Cyber Attacks, Threats, and Vulnerabilities
Industrial Espionage Campaign Uncovered (BankInfo Security) A hacking group is taking aim at industrial targets in an ongoing cyberespionage campaign, security firm Kaspersky reports. The group, dubbed
China embraces facial recognition even as data leaks are rampant (South China Morning Post) Incorrectly configured databases remains a widespread security problem in China even as citizens increasingly express concerns.
Lined up in the sights of Vietnamese hackers (BR) A group of Vietnamese hackers has been systematically spying on dissidents for years, including in Germany. The victims feel left alone by authorities as an investigation by BR and Zeit Online is able to show.
Rare spy malware hits diplomats of NGOs from Asia, Europe (Daiji World) A rare spy malware has hit diplomats and members of NGOs from Asia, Africa and Europe in a series of targeted cyber attacks, including spear-phishing documents in Russian language while some were related to North Korea and used as a lure to download malware.
Wagner-Affiliated Telegram Channel Trolls Nagorno-Karabakh Conflict Analysts (bellingcat) With a number of credible reports of foreign fighters engaged in the conflict in Nagorno-Karabakh on behalf of Azerbaijan, a number of journalists and analysts have looked to one of the world’s most infamous private mercenary companies (PMC), Russia’s Wagner PMC, as a potential actor in the conflict. However, there has not been any firm …
Under China's Shadow, Nepal is the Latest Destination for North Korean Cyber Crimes (JAPAN Forward) In October 2018, Japan's then- Prime Minister Abe Shinzo and India's Prime Minister Narendra Modi underscored two vital areas of concern... One was Pyongyang's nuclear proliferation linkages. The other, the Japanese abductions issue.
Vectra security research identifies how cyberattackers use Microsoft Office 365 tools against organizations to steal data (PR Newswire) Vectra®, a leader in network threat detection and response (NDR), today released its 2020 Spotlight Report on Microsoft Office 365, which...
Cyber Command, Microsoft take action against Trickbot botnet before Election Day (CyberScoop) The Pentagon's Cyber Command and Microsoft have taken actions to disrupt one of the world’s largest botnets in recent weeks in advance of U.S. elections.
Cyber Command has sought to disrupt the world’s largest botnet, hoping to reduce its potential impact on the election (Washington Post) In recent weeks, the U.S. military has mounted an operation to temporarily disrupt what is described as the world’s largest botnet — one used also to drop ransomware, which officials say is one of the top threats to the 2020 election.
Report: U.S. Cyber Command Behind Trickbot Tricks (KrebsOnSecurity) A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military's Cyber Command.
US Cyber Command disrupted the notorious Trickbot botnet (Yahoo) The US Cyber Command, the Defense Department division in charge of its cyberspace operations, recently mounted an operation to disrupt one of the most massive and notorious botnets today. According to The Washington Post, CyberCom successfully (albeit temporarily) interrupted the Trickbot botnet’s operations at least a couple of times over the last few weeks. The botnet is composed of at least a million hijacked computers infected with the Trickbot malware and reportedly run by Russian-speaking criminals.
Court orders seizure of ransomware botnet controls as U.S. election nears (Reuters) Microsoft said Monday it had used a court order to take control of computers that were installing ransomware and other malicious software on local government networks and threatening to disrupt the November election.
Microsoft Uses Trademark Law to Disrupt Trickbot Botnet (KrebsOnSecurity) Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot, a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that…
Trickbot disrupted (Microsoft Security) Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations. Microsoft worked with telecommunications providers around the world to take down key Trickbot infrastructure.
Microsoft Takes Down a Risk to the Election, and Finds the U.S. Doing the Same (New York Times) Fearing Russian ransomware attacks on the election, the company and U.S. Cyber Command mounted similar pre-emptive strikes. It is not clear how long they may work.
Security Firms & Financial Group Team Up to Take Down Trickbot (Dark Reading) Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.
Tech Companies Take Down TrickBot Botnet Infrastructure (SecurityWeek) Microsoft on Monday revealed that it worked with industry partners to shut down the infrastructure used by TrickBot operators and block efforts to revive the botnet
Microsoft Uses Trademark Law to Disrupt Trickbot Botnet (KrebsOnSecurity) Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot, a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that…
ESET takes part in global operation to disrupt Trickbot (WeLiveSecurity) ESET researchers have taken part in a global operation to disrupt the Trickbot botnet, which has, since 2016, compromised over a million computers.
ESET takes part in global operation to disrupt Trickbot, a botnet that has infected over a million computers (ESET) Trickbot steals credentials and, recently, has deployed ransomware; ESET Research contributed with technical analysis to the effort
A Look Inside The TrickBot Botnet (Lumen) TrickBot is a dangerous and widespread botnet that has operated with relative impunity since it emerged in 2016.
Microsoft and others orchestrate takedown of TrickBot botnet (ZDNet) FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, Symantec, and the Microsoft Defender team participated in the takedown.
Microsoft takes down massive hacking operation that could have affected the election (CNN) Microsoft has disrupted a massive hacking operation that it said could have indirectly affected election infrastructure if allowed to continue.
Microsoft on the counterattack! Trickbot malware network takes a hit (Naked Security) The crooks haven’t yet been caught and arrested, but their malware distribution network has been hit hard.
Sophos expert says links between Trickbot and election security unlikely (ITWire) Global security firm Sophos has questioned the connection drawn between ransomware attacks facilitated by the Trickbot botnet and threats to election security, with a senior researcher saying gangs did not generally target local governments specifically for political effect. Senior threat researcher...
BazarLoader used to deploy Ryuk ransomware on high-value targets (BleepingComputer) The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware.
"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon (Advanced Intel) By Roman Marshanski & Vitali Kremez Key Points BazarBackdoor is the newer preferred stealthy covert malware leveraged for high-value targets part of the TrickBot group toolkit arsenal. It consists of two components: a loader and a backdoor. The Bazar malware group pursues stealthiness via malware signing and only initi
How middlemen are giving ransomware gangs more attack options (CyberScoop) The last six months have seen damaging ransomware attacks on two multibillion-dollar IT firms, Conduent and Cognizant, with clients all over the world. The incidents locked computers across the companies, cut into revenue and required days, if not weeks, of clean up. A report published Monday by consulting giant Accenture warns that the kind of criminal groups behind those attacks have more options than ever for accessing corporate networks thanks to a thriving market for outsourced hacking.
Network Access Sellers and Ransomware Groups (Accenture) Ransomware groups are taking advantage of opportunities to purchase network access on dark web forums to compromise networks and unleash malware.
Hacker groups chain VPN and Windows bugs to attack US government networks (ZDNet) Some attacks were successful and intruders gained "unauthorized access to elections support systems."
Zerologon Chained With Fortinet, MobileIron Vulnerabilities in U.S. Government Attacks (SecurityWeek) CISA and the FBI have spotted attacks aimed at government organizations in which attackers have chained the Zerologon vulnerability with flaws impacting Fortinet and MobileIron products
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations (CISA) This joint cybersecurity advisory was written by CISA with contributions from the Federal Bureau of Investigation (FBI). CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon.
Why a Failed Election Hack Could Be Worse Than a Successful One (The Record by Recorded Future) Even a failed or thwarted hack could still disrupt the 2020 presidential election—maybe even worse than a successful one.
Research: Can you build spyware for a Fitbit? (Immersive Labs) Kev Breen, Director of Cyber Threat Research, wrote a malicious Fitbit app that would bypass the protections in app stores. Here's what he found.
Enterprise Solutions Provider 'Software AG' Hit by Clop Ransomware (SecurityWeek) German enterprise solutions giant Software AG has been targeted by cybercriminals with the Clop ransomware
PTA-Adhoc: Software AG: Ad-hoc: Evidence of data downloads due to malware attack obtained (Software AG) Today, Software AG has obtained first evidence that data was downloaded from Software AG's servers and employee notebooks. There are still no indications for services to the customers, including the cloud-based services, being disrupted. The company is refining its operations and internal processes continuously.
Immunity: Unauthenticated Remote Code Execution on OverwolfUpdater (AppGate) An Unauthenticated Remote Code Execution attack scenario is present within the 'OverwolfUpdater.exe' service, this attack allows malicious users on the same network or positioned in between the user and the remote server to execute code within the target system as the user 'NT AUTHORITY/SYSTEM' and therefore obtaining complete access and control from the machine.
Immunity: Local Privilege Escalation in GOG Galaxy (AppGate) GOG Galaxy 2.0 is a platform developed by CD Projekt designed as a storefront, software delivery, social network and as a unified game launcher; currently offering clients to Windows and macOS operating systems.
There’s a New a Golang-written RAT in Town (Bitdefender Labs) Security researchers at Bitdefender have discovered a new Golang-written RAT that targets devices by using the CVE-2019-2725 (Oracle WebLogic RCE) vulnerability identified last year. Unlike other bots that have exploited this vulnerability, it doesn’t try to... #CVE20192725 #golangrat #PowerGhost
The most common malicious email attachments infecting Windows (BleepingComputer) To stay safe online, everyone needs to recognize malicious attachments that are commonly used in phishing emails to distribute malware.
Watch Out — Microsoft Warns Android Users About A New Ransomware (The Hacker News) Microsoft has warned Android users about a new ransomware that uses incoming call notifications and the Home button to lock the device.
Can This New Android Threat Brick Your Phone When You Answer A Call? (Forbes) How concerned should you be of this supposed Android phone bricking threat?
Why Emotet's Latest Wave is Harder to Catch Than Ever Before - Part2 (Deep Instinct) Emotet appears to have reemerged more evasive than before, this time with a payload delivered from a loader that security tools aren't equipped to handle.
Authorities investigating news agency website crash (updated) (Cyprus Mail) An investigation will determine whether the state-controlled Cyprus News Agency had fallen victim to a cyberattack, its director said on Saturday. Though the agency had said earlier that its portal had been brought down by a cyberattack, Giorgos Penintaex said it was not yet certain. He said the site crashed…
Tyler Technologies paid ransomware gang for decryption key (BleepingComputer) Tyler Technologies has paid a ransom for a decryption key to recover files encrypted in a recent ransomware attack.
Android Ransomware Has Picked Up Some Ominous New Tricks (Wired) While it's still far more common on PCs, mobile ransomware has undergone a worrying evolution, new research shows.
Parents Warned About TikTok And Instagram Over "Dodgy Apps' They Are Advertising (WSFM 101.7 Sydney) Parents have been warned to check their children’s internet use after a cybersecurity company fund several scam apps have been promoted to kids on social media. The malicious apps are known as “HiddenAds trojans” and pose as games, wallpaper apps and music downloaders. Once downloaded, they display ads or charge a user between $2 and […]
Hackers post stolen information from Fairfax school district (Washington Post) Officials say student and employee data has been compromised.
FCPS announces student, teacher personal information leaked to the dark web after cyber attack (WDVM 25) Fairfax County Public Schools announced that some student and teacher personal information may have been leaked to the dark web after a cyber attack in September.…
Franklin loses $522K to ‘spear phishing’ cyberattack (MIlford Daily News) A spear phishing attack has drained the town of Franklin of $522,000, Town Administrator Jamie Hellen confirmed on Thursday night.
Robinhood says some customer accounts may have become target of hackers (Reuters) Fintech startup Robinhood Markets Inc said on Friday some customers might have become a target of hackers because of their personal email accounts being compromised outside of its platform.
Wisepay: School Payments Service Hit By Cyber-Attack (Information Security Buzz) As reported by BBC News, parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to …
Cyber attack targets Georgia Department of Human Services (CBS46 News Atlanta) The Georgia Department of Human Services was the latest target of a cyber-attack on Friday, officials said.
Cruise Operator Carnival Discloses 2019 Data Breach (SecurityWeek) Cruise operator Carnival Corporation has started informing customers of a data breach that occurred last year and which resulted in their personal information being accessed by a third-party.
Body by Ravi Surgery & Aesthetics - Notice of Data Privacy Event (PR Newswire) Body by Ravi Plastic Surgery & Aesthetics ("BBR") today is providing information about a recent event that may impact the privacy of some...
Seyfarth Shaw Hit By Ransomware Attack (Law360) Seyfarth Shaw LLP confirmed Monday it had been hit by a cyberattack over the weekend, causing the firm to temporarily shut down some of its systems.
Malware Attack Information (Seyfarth Shaw) On October 10, 2020, Seyfarth was the victim of a sophisticated and aggressive malware attack. At this time, our email system remains down. Our phone system is still functioning but if you are unable…
Marketing Firm Spills Nearly Three Million Records (Infosecurity Magazine) Marketing Firm Spills Nearly Three Million Records. Cloud configuration snafu to blame again
Police investigating cyber attack on Walled Lake school district (FOX 2 Detroit) Walled Lake Consolidated Schools are warning parents Monday morning about a cyber attack on the district's network over the weekend.
Hackney Borough Council suffers serious cyber attack (Computing) The Council is currently working with security experts to protect data
Container Shipping Group CMA CGM Restores Online Business After Cyber Attack (Insurance Journal) CMA CGM, the world's fourth-largest container shipping group, said it has restored its online business services after a cyber attack last month paralyzed
Cybercriminals Gamble With Victims' Livelihoods To Pass the Covid-19 Blues (Trend Micro) Our underground monitoring revealed several ways how criminals have been entertaining themselves during isolation, with normal activities that offer cyber-crime-related prizes.
Vulnerability Summary for the Week of October 5, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
One year after server hackers left NordVPN red-faced, firm's first colocated setup is online (Register) Plus: Bunch of Cisco fixes for Patch Tuesday week, Fitbit kit hit, RAT malware written in Golang, and more
Cyber Trends
A Wake Up Call: The Harsh Reality of Audit Fatigue | Telos Corporation (Telos Corporation) The importance of privacy and security has grown exponentially over the last five years, bringing with it a host of new regulations. But what is the business impact of this growing number of security and privacy regulations?
2020 State of Virtual Appliance Security Report (Orca Security) This report illuminates major gaps in virtual appliance security, finding many are being distributed with known, exploitable, and fixable vulnerabilities
Q3 2020 KnowBe4 Finds Coronavirus-Related Phishing Email Attacks Still Prevalent (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today revealed the results of its Q3...
Netsparker Research Finds Executive Overconfidence is a Security Risk (PR Newswire) Netsparker, the leading enterprise dynamic application security testing (DAST) solution, teamed up with Dimensional Research to understand the...
Surge in Remote Work Weakens Security Posture of Many U.S. Companies (PR Newswire) Businesses around the U.S. have experienced a significant and correlating spike in cyberattacks since remote work began in early 2020....
The State of Privacy Data Rights Around The World - New Research From BigID and the International Association of Privacy Professionals (BigID) BigID, the leader in data discovery and intelligence for privacy, protection and perspective, today released a report on the state of Privacy Data Rights, in partnership with the International Association of Privacy Professionals (IAPP), the largest and most comprehensive global information privacy community and resource.
Cyber Threat Trends and Threat Landscape (Booz Allen Hamilton) In Booz Allen’s 2020 Cyber Threat Trends Report, we identify emerging cybersecurity threats to watch out for in the coming year.
2020 Ransomware Flashcard (Lumu Technologies) Lumu's new Ransomware infographic brings together the most pertinent facts surrounding the growing Ransomware threat.
Hackers Eye Their Next Targets, From Schools to Cars (Wall Street Journal) Systems that are secure today may not be tomorrow. Here’s what cybersecurity experts say could be a future focus for attacks.
BetterCloud Report Reveals Operational Complexity and Risk Concerns as Organizations Reach Tipping Point in SaaS Adoption (DevOps.com) Responses from nearly 700 IT leaders and practitioners confirm organizations are embracing SaaSOps as a proven framework for their SaaS challenges NEW
UAE Business Leaders Introduce Emirati Startups to Israelis at OurCrowd-Emirates Angels Event (BusinessWire) OurCrowd, the world’s largest global venture investing platform and Emirates Angels Investors Association, the leading Emirati angel investment networ
Russian and Chinese Business Leaders Not Worried About Cyber Attacks (Flying Penguin) The World Economic Forum (WEF) just released their annual report on global business leaders’ perception of Regional Risks for Doing Business (RRDB).
His Writing Radicalized Hackers. Now He Wants to Redeem Them (Wired) Cory Doctorow's Little Brother series has been a young-adult sci-fi bible for teen hacktivists. But with the latest and darkest book in the trilogy, it's all grown up.
Marketplace
Verizon Business joins the CyberWire’s industry partnership program (The CyberWire) The CyberWire announced today that Verizon Business has joined its distinguished academic, research, and industry partnership program, focused on accelerating cybersecurity education and awareness around the world.
Cyberpion Raises $8.25 Million in Seed Funding Round; Emerges From Stealth to Propel Ecosystem Security (PR Newswire) Cyberpion, an ecosystem security pioneer, today announced it has emerged from stealth after closing an $8.25 million seed funding round co-led...
Atos completes the acquisition of Paladion (GlobeNewswire) Strengthening Atos’ leadership in cybersecurity with new global Managed Detection & Response capabilities
Ivanti Announces Strategic Acquisitions of MobileIron and Pulse Secure (CIO Applications) By acquiring MobileIron and Pulse Secure, Ivanti will be providing on its vision to allow the...
Shujinko Raises $7.5 Million Series A Round to Simplify and Automate Cloud Compliance (BusinessWire) Shujinko, a provider of cloud compliance software, announced today that it has raised a $7.5 million Series A to accelerate the development of its Saa
Veeam Acquires Kasten, Targets Kubernetes-Native Workloads For Data Protection (CRN) With the acquisition, Veeam joins other major storage vendors including Pure Storage, Commvault, and NetApp in a Kubernetes push.
Unqork: $207 Million Funding And $2 Billion Valuation (Pulse 2.0) No-code startup Unqork recently announced a $207 million Series C round of funding at about a $2 valuation.
Samsung makes 5G inroads as Huawei loses ground in face of US sanctions (The National) World's largest manufacturer of smartphones and memory chips has been pushing to expand its influence in the 5G market
Huawei ousted from heart of EU as Nokia wins Belgian 5G contracts (Reuters) Orange and Proximus have picked Nokia to help build 5G networks in Belgium as they drop Huawei amid U.S. pressure to exclude the Chinese firm from supplying key telecoms equipment.
U.S. sanctions turn up heat but Huawei serving European 5G clients, executive says (Reuters) Chinese telecom giant Huawei is finding it harder to counter U.S. sanctions designed to cho...
Nordic Firms Score Big on Commercial 5G Deals, Huawei Falters (Yahoo) Nordic telecommunications equipment manufacturers like Ericsson (ERIC) and Nokia (NOK) are increasingly gaining prominence at the expense of China-based Huawei Technologies.
Huawei's base station teardown shows dependence on US-made parts (Nikkei Asia) American products account for nearly 30% of the Chinese group's baseband unit
China hawks encounter powerful opponent: U.S. companies (Washington Post) Industry groups are fighting some restrictions on tech trade with China, saying the costs are too high
BlackBerry: Hunting & Pecking (Seeking Alpha) BlackBerry is expanding the capabilities of its UES offerings.
Honeywell to provide security system for offshore Mexico FPSO (Offshore) MODEC Inc. has contracted Honeywell to supply an integrated safety and security platform for the FPSO Miamte MV34.
Facebook Announces Bug Bounty Loyalty Program, Streamlined Bug Triage (SecurityWeek) Facebook has announced a series of updates for its bug bounty program, including bonus rewards for engaged researchers, as well as a faster bug triage process
Accenture was named as a Leader in Managed Security Services by IDC MarketScape (The Financial) Accenture (NYSE: ACN) has been positioned as a Leader in the latest IDC MarketScape analysis of managed security services (MSS) providers.
Industry-Leading PAM Cloud Adoption Highlights Exceptional Q3 for Thycotic (PR Newswire) Thycotic, a provider of privileged access management (PAM) solutions to more than 10,000 organizations worldwide, including 25 of the Fortune...
Privitar Expands Executive Leadership Team with Appointment of Steven Totman as Chief Product Officer | Privitar (Privitar) Privitar, the leading data privacy platform provider, today announced the expansion of its executive team with the appointment Steven Totman as Chief Product Officer. In this ...
Brian Stoner Joins XDR Security Startup Stellar Cyber for MSSP Partner Push (MSSP Alert) XDR security startup Stellar Cyber hires Cylance veteran Brian Stoner to accelerate Security Operations Center & MDR as a service for MSSP partners.
Centrify's New CEO Has A Compelling Vision For The Future Of Cybersecurity (Forbes) What I find most compelling about his vision is how essential every person is to breaking apart complex cybersecurity problems and solving them.
Greenberg Traurig Adds Five More Attorneys to Data, Privacy and Cybersecurity Practice (AiThority) Greenberg Traurig, LLP continues the strategic expansion of its Data, Privacy & Cybersecurity Practice with the addition of Shareholder Kevin Scott and Associate Sarah Schenker in Chicago
Former DOD CIO Terry Halvorsen joins IBM (Washington Technology) Terry Halvorsen, the former Defense Department chief information officer, has joined IBM to help lead transformation and modernization efforts for public sector clients.
Yellowbrick Announces Mark Cusack as Chief Technology Officer (BusinessWire) Hybrid cloud data warehouse company Yellowbrick Data today announced that Mark Cusack has joined the company as chief technology officer (CTO), where
Products, Services, and Solutions
Computing at the Edge (Akamai) Welcome to the Akamai October 2020 Update - a week of product updates, new features, and innovations. We'll be highlighting a different area of our portfolio each day this week. In today's post, we look at our enhanced edge computing capabilities and how they help developers more effectively and rapidly improve customer experiences on the Akamai platform.
Sift Introduces Expanded Integrations, Providing Trust and Safety Teams with Greater Transparency and Control (Sift) With new integrations and app gallery, Sift Console delivers single source of truth for fraud fighters
LuxTrust and Cryptomathic Uplift Luxembourg’s Digital Users and Services to the Highest Level of Remote e-Signature Assurance under European Law (Global Security Mag Online) LuxTrust users (representing over 95% of Luxembourg’s active population) will benefit from the highest possible level of e-signature security in the EU when they remotely sign documents and transactions during their day to day use of the country’s wide range of digital services.
Nationwide and Generali Global Assistance Partner to Enhance Identity Theft Protection (PR Newswire) Cybersecurity issues are running rampant as the world is rapidly going digital. This presents independent agents with a unique opportunity to...
Virtustream launches unified, security and compliance management platform (Help Net Security) Virtustream announced xStreamCare Services for Security and Compliance, a unified, security and compliance management platform.
Juniper Networks expands security offering for remote working (Security Brief) Juniper Networks has launched new solutions to enhance work from home security.
Deep Secure, CNS join forces to offer zero-trust Threat Removal in GCC (TahawulTech.com) Deep Secure, the Threat Removal company, has announced Gold Partnership agreement with CNS.
Mimecast announces second integration with Rapid7 (TahawulTech.com) Mimecast API Integration with Rapid7 InsightIDR SIEM Solution is Engineered to Improve Threat Detection and Response
Radware launches DDoS protection for online gaming (Security Brief) “Online games are a massive, multi-billion-dollar industry, but they frequently fall victim to powerful and targeted DDoS attacks,
Identity Protection and Digital Banking (Breach Clarity Blog) It's time for identity protection to be integrated into digital banking. Here's why.
Cloudflare Launches New Zero Trust Networking, Security Platform (SecurityWeek) Cloudflare announces Cloudflare One, a new cloud-based network-as-a-service solution designed to help organizations ensure that their systems remain secure while their employees work remotely
Heficed Launches BGP Communities for Optimized Traffic Routing (Heficed) Press release from Heficed: Heficed Launches BGP Communities for Optimized Traffic Routing.
Booz Allen Launches SnapAttack™, a Cloud-Based Purple Teaming Platform (BusinessWire) SnapAttack unites security teams, enabling them to understand the latest threats, prioritize and remediate detection gaps, and prevent attacks.
Sumo Logic Announces New Innovations Across its Platforms (Database Trends and Applications) Sumo Logic, a pioneer in continuous intelligence, is making a variety of new solution enhancements including providing the general availability of the Sumo Logic Observability solution for DevSecOps, and introducing additional enhancements to its cloud-native, security intelligence solution.
TDK Electronics chooses CrowdStrike Falcon as premier security solution (ITWeb) Through harnessing the power of the cloud, Falcon is able to successfully protect TDK Electronics’ endpoints.
Obsidian Delivers Industry-First Continuous Security Solution for Workday (BusinessWire) Obsidian Security announces protection for Workday, enabling organizations to safely embrace enterprise SaaS solutions for business.
CUJO AI Launches a Patented Device Identification Solution Solving Major Issues Caused by MAC Address Randomization (PR Newswire) CUJO AI, a pioneer and global leader in the development and application of artificial intelligence to improve the security, control, and...
QuoLab Technologies Announces Partnership with Axcelerate Consulting Pte Ltd (BusinessWire) QuoLab Technologies announces its partnership with Axcelerate Consulting Pte Ltd. to support the needs of MSSPs in the APAC region.
Cyborg Security Introduces New Platform for Threat Hunting (BusinessWire) Cyborg Security, a pioneer in threat hunting, today announced a new threat hunting content platform that will help businesses grapple with the exponen
Shujinko Launches Automated Audit Preparation SaaS Platform to Speed Cloud Security Compliance (Yahoo) AuditX™ empowers organizations to simplify, automate and modernize compliance audit preparation, evidence collection and readiness
ROKK Solutions Launches New Cybersecurity Communications Offering (ROKK Solutions) ROKK Solutions, a bipartisan public affairs firm at the nexus of policy and politics, announced today the launch of a new program designed to proactively prepare companies for security incidents and n
Proofpoint Launches Compliant Capture and Archiving for Microsoft Teams (Proofpoint) Latest innovation captures and manages real-time digital communications across the most popular channels including Microsoft Teams.
Technologies, Techniques, and Standards
A Better Crystal Ball: The Right Way to Think About the Future (Foreign Affairs) Every policy is a prediction. Tax cuts will boost the economy. Sanctions will slow Iran’s nuclear program. Travel bans will limit the spread of COVID-19. These claims all posit a causal relationship between means and ends. Regardless of party, ideology, or motive, no policymaker wants his or her recommended course of action to produce unanticipated consequences. This makes every policymaker a forecaster.
Detecting ransomware: three research-based recommendations (IronNet) IronNet's goal with this research was to perform lab detonation of publicly available ransomware variants and identify commonality among the metadata and artifacts, in order to discover and suggest development of detection and/or prevention capabilities of this very damaging malware.
Cloud workload security: 7 reasons why it’s complicated (Red Canary) Here's why vendors and security teams are having trouble keeping pace to make sustainable investments in cloud workload security.
Homomorphic encryption tools find their niche (CSO Online) Current homomorphic encryption offerings require fewer specialized skills and are proving themselves effective in some use cases.
How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start (Security Intelligence) Cybersecurity threat intelligence success stories show how you can start handling attacks before they even happen. Learn how it works.
Remote work can make a business tempting cyber prey. Here's what the experts recommend. (Washington Business Journal) Don't get caught with your guard down while working from home.
How the enterprise can shut down cyber criminals and protect a remote staff (TechRepublic) Hackers accidentally allowed into company software by security noncompliant employees cost businesses millions annually; we asked experts to weigh in on best safety practices.
Here’s how the US Army is planning tactical cyber operations (C4ISRNET) The Army is maturing concepts and capabilities to conduct cyber operations outside of U.S. Cyber Command.
Singapore will label IoT products with cybersecurity ratings (MediaNama) The Cybersecurity Labelling Scheme is currently available for wi-fi routers and smart home hubs to start with.
Three Steps to Protecting Your Company from Pharming Attacks (INKY) Learn how pharming scams can trick your employees into divulging sensitive data and how you can protect your organization from what could be a very costly attack.
DoD to establish data commandments based on new strategy (Federal News Network) The Defense Department finalized its first-ever data strategy focused on eight guiding principles and seven goals to bring some standardization.
Cybersecurity Practices That Won’t Bust Your Budget – Practical Tips (Legal Talk Network) Cybersecurity expert David Ries shares the essential safeguards needed to protect your law firm’s technology.
Limiting business liabilities through a new era of protective intelligence (Security Magazine) It sounds simple: a company must be a safe place to work, and people will want to work for companies that make them feel safe.
Why Cybersecurity Alliances Are a 21st Century Necessity (Infosecurity Magazine) Building cyber defenses beyond an organization are just as important as securing its own internal infrastructure.
Why Purple Teams Matter for Higher Ed Cybersecurity (Technology Solutions That Drive Education) What does it take to create a purple team in higher education? And why do you need one?
Why employees violate security policies (GCN) New research suggests policies that fail to account for the realities of employees’ differing priorities and daily responsibilities are more likely to be ignored or circumvented, increasing an organization's data breach risks.
Establishing zero-trust cybersecurity comes with challenges for Pentagon IT leadership (C4ISRNET) COVID-19 accelerated conversations around zero trust, and the Pentagon is grappling with questions about scaling and management.
The Pentagon is developing modern architectures to dominate the electromagnetic spectrum (C4ISRNET) The Pentagon is working to develop new and modern architectures to stay ahead in the electromagnetic spectrum.
The Army’s Only Cyber Warfare Battalion Confirms Training Program (DVIDS) Soldiers from the 915th Cyber Warfare Battalion, headquartered at Fort Gordon, Georgia, conducted a Field Training Exercise at Muscatatuck Urban Training Center, October 1 through 12, to provide a dedicated training environment for the Army’s first Expeditionary CEMA Team, ECT-01, and refine cyber gunnery tables for future certification exercises.
US Air Force sends software updates to one of its oldest aircraft midair (C4ISRNET) The demonstration marked the first time the Defense Department has modified an aircraft's code in flight.
Design and Innovation
The Contest to Protect Almost Everything on the Internet (Wall Street Journal) The world’s top cryptographers are competing to develop algorithms that can withstand attacks from an ultrafast quantum computer.
Inside the strange new world of being a deepfake actor (MIT Technology Review) There’s an art to being a performer whose face will never be seen.
Visa, JPMorgan Are Already Preparing for Potential Quantum Cyberattacks (Wall Street Journal) Financial services companies are preparing for a time when a powerful quantum computer could break some of the most widespread cryptographic methods currently used in cybersecurity.
Facebook bans Holocaust denial, distortion posts (AP NEWS) Facebook is banning posts that deny or distort the Holocaust and will start directing people to authoritative sources if they search for information about the Nazi genocide. Facebook CEO...
Facebook to Ban Posts That Deny Holocaust, Reversing Policy (Bloomberg) Facebook Inc. will ban posts that deny the Holocaust in a reversal of a long-held and controversial policy.
On Facebook, Misinformation Is More Popular Now Than in 2016 (New York Times) People are engaging more on Facebook with content from outlets that publish falsehoods and distortions, even though the social network has tried limiting misinformation, new research found.
Facebook can't catch misinformation it's already identified as false, activist group says (CNN) With less than four weeks to go before a pivotal US election, Facebook has sought to reassure the public it has learned from its 2016 mistakes. On Wednesday, the company rolled out a new policy against voter intimidation and announced it will temporarily suspend political ads after polls close on Election Day.
Why Facebook Can’t Fix Itself (The New Yorker) The platform is overrun with hate speech and disinformation. Does it actually want to solve the problem?
DuckDuckGo, EFF, and others just launched privacy settings for the whole internet (Fast Company) The new standard, called Global Privacy Control, will let you activate a browser setting to keep your data from being sold.
Twitter Slows Down Retweets Ahead of U.S. Election (Wall Street Journal) The social-media company will make it harder for posts to go viral ahead of the U.S. election, including by putting limits on how users can retweet.
A Political Ad Ban Won’t Fix Facebook’s Election Problem (Wired) A performative post-election ban won’t solve anything. But cutting off the platform’s data-driven rage machine will.
Experts Urge Vigilance Over AI Data Security (Wall Street Journal) The expanded use of artificial intelligence in nearly all areas of business means companies must pay more attention to the integrity and security of the data used to train algorithms, a panel of security and AI experts said earlier this week.
Amazon's Latest Gimmicks Are Pushing the Limits of Privacy (Wired) Privacy advocates warn that the Ring Always Home Cam and Amazon One both normalize aggressive new forms of data collection.
Research and Development
Data61 to take a stab at gleaning insight from NBN traffic data (ZDNet) Initial work to serve as a baseline for future measurements of digital maturity and resilience.
Department of Energy Announces More Than $7 Million In Funding For Efforts In Michigan To Protect Electric Grid From Cyber Attacks (American Center for Mobility) The U.S. Department of Energy (DOE) has announced more than $7 million in funding for Michigan-based cybersecurity company, The Dream Team LLC (DTLLC) to develop a first-of-its-kind infrastructure that protects the electric grid from cyber-attacks on electric vehicles (EV) and electric vehicle charging systems. Once developed, testing of the electric […]
US DOD Announces $600 Million for 5G Experimentation and Testing at Five Installations (ARC) The US Department of Defense announced $600 million in awards for 5G experimentation and testing at five U.S. military test sites, representing the largest full-scale 5G tests for dual-use applications in the world.
Denim Group to Help USAF Expedite Software Deployment Under SBIR Phase II Contract; John Dickson Quoted - ExecutiveBiz (ExecutiveBiz) Denim Group has secured a follow-on contract under the U.S. Air Force's AFWERX program to help t
Academia
Florida Public Universities Sweep Southeast College Penetration Testing Competition - Cyber Florida (Cyber Florida) State University System of Florida institutions took first, second, and third place at the National Collegiate Penetration Testing (CPTC) Southeast Regional Competition this past weekend.Ten teams competed in the eight-state (TX, LA, MS, AL, GA, FL, SC, NC) Southeast Regional Competition, including four Florida teams from the University of Central Florida, the
Notre Dame Prep, Okemos, Canton Win High School Cyber Challenge (MITechNews) High school teams from across Michigan competed virtually in the finals of the Governor’s High School Cyber Challenge, a cybersecurity competition hosted by the state of Michigan. The 10 qualifying teams, composed of up to three students each, completed challenges designed to test their knowledge of information technology and cybersecurity. The competition scores were […]
University of Louisville gets $6M to create healthcare cybersecurity certificate program (Becker's Hospital Review) The National Security Agency granted the University of Louisville (Ky.) $6 million to develop a healthcare cybersecurity online certificate program, according to an Oct. 9 news release.
Legislation, Policy, and Regulation
The Lawless Realm: Countering the Real Cyberthreat (Foreign Affairs) This past summer, a host of public organizations as varied as the Norwegian parliament, the New Zealand stock exchange, and the Vatican all came under attack. No shots were fired, no doors knocked down, no bombs exploded. Instead, the attackers managed to intrude into these institutions’ internal networks in attempts to commit espionage, disrupt daily affairs, or ransom or blackmail victims. Incidents of this kind are just the tip of the iceberg.
The Coming Tech Cold War With China (Foreign Affairs) Beijing Is Already Countering Washington’s Policy
EU drawing up a list of tech firms that are 'too big to care' to target with tougher regulations (Computing) The bloc is reportedly creating a 'hit list' of 20 companies that will be subjected to stricter regulation
Nation needs a stronger cyber regulatory framework (Australian Financial Review) While the federal government has been lauded to a certain extent for its 2020 Cyber Security Strategy, including the $1.35 billion Cyber Enhanced Situational Awareness and Response package, it has missed the chance to take a lead in introducing a stronger regulatory framework for cyber security suggest some industry leaders.
Five Eyes governments, India, and Japan make new call for encryption backdoors (ZDNet) Another Five Eyes meeting, another call for encryption backdoors in modern tech.
International Statement: End-To-End Encryption and Public Safety (US Department of Justice) We, the undersigned, support strong encryption, which plays a crucial role in protecting personal data, privacy, intellectual property, trade secrets and cyber security. It also serves a vital purpose in repressive states to protect journalists, human rights defenders and other vulnerable people, as stated in the 2017 resolution of the UN Human Rights Council[1]. Encryption is an existential anchor of trust in the digital world and we do not support counter-productive and dangerous approaches that would materially weaken or limit security systems.
Pakistan bans TikTok over ‘immoral and indecent’ videos (TechCrunch) Pakistan has banned popular short video app TikTok, citing circulation of videos that it deemed “immoral and indecent.” The move comes months after the South Asian country raised serious concerns about the nature of some videos on ByteDance’s app and the impact they posed on society. Pakistan issue…
NSA inaugurates committee to review cyber policy (The Nation: Latest Nigeria News) The National Security Adviser (NSA), Major General Babagana Monguno (retired), has inaugurated a committee to review the
Watchdog urges more action to protect planes from hackers (Federal News Network) A federal watchdog agency says safety regulators aren’t doing enough to protect airliners from cyberattacks…
National Security Agency launches the Center for Cybersecurity Standards (Security Magazine) The National Security Agency announced the official launch of the Center for Cybersecurity Standards (CCSS) in the Cybersecurity Directorate. This office will lead NSA’s Cybersecurity mission to engage with standards bodies to communicate security requirements and influence standards to secure our National Security Systems and provide support to the Defense Industrial Base (DIB).
Does the House Antitrust Report Mean That Tech Is Evil? (Wired) Plus: a plan to break up Microsoft, anonymity on the internet, and a baffling balcony address.
Report: A Robust Tech Sector Is Critical To U.S. National Security (Forbes) Technology is the key variable determining whether America remains the world's leading military power.
Cyber Security is National Security (Energy.gov) After the President released the National Cyber Strategy in 2017, Energy Secretary Brouillette clearly stated, “Advancing cybersecurity is a core priority for the Department of Energy.”
Budget and Hiring Practices Hinder Cities’ Cybersecurity Efforts (Wall Street Journal) Current and former city officials say poor funding models, difficult hiring practices and the need to creatively find resources for even the simplest projects hamper their ability to defend networks against hackers.
Cyber security rises up the totem pole (Australian Financial Review) The hardware of submarines and frigates usually get most of the spotlight but a cyber security hub is also being built in Adelaide.
Litigation, Investigation, and Law Enforcement
Taiwan says new China spy accusation is fake news (Reuters) Taiwan has labelled new spying accusations by China as fake news after Chinese state television aired a programme showing a Taiwanese academic arrested in China on national security grounds at a time of heightened Taipei-Beijing tensions.
Feds may target Google’s Chrome browser for breakup (POLITICO) Prosecutors for the Justice Department and state attorney general offices are discussing ways of curbing the search giant's market power as they prepare to sue the company.
Letter from Senator Warner to Mr. Alan B. Miller, Chairman and Chief Executive Officer Universal Health Services, Inc. (Office of Senator Mark Warner (Virginia)) Dear Mr. Miller: I write you with grave concerns about United Health Services’ digital medical records and clinical healthcare operations succumbing to an apparent ransomware attack.
The FBI Team Sent to ‘Exploit’ Protesters’ Phones in Portland (The New York Review of Books) The FBI’s Washington, D.C., headquarters sent agents from its “Fly Team,” an elite counterterrorism unit, to Portland this summer during the second weekend in July. Their task was to interview arrested protesters and carry out the “initial exploitation of phones, or other communication devices,” according to FBI emails obtained through a public records request. The emails suggest that the FBI has been using counterterrorism tools and powers to map left-wing protest networks just months before an election whose result is likely to be delayed, if not challenged.
Morgan Stanley Fined $60 Million for Data Protection Mishaps (BankInfo Security) The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of
Over 600 people take legal action against company on data breach (The Shift News) An application has been filed before the Civil Courts against C-Planet IT Solutions Ltd for breaching data protection laws after a leak of some names, addresses and ID card details of more than 330,000 Maltese