Microsoft takes another bite at TrickBot. CISA offers rumor control. Cyberspace Solarium on supply chains. Olympic threats.

Cyber Attacks, Threats, and Vulnerabilities

Russia's 'Sandworm' hackers will slither into the sunset (Fortune) The six alleged Russian hacker-spies indicted by the U.S. are unlikely to face justice.

PM Modi's Website Data Leak Highlights India's Poor Cybersecurity Infrastructure (Inc42 Media) While commenting on the recent breach of users' data, an expert tells Inc42 that for Indian startups, SMEs, cyber attacks are to be expected.

U.S. Spy Agency Warns That Chinese Hackers Target Military, Defense Industry (Wall Street Journal) The National Security Agency warned that Chinese government hackers were taking aim at U.S. computer networks involved in national defense, characterizing the threat posed by Beijing as a critical priority in need of urgent attention.

Tokyo 2020 claim alleged Russian cyber-attack had "no significant impact" (Inside the Games) Organisers of the Tokyo 2020 Olympics and Paralympics have claimed alleged Russian cyber-attacks had no "significant impact" on preparation for the Ga...

CrowdStrike: COVID-19 vaccine laboratories in Japan targeted by hackers from China (Emergency Live) Vaccino COVID-19, to report the attacks is the American company CrowdStrike, specialized in computer security. In July accusations against...

US has a ‘China problem,’ cyber commission says (GCN) To shore up security of information and communications technology, the nation must reduce its dependency on suppliers from rival powers, especially China, according to the Cyberspace Solarium Commission.

The Cybersecurity 202: Trump’s former homeland security adviser says Russia remains major election hacking threat (Washington Post) President Trump’s former homeland security adviser remains seriously concerned that Russia or another U.S. adversary will exploit weaknesses in U.S. election infrastructure to sow chaos or raise doubts about the outcome of the 2020 contest.

Microsoft disables most of cybercriminals' control over massive computer network (Reuters) Microsoft Corp <MSFT.O> said on Tuesday it had disabled more than 90% of the machines used by a gang of Russian-speaking cyber criminals to control a massive network of computers with a potential to disrupt the U.S. election.

An update on disruption of Trickbot (Microsoft on the Issues) As of October 18, we’ve eliminated 94% of Trickbot’s critical operational infrastructure including both the command-and-control servers in use at the time our action began and new infrastructure Trickbot has attempted to bring online.

Microsoft further disrupts botnet, after initial efforts showed limited effect (Washington Post) The software giant, aiming to thwart election disruption, hobbled Trickbot’s command-and-control servers abroad after last week’s seizure of the botnet’s U.S.-based devices

New TrickBot Control Servers Unable to Respond to Bot Requests (SecurityWeek) Control servers included in the configuration file of new TrickBot samples fail to respond to bot requests

TrickBot really is on the run after Microsoft, Cyber Command disruption (CyberScoop) After some initial doubts, Tuesday brought encouraging signs that a multi-front attempt to dismantle the massive TrickBot botnet in advance of Election Day has taken root, perhaps thanks to an extra push.

Botnet Fights Back After Microsoft’s Election Security Takedown (Bloomberg) A week after Microsoft Corp. led a global attack against one of the world’s most prolific malware groups, the company says it’s winning an ongoing battle to temporarily destabilize the malicious botnet ahead of the U.S. presidential election.

Trickbot Tenacity Shows Infrastructure Resistant to Takedowns (Dark Reading) Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.

Nevada DETR warns of email phishing scam (FOX5 Las Vegas) Nevada Department of Employment, Training and Rehabilitation is warning of a new email scam targeting unemployment insurance claimants and employers.

Ransomware variants continue to evolve as crooks chase bigger paydays (ZDNet) Two new families of ransomware have risen up to join some of the most dangerous over the last few months as cyber criminals turn the screw to make attacks more effective.

A shadowy AI service has transformed thousands of women’s photos into fake nudes: ‘Make fantasy a reality’ (Washington Post) More than 100,000 photos of women have had their clothing removed by the software, including of girls younger than 18.

Deepfake bots on Telegram make the work of creating fake nudes dangerously easy (The Verge) A "deepfake ecosystem" generating countless fake nudes.

Seven mobile browsers vulnerable to address bar spoofing attacks (ZDNet) Vulnerabilities allow attackers to trick users into accessing malicious sites while showing the incorrect URL in the address bar.

Rockwell Automation 1794-AENT Flex I/O Series B (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: 1794-AENT Flex I/O Series B Vulnerabilities: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed, resulting in a buffer overflow condition that may allow remote code execution.

Hitachi ABB Power Grids XMC20 Multiservice-Multiplexer (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: XMC20 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely take control of the product.

Capsule Technologies SmartLinx Neuron 2 (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Capsule Technologies Equipment: SmartLinx Neuron 2 Vulnerability: Protection Mechanism Failure 2.

Have Hackers Drained Your Miles And Points During The Pandemic? (Forbes) While Americans have been spending less time traveling, cyberthieves have seized the moment.

The ‘real consequences’ of ransomware against schools (StateScoop) “It’s sort of a morbid joke that instead of a snow day, schools now have cyber days,” one speaker said during an online talk on ransomware against K-12 schools.

Security Patches, Mitigations, and Software Updates

Apple, Opera, and Yandex fix browser address bar spoofing bugs, but millions more still left vulnerable (TechCrunch) The bugs made it easy for a phishing page to impersonate almost any legitimate website.

Google releases Chrome security update to patch actively exploited zero-day (ZDNet) Google Chrome 86.0.4240.111 released with a fix.

Adobe Releases Security Updates for 10 Products (SecurityWeek) Adobe has released security updates for 10 of its products, patching a total of 20 vulnerabilities

Cyber Trends

Survey: Remote Work Brings New Challenges to Securing Cloud Services (PR Newswire) AppOmni, the leading provider of SaaS Security Posture Management (SSPM), today released findings of their latest survey highlighting the...

New Study Finds COVID-19 Exacerbates the CISO’s Dilemma: Enhance Corporate Security or Enable Worker Productivity in Shifting to Remote-First Workflows (GlobeNewswire) Nine+ months into the COVID-19 pandemic, a new survey of Fortune 2000 CISOs finds companies across all industries taking differing approaches to enabling remote work from corporate devices and BYOPC endpoints

New Report Finds Email Users Failing Phishing Test (GreatHorn) Phishing attacks are increasingly changing, and employers must align their security awareness training and tools to support remote workforce.

2020 End User Phishing Report (GreatHorn) With phishing attacks increasing, how good are employees at identifying these types of attacks? Understand the key findings and the business implications.

65% of people don’t trust password managers despite 60% experiencing a data breach (PasswordManager.com) [Survey] Many Americans continue bad password habits despite personal data breaches. Password managers can amp security, but there’s a lack of trust.

Expert Reaction On ICO Data Shows Misdirected Email Is A 44% Bigger Risk Than Phishing Attacks (Information Security Buzz) The ICO has updated its data security trends – and misdirected emails continue to top the list of named incidents, with them being a 44% bigger risk than phishing attacks.

84% of Security and Development Professionals Believe ‘Security Champions’ Programs Can Improve Relationship Between Security and DevOps Teams (ZeroNorth) New Survey Highlights Current State of Security Champions Programs, Value They Provide to Organizations During Digital Transformation

Cisco Reports Privacy and Security Concerns Increase in Today’s Remote World (Cisco) Two new global surveys highlight the challenges and opportunities of the accelerated transition to a cloud-first, remote world that demands us to be secure, connected and productive from anywhere.

Protecting Data Privacy to Maintain Digital Trust: The Importance of Protecting Data Privacy During the Pandemic and Beyond (Cisco) Protecting one’s data privacy has never been more critical as the COVID-19 pandemic has created dramatic changes to how we work, live, play and learn in 2020.

Future of Secure Remote Work (Cisco) The COVID-19 pandemic has caused businesses across the globe to transition to a remote work environment at unprecedented speed and scale.

VMware Releases Global Incident Response Threat Report Detailing Surge in Sophisticated Cyberattacks as eCrime Groups Grow More Powerful (RealWire) New Research Uncovers Cybercrime Capitalising on the Convergence of COVID-19 and 2020 Election

Remote working leaves UK businesses more vulnerable to cyberattacks (BusinessCloud) Sixty per cent of organisations represented in research experienced a cyberattack over the last 12 months

Top Executives in France Paying More Attention to Cyber Security (GlobeNewswire) ISG Provider Lens™ report finds many French companies enhancing cyber defenses in response to the GDPR and COVID-19

EU Threat Landscape Report: Cyber attacks are becoming more sophisticated, targeted and widespread (Eureporter) On 20 October, the European Union Agency for Cybersecurity (ENISA) published its yearly report summarizing the main cyber threats encountered between 2019 and 2020. The report reveals that the attacks are continuously expanding by becoming more sophisticated, targeted, widespread and often undetected, while for the majority of them the motivation is financial.

Marketplace

Sym Raises $9 Million in Series A Funding Round Led by Amplify Partners (Financial Buzz) Sym, the security workflow platform for engineers, today announced it raised $9 million in a

Security Testing Company NSS Labs Ceases Operations (SecurityWeek) Austin, Texas-based security product testing company NSS Labs has announced that it ceased operations on October 15, 2020

Serial entrepreneurs launch startup to protect corporate network airspace (Israel Hayom) CEO of AirEye says that attacks on wired and wireless networks have caused "billions of dollars" worth of damages.

The acquisitions that made Google a search monopoly (Quartz) Google has made hundreds of acquisitions that helped it carve out 90% of the US search market. But its 2005 purchase of Android takes the cake.

Google shares rise amid landmark U.S. antitrust suit, pledge to fight back (SeekingAlpha) Investors look remarkably calm about the biggest tech antitrust case in decades, as Google parent Alphabet (GOOG +2.3%, GOOGL +2.4%) is reclaiming its October high levels on volume running slightly high, but not overheated.

IBM CEO eyes GTS spinoff as earnings fall (CRN Australia) As big blue begins to lay the groundwork for its largest-ever divestiture.

Azure Space partners bring deep expertise to new venture (Microsoft Transform) Microsoft is moving into the final frontier with Azure Space, an initiative that will deliver innovation to serve the mission needs of the space industry.

Cybersecurity Stocks To Buy As Covid-19 And Remote Work Speed Shift To Cloud (AiThority) The coronavirus emergency and shift to remote work has accelerated the growth of cloud-based network security.

Fidelis Cybersecurity Appoints Industry Veteran Anup Ghosh as CEO (Odessa American) Fidelis Cybersecurity, a leading provider of extended detection and response (XDR) solutions trusted by Fortune 100 firms and governments worldwide, announced today the appointment of cybersecurity industry veteran, Anup Ghosh as CEO.

Wickr launches Federal Advisory Board to provide strategic guidance on the company’s federal strategy (Help Net Security) Wickr announced the launch of its Federal Advisory Board to provide strategic guidance on the company’s federal strategy.

Axcient Raids Webroot, Carbonite for New Sales Leadership (Channelnomics) Visit the post for more.

Private equity-owned software firm hires former Carbon Black CFO (Boston Business Journal) A privately held, Cambridge-based software company has hired a new chief financial officer with public company experience, a move that comes just a few months after naming a new chief executive who was also heading over from another publicly-traded company.

Products, Services, and Solutions

Securonix Announces Integration With Tanium - Extending Advanced Analytics Across Endpoints (Securonix) Today’s Remote Workforce Needs Stronger Endpoint Protection Many organizations are adopting to work from home and bring your own device (BYOD) policies which makes corporate users and endpoints more remote and distributed than ever. According to the 2020 Global Incident Response Report from Carbon Black & VMware, 53% encountered or observed a surge in cyberattacks…

INKY Enhances Next-Gen Email Phishing Protection Solution with Account Takeover Protection (INKY) INKY Technology Corporation, a pioneer in next-gen email phishing protection, today announced the addition of Account Takeover (ATO) Protection to the company’s INKY Phish Fence Platform. Email is an inherently trusted means of communicating for business, if cybercriminals compromise just one email account, they can gain trusted access to an organization's whole network.

1touch.io Inventa™ Tames PII Data Discovery and Classification with Supervised AI™ (1touch.io) Enables Non-Data Scientists to Hone AI Models for Automated Discovery & Data Lineage, Dramatically Improving Sensitive Data Protection and Privacy Regulatory Compliance

Lookout Unveils Industry's First Comprehensive Endpoint Detection and Response Solution Purpose-built for Mobile (PR Newswire) Lookout Inc., the leader in mobile security, today announced the industry's first comprehensive mobile endpoint detection and response (EDR)...

Splunk Unveils New Innovations Across Its Security Operations Suite (Dark Reading) Splunk Mission Control Plug-In Framework is a new framework that allows customers to combine their Splunk security tools and non-Splunk security tools.

Rapid7 Announces Availability of Enhanced Endpoint Telemetry for InsightIDR (Dark Reading) New capabilities extend endpoint visibility to further unify critical security data and drive accelerated investigations and response.

ReNgine: Open source recon tool automates intel-gathering process for pen testers (The Daily Swig) Recon framework presents the results of website and endpoint scans in a single window

eSentire launches automated detection and response solution for Microsoft Security products (Help Net Security) eSentire CASA offers customers a single place within Microsoft Teams to actively manage alerts and launch automated threat configurations.

Technologies, Techniques, and Standards

CISA Lays Out Plan for Enhancing Cybersecurity (FedTech) The Cybersecurity and Infrastructure Security Agency is focusing on improving data sharing and dashboards in the next fiscal year.

The Cybersecurity Maturity Model Certification: Are You in Compliance? (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

Why securing the DNS layer is crucial to fight cyber crime (ComputerWeekly.com) Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice.

Design and Innovation

Twitter is temporarily changing how you retweet (The Verge) For a little while, it won’t be as easy to retweet as it used to be.

Mark Zuckerberg Said Facebook Will Have Fewer Bans After The Election (BuzzFeed News) In a companywide meeting, Facebook’s CEO said recent content rules banning hate and conspiracy content were implemented because of the US presidential election and that a wide margin of victory for ei

The Case Against Big Tech’s Election Strategies (Foreign Policy) Misinformation is hyperlocal. Attempts to counter it should be, too.

Research and Development

Why Social Media Is So Good at Polarizing Us (Wall Street Journal) Mathematicians are teaming up with political scientists to create models of how social media divides us, and the results suggest at least one popular solution might actually make the problem worse.

In push for Japan, Toshiba to test quantum cryptography (The Asahi Shimbun) Toshiba Corp. will start services using quantum cryptography, the “ultimate” in computer technol

Researchers open the door to new distribution methods for secret cryptographic keys (Help Net Security) Researchers have been able to create optical framed knots in the laboratory that could potentially be applied in modern technologies.

Academia

25 Best Cyber and Information Security MBA Degrees for 2021 (Great Business Schools) The role of cybersecurity expert is one that has a solid future.

15 Best Online Cyber and Information Security MBA Degrees for 2021 (Great Business Schools) When you make the decision to pursue an online MBA in cybersecurity, you are signing up for one of the most exciting career fields in existence.

10 Fastest Online Cyber and Information Security MBA Degrees for 2021 (Great Business Schools) A master’s in cybersecurity accelerated program offers quite a few advantages in terms of getting a degree quickly, starting a career sooner, or enhancing an existing career in less time.

10 Most Affordable Cyber and Information Security MBA Degrees for 2021 (Great Business Schools) Earning an affordable MBA in cybersecurity makes you an incredibly valuable asset to any company that wants to protect its confidential information.

Airline High Teacher Tapped for National Cybersecurity Committee (BossierNow) Airline High School teacher Billy Neill knows his stuff when it comes to cyber science and robotics. Now, his knowledge will be tapped as a member of a national committee focused on developing new K-12 cybersecurity learning standards to be used in schools across America. Neill is one of 30 Continue Reading

San Diego Girl Scouts Earn Three Cybersecurity Badges on Route to Becoming Tomorrow's Cyber-Defenders (PR Newswire) During the first two weeks of national cybersecurity awareness month, Girl Scouts of San Diego hosted a series of virtual cybersecurity...

Legislation, Policy and Regulation

Japan will take steps to guard against Olympics cyberattacks (Reuters) Japan said on Tuesday it would take countermeasures to ensure next year's Tokyo Olympics are not derailed by cyberattacks after Britain and the United States accused Russia of orchestrating efforts to disrupt the Games.

Despite talk of digital sovereignty, Europe sleepwalks into Chinese dominance on drones (Eureporter) In her State of the European Union speech, European Commission President Ursula von der Leyen delivered a clear-eyed assessment of the European Union’s position within the global digital economy.

U.S. offers Brazil telecoms financing to buy 5G equipment from Huawei rivals (Reuters) The U.S. government stepped up an offensive on Tuesday to keep China's Huawei Technologies out of Brazil's 5G market, with Washington offering to finance purchases by Brazilian telecom companies of equipment from its competitors.

DHS rolls out effort to combat election disinformation, urges 'patience' on results (ABC News) The Department of Homeland Security is warning Americans about results being delayed due to COVID-19.

Building a Trusted ICT Supply Chain (Cyberspace Solarium Commission) Dependency on China and other adversary countries for some of our most critical supply chains threatens to undermine the trustworthiness of critical technologies and components that constitute and connect to cyberspace.

Intervention: Exploring Cyber Conflict and Competition (War on the Rocks) Editor’s Note: This is the introductory essay to Vol. 3, Issue 4 (Fall 2020) of the Texas National Security Review, our sister publication. Please check

Case update on personal data and privacy infringement in China: the WeRead case - does a one-size-fit-all model still work? (Lexology) In our previous articles, we have discussed the remarkable transformation of the personal information protection legal regime in China…

A BILL To amend title 32, United States Code... (US Senate) To amend title 32, United States Code, to authorize cybersecurity operations and missions to protect critical infrastructure by members of the National Guard in connection with training or other duty.

LA Cyber Lab praised as model for cities sharing threat intelligence (StateScoop) Cybersecurity officials said the organization, founded in 2017, has helped make it easier for small businesses in Southern California defend themselves.

Litigation, Investigation, and Enforcement

FBI says it has ‘nothing to add’ to Ratcliffe’s remarks about Hunter Biden, Russian disinformation (Washington Post) The FBI notified Congress late Tuesday that it has “nothing to add at this time” to a statement made by President Trump’s director of national intelligence disputing the idea that Russia orchestrated the discovery of a computer that may have belonged to Joe Biden’s son.

Hunter Biden story is Russian disinfo, dozens of former intel officials say (POLITICO) More than 50 former intelligence officials signed a letter casting doubt on the provenance of a New York Post story on the former vice president's son.

Public Statement on the Hunter Biden Emails (Open Letter (via Politico)) We are all individuals who devoted significant portions of our lives to national security. Some of us served in senior positions in policy departments and agencies, and some of us served in senior positions in the Intelligence Community. Some of us were political appointees, and some were career officials. Many of us worked for presidents of both political par<es

House Republicans push VA for details on recent data breach (TheHill) Republican members of the House Oversight and Reform Committee on Tuesday pushed the Department of Veterans Affairs (VA) for answers about a recent data breach that exposed personal details of at least 46,000 v

Google Locks In Search Monopoly With $1 Billion to Carriers (Bloomberg) Google doled out more than $1 billion last year to U.S. mobile carriers to distribute its search engine, according to the landmark antitrust lawsuit from the Justice Department.

Google’s Exclusive Search Deals With Apple at Heart of U.S. Lawsuit (Wall Street Journal) The Justice Department’s antitrust lawsuit claims that the Alphabet unit misused its power in an anticompetitive manner, potentially threatening a major revenue stream for both tech giants.

Apple, Google Worked as ‘One Company’ on Search Deal, U.S. Says (Bloomberg) The U.S. government’s antitrust assault against Google reveals new details about a secretive, multibillion-dollar deal between the internet giant and Apple Inc., the world’s largest technology company.

A deeply flawed lawsuit that would do nothing to help consumers (Google) Today's lawsuit by the Department of Justice is deeply flawed. People use Google because they choose to, not because they're forced to, or because they can't find alternatives.

Probe after private details made public in Stormont data breach (Belfast Telegraph) The Department for Communities is investigating a data breach after an email containing private information was accidentally circulated.