Cyber Attacks, Threats, and Vulnerabilities
North Korean Advanced Persistent Threat Focus: Kimsuky (CISA) This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.
US federal agencies warn organisations of global hacking campaign by North Korean Kimsuky group (Computing) The group is specifically interested in gaining intelligence on issues related to the Korean peninsula
Here's how hackers are targeting the election and what officials are doing to protect it (CNET) We answer your Election 2020 questions about cybersecurity, hacking, fraud, ransomware and other things that have you on edge
Sizing Up Nation-State Cyberthreats to the US Election (BankInfo Security) Online disinformation campaigns by nation-state actors are the biggest cyberthreat to the U.S. election as hackers attempt to influence final vote tallies as a way
Iran’s bogus email campaign on U.S. elections had a Facebook disinformation prong (CyberScoop) Following an FBI tip, Facebook removed a fake account linked with Iran's email misinformation campaign that sent threatening emails to Democratic voters.
Spoof voter email attack was "not against a real voter registration database" (Verdict) Spoof voter emails targeting US Democratic voters was not the result of an election systems hack, according to security experts.
Facebook Warns of Foreign Operators Exaggerating Their Election-Interference Abilities (Wall Street Journal) Facebook said it took down a small network of fake accounts and pages tied to the Iranian government, while also warning that foreign actors are attempting to exaggerate their ability to influence the U.S. election.
In Election Hacking, Perception May be as Good as the Real Thing (SecurityWeek) Perception of hacking poses unique challenges because of concerns about vulnerabilities in many parts of the election infrastructure, including electronic voting machines, databases and transmission systems.
Some Ballot Requests May Be Affected by County Cyber Attack (SecurityWeek) A hacker attack against an upstate New York county’s computer system raised concern that some emailed absentee ballot applications may not be processed, but the state Board of Elections said voting won’t be affected overall
An Update to How We Address Movements and Organizations Tied to Violence (About Facebook) Taking action against Facebook Pages, Groups and Instagram accounts tied to QAnon, offline anarchist groups that support violent acts amidst protests, and US-based militia organizations.
Trump’s campaign website hacked by cryptocurrency scammers (TechCrunch) President Trump’s campaign website was briefly and partially hacked Tuesday afternoon as unknown adversaries took over parts of the page, replacing them with what appeared to be a scam to collect cryptocurrency. There is no indication, despite the hackers’ claims, that “full acces…
The Cybersecurity 202: Trump campaign site hack shows risks of even low-grade election interference (Washington Post) A brief but colorful breach of President Trump’s campaign website is underscoring how even unsophisticated efforts at election interference can rattle voters and undermine the democratic process.
The Trickbot ransomware is infecting computers in Virginia. Elections officials say they’re ready (WUSA 9) Microsoft told a federal judge Trickbot malware has been used against Virginia computers. Virginia says its election system is secure & has defenses to fight back.
The lowly DDoS attack is still a viable threat for undermining elections (CyberScoop) Scenes like what happened to Florida’s voter registration site on Oct. 6 has played out over and over again: A system goes down, and questions fly. Was there a cyberattack, specifically a distributed denial-of-service (DDoS) attack meant to overwhelm a website site with traffic, knocking it offline?
Zerologon flaw threatening large businesses, organizations in Vietnam (VietNamNet) Bkav Corporation has announced a warning related to Zerologon vulnerability, which can severely threaten many large organizations and businesses in Vietnam by controlling even their administration accounts.
Facebook “copyright violation” tries to get past 2FA – don’t fall for it! (Naked Security) Watch out for “Facebook copyright violation” emails – even if they link straight back to Facebook.com
Swedish Authorities, Banks Hit by Security Data Leak: Report (SecurityWeek) A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August
()
Amazon sacks employee over data breach (IT PRO) The worker leaked customer email addresses to an unidentified third-party
SHUN HU Technology JUUKO Industrial Radio Remote Control (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Exploitable from an adjacent network/low skill level to exploit
Vendor: SHUN HU Technology Co., Ltd
Equipment: JUUKO Industrial Radio Remote Control
Vulnerabilities: Authentication Bypass by Capture-replay, Command Injection
2.
Cyber attack reportedly hits Sky Lakes Medical Center - KOBI-TV NBC5 / KOTI-TV NBC2 (KOBI-TV NBC5 / KOTI-TV NBC2) A local hospital was reportedly the victim of a cybercrime. Sky Lakes Medical Center in Klamath Falls serves tens of thousands of people in Southern Oregon and Northern California. On October 27, 2020, the hospital announced someone hacked their computer system.
Security Patches, Mitigations, and Software Updates
Flaws in Winston Privacy Devices Can Expose Networks to Remote Attacks (SecurityWeek) A series of vulnerabilities discovered by researchers in devices made by online privacy firm Winston Privacy can expose users’ networks to remote attacks
NVIDIA Patches Code Execution Flaws in GeForce Experience (SecurityWeek) Patches released by NVIDIA last week for the GeForce Experience software address two code execution bugs assessed with a severity rating of high
HPE Patches Two Critical, Remotely Exploitable Vulnerabilities (SecurityWeek) HPE has released patches for two critical vulnerabilities, one identified in StoreServ Management Console and the other affecting BlueData EPIC Software Platform and Ezmeral Container Platform
Cyber Trends
8 Cyber Threat Trends to Watch Out for in 2021 (Booz Allen Hamilton) See our picks for 2021’s top cyber threat trends and proactively inform your cyber strategy for the year ahead.
Federal Network Visibility in a Modernized World (Riverbed) Federal government modernization efforts accelerated rapidly in 2020, advancing the adoption of cloud and as-a-service models. Riverbed provides agencies a holistic view across all networks, applications and end-user experience to enable centrally managed hybrid environments, proactively address performance issues and enhance cybersecurity posture.
CyberEdge COVID-19 Impact Report Finds Three in Four Cybersecurity Professionals Prefer Cloud-Based IT Security Solutions (BusinessWire) CyberEdge Group, today announced the availability of a new survey report titled ‘The Impact of COVID-19 on Enterprise IT Security Teams.'
Data breaches upping ATO fraud 'red flags' (ZDNet) There has been a 'spate' of hack-related fraudulent activity identified, the taxation office said.
70% of financial organizations are concerned about insider data theft during remote work (Netwrix) Netwrix report reveals that concern about intentional data theft has doubled while fear of accidental data sharing has nearly halved.
Here’s How 2020 Created A Tipping Point In Trust And Digital Privacy (Forbes) America's distrust in big tech is skyrocketing. Here's how 2020 created a tipping point in trust and digital privacy.
La moitié des petites entreprises ont déjà été la cible de cyberattaques selon Cybint. Se croyant à l'abris, elles investissent en moyenne moins de 500 $ dans la cybersécurité selon Juniper (Developpez.com) Chaque année depuis 2003, octobre est reconnu comme le mois national de sensibilisation à la cybersécurité (NCSAM - National Cyber Security Awareness Month), une campagne de sensibilisation publique d'un mois lancée par le Département américain de la sécurité intérieure (DHS) qui vise à sensibiliser à la cybersécurité...
Marketplace
Cyber Espionage Detection Firm Strider Technologies Raises $10 Million (SecurityWeek) Strider Technologies, a company that provides solutions for combating cyber espionage, on Tuesday announced that it raised $10 million in Series A funding. To date, the startup has raised $12 million
Government-Focused Cyber Defense Company Toka Raises $25 Million (SecurityWeek) Toka, a company that provides intelligence and defense solutions to government, law enforcement and security agencies, has raised $25 million in a Series B funding round
Enso Security Raises $6M to Eliminate Application Security Chaos and Bring Scalability to AppSec Management (BusinessWire) Enso Security, a pioneering Application Security Posture Management (ASPM) startup, today announced $6 million in seed funding led by YL Ventures with
Stairwell Announces Seed Investment From Accel, Sequoia Capital, Gradient Ventures and Allen & Company LLC (PR Newswire) Stairwell, a new cybersecurity company with a vision to empower any security team to defend against every adversary, today announced $4.5...
French Scale-up Odaseva Raises $25M To Continue Global Expansion (Crunchbase News) The $25 million Series B brings the French company’s total funding to $40 million.
Fraud-Detection Startup NS8 Files for Bankruptcy, Paving Way for Litigation (Wall Street Journal) Cyber-fraud-prevention startup NS8 filed for bankruptcy protection after its former chief executive was arrested on fraud charges last month and an investor put up $10 million to finance a litigation campaign over the company’s sudden collapse.
Raytheon Unloads Security Subsidiary Forcepoint To Private Equity (CRN) Defense contractor Raytheon said that it signed a deal to sell cybersecurity subsidiary Forcepoint to tech-heavy private equity firm Francisco Partners.
Aerial Technologies, A Success and Growth Story (PR Newswire) Aerial Technologies, defining the WiFi Motion Analytics industry, is pleased to announce the completion of an oversubscribed financing round...
AMD agrees to buy Xilinx for $35 billion (Computing) Both firms expect the deal to close at the end of 2021
Zoom credits Keybase acquisition with quick turnaround on end-to-end encryption (CyberScoop) Zoom says a key deal earlier this year helped it globally implement an important security feature at a time when the videoconferencing app became a household word.
FireEye Q3 results beat expectations, raises year view, shares jump 6% (ZDNet) The security technology vendor hit a new high for recurring revenue, and highlighted a partnership with Microsoft.
SolarWinds Announces Third Quarter 2020 Results (BusinessWire) SolarWinds Corporation (NYSE: SWI), a leading provider of powerful and affordable IT management software, today reported results for its third quarter
SAIC Gets $750M Army National Guard Intell Support Task Order; Jim Scanlon Quoted (ExecutiveBiz) Science Applications International Corp. has received a potential five-year, $750M task order to pro
General Dynamics IT lands $761.6M GSA contract | Virginia Business (Virginia Business) U.S. General Service Administration awarded Falls Church-based General Dynamics Information Technology Inc. (GDIT) a $761.6 million contract to update and secure information technology infrastructure that supports the U.S. Southern Command mission.
The messy politics of Nextdoor (Vox) Want to see how polarized America is? Look no further than Nextdoor.
Aspen Tech Policy Hub, Project Redesign, and Tech Talent Project Announce New Pilot Tech Executive Leadership Program (The Aspen Institute) Program prepares senior technology leaders with the skills critical to government service and public policy.
Denim Group Wins Awards Demonstrating Commitment to Workforce and Community (BusinessWire) Denim Group has been recognized as a ‘Top Workplace for Employees’ by the San Antonio-Express News and the San Antonio Business Journal.
Facebook’s Top Public Policy Executive in India Steps Down (Wall Street Journal) Ankhi Das had opposed applying hate-speech rules to a politician from the ruling Hindu nationalist party, along with at least three other individuals and groups flagged internally for promoting or participating in violence.
AU10TIX Appoints Carey O'Connor Kolaja as CEO (PR Newswire) AU10TIX, a global ID verification and authentication platform, and its board of directors announced today that Carey O'Connor Kolaja, current...
Cyberbit Appoints Dan Phillips and Jim Hansen to Board of Directors (BusinessWire) Cyberbit Appoints Dan Phillips and Jim Hansen to Board of Directors
SentinelOne Hires Ken Marks As VP of Worldwide Channels (MSSP Alert) Endpoint security platform provider SentinelOne hires former Splunk & Palo Alto Networks & cybersecurity veteran Ken Marks as its VP of worldwide channels.
Stuart McClure Joins Cymatic Board of Advisors (StreetInsider.com) Storied Entrepreneur and Cybersecurity Pioneer Provides Mentorship and Go-to-Market Guidance for Company behind Award-Winning Client-Side WAF + VADR
Products, Services, and Solutions
Netskope Delivers Continuous Risk Management with New Analytics and Dynamic Visualization Tools (Netskope) Netskope Advanced Analytics helps organizations understand, prioritize, and measure their efforts to improve security for their applications, data, and users SANTA CLARA, Calif. – October 27, 2020 – Netskope, the leading security cloud, today announced Netskope Advanced Analytics. The interactive data analytics service provides rich, in-depth visual dashboards, reports on cloud and web use, and […]
StackRox Releases KubeLinter, an Open Source Tool to Identify Kubernetes Misconfigurations (StackRox) Static analysis tool automates YAML file and Helm chart checks to ensure Kubernetes configurations follow security best-practices and support security-as-code
Introducing New and Improved Plans for Our Business Customers (Dashlane Blog) We’ve revamped our business product to include two plans that better cater to different organizations’ varying needs.
StorCentric Launches Cloud-Enabled Data Mobility Suite (DMS) Software Platform (StorCentric) Empowers Customers to Eliminate Data Silos, While Managing and Controlling Data to Address IT, Business, and Budgetary Requirements — Simplifying Data Management While Ensuring Maximum ROI
ABAKA Announces Global Partnership with Intel (PRWeb) ABAKA, the world leader in digital saving and retirement enterprise SaaS solutions powered by Artificial Intelligence, announced it has become a membe
CyberGRX Exchange Now Available for Purchase in AWS Marketplace (BusinessWire) CyberGRX announced that its Third-Party Cyber Risk Management (TPCRM) platform is now available for purchase in AWS Marketplace.
New AttackIQ Solution Integrates with Microsoft Azure Sentinel to Strengthen Cyber Threat Detection and Investigation for Security Customers (BusinessWire) AttackIQ integrates its Security Optimization Platform with Microsoft Azure Sentinel cloud-native SIEM platform.
Source Defense Launches New Product to Fortify Client-Side Security and Protect Websites Against 1st Party Code & Open Source Attacks (PR Newswire) Source Defense, the market leader in client-side website security, today announced its new offering of "Website in Page Protection" (WiPP), as...
SpyCloud Announces VIP Guardian to Deliver Cyber Protection for Key Executives' Personal Accounts (PR Newswire) SpyCloud, known for its unique anti-fraud platform powering account takeover prevention and fraud investigations solutions, today launched...
Lumen automates DDoS mitigation as attacks surge worldwide (PR Newswire) Cybersecurity experts have seen a dramatic rise in sophisticated distributed denial of service (DDoS) attacks in recent months. Downtime from...
Cybereason’s Commitment to Defenders Now Backed by $1 Million Breach Protection Warranty (Cybereason) We are pleased to announce the Cybereason Breach Protection Warranty (PDF), which provides up to $1 Million in coverage in the event of a breach.
Claroty Adds Fully Integrated Remote Incident Management to Industry-Leading OT Security Platform (PR Newswire) Claroty, the global leader in operational technology (OT) security, today announced new enhancements to The Claroty Platform, making it the...
Atomicorp & EstateSpace Join Forces with RunSafe Security to Supercharge Cyber Defenses - Security Boulevard (Security Boulevard) Security partnerships reduce open source and cloud workload vulnerabilities
ESET strikes cyber reseller deal with Canon in Singapore (Channel Asia) ESET has on-boarded Canon as an official reseller in Singapore, focused on delivering security solutions to consumer, SMB and enterprise customers.
GrammaTech CodeSentry: Identifying security blind spots in third party code (Help Net Security) GrammaTech announced CodeSentry which identifies blind spots and allows security professionals to measure and manage risk quickly and easily.
Technologies, Techniques, and Standards
Financial Data Exchange Celebrates Two-Year Anniversary (Financial Data Exchange) Financial industry standards body marks significant member growth, adoption of FDX API and progress
Agencies must get identity right to move to a zero trust, more secure posture (Federal News Network) While the ICAM laid the foundation, the coronavirus pandemic is serving as the “a-ah” moment to illuminate why identity and access management is so important.
OSINT Gathering Key to Keeping Up with Financial Crime (Authentic8 Blog) According to a recent survey of financial crime analysts, OSINT gathering emerges as the critical capability in countering adversaries
Anyone, anywhere is now potential target for nation-state cyberattacks: ex-IDF general (Israel Defense) The only way of coping with the new level of threats is to think like the attacker and prioritize wisely so critical assets can be shielded, HolistiCyber CEO Ran Shahor says at the CybertechLive USA conference
Design and Innovation
The AI Company Helping the Pentagon Assess Disinfo Campaigns (Wired) Primer can quickly sort through hundreds of sources to identify, say, Russian interference in Azerbaijan. It sells its tech to Walmart too.
YouTube will add Election Day warning label: 'Results may not be final'
(CNBC) The company said that for Election Day, it will continue its strategy to place labels on videos and promote "authoritative" voices.
Google says it will ban political ads following election (Washington Post) Google said it will ban political ads for at least a week after the election, anticipating that results may take longer to come in
Wikipedia's Plan to Resist Election Day Misinformation (Wired) The encyclopedia is determined to emerge from the insanity of a pandemic and a polarizing election with its information and reputation intact.
Rocky start to Facebook's political ad ban (Seeking Alpha) Political advertisers are complaining that some ads were incorrectly blocked as the blackout period went into effect, while others criticized rule-breaking posts that could be misleading.
Army Futures Command preparing an AI-ready workforce (Federal News Network) The Army is educating its modernization command so all employees will have some AI knowledge.
This military graphic on electronic warfare should give everyone nightmares (Task & Purpose) I can't decide if this is an atrocity or a work of art
Academia
Ivy Tech students from Valparaiso campus finish second in national cybersecurity competition • Northwest Indiana Business Magazine (Northwest Indiana Business Magazine) The cyber security knowledge of two Ivy Tech Community College students stood out at a recent national cybersecurity competition.
Legislation, Policy, and Regulation
Report: Geopolitics of Emerging and Disruptive Technologies (Instytut Kościuszki) Over the last dozen or so months, the events we’ve witnessed were crystal clear – emerging and disruptive technologies have become an area of the most dogged rivalry between the great powers. The competition is mostly revolving around two centres of gravity – the United States and the People’s Republic of China – but is …
China's new Silk Road runs through cyberspace, worrying rivals and privacy advocates (The World from PRX) China is fast becoming a global leader in cutting-edge technologies — such as artificial intelligence, facial recognition, surveillance and 5G. But critics say China’s technology enables authoritarian control and increases dependence on an autocratic state.
China clamping down on mobile web browsers over dissemination of 'chaos' (TheHill) China’s top cybersecurity agency on Monday announced plans for a "rectification" of Chinese mobile internet browsers, which the group argues “have become a gathering place” of
Trump Turning More Countries in Europe Against Huawei (Foreign Policy) Slovakia joins other Eastern European countries signing declarations with Washington aimed at keeping China out of critical infrastructure.
Esper, Pompeo drive US anti-China message in India visit (Military Times) Defense Secretary Mark Esper shoring up defense ties with India to counter China.
Esper Praises Results of U.S., Indian Meeting (U.S. DEPARTMENT OF DEFENSE) Defense Secretary Dr. Mark T. Esper and Secretary of State Michael Pompeo met with top Indian officials in New Delhi for talks on regional security cooperation, defense information sharing and defense
Finland Sets Out Key Positions on International Cyber Law (Just Security) Analysis of the Government of Finland's statement on international law in cyberspace.
German armed forces launch security vulnerability disclosure program (The Daily Swig) Bundeswehr emulates US counterparts in formalizing bug reporting process
()
Twitter's Dorsey says eroding Section 230 could 'collapse' Internet communication (SeekingAlpha) Ahead of Senate committee testimony tomorrow, Twitter (TWTR +4.3%) CEO Jack Dorsey will speak up in defense of Section 230, the liability protection for tech companies that is "the Internet's most important law for free speech and safety."
Facebook's Zuckerberg says Section 230 is important but needs update (SeekingAlpha) Facebook's (FB +1.8%) Mark Zuckerberg is out with prepared testimony ahead of his appearance before the Senate Commerce Committee - and he's taking a more conciliatory tone than fellow tech CEO Jack Dorsey
Zuckerberg And Facebook Throw The Open Internet Under The Bus; Support Section 230 Reform (Techdirt.) This shouldn't be much of a surprise, unfortunately, but it appears that once again Facebook is the first to crack under political pressure, and has decided to sell out the open internet and free speech online. In testimony Mark Zuckerberg is...
Chairman Graham: Tech CEOs to Testify on Censorship and Suppression of News Articles, Handling of 2020 Election (United States Senate Committee on the Judiciary) Senate Judiciary Committee Chairman Lindsey Graham (R-South Carolina) today announced Twitter CEO Jack Dorsey and Facebook CEO Mark Zuckerberg will appear voluntarily before the committee on Tuesday, November 17, 2020.
Lawmakers Urge Next Administration to Focus on Cybersecurity (Wall Street Journal) The slate of complex issues the next administration will inherit goes far beyond ongoing cyber conflicts with Russia, China and Iran, lawmakers and experts say. The federal government needs to bolster its own cyber capabilities, they say, while helping the U.S. navigate the rapid-fire digitization of the global economy.
U.S. Homeland Security agency faulted for election planning around potential violence (Reuters) The U.S. Department of Homeland Security's watchdog body said on Tuesday that officials at its Cybersecurity and Infrastructure Security Agency had not adequately planned for potential violence at polling places and vote counting stations.
Lawmakers Want to Protect Local Newspapers From Google, Facebook (Wall Street Journal) Some Senate Democrats are seeking to empower regulators to protect local news outlets, accusing tech giants such as Google and Facebook of “unfair business practices,” according to a new committee report.
Spy agency ducks questions about 'back doors' in tech products (Reuters) The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national...
Mobile networks banned from selling locked phones (BBC News) The watchdog Ofcom says the move should encourage more people to switch and save money.
Army G-6 Leader Outlines Priorities After Split from CIO (Nextgov.com) Deputy Chief of Staff Lt. Gen. John B. Morrison Jr. aims to use innovative hiring strategies to lure technical talent to his office.
US Army’s top uniformed IT official lays out priorities for new office (C4ISRNET) The U.S. Army's new G-6 office will work toward preparing the Army for multi-domain operations.
Litigation, Investigation, and Law Enforcement
Palo Alto Networks Threatens Legal Action Over Product Comparison (SecurityWeek) Palo Alto Networks has threatened legal action against Orca Security after the latter made a comparison between products from the two companies
Former California police captain pleads guilty in eBay cyberstalking case (Reuters) A former police captain who went on to work for eBay Inc pleaded guilty on Tuesday to participating in a cyberstalking campaign against a Massachusetts couple whose online newsletter was viewed as critical of the e-commerce company.
Experian Gets U.K. Ultimatum to Comply With Privacy Order (1) (Bloomberg Law) Experian Plc risks potentially hefty penalties unless it makes “fundamental changes” within the next 9 months to the way it handles personal information in marketing, the U.K. privacy regulator warned the credit-data agency.
ForgeRock Remarks on the Court of Justice of the European Union’s Ruling on Transfers of Personal Data (ForgeRock) At ForgeRock we take the security and protection of our customer’s personal data seriously. We know staying abreast of shifting security and privacy laws can be challenging, which is why we have a dedicated team of experts monitoring the landscape to ensure our services help you stay compliant.
If you’re not using a cloud access security broker, you’re vulnerable to GDPR violations (Business Matters) How a Cloud Access Security Broker Can Help Your Organization Stay GDPR-Compliant
Spy agency says dumping historian had nothing to do with national security (The Sydney Morning Herald) The boss of Australia's cyber spy agency has conceded it cancelled a contract with the ANU to write its official history after it sought to gain editorial control over the project beyond secrecy provisions.