Cyber Attacks, Threats, and Vulnerabilities
‘Pak-based hackers targeting Indian defence units, officials’ (The Sunday Guardian Live) ‘The cyberattacks are meant to gather intelligence against India’. New Delhi: A Pakistan-backed hacker group is reportedly behind cyberattacks that have been targeting officials of the Indian defence forces. The attacks are being carried out in a coordinated attempt to steal critical infrastructure and
Before targeting Belarus, Eastern Europe-focused hackers flew under the radar (CyberScoop) A mysterious cyber-espionage group, active for nearly a decade but documented in detail by private researchers for the first time Friday, has been hacking into government organizations in Eastern Europe in search of secrets.
Cyber Pirates Hit Global Shipping Industry Nearing Peak Season (Bloomberg) Two key players in the global shipping industry are trying to restore computer networks and assess the damage from separate cyber attacks this week that are adding short-term complications to supply chains already straining ahead of peak season for consumer demand.
International Maritime Organisation hit by cyber attack (The National) Cyber attack on shipping industry raises concern about disruptions to supply chains
CMA-CGM Struggles To Restore Systems After Cyber Attack (gCaptain) As CMA CGM’s IT engineers continue, for the fifth day, to try to restore its systems following a cyber-attack at the weekend, the French carrier has come under moun…
A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware (Wired) The tool attacks a device’s UEFI firmware—which makes it especially hard to detect and destroy.
New pastebin-like service used in multiple malware campaigns (Official Juniper Networks Blogs) Juniper Threat Labs identified several malware campaigns that rely on a pastebin-like service for its infection chain. The domain in question is paste.nrecom.net. The attacks usually start as a phishing email and, when a user is tricked into executing the malware, it downloads the succeeding stage of the malware from paste.nrecom.net and loads it into the memory without writing to disk.
FBI & CISA Warn of “Foreign-Backed Online Journals” Spreading Election Disinformation (Lawfare) The FBI and CISA issued another public service announcement on Thursday, warning of the potential threat posed by foreign actors spreading disinformation about the 2020 U.S. presidential elections.
The Covid Information War Is Entering a Frightening New Phase (Wired) Communication from the White House about Donald Trump’s infection will be opaque at best. Into that vacuum, misinformation will flow.
Attacks Aimed at Disrupting the Trickbot Botnet (KrebsOnSecurity) Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.
Avast Proves IoT Firmware Can Be Hacked (Avast) In an experiment to prove that IoT firmware is vulnerable to being hacked, Avast researchers launched a ransomware attack on a smart coffee maker, successfully hijacking the entire device.
Egregor Ransomware Adds to Data Leak Trend (BankInfo Security) Security researchers with Appgate are warning about a recently uncovered ransomware variant called Egregor that appears to have infected about a dozen organizations
Appgate Labs Analyzes New Family of Ransomware— “Egregor” (Appgate) Appgate provides secure access to your network and for your consumers using leading Zero Trust network security and fraud protection solutions
Scanning for SOHO Routers (SANS Internet Storm Center) In the past 30 days lots of scanning activity looking for small office and home office (SOHO) routers targeting Netgear.
Online avatar service Gravatar allows mass collection of user info (BleepingComputer) A user enumeration technique discovered by security researcher Carlo Di Dato demonstrates how Gravatar can be abused for mass data collection of its profiles by web crawlers and bots.
HP Device Manager backdoor lets attackers take over Windows systems (Bloomberg) HP released a security advisory detailing three critical and high severity vulnerabilities in the HP Device Manager that could lead to system takeover.
A security flaw in Grindr let anyone easily hijack user accounts (TechCrunch) Secret tokens used to reset account passwords were leaking to the browser.
Clinical Trials Hit by Ransomware Attack on Health Tech Firm (New York Times) No patients were affected, but the incident was another reminder of the risks in the increasingly common assaults on computer networks.
New Jersey hospital paid ransomware gang $670K to prevent data leak (BleepingComputer) University Hospital New Jersey in Newark, New Jersey, paid a $670,000 ransomware demand this month to prevent the publishing of 240 GB of stolen data, including patient info.
4 Sophisticated Phishing Campaigns Impacting the Healthcare Sector (HealthITSecurity) Phishing dominates the threat landscape, deploying RAT malware, ransomware, and other nefarious cyberattacks. As healthcare is a prime target, understanding these sophisticated schemes is crucial.
Hackers steal job bank data of millions (Taipei Times) Chinese hackers are suspected of invading the network of a Taiwanese online job bank before the Mid-Autumn Festival holiday last week and stealing the personal information of more than 5.92 million job applicants, a preliminary investigation by national security officials showed.
PUBG Mobile hit by waves of DDoS attacks, players complain of sudden disconnection (Moneycontrol) PUBG Mobile said that it aims to "bring back normal gaming experience to our players as soon as possible.
Persistent cyberattacks against the video gaming sector (The Manila Times) In its latest report, titled “State of the Internet/ Gaming: You Can’t Solo Security,” Akamai, a global cybersecurity and cloud service company, said high volumes of attacks targeted video game companies and players between 2018 and 2020. The report also notes an uptick in attack traffic correlated with the coronavirus-induced lockdowns. In the new report, […]
Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy (Threatpost) Phishing emails tell recipients that their voter's registration applications are incomplete – but instead steal their social security numbers, license data and more.
An email scam is targeting Black Lives Matter supporters—here’s what you need to know (Yahoo Sports) Emails with the subject line ‘Vote anonymous about ‘Black Lives Matter’’ have been sending a Trojan-style malware program. Here's how to protect yourself.
Malicious Actors Crash U.S. Election: Spoofed Emails Attempt to Gather U.S. Voter Registration Data (KnowBe4) Malicious Actors Crash U.S. Election: Spoofed Emails Attempt to Gather U.S. Voter Registration Data
Serious Security: Phishing without links – when phishers bring along their own web pages (Naked Security) How do you “check the URL before you click” if the web page you’re visiting is already on your own computer?
Hacker Uploads Own Fingerprints To Crime Scene In Dumbest Cyber Attack Ever (Forbes) I've been around cybersecurity for 30 years, but this has to be one of the dumbest cyber attacks ever
Ontario nursing regulator says it has made 'significant progress' after cyber attack (CBC) The College of Nurses of Ontario says it has made 'significant progress' restoring its systems and data after hackers crippled its website, but it would not reveal whether the personal data of 195,000 nurses was compromised in the attack.
3 Types of Phishing Scams to Share With Your Remote Employees (INKY) Many of the organizations that began working remotely because of COVID-19 are going to continue doing so for the foreseeable future. This makes you a tempting target for phishing schemes. Learn what to look for and how to maintain email security.
Security Patches, Mitigations, and Software Updates
Tripwire Patch Priority Index for September 2020 (The State of Security) Tripwire's September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions.
Cyber Trends
The politics of internet security: Private industry and the future of the web (Atlantic Council) The private sector plays a crucial role in defining the changing shape of the Internet, especially its security. This report examines two protocols as examples of private sector influence over presently vulnerable systems key to the Internet’s function: the Border Gateway Protocol (BGP), used to route Internet traffic, and the Domain Name System (DNS), used to address Internet traffic.
FBI: 41% of Financial Sector Cyber Attacks Come from Credential Stuffing (Bitdefender Business Insights) Credential stuffing attacks account for the greatest volume of security incidents in the financial sector according to a report from the FBI
Europe's card fraud value hits 1.55 billion euros, the UK accounts for 45% (BuyShares.co.uk) Data presented by Buy Shares indicates that Europe’s card fraud value has hit Є1.55 billion with the United Kingdom accounting for almost half at 45.36%.
Marketplace
Rockwell Automation acquires Oylo to expand offering of cybersecurity services and solutions (Help Net Security) Rockwell Automation announced that it has acquired Oylo, a privately-held industrial cybersecurity services provider.
RealCISO.io launches and emerges from stealth (PR Newswire) Today, RealCISO Inc, a cloud based cybersecurity assessment and marketplace, announced their launch of RealCISO.io. This product is an easy to...
A Millionaire Hacker’s Lessons for Corporate America (Wall Street Journal) Santiago Lopez, a 21-year-old ethical hacker who shows corporations their cybersecurity fails, expects to keep going for years to come.
Google and Palantir Are Two Sides of the Same Coin (Medium) Both companies leverage vast amounts of data for unprecedented surveillance
Leidos to Lay Off 60 at Indy Facility (Inside Indiana Business) Virginia-based Leidos will permanently lay off 61 employees at its facility in Indianapolis. The company says the entire facility will not be closed, but layoffs will begin November 30.
7 Cybersecurity Stocks to Buy for the 5G Wave (InvestorPlace) These seven cybersecurity stocks to buy will profit in big ways from the massive rollout in 5G wireless networks that is underway now.
VMware Looks to Meld IT and Security Operations (DevOps.com) VMware has acquired SaltStack as part of an effort to unify IT and security operations management. The announcement was made during the online VMworld
CISA Quality Services Management Office Vulnerability Disclosure Platform Contract Awarded (CISA) The Cybersecurity and Infrastructure Security Agency (CISA), with the General Services Administration (GSA), awarded a contract to Endyna, Inc. of McLean, Va., on Sept. 25, to provide the Vulnerability Disclosure Platform and associated services to help protect Federal civilian Executive Branch networks.
KnowBe4 Wins Education and Training Provider of the Year Award From Network Computing (Benzinga) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced...
Keeper Launches Major Cybersecurity Awareness & Education Campaign for National Cybersecurity Awareness Month (PR Newswire) Keeper Security, provider of the highly-rated cybersecurity platform for preventing password related data breaches and cyberthreats, is...
Facebook moderators at Accenture are being forced back to the office, and many are scared for their safety (The Verge) Contractors are concerned for their health as coronavirus cases spike in Texas.
Facebook Says Government Breakup of Instagram, WhatsApp Would Be ‘Complete Nonstarter’ (Wall Street Journal) A government effort to break up Facebook Inc. from Instagram and WhatsApp would defy established law, cost billions of dollars and harm consumers, according to a paper company lawyers have prepared.
Facebook rebuts 'The Social Dilemma,' a popular Netflix documentary (CNBC) Facebook argues that the documentary-drama that quickly gained popularity for its critical look of tech platforms "buries the substance in sensationalism."
India's Airtel puts $13M in Security Intelligence Center (Light Reading) Bharti Airtel launched the Security Intelligence Center with an investment of INR1000 million, and Airtel Secure, cybersecurity for enterprise customers.
Dashlane's Joy Howard Named One Of Forbes' World's Most Influential CMOs (PR Newswire) Forbes, with research partners Sprinklr and LinkedIn, today announced their annual list of The World's Most Influential CMOs. Joy Howard, Chief...
Products, Services, and Solutions
New ransomware vaccine kills programs wiping Windows shadow volumes (BleepingComputer) A new ransomware vaccine program has been created that terminates processes that try to delete volume shadow copies using Microsoft's vssadmin.exe program,
Cellebrite Announces The Launch Of The Digital Intelligence Readiness Navigator (Officer) Online Tool Empowers Law Enforcement & Intelligence Agencies to Gauge Their Ability to Effectively Manage Digital Investigations
Synaxon UK forms new partnership with Layer 8 (PCR) Synaxon UK has formed a new partnership with Layer 8, the specialist practitioner in security behavi
AnonyFlow Announces a Cloud Service for Protecting Personal Identifiable Information from Data Breaches (PR Newswire) In the modern-day, all a company's most vital information is stored digitally. No longer is keeping it safe as simple as locking a filing...
APIsec Introduces First, 100% Automated, Certified Pen-Test Report for APIs (PR Newswire) APIsec, Inc. introduced today an update to its API security platform allowing enterprise security and compliance groups to obtain certified,...
Columbia Heights, MN, Selects Nyotron PARANOID to Secure Endpoints (PR Newswire) Nyotron, the only company to offer a true zero-trust security platform, for endpoints and servers, that blocks attacks in real-time without any...
Technologies, Techniques, and Standards
Internet Engineering Task Force Proposes Standard for Network Time Security (SecurityWeek) The Internet Engineering Task Force (IETF) has published RFC8915, its proposed standard for network time security (NTS).
National Security Agency launches the Center for Cybersecurity Standards (National Security Agency Central Security Service) The National Security Agency announces the official launch of the Center for Cybersecurity Standards (CCSS) in the Cybersecurity Directorate. This office will lead NSA’s Cybersecurity mission to
Why Your Phone Is The Center Of Zero Trust Security (Forbes) Ivanti needs to capitalize on these two acquisitions and close the widening Zero Trust Security gap evident across unsecured phones and mobile devices today.
States are finally starting to use the Covid-tracking tech Apple and Google built — here's why (CNBC) The Apple-Google system for sending Covid-19 alerts is gaining momentum in the United States, six months after it was first announced.
Uncle Sam Is Looking for Recruits—Over Twitch (Wired) The US military needs tech-savvy youth. It's hoping its streaming channels will help fill out its roster.
Design and Innovation
Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy (Threatpost) Phishing emails tell recipients that their voter's registration applications are incomplete – but instead steal their social security numbers, license data and more.
Twitter is building ‘Birdwatch,’ a system to fight misinformation by adding more context to tweets (TechCrunch) Twitter is developing a new product called “Birdwatch,” which the company confirms is an attempt at addressing misinformation across its platform by providing more context for tweets, in the form of notes. Tweets can be added to “Birdwatch” — meaning flagged for modera…
Twitter is working on a fix for its automated image cropping (Engadget) Twitter says it will change its automated image cropping feature after users complained that it was biased.
Twitter Says You Cannot Tweet That You Hope Trump Dies From COVID (Vice) "Content that wishes, hopes or expresses a desire for death, serious bodily harm, or fatal disease against an individual is against our rules."
Legislation, Policy, and Regulation
A guide to the General Data Protection Regulation (Pinsent Masons) The entry into force of the General Data Protection Regulation (GDPR) on 25 May 2018 brought about the biggest overhaul of EU data protection law in more than 20 years and represented an attempt by EU policy makers to ensure the law on the collection, use, sharing and protection of personal data was fit for the digital age.
Spy panic: Thinktank calls for BAN on British spies joining hostile foreign governments (Express) A leading thinktank has called on former British spies from being banned from getting jobs with hostile foreign governments.
Cyprus getting to grips with Cybersecurity (Financial Mirror) The Digital Security Authority (DSA) is bolstering efforts to enhance cybersecurity in Cyprus by addressing risks to essential services while creating a safer environment for investors and businesses. Recent comments by high ranking state officials have put the spotlight on cybersecurity gaps in crucial state services such as ministries, ports, water, and electricity distribution networks.
Opinion | A Huawei Turning Point (Wall Street Journal) Germany could soon effectively ban the firm from its 5G network.
Greece joins 'anti-Huawei camp' as US seals stronger ties (Nikkei Asia) Nation turns sharply from pro-China policy amid Turkish standoff in Mediterranean
Former lawmaker warns: Cell towers can be ‘bridges’ for espionage (The Manila Times) Former Bayan Muna party-list representative Neri Colmenares has warned against the putting up of cell towers within camps of the Armed Forces of the Philippines (AFP) by the Dito Telecommunity, saying it might become a bridge for China’s espionage mission in the country. Colmenares, chairman of the support advocacy group Citizens for Philippine Sovereignty, said […]
Expert On GCHQ Discovered 'Nationally Significant' Vulnerability In Huawei Equipment (Information Security Buzz) A “nationally significant” vulnerability were discovered in Huawei equipment used in the UK’s telecommunications networks. Vulnerabilities are usually software design failures which could allow hostile actors (in particular the Chinese state when it comes to Huawei) to conduct a cyber attack. They are not necessarily intentional and can’t be seen as an indication of any hostile intent …
Trump Attack On Huawei Imperils US Chipmakers (Forbes) Slowly but surely politicians in Washington and Beijing are splitting the internet in half, and that is bad news for innovation and technology investors.
House Version of EARN IT Act Introduced (Decipher) The EARN IT Act has now made its was into the House of Representatives, with a key change from the Senate version’s stance on encryption.
Senate panel secures top tech CEO testimony for Oct. 28 (POLITICO) The heads of Facebook, Google and Twitter will testify virtually less than a week before the election.
()
Cyber safety awareness campaign launched in Assam (ETTelecom.com) The 'CyberSafety' campaign will be jointly conducted by the Assam Police and cyber-security think tank Cyber Peace Foundation (CPF), Additional Direct..
Secretary Pate launches new measures to bolster Iowa election security (KTVO) Iowa Secretary of State Paul Pate announced Thursday a new cybersecurity initiative to ensure the protection of Iowa's election infrastructure.
California Governor Newsom Signs into Law Extension to CCPA Employee Personal Information Exemption, Vetoes Another Privacy Bill (Lexology) On September 29th, California Governor Gavin Newsom signed into law AB 1281, an amendment to the California Consumer Privacy Act (“CCPA”) that would…
Litigation, Investigation, and Law Enforcement
Belgian privacy watchdog bid's to police Facebook at EU court on October 5 (Reuters) Facebook's run-ins with EU privacy regulators may escalate as Europe's top court next week weighs arguments from the Belgian data protection watchdog that it should have the power to go after the U.S. social media giant for breaches in Belgium.
Deputy minister: Cyber crime cases in Malaysia worrying as 94pc of children exposed to porn online (Malay Mail) According to police sources, 9,215 commercial crime cases have been recorded nationwide involving losses amounting to RM717.2 million for the period January to April. Communications and Multimedia Deputy Minister Datuk Zahidi Zainul Abidin said 5,697 incidents of cyber fraud...
Ransomware victims find themselves between rock and hard place (Fortune) Pay up and risk breaking the law, or remain crippled.
Justice Department Appeals Injunction Against WeChat (Wall Street Journal) The Trump administration filed court papers seeking to overturn a federal magistrate’s ruling that stopped a U.S. ban on China’s ubiquitous messaging and e-commerce app WeChat.
Brennan Rebuffed Requests to Lower Confidence in Key Russia Finding (New York Times) The revelation that the former C.I.A. director sided with analysts over senior officers, contained in his new book, has been a focus of the Justice Department review of the Russia inquiry.
Ex-CIA Director Reveals Internal Division At Spy Agency Over Trump-Russia Intelligence (Daily Caller) Former CIA Director John Brennan reveals in a forthcoming book and interview that there was internal divisioin at the spy agency over Trump-Russia intelligence.
Rosen and Cortez Masto seek federal response to CCSD cyber attack (Nevada Independent) Sen. Jacky Rosen and Sen. Catherine Cortez Masto are seeking federal guidance for the Clark County School District (CCSD) and other school districts following the recent CCSD ransomware attack, which resulted in the release of private data, including Social Security numbers.
