Cyber Attacks, Threats, and Vulnerabilities
Austria's Foreign Ministry Hit by Cyber-Attack (Infosecurity Magazine) State-sponsored threat actor may be responsible for cyber-attack on Austria
Government Website Is Hacked With Pro-Iran Messages (New York Times) Officials were still investigating the attack, which was consistent with the work of low-level Iranian nationalist hackers looking for easy American targets, experts said.
Soleimani killing will likely result in reprisal cyberattacks by Iran (SC Media) The U.S. drone strike that killed Iranian General Qasem Soleimani in Baghdad is expected to generate kinetic reprisal strikes from Iran, but cyber experts say cyberattacks are also likely.
SECURITY: Iran could launch cyberattacks after U.S. strike — experts (E&E News) Following the U.S. drone strike that killed a top Iranian general, cyber experts are sounding the alarm that the "forceful revenge" promised by Iran's supreme leader could include cyberattacks on American energy companies.
Cyberwar with Iran: How vulnerable is America? (MSN) Iranian hackers could instantaneously shut down an entire power grid, experts say, or go after your bank. Is America ready?
US Govt Says Iran's Cyberattacks Can Disrupt Critical Infrastructure (BleepingComputer) The U.S. Department of Homeland Security (DHS) warned in a terrorism threat alert issued through the National Terrorism Advisory System (NTAS) that potential cyberattacks carried out by Iranian-backed actors against the U.S. have the potential to disrupt critical infrastructure.
MS-ISAC cautions of cyberattacks following death of Iranian general | StateScoop (StateScoop) Though based on no specific credible cyberthreat, an advisory warns state and local governments to be especially vigilant after the death Qassem Soleimani.
Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the United States and Iran’s historic use of cyber offensive activities to retaliate against perceived harm. Foremost, CISA recommends organizations take the following actions:
Press Release - January 4, 2020: Department of Financial Services Issues Alert to Regulated Entities Concerning Heightened Risk of Cyber Attacks (Department of Financial Services) Today the Department of Financial Services (DFS) issued the following industry letter to all regulated entities following recent events and the need for heightened cybersecurity precautions.
US banks put on red alert as Iran crisis deepens (Finextra Research) The US Government's increasingly belligerent confrontation with Iran has prompted New York's Department of Financial Services to urge banks to heighten cybersecurity precautions.
The Death of Qassim Suleimani and Risks to Global Security (Chertoff Group) On January 3, 2020, a U.S. drone strike near Baghdad airport killed Maj. Gen. Qassim Suleimani, one of Iran’s most powerful military commanders overseeing security and intelligence, and close confidant of Supreme Leader Ayatollah Ali Khamenei.
Crowdstrike CEO: Kinetic and cyber retaliation from Iran 'certainly a possibility' (CNBC) Crowdstrike CEO George Kurtz says cyber threats from U.S. adversaries like Iran are common. He tells CNBC's Jim Cramer how the cybersecurity firm fends off attacks.
VMware's Tom Kellermann on Iran's Cyber Capabilities (ExecutiveBiz) Tom Kellermann, head of cybersecurity strategy at VMware, told Bloomberg in a video interview posted Saturday he believes Iran will respond to a U.S. airstrike through cyber warfare.
Should the U.S. Expect an Iranian Cyberattack? (The New Yorker) Cyber weapons do not have to be cutting-edge to lacerate a community, a company, or a country.
Should you be afraid of an Iranian cyberattack? The answer is complicated (Digital Trends) Here’s the good news: Iran likely won’t target ordinary Americans. Any and all cyberattacks that Iran would carry out would likely be against U.S. government agencies or major corporations that Iran has already, in some way or another, infiltrated and can already easily cause a disruption. Iranian hackers most likely won’t go after your phone, your Google account, or your favorite website.
DHS to Businesses: ‘Are You Attractive to Iran’ as a Target and Prepared for Terror? (Homeland Security Today) CISA warns against the possibility of cyber hits, improvised explosive devices --
Facebook data misuse and voter manipulation back in the frame with latest Cambridge Analytica leaks (TechCrunch) More details are emerging about the scale and scope of disgraced data company Cambridge Analytica’s activities in elections around the world — via a cache of internal documents that’s being released by former employee and self-styled whistleblower, Brittany Kaiser.
Analysis | The Cybersecurity 202: The 2020 election will be the country’s biggest cybersecurity test ever (Washington Post) And other top digital security stories we're tracking in the new year.
Why the world must pay attention to the fight against disinformation and fake news in Taiwan (TechCrunch) On Saturday, Taiwan will hold its presidential election. This year, the outcome is even more important than usual because it will signal what direction the country’s people want its relationship with China, which claims Taiwan as its territory, to move in. Also crucial are efforts against fake news. Taiwan has one of the worst disinformation problems in the world and how it is handled is an important case study for other countries.
SideWinder Doesn't Sleep Tonight; Targets Android Kernel Vulnerability (Computer Business Review) Trend Micro researchers say they've identified the first active attack exploiting a severe Android kernel vulnerability detailed by Google in October 2019.
MageCart Skims Credit Cards from FocusCamera.com (Juniper Networks) Late in December 2019, someone I know received a notification from their credit card company stating a transaction for a purchase of substantial value was pending. Not recognizing the transaction, the person immediately contacted the credit card company to put a stop to the transaction which had n...
VPN warning: REvil ransomware targets unpatched Pulse Secure VPN servers (ZDNet) Researcher warns organizations to patch Pulse Secure VPN flaws now or risk 'big game' REvil ransomware attacks.
Colombia Reports in 2020: combating repression a bit harder than last year (Colombia News | Colombia Reports) If the first few days of 2020 are an indication of the coming year, Colombia Reports is likely to face more resistance and end the year stronger than it began.…
Sodinokibi Ransomware Hits Travelex, Demands $3 Million (BleepingComputer) It's been more than six days since a cyber attack took down the services of the international foreign currency exchange company Travelex and BleepingComputer was able to confirm that the company systems were infected with Sodinokibi ransomware.
Cyber criminals demand $3 million in ransom from Travelex after infecting its network with Sodinokibi ransomware (Computing) Attackers claim to have copied more than 5GB of users' personal data
Don’t fall for the “Start your 2020 with a gift from us” scam… (Naked Security) There is no free MacBook. There IS no free MacBook. There is NO free MacBook.
Vulnerability Summary for the Week of December 30, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Pensacola to Offer Cyber Protection to Some Customers (WUWF) Work continues on plugging up the remaining leaks in the city of Pensacola’s computer system, one month after being hit with ransomware. Mayor Grover
Colorado Town Wires Over $1 Million to BEC Scammers (BleepingComputer) Colorado Town of Erie lost more than $1 million to a business email compromise scam (BEC) that ended with the town's employees sending the funds to a bank account controlled by scammers.
Google Reinstates Reported UAE Surveillance App ToTok (Vice) The messaging app, which the New York Times reported is secretly a surveillance tool, is suddenly back online.
Security Patches, Mitigations, and Software Updates
Cisco repairs 12 bugs in its Data Center Network Manager (SC Media) Cisco Systems this month issued six security advisories disclosing a total of 12 vulnerabilities the Data Center Network Manager, three of them critical.
Facebook Revamps Its Privacy Checkup Feature in Time for CES (Wired) Forget Portal. This year, Facebook is marketing itself as a privacy crusader.
Facebook's first CES reveal in years is a privacy tool that falls short (CNET) This is Privacy Checkup's first significant update since Facebook's Cambridge Analytica scandal, bit it doesn't address the core issues lawmakers have had with the social network.
Ring adds privacy dashboard to app in response to security concerns (The Verge) You’ll be able to enable two-factor authentication and limit police department access here.
Firefox to Allow Users to Delete Telemetry Data (Decipher) As CCPA goes into effect, Mozilla is making a change that will allow people to request the deletion of any telemetry data collected by Firefox.
YouTube starts limiting ad targeting and data collection on kids content (TechCrunch) YouTube now officially limits the amount of data it and creators can collect on content intended for children, following promises made in November and a costly $170 million FTC fine in September. Considering how lucrative kids’ content is for the company, this could have serious financial ramifications for both it and its biggest creators.
Cyber Trends
Signicant Multi-Domain Incidents against Critical Infrastructure (SMICI) Dataset (National Consortium for the Study of Terrorism and Responses to Terrorism) As a part of an ongoing effort to better understand adversaries’ multi-domain behavior and motivations, the Unconventional Weapons & Technology Division (UWT) of the National Consortium for the Study of Terrorism and Responses to Terrorism (START) has completed the initial development of the Signicant Multi-Domain Incidents against Critical Infrastructure (SMICI) dataset, a trst of its kind.
A retrospective on the first two decades of control system cyber security – culture issues still prevent successfully securing control systems (Control Global) Control system cyber security was, and should be, about protecting the control system process.
Disinformation For Hire: How A New Breed Of PR Firms Is Selling Lies Online (BuzzFeed News) One firm promised to “use every tool and take every advantage available in order to change reality according to our client's wishes.”
5 cybersecurity trends for 2020 (CIO Dive) With industry-known strains morphing into new killers and regulators dutifully watching for errors, companies are looking to their infosec team more than ever.
BNamericas - Why is Brazil so vulnerable to cyber attacks? (BNamericas.com) The number of cyberattacks on government networks increased in 2019, according to data just released by the government cyber incident handling and response c...
Here’s What You Need to Know About Your Data Privacy in 2020 (McAfee Blogs) The end of 2019 is rapidly approaching, and with the coming of a new year comes the perfect opportunity to reflect on the past and plan for the months ahead
Marketplace
Iran Tensions Heighten: What's Next For Markets And Stocks (Seeking Alpha) Iran will refrain from direct kinetic warfare, and, instead, use its robust cyber warfare capability to sow chaos in the US economy to deny Donald Trump a second term.
CrowdStrike Stock Breaks Out Amid Iran Tensions (Investopedia) CrowdStrike shares moved sharply higher during Monday's session as fears of a cyber retaliation from Iran sent cybersecurity stocks higher.
Cyber Spies Are Quietly Boosting Hawaii's High Tech Economy (Honolulu Civil Beat) Can the state build on a massive base of National Security Agency and other government cyber jobs?
BigID Starts 2020 with $50 Million in New Funding from Tiger Global (BusinessWire) BigID, the leader in privacy-oriented data discovery, intelligence and automation today announced that it has raised $50 million in new funding from T
Cloudflare acquires stealthy startup S2 Systems, announces Cloudflare for Teams (TechCrunch) Cloudflare announced that it has acquired S2 Systems, a browser isolation startup started by former Microsoft execs. The two companies did not reveal the acquisition price.
Xerox makes another try for HP, this time with funding locked in (Silicon Valley Business Journal) "We have always maintained that our proposal is not subject to a financing contingency, but in order to remove any doubt, we have obtained binding financing commitments," Xerox CEO John Visentin wrote in a letter to HP Inc.'s board.
Xerox nails down $24bn funding to back proposed HP acquisition (Computing) Xerox CEO John Visentin brandishes the financing necessary to back Xerox's proposed takeover of HP Inc,
Will Dell Technologies Fetch $3B for RSA? (SDX Central) Dell Technologies wants to sell RSA Security business for at least $3 billion and has hired Morgan Stanley to help with the sale, according to PE Hub. A company spokesperson declined to comment on the report.
Accenture to Acquire Symantec’s Cyber Security Services Business from Broadcom (BusinessWire) Accenture agreed to acquire Symantec’s Cyber Security Services business from Broadcom, Inc.
Analyzing Broadcom’s Acquisitions in the Software Sector (Market Realist) Broadcom has been making many acquisitions in the software industry. The semiconductor giant seems to be drifting away from its core chip business.
As Problems Mount, Boeing Should Spin Off Defense Operations (247wallst.com) Boeing has the chance to salvage investor results if it spins off its defense, space and security units into a new publicly held corporation.
AHEAD Acquires Platform Consulting Group, Bolstering its Capabilities in the Delivery of Cloud Native Applications | AHEAD (AHEAD) AHEAD announced it has acquired Platform Consulting Group, bringing cloud native app development expertise to its professional services organization.
SAIC to Offer 10 Cyber Scholarships to Veterans (WashingtonExec) Science Applications International Corp. is now accepting applications for its CyberWarrior Scholarship, a program that helps returning veterans reenter
Retired Lt. Gen. Michael Nagata Joins CACI as Corporate Strategic Adviser (WashingtonExec) CACI International has named retired U.S. Army Lt. Gen. Michael Nagata a corporate strategic adviser and senior vice president, tasked with enhancing the
Imperva Names Pam Murphy as CEO (Imperva) Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, today announced its board of directors has appointed Pam Murphy – a seasoned executive in enterprise software – as CEO, effective immediately. Interim CEO Charles Goodman will continue to serve as …
Thrilled to Join Imperva (Imperva Blog) Today marks my first day at Imperva and I could not be more thrilled to join the outstanding team behind the impressive products that keep our customers safe every day. I’ve been asked to share why I joined Imperva, and candidly there are a number of reasons: First, timing: I think that security – especially …
Kaspersky Names Rob Cataldo to Managing Director, North America (MSSP Alert) Cybersecurity software & endpoint protection specialist Kaspersky promotes Rob Cataldo to lead its North American sales & more -- including channel partner & MSP operations.
BitSight Appoints Stephen Harvey as Chief Executive Officer (PR Newswire) BitSight, the Standard in Security Ratings, today announced it has appointed Stephen Harvey as CEO. Harvey joins BitSight from Institutional...
Aryaka Announces Appointment of New Chief Financial Officer (ResponseSource Press Release Wire) Seasoned Finance Executive Brad Kinnish Joins Aryaka Team
Products, Services, and Solutions
ZeroNorth Strengthens Software Security for Leading Auction Platform, Bidpath (BusinessWire) ZeroNorth announced that Bidpath selected the ZeroNorth platform to strengthen its software security program.
Hushmesh to Reveal Password-Free Solution to Identity Fraud, Data Breaches at CES 2020 (BusinessWire) Hushmesh Inc., a Public Benefit Corporation committed to enabling digital trust and privacy for everyone, has a new approach to identity fraud and dat
QIIB selects IBM artificial intelligence for fraud prevention (Finextra Research) QIIB has implemented ‘IBM Safer Payments’ to deliver cross-channel fraud prevention, enabling the leading Qatari Islamic bank customers to bank more securely.
Industrial Operators on Alert in Wake of U.S. Cyberattack Warning (Security Boulevard) On January 4th, the U.S. Department of Homeland Security (DHS) issued a National Terrorism Advisory bulletin warning of a potential cyberattack by Iran in the wake of a U.S. drone attack that killed a senior Iranian military commander. Read Nozomi Networks experts take on the new reality of cyberattacks on U.S. interests. The post Industrial Operators on Alert in Wake of U.S. Cyberattack Warning appeared first on Nozomi Networks.
Technologies, Techniques, and Standards
Adaptation is key to determining network resilience in cyberattacks, study finds (US Army) A new study shows that traditional markers of a computer network's resilience are not solely effective in determining its ability to accomplish missions.
Is New York cyber-battle ready? (CSNY) The United States’ surprising killing of Iran’s top commander, General Qassem Soleimani, late last week has prompted many logistical, strategic and constitutional questions, but the most pressing among them is what Iran’s next steps will be.
Cisco’s Five Steps to Effective Third-Party Cybersecurity (Supply Chain Brain) It’s hard enough shoring up cybersecurity within the walls of your own business. But doing the same for the army of partners that makes up a global supply chain? That can be next to impossible.
Reeling in a big phish (Accounting Today) Strong cybersecurity and employee training are crucial to preventing phishing attacks.
Kubernetes Gets a Runtime Security Tool (EnterpriseAI) As more enterprise users deploy Kubernetes as their preferred container orchestrator, momentum is building to lock down security on vulnerable hybrid
No cellphones, laptops were allowed to go with Army 82nd paratroopers deploying to Middle East (Army Times) The move was made to ensure operational security was maintained during the emergency deployment, which saw 3,500 paratroopers from 1st Brigade Combat Team fly out of Fort Bragg, North Carolina, to Ali Al Salem Air Base, Kuwait.
Design and Innovation
Facebook bans deepfakes, but new policy may not cover controversial Pelosi video (Washington Post) Facebook issued new rules that ban users from posting computer-generated, highly manipulated videos, known as deepfakes, seeking to stop the spread of a novel form of misinformation months before the 2020 presidential election.
Death of the keyboard and mouse: How human-computer interfaces are evolving (Computing) The keyboard and mouse is already giving way to human-computer interfaces that could once only have been seen in sci-fi films, writes Nic Fearn
The Humble Office ID Badge Is About to Be Unrecognizable (Wall Street Journal) Plastic cards may soon give way to biometric systems, microchip implants, gait recognition and other technologies that aim to improve security, generate health data and monitor workers.
Research and Development
QOMPLX Tallies 12 Patents In 2019 For Technological Innovation In Cybersecurity, Insurance, Finance And Analytics Infrastructure (PR Newswire) QOMPLX®, the intelligent decision platform provider, today announced that the United States Patent and Trademark Office (USTPO) awarded 12 U.S....
Academia
New option in business information technology seeks to meet need for cyber talent (VT News) As data breaches and cyberattacks continue to grow, businesses, government agencies, and other employers are seeking employees with the right skills to help them. The cybersecurity option would help meet the tremendous need for talent in this field.
Legislation, Policy, and Regulation
Britain, France, Germany meet in Brussels for crisis Iran talks (Reuters) The British, French and German foreign ministers meet in Brussels on Tuesday to ...
Israel tries to stand aside from U.S.-Iranian conflict (Reuters) Israel sought on Tuesday to stand aside from the conflict between its close ally...
Perspective | Killing a top Iranian military leader was a whack-for-tat move (Washington Post) Maj. Gen. Qasem Soleimani was no stateless outlaw like Osama bin Laden. The U.S. drone strike that killed him sets us on a dangerous path.
Trump administration pressed Dutch hard to cancel China chip-equipment sale: sources (Reuters) The Trump administration mounted an extensive campaign to block the sale of Dutc...
White House proposes regulatory principles to govern AI use (Reuters) The White House on Tuesday proposed regulatory principles to govern the developm...
New ways Homeland Security wants to attack cyber breach reporting (Fifth Domain) The Department of Homeland Security's cybersecurity agency is updating its incident forms.
Rudy Giuliani mixed White House role, personal business in cybersecurity (San Francisco Chronicle) Rudy Giuliani’s mixing of his business interests, closeness with President Trump and involvement in government actions involving Ukraine is the subject of much attention as the impeachment case against the president moves toward the Senate. But a Chronicle investigation has found that Giuliani’s blurring of White House and personal business didn’t start with Ukraine. It began in 2017 when Giuliani was named as a White House adviser in an area where he had limited experience but was trying to build a clientele: cybersecurity.
Litigation, Investigation, and Law Enforcement
GitHub, Mozilla, and Cloudflare appeal India to be transparent about changes in its intermediary liability rules (TechCrunch) Microsoft’s GitHub, Mozilla, and Cloudflare have urged India to be transparent about the amendments it is making to an upcoming law that could affect swathes of companies and the way more than half a billion people access information online.
Judge dismisses Monitor, ACLU suit for details of secret police equipment (Concord Monitor) A Merrimack County Superior Court judge has dismissed a suit filed by the American Civil Liberties Union of New Hampshire and the Concord Monitor arguing that the Concord Police Department must reveal more information about secret police technology...
FBI seeks Apple's help unlocking phones of suspected Pensacola gunman (NBC News) Phones thought to belong to the Saudi air force member accused in the deadly attack are password-protected.
()
IT Executive Steals $6 Million, Busted by Word Doc Metadata (BleepingComputer) A former corporate executive for integrated marketing solutions firm Rakuten Marketing swindled roughly $6 million between August 2015 and at least May 2019 using a shell company named Interactive Systems.
Would attacking sites “important” to “Iranian culture” be a “war crime”? (Not always) (Lawfire) Recently, Representatives Alexandria Ocasio-Cortez and Ilhan Omar accused President Trump of “threatening to commit ‘war crimes’ against Iran.” Actually, although international law doe…