the near future: the latest about the next few months.
Criminals Favor Ransomware and BEC Over Breaches (Infosecurity Magazine) ITRC claims 2020 could see a major drop-off in breach volumes
The Future of Cybersecurity: How to Prepare for a Crisis in 2020 and Beyond (Security Intelligence) The future of cybersecurity brings opportunity and threats. Discover how to put an incident response plan in place now so you can focus on success.
Emerging cyber threats in 2021 require a new approach to security (Continuity Central) HP has released its 2021 predictions on how security threats are likely to develop during the next 12 months. Human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise, and whaling attacks are all highlighted as areas which will grow.
Predictions: The Top Endpoint Security Threats of 2021 (Solutions Review) What are the top endpoint security threats of 2021? How can next-generation endpoint protection platforms help prevent these threats?
Access Control Trends in 2021: The Future of Access Control (Swiftlane) New trends are emerging as the security industry shifts. 2021 will bring with it new innovations and advancement in touchless access control, cloud solutions, remote management and more.
Acronis Cyberthreats Report: 2021 will be the “Year of Extortion” (Acronis) Acronis Cyberthreats Report projects 2021 will be the Year of Extortion as criminals shift ransomware’s focus from data encryption to data exfiltration
Asigra Identifies 5 Ransomware Risks to Watch Out for in 2021 (Solutions Review) Asigra Inc. recently highlighted five ransomware risks expected to impact organizations in 2021, partly driven by an increase of sophisticated ransomware attacks around the globe. With coronavirus-…
Holiday Fraud Concerns During Pandemic Come True (TransUnion) TransUnion (NYSE: TRU) today released new findings around online retail trends during the start of the 2020 global holiday shopping season. The research shows a 1% decrease in the rate of suspected online retail fraud[1] worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019. The rate of suspected e-co...
Cybersecurity expert offers advice for safe shopping, avoiding scams (Fort Bend Star) While Black Friday and Cyber Monday have come and gone, online shopping is increasingly a part of the holiday shopping experience. Fewer people are choosing to venture out among crowds of people in malls and shopping centers due to the COVID-19 pandemic.
Cyberint Retail Advisory - Holiday Season 2020 (Cyberint) This advisory details the attack vectors where Cyberint tracked an increase in activity, including examples detected by Argos™ Digital Risk Protection platform.
Sales of Stolen Consumer Data on Criminal Shops Spike Ahead of Black Friday, SpyCloud Research Finds (PR Newswire) Black Friday has long been a big day for retailers to kickstart the traditional holiday shopping season with great deals, but they weren't the...
Cybercriminals Already Profiting from the Retail Season (Yahoo Finance) Cybercriminals are enjoying the shopping season lockdown, taking it as an opportunity to accelerate their fraud efforts. According to Cyberint, the leading provider of Intelligence-driven Digital Risk Protection, illegal use of credit cards was up 110 percent during the first week of November alone.
Cyber Attacks, Threats, and Vulnerabilities
Shadow Academy: Hiding in the shadows of Mabna Institute (RiskIQ) In early July 2020, RiskIQ began tracking a phishing campaign identified initially through our crawling infrastructure targeting higher education. Isolating the research scope from July 2020 into October 2020, RiskIQ uncovered 20 unique university targets in Australia, Afghanistan, UK, and the USA that had been targeted using similar tactics, techniques, and procedures (TTP) as Mabna Institute. The observed TTP’s alone can not directly attribute our research findings to Mabna Institute. Therefore RiskIQ has named actors identified during this research as "Shadow Academy."
Advanced Persistent Threat Actors Targeting U.S. Think Tanks (US-CERT) The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks.
WSJ News Exclusive | North Korean Hackers Are Said to Have Targeted Companies Working on Covid-19 Vaccines (Wall Street Journal) At least six pharmaceutical companies in the U.S., the U.K. and South Korea were targeted, according to people familiar with the matter.
State-Supported Actors Use Coin Miners to Stay Hidden (TechNadu) A group of Vietnamese hackers is planting Monero miners to create a false idea about the info-stealing intrusion.
Turla Crutch: Keeping the “back door” open (WeLiveSecurity) ESET researchers uncover a new backdoor, called Crutch, that the infamous Turla APT group has used for exfiltrating stolen documents to Dropbox.
Brazilian Plane Maker Embraer Targeted in Cyberattack (SecurityWeek) Brazilian airplane maker Embraer on Monday disclosed a cyberattack that, according to some reports, involved ransomware.
French pharma distribution platform leaking 1.7+ TB of data (CyberNews) The data includes drug sales data, names of company partners and employees, client warehouse stock stats, drug shipment locations, and more.
Thousands of U.S. electronic patient records spilled online (TechCrunch) The cloud server contained medical records, lab results, doctor's notes, and insurance claims, but wasn't protected with a password.
Cayman Islands investment fund left entire filestore viewable by world+dog in unsecured Azure blob (Register) Blank share certificates, passport scans, you name it
BTC Markets privacy breach exposes all customers to potential phishing attacks (Cointelegraph) The full names and email addresses of BTC Markets’ customers were exposed in a marketing email sent out in batches of 1,000.
Mexico, Australia among the 25 countries researchers say are using a kind of mobile spyware that monitors texts, location (CyberScoop) A private surveillance firm that exploits mobile network vulnerabilities to spy on calls, texts and location data is doing business with at least 25 governments around the globe, including some with histories of human rights abuses, concludes a report released Tuesday.
Researchers Find Powerful Cellphone Location Surveillance in Europe, Middle East, Australia (Motherboard) Security researchers claim to have identified deployments of SS7 tracking technology in 25 countries, including Belgium, Denmark, Mexico, Thailand, and Australia. The deployments are linked to surveillance vendor Circles, which works with NSO Group.
Running in Circles: Uncovering the Clients of Cyberespionage Firm Circles (The Citizen Lab) Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO Group, which develops the oft-abused Pegasus spyware. Using Internet scanning, we found a unique signature associated with the hostnames of Check Point firewalls used in Circles deployments, enabling us to identify Circles deployments in at least 25 countries.
Australia a "likely" customer of global mobile phone surveillance company (iTnews) Affiliated with spyware vendor NSO Group.
How to Spot Razy Malware Undetected By AV Systems (Security Boulevard) Examining traffic patterns can help spot malware such as Razy on users' systems Note: Periodically, security researchers on the Cato Networks Research Lab
Pay2Key Ransomware Joins the Threat Landscape (Security Boulevard) As we approach the end of a year that has been trying for so many reasons, yet another ransomware has been seen in the wild targeting corporations—in
Cybercriminals Already Targeting, Selling Leaked GO SMS Pro Data (SecurityWeek) Cybercriminals have been observed targeting a recently disclosed vulnerability in the GO SMS Pro messaging application to steal user data.
Philly hunger relief group Philabundance lost nearly $1 million in cyberattack (Inquirer) The hunger relief organization said the attack has not impeded its ability to serve the poor during the pandemic.
Your personal details could be on sale for less than a dollar (Computing) New types of data have gone on sale in the past decade, including personal medical records, PayPal accounts and selfies with personal ID documents
Online education vendor K12 hit with ransomware, pays ransom (SearchSecurity) Online education vendor K12 (soon to be renamed Stride) has been impacted by a ransomware attack and has paid the ransom. The company mentioned that they are currently operating with 'minimal impact.'
Multiple red flags preceded last week’s “catastrophic” cyber attack on Baltimore County Schools (Baltimore Brew) A tech expert warned school officials in 2019 their networks were vulnerable to attack. A trove of personal data was exposed later that year. And the state auditor warned of vulnerabilities months ago – and previously in 2015.
Huntsville City Schools to remain closed for cyber attack (al.com) The schools system urged students, school families and staff to shut down any school-issued devices.
Saint John should share details of ransomware attack, cybersecurity expert says (CBC) More than two weeks after a ransomware attack caused Saint John to shut down its systems, the city is still not sharing any details about how the attack happened, which systems were targeted, what information is possibly compromised and what exactly it’s doing to respond.
Manchester United attack illuminates the hacking threats against UK sports sector (CyberScoop) Manchester United, one of the wealthiest and most decorated soccer clubs in the word, is still recovering from a disruption of its computer systems that it revealed 11 days ago.
Average ransom payout jumped 178% in a year (Atlas VPN) Ransomware is a type of malicious attack where a criminal encrypts, typically, sensitive files, then threatens to publish them unless a demanded ransom is paid. These attacks reached record-highs in 2020 as employees shifted to remote work, in turn creating more attack vectors for hackers.
Theoretical Attack on Synthetic DNA Orders Highlights Need for Better Cyber-Biosecurity (SecurityWeek) Threat actors could target DNA researchers with malware to modify synthetic DNA orders and create pathogens or toxins
Flaws in Rockwell Automation Product Expose Engineering Workstations to Attacks (SecurityWeek) Vulnerabilities discovered by researchers in Rockwell Automation’s FactoryTalk Linx product can allow attackers to compromise engineering workstations and tamper with PLCs
Schneider Electric EcoStruxure Operator Terminal Expert runtime (Vijeo XD) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.4
Vendor: Schneider Electric
Equipment: EcoStruxure Operator Terminal Expert
Vulnerability: Improper Privilege Management
2.
Security Patches, Mitigations, and Software Updates
()
Cyber Trends
Cyber Risk Index | Trend Micro (Trend Micro) We teamed up with the Ponemon Institute to investigate the level of cyber risk across organizations and create a Cyber Risk Index (CRI).
Over 600 Japan entities hit by cyberattacks amid rise in telework (Kyodo News+) At least 607 Japanese entities, including major firms and government agencies, have been targeted by cyberattacks as hackers exploit vulnerabilities in the technology used for remote work amid the coronavirus pandemic.
Marketplace
NGA seeks data integrity prototypes (Intelligence Community News) NGA posted a request for white papers (RFWP) for the other transactions at National Geospatial-Intelligence Agency (OT@NGA) prototype project on chain of custody – data integrity.
Ivanti has acquired security firms MobileIron and Pulse Secure (TechCrunch) MobileIron was acquired for $872 million in stock, but terms weren't disclosed for Pulse Secure.
Swish Data Acquires Titania Solutions Group, Inc. (PR Newswire) Today, Swish Data Corporation (Swish), a provider of technology solutions and engineering services, announced that the company has acquired...
EclecticIQ Closes $24 Million Series C Funding Round (SecurityWeek) Threat intelligence provider EclecticIQ closes a €20 million ($24 million) Series C financing round, which brings the total raised by the company to €47 million ($56 million)
Deduce Raises $7.3M To Secure Customer Identity (Crunchbase News) New York-based startup Deduce secured $7.3 million in seed funding and emerged from stealth to help secure user accounts.
Bug Bounties: Why These 10 Vulnerabilities Matter the Most (Dice Insights) Bug bounties have taken on a new importance as work-from-home exposes more flaws in enterprise applications and services.
UKIT Industry Awards 2020: Darktrace wins security innovation of the year (Computing) Dave Palmer, co-founder of Darktrace, discusses security risks to organisations, and describes how he felt when he heard that his organisation had won one of the coveted gongs at the UK IT Industry Awards 2020
Exabeam Recognized as a Leader in Security Analytics Platforms Q4 2020 Report by Independent Research Firm (Exabeam) Exabeam receives highest scores possible in 6 of 14 criteria, including ATT&CK Mapping, Custom Detections and Risk Scoring[...]
BlackBerry shares rocket upwards on AWS deal to integrate sensor data in vehicles (TechCrunch) BlackBerry shares shot up in early trading on news that the company will partner with Amazon Web Services to jointly develop and market its vehicle data integration and monitoring platform, IVY. BlackBerry stock was up 35%, or $2.11, at the opening bell on the New York Stock Exchange. It’s a …
Tech CEO moves $9B cybersecurity company’s HQ to Seattle area, says S.F. is ‘not the city it was’ (GeekWire) Orion Hindawi was born in the San Francisco Bay Area, and helped build two successful companies there. But the 40-year-old co-founder and CEO of Tanium — a fast-growing cybersecurity company valued at…
emocha Health Wins the Annual Ostendio MyVCM Trust Network Award for Cybersecurity and Compliance Excellence (PR Newswire) Ostendio, a leading integrated risk management platform provider, has announced that emocha Health is the winner of the company's fifth annual...
Reston's Caliburn International names engineering, technology president (Virginia Business) Reston-based professional services company Caliburn International LLC announced Thursday it has hired Robert “Bob” Stalick as its president of engineering and technology. Stalick is currently the CEO of Columbia, Maryland-based Owl Cyber Defense, and will also continue in that role. With Caliburn International, he will serve as an executive leadership team member and oversee the…
John Felker Joins Parsons' Distinguished Federal Strategic Advisory Board (PR Newswire) Parsons Corporation (NYSE: PSN) is proud to announce the addition of John Felker to the company's federal strategic advisory board. Felker...
Branding Expert Julie Fenton Joins Mass Luminosity to Launch Video Conference Service Based on Security and Simplicity (PR Newswire) Beacon Technologies, a Dallas, Texas-based research technology and experiential company, today announced that marketing industry veteran Julie...
Products, Services, and Solutions
Lifars Launches New Hackbit Solution to Expedite Cyber Penetration Tes (PRWeb) LIFARS LLC, a leader in cybersecurity services, including incident response, digital forensics, ransomware mitigation and cyber resiliency services, announced t
Global Digital Currency Companies Demand Automated Identity Verification to Capture Growth During Crypto Surge (AU10TIX) Crypto markets are some of the most complex markets in which to ensure regulatory compliance due to potential fraud, money laundering, and other identity-related risks tied to moving money, but they are also becoming one of the most highly demanded currencies by consumers worldwide.
Cyber Security Cloud Launches WafCharm on Microsoft Azure (BusinessWire) Cyber Security Cloud, Inc. (CSC) announced the availability of WafCharm on Microsoft Azure.
Fime partners with Android™ for biometric security evaluation. (Fime) Fime has become one of the test laboratories able to perform Androidj biometric security evaluation. A growing number and variety of Android devices rely on face and fingerprint recognition for device unlock and user authentication.
Telecommunication Service Providers Secure Businesses Using Check Point’s Comprehensive Portfolio of Security Services (Check Point Software) The Telecommunications Industry is undergoing a number of significant changes which are reshaping the market. The demand for more bandwidth and higher
Colombian IT Security Firm Etek Offers Threat Intelligence Certification Course; Enrollment Open Now (Finance Colombia) With so much retail moving to e-commerce this year, and the resultant spike in malicious attempts targeting retailers, shoppers, and broader business in general, it is critical that all companies have personnel properly trained and empowered to address these threats.
VMRay puts spotlight on advanced threats detection GITEX 2020 - Intelligent CIO Middle East (Intelligent CIO Middle East) VMRay, a provider of automated malware analysis and detection solutions, has announced that it will be at GITEX Technology Week 2020 to promote the industry’s most comprehensive and accurate technology for automated analysis and detection of advanced threats. “We’ll demonstrate how our technologies differ from other solutions. We strengthen our customers’ capacity to detect unknown […]
VU Security™ Launches World’s First AI Facial & Voice Recognition Solutions for Online Meeting Software as Security Concerns Rise (PRWeb) Today, VU Security™, an international technology and intelligent digital experiences provider, is launching its new solution for businesses powered by cutting-edge face and voice recognition during teleconference meetings.
New Net Technologies (NNT) Launches Change Tracker for Cloud and Container Environments (PR Newswire) New Net Technologies (NNT), a leader in cybersecurity and compliance software, today announced the first in what will be a two staged launch of...
Humio Streaming Log Management Now Available In AWS Marketplace (PR Newswire) Humio, a Gartner Cool Vendor and the only log management platform enabling complete observability for all streaming logs in real time and at...
C3 Integrated Solutions Launches CMMC Readiness Program (PR Newswire) C3 Integrated Solutions, a boutique managed service provider, announced its new C3 CMMC Readiness Program. The C3 CMMC Readiness Program is...
Cellebrite Announces Industry’s First All-In-One Solution For Data Triage & Collection from Windows & Apple Computers (Cellebrite) Digital Collector quickly surfaces Digital Intelligence to accelerate investigation outcomes
Authentic8 Announces Partnership with Google Cloud (BusinessWire) Authentic8's Silo Web Isolation Platform is now available on Google Cloud's FedRAMP-authorized infrastructure. Procure with 1-click via marketplace
Bitdefender Unveils New Cloud-based Endpoint Detection and Response Solution for Enterprises and Managed Service Providers (Bitdefender) Bitdefender today launched a new cloud-based dedicated Endpoint Detection and Response (EDR) solution designed to improve the ability to detect and eradicate threats as they occur and strengthen overall resiliency against cyberattacks.
Technologies, Techniques, and Standards
What DOD’s Cyber Certification Program Reveals About Info-Sharing Challenges (Nextgov.com) As the new regime takes effect, the tech industry’s lead trade association would rather higher level certifications be done by the department than independent third parties.
()
Cyber Resilience During Times of Uncertainty (Infosecurity Magazine) A cyber resilience approach is based on the premise of organizing defenses to prioritize resiliency over security to keep your business going
Getting an insurance policy for your online life could help protect you from cyberattacks, fraud (KNXV) George says it started with an email that stated his Microsoft license was set to expire.
()
Azure Sentinel Quick-Deploy with Cyb3rWard0g’s Sentinel To-Go - Let’s Catch Cobalt Strike! (Black Hills Information Security) Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: https://github.com/OTRF/Azure-Sentinel2Go Keeping up with Roberto’s (and his brother, and the OTRF contributors) is as monumental a task as his efforts to push threat research forward. […]
Design and Innovation
Pentagon seeks to defend a new generation of cyberattacks (Fox News) U.S. weapons systems can no longer rely purely upon cybersecurity methods to stop hackers from taking over control systems, jamming information flow, derailing precision guidance systems or simply stealing sensitive data.
Legislation, Policy, and Regulation
China drafts rules on mobile apps' collection of personal data (Reuters) China unveiled draft guidelines on Tuesday seeking to limit the scope of mobile apps' collection of personal data in the latest attempt to curb the sprawling technology sector.
Telia to remove all Huawei equipment in Lithuania (Reuters) Sweden's Telia Company will replace all 4G telecoms equipment from Huawei in Lithuania and will not use it for 5G networks, due to the geopolitical situation, its local head told the local BNS news agency.
The 2020 Amendment to the Act on the Protection of Personal Information of Japan (Lexology) The 2020 amendment to the Act on the Protection of Personal Information of Japan (the Act itself, "APPI," and this amendment, "2020 Amendment") was…
Trump Threatens to Veto Defense Bill if Tech Liability Shield Stands (Wall Street Journal) The president is demanding the termination of the broad legal immunity that social-media companies enjoy.
How The Biden Administration Might Change Cybersecurity (Governing) The incoming administration could mean significant changes for technology, especially where federal cybersecurity is concerned. The increased attention will no doubt mean big changes for state and local governments as well.
A Biden Doctrine for Cyber (LinkedIn) The first mistake the US federal government has made in cyber security since 2000 has been its mistaken belief that the best defense is a good offense. The truth instead is that the best defense is a good defense.
U.S. Federal Cybersecurity - A Look at the Computer Security Act of 1987 (The State of Security) The Computer Security Act was enacted to provide strong internal computer security governance for U.S. Federal agencies.
‘Start Of A New Day’: DoD’s New Cybersecurity Regs Take Effect Today (Breaking Defense) Designed to raise help secure the supply chain, CMMC requires the defense industrial base to secure Controlled Unclassified Information.
Cross-agency plans for space cybersecurity will strengthen the US in all domains (C4ISRNET) Just as cybersecurity has become an integrated element of terrestrial goods and services, the same level of resiliency and safeguards must apply in space.
Doing Things Differently at DISA (SIGNAL Magazine) The combat support agency seeks to drive innovation as it focuses on cybersecurity, infrastructure modernization and enterprise communications.
All Domain Requires New Requirements Process; DoD, Congress Must Compromise: Lt. Gen. Hinote (Breaking Defense) "We have got to come up with a compromise with the people's representatives when it comes to defining requirements in the future," he said.
Air Force Mulling New Career Fields for Coders, Data Analysts (Air Force Magazine) The Department of the Air Force is working to create new career fields in areas like software development and data science.
Massachusetts lawmakers vote to pass a statewide police ban on facial recognition (TechCrunch) The bill was finally passed after months of deadline.
Litigation, Investigation, and Law Enforcement
AG cites N.S. government fraud and cybersecurity risks, probing COVID-spending (SaltWire) Ser\is the worst offender of a government that isn’t moving quickly enough to safeguard itself from fraud and cybersecurity risks, according to the province’s auditor general report released Tuesday.
The report identified nine
Barr: DOJ Has No Evidence Of Fraud Affecting 2020 Election Outcome (Delaware Republic) The Justice Department has found no evidence of widespread fraud in this year's election, Attorney General William Barr told The Associated Press on
The Cybersecurity 202: The White House tried to silence the government’s election security leaders. It didn’t’ work. (Washington Post) If White House officials thought they could silence criticism of the president’s baseless election fraud claims by firing the government's top cybersecurity officials, they were sorely mistaken.
A Conversation with Former CISA Director Christopher Krebs (Washington Post) Christopher Krebs headed the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security until he was fired by President Trump on Nov. 17.
Army Hits Back Against False Claim that Soldiers Died in CIA Op to Nab Election Servers (Military.com) A retired Air Force three-star reignited claims about troops' involvement in secret missions in the wake of the election.
Trump administration launches rewards program targeting North Korea and China (Washington Post) The Trump administration on Tuesday announced a $5 million reward for tips on sanctions-busting activities that allow North Korea to continue developing nuclear weapons and accused China of facilitating the illicit trade.
Flynn Pardon Has Broad Coverage, DOJ Filing Shows (Law360) The details of former National Security Adviser Michael Flynn's presidential pardon came to light late Monday in D.C. federal court, showing President Donald Trump's action last week broadly absolves his one-time top campaign aide of any crimes he may have committed arising from former special counsel Robert Mueller's Russia probe.
Trump administration launches rewards program targeting North Korea and China (Washington Post) The Trump administration on Tuesday announced a $5 million reward for tips on sanctions-busting activities that allow North Korea to continue developing nuclear weapons and accused China of facilitating the illicit trade.
North Korea Rewards for Justice (US State Department) Rewards for justice North Korea Sections Sections Up to $5 Million Reward 01 In order to support international efforts to disrupt North Korea’s illicit activities, the State Department’s Rewards for Justice (RFJ) program offers rewards of up to $5 million for information that leads to the disruption of financial mechanisms of persons engaged in certain […]
Instagram said it has shut accounts used to intimidate and extort witnesses in Baltimore criminal cases (Baltimore Sun) Instagram said it has removed four Baltimore-based accounts that were intimidating people who allegedly cooperated with police.
Cyber security: the value of reputation (Lexology) Several household name companies have been handed hefty fines by the ICO in recent months. The levels of those fines have been well-publicised, but…
Winston-Salem hacker who made phony threats gets eight-year prison sentence (Winston-Salem Journal) A Winston-Salem hacker who made dozens of phony bombing and shooting threats to schools in the United States and the United Kingdom was sentenced Monday to federal prison by a
Bomb Threat, DDoS Purveyor Gets Eight Years (KrebsOnSecurity) A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S. and United Kingdom, launching distributed denial-of-service (DDoS) attacks, and for possessing sexually explicit images of minors.
Police staff member resigns over data breach (Worcester Observer) A MEMBER of West Mercia Police’s staff would have been dismissed from the force had she not resigned before the misconduct hearing.