Cyber Attacks, Threats, and Vulnerabilities
Chinese hackers suspected in cyber-espionage operation against Russia, India (CyberScoop) The U.S. military and the Department of Homeland Security are actively tracking the effort, which sources say is linked to Beijing.
MontysThree: Industrial espionage with steganography and a Russian accent on both sides (SecureList) In summer 2020 we uncovered a previously unknown multi-module C++ toolset used in highly targeted industrial espionage attacks dating back to 2018.
Smoke and Mirrors – Hack-for-Hire Group Builds Fake Online Empire (SecurityWeek) Hack-for-hire group BAHAMUT managed to build a fake online empire to leverage in cyber-espionage operations targeting the Middle East and other regions around the world
BlackBerry Uncovers Massive Hack-For-Hire Group Targeting Governments, Businesses, Human Rights Groups and Influential Individuals (BlackBerry) BlackBerry today released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT.
Hacker-for-hire group leverages zero-days, disinformation in Middle East (CyberScoop) A mercenary group using zero-days, bad apps, and disinformation is running operations in the Middle East and South Asia, BlackBerry researchers say.
U.S. Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security (Digital Brand Services Blog) The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC’s new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics.
How Russia Today Skirts High-Tech Blockade to Reach U.S. Readers (Wall Street Journal) After 2016, social-media companies tried to limit the reach of RT, as it is now known. Instead, the outlet has been boosted by a news aggregator dominated by conservative publishers, including National Review, The Daily Caller and Newsmax.
Facebook to temporarily halt political ads in U.S. after polls close Nov. 3, broadening earlier restrictions (Washington Post) The move is intended to limit confusion and misinformation on the platform, the social media company says
This climate activist says he was silenced on Twitter (The Verge) Twitter suspensions take a toll in places where environmental activists are persecuted
Facebook's QAnon ban omits high-profile Australians linked to conspiracy theory (the Guardian) Pages and groups deleted but individual accounts – like Pete Evans’ profile – left untouched
Etsy will remove all QAnon-related merchandise from the platform as tech companies fight the conspiracy theory's growth (Insider) Digital marketplace Etsy told Insider that it would remove and ban all items related to the QAnon conspiracy theory.
QAnon High Priest Was Just Trolling Away as a Citigroup Tech Executive (Bloomberg) Jason Gelinas lived a normal suburban life with a plum Wall Street gig. He also ran the conspiracy theory’s biggest news hub.
An inside look at how ransomware groups go stealth (SC Media) Ransomware groups are doing all they can to leverage tools and techniques that hide their presence from threat detection engines, cover their tracks from investigators and generally make it harder for companies to spot or respond to intrusions until it’s too late.
Microsoft services suffer third outage in 10 days (Computing) Many services were affected, and Microsoft blamed an update to network infrastructure
Feds: Voter Registration System Crash Was Not A Cyberattack (CBS) The Cybersecurity and Infrastructure Security Agency said there were no signs of a cyberattack on Florida's online voter registration system which crashed for several hours Monday.
Regulatory Notice 20-35 (FINRA) FINRA warns member firms of a widespread, ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA asking member firms to complete a survey (see sample below). The email was sent from the domain “@regulation-finra.org” and was preceded by “info” followed by a number, e.g., info5@regulation-finra.org. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
[HEADS UP] Cybercriminals Launch Phishing Campaign to Capitalize on President's Health (KnowBe4) As we predicted, malicious actors are now exploiting the media firestorm surrounding President Donald Trump's diagnosis late last week with COVID-19.
Data from Airlink International UAE leaked on multiple dark web forums (Security Affairs) Cybersecurity researchers from Cyble have spotted a threat actor sharing leaked data of Airlink International UAE for free on two different platforms.
Samaritan Announces All Computer Systems and Applications Have Been Fully Restored; Confirms There Was No Unauthorized Access to or Acquisition of Patient Data - Samaritan Health (Samaritan Health) Samaritan Health announced today it has successfully completed the restoration of all computer systems and applications, and can confirm no patient or employee data was accessed or acquired. Thomas H. Carman, president & chief executive officer, said, “Our systems are now relaying information as they had been prior to the outage, and …
Xaar hit by cyber attack, 7 Oct 2020 08:07 (Shares Magazine) Inkjet printing technology group Xaar said it had been the victim of a cyber attack that involved unauthorised access to its computer systems.
Smart Speakers Pose Both Convenience and Privacy Risk (The Fordham Ram) Why did I buy one in the first place? It was cheap, it sounded convenient and it seemed like everyone had one.
Security Patches, Mitigations, and Software Updates
Cisco security warning: Patch Webex Teams for Windows and surveillance camera now (ZDNet) Cisco discloses more high-severity security flaws affecting its Video Surveillance 8000 Series IP Cameras.
Google is adding cross-app account security alerts on iOS (The Verge) The feature will start rolling out on a limited basis in the coming weeks.
Cloudflare can now send DDoS alerts for sites under attack (TechRadar) A new alert system will inform customers when they are under attack
Cyber Trends
9 data security trends IT departments should expect in 2021 (TechRepublic) Remote work will lead to more phishing attacks and threats to accounting and marketing departments, according to IT security managers.
40% of data breach records insufficient - Canadian Privacy Commissioner releases findings on data breach register inspections (Miller Thomson LLP) As the Canadian Office of the Privacy Commissioner (“OPC") signaled it would do at the end of 2019, it completed a targeted investigation of data breach
Cloud Security Report | October 2020 (Wandera) In this month’s cloud security report, we refocus on phishing looking at the length of phishing URLs compared to safe URLs, what day of the week you’re most likely to be phished, and how phishing URLs are analyzed for risk.
Americans report 168k imposter scam cases amounting to $300m in losses YTD (Atlas VPN) According to data extracted and analyzed by Atlas VPN, the United States residents reported 168,818 imposter scam cases amounting to $299.9 million in losses in the first half of 2020.
Telecom Corporate Accounts at Highest Risk for Cyber Attacks (CPO Magazine) With so many employees, subscribers, and seemingly unlimited data out there, the telecom industry is a prime target for cybercriminals looking for a profit.
Marketplace
Solvo raises $3M seed round to automatically manage cloud infrastructure permissions (TechCrunch) Solvo, a Tel Aviv-based startup that promises to automatically generate cloud security permissions by analyzing a developer’s code, today announced that it has raised a $3 million seed funding round from TLV Partners and Surround Ventures. The idea here is to analyze the code and generate the…
Israeli cyber company Illusive Networks completes $24 million series B (CTECH) The company’s solution creates a hostile environment for attackers, depriving them of the means to progress toward critical assets
NormShield Secures $7.5 Million in Series A Funding (CIOReview) NormShield Secures $7.5 Million in Series A Funding By 1 - BOSTON - NormShield, the cyber risk rating company, announced today the closing of $7.5 million in Series A funding led by...
TikTok passes Instagram as second-most popular social app for U.S. teens (CNBC) TikTok has surpassed Instagram as teenagers' second favorite social media app, according to a report published Tuesday.
F-Secure appoints new head of consulting business (CIOReview) F-Secure appoints new head of consulting business By 1 - Helsinki, Finland - Today, global cyber security provider F-Secure announced it has appointed Ed Parsons as the new Executive...
Products, Services, and Solutions
ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities Standing in the Way of Software Excellence - ZeroNorth (ZeroNorth) New enhancements empower organizations to maintain enterprise standards for application security while accelerating software delivery, without disrupting DevOps processes
Aqua’s Trivy Now Available as a GitHub Action (Aqua) Aqua’s open source Trivy vulnerability scanner is available as an Aqua Security Trivy GitHub Action; the action integrates with GitHub code scanning.
ESET Launches Cybersecurity Awareness Training Offering for Workforce (ESET) ESET, a global leader in cybersecurity, today announced ESET Cybersecurity Awareness Training, a new online offering designed to educate the workforce on how to recognize phishing, avoid scams and understand internet best practices.
Druva Introduces Integrated Cloud Backup and Archive for NAS Data (BusinessWire) Druva, Inc., the leader in Cloud Data Protection and Management, today announced the industry’s first cloud-based, integrated backup and archive for n
Thousand-node Fabrics: Scaling and Extending the Adaptive Cloud Fabric with Controllerless SDN and EVPN (Pluribus Networks) New levels of scalability for hybrid clouds and edge computing
Ping Identity Launches New Cloud Services Enabling Advanced Risk Management and Authentication for the Enterprise (BusinessWire) Ping Identity (NYSE: PING), the intelligent identity solution for the enterprise, today unveiled PingOne Services, a suite of stand-alone cloud servic
SecurityHQ, Managed Security Services Provider, Named as Supplier on Crown Commercial Service's (CCS) G-Cloud 12 Framework (Yahoo) SecurityHQ is a 5th Gen Security Operations Centre, powered by Gartner's #1 rated SIEM with User Behaviour Analytics, SOAR, and Intelligence, driven by an army of 200+ expert analysts.
WISeKey closes $300,000 contract with arago to secure COVID-19 pandemic management, engaging in the 2nd deal in less than a month to actively fight the economic impact of COVID-19 (GlobeNewswire) WISeKey Cybersecurity for arago AI based risk management delivers end-2-end security for managing COVID-19 pandemic and building an ecosystem to minimize the global economic impact of any pandemic
Hyperproof Now Supports NIST Cybersecurity Framework and CSA CCM (Hyperproof) Hyperproof’s compliance operations platform now supports two of the most well-recognized frameworks in the security realm: The NIST Cybersecurity Framework and the Cloud Security Alliance Cloud Controls Framework.
MediaPRO Puts Human Connection First with Launch of Security and Privacy Training Series Paradigm (PR Newswire) MediaPRO, a leading provider of security and privacy training solutions, today announced the release of their new series of security and...
Juniper upgrades security software with threat intelligence, VPN package (Network World) Juniper adds to its Advanced Threat Prevention (ATP) Cloud and releases an in-house VPN offering
Technologies, Techniques, and Standards
Voter beware: US agencies tells public how to avoid election mischief (Federal Times) The FBI and DHS's cybersecurity agency offered steps Americans can take to counter foreign interference in the upcoming election.
FISMA Implementation Project (CSRC) Welcome to the course Applying the Risk Management Framework. The purpose of this course is to provide people new to risk management with an overview of a methodology for managing organizational risk in accordance with NIST Special Publication (SP)...
Britain's banks turn cyber sleuths to crack $100 billion mortgage mystery (Reuters) Does a cancelled gym membership spell financial disaster?
Survey: Threat of Fines, Not FUD, Drives Board Decisions on Cybersecurity Spend (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today...
The importance of GDPR compliance in private equity (Private Equity Wire) By Owen Morris (pictured), operations director at Doherty Associates – The ICO has remained vigilant when issuing fines to companies that have suffered data breaches. During the pandemic, Easyjet was fined a record GBP183 million following the data breach of up to nine million customers.
New EU ‘Gateway’ Will Link Coronavirus Apps Across Borders (Wall Street Journal) Germany’s Corona-Warn, Ireland’s Covid Tracker and Italy’s Immuni will be the first in the 27-country bloc to talk to each other. More are expected soon.
Today, Nobody is Going to Attack You. (Internet Storm Center) Chances are, nobody is going to bother attacking your network today. Even if you go home, leave the users to browse at will, and return tomorrow well-rested, your network and data will still be fine.
Twitter Hack Spurred Copycats, But Other Businesses Don’t Have to Fall Prey (Infosecurity Magazine) The consequences of privileged identity exposure are potentially catastrophic, as the Twitter hack demonstrated.
Remote work marked ‘culmination’ of NYC Cyber Command’s cloud initiatives, agency heads said (StateScoop) Keeping the city government running even when no one’s in the office has been a vindication, leaders of New York City’s cybersecurity agency said.
Cyber Intelligence Suffers From 'Snobby' Isolationism, Focus on Rare Threats (Dark Reading) Cyber-threat intelligence groups need to more often investigate their organization's specific threats and better integrate with other business groups, experts say.
Design and Innovation
The Contest to Protect Almost Everything on the Internet (Wall Street Journal) The world’s top cryptographers are competing to develop algorithms that can withstand attacks from an ultrafast quantum computer.
Researchers map threat actors’ use of open source offensive security tools (The Daily Swig) Malware cartographers offer their insights
Academia
Cyber attack: IDOL exams put off till October 19 to give Mumbai University time to prepare (The Times of India) The final examinations of about a lakh students of the Institute of Distance and Open Learning (IDOL) of the University of Mumbai have been pushed bac
CyberCenturion Vll launches with pledge to increase diversity in participation (MENAFN) At the official launch of CyberCenturion Vll, Nick Chaffey, Chief Executive, UK, Europe and Middle East, Northrop Grumman announced that the 2020/21 focus of the competition will be on encouraging greater diversity in the cyber security sector.
Legislation, Policy, and Regulation
Putin sends a mixed message on US election, hedging his bets (Washington Post) Russian President Vladimir Putin on Wednesday decried what he called Joe Biden’s “sharp anti-Russian rhetoric” but praised the Democratic presidential nominee’s comments on arms control.
No grounds for claims of Russia’s 'destructive behavior' in cyberspace — Putin (TASS) The claims concern alleged meddling in elections and more, according to the Russian president
Huawei: MPs claim 'clear evidence of collusion' with Chinese Communist Party (BBC News) A parliamentary inquiry says the UK may need to remove firm's 5G kit two years earlier than planned.
Huawei Blocked From Sponsoring Security Event in NATO’s Slovakia (Bloomberg) Huawei Technologies was barred from sponsoring a defense summit in NATO member Slovakia after the country’s president briefly canceled a speech over concerns the Chinese telecommunication company posed a security risk.
‘Do Not Track’ Is Back, and This Time It Might Work (Wired) California’s privacy law says businesses must respect universal opt-outs. Now the technology finally exists to put that to the test.
Tillis and Blackburn Introduce Anti-Hacking Bill Aimed at Protecting COVID-19 Vaccine Research (IPWatchdog) The Defend COVID Research from Hackers Act was introduced on Tuesday by Senators Thom Tillis (R-NC) and Marsha Blackburn (R-TN) with the goal of authorizing the President to “take swift action and add sanctions to countries trying to disrupt or hack COVID-19 research.”
New State Dept. bureau will handle international cybersecurity issues (Federal News Network) The State Department has been working to establish a new cybersecurity bureau to work with other agencies. Only it hasn’t exactly told them what it’s up to.
Department of Defense and NSA officials lead initiatives for US cyber strategy (SiliconANGLE) The process of combating threats in cyberspace is a multi-front war. Criminal organizations, nation states and even “lone wolf” hackers with too much time on their hands can launch attacks that have the potential to cause major economic damage or significant personal disruption.
State Government to come out with Cyber Security Policy soon (Star of Mysore) Bengaluru: The State Government will soon come up with a Cyber Security Policy as the digital transaction is expanding its scope on each passing day and cyber security becoming a subject of paramount importance, said Deputy Chief Minister Dr. C.N. Ashwathnarayan, who is also the Minister for Information Technology and Biotechnology, Science and Technology (IT,...
Litigation, Investigation, and Law Enforcement
Governmental mass surveillance is illegal, says top European court (Computing) National security concerns do not exclude the bloc's members from the need to abide by EU laws, says the EU Court of Justice
United States Seizes Domain Names Used by Iran’s Islamic Revolutionary Guard Corps (US Department of Justice) The United States has seized 92 domain names that were unlawfully used by Iran’s Islamic Revolutionary Guard Corps (IRGC) to engage in a global disinformation campaign, announced the Department of Justice.
UK Department For Education fails to meet UK, GDPR data protection standards - with flying colors (ZDNet) A compulsory audit has revealed severe security failings and data management problems.
Department for Education (DfE) Data protection audit report (Information Commissioner's Office) The Information Commissioner is responsible for enforcing and promoting compliance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA18) and other data protection legislation. Section 146 of the DPA18 provides the Information Commissioner’s Office (ICO) with the power to conduct compulsory audits through the issue of assessment notices.
Free to State: The New Free Speech (Washington Post) MS. SELLERS: Good morning and welcome to Washington Post Live. I’m Frances Stead Sellers, a senior writer at The Washington Post.
New Files Highlight Brennan’s Role Promoting Clinton’s Russia Collusion Narrative (National Review) The CIA was not seeking an FBI probe of Clinton; rather, it was pushing an investigation of Trump consistent with her baseless allegations.
House Democrat accuses Ratcliffe of politicizing election security intelligence (TheHill) Rep. Elissa Slotkin (D-Mich.) on Wednesday accused Director of National Intelligence John Ratcliffe of politicizing election security intelligence on behalf of President Trump and urged him to take a number of steps to improve transparency.
CPSC Inspector General Concludes 2019 Data Breach Was Much More Significant Than Reported and Caused by Mismanagement and Incompetence (The National Law Review) On September 25th, the CPSC Office of Inspector General (OIG) released its long-awaited report summarizing its investigation of the 2019 CPSC data breach. Most notably, the report...
Cisco’s Patent Loss May Reach $3.25 Billion, Centripetal Says (Bloomberg) Cisco may end up paying between $2.66 billion and $3.25 billion as a result of a federal judge’s opinion that it copied a Virginia company’s inventions for cybersecurity features, patent owner Centripetal Networks said, calling it “the largest award of any U.S. patent case to date.”
Warner Music Group Customer Sues Over Data Breach (MyNewsLA.com) Share this article:A woman is suing Warner Music Group in the aftermath of a data breach in which hackers accessed customers’ personal and credit card information. Linda Stevens filed her proposed class-action lawsuit Tuesday in Los Angeles Superior Court and is seeking unspecified damages. Her allegations include breach of contract, negligence and violation of the […]
Trump's Former Lawyer Vows to Help in Air Force Vet Reality Winner's Appeal (Military.com) Reality Winner was found guilty of violating the U.S. Espionage Act and sentenced to more than five years in prison.
Google given skeptical reception in Supreme Court against Oracle (Silicon Valley Business Journal) The case could have far-reaching effects on competition in the tech industry.
Exclusive: Google faces new antitrust case in India over abuse in smart TVs market - sources (Reuters) Alphabet Inc's <GOOGL.O> Google is facing a new antitrust case in India in which the U.S. tech giant is alleged to have abused its Android operating system's position in the smart television market, a source and two lawyers involved in the case told Reuters.
Tesla Alleges Act of Employee Sabotage in New Internal Email (Bloomberg) Tesla Inc. told workers at its auto plant in Fremont, California, that an employee “maliciously sabotaged” part of a factory last month and was fired after an internal investigation, according to a memo seen by Bloomberg News.
Regulators Fine Citigroup $400 Million Over ‘Serious Ongoing Deficiencies’ (Wall Street Journal) In a consent order agreed to by the New York bank’s board, the Federal Reserve faulted Citigroup for falling short in “various areas of risk management and internal controls.”
SEC settles with trader accused of illegal trades using hacked data (CyberScoop) Details of the settlement were not immediately clear.
‘Former staff’ claim abuse by ex-Rep. Hill in Twitter hack (Washington Post) An old government Twitter account for former California U.S. Rep. Katie Hill was hacked Wednesday, purportedly by “former staff” who criticized a planned movie about her life and accused Hill of workplace abuse.