Inauthentic networks in Myanmar. US sanctions Russian institute in Trisis/Triton case. Patient data leak. Clean Networks.

Cyber Attacks, Threats, and Vulnerabilities

Cyberexperts Warn of ‘Turbulent Air’ in Election Ramp Up (Government Technology) With two prominent cyberattacks on U.S. election infrastructure in the last week, cybersecurity experts are urging Americans to remain calm, citing that panic is just what U.S. adversaries are after.

Robocalls, Rumors And Emails: Last-Minute Election Disinformation Floods Voters (KPBS Public Media) Dirty tricks and disinformation have been used to intimidate and mislead voters in the past. But they have been especially pervasive this year amid a chaotic and contentious election.

Iran targeting the US election (Security Magazine) During a press conference on election security at FBI Headquarters with FBI Director Christopher Wray, Director of National Intelligence John Ratcliffe confirmed that some voter registration information has been obtained by Iran, and separately, by Russia.

Russians Who Pose Election Threat Have Hacked Nuclear Plants and Power Grid (New York Times) The hacking group, Energetic Bear, is among Russia’s stealthiest. It appears to be casting a wide net to find useful targets ahead of the election, experts said.

Myanmar Inauthentic Behavior Takedown (Graphika) On October 21, Facebook published examples of inauthentic networks that it had taken down over the past several months for inauthentic behavior. The cases included 655 pages and 12 groups that were based in Myanmar...

Microsoft Teams Impersonation (Abnormal Security) In this attack, an impersonated Microsoft Teams email is used to deliver a phishing campaign. Quick Summary of Attack Target Platform: Office 365Mailboxes: 15,000 to 50,000Payload: Malicious LinkTechnique: Phishing What was the attack? Setup: This attack impersonates an automated message from Microsoft Teams in order to steal recipient’s login credentials. Microsoft Teams is a popular […]

Russian state actors hacked systems containing election information in 2 states: Gov't officials (ABC News) The FBI and CISA said there is no evidence any data was altered.

Voter Websites In California And Florida Could Be Vulnerable To Hacks, Report Finds (Georgia Public Broadcasting) Cyber experts told the Department of Homeland Security in July that voter registration systems in California and Florida could be vulnerable to a hack, a closely-held report obtained by NPR reveals.

Ransomware hit a Georgia county. That didn't stop its ballot counting. (NBC News) The attack does not indicate any broad effort to tamper with U.S. voting or show systemic vulnerabilities to the U.S. election system.

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps (The Hacker News) Researchers Warn of Privacy Risks Caused by Link Previews in Popular Messaging Apps

Phishing groups are collecting user data, email and banking passwords via fake voter registration forms (ZDNet) With the election window closing, phishing groups are striking the iron while it's hot.

LockBit Ransomware Uses Automation Tools to Pick Targets (BankInfo Security) The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also

Google removes 3 Android apps for children, with 20M+ downloads between them, over data collection violations (TechCrunch) When it comes to apps, Android leads the pack with nearly 3 million apps in its official Google Play store. The sheer volume also means that sometimes iffy apps slip through the cracks. Researchers at the International Digital Accountability Council (IDAC), a nonprofit watchdog based out of Boston,…

Stelco Temporary Halted Some Operations After Cyber Attack (Bloomberg Law) Stelco says it was the target of “a criminal attack on its information systems,” and that its countermeasures limited the attack’s scope.

Sopra Steria confirms it was hit by new strain of Ryuk ransomware, will take weeks to return to normal operations (Graham Cluley) Sopra Steria confirms it has been hit by a new strain of the Ryuk ransomware, and that it will take weeks for its IT network to return to normal operation.

WastedLocker ransomware hits Boyne Resorts ski resort operator (BleepingComputer) US-based ski and golf resort operator Boyne Resorts has suffered a cyberattack by the WastedLocker operation that has impacted company-wide reservation systems.

Russian-based ransomware attacks Boyne Resort's online systems (Detroit Free Press) Online reservation systems are currently offline, and Boyne’s IT team is working to repair affected services from the attack.

Cyber attack leaves half of Chenango County's computers held by ransomware (Evening Sun) A week ago a cyber attack left about half the computers operated by Chenango County held ransom by hackers, who are demanding officials pay them $90,000 to release the files.

Hackers demand €500 ransom from patients after compromising psychotherapy centre (Computing) Patients started receiving personal demands after Finnish clinic Vastaamo refused to pay €450,000

Hackers breach psychotherapy center, use stolen health data to blackmail patients (Help Net Security) A data breach at a psychotherapy center in Finland resulted in the attackers using stolen health data to blackmail patients.

Psychotherapy centre reveals two separate data breaches of sensitive patient information (Yle Uutiset) An extortionist is now sending individual emails to patients asking them to transfer hundreds of euros in Bitcoin.

Psychotherapy centre data breach victims receive extortion emails psychotherapy (Yle Uutiset) The extortionist wants payments in Bitcoin.

President Niinistö: "This touches all of us." (Yle Uutiset) Thousands of victims of the psychotherapy centre data breach have filed criminal reports, police said on Sunday.

Consumer NGO offers free legal advice to data breach victims (Yle Uutiset) The hotline will also provide service in English for people affected by the data breach and extortion campaign.

63 billion credential stuffing attacks hit retail, hospitality, travel industries (Help Net Security) Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types.

Hackers Hit Yorktown & Croton School Districts (Yonkers Times) The Yorktown and Croton-Harmon school districts in Westchester County recently had their computer systems hacked by a cyber security attack coming from someone seekiing to get a payment to remove the ransomware that froze both systems. The Yorktown schools were forced to temporarily shifted from a hybrid learning model to all-remote lessons after its district […]

Security Patches, Mitigations, and Software Updates

Vulnerability in Jira is fixed which enabled attackers to obtain sensitive user data (PT Security) Vulnerability in Jira is fixed which enabled attackers to obtain sensitive user data

VMware Clears Multiple Vulnerabilities (ISSSource) VMware has updates available to handle multiple vulnerabilities in its ESXi, Workstation, Fusion and NSX-T.

Mozilla throttles rollout of Firefox 82 update (gHacks Technology News) Mozilla has throttled the rollout of the Firefox 82 Stable update because of several issues, including crashes of the browser, that were reported to the organization after release.

Oracle Cloud to require multifactor authentication beginning Nov. 11 (Vanderbilt University) Oracle Cloud will begin requiring multi-factor authentication on Nov. 11. MFA provides an additional layer of security for users logging in to a secure environment.

Cyber Trends

How Vulnerable Is Critical Infrastructure to a Cyberattack? (Government Technology) A string of new domestic and international cyberwarnings are raising new questions and alarm bells regarding global critical infrastructure protection, and the definition of what is considered critical is expanding.

Ransomware trends in Q3: a new attack every day (Security Magazine) Digital Shadows released its quarterly research report focusing on the latest trends in ransomware. Unfortunately, for vulnerable organizations everywhere, Digital Shadows Photon Research team found that ransomware as a market and community on the dark web has expanded since Q2.

Microsoft did some research. Now it's angry about what it found (ZDNet) There are times when corporations lose their temper. Well, they're people too. In Microsoft's case, it's people and politics that are driving the company crazy.

Cybersecurity Challenges for the Charity Sector (CPO Magazine) UK charities hold financial and personal information that cybercriminals increasingly target but only half of charities think cybercrime is a risk for to the sector.

Marketplace

Intelligence Contractors Vying for Slimmer Spy Budget in FY 2021 (Bloomberg Government) The Department of Defense and the Office of the Director of National Intelligence (ODNI) released their intelligence budget requests for fiscal 2021 totaling $85 billion earlier this year. DOD ...

Silicon Valley's newest unicorn takes off for Minnesota, but CEO says he'll be back (Silicon Valley Business Journal) The Sunnyvale cybersecurity business was ranked No. 25 on Deloitte's list of fastest growing tech companies last year and is led by the former CEO of Blue Coat Systems and Ipsilon Networks.

This local venture firm is raising $75M for its second fund (Washington Business Journal) McLean venture firm Lavrock Ventures is raising a new $75 million fund, according to Securities and Exchange Commission filings.

Zimperium closes deal with American Defense Department (Israel Defense) The deal includes protection of at least 150,000 endpoints

Huawei throws weight behind NESAS for better global mobile cybersecurity framework (The Edge Markets) As companies, industries and economies become more digitalised, there is a need to build up an appropriate security assurance framework to mitigate risks of a larger “digital attack surface” as people work, play, learn and transact online.

A French alternative to Palantir would take two years to make, Thales CEO says (Reuters) An alternative to tools provided by U.S. data analytics company Palantir to prevent terrorists attacks would likely take about two years to develop in France, the boss of defence company Thales said on Friday.

Expensify's CEO emailed users to encourage them to 'vote for Biden' (Protocol) Some recipients were already showing anger at the email.

Expensify’s CEO explains how he made the decision to tell all his customers to vote for Biden (Protocol) "It's easy to justify standing aside," he said. "This is a genuine effort just to make the world a better place using the tools at our disposal."

Patreon Becomes Latest Social Media Platform to Take On QAnon (Bloomberg) Patreon Inc. is known as a place where podcasters and other internet creators go to make money through subscriptions. But on Thursday, it became the latest social media company to address the growing presence of the conspiracy group QAnon.

Facebook touts free speech. In Vietnam, it's aiding in censorship (Los Angeles Times) To protect its business in an important market, Facebook increasingly removes content that Vietnam's authoritarian government doesn't like.

Facebook moderators forced to work in Dublin office despite high-tier lockdown (the Guardian) Exclusive: Contract staff deemed essential workers as firm’s own employees work from home

Armies of nationalist trolls are policing Weibo for any sign of dissent (Rest of World) It’s an ominous shift for China’s only forum for public discussion.

Mimecast appoints former Intel exec to grow channel programme (ITP Net) Jonathan Corini joins as senior vice president of Global Channel Sales from Forescout, where he served as vice president of worldwide channel

EHNAC Appoints Healthcare Leader as Commissioner to Governing Body (Yahoo) "Cyberattacks have exposed the security vulnerabilities of our nation's most trusted financial, consumer and healthcare institutions and continue to pose a serious threat.

Products, Services, and Solutions

ESET Introduces the Latest Version of its Internet Security, NOD32 Antivirus and Smart Security Premium Products (ESET) ESET, a global leader in cybersecurity, has today launched new versions of its Windows security products for consumers. The new versions upgrade the protection in ESET Internet Security, ESET NOD32 Antivirus and ESET Smart Security Premium.

iProov Recognized as a Gartner Cool Vendor (BusinessWire) iProov, the leading provider of biometric authentication technology for Genuine Presence Assurance, has been named as a Cool Vendor for Identity Acces

Protegrity Announces Support for Amazon Redshift to Secure Sensitive Cloud Data (Protegrity) De-identification Technology Provides Advanced Data Protection to Increase Analytics Agility Across Enterprise Cloud Environments

Protegrity + Amazon Redshift: Securely Increasing Analytics Agility in the Cloud (Protegrity) Protegrity + Amazon Redshift: Securely Increasing Analytics Agility in the Cloud Protegrity + Amazon Redshift: Securely Increasing Analytics Agility in the Cloud Rick Farnell, CEO, Protegrity

SafeBreach Hacker's Playbook Coverage for US-CERT Alert AA20-296A and AA20-296B as the CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors (SafeBreach) The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent thr…

SecBI XDR Gains MSSP Multi-Tenancy Capabilities; CrowdStrike, Proofpoint Integrations (MSSP Alert) SecBI's extended detection & response (XDR) platform gains multi-tenancy capabilities for MSPs & MSSPs. Plus, integrations with CrowdStrike, Cybereason, Mimecast, Proofpoint & Zscaler arrive.

KELA rolls out new tech for detection, warning of dark net threats (Israel Defense) IntelAct aimed at enabling organizations to monitor their attack surface in real time

Hutchinson & Bloodgood LLP joins Ostendio MyVCM Auditor Connect Marketplace (PR Newswire) Ostendio Inc., a leading provider of integrated risk management software, today announced Hutchinson & Bloodgood LLP, a leading regional CPA...

XM Cyber and Cyber Guards Work Together to Deliver Unparalleled Cyber Security Assessments, Risk Management and Incident Response (PR Newswire) XM Cyber, the multi-award-winning leader in breach and attack simulation (BAS) and advanced security posture management platform, today...

Stop Account Take Overs (ATO) With Stylometry (INKY) Imagine an imposter taking over your email account and sending phish to everyone you know. It can ruin relationships and bank accounts. Learn about the science behind stylometry and how you can prevent Account Takeovers.

Technologies, Techniques, and Standards

Three ways to secure your data in a hyper-connected world (Fast Company) Here’s how to mitigate the risks without sacrificing innovation

CISA and Vietnam Veterans of America Partner to Raise Awareness About the Threat of Disinformation (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) and the Vietnam Veterans of America (VVA) released a series of public-awareness products today designed to help veterans and other Americans identify disinformation and prevent its spread.

AI Agents Defend the Network During NetModX (SIGNAL Magazine) Artificial intelligence agents defend the Army's network—including other AI technologies—during the Network Modernization Experiment.

Five worthy reads: Preparing an incident response plan for the pandemic and beyond (Security Boulevard) Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cyberattacks in the distributed workforce, this week we explore the concept of cybersecurity incident response during … The post Five worthy reads: Preparing an incident response plan for the pandemic and beyond appeared first on ManageEngine Blog.

How to Clean Up Your Digital History (Wired) There are plenty of reasons to declutter your online traces. Here's how to tidy up.

SecTor 2020: Don’t point a finger too fast after a hack, says expert (IT World Canada) 'Ask what is responsible, not who.' when there's a cyber incident says one expert. Read why

Webcast: The SOC Age Or, A Young SOC Analyst's Illustrated Primer (Black Hills Information Security) Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst needs in order to be successful. Trust us, these skills are more than just watching the SIEM and letting the SOAR platform handle everything through […]

Design and Innovation

To Boldly Go Where No Internet Has Gone Before (Quanta Magazine) Vinton Cerf helped create the internet 40 years ago, and he’s still working to connect people around the world — and off it.

WSJ News Exclusive | Facebook Prepares Measures for Possible Election Unrest (Wall Street Journal) The emergency measures, originally designed for countries facing mass ethnic or political bloodshed, include slowing the spread of viral content and lowering the bar for suppressing potentially inflammatory posts.

Google Rethinks App Design for Internet Novices (Wall Street Journal) A team at Google called Next Billion Users is building products for people whose first encounter with the internet has yet to come.

Research and Development

WSJ News Exclusive | Facebook Seeks Shutdown of NYU Research Project Into Political Ad Targeting (Wall Street Journal) The company is demanding that a New York University research project cease collecting data about its political-ad-targeting practices, setting up a fight with academics seeking to study the platform without the company’s permission.

The ambient audio in your video could give away its location. This intelligence agency wants to use that. (C4ISRNET) A U.S. government agency wants to be able to identify where audio was recorded based on the ambient sound in the background.

Legislation, Policy and Regulation

Russia never stopped trying to sway elections and sow mistrust. Best thing to do is vote. (USA TODAY) Federal agencies say votes were not changed in previous Russian hacks, but just the perception advances Trump's false claim that 2020 is rigged against him.

The Kremlin’s Plot Against Democracy (Foreign Affairs) How Russia Updated Its 2016 Playbook for 2020

Four more European nations sign onto US 5G security agreements (ZDNet) Slovak Republic, Bulgaria, Kosovo, and North Macedonia sign up to US initiative to only use 'trusted' telco equipment suppliers.

Bulgaria signs 5G security declaration with U.S. (Reuters) Bulgaria and the United States signed on Friday a declaration on security of next generation 5G mobile telecoms networks, which should ensure protected and clean communications, officials said on Friday.

Italy vetoes 5G deal between Fastweb and China's Huawei: sources (Reuters) Italy has prevented telecoms group Fastweb from signing a deal for Huawei [HWT.UL] to supply equipment for its 5G core network, three sources close to the matter said, the clearest sign yet Rome is adopting a tougher stance against the Chinese group.

US official pushes India to ban Huawei, ZTE from mobile networks (iTWire) An American official has told India it needs to shut out Chinese vendors Huawei Technologies and ZTE Corporation from the country's forthcoming 5G trials and also remove the companies' gear from other networks. Greg Kalbaugh, deputy under secretary for policy at the International Trade Admin...

The U.S. vs. China: The High Cost of the Technology Cold War (Wall Street Journal) The conflict has disrupted the telecom and semiconductor industries in both countries. But the consequences have already begun to spread well beyond those companies.

WSJ News Exclusive | Trump Administration Hopes to Make Iran Pressure Campaign Harder to Reverse (Wall Street Journal) Officials plan a pre-election volley of sanctions against Iran intended in part to fortify its pressure campaign against any future effort to unwind it.

Nigeria's cyberspace safe, says Fed Govt (The Nation) The Federal Government has said it is making arrangements to establish National Centre for Artificial Intelligence (AI).

Post data breach at Dr Reddy’s, firms urged to combat cybercrime (The New Indian Express) The personal data protection bill is likely to be tabled in next year’s budget session of Parliament.

Congress Faces Contentious Cyber Proposals When NDAA Conference Kicks Off (Nextgov.com) Industry groups are hoping these will lead to greater investment in government intelligence services to protect their assets.

A connected world we can trust (Optimistic Outlook) In using data to bring infrastructure online, cybersecurity conversations tend to focus on everything going wrong. With Laura Bate, a director of cyber engagement at the U.S. Cyberspace Solarium Commission, Barbara delves into a world in which everything g...

Air Force’s Spectrum Management Office officially transfers to ISR and Cyber Effects Opera (U.S. Air Force) Air Force’s Spectrum Management Office joins the Cyberspace Operations and Warfighter Communications Directorate assigned to the Deputy Chief of Staff for Intelligence, Surveillance, Reconnaissance

Should the Military Protect the Election? (War on the Rocks) Four years ago, the United States was the target of a coordinated foreign political influence campaign. Russian intelligence agencies set out to embarrass candidate Hillary Clinton by stealing emails from her campaign chairman, John Podesta, and releasing them online.

Exclusive: National Guard called in to thwart cyberattack in Louisiana weeks before election (Reuters) The Louisiana National Guard was called in to stop a series of cyberattacks aimed at small government offices across the state in recent weeks, according to two people with knowledge of the events, highlighting the cyber threat facing local governments in the run up to the...

National Guard Cyber Protection Team Mobiling to Ft. Meade (AM 1240 and FM 95.3 WJON) Thirty-five soldiers from the Minnesota National Guard are heading to Maryland to help protect our country from cyberattacks.

MN National Guard Cyber Protection team heads to Georgia Sunday (Twin Cities) A Minnesota National Guard cyber protection unit is being deployed for its first national assignment on Sunday to aid U.S. cyberspace operations. The Minnesota National Guard’s 177th Cyber Pr…

DeSantis says Florida elections systems are ‘stress tested,’ secure (The Apopka Voice) Florida’s elections systems have been “stress tested” and are secure, Gov. Ron DeSantis assured after revelations of spoofers and hackers.

Litigation, Investigation, and Enforcement

Russia’s Clandestine Chemical Weapons Programme and the GRU’s Unit 29155 (bellingcat) On October 15, 2020, the European Union imposed sanctions on six senior Russian officials and a leading Russian research institute over the alleged use of a nerve agent from the Novichok family in the poisoning of opposition leader Alexey Navalny. Russia dismissed as baseless the EU’s allegations that it had not complied with its obligations, …

U.S. sanctions Russian institute linked to dangerous malware (Reuters) Washington imposed sanctions on Friday on a Russian research institute tied to the development of a dangerous computer program capable of causing catastrophic industrial damage, a move that Russia called illegitimate.

Treasury Sanctions Russian Government Research Institution Connected to the Triton Malware | (US Department of the Treasury) Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA), a Russian government research institution that is connected to the destructive Triton malware.

Afghan forces claim to kill al-Qaida propagandist wanted by FBI (Military Times) A provincial council official said the Taliban was protecting the al-Qaida leader, which would be a violation the Feb. 29 deal with the U.S. that jump-started Afghanistan peace talks, if true.

Mark Zuckerberg and Jack Dorsey to testify before the Senate Judiciary Committee (The Verge) The two CEOs are appearing voluntarily.

Google’s Exclusive Search Deals With Apple at Heart of U.S. Lawsuit (Wall Street Journal) The Justice Department’s antitrust lawsuit claims that the Alphabet unit misused its power in an anticompetitive manner, potentially threatening a major revenue stream for both tech giants.

The Role of Switching Costs in Antitrust Analysis: A Comparison of Microsoft and Google (Yale Journal of Law and Technology) Recently there has been a chorus of competition complaints asserting that Google's conduct and position today is parallel to Microsoft's position in the “Microsoft case,” the antitrust case brought by the Department of Justice in 1998...

When Data Creates Competitive Advantage (Harvard Business Review) And when it doesn’t

Biden relies on pattern of activity to blame Russia for release of data from what is said to be his son’s laptop (Washington Post) Joe Biden leaned heavily on a letter from former U.S. intelligence and defense officials in Thursday night’s debate to argue that Russia orchestrated a disinformation operation allegedly involving damaging information obtained from his son’s laptop that was promulgated by President Trump’s personal attorney, Rudolph W. Giuliani.

Insisting that the Hunter Biden laptop is fake is a trap. So is insisting that it’s real. (Washington Post) The lesson of 2016 is to be even more careful with potential disinformation in 2020.

Washington Post piece calls on media to report Hunter Biden leaks as foreign disinformation, even if it 'probably' isn't (Washington Examiner) An analysis piece in the Washington Post stated journalists should treat the leaked emails allegedly recovered from Hunter Biden’s laptop as a foreign disinformation campaign, even if the claim lacks evidence.

With the Hunter Biden Expose, Suppression is a Bigger Scandal Than The Actual Story (Reporting by Matt Taibbi) Unprecedented efforts to squelch information about a New York Post story may prove to be more dangerous corruption than whatever Hunter Biden did with a crooked Ukrainian energy company

RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos (ZDNet) Main target of the takedown was the youtube-dl project, a Python library that had amassed more than 72k stars on GitHub and was used in many YouTube video ripping tools and services.

Italian authorities are investigating deepfake bots on Telegram (The Verge) The bots were found to be using a version of the DeepNude software

Systems Admin Arrested for Hacking Former Employer (Infosecurity Magazine) Systems admin allegedly hacked US department store to give former colleagues paid holidays

D.A. Vance: Former Century 21 Employee Charged with Computer Tampering, Larceny For Breach of Company Data (Manhattan District Attorney's Office) “If left undetected, this former employee’s alleged tampering could have cost Century 21 more than $50,000,” said District Attorney Vance.

Ohio Attorney General Yost secures judgment in multistate hospital data breach (Highland County Press) Ohio Attorney General Dave Yost and his counterparts in 27 other states have secured a judgment against Tennessee-based Community Health Systems Inc. for a data breach that exposed the names, birthdates, Social Security numbers, phone numbers and addresses of 6.1 million patients.