Cyber Attacks, Threats, and Vulnerabilities
CVE-2020-1472 Zerologon Update (eSentire) UPDATE: As of the evening of September 23rd, Microsoft has confirmed that threat actors are exploiting CVE-2020-1472 in attacks in the wild.
Instagram bug opened a path for hackers to hijack app, turn smartphones into spies (ZDNet) The RCE vulnerability, now patched, took nothing more than an image file to trigger.
Preventing insider threats: What to watch (and watch out) for (CSO Online) Understanding human behaviors that precede malicious actions from an insider is the best way to avoid data loss or disruption, experts say.
Removing Coordinated Inauthentic Behavior (About Facebook) We removed three separate networks that originated in Russia for violating our policy against foreign or government interference.
GRU and the Minions (Graphika) On September 24, Facebook took down some 300 assets that it attributed to members of Russia’s military, including the military intelligence services. Several other social media platforms took down related assets at the same time.
Federal Agency Compromised by Malicious Cyber Actor (CISA) CISA became aware—via EINSTEIN, CISA’s intrusion detection system that monitors federal civilian networks—of a potential compromise of a federal agency’s network. In coordination with the affected agency, CISA conducted an incident response engagement, confirming malicious activity. The following information is derived exclusively from the incident response engagement and provides the threat actor’s tactics, techniques, and procedures as well as indicators of compromise that CISA observed as part of the engagement.
Hacker Accessed Network of U.S. Agency and Downloaded Data (Bloomberg) An unnamed U.S. federal agency was hit with a cyber-attack after a hacker used valid access credentials, authorities said on Thursday. While many details of the hack weren’t revealed, federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity & Infrastructure Security Agency, known as CISA.
Feds Hit with Successful Cyberattack, Data Stolen (Threatpost) The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
FBI, DHS say they have 'not identified' hacking schemes to change vote tallies ahead of U.S. election (Reuters) U.S. security agencies say they are not aware of any cyber threats that could change vote tallies or "manipulate votes at scale" in the Nov. 3 presidential election, according to a public service announcement released on Thursday.
Diverting Election Reporting Results to Mitigate DDOS Attacks (LinkedIn) The normal network architecture for reporting voting results in our upcoming election is straightforward: A regional election management system is operated by local officials, and tabulated results are sent across an encrypted link to an election results reporting server. When working properly, resu
Brussels Report: Governments’ Concerns Rise About Pandemic Cyberattacks on Health Care (Wall Street Journal) A surge in cyberattacks on medical facilities during the pandemic has alarmed national governments. The potential consequences were highlighted last week with the death of a woman after she was turned away from a German hospital that had been struck by ransomware.
Cyber attacks against energy sector industrial control systems are on the rise (Computing) The same trend is seen with the building automation industry
Pandemic Leads to Rise in Industrial Systems Targeted Via RDP: Report (SecurityWeek) The COVID-19 pandemic has apparently resulted in a rise in ICS being targeted via brute-force attacks on RDP passwords, Kaspersky reported
Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns (ElectionLand) The malware attack, which sent fake email replies to voters and businesses, spotlights an overlooked vulnerability in counties that don’t follow best practices for computer security.
Some Flagler College data compromised (St. Augustine Record) Some Flagler College data was compromised as a ransomware attack against Blackbaud.
Nebraska Medicine provides update on 'cyber attack' causing network issues (KETV) FBI Omaha said it is aware of the situation at Nebraska Medicine and has offered assistance
Fallout From The Ransomware Attack At Illinois Valley Community College Is Still Far From Over (Northern Public Radio) In April, Illinois Valley Community College’s servers shut down. It happened soon after COVID-19 closed down the campus and shifted classes online. Hackers
Zoom cancels talk by Palestinian hijacker Leila Khaled at San Francisco State University (The Verge) Debates over platform moderation reach Zoom webinars
Racist threats shouted out after someone breached online class in Snohomish School District (Q13 FOX) Someone got into a virtual classroom and yelled out racist comments
Security Patches, Mitigations, and Software Updates
Bug Fixes Take Twice as Long for Manufacturing Firms (Infosecurity Magazine) Kenna Security shines a light on vulnerability management in 14 sectors
How Twitter Survived Its Biggest Hack—and Plans to Stop the Next One (Wired) On July 15, Twitter melted down. On Election Day, that's not an option.
Cyber Trends
PIV security frays under the crush of telework (FCW) Adversaries are adapting to the shifting identity authentication gaps on federal and commercial networks created by the remote work environment, according to federal security experts.
Synack: Federal agencies and banks have made the most cybersecurity improvements (TechRepublic) The overall Attacker Resistance Score for the IT sector dropped this year due in part to digital transformation work, according to the 2020 Trust Report.
What are the most hack-resistant industries? (Help Net Security) Government and financial service sectors globally are the most hack-resistant industries in 2020, according to research from Synack.
What Happens When Americans Join the Global Internet (New York Times) Banned apps, nefarious theories, trade wars, voiceless users. The case of TikTok isn’t news to most of the world.
Majority of Americans say social media companies shouldn’t allow any political ads (Pew Research Center) 77% of adults think it's not acceptable for social media sites to use data about users’ online activities to show them political campaign ads.
Most UK Firms Admit #COVID19 Cloud Security Threat (Infosecurity Magazine) Cloud adoption saved UK firms but exposed them to greater risk, says Centrify
Financial Sector Cybersecurity: How do you compare to your peers? (Digital Defense) Comparing and quantifying your cybersecurity posture against peer organizations in the financial sector provides valuable context for how your cybersecurity program performs relative to others in your industry.
Marketplace
Ripjar, founded by GCHQ alums, raises $36.8M for AI that detects financial crime (TechCrunch) Financial crime as a wider category of cybercrime continues to be one of the most potent of online threats, covering nefarious activities as diverse as fraud, money laundering and funding terrorism. Today, one of the startups that has been building data intelligence solutions to help combat that is…
Spectrum Labs raises $10M for its AI-based platform to combat online toxicity (TechCrunch) With the U.S. presidential election now 40 days away, all eyes are focused on how online conversations, in conjunction with other hallmarks of online life like viral videos, news clips and misleading ads, will be used, and often abused, to influence people’s decisions. But political discourse…
Startup run by former intelligence workers raises £28m (Sifted) Ripjar, a startup founded by former employees from Britain’s intelligence agency, has received £28m to build AI that detects financial crime.
Plurilock Announces Closing Of Qualifying Transaction And Completion Of $2.6 Million Financing (Business Examiner) Plurilock Security Inc. (formerly Libby K Industries Inc.), further to its news releases dated June 23 and Aug. 24, 2020, has closed its previously announced qualifying transaction and changed its name to Plurilock Security Inc. Also, in connection with the transaction, the company completed a consolidation of its common shares on a one-for-two basis.
Startups to Watch: Kognos, Ecomedes (Crunchbase News) We think these startups are worth highlighting for their interesting approaches despite their smaller raises.
WSJ News Exclusive | Palantir Expected to Be Valued at Nearly $22 Billion in Trading Debut (Wall Street Journal) Palantir Technologies is expected to fetch a lofty valuation in its transition to a public company despite an unusually aggressive governance structure, in the latest sign of investors’ voracious appetite for new shares.
App Store rejected 150,000 apps in 2020, seeing 100,000 submissions per week (AppleInsider) Apple is promoting a new series of statistics revealing details of App Store operations, plus how the Apple Developer Program has grown.
What Israeli technologies did Microsoft unveil and which Israeli startups are helping keep us sane? (CTECH) CTech Daily Roundup: Emirates Angels Investors Association looking for friends and business in Israel
A10 Networks Should Be A 10 Dollar Stock (NYSE:ATEN) (Seeking Alpha) A10 is a relatively small company that provides hardware and software solutions for enterprises to securely run their cloud-based businesses.
Out-of-Band: More Than A Safety Net? (Opengear) Opengear experiences growth in Canada
Facebook Oversight Board confirms it plans to launch ahead of U.S. election (CNBC) Facebook's much-anticipated Oversight Board has confirmed that it is planning to launch ahead of the U.S. election on Nov. 3 after being criticized for a perceived lack of action.
Facebook adds more guidelines for internal employee speech, banning political images in profile pics (CNBC) Facebook on Thursday outlined its new set of rules for employee communications within Workplace, the company's internal social network.
Hootsuite Denied Providing Tech to ICE. This Contract Shows That It Did (Vice) Hootsuite has yet to provide any evidence it has or will end its contract with ICE.
SentinelOne EMEA boss - 'We have trebled our team in the UK in last five months' (CRN) Roland Stritt opens up about poaching partners from Broadcom, triple-digit net new business growth during lockdown and rumours of an IPO on the horizon
Secret CSO: Richard Jones, Orange Cyberdefense (IDG Connect) What conferences are on your must-attend list? "I really enjoy the big industry events, such as Infosec Europe, and for me the main draw is the quality of the speakers…"
Telos Corporation Welcomes TAPS Founder and President Bonnie Carroll to its Board of Directors (Telos Corporation) Presidential Medal of Freedom recipient and TAPS founder Bonnie Carroll to provide strategic guidance to cybersecurity company, Telos Corporation.
Netskope Names Dave Peranich as President of Go-To-Market (PR Newswire) Netskope, the leading security cloud, today announced the appointment of industry veteran Dave Peranich as President of Go-to-Market. Leading a...
Products, Services, and Solutions
Onfido enables identity document and biometric verification to Azure AD B2C customers (Onfido) Azure AD B2C customers can now call on Onfido's identity document and facial biometrics verification during user onboarding, step-up or any other touch points in a customer journey.
Prime Trust Partners with Acuant for its All-In-One Trusted Identity Platform (PR Newswire) Acuant, a leading global provider of identity verification, today announced that Prime Trust is engaging Acuant's Trusted Identity Platform for...
Ring plans to offer end-to-end encryption by the end of the year (The Verge) More security for your doorbell camera
Ring announces new line of security cameras for cars (The Verge) You’ll also be able to integrate your car’s existing cameras into the Ring system
Ring’s latest security camera is a drone that flies around inside your house (The Verge) Flying camera go brrrrrrr.
Ring's new smart security products aim to protect your mailbox, car, and home — here's everything you need to know about the 2020 Ring lineup (Business Insider) Amazon's Ring has announced several new devices for its 2020 release, so here's what to know and how to buy.
Illusive Networks Joins Microsoft Intelligent Security Association and is Now Available in the Microsoft Azure Marketplace (Illusive Networks) Illusive, a leader in active cyber defense, joined the Microsoft Intelligent Security Association (MISA), bringing the combined power of Illusive’s active defense platform and Microsoft security products to enterprise customers worldwide.
Illusive Networks Strengthens Microsoft Partnership; Achieves Microsoft Co-Sell Ready Status (Illusive Networks) Illusive Networks, a leader in active cyber defense, today announced it has achieved Microsoft Co-Sell Ready status.
Pulse Secure Fortifies Secure Access Through McAfee’s Security Innovation Alliance (Yahoo) Pulse Secure, the leading provider of Zero Trust Secure Access solutions, today announced successful integration and joint compatibility testing with McAfee ePolicy Orchestrator (ePO). Through this integration, customers of Pulse Secure Pulse Policy
IBM Launches Security Assessment Service Focused on Business Risk (Security Boulevard) IBM Security this week launched a service through which it will work with IT security professionals to assess the business risks cybersecurity
Une start-up sécurise les téléphones portables grâce à une puce quantique (Radio LAC) L’entreprise genevoise ID Quantique a crée une puce pour téléphone qui utilise la cryptographie quantique pour les protéger. Samsung l’a utilisé dans son dernier téléphone qualifié par la presse de « plus sûr du monde ». La technologie pourrait à l’avenir se développer à d’autres objets que les téléphones. Une puce quantique qui rend votre téléphone inviolable. […]
NetSfere Brings The Power of Secure Communication to the Workplace by Enabling Encrypted Group Video Calling and Real-Time Communication Tools on its Messaging Platform (GlobeNewswire) Company unveils its most advanced product update with secure, regulatory compliant communications tools that enable instantaneous, contextual team collaboration while reducing the need for formal, time-consuming meetings
Technologies, Techniques, and Standards
Establishing a Secure and Resilient 5G Ecosystem (Booz Allen Hamilton) Fifth-generation technology (5G) will soon revolutionize global telecommunications. This paper addresses the broad-reaching challenges, risks, and opportunities of 5G technology.
Positive Technologies Report: The Road to 5G migration starts with securing 4G (Telecom Reseller) Telecom security experts outline cyber security recommendations for mobile operators in 5G Non-Standalone era
Firms Conduct ‘War Games’ to Prepare for External Threats (Wall Street Journal) Amid trade-war threats, geopolitical uncertainty and the global coronavirus pandemic, such gaming has become more popular.
US Army combines fake hacks, natural disaster simulation to test responses in Charleston, Savannah (CyberScoop) What happens when Charleston and Savannah are faced with cyberattacks and physical disruptions in their ports? The Army investigates.
Breaking Dridex and Creating a Vaccine (Appgate) The technical details of Dridex were already covered in our blog post Reverse Engineering Dridex and Automating IOC Extraction.
What’s it actually like to barter with ransomware gangs? — bobsullivan.internet (Fintech News | Fintech Zoom) (FBI picture) INTRODUCTION It is perhaps the worst-kept secret in all of cybersecurity: the FBI says don’t pay ransomware gangs. However
What Does A GC Do When Told: 'Pay Up, Or Else'? (Law360) General counsel have a dirty little secret: Sometimes their companies receive extortion demands, and occasionally the organization gives in. Here, Law360 looks at how GCs guide their companies in deciding whether to yield to a criminal's demand.
The company email promised bonuses. It was a hoax — and Tribune Publishing employees are furious. (Washington Post) The company has now apologized for the "cruel" email intended to test its cyberdefenses.
Design and Innovation
Council Post: How Contextual Machine Learning Targets Human Error To Prevent Email-Based Data Breaches (Forbes) While email has been critical to the continued operation of many businesses in the current health crisis, it has also presented those businesses with new data security challenges.
Telepath is a new, kinder social network. But is the internet ready to be nice? (Protocol) Former Quora execs are prioritizing moderation over user numbers for their new social network. The question is how long investors stick around for that to work.
Academia
How to Train the Next Generation of InfoSec Pros Through Real-World Threats (EdTech) Fairfield University has opened a new cybersecurity lab that gives students hands-on learning experiences.
Legislation, Policy, and Regulation
Dutton pushes trusted 5G suppliers to stop espionage (Australian Financial Review) Peter Dutton has ramped up calls for countries to decouple their technology networks from suppliers that could be forced to facilitate espionage and foreign interference, such as Huawei.
Brits unleash crack squad to save telecom from Huawei, Ericsson and Nokia (Light Reading) UK authorities have named the elite troops whose mission (impossible?) will be to find and nurture alternatives to the big three.
UAE cyber head: Israeli intel. sharing helps deter hacking attempts (The Jerusalem Post) 1st public appearance of Israel, UAE cyber officials together
UAE, Israeli cyber chiefs discuss joining forces to combat common threats (Reuters) The United Arab Emirates and Israel share threats to their national online networks, the Israeli cyber-security chief said on Thursday in a rare public discussion of potential cooperation with his counterpart following the normalisation of relations.
Putin says Russia and U.S. should agree not to meddle in each other's elections (Reuters) President Vladimir Putin called on Friday for an agreement between Russia and the United States to guarantee not to engage in cyber-meddling in each other's elections.
Secret Service consults with Cyber Command, private sector in updated approach to financial crime (CyberScoop) In an unprecedented step, the Secret Service has brought in outside expertise to overhaul investigative practices as it enhances its work with the Treasury.
FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy (Nextgov.com) Senator says legislation is moving forward to thwart intellectual property theft from China and defend federal networks from cyberattacks.
Senate panel to vote next week on subpoenas for Google, Facebook and Twitter CEOs (POLITICO) Republicans want the CEOs to testify about a 1996 law that has protected tech platforms from lawsuits over content their users post.
WSJ News Exclusive | DOJ to Seek Congressional Curbs on Immunity for Internet Companies (Wall Street Journal) The Justice Department submitted a proposal to Congress on Wednesday to curb longstanding legal protections for internet companies such as Facebook, Google and Twitter.
Microsoft supports commission calling for re-establishment of U.S. cyber czar (Reuters) Microsoft Corp said on Thursday it supports the Cyberspace Solarium Commission, which recommends the re-establishment of a cybersecurity czar.
Critical steps for securing cyberspace (Microsoft on the Issues) Cyberattacks are increasing every day, and the Cyberspace Solarium Commission has made some specific recommendations critical to cybersecurity. As we approach National Cybersecurity Awareness Month, we strongly recommend that Congress act on them.
Indiana attorney general wants regulation in place to protect against cyberattacks (The Center Square) Indiana would become the first state to use government regulations to protect consumers from cyberattacks if a rule proposed by Attorney General Curtis Hill gets implemented.
The Uncertain “State” of US Data Protection Law: California Leads the Way (The National Law Review) When it comes to US data protection law, all eyes are on California. The California Consumer Privacy Act of 2018 (CCPA), which took effect this year, introduced a complicated data protection framework
Former Fed. CISO Schneider Looks Back on Gov’t Past, Ahead to Future of Info. Security (Meritalk) The former Federal Chief Information Security Officer Grant Schneider drew on his nearly 28 years of government experience to explain how government information is secured now and offered his thoughts on where information security might be headed in the future.
Litigation, Investigation, and Law Enforcement
Judge says U.S. must defend or delay TikTok app store ban by Friday (Reuters) A U.S. judge said Thursday the Trump administration must either delay a ban on U.S. app stores offering TikTok for download or file legal papers defending the decision by Friday.
How A High Court Textualist Could Help Limit Anti-Hack Law (Law360) Appointing a textualist to the U.S. Supreme Court could boost efforts to curb the scope of a 1986 computer crime law and change the legal reasoning the high court uses in Fourth Amendment cases, although past rulings show that privacy law does not fit neatly within ideological lines.
Former Cambridge Analytica chief receives seven-year directorship ban (the Guardian) Alexander Nix handed penalty for ‘potentially unethical’ behaviour linked to scandal
DHS Admits Facial Recognition Photos Were Hacked, Released on Dark Web (Vice) Traveler’s faces, license plates, and care information were hacked from a subcontractor called Perceptics and released on the dark web.
Blackbaud Ransomware Breach Victims, Lawsuits Pile Up (BankInfo Security) As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the
Spy Court Backs Broad View Of 'Facility' Open To Surveillance (Law360) The Office of the Director of National Intelligence has declassified a Foreign Intelligence Surveillance Court opinion supporting a novel interpretation of the types of facilities that can be targeted by the government's electronic surveillance.
EU Extends Google-Fitbit Probe; Data Privacy Increasingly Important in Australia (ExchangeWire.com) In today's ExchangeWire news digest: EU antitrust regulators have had the deadline for their probe into Google's purchase of Fitbit extended; research
Birmingham Uni faces legal action after cyber attack leaked data (BirminghamLive) It is one of a number of institutions being investigated by Simpson Millar solicitors on behalf of around 30 clients who were affected by the data breach
Ex-Cop Charged In EBay Cyberstalking Case To Plead Guilty (Law360) A retired California police captain working security operations for eBay is the latest ex-employee of the e-commerce giant to indicate he will plead guilty for participating in a scheme to terrorize a Massachusetts couple over their blog's critical coverage of the company, according to a Thursday court notice.
Russian pleads not guilty in foiled Tesla ransomware plot (Washington Post) A Russian citizen accused of offering a Tesla employee $1 million to enable a ransomware attack at the electric car company’s plant in Nevada has pleaded not guilty to a federal conspiracy charge
Maryland Man Sentenced to Prison for Intentionally Damaging the Computers of His Former Employer (US Department of Justice) A Maryland man was sentenced by U.S. District Judge Catherine C. Blake today to 12 months and one day in federal prison, followed by three years of supervised release, for illegally accessing and damaging the computer network of his former employer. Judge Blake also entered an order requiring Stafford to pay restitution in the amount of $193,258.10 to his former employer.
Nigerian Hacker Sentenced to Prison in U.S. for Targeting Government Employees (SecurityWeek) A Nigerian hacker was sentenced to 36 months in prison in the United States for participating in a scheme that targeted government employees
U.S. judge questions Bolton’s political motives as he battles White House lawsuit for book profits (Washington Post) Attorneys for former Trump national security adviser John Bolton urged a federal judge Thursday to halt the government’s efforts to seize the proceeds from his memoir and accused White House aides of improperly trying to stall publication of the book because it reveals unflattering material about the president.
