Cyber Attacks, Threats, and Vulnerabilities
Iowa Caucus Results Delayed by Counting Problems (Wall Street Journal) An election debacle unfolded as the Iowa Democratic Party failed to release the results of the state’s presidential caucuses, saying it had found “inconsistencies in the reporting” as the nation awaited the outcome of the first-in-the-nation nominating contest.
Iowa Democratic caucuses turn to chaos as party fails to declare winner (San Diego Union-Tribune) Precinct chairs around the state report problems with the computer application intended to relay results to party headquarters.
Iowa Caucuses Devolve Into Chaos Over Tech Problems and 'Inconsistencies' (Time) The voters have finally spoken, but nobody knows what they said
‘It kind of failed us’: With eyes of the world on Iowa, another hiccup in American democracy (Washington Post) She couldn't get the mobile app to work. And she couldn't get through to the state party. So Linda Nelson, the Democratic chairwoman in Pottawattamie County, chose her next best option: Facebook.
Iowa Caucus Results Delayed by Apparent App Issue (Wall Street Journal) The mobile app that appears to have caused problems during the Iowa presidential caucuses was built by a small Washington, D.C.-based company connected to a nonprofit progressive digital strategy firm.
Tech firm started by Clinton campaign veterans is linked to Iowa caucus debacle (Los Angeles Times) Shadow, a tech developer started by veterans of Hillary Clinton’s 2016 run, built the app being blamed for delaying Iowa Democratic caucus results.
The Cybersecurity 202: Iowa caucus debacle shakes public confidence in 2020 security (Washington Post) The biggest security lesson from last night's Iowa caucuses: It doesn't take a hack for technology to undermine confidence in an election.
People are wrongly making Hillary Clinton's campaign manager the villain of the Iowa caucus (updated) (The Daily Dot) Hillary Clinton is not involved in the Iowa caucus this year, and yet her old campaign manager, Robby Mook, is under fire tonight. Here's why.
McAfee Research Reveals Election Website Security Shortcomings in 2020 Battleground States (BusinessWire) Lack of .GOV Validation and HTTPS Encryption Among County and County Election Websites Could Render 13 Battleground States Susceptible to Voter Disinformation Campaigns in 2020 Elections
Japanese Firm NEC Electronics Confirm Security Breach (Latest Hacking News) The Japanese electronic and IT giant NEC has disclosed a security breach leaking around 28,000 files. However, the defense data remained safe.
Hacking leads to fake story claiming US soldier in Lithuania has coronavirus (Stars and Stripes) Lithuania’s “Kauno Diena” newspaper said a false story, which appeared Friday, was the work of hackers and was visible for about 10 minutes before being taken down.
Twitter says an attacker used its API to match usernames to phone numbers (ZDNet) Twitter discloses security incident involving the abuse of one of its official API features.
Bouygues Construction Shuts Down Network to Thwart Maze Ransomware (BleepingComputer) French construction giant Bouygues Construction shut down their computer network to avoid having all of their data encrypted by the Maze Ransomware.
250 Million Microsoft Customer Service Records Exposed; Exactly How Bad Was It? (CPO Magazine) Microsoft announced a breach where they uncovered misconfigured security rules in one internal database that exposed 250 million customer service records for almost whole of December.
Microsoft Teams goes down after Microsoft forgot to renew a certificate (The Verge) An embarrassing mistake for Microsoft’s Slack competitor
‘Pabbly’ Exposes 51.2 Million Records via Leaky Database (TechNadu) An India-based email marketing company, "Pabbly", has exposed over fifty million email addresses belonging to their customers.
Library Lines: Contra Costa system recovers from cyber-attack (East Bay Times) Library and county IT staff are working to secure and upgrade the library’s system network to prevent future attacks, and law enforcement continues to investigate the cause of the breach.
TA505 APT Group Returns With New Techniques: Report (BankInfo Security) After a hiatus, TA505 - a sophisticated APT group that has targeted financial companies and retailers in several countries including the U.S. - has returned with a
Vulnerability Summary for the Week of January 27, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
United Healthcare reports breach affecting 36 SC customers (Post and Courier) First and last names, health plan information and private medical claims data all could have been compromised, United said.
Yarra Trams data breach: Commuters' email addresses exposed (The Age) The personal email addresses of nearly 100 commuters who had applied for compensation were exposed in a Yarra Trams data breach.
Adversary Exposed: How One Criminal Attempted to Sell an MSP on the Dark Web (Medium) Think about all the things you can buy and do on the dark web.
Coronavirus Fears Exploited in Phishing Attacks (AppRiver) Over the past few weeks, we have been patiently awaiting a surge in malicious email activity surrounding the Novel Coronavirus outbreak that has garnered headlines across the globe. We had previously spotted some run-of-the-mill spam campaigns that were leveraging the outbreak to hawk over-ear facemasks. We subsequently saw some activity from the Emotet malware group that was exploiting the topic by sending mal-spam links. However, those were limited in scale and seemed to be only targeting users in Japan.
Instagram's Search Results For Vaccines Are A Public Health Nightmare (HuffPost) By promoting anti-vax misinformation, the platform legitimizes distrust in vaccines.
Not funny: Vlogger in nCoV prank says sorry to mall, public (Inquirer) The vlogger who stirred a public scandal after pretending to be a novel coronavirus (nCoV) carrier had apologized to the public and the management
Security Patches, Mitigations, and Software Updates
Twitter Fixed Issue Exploited to Match Phone Numbers to Accounts (BleepingComputer) Twitter says that it discovered and fixed an issue exploited by attackers to match specific phone numbers to their corresponding Twitter accounts.
Google cuts Chrome 'patch gap' in half, from 33 to 15 days (ZDNet) Future plans include cutting the patch gap further, which might mean that Google will have to release Chrome security fixes on a weekly basis.
Ring's latest update notifies if your local police department can request to access video (USA TODAY) The new updates come after reports of hackers gaining access to Ring security cameras.
Cyber Trends
Where cybersecurity misses the mark, yet again (Computing) Esoteric cyber threats posed by countries like Iran and North Korea may grab the headlines, but distract from the real security issues, argues Tanium's Orion Hindawi
AI Special Report (AppRiver) Welcome to 2020. We’re not quite in the age of the flying cars yet, however, we are now firmly in the era of artificial intelligence (A.I.) in many homes and businesses across America.
Mobile Threat Landscape (Wandera) It should be another momentous year for mobile security, with cyber attacks growing rapidly in sophistication and distribution. This report will cover the key mobile security trends that emerged last year as well as summarize thoughts for the mobile threat landscape for the year ahead.
Top Ten New Open Source Security Vulnerabilities in 2019 (WhiteSource) 2018's top ten list of vulnerabilities includes old favorites like Linux and Spring, newer players like AngularJS and Requests, headline grabbers like Struts and Drupal, and more.
Antivirus Would Have Saved Them $71 billion in 2019 (Scoop News) Data gathered and calculated by Precisecurity.com shows that some businesses could have saved about $71 billion by having an effective antivirus solution. The affected businesses saw millions of records exposed due to poor security.
Cyber Resilience Think Tank Forecasts Four Key Trends to Hit the Cybersecurity Industry (Yahoo) Mimecast Limited (MIME), a leading email and data security company, today announced the availability of Commencing a New Decade: 2020 Predictions, the latest eBook from the Cyber Resilience Think Tank (CR Think Tank). This group of security leaders recently gathered to reflect on the past decade and
2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits (PR Newswire) SonicWall, the trusted security partner protecting more than 1 million networks worldwide, today announced its annual threat report findings,...
Marketplace
Accenture acquires UK consultancy firm Mudano (ZDNet) Mudano uses analytics and applied data science to help large banks, insurers and wealth management firms in the UK analyze data around key areas.
HPE Buys Scytale, Embraces Open Source Security (SDXCentral) Hewlett Packard Enterprise (HPE) today said it acquired cloud security startup Scytale for an undisclosed amount. The deal will boost HPE’s identity management technology as well as its credibility within the open source community.
Google's parent company Alphabet hits trillion-dollar valuation (The Telegraph) Google's parent company Alphabet has reached a valuation of one trillion dollars for the first time, making it only the fourth US-listed company to hit the milestone.
Google reveals YouTube revenues for the first time (The Telegraph) Google parent Alphabet has revealed YouTube revenues for the first time, with advertising sales on the platform doubling in the last two years.
YouTube generated $15bn in sales for Google last year – or $7 per person (The Telegraph) In the 13 years since Google bought YouTube for $1.
Alphabet shares decline on revenue miss; YouTube ad, cloud revenues finally revealed (MarketWatch) Alphabet Inc. shares fell nearly 5% in extended trading after the company’s fourth-quarter revenue fell short of Wall Street estimates on Monday.
Air Force Taps Google for IT Security Assessment (Nextgov.com) The move is part of the service’s push for an Enterprise IT-as-a-Service environment.
TCL to stop making BlackBerry Android smartphones (Computing) TCL's BlackBerry licensing deal won't be renewed in August, putting the future of BlackBerry smartphones in doubt
New CFO brings public markets discipline to Darktrace (Cambridge Network) Darktrace, the world’s leading cyber AI company, today announced that Cathy Graham will join as its new Chief Financial Officer (CFO) on 10th February.
Products, Services, and Solutions
PAS Global Introduces Solutions to Ensure OT Integrity (PAS Global) New product releases optimize cybersecurity, process safety, and digitalization
Radiflow Launches Business-driven Industrial Risk Analytics Service (PR Newswire) Radiflow, a leading provider of cybersecurity solutions for industrial automation networks, today announced that the company has launched...
Mimecast Expands E-Discovery Capabilities to Help Increase Productivity for Legal and IT Teams (Globe Newswire) Mimecast Case Review Redesigned to Offer Rich Dashboards and Reporting, Powerful Search and Legal Hold Functionality
EMVCo certifies Trustonic to secure mobile payments apps (Finextra Research) Mobile device and app security leader Trustonic today announces that its trusted execution environment (TEE)* solution is the first hardware-backed TEE to complete the EMVCo Software-Based Mobile Payments security evaluation process.
eperi and Netskope: Strong Alliance Between Two Cloud Security Leaders (Yahoo) Cloud services are being adopted at a significant rate, with recent statistics showing that 85% of enterprise internet traffic flows to and from cloud services. Therefore, the high need of an all-embracing cloud security solution, looking at access and behavioral user interaction as well as securing
Nehemiah Security Releases Risk Quantifier 3.4 (PR Newswire) Nehemiah Security, the industry leader in automated cyber risk quantification, announces the general availability of Risk Quantifier™ version 3....
Rackspace Announces FedRAMP Authorized Platform on Amazon Web Services (Globe Newswire) Rackspace extends its FedRAMP authorization to include Amazon Web Services, Inc. (AWS) within Rackspace Government Cloud (RGC), a managed security and compliance platform, enabling state-of-the-art private, public and hybrid cloud solutions for the government ecosystem.
Technologies, Techniques, and Standards
DHS creates ‘tabletop in a box’ for local election security drills | StateScoop (StateScoop) A new guidebook offers local election officials step-by-step drills of what to do and who to call in the event of an actual cyberattack.
NIST Drafts Guidelines for Coping With Ransomware (Data Breach Today) The National Institute of Standards and Technology has unveiled a pair of draft practice guidelines that offer updated advice and best practices on how to protect
Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events (NCCOE) The National Cybersecurity Center of Excellence (NCCoE) has released a draft of National Institute of Standards and Technology (NIST) Cybersecurity Special Publication 1800-25, Identifying and Protecting Assets Against Ransomware and Other Destructive Events, for public comment.
Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events (NCCOE) The National Cybersecurity Center of Excellence (NCCoE) has released a draft of National Institute of Standards and Technology (NIST) Cybersecurity Special Publication 1800-26, Detecting and Responding to Ransomware and Other Destructive Events, for public comment.
Red Teamer's Cookbook: BYOI (Bring Your Own Interpreter) (Black Hills Information Security) Marcello Salvati // This fairly lengthy blog post aims at providing Red Team Operators ideas on how to incorporate BYOI tradecraft into their own custom tooling and get those creative malware development juices flowing. This blog post can also serve as a “light” introduction to .NET and how to write basic C2, so there’s hopefully …
Compliance: Watch your step! (SC Media) Avoiding the perilous pitfalls of compliance It’s no secret that Fortune 1000 CISOs struggle with compliance, but the pitfalls that fuel the most
Why protecting remote workers from cyber attack should be a top priority for your security team in 2020 (IT Brief) As logging in from anywhere becomes the norm for more Australians, implementing cybersecurity strategies to support the remote working model has become an imperative for local organisations.
Alexa, Protect My Privacy (Kiplinge) Take steps to keep speakers, security cameras and other smart devices safe from hackers who want to steal your data--or worse.
Design and Innovation
Apple proposes simple security upgrade for SMS 2FA codes (Naked Security) Apple thinks it’s come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.
Google launches open-source security key project, OpenSK (Naked Security) OpenSK is a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.
Another Boeing Software “Glitch” (BlogInfoSec) How I hate the word “glitch,” which is commonly used to describe faulty software in press reports, blogs, and the like. In my opinion, it trivializes serious software errors.
Research and Development
ANALOG sensors can be hacked and OT network monitoring can’t detect it – a hole in ICS cyber security (Control Global) If you can’t trust your process sensor measurements (e.g., pressure, level, flow, temperature, voltage, current, etc.), you have no cyber security, process safety, or resilience, along with very significant incremental risk.
Anonymized Data May Be Less Anonymous Than You Thought (The Mac Observer) Students at Harvard built a tool to analyze datasets from data breaches. They could identify an individual despite promises of anonymized data
Have a first aid question? Don't ask Siri. (Mashable) Researchers put smart assistants to the test in emergency situations.
Academia
Harvard cancels digital security talk led by spyware-linked lecturer (The Verge) "Unfortunately, this event has been canceled..."
Leading NYU Tandon hardware security researcher named an IEEE fellow (Yahoo) New York University School of Engineering Professor Ramesh Karri has been named a fellow of the Institute of Electrical and Electronics Engineers (IEEE), the world's largest technical professional association, for his contributions to and leadership in trustworthy electronic hardware. Karri is a
Legislation, Policy, and Regulation
Philippines steps up security to shield power grid from foreign control (Reuters) The Philippines is beefing up security protocols to protect its energy sector fr...
Due To Increasing Cybercrime, Government Proposes Cyber Forensics University To Tackle The Situation (NewsGram) With cyber crimes increasing at a rapid rate, the government on Saturday proposed National Police University and National Forensic Science.
NGCP head bares cyber attacks on power grid, irks lawmakers (Inquirer) Did the National Grid Corp. of the Philippines (NGCP) just admit that the country’ power grid had been “attacked” by hackers? Yes, a “hundred times already” in just...
Huawei, ZTE urge U.S. not to impose national security risk labels (Reuters) Huawei Technologies Co Ltd and ZTE Corp <000063.SZ> on Monday both asked the U.S...
Huawei: UK’s evidence-based decision good for more advanced and secure telecoms infrastructure (East African Business Week) Huawei is reassured by the UK government’s confirmation to allow it to participate in the country’s 5G roll-out.
House Republicans introduce resolution condemning UK's decision to allow Huawei in 5G networks (TheHill) A group of House Republicans on Monday introduced a resolution condemning the British government’s decision to allow Chinese telecommunications group Huawei limited involvement in its 5G networks despite pressure from the Trump administration to b
When the homefront becomes the (cyber) front line (Fifth Domain) The ability of adversaries to target military families using their digital footprint significantly alters the risk of military service and potentially changes the calculus of war.
With Cybercriminals on the Attack, States Help Cities Punch Back (Pew Trusts) Some states don’t collaborate with cities and counties to improve cybersecurity.
Wolf 51 returns as Pacific Air Forces Air, Cyberspace Ops director (DVIDS) Major Gen. Scott L. Pleus., Director of Air and Cyberspace Operations, Headquarters Pacific Air Forces, visited Kunsan Air Base, Republic of Korea, as a guest speaker during the 8th Fighter Wing Annual Awards Ceremony to share his experience as Wolf 51 with the current members of the Wing on Jan. 31.
Litigation, Investigation, and Law Enforcement
Ex-CIA Engineer Set to Go on Trial for Massive Leak (Wall Street Journal) Manhattan federal prosecutors are poised to open their case Tuesday in the trial of a former CIA software engineer charged with handing over a trove of classified information on the spy agency’s hacking operations to WikiLeaks.
As Vault 7 trial begins, Joshua Schulte's attorneys will argue he's a whistleblower (CyberScoop) While the U.S. has charged Joshua Schulte with transmitting files detailing CIA hacking tools, his lawyers have given no indication that he acted out of conscience.
Russia rejects appeal from former U.S. Marine held on spying charges (Reuters) A Russian court on Tuesday upheld a decision to keep former U.S. Marine Paul Whe...
FTC warns VoIP providers that help robocallers: we can and will sue (Naked Security) It put 19 internet-calling companies on notice that helping illegal robocalls is illegal. It has sued before, and it can do it again.
Charges dropped against Coalfire security team who broke into courthouse during pen test (ZDNet) Miscommunication led to arrests during a midnight physical security test.