
YouTube faces legal battle over children's privacy (BBC News) Google, YouTube's parent company, is facing a landmark claim over the use of children's data in the UK.
TikTok Strives to Settle Privacy Lawsuit as Oracle Deal Nears (Wall Street Journal) Lawyers for TikTok are pushing to settle a lawsuit in Illinois alleging the video-sharing app improperly collects data from its users, many of them underage, as its Chinese parent company closes in on a deal with Oracle.
Irish High court freezes probe into Facebook's EU-U.S. data flows (Reuters) Ireland's High Court on Monday temporarily froze a probe by Facebook's lead European Union regulator that threatened to halt the U.S. social media giant's transatlantic data flows, a court spokesman said.
Blackbaud at Fault for Cyber Attack on Nonprofit Data, Suit Says (Bloomberg Law) Blackbaud Inc., a cloud services provider, faces a potential class action for allegedly failing to stop a ransomware attack that exposed nonprofit membership data.
()
British Columbia Court of Appeal upholds certification of data breach class action (Miller Thomson LLP) This blog post examines a recent court decision in British Columbia that appears to solidify the future of a common law tort of breach of privacy in Canada
Venezuela says captured US spy sought to sabotage power grid (Marine Corps Times) Venezuela’s chief prosecutor on Monday accused a U.S. citizen recently arrested in the Caribbean nation of spying and planning to sabotage oil refineries and electrical service in order to stir unrest and kill innocent people.
Communicating with the SEC When Your Organization Suffers a Data Breach (Lexology) When organizations that are issuers or registered entities under the United States Securities laws suffer a data breach or other cybersecurity…