Cyber Attacks, Threats, and Vulnerabilities
'Serious cyber-attack' on Austrian government (BBC News) Foreign ministry officials believe another country may be responsible.
U.S. Companies Should Brace for Iranian Cyberattacks, Security Experts Warn (Barron's) U.S. policy leaves companies to fend for themselves against Iran's inevitable retaliation to Qassem Soleimani's death.
Analysis | The Cybersecurity 202: U.S. should brace for Iran to cross red lines in cyberspace, experts warn (Washington Post) "We're definitely in new territory," one security expert says after Soleimani's killing.
U.S. on Alert for Iranian Response, Either Direct Assaults or Cyberattacks (Wall Street Journal) American officials were on high alert about the potential for Iran to retaliate against domestic or allied interests after a U.S. strike killed an Iranian military leader.
‘They’re going to want bloodshed’: 5 ways Iran could retaliate in cyberspace (Fifth Domain) A combination of real-world and virtual actions are likely to follow in the aftermath of the U.S. killing of Qassem Soleimani, and experts warn that cyberattacks are likely to be the best-case scenario.
Iran Will Wage Insurgency in U.S. Cyberspace, VMware's Kellermann Says (Bloomberg) Tom Kellermann, VMware head of cybersecurity strategy, and Bloomberg's Kartikay Mehrotra discuss Iran's cyber capabilities amid possible retaliation for a U.S. airstrike that killed one of Iran’s most powerful generals. They speak with Bloomberg's Taylor Riggs on "Bloomberg Technology."
After Soleimani’s Killing, Will Iran Launch A Cyberattack Against The U.S.? (Forbes) Iran is already threatening to retaliate to the killing of general Qassem Soleimani. Could this action include cyber-attacks?
Iran strike puts U.S. cybersecurity experts on alert (NBC News) Iran is considered one of Washington’s primary adversaries in cyberspace, and has shown a willingness to go after government and civilian targets.
Iran’s retaliation could be hacking, not bombs (POLITICO) Tehran is widely considered to be one of the world’s most malicious online actors.
Pro-Soleimani messaging immediately floods Twitter following general's death in drone strike (CyberScoop) The U.S. drone strike that killed Iran’s top security and intelligence commander also triggered a wave of social media propaganda apparently meant to sway international opinion on an attack that represents a dramatic escalation in the conflict between Washington and Tehran.
Analysis: U.S. Killing Of Iran's Top General Risks 'Dangerous' Consequences (RadioFreeEurope/RadioLiberty) Analysts warn that the U.S. air strike that killed a top Iranian general threatens to trigger a wider conflict in the region.
DHS warns of potential Iranian attacks, updates terror advisory (CNN) The Department of Homeland Security on Saturday updated its terrorism threat advisory system following the US airstrike targeting a top Iranian general and is warning of the potential for Iranian cyber attacks.
DHS warns Iran retaliation could include cyberattacks (SC Media) Although it stressed there is no evidence of a specific credible threat to the U.S. after the killing Iranian General Qasem Soleimani, the Department of
DHS: Iran maintains a robust cyber program and can execute cyber-attacks against the US (ZDNet) US Department of Homeland Security issues terror alert about possible Iran-sponsored terrorist acts and cyber-attacks.
()
DHS Releases NTAS Bulletin (CISA) Today, Acting Secretary of Homeland Security Chad Wolf reissued the NTAS bulletin pertaining to the terror threat to the U.S. homeland. Upfront, you should know that: “At this time there is no specific, credible threat against the homeland.” You can read the new, entire bulletin at National Terrorism Advisory System Bulletin - January 4, 2020.
Iranian cyberattacks feared after killing of top general (Star Tribune) Iran's retaliation for the United States' targeted killing of its top general is likely to include cyberattacks, security experts warned Friday. Iran's state-backed hackers are already among the world's most aggressive and could inject malware that triggers major disruptions to the U.S. public and private sector.
After U.S. kills Iranian general, analysts warn of Tehran’s ability to retaliate in cyberspace (CyberScoop) After the U.S. military said it killed Qassem Soleimani, the chief of Iran’s Quds Force, in an airstrike early Friday in Baghdad, Iran’s supreme leader vowed to exact revenge on the United States.
Wall Street braces for cyberattacks from Iran (Crain's New York Business) In February 2014, Las Vegas Sands Corp.'s computers were attacked by Iranian hackers after the casino company’s CEO, Sheldon Adelson, suggested the U.S. attack Iran with a nuclear missile.
Credit card, Social Security and drivers’ license data was compromised or stolen for people who…
Here's what a cyber attack by Iran might look like (Mother Jones) Experts warn that Iran might turn to its growing army of hackers.
Soleimani ‘Revenge’—This Is Why Iran’s Most Dangerous Cyber Weapons Will Stay Hidden (Forbes) Iran is likely to deploy cyber weapons as part of its retaliation for this week's U.S. attack—but that cyber response will not come in the way you might expect.
How Iran could retaliate around the world (euronews) Analysis: Iran has many weapons, from hackers to Hezbollah, and potential targets that range from embassies to individual U.S. citizens.
Iran’s Cyber Attack on Billionaire Adelson Provides Lesson on Strategy (Bloomberg) Digital warfare likely among Iran’s options for retribution. Cyberfeud between Iran and U.S. dates back more than a decade.
Cyber security after Soleimani assassination - FireEye (Trade Arabia) The US assassination of Qassem Soleimani has increased the likelihood that a decade of cyber-hostilities between the US and Iran could escalate into true cyberwarfare, said FireEye, a global cyber security solutions provider.
First Suleimani Attack By ‘Iranian’ Hackers Hits U.S., Exposing ‘Noisy’ New Threat (Forbes) The first U.S. government website has been hacked post the killing of Qassem Suleimani, exposing the true nature of the short-term threat
Potential cyberwar begins as Iran takes down US government website (SiliconANGLE) Potential cyberwar begins as Iran takes down US government website - SiliconANGLE
DHS monitoring apparent hack of government library program website (CNN) The Department of Homeland Security is monitoring the apparent hack of a government website, according to a senior administration official, who called it "defacement."
US government website hacked with pro-Iranian messages, image of bloodied Trump (USA TODAY) A federal website was taken down after a hacker posted pro-Iranian messages and an image of President Donald Trump being punched in the face.
Apparent Pro-Iran Hackers Deface Federal Library Program Site (NBC4 Washington) The website for a federal library program was hacked by an apparent pro-Iranian group late Saturday night, officials said. A spokesperson for the U.S. Government Publishing Office (GPO) said an intrusion was detected on the website for the Federal Depository Library Program and that the site was later taken down. There is no confirmation yet that Iranian state-sponsored actors were behind the hack, a Department of Homeland Security spokesperson said.
As Iran tensions escalate, officials urge NH to remain vigilant (UnionLeader.com) In a chilling reminder of the 9/11 era, state emergency officials are warning Granite Staters, “If you see something, say something.”
Artificial intelligence: China ‘uses Taiwan for target practice’ as it perfects cyber-warfare techniques (Times) China has already deployed its expertise in artificial intelligence to erect a surveillance state, power its economy and develop its military. Now Taiwan’s cyber-security chiefs have identified...
WSJ News Exclusive | U.K. Examines if Cyberattack Triggered London Stock Exchange Outage (Wall Street Journal) U.K. government agencies are examining whether a trading outage blamed on a software hiccup at the London Stock Exchange in August may actually have been caused by a cyberattack aimed at disrupting markets, according to people familiar with the matter.
Fresh Cambridge Analytica leak ‘shows global manipulation is out of control’ (the Guardian) Company’s work in 68 countries laid bare with release of more than 100,000 documents
Qatar Uses AJ+ To Meddle In Our Culture War. (Human Events) The emirate punishes homosexuality with death while funding “woke” outrage bait in America.
How Deepfakes Make Disinformation More Real Than Ever (Bloomberg) One video shows Barack Obama using an obscenity to refer to U.S. President Donald Trump. Another features a different former president, Richard Nixon, performing a comedy routine. But neither video is real...
Another Malicious Crypto Wallet App Stealing Private Keys and Data (Crowdfund Insider) Harry Denley, director of security at MyCrypto, 'an open-source...tool for generating ether wallets,' has warned the public about a malicious crypto wallet app called 'Shitcoin Wallet,' which, according to Zero Day, 'was caught injecting JavaScript code on web pages to steal passwords and private keys
Travelex ignored September warning over 'insecure' VPN server software (Computing) Travelex among a large number of organisations running vulnerable Pulse Secure VPN software
DeathRansom evolves from joke to actual ransomware (ZDNet) A highly active ransomware strain once considered a joke is now capable of encrypting files using a solid encryption scheme.
DeathRansom Ransomware Can Actually Encrypt Files Now (Fossbytes) DeathRansom ransomware was first reported in November 2019 but it was considered a joke until recently. According to cyber-security firm Fortinet [1,2], DeathRansom is now capable of encrypting files using a solid encryption scheme.
High-Impact Windows 10 Security Threat Revealed As App-Killing Malware Evolves (Forbes) This evolving Windows 10 malware threat will terminate applications ranging from Acrobat to Word
Clop Ransomware Evolves, Now can Terminate 663 Windows Processes (KoDDoS Blog) The ransomware threat, according to the FBI, has been upgraded by hackers to make it more difficult to detect but more effective in attack.
FBI Warns of Maze Ransomware Focusing on U.S. Companies (BleepingComputer) Organizations in the private sector received an alert from the F.B.I. about operators of the Maze ransomware focusing on companies in the U.S. to encrypt information on their systems after stealing it first.
Ransomware Attackers Offer Holiday Discounts (Avast) Some ransomware victims received holiday-themed ransom notes from their attackers, offering discounted rates for file decryptors.
School management software provider discloses severe security breach (ZDNet) Active Network discloses security incident that impacted school online stores built on the Blue Bear platform.
Search engine for Japanese sex hotels announces security breach (ZDNet) The 2010s decade ends with a major security breach at a search engine for finding love hotels across Japan.
Penn State community reminded to be on alert for phishing email scams (Penn State University) Penn State’s Office of Information Security has detected an increased volume of phishing email attacks against University employees in recent weeks. Specifically, attackers are sending emails that appear to be from Penn State users, primarily co-workers who are asking victims to purchase gift cards worth hundreds of dollars from places like Target, Amazon and Google Play with a promise that the employees will be reimbursed.
Christmas cyber attack spelled early holidays for council staff, nightmare for IT workers (ABC News) A council in Adelaide's south is up and running again after a cyber attack in December locked down its IT systems and forced staff to start holidays earlier than planned.
Contra Costa County Cyber Attack Snarls County Library Network (NBC Bay Area) It may take several days to recover from a ransomware attack that has shuttered the online network linking all branches Contra Costa County Library branches and the Martinez administrative offices, the system said Friday evening.
Cyber attack hits Enloe; patient records safe, officials say (Chico Enterprise-Record) Enloe Medical Center in Chico was attacked in a ransomware incident Thursday evening, according to a press release from the hospital.
Cyber-attack on Wallace State Community College delays start of classes (WAAY News) Spokeswoman Kristen Holmes confirmed the attack did not breach student or employee data.
Adam Sandler’s Twitter gets hacked, spews racist comments (Page Six) The hackers are likely the same group who targeted Mariah Carey.
Widespread fears of a new draft crashed the Selective Service website (Military Times) “Due to the spread of misinformation, our website is experiencing high traffic volumes at this time. If you are attempting to register or verify registration, please check back later today as we are working to resolve this issue. We appreciate your patience.”
Security Patches, Mitigations, and Software Updates
Smartphone Security Surprise As Samsung Shows Google How Android Updates Can Be Done (Forbes) You bought a Google Pixel smartphone partly because you know it means you will get Android security updates before anyone else. Right? You are in for a surprise then.
Microsoft Products Reaching End of Life in 2020 (BleepingComputer) Several major Microsoft products will reach their end of support during 2020, with Office 2010, Visual Studio 2010, Windows 7, Windows Server 2008 (including 2008R2), and multiple Windows 10 versions including 1803 and 1903 being some of the most important ones.
Cyber Trends
Five cyber risks that will define 2020 (Help Net Security) Only 26% of CISOs indicated that their company was ready to respond to a cyber threat. Here are five cyber risks that will endanger company data in 2020.
Security Think Tank: Let’s call time on inciting fear among users (ComputerWeekly) The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security?
()
Automotive cybersecurity incidents doubled in 2019, up 605% since 2016 (Help Net Security) Upstream Security introduces the key findings of automotive cybersecurity incidents, highlighting vulnerabilities and insights.
Marketplace
Contractors keeping close eye on aftermath of U.S. strike on Iranian leader (Washington Business Journal) Friday's airstrike sent ripples back to the D.C. government contractor community as it watches the Defense Department's response and works to secure its own personnel in the Middle East.
RSA Conference 2020 USA: What you can expect at this year's event (Help Net Security) Learn what to expect at RSAC 2020 in this feature interview with Britta Glade, Director of Content and Curation for RSA Conference.
BigID Starts 2020 with $50 Million in New Funding from Tiger Global (Yahoo) New Round To Further Accelerate Global Sales, Channel and Product Expansion
Email Security Company Mimecast Acquires Cybersecurity Company Segasec (CTECH) Segasec develops a cybersecurity service that protects website operators from consumer phishing scams
Snapchat quietly acquired AI Factory, the company behind its new Cameos feature, for $166M (TechCrunch) After acquiring Ukraine startup Looksery in 2015 to supercharge animated selfie lenses in Snapchat — arguably changing the filters game for all social video and photo apps — Snap has made another acquisition with roots in the country, co-founded by one of Looksery’s founders, to give a big bo…
Cyber Company Armis Is Negotiating Its Acquisition According to a Valuation of Approximately $1 Billion (CTECH) The potential buyer is a leading U.S. investment firm, according to two people familiar with the matter
()
7 Industrial IoT Startups You Should Watch in 2020 (Thomas) It’s predicted that the IoT device market will reach $1.1 trillion by 2026, with more than 80% of industrial manufacturing companies either using or intending to use IoT devices.
Tech Moves: ExtraHop adds execs; Simply Measured co-founder returns to startups; and more (GeekWire) — Network security startup ExtraHop added two new executives ahead of a potential IPO in 2020. Sri Sundaralingam joined as vice president of product and solutions marketing. He previously held product…
Army chief censor in talks to join controversial Israeli cyber attack firm NSO group (Haaretz) The Israeli military’s chief censor, Brig. Gen. Ariella Ben-Avraham, is in the midst of negotiations to join cybertechnology firm NSO Group Technologies, which has recently been under scrutiny for its alleged role in persecuting human rights activists.
Tenable appoints Vice President of OT Security (Zawya) Longest-serving Director of ICS-CERT joins Tenable following its acquisition of industrial security leader Indegy
Products, Services, and Solutions
SilverSun Technologies Secures $1 Million Contract for Cybersecurity-as-a-Service Business (Globe) Dual-shore Security Operations Center Enters Agreement with Enterprise Financial Service Firm
HP’s New Elite Dragonfly laptop is all about security when working on the go (TechRadar) Digital nomads rejoice
Technologies, Techniques, and Standards
Modern security product certification best practices (Help Net Security) Here are five steps product managers and developers can take to manage the security product certification process a little more smoothly.
Design and Innovation
Why the U.S. Sent Librarians Undercover to Gather Intelligence During World War II (Time) The ordinary activities of librarianship—acquisition, cataloguing, and reproduction—became fraught with mystery
Legislation, Policy, and Regulation
NATO to hold urgent meeting on Monday over Iraq-Iran crisis (Reuters) NATO ambassadors will gather on Monday in Brussels for an urgent meeting convene...
Innocent Cyber Bystanders Entangled in an Act of War (International Policy Digest) The start of a new decade may usher in cyber warfare as the new normal in global combat.
A 'Forever War' With Iran Is Unlikely. But More Death and Violence Seems Inevitable (Time) Admiral James Stavridis breaks down what might happen next after Soleimani death
US on high alert for cyber-attack retaliation from Iran (Computing) Iran has pledged to take revenge for the assassination of Qassem Soleimani last week
Iran says its response to killing of revered Quds Force commander will be ‘against military sites' (Military Times) “[Trump] doesn’t know international law. He doesn’t recognize UN resolutions either. Basically he is a veritable gangster and a gambler. He is no politician he has no mental stability.
Iran withdraws from nuclear arms agreement (The Western Standard) Early Sunday morning, the United States announced it was suspending most operations against ISIS (Daesh).
Soleimani is dead, but the enemy still stands (TheHill) While Iran is likely to retaliate, Soleimani’s death comes at a vulnerable time as the regime fights economic collapse and popular rebellion.
Trump says Tweet serves as ‘notification’ to Congress that U.S. may 'quickly & fully strike back’ against Iran (Military Times) Trump’s assertion on Twitter Sunday that he can use social media to inform Congress of future military actions against Iran is likely to cause further tensions between lawmakers and the White House.
Trump says Iranian military leader was killed by drone strike ‘to stop a war,’ warns Iran not to retaliate (Washington Post) The death of Qasem Soleimani, a feared Iranian operator, put the region on edge.
Trump says there’s no intent to start a war with Iran. Here’s where things stand. (Military Times) Following the assassination of a top Iranian general, the U.S. military is waiting for Iran -- and Iraq's -- next moves.
Trump threatens Iran that US is targeting 52 sites if Tehran retaliates following death of Iranian general (Military Times) “Let this serve as a WARNING that if Iran strikes any Americans, or American assets, we have targeted 52 Iranian sites (representing the 52 American hostages taken by Iran many years ago), some at a very high level & important to Iran & the Iranian culture, and those targets, and Iran itself, WILL BE HIT VERY FAST AND VERY HARD. The USA wants no more threats!”
Trump doubles down on striking cultural sites in Iran (Elko Daily Free Press) President Donald Trump insisted Sunday that Iranian cultural sites were fair game for the U.S. military, dismissing concerns within his own administration that doing so could constitute
Trump’s Iran Policy Spirals Toward Control (Bloomberg Opinion via Yahoo News) The U.S. airstrike that killed Qassem Soleimani, head of Iran's Revolutionary Guard Quds Force, and Abu Mahdi al-Muhandis, a leader of Iranian-backed militias in Iraq, was not simply a sharp departure in the Trump administration’s policy toward Tehran. It also marks a larger
Petraeus Says Trump May Have Helped ‘Reestablish Deterrence’ by Killing Suleimani (Foreign Policy) The former U.S. commander and CIA director says Iran’s “very fragile” situation may limit its response.
Killing of Soleimani follows long push from Pompeo for aggressive action against Iran, but airstrike brings serious risks (Washington Post) The secretary of state began conversations with President Trump months ago about killing Iran’s top commander, but Trump at the time would not countenance such an operation, officials said.
Trump threatens sanctions if US troops exit Iraq (BBC News) The US president warns Iraq of sanctions "like they've never seen before" if US troops are expelled.
Will Russia Enforce Its New Internet Laws in 2020? (The Moscow Times) Legislation may be strict, but experts say it’s easy to circumvent.
When A Tech Company Engages In Severe Human Rights Violations (Forbes) In December 2019, several British politicians wrote to the UK Foreign Secretary to raise the issue of a Tech company, Huawei, allegedly engaging in severe human rights violations in China.
5G Is Where China and the West Finally Diverge (The Atlantic) The rollout of speedy new cellular networks is a geopolitical turning point, but neither Trump nor the public yet recognizes this.
Telecoms security bill may exclude Huawei from Estonian market, firm says (ERR) Chinese mobile phone giant Huawei has written to interior minister Mart Helme (EKRE) in opposition to a bill requiring greater security checks on its devices and software. The company says that the bill – which concerns all telecoms companies - does not constitute fair and transparent regulation and would in effect exclude it from the market.
FUREY: Banning Huawei could be a national unity moment for Canada (Toronto Sun) There’s an eerie scene in the new documentary American Factory that needs to be watched by any Canadian who is still on the fence about the Huawei question.The 2019 film now available on Netf…
FCC says it will accept comments until February 3 on Huawei, ZTE security risks (Reuters) The U.S. Federal Communications Commission (FCC) said on Friday it will accept p...
New Orleans to Boost Cyber Insurance to $10M Post-Ransomware (Dark Reading) Mayor LaToya Cantrell anticipates the recent cyberattack to exceed its current $3 million cyber insurance policy.
Indiana counties battle cyber attackers with help from state, feds (Indianapolis Business Journal) To fight cyberattacks, state and local government officials are taking a page from the enemy’s playbook by expanding protections against attacks from one entry point to thousands.
Litigation, Investigation, and Law Enforcement
Explainer: Inside the lawful killing of Qassim Suleimani (Navy Times) An Iranian general, the Japanese architect of the Pearl Harbor attack, Jimmy Carter and Donald Trump.
The killing of General Soleimani was lawful self-defense, not “assassination” (Lawfire) Today a news reporter asked whether the killing of General Qasem Soleimani, who led the Islamic Revolutionary Guard Corps-Quds Force (a U.S.-designated terrorist organization), amounted to “assassi…
The key word in U.S. justifications for the killing of Iranian general: ‘Imminent’ (Washington Post) The Trump administration says the killing of Qasem Soleimani stopped an imminent attack. But what does it mean by imminent?
Iran leader killed in strike linked to years of attacks, killing of more than 1,000 U.S. troops during Iraq War (Military Times) Qassem Soleimani led the Iran's effort to provide Iraq-based insurgents with powerful IEDs during the Iraq war.
A Chinese “tourist” accused of espionage is the latest example of a growing threat to US security (Quartz) It might have worked, if the FBI wasn't already watching.
Ninth Circuit Denies Malwarebytes' Petition for Rehearing - Court Rules Enigma Software can Proceed with its Lawsuit Against Malwarebytes for Anticompetitive Practices (PR Leap) Ninth Circuit rules against Malwarebytes in Enigma Software's lawsuit for claims of unfair trade practices. Ninth Circuit denies Malwarebytes petition for rehearing and orders that no further petitions will be entertained. Enigma Software is permitted to proceed with its lawsuit against Malwarebytes.