San Francisco: the latest from RSAC 2020
How China poses an insider threat (Fifth Domain) Officials warned that China's intellectual property theft includes using company insiders, not just cyberattacks.
Accused Chinese hackers abandon techniques after U.S. indictments (CyberScoop) Digital infrastructure associated with Chinese hackers charged in 2014, 2017 and 2018 essentially evaporated when charges in each case were made public.
RSAC 2020 Survey — API Security Attitudes & Trends (CloudVector) CloudVector attended RSA Conference 2020 to exhibit in the Early Stage Expo, a specialized pavilion for up-and-coming cybersecurity vendors away from the
Intel promises full memory encryption as it presents its data-centric security strategy (Computing) Intel promises bigger investment in security following the Meltdown and Spectre security bugs
Bishop Fox Wins Three InfoSec Awards from Cyber Defense Magazine at RSA Conference 2020 (PR Newswire) Bishop Fox, the largest private professional services firm focused on offensive security testing, today announced that it has won three InfoSec...
Cyber Attacks, Threats, and Vulnerabilities
Summer Olympics is ripe for cyberattacks (TechRepublic) Criminals will exploit the confusion and hustle and bustle of the games to their advantage, according to security researcher.
Cyber-espionage campaign in Middle East, Europe picked up speed after Soleimani killing (CyberScoop) Iran-linked hackers have been running spearphishing email campaigns against governmental organizations in Turkey, Jordan and Iraq in recent months in a likely effort to gather intelligence, according to research published Wednesday by Dell Secureworks.
Iran maintaining on-going cyber efforts, no response yet to Soleimani killing (SC Media) Iranian cyberespionage operations are continuing at a steady pace, but so far no reaction has been spotted in response to the January U.S. drone strike that killed Iranian Gen. Qasem Soleimani.
Online ‘impersonator’ tried to contact campaigns, DNC says (Washington Post) The Democratic National Committee has warned its presidential candidates to be cautious after Bernie Sanders’ campaign reported that an “impersonator” with a domain registered overseas had posed as one of its staffers and sought conversations with members of at least two other campaigns.
Russian hacking, spear-phishing, nondisclosure agreements: How Florida was affected in 2016 election (Tallahassee Democrat) Gov. Ron DeSantis was told during an FBI briefing that at least 2 Florida counties were hacked in the 2016 election, but he signed a nondisclosure agreement saying he would not divulge which counties were affected.
Will your vote count? Veil of secrecy makes it impossible for Florida voters to know (Tallahassee Democrat) Florida forced all 67 election supervisors to sign nondisclosure agreements in order to get training and funding to fight hacking.
Flaw in billions of Wi-Fi devices left communications open to eavesdropping (Ars Technica) Cypress and Broadcom chip bug bit iPhones, Macs, Android devices, Echoes, and more.
KrØØk vulnerability affecting Broadcom and Cypress WLAN chips could enable attackers to decrypt wireless network packets (Computing) New security vulnerability could affect nearly one billion devices worldwide
KR00K - CVE-2019-15126: Serious Vulnerability Deep Inside Your Wi-Fi Encryption (ESET) ESET researchers discovered a previously unknown vulnerability in Wi-Fi chips and named it Kr00k. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. In a successful attack, this vulnerability allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device.
Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices (BleepingComputer) The operators of the Sodinokibi Ransomware (REvil) have started urging affiliates to copy their victim's data before encrypting computers so it can be used as leverage on a new data leak site that is being launched soon.
Ransomware victims thought their backups were safe. They were wrong (ZDNet) Ransomware victims are finding out too late that their vital backups are online and also getting encrypted by crooks, warns cybersecurity agency.
Facial-Recognition Company That Works With Law Enforcement Says Entire Client List Was Stolen (The Daily Beast) Clearview AI, which contracts with law enforcement after reportedly scraping 3 billion images from the web, now says someone got “unauthorized access” to its list of customers.
()
LTE vulnerability allows impersonation of other mobile devices (Naked Security) Researchers have found a way to impersonate mobile devices on 4G and 5G mobile networks, and are calling on operators and standards bodies to fix the flaw that caused it.
PayPal accounts abused en-masse for unauthorized payments (ZDNet) All signs point to an attack exploiting PayPal's Google Pay integration.
Norton LifeLock Phishing Scam Installs Remote Access Trojan (BleepingComputer) Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes.
Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them? (Help Net Security) CVE-2020-0688, a RCE bug in Microsoft Exchange Server, could become a vector for ransomware groups in coming months as it's ripe for exploitation.
()
Zyxel 0day Affects its Firewall Products, Too (KrebsOnSecurity) On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.
Cloud outages show multicloud is essential (InfoWorld) Outages are inevitable and vendors are unreliable. You can’t move fast enough unless you already have your service running on two or more clouds
()
Slickwraps apologizes to customers after comically bad data breach (The Verge) Accessed information includes names, emails, and addresses.
Gadsden school district hit by ransomware for the second time in a year (Las Cruces Sun-News) The district has again shut down internet and phones, but it is not clear whether this is because of a new ransomware attack or the previous virus.
PUBG has been dealing with an increase in DDoS attacks and performance issues (pcgamer) PUBG Corp has explained its plans to resolve them.
Munson Healthcare Notifies Patients of Data Breach (9 & 10 News) Munson Healthcare had a data breach where employee email accounts were accessed by an unauthorized third party. After an investigation, it was found that some of the email accounts that were accessed contained identifiable personal and protected health information. Patient names, insurance information, dates of birth, treatment, and diagnostic information were impacted in the email accounts. Munson Healthcare says a...
Cyber Attack Attempts on Judiciary Top 24 Million, Congress Told (Bloomberg Law) Cyber attack attempts targeting the federal judiciary have risen sharply in recent years to more than 24 million in 2019, and some incidents have been tied to other nations, judiciary officials said in congressional testimony.
Cyber Trends
What is a cyber attack? Recent examples show disturbing trends (CSO Online) A cyber attack is an attack launched from one or more computers against another computer, multiple computers or networks. Here are some of the major recent cyber attacks and what we can learn from them.
IBM Survey: Only 38% of State and Local Government Employees Trained on Ransomware Prevention (IBM Security) Two thirds of government employees concerned about cyberattacks on their workplace, threats against elections among top concern in 2020
Global Threat Trends Demonstrate Political and Economic Intentions of Cybercriminals (Fortinet) FortiGuard Labs Threat Landscape Report Reveals a New Perspective on Global Trade and the Allure of Election Disruption
Stalkerware Attacks Increased 50 Percent Last Year, Report (Threatpost) Research puts the emerging mobile threat—which monitors the whereabouts and device activity of devices users as well as collects personal data—into clearer focus.
()
Marketplace
The Cybersecurity 202: Huawei official accuses U.S. of targeting the telecom to hurt China (Washington Post) The battle over Huawei is taking place face-to-face here as officials from the U.S. government got a chance to debate directly with the Chinese telecom.
Why This Microsoft Analyst Says A Security Awakening Is 'Real,' Company A 'Core Growth Holding In Cloud' (Benzinga) After attending meetings at the RSA Conference 2020 being held this week in San Francisco, one analyst at Piper Sandler came away convinced about the prospect the security segment...
Kenna Security Nearly Doubles Revenue in Year of Product Innovation (AiThority) Kenna Security, the enterprise leader in risk-based vulnerability management, grew revenue more than 90% over the last two years, with annual recurring revenue growing 150% over the same period.
SoftIron Co-Founder, Mark Chen, Returns to Lead Company's Secure Provenance Strategy as CSO (PR Newswire) SoftIron Ltd., the leader in purpose-built and performance-optimized data center appliances, announces the appointment of Mark Chen to the role...
Cybersecurity Expert Joins CrossCountry Consulting’s Board of Advisors (PRWeb) CrossCountry Consulting, a leading business advisory firm, today announced that it has named noted cybersecurity expert Matthew Devost to its Board of Adviso
Products, Services, and Solutions
Menlo Security Offers $1 Million Malware Protection Warranty for World’s First Cloud Proxy Platform Built on an Isolation Core™ (BusinessWire) Menlo Security, a leader in cloud security, today announced the launch of its 100 percent malware protection warranty. The company stands behind its a
StorCentric’s Nexsan Announces Major Performance & Connectivity Improvements for BEAST Platform with New BEAST Elite Models (Nexsan) BEAST Elite & Elite F with QLC Flash Deliver Industry-Leading BEAST Reliability with Enhanced Performance
Adaptiva Introduces Endpoint Health With 111 Health Checks for Clients and Servers (Yahoo) Adaptiva's automated solution, Endpoint Health, is proven to dramatically reduce help desk tickets and lower costs.
Malwarebytes Launches Enhanced Cloud Platform, MSP Premier Partner Program - Malwarebytes Press Center (Malwarebytes Press Center) Simplified dashboards enable easy deployment, reporting and operational control
F-Secure Expands Partnership With Nifty On Identity Protection Services (Global Security) Today, cyber security provider F-Secure and Nifty, Japan’s leading internet service provider (ISP), announced they were expanding their partnership with Nifty’s deployment of F-Secure’s identity protection services in Nifty’s “@nifty Password Manager”.
Clumio SaaS Continues to Disrupt $10 Billion Market by Redefining Backup for the All Cloud Enterprise (Globe Newswire) Company Reports Product Validation by Industry and Customers; Announces Snowflake’s Chief Revenue Officer Chris Degnan as New Board Member
Kubernetes Security Leader Alcide Simplifies PCI and GDPR K8s Compliance for DevOps and Security Teams (Yahoo) Introduces compliance playbooks to the Alcide Kubernetes Security Platform to enable automated Kubernetes compliance checks
Imperva launches Advanced Bot Protection solution (Help Net Security) Imperva announced Advanced Bot Protection, a new solution that integrates its bot management technology into the its Cloud Application Security solution.
Technologies, Techniques, and Standards
How a Hacker's Mom Broke Into a South Dakota Prison (Wired) Security analyst John Strand had a contract to test a correctional facility’s defenses. He sent the best person for the job: his mother.
Academia
Cyber Florida Helps Towns and Counties Prepare for the Growing Cyber Threat (Cyber Florida) With support from Florida Secretary of State Laurel M. Lee, Florida Attorney General Ashley Moody, and the Florida League of Cities, Cyber Florida’s efforts have already reached over 300 local public officials February 26, 2020—Tampa, FL: Cyber Florida’s ongoing efforts to help the state’s local governments improve their cybersecurity featured events in Ocala and Tallahassee …
Legislation, Policy, and Regulation
()
North Korea is relying on the internet more, creating an opening for the US (Fifth Domain) The United States should be prepared to impose sanctions on the individuals and companies in suspect countries for hosting North Korean cyber operatives.
Australian Minister Slams Gov’t for Weak Response to Ransomware ‘Epidemic’ (Cointelegraph) An Australian minister has slammed the government for failing to prioritize ransomware amid increasing attacks.
()
FCC now collecting data on Huawei use in US networks (CNET) The info will help the US Federal Communications Commission reimburse smaller carriers for ripping out and replacing Huawei and ZTE equipment.
Democrats cancel surveillance vote over pushback to amendments (TheHill) The House Judiciary Committee on Wednesday canceled a planned vote to reauthorize a set of controversial government surveillance programs over concerns that a slew of privacy-focused amendments from Rep.
()
Litigation, Investigation, and Law Enforcement
Tech Platforms Aren’t Bound by First Amendment, Appeals Court Rules (Wall Street Journal) A federal appeals court in California ruled that privately operated internet platforms are free to censor content they don’t like.
Lawyer says Assange shouldn’t face ‘political’ extradition (Washington Post) A lawyer for Julian Assange has argued that the WikiLeaks founder should not be sent to the United States because a U.K.-U.S. treaty bans extradition for political offenses
ICE has run facial-recognition searches on millions of Maryland drivers (Washington Post) The direct and largely unlimited access granted to immigration-enforcement officials marks an aggressive new step for the federal agency in regard to Americans’ photos and personal data. It also raises the risk that undocumented immigrants who applied for driver’s licenses under the state’s landmark program could have been targeted.
SoftBank’s Rajeev Misra Used Campaign of Sabotage to Hobble Internal Rivals (Wall Street Journal) The man atop the world’s biggest tech fund paid for a campaign that included negative news stories, a concocted shareholder campaign and a sexual trap, people familiar with the matter say. A Misra spokesman said he did not orchestrate the effort.
WSJ News Exclusive | Hilton’s Waldorf Beverly Hills Used a Mole to Steal Secrets From Rival, Lawsuit Says (Wall Street Journal) The Waldorf Astoria Beverly Hills is making a push to attract Middle Eastern royals and well-heeled celebrities. Now, a rival hotel is alleging the Waldorf stole corporate secrets and personal information about some of those guests in an effort to win business.
Taking a GPS tracker off your car isn’t ‘theft,’ court rules (Naked Security) This line of thinking could get absurd, Indiana’s supreme court declared. How do you “steal” something if you don’t know who owns it?
Ex-Microsoft engineer convicted of 18 felonies after stealing $10M in digital currency (GeekWire) A former Microsoft worker was convicted of 18 federal felonies after he stole $10 million worth of digital currency from his ex-employer and used the funds to finance extravagant purchases, including…
This fraud ring posed as a Navy officer (Navy Times) A Los Angeles man linked to an international fraud ring that masqueraded as a Navy official to steal millions of dollars worth of electronics will stay behind bars.
Six suspected drug dealers went free after police lost evidence in ransomware attack (ZDNet) Seventh incident of its kind when police investigations were impacted by a ransomware infection.
Click Here to Sue Everybody: Cutting the Gordian Knot of the Internet of Things with Class Action Litigation (Richmond Journal of Law & Technology) It is not hyperbole to state that the mass proliferation of the Internet of Things (IoT) will alter modern society to a degree surpassing even the Industrial Revolution.