DoppelPaymer goes after Guardians fund. E-learning data exposure. Captchas for phish. Zerologon update. Policy notes.

Cyber Attacks, Threats, and Vulnerabilities

China-Linked 'BlackTech' Hackers Start Targeting U.S. (SecurityWeek) The China-linked BlackTech cyber-spies have adopted new malicious tools in recent attacks and they have started targeting the United States

The Real Hacking Threat (Foreign Policy) It doesn’t matter if Russia actually sways the vote. What matters is whether Americans think it did.

FBI says hackers want to stoke doubt about the 2020 election (TechRepublic) In a PSA on Monday, the FBI and CISA warned about the potential for widespread disinformation campaigns in the run-up to November.

Menlo Threat Labs Uncovers a Phishing Attack Using Captchas (Menlo Security) Phishing landing pages already look exactly like the web property from which they are trying to steal credentials. But now attackers are using captchas to lure users into providing details, learn how.

Up to 2 million people affected by data breach at Indian e-learning platform (SafetyDetectives) A prominent Indian e-learning platform was discovered to be operating a completely unsecure Elasticsearch server based in the US. The vulnerability meant that m

Yokogawa WideField3 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 2.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: Main equipment Vulnerability: Buffer Copy Without Checking Size of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could terminate the program abnormally.

MB Connect line mbCONNECT24, mymbCONNECT24 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MB connect line Equipment: mymbCONNECT24, mbCONNECT24 Vulnerabilities: SQL Injection, Cross-site Request Forgery, Command Injection 2.

B&R Automation SiteManager and GateManager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: SiteManager and GateManager Vulnerabilities: Path Traversal, Uncontrolled Resource Consumption, Information Exposure, Improper Authentication, Information Disclosure 2.

PSA: No, iOS 14 widgets can’t secretly steal private info with your keyboard (9to5Mac) A conspiracy theory being spread on Facebook and other social media platforms this week claims that iOS 14 widgets are actually serving as key loggers, tracking everything you type on your iPhone. This is unequivocally not true, and there are technical limitations and protections in place that prevent widgets from accessing your data. The viral […]

Hackers hit South African government fund for children and missing people (Reuters) Hackers attacked a South Africa's justice department fund last week, the department said on Wednesday, but said it did not receive any ransom demands.

Ransomware: from Entry to Ransom in Under 45 Minutes (Infosecurity Magazine) Microsoft claims actors are stepping up efforts to capitalize on COVID-19

Inova Health hit by third-party data breach, letters sent to patients possibly impacted (WJLA) Inova Health Systems mailed letters to patients informing them of a data security breach that may have caused their personal information to be compromised. The data breach involves Blackbaud, a third-party service provider used for fundraising and alumni or donor efforts at non-profits and universities worldwide. Blackbaud was the target of a ransomware attack that took place between February and May of this year.

Health-care provider Medisys reports data breach affecting 60,000 clients (Global News) The breach affected about five per cent of its clients, Medisys said.

As tech reaches end of life, hackers are watching (SC Media) A recent rash of cyberattacks against web commerce sites relying on Adobe's Magento 1 platform underscores the criticality of having a strategy in place for securing technology no longer supported by the vendor.

Why Web Browser Padlocks Shouldn't Be Trusted (Threatpost) Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.

People of Praise hacked before Amy Coney Barrett nomination (Catholic News Agency) Days before Judge Amy Coney Barrett was nominated to the Supreme Court, the website of the People of Praise was hacked. The hack breached the membership database of the charismatic community, in which Barrett and her family are reportedly members.

Ohio medical center offline following another security incident in the medical sector (CyberScoop) A cybersecurity incident has forced the computer systems of an Ohio medical center offline for multiple days and prompted the clinic to postpone elective procedures for patients.

Cleveland-area hospital goes offline after apparent cyberattack (NBC News) Hospitals have become particularly sensitive to ransomware attacks, which can cause interruptions or delays to potentially lifesaving care.

3 Phoenix hospitals working to recover after cyber attack (AZFamily) Doctors and nurses at Universal Health Services hospitals across the country are using "back-up processes" to continue caring for patients while the company works to recover from a cyber attack.

Information Regarding Tyler Technologies Security Incident (EIN) Last week Tyler Technologies experienced an IT cybersecurity breach on their internal network.

The Dark Market Report: The New Economy (Armor) Armor’s security research team, the Threat Resistance Unit (TRU) has spent the past three years, diving into the underground hacker markets and forums, studying the products and services that cybercriminals are buying and selling. For Armor’s 2020 Dark Market report: The New Economy, the TRU team investigated from October 2019 to June 30, 2020, 15 markets and a variety of underground hacker forums, news sites, and open repositories to understand the state of this underground economy.

Security Patches, Mitigations, and Software Updates

Microsoft clarifies patch confusion for Windows Zerologon flaw (BleepingComputer) Microsoft clarified the steps customers should take to make sure that their devices are protected against ongoing attacks using Windows Server Zerologon (CVE-2020-1472) exploits.

How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (Microsoft) Applies to: Windows Server 2019, all editionsWindows Server 2016Windows Server, version 1909, all editions

The Risks and Consequences of Lax Patch Management (TechNewsWorld) Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.

Cyber Trends

NIST Celebrates October as Cybersecurity Awareness Month (NIST) NIST is once again proud to be celebrating

ForgeRock Study Shows 45% of Consumers Plan to Increase Online Services Use Post-Pandemic (BusinessWire) ForgeRock®, the leading provider in digital identity, today announced the release of a global report: “The New Normal – Living Life Online.”

State of the Software Supply Chain 2020 Report (Sonatype) 2020 State of the Software Supply Chain Report. In this world, speed is critical, open source is everywhere, and security concerns are sometimes relegated to the back seat — which is why we’ve once again examined the state of the open source software supply chain.

Digital Trust & Safety Index: Account Takeover Fraud and the Growing Burden on Business (Sift Resources) Read our Q3 Digital Trust & Safety Index to explore new consumer insights, YoY discoveries in account takeover fraud, and ATO's impact on customer loyalty.

Parks Associates: Roughly 5.5 Million Households Experience Identity Theft Annually (PR Newswire) New consumer research from Parks Associates finds 5% of US broadband households annually experience identity theft, which equates to 5.5...

Marketplace

Axis Security raises $32M to help companies stay secure while working from home (TechCrunch) Axis Security launched last year with the idea of helping customers enable contractors and third parties to remotely access a company’s systems in a safe way, but when the pandemic hit, they saw another use case, one which had been on their road map: helping keep systems secure when employees…

Tetra Tech Buys IT Services Firm BlueWater Federal Solutions; Dan Batrack Quoted (GovCon Wire) Tetra Tech (Nasdaq: TTEK) has acquired BlueWater Federal Solutions, a Chantilly, Virginia-based info

LogPoint, the Modern SIEM and UEBA Company, Raises $30m in Series B Round Led by Digital+ Partners (LogPoint) New investment will fuel LogPoint’s global growth and leadership in providing effective solutions that defend organizations from Cyberattacks.

Silicon Valley surveillance company Palantir to go public Wednesday on New York Stock Exchange (Washington Post) The secretive big data and surveillance company, founded by billionaire technology investor Peter Thiel, will trade on the public markets for the first time Wednesday.

Palantir’s Secretive Business Is Priced For Perfection (Forbes) To help investors find more solid valuation footing, I present my reverse discounted cash flow model analysis of the future cash flow expectation’s baked into the stock.

McAfee to go public after boosting revenue to $1.4B in first half of 2020 (SiliconANGLE) McAfee to go public after boosting revenue to $1.4B in first half of 2020 - SiliconANGLE

Northrop Grumman to Build Data System for Defense Intelligence Agency (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has been awarded a task order contract by the U.S. General Services Administration’s (GSA) Federal Systems Integration and Management Center (FEDSIM) and the Defense Intelligence...

Huawei ready to reveal inner workings to show no security threat (Reuters) China's Huawei is ready to be thoroughly examined to show that its technology does not pose any risk to the countries that will include its equipment in the creation of 5G networks, the head of its Italian unit said on Wednesday.

Nokia clinches 5G deal with BT to phase out Huawei's kit in EE network (BBC News) The Finnish firm will become the largest provider of base stations and antennas to EE's network.

CrowdStrike: More Like A Home Run (Seeking Alpha) CrowdStrike is a pack-leading, founder-led disruptor poised for continued hypergrowth. I believe that they will provide substantial, market-beating returns into the foreseeable future.

BlackBerry's $1.4 Billion Cylance Acquisition Will Continue to Cause Problems (The Motley Fool) The company's endpoint security business delivered underwhelming results again, and competition is intensifying.

ZeroNorth Joins Massachusetts Technology Council’s Tech Compact for Social Justice (ZeroNorth) ZeroNorth Ramps Up Commitment to Diversity and Inclusion Boston, MA – September 30, 2020 – ZeroNorth, the only company to unite security, DevOps and the business through application security automation and orchestration, announced today that is has joined The Massachusetts Technology Leadership Council (MassTLC) Tech Compact for Social Justice as part of its ongoing commitment …

VMware CEO Pat Gelsinger’s five biggest statements at VMworld 2020 (CRN Australia) Five bullish remarks from Pat Gelsinger at virtual conference.

VMware's Gelsinger: 'We are now a billion dollar security business' (CRN) CEO unveils new Carbon Black offering and touches upon AI opportunities of new Nvidia partnership at virtual VMworld event

Venafi Named as a Sample Vendor in the Gartner Hype Cycle for Identity and Access Management Technologies, 2020 (Venafi) Venafi Named as a Sample Vendor in the Gartner Hype Cycle for Identity and Access Management Technologies, 2020

Beyond Identity Taps Adam Clay as Chief Revenue Officer (Beyond Identity) Technology Industry Veteran to Drive All Revenue-Generating Operations at Rapidly Growing Passwordless Identity Management Pioneer

Verisk Elects General Vincent Brooks to Board of Directors (GlobeNewswire) Verisk (Nasdaq:VRSK), a leading data analytics provider, announces the addition of Gen. Vincent Brooks to its board of directors, effective October 1. Brooks served in the U.S. Army for 42 years from his entry into West Point until his 2019 retirement as a four-star general.

Gartner Analyst Gorka Sadowski Joins Exabeam as Chief Strategy Officer (BusinessWire) Exabeam today announced the appointment of industry veteran and former Gartner analyst Gorka Sadowski to chief strategy officer.

Products, Services, and Solutions

Druva Achieves VMware Ready Certification for VMware Cloud on AWS and VMware Cloud on Dell EMC (BusinessWire) Druva Inc., the leader in Cloud Data Protection and Management, today announced it has been certified as VMware Ready for VMware Cloud. This new certi

NatWest Protects Customers with Malwarebytes Premium (Malwarebytes Press Center) Malwarebytes today announced that it was selected by NatWest Group to deliver premium cybersecurity security solutions to the bank’s consumer and business banking customers worldwide.

October Virtual Cyber Carnival Promotes Cybersecurity Awareness Through a Variety of Cyber Games (PR Newswire) Katzcy, a woman-owned small business dedicated to growth hacking and cyber as a sport, today announced the inaugural month-long, virtual Cyber...

Cyber Carnival Games 2020 (Katzcy) To celebrate Cyber Security Awareness Month (CSAM) and the critical role of Cyber Gaming in building a strong workforce, Katzcy Cyber Games has assembled a virtual festival filled with games of skill and chance, scheduled thrilling performances, and lined up activities and drawings that bring home the sights, smells, and tastes of the carnival.

Jumio Acquires Beam Solutions’ AML Platform to Deliver the First End-to-End Identity Verification and Compliance Solution (Jumio) Jumio to integrate Beam’s AML screening and transaction monitoring services into its KYX Platform to detect financial crime and streamline regulatory compliance

Spirent Solution Simplifies Testing for Public and Hybrid Clouds (Spirent) TestCenter Virtual delivers new network functions and emulation capabilities via AWS Marketplace

VMware using Carbon Black to secure the distributed workforce (ZDNet) Announced advance security for the public and private clouds, security operations, and distributed workforces.

Natwest and Malwarebytes team up to provide free virus protection (BleepingComputer) Customers of National Westminster (NatWest) Bank are now eligible to receive a free copy of Malwarebytes Premium subscription for up to 10 devices.

Thycotic Expands Scope of ISO 27001 and SOC2 Type II Security Certifications (Thycotic) Leader in Privileged Access Management (PAM) solutions recognized for functionality, integrity, and transparency

Forcepoint Girds SASE for Internal Threats (SDxCentral) Forcepoint announced user activity monitoring and risk-based data loss prevention capabilities are coming to its SASE platfom.

Redscan Services on G-Cloud 12, Helping Secure Public Sector Against Cyber Attacks (AiThority) Redscan, announced the availability of its services on G-Cloud 12 – the latest iteration of the UK Government's cloud procurement platform.

odix joins the Microsoft Intelligent Security Association (MISA) program extending FileWall security logs to Microsoft Azure Sentinel (Yahoo) odix, the Israel based cyber security leader in Enterprise CDR (Content Disarm and Reconstruction) technology, has officially  joined the Microsoft Intelligent Security Association (MISA) program.

Cybersecurity Provider Plurilock Secures Contract with US Financial Services Company (Yahoo) After extensive testing, client expects to see significant positive ROI from deployment of Plurilock solution Victoria, British Columbia--(Newsfile Corp. - September 29, 2020) - Plurilock Security Inc. (TSXV: PLUR) ("Plurilock" or the "Company"), a leading provider of invisible and

Zscaler Extends Strategic Partnership with VMware to Accelerate Secure Digital Transformation (Zscaler) Zscaler, Inc., the leader in cloud security, today announced an expanded strategic partnership with VMware

Cygilant Advances Endpoint Security Solution for Quicker Threat Detection and Automated Response (Yahoo News) Cygilant, provider of Cybersecurity-as-a-Service to mid-sized organizations, today announced key innovative enhancements to its Endpoint Security Solution. The next generation of Cygilant Endpoint Security, Version 2.0, adds an active response feature that automates threat detection and response on suspicious

Facebook introduces Accounts Center, a tool for managing a growing number of cross-app settings (TechCrunch) Despite being under antitrust investigations in the U.S. and E.U., Facebook today is rolling out a new feature that highlights the extent to which its suite of apps now interoperate. The company this morning introduced a consumer-facing tool called “Accounts Center,” which is found in t…

TikTok launches a US elections guide in its app – TechCrunch (TechCrunch) Though TikTok is in the middle of fighting off the Trump administration’s attempt to ban its app in the U.S. over data privacy concerns, the company today is launching a new feature focused on the 2020 U.S. elections. TikTok announced this morning it’s introducing an in-app guide to the…

Technologies, Techniques, and Standards

FireEye Proposes Converged Enterprise and ICS ATT&CK Matrix (SecurityWeek) FireEye and MITRE are developing a new visualization able to combine the Enterprise ATT&CK and ICS ATT&CK threat knowledgebases into a single holistic view combining both IT and OT attack behaviors.

Want to Improve Bulk Electric System Cybersecurity? Focus on Specific NIST Controls (Forescout) In late June 2020, the Federal Energy Regulatory Commission (FERC) released a Notice of Inquiry1 (NOI) in which they asked detailed questions about the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the risk and impact of a coordinated cyberattack on the bulk electric system (BES). A recurring question throughout the NOI was […]

A Data Protection Checklist For Education Vendors Navigating The “New Normal” Of Remote Learning (JD Supra) With the start of a new school year in the midst of a pandemic, many schools have opted to remain fully online or opted to have a hybrid learning...

Mitigating diffused security risks in Australia’s north: a case for digital inclusion (The Strategist) Australians’ daily reliance on digital communications infrastructure—from smartphones and social media platforms to the National Broadband Network—is changing the nature of national security risks. Just like our networked communication patterns, contemporary security risks are becoming ...

The three strategies for ransomware resiliency (CRN Australia) The current environment has been a breeding ground for scams and ransomware attackers.

DevSecOps Insights 2020 (WhiteSource) We surveyed over 560 application security professionals and software developers to find out how organizations are adopting DevSecOps tools and practices.

Tech Matters: Cybersecurity tips for small businesses while Congress considers new bill (Standard-Examiner) The COVID crisis has brought increased risks to small businesses. In addition to supply chain delays and, for those that depend on in-person customers, a reduction in foot traffic, small

Exploiting MFA Inconsistencies on Microsoft Services (Black Hills Information Security) Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. Across Microsoft 365 and Azure, there are multiple endpoints. These endpoints can all be configured under different Conditional Access policy settings, which sometimes lead to […]

Design and Innovation

Cloudflare's privacy crusade continues with a challenge to one of Google's big data sources (Fortune) Cloudflare Web Analytics is a free-to-use rival to Google's market-leading Google Analytics toolkit.

Can Scooby-Doo Solve The Mystery Of Cybersecurity Risk? (Forbes) Animation may be the solution to one of most difficult problems in cybersecurity.

Amazon will now let you pay with your palm in its stores (Vox) And, it hopes, at other retailers’ stores in the future.

Academia

ASU Department of Computer Science receives nearly $300,000 grant from NSA for cybersecurity program (ConchoValleyHomepage.com) Angelo State University has been awarded nearly $300,000 in grant money from the National Security Agency (NSA), according to a statement issued by the school on Tuesday morning, S…

Legislation, Policy and Regulation

Government's cyber pledge has largely failed to increase awareness (CRN Australia) Partners say many customers still have their heads in the sand.

Grey Zone Attacks: Ten Technologies Needed on the Digital Battlefield (Computer Business Review) As warfare increasingly switches to the digital battlefield, ten emerging technologies could help Western security forces repel so-called grey zone attacks.

Army Cyber Command is ‘evolving’ beyond cyber-operations (FedScoop) Army Cyber Command is expanding its mission to include more than just traditional cyber-operations, its commanding officer said Tuesday.

Out: ‘information warfare.’ In: ‘information advantage’ (C4ISRNET) Army Cyber Command is moving away from “information warfare” as a concept, opting instead for “information advantage," which leaders hope will create what they describe as “decision dominance.”

TikTok was just the beginning: Trump administration is stepping up scrutiny of past Chinese tech investments (Washington Post) The Committee on Foreign Investment in the United States has contacted dozens of U.S. companies to screen shareholders for national-security risks.

Congress Wants a 'Manhattan Project' for Military Artificial Intelligence (Military.com) A bipartisan congressional report calls for the DoD to get more serious about the race to acquire artificial intelligence.

Federal Internet of Things Security Rules Could Provide Blueprint for Private Sector (Wall Street Journal) The private sector wants to avoid state-by-state rules on Internet of Things security, and is backing a bill designed to regulate federal government use of internet-connected technologies.

Worried About Chinese Backdoors, Lord Pushes For New Tech Strategy (Breaking Defense) Ellen Lord said DoD is working to develop a "microelectronics strategy," to bring manufacturing and testing to the US

Defense Experts Throw Warning Flags As Congress Mulls Tighter Buy-American Rules (Defense One) The House NDAA would require major defense programs to be all-American by 2026.

Contractors Seek Clarity On DOD Cybersecurity Rule (Law360) Defense contractors are grappling with a new rule requiring them to implement cybersecurity programs that leaves crucial questions unanswered, including the exact information companies will be required to safeguard and how the new obligations will be worked into contracts.

House Democrats to Call for Big Tech Breakups (Wall Street Journal) The lawmakers are expected to call on Congress to blunt the power of technology companies, possibly through forced separation of online platforms.

Tamil Nadu's new cybersecurity infrastructure plan will help protect public data (The New Indian Express) The Cyber Security Architecture of Tamil Nadu (CSA-TN) is being executed by ELCOT in association with the Centre for Development of Advanced Computing (C-DAC), Chennai

Litigation, Investigation, and Enforcement

Senate Republicans accelerate public scrutiny of Trump-Russia investigation as election looms (Washington Post) Senate Republicans’ election-season gambit to scrutinize the 2016 investigation of President Trump’s campaign resumes Wednesday with public testimony from former FBI director James B. Comey, and as one of the president’s chief allies on Capitol Hill warns that a “day of reckoning” is coming.

Trump's intel chief declassifies unverified Russian intelligence about Clinton campaign (CNN) The top US intelligence official released information Tuesday about unverified Russian intelligence about Hillary Clinton that will likely fuel President Donald Trump's attacks on the Russia investigation and Clinton's 2016 campaign.

LinkedIn hacker Yevgeniy Nikulin sentenced to prison after long legal battle (CyberScoop) One of the most-watched cybercrime cases in recent memory has come to a close.

Snowden Ordered To Pay $5M For Revealing Classified Info (Law360) A Virginia federal court on Tuesday ordered former U.S. intelligence contractor Edward Snowden to hand over more than $5 million that he allegedly earned from book sales and speaking engagements in which he revealed classified information without permission.

Judge Dismisses New Mexico Lawsuit Against Google Over Children’s Data Privacy (Wall Street Journal) A federal court dismissed a New Mexico lawsuit alleging that Google knowingly spied on students and their families through its suite of cloud-based products for schools.