Cyber Attacks, Threats, and Vulnerabilities
GCHQ begins operation against Russian disinformation on COVID-19 vaccine (Computing) GCHQ is using tools that were originally developed to tackle ISIS recruitment in its fight against disinformation
Suspected Vietnamese cyber-spies targeting dissidents in Germany (The Daily Swig) Viet con tradecraft exposed
Im Visier vietnamesischer Hacker (BR) Eine Hackergruppe aus Vietnam spioniert seit Jahren gezielt Dissident*innen aus. Auch in Deutschland, wie Recherchen von BR und „Zeit Online“ zeigen. Die Opfer fühlen sich ziemlich allein gelassen.
Security Researchers Warn of Uptick in Election Spam (Wall Street Journal) Hackers continue to take advantage of election-related anxiety to launch cyberattacks by email at greater volumes than would usually be expected, security companies say.
Dark web: Underground forums remain a hotbed of COVID-19 scams (TechRepublic) From fake coronavirus 'cures' to counterfeit travel documents and scam calling services, COVID-19 continues to offer plenty of monetization opportunities for cyber criminals, say researchers from Trustwave.
Fake Microsoft Teams updates lead to Cobalt Strike deployment (BleepingComputer) Ransomware operators are using malicious fake ads for Microsoft Teams updates to infect systems with backdoors that deployed Cobalt Strike to compromise the rest of the network.
Recent WebLogic Vulnerability Likely Exploited by Ransomware Operators (SecurityWeek) At least one ransomware operator appears to have added to their arsenal an exploit for a recently patched vulnerability in Oracle WebLogic
RansomEXX Trojan attacks Linux systems (Securelist) We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems.
New Research Shows Attackers Turning to Encrypted Attacks During Pandemic (Markets Insider) Encryption-Based Threats Grow By 260% in 2020Healthcare, Finance and Manufacturing Under an Onslaught of Attacks
Zero Day Initiative — Pwn2Own Tokyo (Live from Toronto) – Day Three Results and Master of Pwn (Zero Day Initiative) Pwn2Own Tokyo (Live from Toronto) has completed, but not without its fair share of drama and excitement. The third and final day of the competition saw us award $37,500 for 6 bugs across 4 devices. Here’s a quick video recapping the day’s events:
NETGEAR Router, WD NAS Device Hacked on First Day of Pwn2Own Tokyo 2020 (SecurityWeek) Bug bounty hunters hacked a NETGEAR router and a WD NAS device on the first day of the Pwn2Own Tokyo 2020 hacking competition.
Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020 (SecurityWeek) Bug bounty hunters have hacked routers, NAS devices and TVs at the Pwn2Own Tokyo 2020 hacking competition
Ultimate Member Plugin for WordPress Allows Site Takeover (Threatpost) Three critical security bugs allow for easy privilege escalation to an administrator role.
Compal, the second-largest laptop manufacturer in the world, hit by ransomware (ZDNet) Compal factories build laptops for Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu.
Capcom Latest Multinational To Be Hit By Disruptive Cyber-Attack (Silicon UK) Resident Evil and Street Fighter maker Capcom hit by attack that disrupts internal systems, while researchers say Ragnar Locker ransomware group is to blame
Price Dropped on Hacked Educational RDP Details (Infosecurity Magazine) Hacked educational RDP details get a price drop on Russian forums
Probing Marriott's Mega-Breach: 9 Cybersecurity Takeaways (BankInfo Security) Inadequate database and privileged account monitoring, incomplete multi-factor authentication and insufficient use of encryption: Britain's privacy regulator has
Over One Million Cyber Attacks Targeted UK’s Open University in Nine Months (Programming Insider) The Open University in the UK has been on the receiving end of more than one million cyberattack attempts between January and September this year. Parliament Street, a local think tank, disclosed the numbers following
Online classes resume after cyber attack at Saskatoon college (CTV News) In-person classes may have been cancelled at Saskatchewan Polytechnic due to the blizzard, but the school is resuming online classes on Monday following a cybersecurity attack Nov. 1.
Medical data breach exposes personal info - see the list of providers (Komando.com) A recent data breach exposed tons of information on eye care patients across the U.S. Financial records, medical data and more were stolen.
Cyberattack on U. of Vermont hospital IT network delays chemotherapy, mammogram appointments (CyberScoop) A cyberattack at the University of Vermont Health Network has forced one of the network’s hospitals to delay chemotherapy and mammogram appointments, making it the latest example of how cybercriminals can impact patient care.
Vulnerability Summary for the Week of November 2, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Let’s Encrypt Warns Some Android Users of Compatibility Issues (SecurityWeek) Let’s Encrypt has issued a warning to users of older Android versions, who may start getting certificate errors next year due to compatibility issues
Apple Patched Three iOS Zero-Day Bugs Following Google’s Discovery (Latest Hacking News) Google Project Zero found three iOS zero-day bugs under active attack. Apple fixed them with the release of iOS 14.2 and iOS 12.4.9.
Cisco’s Duo Security Report Shows Shift to Remote Work is Accelerating Digital Adoption (Duo Security) The annual Duo Trusted Access Report details the security state of thousands of the world’s largest and fastest-growing organizations amid a year of unprecedented change.
Work Smarter, Not Harder: The Evolution of DDoS Activity in 2020 (Digital Shadows) Ransomware operations have undoubtedly dominated the 2020 cyber threat landscape thanks to multi-million-dollar heists and new malware variants popping up every day.
New Research Shows Attackers Turning to Encrypted Attacks During Pandemic (Markets Insider) Encryption-Based Threats Grow By 260% in 2020Healthcare, Finance and Manufacturing Under an Onslaught of AttacksSAN JOSE, Nov. 10, 2020 (GLOBE N...
Credential-related attacks lead to the biggest financial losses, says report (Computing) Extreme loss events could cost victims 100 times their annual revenue or more, says the Cyentia Institute
COVID Impact Report: Cybersecurity Edition Press Release (TDI) Cybersecurity Services, Products, and Future EcoSystem. Information Assured | Cyber Secured.
Election Commission CISO describes how cybercriminals are exploiting enterprises (ETCIO.com) Cyber attackers are increasingly looking to exploit vulnerabilities in an enterprise's security infrastructure that have been exposed because of the s..
Cyber’s uncertain future: These radical technologies and negative trends must be overcome (C4ISRNET) The fate of the world may literally hinge on which states develop and appropriately introduce the radical technologies that are likely to disrupt cyberspace and the world. What are they, and what disruption do they pose?
Just don't call them anti-virus: Israeli cyber startup ReSec lands $4M Series A (Geektime) The Israeli startup targets every file in an enterprise's network and treats it with suspicion, because there's no room for error in the cyber game...
Brown & Brown Acquires Digital Insurance Agency CoverHound and Its CyberPolicy Unit (Insurance Journal) Insurance broker Brown & Brown has acquired CoverHound, a digital property/casualty insurance marketplace, and CyberPolicy, CoverHound's small
Bug Bounty Hunters Earn $1.2 Million at Chinese Hacking Competition (SecurityWeek) Bug bounty hunters have earned a total of over $1.2 million at a major Chinese hacking competition, including $180,000 for iPhone exploits and $100,000 for Chrome exploits
HITRUST Selects Coalfire as Founding Member of Third-party Risk Management Council (The Grand Junction Daily Sentinel) Coalfire, a provider of cybersecurity advisory and assessment services, has been named a founding member of the newly formed HITRUST(® )Third-Party Risk Management
Ermetic Named Winner of Sierra Ventures Challenge (Ermetic) Ermetic has won the Sierra Ventures Challenge organized by Startup50 and will present its product to enterprise buyers from Sierra Ventures CXO advisory board.
FireMon Named a Finalist for 2020 CRN Tech Innovator Award (StreetInsider.com) FireMon, the leading network security policy management company that brings visibility, control, agility and automation to enterprise cloud and hybrid network infrastructure, is pleased to announce that CRN®, a brand of The Channel Company, has named FireMon as a finalist in the 2020 CRN Tech Innovator Awards. FireMon was recognized for its FireMon Automation in the Security category.
Hack the Gap: Close the cybersecurity talent gap with interactive tools and data (Cyberseek) To help close the cybersecurity skills gap, CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.
Medigate Selected as a Leader by KLAS in 2020 Healthcare IoT Security Market Report (The Daily News) Medigate, a dedicated medical device security and asset management solution firm, today announced it has been selected as a leader in the growing healthcare IoT security market, according to new research from KLAS.
The National Veteran-Owned Business Association (NaVOBA) Has Honored TechTrueUp As the 2020 Disabled Veteran's Business Enterprise of the Year® (VBEOY) (PR Newswire) VBEOY is a prestigious honor bestowed annually to outstanding U.S. military veteran business owners. The VBEOY awardees demonstrate the finest...
BCLP Adds New Global Data Privacy & Cyber Security Lead (Bryan Cave Leighton Paisner) International law firm Bryan Cave Leighton Paisner (BCLP) today announced that Amy de La Lama has joined as a partner to lead the firm’s global Data Privacy & Cyber Security Team, within the Corporate...
Cellebrite Strengthens Board of Directors with Appointment of Former General Manager of IBM North America (INSIDENOVA.COM) Cellebrite, the global leader in Digital Intelligence (DI) solutions for the public and private sectors, today announced the appointment of Elly Keinan
Pondurance Appoints Lyndon Brown Chief Strategy Officer to Accelerate Growth for Managed Detection and Response Provider (BusinessWire) Pondurance Appoints Lyndon Brown as Chief Strategy Officer to Accelerate Growth for Managed Detection and Response Provider
Products, Services, and Solutions
SecZetta and LevelUP Announce New Partnership in Third-Party Identity and Risk Management (SecZetta) Together, SecZetta and LevelUP provide clients with an enhanced scope of third-party identity and lifecycle management solutions, including a specialized focus in compliance and standards, that can strengthen identity access management and risk management programs.
Client-Side Field Level Encryption is now on Azure and Google Cloud (MongoDB) MongoDB Client-Side Field Level Encryption is now multi-cloud on AWS, Azure, and Google Cloud. It gives you some of the strongest levels of data privacy available anywhere. Learn more about the new release.
01 Communique Signs a Co-operation agreement with PwC to Implement Quantum-Safe IronCAP Cryptography Technology (AccessWire) 01 Communique Laboratory Inc. ("01 Communique") (TSX-V:ONE)(OTCQB:OONEF) today announced it has entered into a joint business relationship with PwC, one of the world's leading professional services firm, to bring post-quantum cryptography technology and its related services to enterprise customers. Our collaboration comes at a time when cyber security is on every organization's...
Heficed Becomes First Commercial Company with RPKI Repository under LACNIC Root (Welp Magazine) Heficed, a network infrastructure solutions provider, has announced launching an RPKI repository under LACNIC—the regional Internet registry for the Latin American and Caribbean regions—making it the only company with RPKI repositories under ARIN, RIPE NCC and
Axio Announces Partnership with NFP to Expand Cybersecurity Capabilities, Launches New Platform for Community Banks (BusinessWire) Axio, a leading cyber risk management Software-as-a-Service company, today announced a strategic partnership with NFP, a leading insurance broker and
M-Files Partners with Adobe to Provide Easy and Secure Document E-Signatures (GISuser.com) Legally binding e-signatures can be easily applied to any document managed by M-Files to speed up transactions and approvals with Adobe Sign AUSTIN, Texas – Nov. 9, 2020 – M-Files Corporation, the intelligent information management company, today announced the integration of Adobe Sign, the market leading e-signature solution in Adobe Document Cloud, in the M-Files intelligent information …
Remove excessive cloud permissions with CyberArk Cloud Entitlements Manager (Help Net Security) CyberArk Cloud Entitlements Manager is a privilege-based, AI-powered service designed to strengthen the security of cloud environments.
Digital Guardian Rolls Out Ryuk Ransomware Protection Content Pack To Detect And Defend Against Rising Ryuk Ransomware Attacks (Security Informed) Digital Guardian, a globally renowned company in Data Loss Prevention (DLP) and Managed Detection and Response (MDR), has developed a new Ryuk Ransomware Protection Content Pack to detect and defend...
Comodo Announces Community Trusted Advisor Program (Yahoo) Comodo, the world’s leader of next-generation cybersecurity, announced the launch of the Comodo Community Trusted Advisor (CCTA) Program. The program will integrate cybersecurity experts who shar...
This free service is a genius way to foil spam and protect your privacy (Fast Company) Don’t give your information to marketers who might pelt you with spam or even expose you to a potential hack. Use Abine Blur instead.
Malwarebytes Offers Remediation Solution for CrowdStrike Falcon (CIO Applications) Malwarebytes offers comprehensive defense and recovery technologies to safeguard devices, whether...
CMS builds on security portfolio with CrowdStrike (TechCentral.ie) CMS Distribution as signed a distribution agreement with CrowdStrike, offering a full portfolio of solutions including Falcon Prevent and Falcon Insight, to provide real-time visibility and protection across organisations to better detect and prevent attacks. The cloud-native Falcon platform has revolutionised the way organisations stop breaches by unifying key endpoint security capabilities such as next-generation [&hellip
Lucidworks and Platform9 Announce Partnership to Deliver Scalable Enterprise AI Search Solutions with Kubernetes (PR Newswire) Lucidworks, the premier builder of AI-powered search solutions for many of the world's largest brands and Platform9, the leading Managed...
Thycotic Secures Privileged Database Access in DevOps Pipelines (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations worldwide, including 25 of the Fortune...
Ostendio Expands MyVCM Auditor Connect Marketplace with DGC Partnership (PR Newswire) Ostendio Inc., a leading provider of integrated risk management software, today announced the continued growth of the MyVCM Auditor Connect...
1touch.io Launches Strategic Channel Partner Program (PR Newswire) Itouch.io, provider of the Inventa™ AI-based sustainable data discovery and management platform for privacy, security and governance, today...
Lumen wins spots on two Veterans Affairs network services contracts (PR Newswire) Lumen (NYSE: LUMN) announced that it recently won a place as an authorized service provider on the U.S. Department of Veterans Affairs' $721...
AppGuard's European Distributors, Assurity Systems, strike strategic deal with UK Councils (PR Newswire) Assurity Systems has completed a strategic partnership with the UK's Local Authority owned transformation specialists, iESE, to offer AppGuard...
Cybrary Offers More Free Courses To Offer Paths To Employment and Better Defense Against Increased Cyber Attacks (PR Newswire) Cybrary, the world's largest online cybersecurity career development platform, today announced its latest collection of free IT and...
US Signal Launches Vulnerability Scanning and Management for Proactive (PRWeb) US Signal, a leading data center services provider, today announced the launch of its Vulnerability Management as a Service (VMaaS) offering. Configu
FiVerity Launches Collaborative AI Solution with Support from National Banks, Credit Unions, and Cyber Fraud and Threat Intelligence Partnership (BusinessWire) FiVerity launches Collaborative AI Platform, a machine learning solution for cyber fraud detection and threat intelligence.
InteliSecure Safeguards Critical Data for Global Healthcare, Biotech and Pharmaceutical Companies (PRLog) InteliSecure Safeguards Critical Data for Global Healthcare, Biotech and Pharmaceutical Companies. Nationally recognized medical research and treatment center among clients benefitting from InteliSecure's managed data protection services and Aperture platform - PR12846143
RevCult Announces Cloud Security Cockpit® on Salesforce AppExchange, the World's Leading Enterprise Cloud Marketplace (PR Newswire) RevCult today announced it has launched Cloud Security Cockpit® on Salesforce AppExchange, empowering customers to proactively implement,...
7SIGNAL Extends Linux OS Coverage to Red Hat, Debian and Ubuntu (PR Newswire) 7SIGNAL®, the leader in enterprise wireless experience monitoring, today announced the general availability of Mobile Eye® for Red Hat, Debian,...
SAFE Identity Achieves Major Standards Milestone in Cross-Industry Effort to Complete Interoperable Trust Framework for Digital Identities for Healthcare (GlobeNewswire) SAFE Identity and its healthcare industry-led Policy Management Authority (PMA) have achieved a major milestone in their effort to enable a standards-based, interoperable Trust Framework for digital identities across all stakeholders in the highly distributed healthcare industry.
Datadobi Announces Integration with Westcon FlexPod Solutions, Providing Market-Leading Protection Capabilities for Any Cloud Strategy (BusinessWire) Datadobi today announced that its DobiProtect® offering is now part of Westcon’s ONESource FlexPod solutions.
A Service Akin to Credit Monitoring, but for Data Privacy, is Now Available Through Alerts.com (PR Newswire) Alerts.com is first in the market with its new service: to inform consumers when a business acquires their name, where they acquired it, the...
ZeroNorth Unveils New Defect Density Dashboard to Unite Security and DevOps Teams (ZeroNorth) ZeroNorth today announced the availability of its Defect Density Dashboard, a new capability within its SaaS-based application security automation and orchestration platform. The new dashboard normalizes scan data from disparate security scan tools to identify the rate of code defects. This insight offers security and engineering leaders a common framework for collaborating to improve application security and software quality within existing DevOps workflows.
ThreatQuotient Integrates with Infoblox for Enhanced DNS and IP Address Visibility (RealWire) Combination of Infoblox contextual data and the ThreatQ platform enriches and accelerates response to emerging threat vectors
Acuant Launches Acuant®GO No Code IDV and KYC Solutions for Agile Digital Transformation (GlobeNewswire) Acuant®GO Provides the Fastest Go-To-Market Option with Proven, Secure Technology
Deloitte and AlgoSec Partner to Establish a Joint Network Protection Transformation Solution for Enterprises (AlgoSec) The EMEA Telecom Engineering Centre of Excellence (TEE) of Deloitte (located in Portugal) and AlgoSec, the leading provider […]
Latest Version of Unisys Stealth® Features New Automation and Visualization Tools to Accelerate Deployment and Simplify Management (Unisys) Unisys Stealth® 6.0, which features enhanced visualization and dashboard tools to simplify an organization's IT reporting and deployment – strengthening security posture and allowing businesses to reduce the complexity of their IT environment with the appropriate security policies. Stealth™ features artificial intelligence (AI)-driven automation to dramatically speed up installation, configuration and deployment in the enterprise in a matter of minutes.
Technologies, Techniques, and Standards
Vatican enlists bots to protect library from onslaught of hackers (the Guardian) Apostolic Library, facing 100 threats a month, wants to ensure readers can trust digitised records of its historical treasures
Fearing Threats, Vatican Library Works with Cyber Security Firm to Fight Off Hackers (ARTnews.com) An effort to digitize various masterworks is currently underway.
Top tools and best practices to kick-start your shift to cyber resilience (TechBeacon) Popular cyber resilience frameworks all share some common elements. Here's what you need to know about them—and the emerging best practices.
Design and Innovation
Army launches 'Hack the Army 3.0' with more targets for cybersecurity researchers (FedScoop) The third iteration of the Army hackathon is set to begin in mid December and run through the end of January.
Pentagon Grappling With AI’s Ethical Challenges (National Defense) Artificial intelligence is a top modernization priority for the U.S. military, with officials envisioning a wide range of applications, from back office functions to tactical warfighting scenarios.
Research and Development
NSF-Funded Cybersecurity Project at Georgia State Will Disrupt Illicit Virtual Supply Chains (Georgia State News Hub) Georgia State University’s Evidence-Based Cybersecurity Research Group will examine the supply chain supporting underground markets in a new project designed to disrupt such operations.
CyberStart America Program Returns to Indiana (Inside Indiana Business) Indiana will participate in CyberStart America, an online cybersecurity talent search and competition designed to encourage high school students to pursue cyber-based learning and career opportunities
Legislation, Policy, and Regulation
U.S. Tried a More Aggressive Cyberstrategy, and the Feared Attacks Never Came (New York Times) The 2020 election was the biggest test yet of a new approach of pre-emptive action against adversaries trying to hack election infrastructure or wage disinformation campaigns.
Europe is adopting stricter rules on surveillance tech (MIT Technology Review) The European Union has agreed to stricter rules on the sale and export of cyber-surveillance technologies like facial recognition and spyware. After years of negotiations, the new regulation will be announced today in Brussels. Details of the plan were reported in Politico last month. The regulation requires companies to get a government license to sell…
Rights Activists Slam EU Plan for Access to Encrypted Chats (SecurityWeek) Digital rights campaigners on Monday criticized a proposal by European Union governments that calls for communications companies to provide authorities with access to encrypted messages.
Chevron Australia has 'reservations' at govt asserting itself in a cyber attack response (iTnews) Calls proposed powers 'unusual'.
White House official and former GOP political operative Michael Ellis named as NSA general counsel (Washington Post) The Pentagon general counsel has named a White House official and former GOP political operative to be the top lawyer at the National Security Agency, the U.S. government’s largest and most technically advanced spy agency, U.S. officials said.
Litigation, Investigation, and Law Enforcement
McCabe will defend opening Russia probe in testimony before GOP-controlled Senate panel (Washington Post) As he testifies Tuesday before the Senate Judiciary Committee, former acting FBI director Andrew McCabe will forcefully defend the bureau’s decision to initiate an investigation into whether the Trump campaign coordinated with Russia to influence the 2016 election, telling lawmakers that officials had a “duty” to do so because of the information that had come to them, according to a copy of his prepared remarks.
India opens antitrust case against Google over its payments app (TechCrunch) India’s antitrust watchdog has opened an investigation into Google for allegedly abusing the dominant position of its app store to promote its payments service in the world’s second largest internet market. In its Monday announcement (PDF) about opening an antitrust case against Google, Indian watc…
Amazon Faces New EU Antitrust Charges, Probes (Wall Street Journal) Amazon.com faces fresh legal battles with the European Union after the bloc charged the online retailer with violating competition law in a new salvo in its scrutiny of U.S. tech corporations.
FTC Says Zoom Misled Users on Its Security for Meetings (SecurityWeek) Federal regulators are requiring Zoom to strengthen its security in a proposed settlement of allegations that the video conferencing service misled users about its level of security for meetings.
Zoom settles with FTC after making ‘deceptive’ security claims (TechCrunch) The FTC said Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users."
FTC Settlement With Zoom Sets Security Requirements (BankInfo Security) As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the
Sweden halts 5G auction after court grants relief to Huawei (Reuters) Swedish telecoms regulator PTS on Monday halted 5G spectrum auctions after a court suspended parts of its decision that had excluded Chinese telecom equipment maker Huawei [HWT.UL] from 5G networks.
Facebook Gets Targeted Ad Campaign Class Action Trimmed (Law360) A California federal judge on Friday tossed for good certain equitable relief claims in an advertiser's proposed class action alleging Facebook deceptively promises that advertisers can choose targeted audiences for ad campaigns, but allowed those claims to proceed if they are based on future harm.
Zoll Medical Sues Security Co. Over Major 2018 Data Breach (Law360) Medical device maker Zoll Medical Corp. hit Barracuda Networks Inc. with a suit in Massachusetts federal court Friday, alleging the California-based information technology security company failed to put in place adequate safeguards to prevent a 2018 data breach that exposed the confidential information of more than 277,000 patients.
Terminix Hit With Class Action Over Worker Data Breach (Law360) Terminix Global Holdings Inc.'s September data breach exposed the personal information of more than 14,000 of its current and former workers thanks to the negligent disregard of Federal Trade Commission guidelines, a former Terminix worker said in a Tennessee federal court putative class action complaint.
Body Found in Canada Identified as Neo-Nazi Spam King (KrebsOnSecurity) The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports.
'His Murder Is Necessary': Man Who Exposed Kyrgyz Smuggling Scheme Was Hunted By Contract Killers (RadioFreeEurope/RadioLiberty) A money launderer told journalists what he knew about a secretive smuggling empire and a senior Kyrgyz official who enabled it. Now, leaked documents shed light on his shocking murder.
Carter Page Files New Damages Claims Over FBI Surveillance (Law360) Former Trump campaign adviser Carter Page has lodged new administrative claims seeking damages for the FBI's contentious surveillance of him, the government disclosed to the U.S. Foreign Intelligence Surveillance Court in a recent filing.