Cyber Attacks, Threats, and Vulnerabilities
The CostaRicto Campaign: Cyber-Espionage Outsourced (BlackBerry) With the undeniable success of Ransomware-as-a-Service (RaaS), the cyber-criminal market has expanded its portfolio to add dedicated phishing and espionage campaigns to the list of illicit services on offer...
Manufacturing Cyber Threat Perspective (Dragos) Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.
Chinese-linked Muhstik botnet targets Oracle WebLogic, Drupal (BleepingComputer) Muhstik botnet, also known as Mushtik, has been targeting cloud infrastructure and IoTs for years.
Meet Muhstik - IoT Botnet Infecting Cloud Servers - (Lacework) Cloud infrastructure is generally immune to IoT related threats however there are some exceptions - one of these is “Muhstik”
DNS cache poisoning ready for a comeback (University of California Riverside News) Derandomizing the source port enables attacks that work on all layers of DNS caches
DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels (University of California Riverside) In this paper, we report a series of flaws in the software stack that leads to a strong revival of DNS cache poisoning — a classic attack which is mitigated in practice with simple and effective randomization-based defenses such as randomized source port.
PLATYPUS: Hackers Can Obtain Crypto Keys by Monitoring CPU Power Consumption (SecurityWeek) Researchers present PLATYPUS, a new side-channel attack targeting Intel processors that allows an attacker to extract cryptographic keys by monitoring the CPU’s power consumption
PLATYPUS reveals new vulnerabilities discovered in Intel processors (University of Birmingham) A team of security researchers, including experts from the University of Birmingham, is presenting new side-channel attacks, which use fluctuations in software power consumption to access sensitive data on Intel CPUs.
PLATYPUS: With Great Power comes Great Leakage (PLATYPUS Attack) With PLATYPUS, we present novel software-based power side-channel attacks on Intel server, desktop and laptop CPUs. We exploit the unprivileged access to the Intel RAPL interface exposing the processor's power consumption to infer data and extract cryptographic keys.
Ransomware Group Turns to Facebook Ads (KrebsOnSecurity) It's bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.
Microsoft Teams Users Under Attack in 'FakeUpdates' Malware Campaign (Threatpost) Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.
Criminal gangs are using fake Microsoft Teams updates to infect networks with Cobalt Strike (Computing) Hackers are specifically targeting the education sector where use of collaboration tools is high, according to Microsoft
Alleged source code of Cobalt Strike toolkit shared online (BleepingComputer) The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository.
Trickbot down, but is it out? (Intel 471) Intel 471 has observed successful disruption of Trickbot. However, the actors linked to it have not ceased their criminal activities.
Security Experts Discover Threat Actors Becoming More Ruthless with the Resurgence of Emotet (Nuspire) Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q3 2020 Quarterly Threat Landscape Report, outlining new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future. “With the combination of Nuspire’s 24x7x365 security experts and…
Surge in Credential Stuffing Attacks and Europe as a Fraud Epicenter, Reveals New Data from Arkose Labs (GlobeNewswire) 1.3 Billion Attacks Were Detected in Q3 of 2020, with 770 Million Representing Credential Stuffing and 49% Originating from Europe
Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers (The Hacker News) Over 2800 Online Stores Running Outdated Magento Software Hit by Magecart Credit Card Hackers
RiskIQ Analysis of Ant and Cockroach Skimmer Reveals Highly Connected Magecart Ecosystem (GlobeNewswire) RiskIQ, the global leader in attack surface management and security intelligence, has released an analysis of the ‘Ant and Cockroach’ digital credit card skimmer that implicates Magecart Group 12 in September's large-scale attack on e-commerce websites running Magento 1 and dozens of other high-profile skimming incidents and malicious activity.
5.8 million RedDoorz user records for sale on hacking forum (BleepingComputer) After suffering a data breach in September, a threat actor is selling a RedDoorz database containing 5.8 million user records on a hacker forum.
IRS Impersonation Payment Fraud (Abnormal Security) In this attack, scammers impersonate the IRS to collect a fraudulent payment from their target. Quick Summary of Attack Target Platform: Office 365Bypassed Email Gateway: ProofpointMailboxes: 50,000 to 70,000Payload: TextTechnique: Spoofing / Impersonation What was the attack? Setup: The IRS has long been a popular target for impersonation by attackers. This email highlights a more […]
Smishing attack tells you “mobile payment problem” – don’t fall for it! (Naked Security) Don’t be fooled by a website that looks OK – it’s easy for crooks to make an exact copy. (This time, they got just one letter wrong.)
“Instant bank fraud” hoax is back – don’t spread fake news! (Naked Security) You need to spread the word to your family and friends NOT to spread the word to their family and friends
Fraudulent Minecraft-Related Apps Deceive Millions of Google Play Users, Avast Warns (PR Newswire) Avast (LSE:AVST), a global leader in digital security and privacy products, has identified a wave of malicious mobile applications in the...
Avast warns of Minecraft skin, mod apps fleecing ‘millions’ of Android users (ZDNet) Ridiculously expensive subscriptions are costing users as much as $120 per month.
Fraudulent Minecraft Apps On Google Play (Avast) Fleeceware apps posing as Minecraft mods lure hundreds of dollars per month from users for simple services, such as new wallpapers.
Banking Trojan Can Spy on Over 150 Financial Apps (BankInfo Security) A recently uncovered banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges and fintech firms, as a
Let’s Encrypt Warns Some Android Users of Compatibility Issues (SecurityWeek) Let’s Encrypt has issued a warning to users of older Android versions, who may start getting certificate errors next year due to compatibility issues
Phishing Campaign Tied to Trickbot Gang (BankInfo Security) Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to
Singles Day: The world's biggest shopping event luring scammers (BBC News) From fake apps to formaldehyde-soaked clothes, Singles Day has seen increasingly elaborate ruses.
The Need to Change the Paradigm of Control Systems Cyber Security – Part 1 Background - The First Global Cybersecurity Observatory (The First Global Cybersecurity Observatory) The Need to Change the Paradigm of Control Systems Cyber Security - Article 1/3 Author: Joe Weiss, PE, CISM, CRISC Managing Partner
Attacking SCADA Part II: Vulnerabilities in Schneider Electric EcoStruxure Machine Expert and M221 PLC (Trustwave) We present two vulnerabilities in EcoStruxure Machine Expert v1.0 and Schneider Electric M221 (Firmware 1.10.2.2) Programmable Logic Controller (PLC).
Another Step Toward Hardening Schneider M221 PLCs Against Attack (Claroty) Claroty, in June, privately disclosed details on four vulnerabilities in Schneider Electric’s Modicon M221 PLC and EcoStruxure Machine Expert Basic, which could allow an attacker to bypass authentication on these devices, break the encryption securing data transfers, modify code, and run commands.
Schneider Electric PLC Simulator for EcoStruxure Control Expert (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Schneider Electric
Equipment: PLC Simulator for EcoStruxure Control Expert
Vulnerability: Improper Check for Unusual or Exceptional Conditions
2.
OSIsoft PI Interface for OPC XML-DA (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: OSIsoft
Equipment: PI Interface
Vulnerability: Numeric Errors
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker-controlled OPC XML-DA Server to respond with a crafted XML message and exploit the PI Interface for OPC XML-DA, resulting in code execution.
OSIsoft PI Vision (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.7
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: OSIsoft
Equipment: PI Vision 2020
Vulnerabilities: Cross-site Scripting, Incorrect Authorization
2.
SIMATIC S7-300 CPUs and SINUMERIK Controller (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.9
ATTENTION: Exploitable remotely
Vendor: Siemens
Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
Siemens SIMATIC S7-300 and S7-400 CPUs (Update B) (CISA) 1. EXECUTIVE SUMMARY
--------- Begin Update B Part 1 of 2 ---------
CVSS v3 5.9
--------- End Update B Part 1 of 2 ---------
Siemens SCALANCE W 1750D (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SCALANCE W 1750D
Vulnerability: Improper Input Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution.
Siemens UMC Stack (Update C) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.7
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: UMC Stack
Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation
2.
Images of Sexual Abuse Are Fueling AI Porn (Vice) Non-consensual porn videos, like many of those shot by Czech Casting and Girls Do Porn, can live on forever in machine learning datasets.
DWP exposed more than 6,000 disability claimants' NI numbers online (Computing) The Information Commissioner Office is examining the incident, while the DWP insists it takes its responsibility to protect data "very seriously"
Ransomware Criminals Demand $11 Million From Video Game Giant Capcom (Forbes) Capcom, the Japanese gaming giant behind the Street Fighter, Mega Man and Resident Evil franchises, has reported a major cybersecurity incident.
Valimail: 2020 Election Infrastructure Still Vulnerable to Email Hackers (BusinessWire) Valimail's latest report illustrates the threat of impersonation-based email phishing attacks that utilize domains involved in the U.S. election.
Election email security (Valimail) Valimail’s analysis shows that, at virtually every level of the American election infrastructure, there is massive vulnerability to impersonation. This is due largely to the poor penetration of email authentication standards that can prevent spoofing.
Brazil Court System Went Down Following Cyber Attack (Latest Hacking News) Brazil Superior Court of Justice (STJ) systems suffered cyber attack during court sessions. Reports hint RansomExx ransomware involvement.
How One Firm Drove Influence Campaigns Nationwide for Big Oil (New York Times) FTI, a global consulting firm, helped design, staff and run organizations and websites funded by energy companies that can appear to represent grass-roots support for fossil-fuel initiatives.
YouTube back up after worldwide outage (Reuters) YouTube, owned by Alphabet Inc's Google <GOOGL.O>, said late on Wednesday it had fixed a glitch that led to a worldwide outage of the video-streaming service.
Hackney's property market 'on pause' following Town Hall cyber attack (Hackney Citizen) Would-be seller speaks out as land searches remain out of action, while local estate agent says 'hundreds of sales' could be on hold
Latest Chatham County cyber attack update (Chatham Journal Newspaper) The cyber attack discovered on October 28 that affected Chatham County government's network is still under investigation.
Newcastle Grammar School targeted in cyber attack (Newcastle Herald) "It's very hard to prepare for them when they happen but [important] to understand the risks and how disruptive it is."
If This ‘Very Dangerous’ App Is Installed On Your Phone, Delete It Now (Forbes) Beware—more than 100 million Android users have now installed this "spyware" app...
Security Patches, Mitigations, and Software Updates
Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs (Threatpost) Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.
Intel, Please Stop Assisting Me (CyberArk) This post focuses on two vulnerabilities the CyberArk Labs team uncovered in the Intel Support Assistant that affected the millions of Windows machines that run this software. The first...
Microsoft Patches Windows Vulnerability Chained in Attacks With Chrome Bug (SecurityWeek) Microsoft has patched a privilege escalation vulnerability in Windows that has been exploited in combination with a recently patched Chrome flaw
Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day (WeLiveSecurity) This month's Patch Tuesday brings fixes for no fewer than 112 security flaws, including a Windows zero-day bug that was disclosed by Google last month.
Patch Tuesday: Dangerous Zero-Day Hides Among Another 100+ CVEs (Infosecurity Magazine) Microsoft back to old ways with a large security update round
Google patches two more Chrome zero-days (ZDNet) Google has now patched five Chrome zero-days in three weeks.
Adobe Patches Vulnerabilities in Connect, Reader Mobile (SecurityWeek) Adobe patches an information disclosure vulnerability in Reader Mobile and XSS flaws in Connect
Cyber Trends
Security Predictions Reports | FireEye (FireEye) Our annual Security Predictions report offers unique insights into what we can expect from attackers, victim organizations, security vendors and nation-states in the coming year.
Ransomware is now all about data leaks, Kaspersky researchers claim (iTWire) Ransomware has changed from being just about encrypting a victim's data and become primarily about data exfiltration, the Russian security firm Kaspersky says. In a detailed blog post about two ransomware families — Ragnar Locker, whom the company described as a veteran operation, and the more r...
Hackers Draining $10 Million a Month from DeFi: Report - Decrypt (Decrypt) Decentralized finance is attractive to hackers because it’s unregulated and anonymous, says blockchain firm CipherTrace.
Organizations Know Mobile App Security Matters, But Lag on Implementation (Guardsquare) A global, independent survey finds that many organizations prioritize mobile app security in theory. Yet 95% report room for improvement. What causes this gap?
KnowBe4’s Global Cybersecurity Experts Make Predictions for 2021 Cyber Trends (GlobeNewswire) Experts cover topics such as phishing, IoT, security culture, mobile banking and more
DigiCert 2021 Security Predictions (DigiCert) DigiCert 2021 Security Predictions. 2020 has brought about a lot of change. Based upon changes to infosecurity brought by the pandemic and other events of 2020 we can be reasonably certain about our predictions.
FortiGuard Labs Predicts Weaponizing of the Intelligent Edge Will Dramatically Alter Speed and Scale of Future Cyberattacks (GlobeNewswire) Applying Artificial Intelligence to Speed Threat Prevention, Detection, and Response Combined with Actionable Threat Intelligence is Critical to Protect Against Attacks
Skepticism towards US cloud storage giants grows in Europe (TechRadar) Report finds European cloud users do not trust US firms
The security consequences of massive change in how we work (Help Net Security) Organizations underwent an unprecedented IT change this year amid a massive shift to remote work, resulting in many security consequences.
New Research Confirms Enterprise Organizations Have Embraced Containers and Kubernetes but are Struggling to Properly Secure Data Stored in Cloud-Native Environments (BusinessWire) Zettaset, a leading provider of cloud-native data protection for a DevOps-driven world, in partnership with Accelerated Strategies Group, today announ
IT’s Relationship with Remote Workers Continues to Fracture - Can Digital Experience Monitoring Mend the Cracks? (NetMotion Software) Supporting remote workers isn't easy. But Digital Experience Monitoring may be the answer that IT teams are looking for.
63% of Employees Reuse Work Passwords, Millennials Are Biggest Offenders (PR Newswire) 63% of full-time U.S. employees have recycled passwords on work accounts and devices, according to a new survey report from Visual Objects, a...
Marketplace
Cybersecurity Skills Shortage Falls for First Time (Infosecurity Magazine) (ISC)2 study reveals global gap of around 3.1 million professionals
Palo Alto Networks acquires attack surface manager Expanse in $800m deal (ZDNet) Expanse’s platform will be added to the Cortex product suite.
Telos sets terms to offer 12.35M shares in IPO (SeekingAlpha) Cybersecurity solutions provider Telos (TLS) is offering 12.35M shares at an initial price range of $16 to $18.
Smarsh Acquires Digital Reasoning, Combining Global Leadership In Artificial Intelligence And Machine Learning With Market Leading Electronic Communications Archiving And Supervision (PR Newswire) Smarsh®, enabling organizations to manage risk and uncover value within their electronic communications, announced the acquisition of Digital...
ConnectWise Acquires Perch Security and StratoZen (ConnectWise) Company also shares product updates and details on ConnectWise Fusion™, the company’s unified platform approach, at virtual IT Nation® Connect conference
With $29M in funding, Isovalent launches its cloud-native networking and security platform (TechCrunch) Isovalent, a startup that aims to bring networking into the cloud-native era, today announced that it has raised a $29 million Series A round led by Andreessen Horowitz and Google. In addition, the company today officially launched its Cilium Enterprise platform (which was in stealth until now) to …
IQM raises $46 million to commercialize its quantum computers (VentureBeat) IQM raised $46 million to begin selling its first quantum computers to research institutions and supercomputing centers.
SentinelOne Announces $267M Series F (BusinessWire) Global Demand for Cloud-Native Autonomous Cybersecurity Platform Elevates Valuation to More Than $3 Billion
SentinelOne Valued at More Than $3 Billion in Funding Round (US News and World Report) SentinelOne has raised $267 million from venture capital backers including Tiger Global and Sequoia at a valuation of more than $3 billion, almost three times what it was valued in February, the U.S. cybersecurity firm’s chief executive told Reuters in an interview.
PKWARE Acquires Dataguise to Expand Data Security Offering (Infosecurity Magazine) PKWARE will operate Dataguise's offices in the US, India, Europe and Canada
Venminder Raises $33M in Growth Funding (FinSMEs) Venminder, an Elizabethtown, KY-based provider of third-party risk management solutions, raised $33m in Series C funding
Menlo Security Raises $100 Million in Latest Financing (Menlo Security) The Menlo Security Cloud Platform allows enterprises to embrace Secure Cloud Transformation. Powered by patented isolation technology, the global Menlo Security Cloud Platform provides secure direct access to an Internet architecture designed for SaaS applications. The cloud-native architecture is elastic and autoscales security and throughput for seamless on-demand growth in the number of users, devices, and applications.
Capgemini acquires ASX-listed digital services provider RXP Services for $95m (CRN Australia) To bolster capabilities for digital, data and cloud.
Zix Acquires CloudAlly for $30M; Converges Email Security and Cloud Backup (MSSP Alert) Zix acquires CloudAlly for approximately $30 million. MSPs to converge Microsoft 365 email security, cloud backup and disaster recovery (BDR) services.
Barracuda Acquires Fyde, a Zero Trust Network Access (ZTNA) Innovator (PR Newswire) Barracuda, a trusted partner and a leading provider of cloud-enabled security solutions, today announced it has acquired Fyde, a ZTNA provider...
CrowdStrike gains after Baird upgrade on 'sustainable success' (SeekingAlpha) Citing the stock's recent weakness, Baird upgrades CrowdStrike (NASDAQ:CRWD) from Neutral to Outperform and raises the price target from $150 to $155.
FireEye: Mandiant To The Rescue (Seeking Alpha) FireEye's Q3 results highlight compelling moves to improve the potentials of its new bets. New updates to Mandiant will drive growth and margins.
The Instillery launches dedicated cyber security division (Reseller News) The Instillery has launched a new cyber security division aimed at consolidating its cyber resources and building on them to create a dedicated business in the fast-growing segment.
Tanium's Global Expansion Boosts Cyber Security in Australia (PRWire) Empowering organisations including GenesisCare and the Department of Defence to manage and protect their mission-critical networks
Facebook, Google extend post-election political ad ban (SeekingAlpha) Facebook (NASDAQ:FB) and Google (GOOG,GOOGL) have quietly extended the political ad bans originally scheduled for one week after the U.S. presidential election, the Financial Times reports.
YouTube Election Loophole Lets Some False Trump-Win Videos Spread (Bloomberg) The site says election misinformation policies are ‘generally working as intended.’
Fact-Checked on Facebook and Twitter, Conservatives Switch Their Apps (New York Times) Since the election, millions have migrated to alternative social media and media sites like Parler, Rumble and Newsmax.
Frost & Sullivan Honors PerimeterX with 2020 Best Practices Award (PerimeterX) Leader Recognized for Technology Innovation that Safeguards Digital Businesses from Login to Checkout
Group-IB cements foothold in Europe: European HQ doors in Amsterdam are now open (Group-IB) Group-IB, a global threat hunting and intelligence company, has opened the doors of its European headquarters in Amsterdam, which will serve as a central hub for the company’s research into the European threat landscape. Having been operating on the continent for years, the company now formalizes its operations by inaugurating its new HQ that will be consolidating and maturing the expertise gathered in cyber investigations, incident response and threat hunting activities across the region under one roof.
Novetta Receives Third Consecutive Hire Vets Award (PR Newswire) U.S. Secretary of Labor Eugene Scalia recognized Novetta as a 2020 HIRE Vets Gold Medallion Award recipient during a ceremony earlier today at...
Darktrace boss Poppy Gustafsson scoops up top innovation award (CityAM) Darktrace chief executive Poppy Gustafsson has scooped up the top prize for innovation at this year’s Women of the Year Awards.
Stealthbits Expands Executive Leadership to Drive Momentum of Identity-Centric Cybersecurity and Data Privacy Solutions (BusinessWire) Stealthbits hires new CEO, expands leadership team to drive momentum of identity-centric cybersecurity and data privacy solutions
Corelight Appoints Seasoned Sales Executive to Accelerate Growth Across the Americas (AP NEWS) Corelight, provider of the industry’s first open network detection and response (NDR) platform, today welcomed Rick Beattie to its executive leadership team as vice president of sales for the Americas.
Industry Luminary joins Analyst1 as Chief Security Strategist (PR Newswire) Analyst1, provider of a market leading threat intelligence platform (TIP), added recognized cyber industry veteran, Jon DiMaggio, to its...
Erik Jones Rejoins Venable as Partner (Citybizlist) Venable LLP is pleased to announce that Erik Jones, former chief investigative counsel to the U.S. Senate Committee on Commerce
Lake Dai Brings Wealth of AI Knowledge, Experience to Alcatraz Board (AiThority) Lake Dai has devoted her career and education to artificial intelligence. A venture capitalist with LDV Partners and adjunct professor at Carnegie Mellon University’s AI applications master’s program
Patrick Murphy and Cory Simpson Join Ankura's Cybersecurity Practice (The Salamanca Press) Ankura, a global business advisory and expert services company, is pleased to announce the appointment of The Honorable Patrick J. Murphy to Senior
Microsoft Taps Former McAfee CEO To Lead Biz Development (CRN) Microsoft has hired former McAfee CEO and cybersecurity veteran Chris Young to lead the technology giant’s global business development efforts
C5 Capital Appoints Rob Meyerson, former President of Blue Origin, as Operating Partner (PR Newswire) C5 Capital USA LLC ("C5"), the specialist venture capital firm that invests in the secure data ecosystem, including cybersecurity, AI, cloud...
Shift5 Announces Appointment of Christan (CJ) Johnson as First Head of People (PR Newswire) Shift5 is excited to announce that Christan (CJ) Johnson will be joining their team as the first ever Head of People. In this newly-created...
Digital Asset Custody Company, Brane, Announces Suzanne Larsen, International Technology C-Suite Executive, and Former Ontario Deputy Minister of Community Safety, Matthew Torigian, Join Board of Directors (PR Newswire) Brane Inc., a blockchain innovation company and leading digital asset custodian, announced today that Suzanne Larsen and Matthew Torigian have...
Sonatype and Fugue Partner to Shift Cloud Security Left and Ensure Continuous Policy Compliance (Fugue) Sonatype and Fugue partner to empower developers with best-in-class tools so they can accelerate innovation and improve cloud security.
Code42 Incydr Delivers Evolved Data Protection for Channel Partners (BusinessWire) Code42 is launching a “channel-first” go-to-market strategy for the Code42 Incydr product and appointing Faraz Siraj as its new VP of channel sales.
Products, Services, and Solutions
SonicWall Expands Boundless Cybersecurity with New High-Performance, Low-TCO Firewalls; Company Debuts Cloud-native ZTNA Solution to Secure Work-from-Anywhere Environments (SonicWall) New firewall models expand options for multi-gigabit threat protection, secure SD-branch deployments; zero-trust Cloud Edge Secure Access offering drives SonicWall’s SASE momentum
SonicWall Capture Advanced Threat Protection Collects ICSA Labs Certification (SonicWall) For the third consecutive quarter, cloud-based Capture Advanced Threat Protection (ATP) sandbox service, featuring patent-pending Real-Time Deep Memory Inspection™ (RTDMI) engine, has been vigorously tested in the detection of today’s most evasive threats and awarded the coveted ICSA Labs Advanced Threat Defense certification. SonicWall Capture ATP ‘did remarkably …
BotRx Expands ProTx Platform with New Business Data Widgets (BotRx) New widgets provide customizable analytical context on how bot and manual attacks impact business operations
The Standoff: worldwide virtual cyber-range highlights real-world cyber risks and defensive techniques (Positive Technologies) Event to include large-scale controlled offensive and defensive competition and online conference on top cybersecurity issues (November 12–17).
Per Customer Demand, Trend Micro Launches Hassle-Free, Cloud-Ready Network Security (Trend Micro | Newsroom) Trend Micro Incorporated (TYO: 4704; TSE: 4704), the leader in cloud security, today announced global availability of its cloud-native network security solution, Trend Micro Cloud One – Network...
Trend Micro Integrates with AWS Gateway Load Balancer for Improved Security Function (Trend Micro | Newsroom) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a leader in cloud security, today announced its hybrid cloud security integration with the newly launched AWS Gateway Load Balancer (GWLB), a...
ByteChek is Making Compliance "Suck Less" (PR Newswire) Have you ever had to go through a cybersecurity assessment? Did you feel like it was overwhelming and too manual? ByteChek is a SaaS company...
Point3 Security Introduces Talent Screening Service to Assess, Identify and Upskill Top Cybersecurity Talent (BusinessWire) Point3 Talent Screen svc helps companies find cyber talent w/right skills & drive; prove bias-free candidate evals. A
Lumu Introduces Lightweight Solution to Improve Security for Remote Workforce (GlobeNewswire) New Lumu Agent for Windows Works Silently to Measure Remote Worker Compromise Levels in Real Time
Kasten K10 v3.0 Introduces Multi-Cluster, Multi-Tenant Kubernetes-Native Data Management (Kasten) Kasten Introduces Multi-Cluster, Multi-Tenant Kubernetes-Native Data Management in K10 v3.0 scales Kubernetes deployments across cloud-native environments.
StackRox Delivers Container and Kubernetes Security for Financial Services Innovator Brex | StackRox: Kubernetes and container security solution (StackRox) StackRox Kubernetes Security Platform provides “security-as-code” to help Brex protect customer data on its rapidly growing financial systems
Forescout Advances Industrial IoT and OT Security (GlobeNewswire) Expanded partnerships and integrations with Splunk, CrowdStrike and CyberArk offer end-to-end security solutions to deliver advanced insights and rapid response
Version 8 of the Protegrity Data Protection Platform Looks Towards the Future (Protegrity) The new—and, yes, improved—version of the Protegrity Data Protection Platform (v8) is the culmination of our understanding of a data-security industry that we largely created and continue to shape. It’s the latest iteration of technology that was developed through numerous collaborations with our customers. It’s the realization of us addressing their specific data-security concerns in an age when an enterprise’s customers fiercely value the privacy of information and regulations enshrine those expectations.
Netskope delivers continuous risk management with new analytics, dynamic visualisation tools (ITWeb) Netskope Advanced Analytics helps organisations understand, prioritise and measure their efforts to improve security for their applications, data and users.
Thycotic Secures Privileged Database Access in DevOps Pipelines (Thycotic) Washington, D.C., November 10, 2020 – Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations worldwide,
Verizon Business wraps its arms around small businesses with debut of Business Internet Secure (FierceTelecom) Verizon Business is now offering small businesses a new business-grade security package to protect them where they're the most vulnerable. Business Internet Secure provides cybersecurity protection where attacks occur the most; employee devices and the internet.
Kudelski, naxoo extend partnership (Advanced Television) The Kudelski Group, a specialist in digital security and IoT solutions, and naxoo, the cable operator of the City of Geneva, have announced a new partnership to
Palo Alto Networks Reimagines Data Security with an Easy to Implement Cloud-Delivered Enterprise Data Loss Prevention Service (AiThority) Palo Alto Networks introduced Enterprise DLP—a cloud-delivered service that brings a fresh, simple and modern approach to data protection.
Tesserent teams up with NZ’s Optic Security Group (ARN) Australian cyber security provider Tesserent has signed a joint venture agreement with New Zealand security provider Optic Security Group.
Introducing Cybereason XDR: Future-Ready Attack Protection that Ends C (PRWeb) Cybereason, the leader in future-ready attack protection, today announced the availability of Cybereason® XDR (Extended Detection and Response), a unified solution...
CertiK deploys automated smart contract auditing tool (CoinTelegraph) An automated tool can help pick the low-hanging fruit vulnerabilities.
QuoLab Technologies Announces Partnership with QGroup GmbH (BusinessWire) QuoLab Technologies has announced its partnership with QGroup GmbH, a European Competence Center and manufacturer of multilevel security solutions.
Domain Computer Services Announces Launch of Two New Product Offerings as a Result of Merger: CISOaaS & Marketing by Domain (Yahoo) After the success of their merger with Tier One Technology Partners last month, Domain Computer Services announced today that they will now be adding two new product offerings to their portfolio: Chief Information Security Officer (CISO) as-a-Service and Marketing by Domain.
New CompTIA Security+ Certification Exam Available Worldwide (CompTIA) Comprehensive suite of Official CompTIA exam preparation resources also released
Technologies, Techniques, and Standards
House report says lawmakers could securely cast remote votes amid pandemic (TheHill) A new report prepared by staff on the Democratic-led House Administration Committee has concluded that technology exists for members of Congress to securely vote remotely during the ongoing coronavirus pandemic.
Companies Need to Better Align Risk and Compliance Departments, Advisory Group Says (Wall Street Journal) Companies should create closer links between their compliance departments and risk managers who focus on an array of corporate hazards, according to an influential organization that guides companies on enterprise risk-management practices.
IoT security is a mess. These guidelines could help fix that (ZDNet) New guidelines from ENISA recommend that all stages of the IoT device lifecycle need to be considered to help ensure devices are secure.
Massive IoT Disruption Coming to an OT Network Near You (Nozomi Networks) The pursuit of competitive advantage has always driven organizations to embrace new technologies and processes to reduce costs and improve efficiency.
How Can Manufacturers Stop Damaging Cyber Attacks? (IndustryWeek) Privileged access security might be the route to addressing manufacturing's current cyber attack trend.
Can Behavior Analytics Help Minimize Social Engineering Attacks? (Meritalk) As organizations continue to face evolving social engineering attacks during the pandemic, such as the recent linkless email phishing scam, it’s imperative to rethink cybersecurity strategies to combat these threats.
Vatican Library’s digitised manuscripts – including oldest surviving copy of the Bible – protected from cyber-attacks using AI | Cambridge Network (Cambridge Networks) Darktrace, the world’s leading cyber AI company, has today announced that the Vatican Library, which holds one of the oldest and most significant collections of historical texts in the world, has selected Darktrace AI to protect it against cyber-attacks.
Pentagon Readies for Battle in a 5G Future (Wall Street Journal) U.S. military sees new war-fighting opportunities and vulnerabilities in emerging telecommunications network.
Online Business Laws Your Small Business Needs to Know (Business News Daily) Don't put your online business in jeopardy by being uninformed. Here are five online business laws you should know.
How to Avoid Getting Killed by Ransomware (Dark Reading) Using a series of processes, infosec pros can then tap automated data hygiene to find and fix files that attackers key in on.
How to Avoid Paying Ransomware Ransoms (Data Center Knowledge) As private experts and government officials advise against indulging the bad guys, here are some tips for following that advice.
Privacy Refresh Overview (Avast) In the first post of our Privacy Refresh series, we walk through the reasons why you don’t have to give over all of your privacy to social media.
Design and Innovation
Machine learning tool developed to detect fake news domains when they register (MENAFN) Social media companies and governments need to take a more active role in tackling fake news. Techniques observed could be used to target corporates if not tackled
Real-Time Prediction of Online False Information Purveyors and their Characteristics by Anil R Doshi, Sharat Raghavan, William Schmidt (SSRN) Disinformation, misinformation, and other 'fake news' - collectively false information - is quick and inexpensive to create and distribute in our increasingly...
Human Factor Pivotal to Pandemic and Cyber Modeling, Says CyberCube Report (CyberCube) Understanding and predicting human behaviour is one of the biggest challenges facing modelers of both pandemics and cyber risk, a new report from CyberCube concludes.
Research and Development
Computer Scientists Achieve ‘Crown Jewel’ of Cryptography (Quanta Magazine) A cryptographic master tool called indistinguishability obfuscation has for years seemed too good to be true. Three researchers have figured out that it can work.
Academia
Fairfield University Partners with Pulse Secure on New Cybersecurity Lab to Prepare the Next Generation of Information Security Professionals (GlobeNewswire) Advanced degrees in the Cybersecurity sector are in high demand with 3.5 million unfilled cybersecurity positions projected by 2021
KnowBe4 to Sponsor 2,000 Students for Cyber Safety Day Tampa Bay (EIN News) KnowBe4 joins the Center for Cyber Safety and Education as a Partner Sponsor for Cyber Safety Day Tampa Bay 2021.
Legislation, Policy, and Regulation
'Don't weaponise the net' warns former NCSC cyber-chief Ciaran Martin (Yahoo News) Ciaran Martin says cyber-defences should take precedence over new digital weapons for attacks.
Indonesia’s digital authoritarianism: Blackouts, fake news, and hacking attacks (Rest of World) As protests rage, the government and its supporters are throttling bandwidth, intimidating opponents, and running false-flag operations.
The Huawei war (Le Monde diplomatique) Huawei, backed by the Chinese state, developed and helped shape 5G, the next generation of mobile connectivity. Europe has its own potential suppliers but the US fears this and is restricting the use of Chinese technology in America. This has made Chinese tech firms ever more resilient.
Brussels Report: Europe Tries to Boost Its Cybersecurity Industry (Wall Street Journal) European investors are aiming to give the continent’s fragmented cybersecurity industry a financial boost, part of a slew of recent initiatives designed to reduce dependence on foreign technology suppliers.
UK to increase powers to block foreign investments (Federal News Network) The British government plans to increase its power to block or modify foreign investment in the U.K. on national security grounds under legislation to be introduced Wednesday…
The Future of U.S. Foreign Intelligence Surveillance (Just Security) Massive warrantless surveillance endangers both constitutional rights and U.S. competitiveness in a global information marketplace. There’s only one solution to these problems: comprehensive surveillance reform. Here's what reform looks like.
How President Trump’s Foreign Policy Could Actually Help President-Elect Biden (US News and World Reoort) The incoming administration is poised to try to undo four years of Trump’s foreign policies. In some cases, Biden would be unwise to even try, analysts say.
House Reps ask FCC to ‘stop work on all partisan, controversial items’ during transition (TechCrunch) Two U.S. representatives who oversee the FCC have asked the agency to respect the results of the election by abandoning any “partisan, controversial items under consideration.” This likely includes the FCC’s effort to reinterpret Section 230, an important protection for internet p…
Bye-Bye, Ajit Pai: FCC Boss Will Soon Lose Top Spot (Vice) You can expect most of his more controversial decisions, like the repeal of net neutrality, to be reversed.
Pressure grows to reinstall White House cyber czar (TheHill) Pressure to reinstate a cyber czar within the White House is growing, with bipartisan allies lining up on Capitol Hill to push such a proposal while the incoming administration zeroes in on addressing cybersecurity challenges.
Big Tech Welcomes Biden Presidency, But Battles Loom (SecurityWeek) Silicon Valley is welcoming the election of Joe Biden as US president even as it girds for a series of battles over tech policy in Washington
The Cybersecurity 202: Trump’s refusal to begin the transition could damage cybersecurity (Washington Post) The Trump administration’s refusal to concede could leave President-elect Joe Biden and his team flatfooted in responding to cyberattacks.
The GSA’s Blocking Biden Transition Team and the National Security Implications (Just Security) Why the absence of a concession and existence of litigation are no excuse for the GSA under the Presidential Transition Act to delay any further, and the immense national security stakes that hang in the balance.
Biden Picks BigLaw Privacy Pros For DHS, DOJ Review Teams (Law360) The leaders of the cybersecurity and privacy practices at Mayer Brown LLP and Paul Hastings LLP are among the experts that President-elect Joe Biden's transition team announced have been tapped to help shape the future course of the U.S. Departments of Homeland Security and Justice.
Top policy, intelligence civilians resign amid Pentagon shakeup (Defense News) Anderson joins Defense Secretary Mark Esper in exiting the building.
Who Are the Senior Officials at the Pentagon and the N.S.A? (New York Times) The arrival of the new officials has prompted concerns. Their backgrounds offer insights into their policies.
Washington State Could Be the 2021 Battleground for Internet Privacy (Wall Street Journal) Washington state lawmakers are gearing up to make another pass at a consumer privacy law next year after two previous attempts made it through the state Senate but drew criticism from state House Democrats, the state attorney general and advocacy groups such as the American Civil Liberties Union.
Litigation, Investigation, and Law Enforcement
Czech Intel Report Targets Russian, Chinese Spies (SecurityWeek) The Czech Republic's intelligence agency said Tuesday Russian and Chinese spies posed an imminent threat to the EU member's security and other key interests last year.
What does it take to fight ransomware and botnets? A Q&A with a cloud crime investigator (Microsoft On The Issues) Jason Lyons is a malware and cloud crime investigator at the Microsoft DCU and part of a team that disrupted Trickbot. We caught up with Jason to find out more about this critical work.
Postal worker recanted allegations of ballot tampering, officials say (Washington Post) A Pennsylvania postal worker whose claims have been cited by top Republicans as potential evidence of widespread voting irregularities admitted to U.S. Postal Service investigators that he fabricated the allegations, according to three officials briefed on the investigation and a statement from a House congressional committee.
USPS Pennsylvania whistleblower fights claims he recanted voter fraud charge (Washington Examiner) A postal worker who said he had firsthand knowledge of voter fraud is fighting back against the Washington Post and House Democrats after reports that he recanted his allegations.
USPS whistleblower denies report he recanted voter fraud claims (New York Post) Richard Hopkins, a United States Postal Service worker in the must-win swing state, denied taking back his statements when speaking to authorities.
Morgan Stanley Receives $60 Million Fine for Improper Handling of Customer Data (Security Boulevard) Morgan Stanley investment bank must pay a whopping $60 million fine for failing to properly decommission multiple business data centers that stored sensitive customer information, the Office of the Comptroller of the Currency (OCC) announced earlier this month. According to a civil penalty consent order, the oversights in handling the retirement of the data centers
China Targets Alibaba, Other Homegrown Tech Giants With Antimonopoly Rules (Wall Street Journal) China has released new draft antimonopoly rules for its online platforms, signaling an increased appetite by Beijing authorities to rein in dominant technology companies.
TikTok asks U.S. court to slow forced sale with deadline approaching (Washington Post) TikTok 's Chinese parent, ByteDance, is required to divest the U.S. assets by Nov. 12.
()
The Cybersecurity 202: A Biden administration could mean a reset in the U.S. war on TikTok (Washington Post) President Trump has waged war against popular video app TikTok. It's unclear what a President Biden would do.
Ex-Microsoft engineer gets 9 years in prison after using digital currency scheme to buy $1.6M lakefront home, $160K Tesla (GeekWire) An ex-Microsoft engineer was sentenced to nine years in prison for 18 federal felonies after he stole more than $10 million worth of digital currency from his ex-employer and used the funds to finance…
Former Microsoft Worker Gets 9 Years in $10M Fraud Scheme (SecurityWeek) Former Microsoft worker Volodymyr Kvashuk was sentenced to nine years in prison for a scheme to steal $10 million in digital currency, which authorities said he used to buy a Tesla and a $1.7 million lakefront home.
Cyber Consulting Firms Get Tied Up in Post-Breach Lawsuits (Bloomberg Law) Cybersecurity consultants could be on the hook for data breaches at companies they contract with after two recent court rulings in consumer class actions.
The New Yorker fires Jeffrey Toobin after probe into Zoom masturbation scandal (New York Post) Jeffrey Toobin is out at the New Yorker.
Jeffrey Toobin fired from The New Yorker after exposing himself on a Zoom call (CNN) Jeffrey Toobin, a prominent writer and CNN's chief legal analyst, was fired from The New Yorker on Wednesday after he accidentally exposed himself to colleagues with the New Yorker and WNYC during a Zoom call last month.