One last reminder to check out our newly revised cybersecurity glossary. It's got a new interface and additional features to give you richer context and clarity that goes beyond just a simple definition. Each term has its own dedicated page that includes a pronunciation sound bite, a listing of CyberWire podcasts and publications where it's been used, and (if applicable) the episode of Word Notes that features the term. Be sure to bookmark this curated collection of hundreds of cybersecurity terms, useful to experienced cybersecurity professionals, newcomers, students, enthusiasts, and so on. Check it out here.
More Signal. Less Noise.
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Ransomware payloads inside a VM. US sanctions WeChat and TikTok. Notes on APT41. Google vs. stalkerware, misrepresentation.
Announcements
Reminder: the CyberWire's glossary is back, better than ever.
Summary
Sophos describes how Maze operators have begun distributing their ransomware payload inside a virtual machine, which renders it more difficult to detect. The Ragnar Locker gang began using the tactic earlier this year, and Maze is willing to learn from its criminal competition.
The US Department of Commerce this morning announced that most transactions with WeChat and TikTok will be banned, effective Sunday. Commerce explained the decision as follows: "While the threats posed by WeChat and TikTok are not identical, they are similar. Each collects vast swaths of data from users, including network activity, location data, and browsing and search histories. Each is an active participant in China’s civil-military fusion and is subject to mandatory cooperation with the intelligence services of the CCP. This combination results in the use of WeChat and TikTok creating unacceptable risks to our national security." The action was taken pursuant to Executive Orders 13942 and 13943.
Seeking Alpha reports that TikTok is seeking allies among rival social platforms to challenge the coming US ban. And, whatever Washington ultimately decides about a TikTok spinoff, the Wall Street Journal notes that any such arrangement would require Beijing’s approval, too.
Symantec Enterprise takes the opportunity offered by US indictments to publish an overview of China’s APT41, which it tracks as “Grayfly” and “Blackfly.”
Google has announced more stringent policies against stalkerware and misrepresentation for Google Play. Threatpost points out that the rules are designed to rule out various developer dodges, but also allow exceptions for parental monitoring apps.
Notes.
Today's issue includes events affecting Australia, Brazil, Canada, China, the European Union, India, Iran, the United Kingdom, and the United States.
CloudShield™ Eclipse: Stop threats before they impact your mission
CloudShield™ Eclipse is a Network Detection and Response solution that delivers visibility and advanced threat response for complete and effective defense across your network.
Find out how CloudShield™ Eclipse aligns intelligence, visibility, scalability, detection, and mitigation into a seamless software-based solution that defends your organization from cyber attacks.
Sponsored Events
Virtual Cyber Security Summits - Upcoming Events Sept 10 & 23 (Online, September 10 - 23, 2020) Senior Level Executives are invited to the upcoming Virtual Cyber Security Summits! Learn from Industry Experts from The U.S. DHS, DOJ, Verizon, ExtraHop, Darktrace & more as they discuss the latest security challenges & develop cyber security battle plans in today’s unprecedented times. You will receive CPE / CEU credits by attending. Register for the upcoming event in your region! Free to register with code: CyberWire20 at CyberSummitUSA.com.
CyberMarketing Con 2020 (Online, September 21 - 25, 2020) #CyberMarketingCon2020 is the industry event for cybersecurity marketers, featuring top cybersecurity marketers sharing best practices on strategy, demand gen, SEO, PR, and more! Use discount code CYBERWIRE for 20% off and see the full list of speakers here. (9/21-9/25)
CYBERSEC 2020 (Online, September 28 - 30, 2020) The 2020 edition of the CYBEREC Forum, with its central theme of Together Against Adversarial Internet, will provide a space to discuss the way forward for building cybersecurity in the new digital reality. We do believe that 2020 is a year when cybersecurity tops the political and strategic agendas of many organisations and countries.
The Virtual 2020 FAIR Conference (Online, October 6 - 7, 2020) The Virtual 2020 FAIR Conference (FAIRCON2020), the premiere, global, quantitative risk management conference on October 6 & 7 brings leaders from Global 2000 companies and U.S. Federal Government Agencies together to provide ground-breaking keynote addresses, engaging C-suite panels, and expert case studies.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
Iranian hacker group developed Android malware to steal 2FA SMS codes (ZDNet) The malware could steal 2FA SMS codes for Google accounts. Also contained vague functionality to do the same for Telegram and various social networks.
APT41: Indictments Put Chinese Espionage Group in the Spotlight (Symantec Enterprise Blog) Seven men have been charged in the U.S. in relation to attacks by China-linked espionage operation which Symantec monitors as two distinct groups – Blackfly and Grayfly
Maze attackers adopt Ragnar Locker virtual machine technique (Sophos News) Under pressure to evade detection by endpoint protection, ransomware criminals try a more radical approach
Maze ransomware now encrypts via virtual machines to evade detection (BleepingComputer) The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine.
US 2020 Presidential apps riddled with tracking and security flaws (BleepingComputer) The Vote Joe app, used by the Biden 2020 Presidential campaign to better engage with voters, was found to be leaking potentially sensitive information about voters, such as their political affiliations and past voting choices.
Credential Stuffing (Avast) Automated cyberattacks are torching trust in local systems we depend on to elect a president and withstand the global pandemic.
NCSC asks academic institutions to prepare for more ransomware attacks (teiss) NCSC advised academic institutions in the UK to implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks.
U.K. warns of surge in ransomware threats against education sector (BleepingComputer) The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks.
Ransomware attack at German hospital leads to death of patient (BleepingComputer) A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack.
German hospital hacked, patient taken to another city dies (ABC News) German authorities say a hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment
Hospital patient dies following botched ransomware attack (Graham Cluley) When a ransomware attack knocked out systems at a major hospital in Düsseldorf, Germany, there were tragic consequences.
Ontario nurses' regulatory body investigating 'cybersecurity incident' (CBC) The College of Nurses of Ontario has been dealing with a "cybersecurity incident" that may have compromised the personal information of its almost 200,000 members, CBC News has learned.
CERT/CC Releases Information on Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol (CISA) The CERT Coordination Center (CERT/CC) has released information on CVE-2020-1472, a vulnerability affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker could exploit this vulnerability to obtain Active Directory domain administrator access. Although Microsoft provided patches for CVE-2020-1472 in August 2020, unpatched systems will be an attractive target for malicious actors.
Wibu-Systems CodeMeter (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Wibu-Systems AG
Equipment: CodeMeter
Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verification of Cryptographic Signature, Improper Resource Shutdown or Release
2.
Advantech WebAccess Node (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Advantech
Equipment: WebAccess Node
Vulnerability: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to escalate their privileges.
Philips Clinical Collaboration Platform (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.8
ATTENTION: Low skill level to exploit
Vendor: Philips
Equipment: Clinical Collaboration Platform
Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script in Attributes in a Web Page, Protection Mechanism Failure, Algorithm Downgrade, Configuration
2.
Conroe ISD makes system adjustments following cyber attack (KPRC) Conroe Independent School District officials had to make some changes to their network following a cyberattack meant to overwhelm the system.
VA data breach also hit 17,000 community care providers, senators say (Federal News Network) Democrats on the Senate Veterans Affairs Committee say roughly 17,000 community care providers were also victims of the VA data breach, which the department made public earlier this week.
Oberlin College warns donors of massive data breach (Chronicle) The college sent out a letter Thursday afternoon to alumni, parents and friends of the college, saying their information may have been compromised in a May cybersecurity attack.
Data breach at Public Health Wales exposes details of 18k Covid-19 patients (Government Computing Network) Public Health Wales admitted to a data breach that resulted in making public the personal data of more than 18,000 Covid-19 patients.
Care Forum Wales chair says Public Health Wales' data breach highlights need for 'urgent reforms' (North Wales Chronicle) A SOCIAL CARE leader says the disastrous data breach, which led to the details of more than 18,000 people who tested positive for coronavirus being…
CTO On Ransomware Attack On University Hospital New Jersey (Information Security Buzz) In reference to the news of the recent ransomware attack on University Hospital New Jersey (UHNJ) – it was reported the institution has suffered a massive 48,000 document data breach after a ransomware operation leaked their stolen data. Furthermore it was found that the SunCrypt ransomware operation has leaked the data have leaked a 1.7 …
US Federal Courts Hit With Nationwide Phone Outage (Law360) Federal courts across the U.S. were hit with an unidentified glitch Thursday that took out part of the judiciary's phone system, as the ongoing coronavirus pandemic continues to deepen reliance on telecommunications for a large volume of legal business.
Security Patches, Mitigations, and Software Updates
iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features (SecurityWeek) Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14
Malware and spear phishing abuse killed Mozilla's Firefox Send file-sharing service (CNET) Expanding beyond the Firefox browser to online services isn't simple.
Google Play Bans Stalkerware and ‘Misrepresentation’ (Threatpost) The official app store is taking on spy- and surveillance-ware, along with apps that could be used to mount political-influence campaigns.
Developer Program Policy: September 16, 2020 announcement (Play Console Help) We're updating the following policies. All new and existing apps will receive a grace period of at least 15 days from the September 16, 2020 issuance of this notification (unless otherwise stated) to
Cyber Trends
75% of IT execs 'worried' about being targeted in cyber-attack (Security Brief) A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.
Ransomware en masse on the wane: top threats inside web-phishing in H1 2020 (Security Affairs) Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It came as no […]
Ransomware operators are banding together says Cyber Threatscape report (Continuity Central) The international business continuity management news, jobs and information portal
Is Japan prepared to fight off global cyberattacks? (The Japan Times) Ministerial sectionalism and the lack of a central cybersecurity body are stopping the government from getting a clear-eyed view of cyberthreats, an expert says.
Marketplace
Check Point To Buy Secure Remote Access Startup Odo Security (CRN) Check Point Software Technologies has agreed to purchase cybersecurity startup Odo Security to help enterprises enable secure remote access for employees to any application.
Snowflake venture backers in line to make billons after soaring IPO (Silicon Valley Business Journal) Silicon Valley investors in San Mateo-based Snowflake Inc.'s historic IPO this week are looking at multi-billion dollar gains.
After raising $326M in IPO, Sumo Logic sees stock rise 22% on first trading day (SiliconANGLE) After raising $326M in IPO, Sumo Logic sees stock rise 22% on first trading day - SiliconANGLE
Oracle, Walmart Aim for Big Stakes in TikTok (Wall Street Journal) Backers of plans for Oracle to join with TikTok to create a new U.S. company for the video-sharing app are working on a new ownership structure aimed at alleviating U.S. concerns over Chinese control.
ByteDance plans TikTok IPO if U.S. clears deal: sources (Reuters) China's ByteDance is planning a U.S. initial public offering of TikTok Global, the new company that will operate the popular short video app, should their proposed deal be cleared by the White House, people familiar with the matter said on Thursday.
Will anyone buy TikTok’s business in India? (Quartz India) "With the size of the deal expected to be anywhere upwards of $2.5 billion (Rs1.8 lakh crore) and the complexities involved of having a Chinese licensor, it is not everyone's cup of tea."
DITO investing P1B on cybersecurity amid spying fears (GMA News Online) “The [P1 billion] amount is contracted to be utilized for the building of our Security Operations Center to monitor cyberattacks... It will also fund the equipment, the software, and the training of our team,” DITO chief technology officer Rodolfo Santiago said in a virtual press chat on Thursday.
Paytm and Paytm First Games pulled down from Google Playstore for alleged violation of gambling policies (CNBCTV18.com) CNBC-TV18 has learnt that Google had notified Paytm developers a few days back on this issue and is in constant touch with them regarding the digital wallet and e-commerce app.
Google takes down Paytm from Play Store (ETCIO.com) Google said it has these policies to protect users from potential harm, and when an app violates these policies, we notify the developer of the violat..
Privacy-focused search engine DuckDuckGo is growing fast (BleepingComputer) DuckDuckGo, the privacy-focused search engine, announced that August 2020 ended in over 2 billion total searches via its search platform.
Is FireEye Turning Into a Top Cybersecurity Stock? (The Motley Fool) The cybersecurity specialist's fortunes seem to be changing, but there is more than what meets the eye.
Atlantic Data Forensics Wins Cyber Defender of the Year Award in the 2020 MD Cybersecurity Awards, Presented by the Cybersecurity Association of Maryland, Inc. (PR Newswire) Atlantic Data Forensics (ADF) today announced the Cybersecurity Association of Maryland, Inc. (CAMI), Maryland's only nonprofit organization...
Novetta Recognized for National Security Efforts Under NCIS RISER Program; Bill Dorr, Kevin Heald Quoted (Executive Gov) Novetta has been recognized by the Naval Criminal Investigative Service (NCIS) Technical Services Fi
Ex-Symantec CEO Greg Clark to become new Forescout CEO (CRN Australia) Weeks after sale to Advent International closed.
Paladin Capital Group appoints former NCSC CEO Ciaran Martin in managing director’s role (FSM Magazine) Fire & Security Matters (FSM), the independent voice for the fire, security and risk management sectors.
Redshift Networks Assembles World Class Advisory Board Of Enterprise, (PRWeb) RedShift Networks, a cloud service, software and appliance solution provider solving the growing Unified Communications/Collaboration (UC)/5G security
Exostar Expands Executive Leadership Team to Support Growing Worldwide Customer Community (BusinessWire) New CTO & CRO to lead effort to bring innovative, easy-to-use, enterprise-class secure business collaboration products to highly-regulated industries.
Products, Services, and Solutions
Ericsson boosts 5G core security with its Packet Core Firewall (Capacity Media) Ericsson has enhanced its 5G core network security offering for communications service providers (CSPs) with the launch of its cloud native Ericsson Packet Core Firewall.
Celerium Named a Licensed Partner Publisher by CMMC Accreditation Body, and Debuts CMMC Quiz and Self-Assessment Tool via CMMC Academy (PR Newswire) The CMMC Academy, an initiative of Celerium Inc., today announced that the CMMC Accreditation Body approved Celerium to be a Licensed Partner...
Illumio Core is Now Fully Qualified for the Oracle Exadata Ecosystem Running on Oracle Linux (Illumio) Learn how Oracle and Illumio have partnered to allow Exadata customers to implement a simple, highly scalable, and comprehensive security solution for robust protection of Oracle workloads.
Texas Teams Up with FireEye to Tackle Ransomware (BusinessWire) FireEye and Mandiant to support the State of Texas in its efforts to combat ransomware and evolving cyber threats.
Oklahoma Chooses Anomali to Build Statewide Threat Intelligence Program (StreetInsider.com) Anomali Helps State Detect COVID-19 Related Cyberattacks, Unemployment Fraud, Risk Created by Remote Workers
Former Hargreaves Lansdown CIO partners with global cyber security platform to take on the fight against hackers. (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.
Palo Alto Networks Introduces Industry's First Next-Generation SD-WAN Solution Enabling the Secure Cloud-Delivered Branch and Simplified Network Operations (PR Newswire) As SD-WAN has become the primary WAN architecture, organizations are demanding solutions that deliver a better user experience while being...
SolarWinds Announces Integration With ServiceNow Service Graph Connector Program (Odessa American) AUSTIN, Texas--(BUSINESS WIRE)--Sep 17, 2020--
Network Solutions Provider, a Leader in Business Technology Optimization and Security, and CyGlass Form a Strategic Partnership to Include CyGlass' Network Defense as a Service Solution in its Product Portfolio (PR Newswire) CyGlass, a leading SaaS AI-based Network Detection and Response (NDR) platform, and Network Solutions Provider (NSP), a leader in providing...
10 ransomware protection tools you need to know about (CRN Australia) The best remediation tools to hit the market in 2020.
Technologies, Techniques, and Standards
User acceptance: the biggest I&AM hurdle (Computing) The holy grail of I&AM is to actually improve the user experience while making the business more secure, but most organisations are a long way from that
Are Your Company Credentials Exposed on the Dark Web? (Secplicity) The dark web is a collection of anonymous websites that are publicly available, yet hide the IP addresses to make it impossible for users to identify the host. It’s very common that sensitive information made available by data breaches ends up becoming available illicitly for sale on the dark web. According to the 2019 Global […]
'You Are Not Anonymous on Tor' - Study Shows Privacy Network Offers Superficial Anonymity (Bitcoin News) A paper called “Tor 0-day” says that it is an open secret among the internet service community: “You are not anonymous on Tor.”
Negotiating Secure Work During the Pandemic (SIGNAL Magazine) Intelligence community contractors evolve to serve the national security mission during COVID-19.
Onerous Honorlock: UW cannot justify using malware in effort to proctor students (The Badger Herald) With applications such as Honorlock gaining popularity in UW, its use remains questionable in terms of ethicality, security
Justifying your 2021 cybersecurity budget (Help Net Security) As part of justifying a 2021 cybersecurity budget, CISOs need to focus on quick wins, cost-effective SaaS solutions, and ROI predictions.
Military Services Look at New Approaches to Intelligence Operations (SIGNAL Magazine) Intelligence is metamorphosing as recent changes feed into operational evolution.
The Air Force is working on better intelligence integration for defensive cyber (C4ISRNET) Air Force defensive cyber teams are working to utilize intelligence from the very beginning planning stages of operations.
Pioneering Cyberspace Squadron hosts Mission Defense Team Conference (DVIDS) The 62d Cyberspace Squadrons hosts a conference to collaborate across the Air and Space Force cyberspace communities.
Secret Service conducts cyber incident simulation (Homeland Preparedness News) The Secret Service recently hosted a virtual Cyber Incident Response Simulation officials focused on ransomware attack and mitigation strategies.
CISA Named Top-Level Root CVE Numbering Authority (CNA) (Security Affairs) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). The US Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA), it will be overseeing CNAs in assigning CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices. […]
Design and Innovation
How MIT's SCRAM could break the cyber-attack logjam (TechBeacon) MIT's SCRAM incident reporting encryption could be a game-changer for helping companies plan cybersecurity strategies. Is it right for your company?
Britain’s armed forces get ready for a revolution (The Economist) The emphasis is on threats short of open warfare and the technological prowess to combat them
JROC Struggles To Build ‘Information Advantage’ Requirement (Breaking Defense) "I'm not sure exactly how we're going to document what information advantage really is," says Vice JCS Chief Gen. John Hyten, who chairs the Joint Requirements Oversight Council.
Facebook is cracking down on groups that give health advice and promote violence (CNBC) Facebook announced new policies that will limit the spread of groups on its social network that focus on giving users health advice as well as groups with ties to violence.
Twitter rolls out new security features to prevent Election Day chaos (The Verge) The move follows one of the company’s biggest breaches.
Twitter adds security measures for high-profile political users (Axios) The move follows a major hack of notable Twitter users in July.
Twitter Expands QAnon Restrictions To Include Candidates, Elected Officials (Forbes) Twitter also reported a 50% decrease in engagement on QAnon content since it began its crackdown in July.
Facebook issues new rules on internal employee communication (CNBC) Facebook CEO Mark Zuckerberg on Thursday outlined to employees a new set of principles to guide debates and conversations within Workplace, the company's internal social network.
Academia
Army Futures Command picks Austin Community College for software factory (C4ISRNET) The Army is setting up a software factory that will help the service collaborate with students and industry as it modernizes in the digital age.
Legislation, Policy and Regulation
China Has to Approve TikTok-Oracle Deal Too, ByteDance Says (Wall Street Journal) TikTok owner ByteDance and Oracle are waiting to learn whether President Trump will give his blessing to their deal, but another hurdle remains: Beijing still has to sign off too.
U.S. to Ban TikTok Downloads, Use of WeChat on Sunday (Wall Street Journal) Commerce Secretary Wilbur Ross said the U.S. will ban downloads of the video-sharing app TikTok and the U.S. use of the messaging and electronic payment app WeChat after Sunday night over national security and data privacy concerns.
US will ban WeChat and TikTok downloads on Sunday (CNN) The Commerce Department plans to restrict access to TikTok and WeChat on Sunday as the Trump administration's executive orders against the two apps are set to take effect.
Commerce Department Prohibits WeChat and TikTok Transactions to Protect the National Security of the United States (U.S. Department of Commerce) In response to President Trump’s Executive Orders signed August 6, 2020, the Department of Commerce (Commerce) today announced prohibitions on transactions relating to mobile applications (apps) WeChat and TikTok to safeguard the national security of the United States.
Putin discusses development of Russia-Belarus ties with Security Council (TASS) The Russian president called on the security top brass to elaborate approaches to the development of relations with Moscow’s closest partner nations
Ukraine-U.S. military exercises begin as Russia holds drills in Belarus (Reuters) Ukraine and the United States launched joint military exercises on Thursday, two days after Russia began joint military drills with forces in neighboring Belarus.
O’Toole says he wouldn’t allow Huawei onto Canada’s 5G network (The Western Standard) It comes on the day, the Globe and Mail reported Huawei had communicated to Ottawa that it promised not to spy on Canada.
Paying Cyber-Ransoms Should be Outlawed, Ex-Security Boss Says (BNN) Ciaran Martin, who stepped down as head of the U.K.’s National Cyber Security Centre this month, will call on Boris Johnson’s government to make it illegal for companies to pay cyber hackers a ransom.
FERC Opens Supply Chain Cyber Risk Inquiry (ERO Insider) FERC began an inquiry into the reliability risks posed by equipment originating overseas, seeking comment on utilities' use of equipment provided by entities associated with U.S. adversaries.
FERC Seeks Comments on Potential Risks to Bulk Electric System (Federal Energy Regulatory Commission) News Release: September 17, 2020
Docket No. RM20-19-000
Item No. E-2
NOI
The Federal Energy Regulatory Commission (FERC) is seeking comments on the potential risks to the bulk electric system posed by using equipment and services produced or provided by entities identified as risks to national security.
Towards a post-privacy world: proposed bill would spur open data sharing between agencies (Which-50) The federal government has announced a plan to increase the sharing of citizen data across the public sector. This would include data sitting with
Brazil, Canada Lead Surge In Global Privacy Law Expansion (Law360) A new Brazilian data protection law and proposed changes to Canada's privacy regime highlight the enhanced liability risks that businesses face around the world as countries race to craft personalized ways to regulate the use and sharing of personal data.
Is data privacy an oxymoron? An EU initiative addresses growing concerns (CORDIS | European Commission) A team of researchers has launched a tracking-free website to protect the privacy of its visitors and help citizen scientists investigate digital cookies.
DOD Works to Increase Cybersecurity for U.S., Allies (U.S. DEPARTMENT OF DEFENSE) U.S. Cyber Command has taken a comprehensive and proactive approach that includes working with allies and partners to respond to cyber and other threats before they reach the homeland.
Trump plans to nominate official for FCC amid social media push (Reuters) President Donald Trump, pressing for new social media regulations, plans to nominate a senior administration official to be a member of the Federal Communications Commission (FCC), the White House said on Tuesday.
Senior Department of Energy cyber official to step down (CyberScoop) Bruce Walker, who has served as a senior Department of Energy official focused on cybersecurity since 2017, is leaving his post later this month to work at a security nonprofit, CyberScoop has learned.
Litigation, Investigation, and Enforcement
Assange Put Sources Named In War Logs At Risk, US Claims (Law360) WikiLeaks founder Julian Assange published the unredacted names of U.S. informants living in Iraq and Afghanistan that were contained in military war logs, creating a "grave and imminent risk" to innocent civilians, a U.S. prosecutor said at Assange's London extradition hearing Thursday.
F.B.I. Director Warns of Russian Interference and White Supremacist Violence (New York Times) Testimony by Christopher A. Wray contradicted efforts by President Trump and other officials to downplay the threats.
US looks out for 5 super hackers from China who attacked Indian govt websites (One India) 'In about 2019, the conspirators compromised Government of lndia websites, as well as virtual private networks and database servers supporting the Government of India. The conspirators used VPS PROVIDER servers to connect to an Open VPN network owned by the Government of India,' the indictment said.
US charges 5 Chinese “Apt41” actors for hacking into more than 100 companies (Security Magazine) U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.
APT41 Operatives Indicted as Sophisticated Hacking Activity Continues (Threatpost) Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.
Treasury Dept. sanctions Iranian government-backed hackers (TheHill) The Treasury Department on Thursday announced sanctions against a prolific Iranian hacking group, 45 individuals and a front group allegedly used by the Iranian government to target Iranian dissidents and other groups.
Co-founder of cyber fraud prevention startup arrested for alleged fraud (CyberScoop) The co-founder of cyber fraud prevention startup NS8 was charged and arrested Thursday for allegedly tricking investors with falsified financial statements.
Spy Court Says It Lacks Authority To Declassify Its Records (Law360) The U.S. Foreign Intelligence Surveillance Court has refused to release court documents related to government surveillance and attorney misconduct, finding that it can't disclose the information in light of a February ruling over the declassification of records.
Treasury Says It Lacks Data On Finance Sector's Cyber Risks (Law360) The U.S. Treasury Department says it lacks the data — and the authority to collect the data — that would be necessary to comply with a government watchdog recommendation that it track the financial sector's cyber risk mitigation efforts to thwart cyber threats, according to a report published Thursday.
FBI Fights Intellectual Property Theft from University Offices (Nextgov.com) Director Christopher Wray noted the importance of attribution in the bureau’s strategy amid growing difficulty investigating cyber crime.
FBI in Utah aims to take bite out of potential election cybercrime, ballot fraud (Deseret News) As local FBI officials in Utah talked about the agency’s role to protect the 2020 election from fraud and abuse Thursday, their boss in Washington described "very active" efforts by the Russians to influence the outcome.
Industry Events
upcoming Events
Women in STEM Speakers Series (Online, July 15 - September 30, 2020) The Women in STEM Speaker Series will introduce you to 12 inspiring STEM role models who have established themselves as experts in a variety of fields.
SECtember 2021 (Online, September 8 - 25, 2020) As many organizations rush to meet the needs of a remote workforce and respond to the uncertainty of a COVID world, the need to develop secure, cloud-based solutions is essential. To meet this need, CSA is launching the SECtember Experience, a webinar series designed to help guide you on your race to the cloud. The SECtember Experience will deliver a high-level overview on a range of cloud topics including remote workforce security, SDP, secure digital transformation, vendor risk assessment, cloud governance and more. Hear from world-class CISOs and experts in all things cloud, while earning CPE credits from attending this free webinar series.
2020 Intelligence & National Security Summit (Online, September 16 - 18, 2020) The nation's premier intelligence and national security conference is going virtual! Taking place Sept 16-18, the 2020 Intelligence and National Security Summit features powerful plenaries with senior IC leaders, engaging breakout sessions with top industry, academic, and government experts, and a virtual exhibit hall where you can learn about the latest technology innovations.
CISA’s Third Annual National Cybersecurity Summit (Online, September 16 - October 7, 2020) CISA’s Annual National Cybersecurity Summit will be held virtually as a series of webinars every Wednesday for four weeks beginning September 16 and ending October 7. The 3rd Annual National Cybersecurity Summit will bring together infrastructure stakeholders from around the world and provide a forum for meaningful conversations and collaboration on cybersecurity. Each series will have a different theme that focuses on CISA’s mission to “Defend Today, Secure Tomorrow,” with presentations from targeted leaders across government, academia, and industry. This year’s themes are: Sept 16: Key Cyber Insights; Sept 23: Leading the Digital Transformation; Sept 30: Diversity in Cybersecurity; Oct 7: Defending our Democracy.
Virtual Submerge 2020 (Online, September 22 - 23, 2020) Join thousands of security professionals at Virtual Submerge 2020. See the latest trends in phishing attacks + how you can leverage technology and human intelligence to avoid a breach and guard your bottom line. Enjoy exciting keynotes, followed by tons of sessions and demos you can watch on-demand. We’ll have our experts ready to answer questions throughout the entire event.
Sponsor & Support
Grow your brand, generate leads, and fill your funnel.
With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.