Shipper CMA deals with ransomware. UHS hospitals work through Ryuk. Microsoft resolves outages. Sophisticated but not exotic.

Cyber Attacks, Threats, and Vulnerabilities

Researchers Uncover Cyber Espionage Operation Aimed At Indian Army (The Hacker News) Researchers Uncover Cyber Espionage Operation Aimed At Indian Army

Cyber Warfare: China Is Helping Pakistani Hackers Launch Cyber Attacks on India (News18) Researchers at Seqrite have reported to the Indian government a cyber attack campaign routed by Pakistani hackers, suspected to be aided by China, with the aim of stealing critical data by targeting key personnel in India’s Defence force.

Federal agencies warn of disinformation around cyberattacks on election infrastructure (TheHill) The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Monday warned that foreign groups and other malicious actors online are spreading disinformation around po

MFA-Minded Attackers Continue to Figure Out Workarounds (Dark Reading) While MFA can improve overall security posture, it's not a silver bullet -- and hacks continue.

'Taurus' Malicious Ad Campaign Puts Data At Risk | Silicon UK Tech News (Silicon UK) Drive-by hacking tools plant Taurus data-stealing malware on vulnerable systems, as pandemic raises risk of corporate data being stolen from home computers

“Joker”—the malware that signs you up for pricey services—floods Android markets (Ars Technica) Dozens of malicious apps, some available in Play, found in the past couple months.

Recent email scams to watch out for if you’re working from home (Silicon Republic) Cybercriminals have been targeting at-home workers with email scams that look like they’re from Microsoft and Salesforce, says ESET Ireland.

Le transporteur CMA CGM torpillé par un ransomware? (Le Monde Informatique) La compagnie française d'affrètement maritime a été victime d'une cyberattaque. Selon différentes sources, le ransomware Ragnar Locker serait à la...

CMA CGM hit by cyber attack, but says it's business as usual (The Loadstar) French container shipping line CMA CGM has confirmed it is the latest victim of a cyber attack, after its website and some those of its subsidiaries went down over the weekend. However, the group’s corporate website, cmacgm-group.com, was working and carried a message on its homepage. It said: “The CMA CGM group (excluding Ceva Logistics) is currently dealing with a cyber-attack impacting peripheral servers. “As soon as the security breach was detected, external ...

Container Line CMA CGM Hit by Cyberattack (Wall Street Journal) French container shipping line CMA CGM SA said Monday it has shut down some of its technology systems as it copes with a cyberattack at two of its Asia-Pacific subsidiaries.

UHS hit with massive cyber attack as hospitals reportedly divert surgeries, ambulances (FierceHealthcare) A major hospital chain has been hit by a massive cyber attack that reportedly has taken down all of its IT systems. Computer systems at Universal Health Services, which operates 400 hospitals and behavioral health facilities, began to fail over the weekend.

Healthcare giant UHS hit by ransomware attack (TechCrunch) Sources say the Ryuk ransomware is to blame.

UHS hospitals hit by reported country-wide Ryuk ransomware attack (BleepingComputer) Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, has reportedly shut down systems at healthcare facilities around the US after a cyber-attack that hit its network during early Sunday morning.

Statement from Universal Health Services (UHS) The IT Network across Universal Health Services (UHS) facilities is currently offline, due to an IT security

Students rise up against forced remote spy app usage in colleges, universities (ZDNet) Recent clashes highlight concerns that forcing students to use remote exam monitoring software is an affront to personal privacy.

WSU statement regarding ProctorU service (WSU Insider) Members of the WSU administration address questions about security, privacy and other concerns regarding the use of ProctorU to monitor tests taken remotely by students.

With schools online, software to catch students cheating is big business (Marketplace) Some students are protesting the use of programs that track their eye and head movement while they take tests.

Exam monitoring platform creates privacy concerns (Daily Titan) Students and professors across Cal State Fullerton have met at a crossroads about the implementation of Proctorio in classes since the university transitioned to fully-online courses during the summer.

WSJ News Exclusive | Hacker Releases Information on Las Vegas-Area Students After Officials Don’t Pay Ransom (Wall Street Journal) A hacker published grades, Social Security numbers and financial information after a Las Vegas-area school district refused to pay ransom to get back control of their servers—an acute problem during the Covid-19 pandemic when education is reliant on technology.

Scouts Victoria reports data breach after employee duped by phishing campaign (The Daily Swig) Personally identifiable information accessed by third party

Swatch shuts down some technology systems after cyberattack (Reuters) Swatch Group <UHR.S> shut down some of its technology systems after detecting a cyberattack over the weekend, the world's biggest watchmaker said on Tuesday.

Flightradar24 hit by third cyber-attack in two days (BBC News) Flightradar24 says it has been hit by sustained attacks over two days, interrupting its service.

Arthur J. Gallagher targeted in ransomware attack (ReinsuranceNe.ws) International insurance brokerage firm Arthur J. Gallagher & Co has confirmed that it was the target of a ransomware attack on September 26th. The

Gamers hit with over 14 million credential stuffing attacks daily (Atlas VPN) According to data analyzed by the Atlas VPN research team, gamers are hit with 14.02 million credential stuffing attacks daily. A successful credential abuse attack steals the victim’s account and puts the owner’s credit card information as well as in-game assets at risk.

Microsoft Office 365, Azure Cloud Disrupted by Service Issues (Wall Street Journal) The company said problems included some users of its Outlook email services and Teams workplace collaboration suite that provides chat functionality and videoconferencing.

Microsoft outage was not part of 'coordinated campaign,' says cybersecurity agency (ABC News) The Cybersecurity Infrastructure Security Agency (CISA) says a widespread Microsoft email outage Monday was not part of a "broader coordinated campaign."

Office 365 outage ongoing after roll back fails (ZDNet) Microsoft continuing to look into the problem after roll back fails to solve issue.

Orlando real estate industry faces cyber threats as hacking rises (Orlando Business Journal) Jeffrey Fagan, regional vice president in Orlando for Jacksonville-based Watson Realty Corp., said his daily volume of emails and texts have increased "exponentially" during the pandemic as less communication happens face-to-face.

Vulnerability Summary for the Week of September 21, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.

Cyber Trends

Tessian | Half of Organizations Experienced Security Incidents While Working Remotely, Reveals New Data (RealWire) With the majority of companies believing the future of work will be remote or “hybrid”, Tessian reveals the security pitfalls of the new work-from-anywhere world

2020 report on healthcare mobile app security (Intertrust Technologies) This research report analyzes 100 mHealth apps using OWASP-based testing techniques to uncover healthcare app security trends.

"School From Home" Changes Residential Internet Safety and Security Dynamics (Akamai) 2020 has been a year of epic change as we all work together to minimize the adverse impact of COVID-19. There's been extensive coverage in blogs and media as businesses navigated a rapid transition to remote work for their employees and pivoted to address an entirely new set of security considerations.

68% of hackers initiate attacks to be challenged with 71% opting for websites (Finbold) The survey data acquired by Finbold.com indicates that about 68% of hackers initiate attacks with the sole purpose of being challenged.

Industry Research Reveals Major Disconnect Between Data Protection Strategies Across Container-Based and Individual Applications (BusinessWire) Zerto today announced the key findings of a co-sponsored ESG survey and eBook entitled “Data Protection Trends and Strategies for Containers.”

Cybercrime will cost global economy $11.4m per minute by 2021 (The Express Tribune) Research indicates that cyber-attacks increased at a speed of 375 per minute in 2020

Survey reveals Manx cyber security experience (Manx Radio) More than 1/4 have had their accounts 'compromised'

Marketplace

McAfee files for return to public markets (MarketWatch) McAfee Corp. is seeking a return to being a public company, according to a filing with the Securities and Exchange Commission late Monday.

Axis Security Raises $32 Million to Accelerate Growth, Meet Enterprise Demand for “Work from Anywhere” Solutions (Axis Security) Canaan Partners Leads Series B for Zero Trust Access Leader out to Replace VPNs with Simple, More Secure Approach to Remote Application Access

Ivanti Buys Two Security Firms to Bolster Remote Work Offerings (Wall Street Journal) Software company Ivanti is buying two Silicon Valley cybersecurity firms to bolster its remote work offerings for the post-pandemic world.

Utah cybersecurity company buys MobileIron, Pulse Secure (Silicon Valley Business Journal) Ivanti Software Inc. said it will pay about $872 million to acquire publicly traded MobileIron, but didn't disclose the terms of its acquisition of Juniper Networks spinoff Pulse Secure, which was acquired six years ago by a private equity firm.

Arista Networks buys well-funded AI threat detection startup Awake Security (SiliconANGLE) Arista Networks buys well-funded AI threat detection startup Awake Security

Palantir, Asana, Velodyne Lidar set to test IPO alternatives Wednesday (Silicon Valley Business Journal) The number of new stocks from the Bay Area in 2020 appears likely to surpass last year's total of 36, which was the most since the dotcom bubble.

Who Will VMware Buy to Plug SASE Security Holes? (SDxCentral) VMware has a gaping hole in its SASE stack that it's been patching with partner technologies, but could the vendor be eyeing an acquision?

Cybersecurity Is Quickly Changing in a Work-From-Home World, Writes CrowdStrike CEO (The Motley Fool) CrowdStrike needs to do more than protect endpoints if its growth story is to continue.

Underwriters Concerned Over 'Silent' Cyber-Cover (Law360) Underwriters fear that boilerplate policies are still accidentally offering cover against the threat of cybercrime and want regulators to take action, a global report on insurance against cyberattacks published on Monday has found.

SMEs more likely to purchase cyber cover since pandemic: GlobalData (ReinsuranceNe.ws) Data and analytics company GlobalData has recommended that insurers should increasingly focus on larger small and medium-sized enterprises (SMEs)

Nuspire Named to MSSP Alert's Top 250 MSSPs List for 2020 (Iosco County News Herald) MSSP Alert, published by After Nines Inc., has named Nuspire to the Top 250 MSSPs list for 2020 (http://www.msspalert.com/top250).

Not In The 2020 Gartner WAN Edge Infrastructure MQ Is Good (Aryaka) Aryaka Networks, the only fully managed WAN/SD-WAN provider in 2019 and dubbed a “visionary,” is not included in 2020 MQ. Learn why it's a good thing.

Group-IB Wins 2020 CybersecAsia Award for Its Digital Forensics Services (PR Newswire) Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has been named a winner of the 2020 CybersecAsia Awards...

Twitter appoints Rinki Sethi as new information security head (iTnews) Comes from Palo Alto Networks.

Okta Welcomes Susan St. Ledger as President, Worldwide Field Operations (AiThority) Okta, Inc., the leading independent provider of identity for the enterprise, welcomes Susan St. Ledger as president of worldwide field operations.

Products, Services, and Solutions

Cynet Uncovers Zerologon Exploits with a Free Analysis & Detection Too (PRWeb) Cynet today announced the Zerologon Analysis & Detection Tool in response to the Zerologon vulnerability, also known as CVE-2020-1472. Z

Heficed Announces Bring Your Own IP (BYOIP) Feature Rollout (Heficed) Press release from Heficed: Heficed Announces Bring Your Own IP (BYOIP) Feature Rollout.

Microsoft Rebrands Enterprise Security Solutions as 'Microsoft Defender' (Redmondmag) Microsoft took the occasion of its Ignite event last week to rebrand its enterprise security solutions for premises and cloud environments, mostly by putting 'Microsoft Defender' on their names.

Datadobi Launches Pre-Migration Assessment Service (BusinessWire) Datadobi has launched its Pre-Migration Assessment Service.

Forcepoint Dynamic User Protection Delivers Industry's First Cloud-Native User Activity And Insider Threat Monitoring Solution-As-A-Service (PR Newswire) Global cybersecurity leader Forcepoint today announced the introduction of Dynamic User Protection that redefines modern user activity...

Fingerprints - The (U)X Factor: The software bringing biometric payment cards to market (Fingerprints) With over 20 bank trials in progress and a second commercial roll-out imminent in France with BNP Paribas, contactless biometric payment cards are steadily but surely making their way to our wallets, marking what has been called the ‘biggest development in card technology in recent years’.

Munich Re's HSB expands small business cyber cover (ReinsuranceNe.ws) Munich Re subsidiary HSB has announced an expansion of its cyber insurance and loss prevention services for small and mid-size businesses. HSB Total Cyber

Thycotic Expands Scope of ISO 27001 and SOC2 Type II Security Certifications (PR Newswire) Thycotic, a provider of privileged access management (PAM) solutions for more than 10,000 organizations worldwide, including 25 of the Fortune...

Generali Global Assistance Supports Cybersecurity Awareness Month (PR Newswire) Generali Global Assistance ("GGA"), the developer of a proprietary identity and cyber protection platform, today announced its support of...

Stealthbits Continues to Modernize and Simplify Traditional PAM Functions in SbPAM Version 3.0 (BusinessWire) Stealthbits launches third generation PAM solution; lowers cost of ownership and improves ease of use for privileged access management

Ordr Announces Interoperability with VMware Virtual Cloud Network Solutions for Campus and Data Center Device Visibility Made Simple (Ordr) Comprehensive IoT visibility, accelerated NSX data center microsegmentation, and enhanced day 2 operations capabilities.

Technologies, Techniques, and Standards

Microsoft looks to expose espionage groups taking aim at NGOs, US politics (CyberScoop) Foreign espionage groups, including those bent on undermining the U.S. political process, have targeted non-government organizations and think tanks more than any other sector in a bid to gather intelligence, according to new data from Microsoft.

Securing the Future of Hybrid Working (Tessian) How to protect your people as they chose to work-from-anywhere

When Not To Accept Cookies (Avast) The vast majority of websites that we visit make use of cookies, and we're asked to accept or deny them on nearly a daily basis. But what are we really agreeing to? What is a cookie, anyway?

Academia

Purdue University Global to commemorate Cybersecurity Awareness Month with variety of activities (Purdue University) Purdue University Global will commemorate Cybersecurity Awareness Month with a variety of activities throughout October.

Legislation, Policy and Regulation

UAE-Israel Treaty Is Far Larger Step Towards Peace Than Critics Allege (The National Interest) No deal is perfect, but any improvement should not be downplayed when it makes the volatile Middle East more peaceful and win-win.

Cyberattack could trigger Article 5 response, NATO deputy secretary warns (UPI) NATO is adapting to security threats in cyberspace despite vulnerabilities exploited in the COVID-19 pandemic, Deputy Secretary Mircea Geoana said on Monday.

Deputy Secretary General at CYBERSEC: NATO is adapting to respond to cyber threats (NATO) NATO Deputy Secretary General Mircea Geoană, speaking at the online CYBERSEC public policy conference on Monday (28 September), emphasised the need to continue adapting to new threats arising from advances in technology, such as cyber threats.

Germany’s Cyber Command Learning About America’s Achilles' Heel (theTrumpet.com) The U.S. trusts Germany with strategic insight.

QinetiQ warns Western force supremacy does not extend to grey zone (Army Technology) QinetiQ group CTO Mike Sewart has warned that the ‘traditional supremacy’ of western forces ‘currently doesn’t extend to grey zone tactics’.

Singapore in world first for facial verification (BBC News) The technology is being rolled out countrywide as part of Singapore's national identity scheme.

EU cybersecurity funding initiative aims to boost threat intel, certification sectors (The Daily Swig) €10.5 million has been allocated as part of eurozone infrastructure development program

Possible China Blacklist Adds More Uncertainty for U.S. Businesses (Wall Street Journal) The division of the internet and technologies along national lines could weigh more heavily on smaller companies, which may find it difficult to compete in countries that prefer domestic competitors.

Hacking Voting Systems to Be a Federal Crime in US (Infosecurity Magazine) House unanimously approves legislation to make hacking voting systems a federal crime

The bipartisan effort to change laws about speech on the internet - Marketplace (Marketplace) Republicans and Democrats both want to have the laws changed, if for different reasons.

Keeping US space interests secure from cyber threats (Federal News Network) A presidential executive order has handed the Department of Homeland Security responsibility for cybersecurity of space assets.

Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041) (Federal Register) DoD is issuing an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification framework in order to assess contractor implementation of cybersecurity requirements and enhance the...

Defense Department Certification Body Could Itself Conduct Audits Under Interim Rule (Nextgov.com) One lawyer notes continued confusion surrounding legal liability in the case of disputed assessments.

White House approves interim CMMC rule (Washington Technology) The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Some question why White House plans to fill federal CIO, CISO roles now (Federal News Network) Multiple sources confirm President Donald Trump plans to name Basil Parker as the new federal chief information officer and Camilo Sandoval as the new federal chief information security officer.

The Cybersecurity 202: DHS is highlighting diversity as a key cybersecurity goal (Washington Post) A day-long Department of Homeland Security summit on diversity in cybersecurity this week is drawing attention to the slow pace of expanding the ranks of cybersecurity professionals beyond White men.

Litigation, Investigation, and Enforcement

U.S. Likely Exceeded Authority in TikTok Ban, Judge Says (Wall Street Journal) Banning downloads while the court fight continues would harm the video-sharing app’s business, a federal judge said, ruling that the Trump administration’s curbs likely went beyond the bounds of a national security law.

Were They Lost Students or Inept Spies for China? (Foreign Policy) Two roommates traveling in Florida found themselves caught in the teeth of espionage fears.

Cambridge Analytica database identified Black voters as ripe for ‘deterrence,’ British broadcaster says (Washington Post) Trump campaign says it did not use the information in 2016

Revealed: Trump campaign strategy to deter millions of Black Americans from voting in 2016 (Channel 4 News) 3.5 million Black Americans were profiled and categorised as ‘Deterrence’ by Trump campaign – voters they wanted to stay home on election day

Investor losses legal battle against Bithumb for 2017 data breach incident (Cointelegraph) The user claimed to have lost a massive amount of money due to Bithumb’s negligence

Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People (HHS) Premera Blue Cross (PBC) has agreed to pay $6.85 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach affecting over 10.4 million people.

Judge Asks FBI To Swear It Didn't Use Spy Tool On Reporters (Law360) A New York federal judge cast a skeptical eye on the government's vague promise that it had found no records of deploying a powerful spy tool against journalists, asking an FBI official on Monday to swear that the records do not exist.