Cyber Attacks, Threats, and Vulnerabilities
The Election Threats That Keep US Intelligence Up at Night (Wired) Government officials have increasingly sounded alarms on the risks of foreign interference and disinformation campaigns leading up to—and after—November 3.
Feds Issue Health Care Malware Alert (HomeCare Magazine) The Office of Civil Rights (OCR) of the Department of Health and Human Services (HHS) has issued a warning to health care providers about the Taidoor Malware being used by the Chinese government.
Officials: Washington Being Targeted by Phishing Campaign (SecurityWeek) Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday.
Error-bnb: Techies scramble to fix Airbnb website bug that let strangers read each others' account messages (Register) One thing to let people rent your home, quite another to let them access your private comms
KuCoin cryptocurrency exchange hacked for $150 million (ZDNet) KuCoin said an intruder drained all its hot wallets today.
KuCoin Security Incident Update (KuCoin) Dear KuCoin Users, We detected some large withdrawals since September 26, 2020 at 03:05:37 (UTC+8). According to the latest internal security audit report, part of Bitcoin, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings. The assets in our cold wallets are safe and unharmed, and hot wallets have been re-deployed.
Windows XP source code leaked online (Computing) The source, going by the name billgates3, claimed that the source code has been circulating privately for many years
Data breach compromises personal info. of veterans (Rio Blanco Herald Times) The U.S. Department of Veterans Affairs (VA) Office of Management today announced a data breach involving the personal
Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT (Security Affairs) Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18 […]
()
Google removes 17 Joker -infected apps from the Play Store (Security Affairs) Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. The Joker malware is a malicious code camouflaged as a system app and […]
Google removes 17 Android apps caught engaging in WAP billing fraud (ZDNet) The 17 apps were infected with the Joker (Bread) malware, which Google described in January 2020 as one of the most persistent threats it dealt with since 2017.
REvil ransomware deposits $1 million in hacker recruitment drive (BleepingComputer) The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.
A cyber cautionary tale: Unnamed agency suffers sophisticated, possibly nation state, attack (Federal News Network) Industry cyber experts say the unnamed agency failed to secure their networks with basic cyber hygiene steps and ended up becoming the latest victim of a sophisticated cyber attack.
Hackers Take Data for Further Reconnaissance in Breach of Federal Agency (Nextgov) Initial access to the agency’s system was possibly due to failure to fix a known VPN vulnerability, a patch for which was released in April 2019.
Federal agency compromised leveraging compromised credentials (HackRead) CISA did not reveal the name of the targeted Federal agency.
Hungarian banks, telecoms services briefly hit by cyber attack: Magyar Telekom (Reuters) Some Hungarian banking and telecommunication services were briefly disrupted by a powerful cyber attack on Thursday launched from computer servers in Russia, China and Vietnam, telecoms firm Magyar Telekom MTEL.BU said on Saturday.
Hungarian banks, telecoms services briefly hit by cyber attack: Magyar Telekom (Yahoo News) Some Hungarian banking and telecommunication services were briefly disrupted by a powerful cyber attack on Thursday launched from computer servers in Russia, China and Vietnam, telecoms firm Magyar Telekom said on Saturday. The event was a distributed-denial-of-service (DDoS) attack, a cyber attack
Plano’s Tyler Technologies confirms ransomware attack in software hack (Dallas News) Plano-based Tyler Technologies, a major U.S. provider of software services to state and local governments, acknowledged Friday it was hit by a ransomware...
Tyler Technologies warns clients to change remote support passwords (BleepingComputer) Tyler Technologies is warning clients to change the passwords for the technology provider's remote access accounts after suspicious logins have been reported.
Hacked software provider acknowledges ransomware attack (Stamford Advocate) A major U.S. provider of software services to state and local governments acknowledged Friday that it was hit by a ransomware attack two days after telling clients an unknown intruder had compromised its phone and information technology systems.
'ZeroLogon' hackers scan for unpatched servers (iTnews) Researcher's honeypot picks up exploitation attempt.
6 Things to Know About the Microsoft 'Zerologon' Flaw (Dark Reading) Until all domain controllers are updated, the entire infrastructure remains vulnerable, the DHS' CISA warns.
Gamers fragged by surge in credential stuffing attacks during lockdown (The Daily Swig) Attacks soar as DDoS attacks against video game firms rise – Akamai
FortiGate VPN Default Config Allows MitM Attacks (Threatpost) The client's default configuration for SSL-VPN has a certificate issue, researchers said.
Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers (The Hacker News) Fortinet's Fortigate VPN solution running default settings leave over 200,000 businesses vulnerable to man-in-the-middle (MitM) attacks.
Twitter warns developers that their private keys and account tokens may have been exposed (TechCrunch) The social media giant said developer private keys may have been stored in the browser's cache by mistake.
Source Code of Windows XP, Server 2003 Allegedly Leaked (SecurityWeek) Someone claims to have leaked tens of gigabytes of Microsoft source code, including for Windows XP and Windows Server 2003
Report: Online Fashion Retailer Exposes European Customers in Massive Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently discovered a leak in a database belonging to Polish online fashion retail company, BrandBQ. BrandBQ owns
Credential Harvesting Phish Exploits GDPR Compliance (Area 1 Security) Credential harvesting phishing emails leverage GDPR compliance and exploits cloud-based services, Virtual Private Servers, to target sales executives.
The Cybersecurity 202: Here are five big things election experts are really worried about (Washington Post) President Trump has claimed repeatedly without evidence that mail ballots will undermine the integrity of the election. But for election experts, the extremely low chance of any successful mail-ballot fraud is not even close to their top concern.
Ransomware Attacks Take On New Urgency Ahead of Vote (New York Times) Attacks against small towns, big cities and the contractors who run their voting systems have federal officials fearing that hackers will try to sow chaos around the election.
Russia suspected in crippling US election hack (Asia Times) Last week, voters and election administrators who emailed Leanne Jackson, the clerk of rural Hamilton County in central Texas, received bureaucratic-looking replies. “Re: official precinct results,” one subject line read. The text supplied passwords for an attached file.
Customers' bank details stolen as hackers target Staffordshire firm (Express) Customers at an IT company say they have lost thousands of pounds after the firm's website was hacked and their bank details stolen.
Xavier Catholic Schools donors had personal information stolen in worldwide data breach of Blackbaud (Post-Crescent Media) Names, birth dates, physical and email addresses, phone numbers and genders of Xavier Catholic Schools donors were stolen, but not financial information.
When coffee makers are demanding a ransom, you know IoT is screwed (Ars Technica) Watch along as hacked machine grinds, beeps, and spews water.
Coffee Machine Hit By Ransomware Attack—Yes, You Read That Right (Forbes) When your coffee machine can demand a ransom, perhaps it's time to take security more seriously
Security Patches, Mitigations, and Software Updates
Apple Patches Four Vulnerabilities in macOS (SecurityWeek) Apple has patched a total of four vulnerabilities across macOS Catalina, High Sierra and Mojave
Cyber Trends
Ransomware 2020: Attack Trends Affecting Organizations Worldwide (Security Intelligence) Ransomware attack trends in 2020 show how threat actors pivot in response to defenses. See the most common attacks today and how to defend against them.
One data breach may be all it takes to lose a client forever (Wealth Professional) Survey reveals that most Canadians are unforgiving when it comes to their personal and financial information
Marketplace
MobileIron to be Acquired by Ivanti to Secure Every Endpoint and Power the Everywhere Enterprise (Mobileiron) Transaction Creates World-Class Market Leader in Unified Endpoint Management, Zero Trust Security and Enterprise Service Management with Most Comprehensive Set of Solutions.
Security’s Role in Client to Cloud Networking (Arista) The Networking industry is undergoing a metamorphosis. Modern networking operations teams are challenged to cope with multiple operational models.
Reimagining the Power of a Secure Network (Awake Security) The magic of today’s innovations is enabled by the network, creating the possibility for new technologies to power the digital transformation across every industry. The Internet of Things or the cloud or operational technology, all of these, connect to the network and provide organizations around the world with improved innovation, efficiency and productivity. Yet for […]
CrowdStrike to Expand Its Cybersecurity Platform -- Again (The Motley Fool) The cloud-based cybersecurity specialist announced the acquisition of identity protection outfit Preempt Security.
NRECA Earns $6 Million DOE Grant to Boost Electric Co-op Cybersecurity Readiness - America's Electric Cooperatives (America's Electric Cooperatives) The Department of Energy today awarded the National Rural Electric Cooperative Association a $6 million grant to expand ongoing research and development into electric co-op cybersecurity tools. Known as Essence 2.0, the three-year project will deploy a revolutionary cyber monitoring tool to NRECA’s member cooperatives. Essence 2.0 enables machine-to-machine learning and is […]
Meet unicorn cybersecurity startup KnowBe4, which has a trickster CEO, a legendary felon as its 'chief hacking officer,' and a rumored IPO on the horizon (Business Insider) KnowBe4, a cybersecurity training startup, is rumored to have an upcoming IPO, and has a legendary hacker, Kevin Mitnick, as a top executive.
Accenture to set up new Adelaide 'hub' (iTnews) Hosts security, vendor CoE capabilities.
Products, Services, and Solutions
6 Characteristics of the Ideal Phishing Software Solution (INKY) To stop phishing threats, your email security software needs to have six characteristics. Learn what they are — and how INKY utilizes them all.
Menlo Security and Xtravirt Announce EMEA Partnership (Menlo Security) Menlo Security and Xtravirt Announce EMEA Partnership help VMware customers regain control & secure remote workers with Isolation.
A Social Network that Won't Sell User Data: Leavemark Officially Launches Out of Live Beta (PR Newswire) Leavemark, a new platform offering an ad-free social media and data storage hybrid experience, today announced that the app has emerged from...
Ostendio Expands MyVCM Auditor Connect Marketplace with A-LIGN Partnership (PR Newswire) Ostendio Inc., a leading provider of integrated risk management software, and A-LIGN, a security and compliance provider, today announced that...
Technologies, Techniques, and Standards
Could Estonia Be the Model for Secure Online Voting? (Government Technology) What country does elections best? With all the focus on securing the upcoming U.S. elections, let’s take a look at elections in Estonia with Joseph Carson, a global cybersecurity expert who lives there.
How state governments across the country are working to ensure election security (Pennsylvania Capital-Star) By Jerod MacDonald-Evoy There is no evidence, despite partisan claims to the contrary, that mail-in ballots are rife with voting fraud — but there are parts of the election system that security researchers say are at far greater risk for malicious activity. National elections such as the one in November, when Americans will decide whether […]
ThunderX ransomware silenced with release of a free decryptor (BleepingComputer) A decryptor for the ThunderX ransomware has been released by cybersecurity firm Tesorion that lets victims recover their files for free.
MITRE ATT&CK and the case for going back to cyber-security basics (teiss) The MITRE ATT&CK framework is an invaluable tool but getting the basics of cyber hygiene right is just as important.
This company's Zoom policy may be the worst I've ever heard (ZDNet) Working from home has made many companies reassess how they manage. Some manage to make things worse.
How Iran’s diaspora are using old-school tech to fight censorship at home (Rest of World) With the threat of another big internet blackout looming, companies are creating workarounds for Iranians using satellite dishes as conduits for the web.
What one company’s deal with the feds tells us about the long tail of data breaches (SC Media) A recently published corrective action plan between HHS and CHSPSC over a 2014 hack underscores how long companies must deal with the fallout of a harmful breach.
Design and Innovation
Scoop: Google to block election ads after Election Day (Axios) The tech giant is activating a policy designed to avoid confusion around sensitive events.
While Facebook works to create an oversight board, industry experts formed their own (NBC News) A group of about 25 experts announced Friday that they have formed a group to analyze and critique Facebook's content moderation decisions.
Why the right wing has a massive advantage on Facebook (POLITICO) A company executive responds to claims of bias.
Why some artificial intelligence is smart until it's dumb (The Week) Machine learning has found uses in fields as diverse as particle physics and radiology, and its influence is growing. But so is the understanding of its limits.
Legislation, Policy, and Regulation
On cyber weapons and chimeras — by Gunjan Chawla and Vagisha Srivastava (MediaNama) It is also important for the law to specify where or against whom they are permitted to wield cyber offence capabilities by law.
Putin Wants a Truce in Cyberspace — While Denying Russian Interference (New York Times) With an eye to a possible Biden presidency, the Russian leader called for a “reboot” on information security but offered no concessions.
Britain has offensive cyberwar capability, top general admits (the Guardian) Gen Sir Patrick Sanders says Boris Johnson has told him to ensure UK is major cyber power
UK develops superweapon to ‘destroy critical infrastructure’ that will terrify Putin (Express) The UK has developed a cyber superweapon with the capability of wiping out key enemy targets, a military chief has said, amid the growing threat of hackers around the world including from Russia.
‘Degrade, Disrupt & Destroy’: Top General Reveals UK’s Cyber Attack Capabilities (Sputnik) The UK government is well-known for being coy about revealing information on its cyber warfare powers. Therefore, the military official’s comments were rather...
Israel, UAE say they’re allies in cyberspace. They have plenty of tech power to draw upon. (CyberScoop) Israel and the United Arab Emirates say they are collaborating to track and block cyberthreats in a region where hacking remains rampant.
Norwegian security agency expresses concern at dependence on foreign cloud services (Telecompaper) The Norwegian National Security Agency (NSM) said in its annual online digital risks report for 2020 that it is concerned about dependency on foreign cloud services. It said increased use of the cloud brings with it new vulnerabilities that are outside businesses' own domain.
Regulators in Africa's big economies are scrambling with a spike in cryptocurrency trade (Quartz Africa) Nigeria and South Africa are stepping up plans for cryptocurrency regulation amid rapid local adoption
U.S. Sets Export Controls on China’s Top Chip Maker (Wall Street Journal) The U.S. action threatens to cut off SMIC, which is at the heart of Beijing’s efforts to compete in advanced technology, from equipment used to manufacture chips.
The Messy Feud Over Who Controls TikTok (Wired) This week, we discuss how the fight over the app might shape US tech policy and US-China relations for years to come.
Beijing Frets Over Losing Control of TikTok as It Debates App’s Fate (Wall Street Journal) Chinese officials weighing an agreement to turn TikTok into a U.S.-based company are eager to ensure that the short-video app’s Chinese owner retains control over its global operations and that TikTok’s source code remains secret.
Trump is stealing China’s playbook to deal with TikTok (NBC Palm Springs) The race to keep TikTok operating in the United States has turned into a saga of intricate dealmaking and political flattery. It’s exactly the kind of scenario that’s already par for th…
The Civil Service System Has Failed — Again (Government Executive) A new white paper reinforces the notion that the way forward is to work around the current system.
Revision of Swiss data protection act adopted (Lexology) On 25 September 2020, the two chambers of parliament reached common ground on the revision of the Federal Data Protection Act ("DPA") thereby…
Congresswoman Underwood Appointed Chair of House Cyber Panel (Meritalk) Rep. Lauren Underwood, D-Ill., became the chair today of the House Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, one of the chamber’s primary panels with jurisdiction over cybersecurity issues.
New Senior Enlisted Leader joins U.S. Cyber Command and National Security Agency (U.S. Cyber Command) Fort George G. Meade, M.D. – Army Command Sgt. Maj. Sheryl D. Lyon Assumed responsibility as the newest Command Senior Enlisted Leader of U.S. Cyber Command and the National Security Agency in a
Indiana AG Proposed Regulations Creating Corrective Action Plan Requirement and Cybersecurity Safe Harbor (The National Law Review)
A proposal by Indiana’s Attorney General Curtis Hill on Wednesday would add a significant step in the incident response process for responding to breaches of security affecting Indiana residen
Exclusive: Majority polled back a social-media blackout for election (Axios) Survey shows widespread distrust in platforms' ability to control misinformation.
Litigation, Investigation, and Law Enforcement
The PowerPoint that sparked an international row (BBC News) The top Huawei executive's closely watched extradition case returns to court on Monday.
FBI: Attempts to compromise elections could slow but will not prevent voting (ABC4 Utah) The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency say attempts by cyber actors to compromise election infrastruct…
Schiff to subpoena top DHS official, alleges whistleblower deposition is being stonewalled (TheHill) House Intelligence Chairman Adam Schiff (D-Calif.) on Friday said he is moving forward with a subpoena for a top official at the Department of Homeland Security (DHS), claiming the agency has obstructed a whistleblower from acc
Singapore's data privacy watchdog investigating customer data breach at ShopBack (The Straits Times) Local authorities are investigating a data breach at homegrown e-commerce cashback platform ShopBack, after the firm made public an incident involving unauthorised access to customers' personal data.. Read more at straitstimes.com.
The EU regulator tasked with policing Google is under pressure after dragging out its probe into a 'systematic data breach' for 2 years (Business Insider) Johnny Ryan filed a complaint about Google that he said was a "massive, systematic data breach."
TikTok Download Ban Is Blocked by Judge (Wall Street Journal) The federal judge’s move gives the Chinese-owned app a short-term victory as it scrambles to ensure its future while caught in a battle of brinkmanship between global superpowers.
Judge blocks TikTok ban in second ruling against Trump’s efforts to curb popular Chinese services (Washington Post) The ruling comes hours before TikTok was to be removed from mobile app stores
Justice Department opposes TikTok’s request for injunction in new filing (The Verge) A US ban on TikTok is set to take effect Sunday
Commerce Department Statement on U.S. District Court Ruling on TikTok Preliminary Injunction (U.S. Department of Commerce) On September 27, 2020, the United States District Court for the District of Columbia granted a nationwide preliminary injunction against the implementation of Executive Order (E.O.) 13942, limited to the Secretary of Commerce’s Identification of Prohibited Transactions with TikTok/ByteDance involving ‘any provision of services… to distribute or maintain the TikTok mobile application, constituen
Inside eBay’s Cockroach Cult: The Ghastly Story of a Stalking Scandal (New York Times) “People are basically good” was eBay’s founding principle. But in the deranged summer of 2019, prosecutors say, a campaign to terrorize a blogger crawled out of a dark place in the corporate soul.
Former Facebook manager: “We took a page from Big Tobacco’s playbook” (Ars Technica) "At worst, I fear we are pushing ourselves to the brink of a civil war," he added.
FBI’s anti-Trump efforts revealed in court filings (The Washington Times) The FBI’s most infamous epoch is coming into scandalous light in a steady flow of self-incriminating documents meant to stay secret.
NYPD Spying Case a ‘Wake-Up Call’ About Chinese Infiltration in US, Local Tibetans Say (Epoch Times) The arrest of an NYPD officer for allegedly spying on local Tibetans for Beijing should serve as ...
Baltimore ransomware attack was early attempt at data extortion, new report shows (StateScoop) A May 2019 attempt to pressure city leaders was unsuccessful, but it was a preview a change in ransomware tactics, according to new research from CrowdStrike.
Our View: Painful lesson learned from old technology (Salem News) City hall computer upgrades don’t get oversized plaques listing the names of the mayor and members of the city council, like some other municipal projects. Hardly anyone makes a big
Athens Orthopedic pays Office for Civil Rights $1.5M for HIPAA noncompliance after 2016 data hack (The Red and Black ) Athens Orthopedic Clinic will pay $1.5 million to the U.S. Department Health and Human Services' Office for Civil Rights after a 2016 data breach by hackers.