Cyber Attacks, Threats, and Vulnerabilities
The GRU's MH17 Disinformation Operations Part 1: The Bonanza Media Project (bellingcat) An investigation by Bellingcat and its investigative partners has discovered evidence that Bonanza Media, a self-styled independent investigative platform, is in fact a special disinformation project working in coordination with Russia’s military intelligence. While we have not yet established conclusively whether the Russia’s military intelligence agency, best known as the GRU, was behind the initial …
Top officials: Nov. 3 election most secure in US history (AP NEWS) A coalition of federal and state officials found no evidence that votes were compromised or altered in last week's presidential election, rejecting unsubstantiated claims of...
USA: CISA confirms no evidence of election compromise (Computing) Chris Krebs, director of CISA, said, "America, we have confidence in the security of your vote, you should, too"
()
Joint Statement from Elections Infrastructure Government Coordinating Council & the Election Infrastructure Sector Coordinating Executive Committees | CISA (CISA) The members of Election Infrastructure Government Coordinating Council (GCC) Executive Committee – Cybersecurity and Infrastructure Security Agency (CISA) Assistant Director Bob Kolasky, U.S. Election Assistance Commission Chair Benjamin Hovland, National Association of Secretaries of State (NASS) President Maggie Toulouse Oliver...
Emails alleging election interference spread malware (Washington Examiner) Cybercriminals use emotional reaction to the 2020 election to lure victims.
Jihadist Networks Dig In on Social Media Across Central Asia (Foreign Policy) Almost 500 extremist channels on Telegram, VKontakte, and other networks spread propaganda and vie for recruits. Most of them have ties to the Islamic State.
VoltPillager: the $30 next-generation of undervolting attacks against Intel SGX (University of Birmingham) Researchers at the University of Birmingham have managed to break SGX, a set of security functions used by Intel processors, by creating a $30 device to control CPU voltage.
The introduction of the Jupyter InfoStealer/Backdoor (Morphisec) The full Morphisec Labs analysis of the damaging new Jupyter infostealer/backdoor.
Check Point tracks Bitcoin ransom payments from new cyber attack to Iranian nationals (CTECH) Dubbed Pay2Key, the sophisticated new ransomware encrypts an organization’s entire network in an hour, with 12 Israeli companies so far falling victim
Israeli Cybersecurity Giant Tracks Ransom Payments From New Cyber Attack To Iranian Nationals (Algemeiner) A symbol of the cryptocurrency Bitcoin. Photo: Pixabay. CTech – Israeli cybersecurity giant Check Point Software Technologies revealed a new …
Report: Facebook Credit Card Scam Exposed Via Huge Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently uncovered a potentially massive phishing and credit card fraud operation targeting Facebook users.
ModPipe malware decrypts Oracle point-of-sale database passwords (BleepingComputer) Security researchers have discovered a new malware geared with modules that target Oracle Micros Hospitality RES 3700 point-of-sale systems, one of the most widely used management software in the hospitality industry.
Doctors an Easy Mark for Hospital Cyberattackers (Medpage Today) Fake emails from bosses, messages about COVID, PPE, vaccines: 'Doctors have fallen for it multiple times'
()
Old Worm But New Obfuscation Technique (SANS Internet Storm Center) Yesterday I found an interesting JavaSvript script delivered through a regular phishing campaign...
Steelcase Cyber Attack Should Be a Wakeup Call (Industry Week) Ransomware attack leads to world's largest office furniture manufacturer shuttering its operations.
The North Face resets passwords after credential-stuffing attack (The State of Security) Outdoor clothing retailer The North Face has reset an undisclosed number of customer passwords following a credential stuffing attack.
Another Credit Card Stealer That Pretends to Be Sucuri (Sucuri) During a routine investigation, we found yet another web skimmer that pretends to be related to Sucuri.
Mitsubishi Electric MELSEC iQ-R Series (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.8
ATTENTION: Exploitable remotely
Vendor: Mitsubishi Electric
Equipment: MELSEC iQ-R series
Vulnerability: Uncontrolled Resource Consumption
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service condition for the affected products.
BD Alaris 8015 PC Unit and BD Alaris Systems Manager (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 6.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Becton, Dickinson and Company (BD)
Equipment: BD Alaris 8015 PC Unit and BD Alaris Systems Manager
Vulnerability: Improper Authentication
2. RISK EVALUATION
Successful exploitation of this vulnerability could lead to a drop in the wireless capability of the Alaris PC Unit.
Don’t give your personal info to fake PlayStation 5 pre-order websites, warns Kaspersky (Hindustan Times Tech) They had ‘Playstation’ in their names and gave interested (and unaware) users a chance to pre order the PS5 console.
Public Health Wales Statement on Data Breach (Public Health Wales) Public Health Wales has today accepted in full the recommendations of an independent investigation into a data breach which resulted in the publication of the personally identifiable data of 18,105 Welsh residents who had tested positive for COVID-19 between February and August 2020.
Animal Jam kids' virtual world hit by data breach, impacts 46M accounts (BleepingComputer) The immensely popular children's online playground Animal Jam has suffered a data breach impacting 46 million accounts.
46M records stolen from kids gaming service Animal Jam published on dark web (SiliconANGLE) Some 46 million records stolen from children’s gaming service Animal Jam have found its way onto the dark web following a hack of the company in October.
Data Breach Alert (Animal Jam) WildWorks has learned that a database containing some Animal Jam user data was stolen in connection with a recent attack on the server of a vendor WildWorks uses for intra-company communication.
()
As Election Misinformation Spreads On Facebook, Mark Zuckerberg Told Employees That Biden Won (BuzzFeed News) Facebook’s CEO also said Steve Bannon’s comments about beheading government officials did not warrant his complete removal from the platform.
Twitter says it labeled 0.2% of all election-related tweets as disputed. (New York Times) Twitter is the first social media platform to publicly disclose how it performed during the election.
YouTube defends choice to leave up videos with false election claims (The Verge) YouTube is under fire for spreading misinformation.
Security Patches, Mitigations, and Software Updates
macOS Big Sur launch appears to cause temporary slowdown in even non-Big Sur Macs (Ars Technica) Even Macs that didn't upgrade to Big Sur had problems.
Cyber Trends
More than just malware, ransomware 2.0 hits businesses hard (Security Brief) Cyber criminals are shifting their focus from encrypting data to publishing confidential information online, according to new findings from Kaspersky researchers.
MobileIron: ‘Endpoint Protection Shouldn’t Be Limited To Desktop’ (CRN) MobileIron’s Russell Mohr shares with the channel why it’s important for endpoint security to move beyond the desktop in the evolving 5G era, especially as remote work becomes the “new normal.”
Keeper Security Advises Retailers to Safeguard Digital Storefronts For the Holidays (Keeper Security) New report reveals retailers experienced a tremendous loss resulting from account takeovers and stolen or compromised devices over the past 12 months
Marketplace
Menlo Security CEO Says $100M Series E Could Be Last Funding Before IPO (Crunchbase News) Menlo Security, a leader in cloud security, today announced it has raised $100 million in Series E funding, valuing the company at $800 million.
SentinelOne Nabs $267M, Reaches $3B-plus Valuation (Crunchbase News) SentinelOne plans to pursue acquisitions after securing a $267 million Series F that tripled the company’s valuation from just nine months ago.
ManTech Acquires Minerva, Bolstering Cyber Work For Intelligence Community (Defense Daily) ManTech International on Thursday said it has acquired Minerva Engineering, a company that provides various cyber services to the intelligence community. T
ManTech closes buy of cyber defense firm (Washington Technology) ManTech completes its acquisition of a company focused on cyber defense that also further entrenches the buyer with intelligence community clients.
()
Palantir Boosts Its Full-Year Revenue Outlook (Wall Street Journal) Data analysis company Palantir Technologies raised its annual revenue outlook after it posted better-than-expected sales in the third quarter on increasing demand for its software.
Huawei roots for 5G technology amid growing cyber attacks
(Xinhua) Chinese technology firm Huawei on Thursday called for increased adoption of 5G technology amid growing cyber-attacks.
Microsoft Has a $30 Billion Opportunity in Security Software, Analyst Says (Barron's) “As corporate workloads migrate to the cloud, so will security spend associated with them,” Barclays analyst Raimo Lenschow says.
Relativity Joins Microsoft Intelligent Security Association (PR Newswire) Relativity, a global legal and compliance technology company, today announced that it has joined the Microsoft Intelligent Security Association...
PAS Named #1 Global Alarm Management Software Provider by Leading Analyst Firm (PAS) PAS PlantState Integrity recognized for analyzing data from disparate sources to provide critical safety and production information that improves operator situation awareness
Telos Corporation Welcomes Fred Schaufeld to its Board of Directors (Telos Corporation) Telos adds noted entrepreneur and investment guru Fred Schaufeld to its Board of Directors.
Bishop Fox Rounds Out Advisory Board with Former Microsoft, Netscape/AOL Marketing and Product Executive (GlobeNewswire) Martina Lauchengco Joins Recently Appointed Advisors Alex Stamos and Evan Wolff
Splunk Appoints Four-Star U.S. Army General Dennis Via to its Board of Directors (Odessa American) Splunk Inc. (NASDAQ: SPLK), provider of the Data-to-Everything Platform, today announced that retired Army General Dennis Via has joined Splunk’s Board of Directors, bringing more than 40 years of military, technology and public sector leadership experience to the role.
Products, Services, and Solutions
Introducing Cybereason XDR: Future-Ready Attack Protection that Ends Cyber Attacks from Endpoints to Everywhere (Cybereason) Introducing Cybereason XDR: Future-Ready Attack Protection that Ends Cyber Attacks from Endpoints to Everywhere
Proctortrack Partners with CyberSecOp to Produce Joint Cybersecurity Awareness and Educational Webinars (Proctortrack) CyberSecOp reviewed and confirmed that Proctortrack’s infrastructure, technology, security, and data privacy systems are safe and secure.
SonicWall Expands Boundless Cybersecurity with New High-Performance, Low-TCO Firewalls; Company Debuts Cloud-native ZTNA Solution to Secure Work-from-Anywhere Environments (PR Newswire) SonicWall today announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall and three new...
Omada Identity Cloud Accelerator Package (Omada) Omada has released its Omada Identity Cloud Accelerator to help companies implement modern IGA in just 12 weeks
KnowBe4’s Security Awareness Essentials Certified in Association With the UK’s National Cyber Security Centre (GlobeNewswire) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its Security Awareness Essentials course is now certified in association with the UK’s National Cyber Security Centre (NCSC, formerly GCHQ).
Facebook’s Snapchat-like ‘Vanish Mode’ feature arrives on Messenger and Instagram (TechCrunch) Facebook today announced its new Snapchat-like feature for disappearing messaging, Vanish Mode, is arriving on Messenger and Instagram. The feature, meant for more casual conversations, allows users to set chats to automatically delete after the message is seen and the chat is closed. In Vanish Mod…
Criterion paves Grayshift's way into Australian market (Intelligence Online) The American smartphone decryption company Grayshift is starting to export outside the US with the help of Australia's Criterion.
Comodo open-sources its EDR solution (ZDNet) OpenEDR, announced in September, is available on GitHub starting this week.
Code42 Incydr Delivers Evolved Data Protection for Channel Partners (Valdosta Daily Times) Code42, the insider risk detection and response leader, today announced that it is revamping and formalizing its channel program with a “channel-first” go-to-market strategy for the Code42 IncydrTM product. A data risk detection and response solution, Incydr helps organizations identify and act on the greatest indicators of insider risk to their data and mitigate exposure from data exfiltration.
Malwarebytes Expands Channels to Reach New Customers with ConnectWise Integration (Malwarebytes Press Center) Malwarebytes today announced its integration with ConnectWise Automate, a leading remote monitoring and management (RMM) software solution.
Technologies, Techniques, and Standards
How the Pentagon is trolling Russian, Chinese hackers with cartoons (CyberScoop) There’s little Russian hackers hate more than being seen as soft. So the U.S. military has begun publishing mocking illustrations to goad foreign hackers.
A closer look at the Vt. National Guard Cyber Response team (WCAX) Not long after the University of Vermont Health Network was hacked, a lesser-known team within the Vermont National Guard, the Cyber Response Team, was deployed to aid in the recovery.
U.S. MQ-9 Reaper Drones Stationed In Poland Spotted With New SIGINT Wing-Mounted Pod (The Aviationist) The MQ-9 drones of the 52nd Expeditionary Operations Group Detachment 2 have started flying with a new SIGINT (SIGnal INTelligence) pod. Some interesting photos were shared online by the Polish Min…
PIRC Releases Guide on Cybersecurity for Nonprofits Facing Compliance (PRWeb) New York-based Partners in Regulatory Compliance (PIRC), which provides answers to the growing, complex need for cybersecurity in organizations facing strict re
It's Time to Hang Up on Phone Transports for Authentication (Microsoft) In my blog Your Pa$$word doesn't matter, I laid out the key password vulnerabilities, and in response to a gazillion “but other creds can be compromised, too” DMs and emails, I wrote All our creds are belong to us, where I outlined vulnerabilities in credentials other than passwords and highlighted ...
6 Cybersecurity Tips When You Work From Home (Forbes Advisor) As of September 2020, nearly 60% of full-time and part-time workers in the U.S. were doing their jobs remotely at least some of the time during the coronavirus pandemic. And many of them would like to keep doing so. This work-from-home pivot makes some employers’ IT professionals nervous, though.
Design and Innovation
Machine Identity Management Development Fund Adds Indie Developers Program (Venafi) Machine Identity Management Development Fund Adds Indie Developers Program
Research and Development
DARPA and Academia Jumpstart 5G IoT Security Efforts (Dark Reading) With 5G IoT devices projected to hit 49 million units by 2023, researchers launch programs to keep IoT from becoming a blackhole of exfiltration.
Academia
Fairfield University unveils new cybersecurity lab to prepare the next generation of information security professionals (Security Magazine) In response to the global, rapidly growing demand for skilled information security professionals across industries—from government to private sector and non-profit—Fairfield University is now offering a flexible 30-credit Master of Science in Cybersecurity program, along with other changes and new technologies in its cyber lab.
Guest column: NSA awards Ivy Tech portion of $5.9M cybersecurity grant (Chicago Tribune) Ivy Tech's Lake County and Valparaiso campuses will receive a portion of a $5.9 million grant from the National Security Agency to expand their cybersecurity training partnerships in Northwest Indiana.
Applying to college? Don’t let scammers steal your money (Yahoo) Applying to college and figuring how to pay for it can be stressful. Here’s how to protect yourself and your personal information during the process.
Legislation, Policy, and Regulation
Kremlin Spin Doctors are Leading Russia’s Vaccine Development (Foreign Policy) With Sputnik V, the country is conflating good headlines with good health.
U.S. offers Brazil telecoms financing to buy 5G equipment from Huawei rivals (ETTelecom) The U.S. government stepped up an offensive on Tuesday to keep China's Huawei Technologies out of Brazil's 5G market, with Washington offering to fina..
Focus Cyber Defence Rather Than Cyber Attack (Silicon UK) 'Don't weaponise the net'. Former head of UK's NCSC urges governments to focus on cyber defence than cyber offensive capabilities
Cyberattacks and the Constitution (Lawfare) The United States has one of the world’s strongest and most sophisticated capabilities to launch cyberattacks against adversaries. How does the US Constitution allocate power to use that capability? And what does that allocation tell us about appropriate executive-legislative branch arrangements for setting and implementing cyber strategy?
Starting Dec. 1, Cybersecurity Is No Longer Optional (Breaking Defense) "This is the start of a new day in the Department of Defense where cybersecurity, as we’ve been saying for years is foundational for acquisitions, we’re putting our money where our mouth is. We mean it,” Katie Arrington says.
Pentagon Expands 5G Efforts as Lawmakers Raise Eyebrows (Defense One) The Pentagon's acquisition chief said DOD will also release guidance on securing the microelectronics supply chain.
Trump bans Americans from investing in 31 companies with links to Chinese military (Axios) Americans have until November next year to divest.
Beijing Attacks America’s New Investment Blacklist (Wall Street Journal) Beijing condemned a move by President Trump to block American investments in some key Chinese companies, following a steep selloff in shares of several of the targets.
Two senior Homeland Security officials forced out as White House firings widen (Washington Post) The White House has forced out two top Department of Homeland Security officials as part of a widening purge of anyone suspected of lacking complete loyalty to President Trump, three people familiar with the removals said Thursday.
Senior DHS cybersecurity official Bryan Ware to step down (CyberScoop) Bryan S. Ware, who took the reins as the senior most Department of Homeland Security official focused exclusively on cybersecurity in January, is stepping down from his post and heading to the private sector.
CISA’s Ware resigns; is Director Krebs next out the door? (Federal News Network) Bryan Ware, the assistant director of the cybersecurity division at CISA, resigned on Thursday and CISA Director Chris Krebs may be next on the chopping block.
Exclusive: Top official on U.S. election cybersecurity tells associates he expects to be fired (Reuters) Top U.S. cybersecurity official Christopher Krebs, who worked on protecting the election from hackers but drew the ire of the Trump White House over efforts to debunk disinformation, has told associates he expects to be fired, three sources familiar with the matter told...
The Cybersecurity 202: Officials say firing DHS cyber chief could make U.S. less safe as election process continues (Washington Post) News that Chris Krebs, the government's top election security official, could be ousted in a post-election firing rampage at the Department of Homeland Security sent shockwaves through Washington.
Trump Stacks the Pentagon and Intel Agencies With Loyalists. To What End? (New York Times) So far, there is no evidence the appointees harbor a secret agenda or arrived with an action plan. But their sudden appearance amounts to a purge of the Pentagon’s top civilian hierarchy without recent precedent.
Trump’s Pettiness Is the Simplest Explanation (The Atlantic) The postelection shake-up at the Pentagon has raised alarms in the national-security world, but Trump’s likeliest motive is plain old spite.
()
Get tough on Google now, 165 competitors urge the EU (Computing) Tech firms and industry bodies say planned antitrust legislation may arrive too late
DISA’s Anthony Montemarano to Retire Next Month (Executive Gov) Tony Montemarano, executive deputy director of the Defense Information Systems Agency (DISA), will r
Litigation, Investigation, and Law Enforcement
U.S. Backs Down on TikTok (Wall Street Journal) The Commerce Department’s action delays implementation of a regulation, set to take effect Thursday, that would effectively make the video-sharing app inoperable in the U.S.
The untold story of a cyberattack, a hospital and a dying woman (WIRED) German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning
The Scammer Who Wanted to Save His Country (Wired) Last fall, a hacker gave Glenn Greenwald a trove of damning messages between Brazil’s leaders. Some suspected the Russians. The truth was far less boring.
Legal Services Biz Can't Skip Out On Data Breach Suit Yet (Law360) A California federal judge has refused to dismiss a proposed class action against legal services company Epiq Systems Inc. over a recent data breach, but signaled he may be willing to dismiss it in the future depending on what discovery reveals.
Apple Can't Duck Facial Recognition Privacy Class Action (Law360) An Illinois federal judge on Thursday refused to let Apple Inc. escape a class action alleging that it violates state law through its facial recognition software, finding that the proposed class' allegations that the company illegally collects and stores face scans can proceed.
BBQ Chain Didn't Protect 3M Credit Card Nos., Customers Say (Law360) Two customers have sued Dallas-based Dickey's Barbecue Pit in California federal court over a data breach, saying the restaurant chain failed to prevent cyberthieves from stealing their credit card numbers and belatedly revealed that their personal identifying information is being sold on the black market.
Why Scotland Buying Israeli Phone-Hacking Kit is Dangerous (Bella Caledonia) The expulsion of democratically elected members of the Hong Kong Legislative Assembly exposes once again the intolerance of dissent under Beijing’s authoritarian state capitalism. China is now a m…
Ticketmaster Hit With £1.25 Million GDPR Fine Over 2018 Data Breach (Forbes) The ICO has fined Ticketmaster following a 2018 data breach that affected as many as 9.4 million Ticketmaster customers across Europe, including 1.5 million in the UK.
Three voters demand €10m fine for IT firm behind huge data breach (Times of Malta) Three of the 337,384 Maltese voters whose data was leaked in a massive security breach in April, have filed a complaint with the Data Protection Authority requesting that the IT company that held the data be fined up to €10 million.
Their complaint comes a month after more than 620 claimants...