Schools under cyberattack as they try to provide distance learning. OceanLotus tracked. FCC takes action against Chinese companies.

Dateline

Seven 2021 Security Predictions and Trends to Watch (Proofpoint) It’s cliché at this point, but this year has been unlike any other. As security teams prepare for 2021 it’s important to take a moment to anticipate how threat actors could evolve their strategies in the new year and how we can respond.

2021 Predictions: The Year of Malicious Automation (Solutions Review) We present this article on malicious automation written by Brad LaPorte, Chief Evangelist of Kasada as we catch up on the Cybersecurity Insight Jam

Covid-19 ‘Vaccines’ Touted for Just $250 on Darknet (Check Point Software) Range of counterfeit coronavirus vaccines and medicines offered on Darknet Vaccine-related phishing campaigns take advantage of the global race to deliver

RiskIQ Releases 2020 Holiday Shopping E-commerce Blacklist Threat Report (GlobeNewswire) Critical Threat and Consumer Intel for This Year's Holiday Shopping Season

RiskIQ's 2020 Holiday Shopping E-commerce Blacklist Threat Report (RiskIQ) Critical Threat and Consumer Intel for This Year's Shopping Season, Including Black Friday and Cyber Week

How Families and Parents Can Stay Secure While Shopping Online This Holiday Season (Unisys) Unisys' CISO Mat Newfield offers tips on how consumers can stay safe online this holiday season.

Cyber Attacks, Threats, and Vulnerabilities

Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam (Reuters) Cybersecurity investigators at Facebook have traced a hacking group long suspected of spying on behalf of the Vietnamese government to an IT company in Ho Chi Minh City.

Treadstone 71 Releases Intelligence Advisory on Iranian Influence Operations (The Cyber Shafarat - Treadstone 71) A dozen years ago, Treadstone 71 shifted adversary targeting from strictly cyber jihadist activity to include Iran. We tracked movements of the earliest hacking groups following their activities fr…

Exclusive: Israeli Surveillance Companies Are Siphoning Masses Of Location Data From Smartphone Apps (Forbes) The tools have the ability to track someone's location using their phone and one product promises “mass collection of all internet users in a country.”

Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data (CISA) The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services.

Cyberattacks against K-12 schools growing more aggressive, CISA warns (StateScoop) More than half of all ransomware attacks against state and local entities targeted school districts as the new academic year began this fall, according to a new advisory from the Cybersecurity and Infrastructure Security Agency.

Hackers are targeting kindergartens for profit, warns government (Mashable) Cybercriminals have exactly zero chill, and absolutely will not just cut you a freaking break.

The Cybersecurity 202: Spiking ransomware attacks against schools make pandemic education even harder (Washington Post) K-12 schools have been hit by a barrage of ransomware attacks so far this school year, worsening a learning environment that’s already strained nearly to the breaking point by the coronavirus pandemic.

Cybercriminals targeting K-12 distance learning education to cause disruptions and steal data (Security Magazine) A new Joint Cybersecurity Advisory, coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services.

As FireEye grapples with breach investigation, questions remain (CyberScoop) FireEye’s announcement this week that hackers breached its systems has sent shockwaves through the cybersecurity community, raising new questions about how one of the most influential security firms in the U.S. grappled with an apparently state-sponsored attack.

Microsoft warns Adrozek malware is hijacking advertising in search results (SiliconANGLE) Microsoft warns Adrozek malware is hijacking advertising in search results

'Fingerprint-Jacking' Attack Technique Manipulates Android UI (Dark Reading) Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.

Pfizer says covid vaccine documents accessed in cyber-attack on European agency (mint) Pfizer Inc. said some documents it had submitted to Europe’s top drug regulator regarding its Covid-19 vaccine had been accessed in a cyber-attack on the agency.

Spotify resets passwords after a security bug exposed users’ private account information (TechCrunch) The security bug exposed some users' account registration information.

One Million US Dental Patients Impacted by Data Breach (Infosecurity Magazine) Patient data exposed following cyber-attack on Dental Care Alliance

Report: UK marriage tax relief specialist Exposes Customers' Personal Information In Data Leak (Website Planet) Company name and location: Marriage Tax Allowance Ltd, based in the United Kingdom Leak size: Over 100,000 files totaling approximately 5GB of

Massive Subway UK phishing attack is pushing TrickBot malware (BleepingComputer) A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware.

A Current View of Gaps in Operational Technology Cybersecurity (Trend Micro) The purpose of control system cybersecurity is to protect the control systems and the processes they monitor and control from electronic threats — that is, to “keep lights on and water flowing.” Networks are a support function in the overall objective of safety, reliability, and productivity — that is, to optimize the processes. What makes control system cybersecurity different from IT cybersecurity is the need to protect life and physical property. Because unintentional cyber incidents can be just as deadly and damaging as malicious events, both must be addressed.

Medtronic MyCareLink (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink (MCL) Smart Model 25000 Patient Reader Vulnerabilities: Improper Authentication, Heap-based Buffer Overflow, Time-of-check Time-of-use Race Condition 2.

Mitsubishi Electric MELSEC iQ-F Series (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerability: Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to enter a denial-of-service condition, and a reset of the CPU module is required for recovery.

Host Engineering H2-ECOM100 Module (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Host Engineering Equipment: ECOM100 Module Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service condition, forcing an operator to manually restart the device.

Security Patches, Mitigations, and Software Updates

Vulnerability Disclosure regarding Default Passwords in GE Healthcare Products (GE Healthcare) Summary: GE Healthcare is disclosing security vulnerabilities within certain products using specific remote connectivity solutions. These vulnerabilities have been reported to GE Healthcare by CyberMDX. The public disclosure of the vulnerabilities is a coordinated action between GE Healthcare and CyberMDX.

Cyber Trends

Half of all cyber intrusions in 2020 deployed ransomware, report (Computing) Financial gain is the motive behind two-thirds of attacks with 81 per cent of those using ransomware to achieve their goal says CrowdStrike report

New Report from Fudo Security Identifies Key Trends in Secure Remote Access (BusinessWire) Global survey of cybersecurity leaders conducted by Fudo Security shows increased adoption of multi-layered solutions for secure remote access

The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital (Dark Reading) Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.

Ransomware 2.0 employs “pressure tactic” to prey on organizations’ digital reputation (Manila Standard) Global cybersecurity company Kaspersky recently revealed in a virtual conference that 2020s cybersecurity disease is targeted ransomware. Also dubbed as Ransomware 2.0, this type of attack goes beyond kidnapping a companys or an organizations data. These groups are now utilizing the increasingly valued digital reputation to force their preys to pay hefty ransom.

Marketplace

Cyber startup born out of NSA wins $2M in annual DataTribe contest (Baltimore Business Journal) The goal of the funding competition is to find more promising cyber startups that could fit that mold and are poised to grow and bring jobs and returns to the region.

VMRay Closes $25 Million Series B (GlobeNewswire) Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at US $25 Million

Deloitte Buys HashedIn Technologies: Details About The Deal (Pulse 2.0) Deloitte Consulting recently announced it is buying HashedIn Technologies Private Limited. These are the details.

Thoma Bravo Investment Values Cybersecurity Biz At $1.15B (Law360) Private equity firm Thoma Bravo announced Thursday that it has injected Venafi with an investment that valued the cybersecurity company at $1.15 billion in a deal guided by Kirkland and Orrick.

Cybersecurity Market Review | Q3 2020 (Momentum Cyber) Momentum Cyber Is Pleased To Release Its Q3 2020 Cybersecurity Market review.

ManTech Wins $273M DHS Award (WashingtonExec) Technology solutions provider ManTech has won a 5-year, $273 million contract with the Department of Homeland Security to provide Business Intelligence

FireEye signed contract with MoD weeks before cyber attack (Telecompaper) Cyber security company FireEye signed a contract with the UK's Ministry of Defence (MoD) just weeks before announcing it had been hit by a cyber attack, reports The Telegraph.

VMware CEO says cybersecurity is 'a chaotic mess right now' and that his firm plans to build more safety tools into its own products (Business Insider) VMware CEO Pat Gelsinger said defending against cyberattacks will be one of its major goals in the next decade.

China Telecom Joins MANRS (PR Newswire) The Mutually Agreed Norms for Routing Security (MANRS) officially accepted China Telecom as a participant in the network operator program,...

iProov Announces Record Growth In 2020 (BusinessWire) iProov, world leaders in secure biometric authentication technology, has today announced a record year of growth across the company. In the 12 months

Cybereason Brings Valuable Perspective To Cybersecurity (Forbes) Lior Div, co-founder and CEO of Cybereason, talks about his background and the origin of Cybereason, and the unique perspective the company has that takes cybersecurity to the next level to protect customers.

Facebook’s Global Ad Machine Is The Company’s $80 Billion Annual Lifeblood. Workers Say It Puts Profits Over People. (BuzzFeed News) Facebook is on track for record ad revenue this year. That’s partly due to its lax approach to stopping scammers, hackers, and disinformation peddlers who buy ads that rip off and manipulate people, say former and current workers.

Timnit Gebru: Google’s ‘dehumanizing’ memo paints me as an angry Black woman (VentureBeat) In an exclusive interview after being fired by Google, Timnit Gebru talked about toxic work culture and building an equitable tech future.

Decrypting Diversity and Inclusion in Cybersecurity (Infosecurity Magazine) How to improve awareness of opportunities for women and help sustain from STEM to the workforce

Google, YouTube add user controls to limit alcohol, gambling ads (Search Engine Land) The new feature will launch on YouTube in the U.S. first.

MasterCard to Cut Pornhub Ties; Visa Suspends Use Pending Probe (Bloomberg) Pornhub calls the firms’ moves ‘exceptionally disappointing’

Announcing the winners of the 2020 Security Excellence Awards (Computing) Entries had to demonstrate high levels of innovation, relevance and adoption just to make the shortlist

Cybersecurity & Privacy Group Of The Year: Robbins Geller (Law360) Robbins Geller Rudman & Dowd LLP helped win initial approval of a $650 million, all-cash settlement on behalf of Illinois residents bringing biometric privacy claims against Facebook, landing the firm a place among Law360's 2020 Cybersecurity & Privacy Groups of the Year.

China-funded Dito hires retired colonel as cybersecurity head (Rappler) A 'minimum' of 9 ex-soldiers are involved in Dito Telecommunity's security efforts

John Felker Added to Parsons’ Federal Strategic Advisory Board (WashingtonExec) John Felker, previously of the Cybersecurity and Infrastructure Security Agency, has joined Parsons’ federal strategic advisory board, which is tasked

Google Hires Goldman Sachs Veteran to Lead Cloud Security (Wall Street Journal) Phil Venables, a former security chief at Goldman, will become Google Cloud’s first chief information security officer next week.

Vade Secure recruits Maya Gershon in the role of Chief Revenue Officer and opens its first office in Israel (Vade Secure) Based in Israel, Maya Gershon assumes leadership of global sales and marketing activities worldwide and reports directly to Vade Secure’s Chairman and Chief Executive Officer, Georges Lotigier. Maya Gershon is in charge of accelerating Vade […]

Products, Services, and Solutions

ESET launches renovated cloud-based endpoint security management solution for businesses of all sizes (ESET) ESET, a global leader in cybersecurity, has today announced the launch of its new endpoint security management platform, ESET PROTECT, in selected countries.

Karamba Security Announces XGuard Monitor to Manage the Security of Millions of IoT Devices at Scale (Karamba Security) Patent-pending algorithms automatically provide early warnings to mitigate new cyberattacks on device fleets and achieve regulatory compliance

Cybernights and CompTIA Have Partnered to Improve Cybersecurity (Enterprise Security) Cybernights and CompTIA collaborated to increase the knowledge, skills, and awareness of tech employees.

Defending the Nation's Renewable Energy Resources from Cyber Attack During a Pandemic with FoxGuard Solution’s In Depth Strategy for Securing Industrial Control Systems (GlobeNewswire) FoxGuard Solutions, Inc. in partnership with Lawrence Livermore National Laboratory (LLNL), a U.S. Department of Energy (DOE) lab, worked together to successfully complete a DOE Cyber Security for Energy Delivery Systems (CEDS) project, which included technology and solutions that ensure the security and improve the resilience of the Department of Defense (DOD) and the Veterans Affairs’ (VA) Distributed Energy Resource (DER) infrastructure.

Technologies, Techniques, and Standards

Following FireEye Hack, Ensure These 16 Bugs Are Patched (Data Breach Today) Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's own penetration-testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.

Cloud Security Alliance Releases Cloud-Based, Intelligent Ecosystems - Redefining Intelligence & Driving to Autonomous Security Operations (BusinessWire) CSA paper addresses the disconnect within cybersecurity wherein increasing numbers of security solutions are only making enterprises more vulnerable.

CSA releases paper that calls out five security challenges that can lead to adversaries’ success (Help Net Security) Cloud Security Alliance released Cloud-Based, Intelligent Ecosystems - Redefining Intelligence & Driving to Autonomous Security Operations.

How CISOs can come out on top of the cyber arms race (Security Brief) CISOs must determine what their organisation’s security goals are, including the organisation’s risk profile and appetite, and, of course, their budget.

Design and Innovation

Imagine a Nutrition Label—for Cybersecurity (Wall Street Journal) As the Internet-of-Things proliferates, consumers want to know how their data will be used by the makers of devices—before they buy them.

Research and Development

Study Shows Social Media FOMO Actively Hurts Job Performance, According to American Accounting Association (PR Newswire) A new study is the first to experimentally prove that social media activity can actually make you worse at your job. Specifically, the study...

Academia

UCI joins national manufacturing cybersecurity collaboration (UCI News) Calit2 to develop wireless platforms to promote sustainable factory processes

IU survey reveals state of cybersecurity in Indiana (News at IU) Nearly one-fifth of the more than 300 organizations surveyed across Indiana said they had experienced a cyberattack in the past three years.

State of Hoosier Cybersecurity 2020 (Kelley School of Business, Indiana University Indiana Business Research Center) As is the case in many jurisdictions, public and private organizations in Indiana are unfortunately no stranger to cyber attacks.

Legislation, Policy and Regulation

Govts want backdoor entry to encrypted WhatsApp texts. It can also be backdoor for hackers (The Print) Celebrity WhatsApp texts have been flashed on TV ever since the Sushant Singh Rajput case took over news. Govts do not need backdoor access to it.

FCC begins process of halting China Telecom U.S. operations (Reuters) The U.S. Federal Communications Commission (FCC) said on Thursday it begun the process of revoking China Telecom's authorization to operate in the United States as it took further steps to crack down on China's role in U.S. telecommunications.

US agency moves against Huawei and China Telecom, citing security (South China Morning Post) The FCC ordered carriers to remove equipment made by Huawei and started proceedings over whether to revoke China Telecom’s permission to operate in the US.

FCC gets tough on China amid security concerns (CNET) The agency says all carriers that get US government subsidies and use Chinese telecom equipment must replace their gear.

FCC Ends Year With Further Crackdowns On Chinese Tech (Law360) In its last meeting of the year, the Federal Communications Commission on Thursday voted to approve a trio of national security initiatives designed to limit China's access to U.S. networks and replace preexisting equipment that could offer such a portal for espionage.

Antitrust Litigation Isn't Enough. Biden Needs to Go Further (Wired) Antitrust suits, like the one filed against Facebook, are long, costly, and often ineffective. The next president can fix the system—without Congress.

Opinion | ‘How Many Fact Checkers Do They Have?’ (New York Times) Inside the battle between Biden and Facebook.

Break Up Facebook? It’s Complicated, Tech Experts Say (Wall Street Journal) Splitting off Instagram and WhatsApp from Facebook potentially would involve years of engineering and legal work, according to current and former employees.

Democrats urge Biden to address 'infodemic' of COVID-19 disinformation, misinformation (TheHill) Democratic lawmakers on Thursday urged President-elect Joe Biden to take immediate steps after taking office to combat the "infodemic" of disinformation and misinformation surrounding COVID-19.

Sen. Graham Pulls Bill Trimming Section 230 Tech Shield (Law360) Senate Judiciary Committee Chairman Lindsey Graham, R-S.C., scrapped a committee vote on his bill limiting Section 230 liability protections for technology companies at a meeting Thursday where the panel roundly rejected another Republican's proposal to allow private lawsuits challenging content moderation decisions.

DISA Opens For Bids On $11.7B Defense Enclave Services (Breaking Defense) Defense Enclave Services will “establish the modern infrastructure foundation and united frame of thought needed to deliver cohesive combat support capabilities to the warfighter.”

Matt Masterson, CISA’s top election security official, to step down (CyberScoop) Matt Masterson, one of the U.S. government’s top election experts, is leaving his post as of next week for a role in academia where he will continue to study the disinformation campaigns that have plagued the country, he told CyberScoop on Thursday.

Biden defense pick allegedly sought intel painting 'rosier picture' of ISIS threat (Washington Examiner) Secretary of Defense nominee Lloyd Austin retired from the military during investigations into allegations raised by intelligence analysts who had a “strong perception” that his team was “cooking the books” about the rise of the Islamic State.

Litigation, Investigation, and Enforcement

France fines Google $120M and Amazon $42M for dropping tracking cookies without consent (TechCrunch) France’s data protection agency, the CNIL, has slapped Google and Amazon with fines for dropping tracking cookies without consent. Google has been hit with a total of €100 million ($120 million) for dropping cookies on Google.fr and Amazon €35 million (~$42 million) for doing so on the Amazon…

Google, Amazon Fined $163 Million as France Takes Hard Line on Privacy (Wall Street Journal) France’s privacy watchdog issued the fines to Google and Amazon, saying they improperly collected information about website visitors, as European regulators haggle over such sanctions.

Facebook hit with antitrust probe for tying Oculus use to Facebook accounts (TechCrunch) Facebook’s bad week just got worse: It’s being investigated in Germany for linking usage of its VR product, Oculus, to having a Facebook account. The tech giant raised the hackles of the VR community this summer when it announced it would be merging users of the latest Oculus kit onto a…

Facebook Lawsuits Take Aim at Data-Sharing Tool Key to Digital Economy (Wall Street Journal) The allegations of anticompetitive practices included another through-line with potentially far-reaching implications for enterprise technology companies: data sharing.

Tale Of The Tape: Two Facebook Complaints (Law360) Federal and state-level enforcers filed parallel actions in D.C. district court Wednesday each accusing Facebook of buying up potential competitors and using other tactics to preserve its monopoly over social networking in the U.S. While the suits largely attack the same conduct, there are some important distinctions between the cases. Here, Law360 looks at the complaints side-by-side.

Government’s antitrust case against Facebook seeks a villain in Mark Zuckerberg (Washington Post) Antitrust enforcers are casting the billionaire executive, once one of American tech’s ‘darling superstars,’ as a sneaky and rapacious brawler who vowed to ‘crush’ the competition

Silicon Valley feared Facebook’s bullying tactics years before they came to the attention of regulators (Washington Post) Facebook hasn’t kept its promises of independence to WhatsApp and Instagram.

‘It’s Hard to Prove’: Why Antitrust Suits Against Facebook Face Hurdles (New York Times) The U.S. and state cases against the social network are far from a slam dunk because the standards of proof are formidable.

Lawsuits Filed by the FTC and the State Attorneys General Are Revisionist History - About Facebook (About Facebook) These lawsuits will hurt consumers and businesses.

Two Canadians have been tried in case linked to Huawei executive, China says (NBC News) Pair had been "indicted and tried," a Foreign Ministry spokesperson said in what appeared to be the first public mention that they had been taken to court.

Questions To Ask After FireEye Hack (Law360) The recent hacking of the cybersecurity company FireEye presents compliance reminders for FireEye customers and noncustomers, and demonstrates that no business is completely immune from the effects of cybercriminals, say Joseph DeMarco and David Hirschberg at DeVore & DeMarco.

Terror trial told of 'incels' cyber-culture backing attacks on women (BBC News) An expert on "incels" gives evidence in the trial of a man accused of researching mass killings linked to an online subculture.

The ‘app store’ before there was an App Store wants to liberate your iPhone … again (Washington Post) Cydia, one of the first app stores on iPhone, is suing Apple, alleging anti-competitive behavior

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company (KrebsOnSecurity) Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative…

Bannon Says FTC Testimony Would Harm Criminal Case (Law360) Former White House adviser Steve Bannon on Wednesday challenged the Federal Trade Commission's bid to force him to testify about his role in the Cambridge Analytica data harvesting scandal, telling a D.C. federal judge the request is "designed to damage" his defense in a separate criminal case.

As Voice Recognition Technology Market Surges, Organizations Face Privacy and Cybersecurity Concerns (The National Law Review) A new report released by Global Market Insights, Inc. last month estimates that the global market valuation for voice recognition technology will reach approximately $7 billion by 2026...

'World's First Robot Lawyer' Sued Over Illegal Spam Texts (Law360) A legal services chatbot that advertises itself as the "world's first robot lawyer" was hit with a proposed class action in California federal court accusing it of sending unsolicited advertising texts in violation of the Telephone Consumer Protection Act.

How an online relationship with a Russian woman led to a Navy chief getting busted down to E-4 (Navy Times) The former chief's attorney said their relationship might rekindle when he gets out of the brig.

Schools under cyberattack as they try to provide distance learning. OceanLotus tracked. FCC takes action against Chinese companies.

Expect more COVID-19 vaccine scams, and more criminal collaboration.

Common-sense security for holiday shopping.

CISA's hiring interns.