Cyber Attacks, Threats, and Vulnerabilities
The Cybersecurity 202: Officials fear coronavirus could be next front in election interference (Washington Post) U.S. officials fear adversaries might weaponize public fears about coronavirus ahead of Super Tuesday to spread disinformation, amplify rumors and tamp down voter turnout.
TA505 hacking crew spent much of 2019 trying to breach South Korea's financial sector (CyberScoop) TA505, a gang of hackers with a long history of financially motivated attacks, increased its targeting of businesses in South Korea last year.
A parts manufacturer for SpaceX and Tesla says it was hacked (TechCrunch) Exclusive: The ransomware group have published some of the stolen files.
What to know about cyberattacks targeting energy pipelines (TheHill) The Department of Homeland Security (DHS) this past month disclosed a disruptive cyberattack on a U.S.
Hackers are actively exploiting zero-days in several WordPress plugins (ZDNet) There's quite the WordPress p0wnage going on right now.
Windows 10 ActiveX control hacked to execute TrickBot dropper (SC Magazine) Hackers are exploiting a Windows 10 ActiveX control to download a malware downloader called Ostap, which has been used by TRickBot for delivery of malicious macros as part of phishing campaign
Here’s the File Clearview AI Has Been Keeping on Me, and Probably on You Too
(Vice) We used the California Consumer Privacy Act to see what information the controversial facial recognition company has collected on me.
Apple Just Disabled Clearview AI's iPhone App For Breaking Its Rules On Distribution (BuzzFeed News) A BuzzFeed News analysis of Clearview AI’s app for Apple’s mobile operating system found that the company had been violating the iPhone maker’s rules to distribute its apps to law enforcement agencies
A high school student created a fake 2020 candidate. Twitter verified it (CNN) Andrew Walz calls himself a "proven business leader" and a "passionate advocate for students." Walz, a Republican from Rhode Island, is running for Congress with the tagline, "Let's make change in Washington together," or so his Twitter account claimed.
It’s older than you think: ‘Russian collusion’ has been a political weapon since the Cold War (RT International) The “Russian collusion” trope didn’t just spring to life with US President Donald Trump in 2016 – accusations of taking help from the evil Russkies have dogged candidates who buck the establishment since the 1960s.
Google says Microsoft Edge isn't secure. I asked Google why (ZDNet) Is Google a touch upset about Microsoft's new browser? Then again, why does Microsoft insist apps from the Google Chrome web store mess up Edge? I asked both companies.
Cyber attack hits wool industry, affecting internationally used software (RNZ) Cyber attack hits wool industry, affecting software used widely across NZ, Australia and South Africa
Don't run your 2FA authenticator app on these smartphones (Tom's Guide) Apps like Google Authenticator are only as safe as the devices they run on
PUBG developer apologizes for myriad issues amid fight against DDoS attacks (Digital Trends) PUBG Corp. published an apology to players for the myriad issues that have plagued PlayerUnknown’s Battlegrounds for the past few months, which were partly due to the developer’s ongoing fight against DDoS attacks.
Cyber Attack Targets City Of Torrance (CBS 2 Los Angeles) City officials said no "public personal data" was impacted.
Security Patches, Mitigations, and Software Updates
Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products (ZDNet) There are no workarounds for the Wi-Fi communications bug.
The Long Path out of the Vulnerability Disclosure Dark Ages (Wired) Letting a company know about flaws in their products has gotten easier since 2003—but not by much.
Cyber Trends
Security tools still among the fastest-growing apps in corporate America (CyberScoop) More of the tools used throughout the private sector are ones that help company staffers better manage or prevent security incidents.
8 out of 10 businesses don't have cyber-attack insurance (Consultancy) With the rise of cyber-crime now costing firms in the UK billions, many companies have sought to upgrade their defences against hostile outsiders.
Exploitation, Phishing Top Worries for Mobile Users (Dark Reading) Reports find that mobile malware appears on the decline, but the exploitation of vulnerabilities along with phishing has led to a rise in compromises, experts say.
Marketplace
Coronavirus: The Unexpected Human Element at RSA Conference 2020 (Government Technology) Fears of the coronavirus made the recent RSA Conference in San Francisco different than any previous security conference. Here are RSAC 2020 details and future questions.
Intelligent Security Operations Center (Defense Innovation Unit) The DoD seeks an innovative commercial solution that can harness the power of AI/ML to drastically reduce the time it takes for cyber operators to address malicious activity on the DODIN by acting as a “virtual tier one operator.”
WSJ News Exclusive | Huawei Seeks Advisers for U.S. Image Makeover (Wall Street Journal) Under fire from the Trump administration, China’s Huawei Technologies has approached high-profile figures in Washington to try to turn around negative perceptions of the company.
Huawei Makes End-Run Around U.S. Ban by Using Its Own Chips (Yahoo) (Bloomberg) -- Huawei Technologies Co., the Chinese technology giant barred from doing business with U.S. suppliers, is finding a way around the strict limits imposed by the Trump administration.The Commerce Department, citing national security concerns, has largely forbidden American companies from
ZTE eyes China gain from Nokia pain (Light Reading) Still alive and kicking after its run-in with US authorities, the Chinese vendor can look forward to some home comforts this year.
()
Sophos Announces Completion of Take-Private Acquisition by Thoma Bravo (Globe Newswire) Sophos, a global leader in next-generation cybersecurity, today announced the completion of its acquisition by Thoma Bravo, a leading private equity firm focused on the software and technology-enabled services sectors, in a cash transaction that values Sophos at approximately $3.9 billion. The acquisition offer was announced on Oct. 14, 2019.
Singer’s Elliott Seeks to Replace Twitter CEO Dorsey (Bloomberg) Elliott has nominated four directors for Twitter’s board. Hedge fund has had ‘constructive discussions’ with company.
DivvyCloud Ranks No. 18 on Inc. 5000 Series: D.C. Metro Fastest Growing Companies List - DivvyCloud (DivvyCloud) Also Named Most Innovative Cloud Security Product in Info Security PG’s 2020 Global Excellence Awards DivvyCloud, the leading provider of security and compliance automation for cloud and container environments, was ranked number 18 on Inc. magazine’s 5000 Series: D.C. Metro list, … Read more
A parody Twitter account hits a nerve with Silicon Valley VCs (Protocol) Investors either are loving or blocking @VCBrags, which retweets investors' best brags.
Military Hire and TECHEXPO Top Secret Enter into Partnership Agreement (Military Hire) Military Hire, a holding of The SaaS Factory, signed a partnership agreement with TECHEXPO Top Secret. TECHEXPO is the Nation’s premier producer of professional job fairs, primarily for those with an active Security-Clearance and Cyber Security industry experience.
()
()
Products, Services, and Solutions
Check Point unveils encyclopaedia to explain techniques used by malware to detect virtual environment (Computing) A virtual environment differs from common host systems in terms of registry keys, non-common files, and system objects
Forcepoint enables flexible enterprise security transformation (TahawulTech.com) Forcepoint has announced the a new enterprise licensing programme, which delivers cost-effective and flexible all-inclusive security subscription services.
()
()
Heimdal Thor Has Your Back Online, And Its Services Are Over 80 Percent Off Now (ExtremeTech) Cover your bases online without breaking the bank.
Raytheon Collaborates with IronNet on Cyber Defense for Critical Infrastructure (Thomas) Raytheon Collaborates with IronNet on Cyber Defense for Critical Infrastructure - Raytheon Co.
McAfee MVISION adds unified cloud edge capabilities for visibility in and out of the cloud (SiliconANGLE) McAfee MVISION adds unified cloud edge capabilities for visibility in and out of the cloud
Forcepoint announces three new integrations with AWS Security Hub (Security Brief) The collaboration will help users consolidate their high priority alerts across their AWS accounts, says Forcepoint.
GroupSense and Grant Thornton Announce Technology Alliance (PR Newswire) GroupSense, a digital risk protection company, and Grant Thornton LLP, one of the nation's largest audit, tax and advisory firms, have teamed...
HID Global Unveils Signature Line of Readers, HID Signo; Unlocks A New World of Open, Connected and Adaptable Access Control (AP NEWS) HID Global, a worldwide leader in trusted identity solutions, today announced the launch of HID ® Signo TM, its signature line of readers that creates a new industry benchmark for the most adaptable, interoperable and secure approach to access control.
Technologies, Techniques, and Standards
After DISA breach, experts say US agencies must stop lateral movement of hackers (TechRepublic) Attackers shouldn't have been able to remove sensitive data like Social Security numbers from military networks, according to cybersecurity experts.
Design and Innovation
A portless iPhone is starting to make a lot of sense (iMore) We take a look at some recent news stories which could point to a portless future for the iPhone.
()
Amazon, Microsoft, and IBM are under pressure to follow Google and drop gender labels like ‘man’ and ‘woman’ from their AI (Business Insider Singapore) Researchers have found AI tools often misclassify people's gender — especially if they're women of color.
Research and Development
Verizon transports 800 Gbps of data across a single wavelength on fiber (Verizon) Verizon continues technology innovation to prepare for an explosion in data generation from enterprise and consumer 5G applications
Inside the race to build the best quantum computer on Earth (MIT Technology Review) IBM thinks quantum supremacy is not the milestone we should care about.
Academia
Rubio Seeks Grant Program Review After Harvard Professor Charged Over China Ties (Wall Street Journal) U.S. Sen. Marco Rubio is asking the Small Business Administration to provide details on how it ensures that recipients of grants for high-tech startups don’t have improper ties to foreign entities.
()
University of Illinois Takes Top Honors at Sixth Annual Deloitte Foundation Cyber Threat Competition (PR Newswire) A team of students from University of Illinois won the 2020 Deloitte Foundation Cyber Threat Competition after presenting the best analysis and...
Legislation, Policy, and Regulation
Norm-Skepticism in Cyberspace? Counter-factual and Counterproductive (Just Security) Leading expert on international law and cyber responds to statement by Chief of US Naval Operations, Admiral Mike Gilday on international norms in cyberspace.
()
The Need for a 'Collective Defense' (BankInfo Security) Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the
Taiwan accuses China of waging cyber 'war' to disrupt virus fight (Reuters) Taiwan's foreign minister on Saturday accused giant neighbor China of wagin...
China’s 5G tech is a national security issue ... or is it a trade one? (C4ISRNET) How the Trump administration has approached banning Huawei’s technology for 5G networks has raised a question at the annual RSA Conference: Is the decision rooted in national security issues or trade issues?
US postpones meeting on potential measures to restrict Huawei from using American technology (Computing) The meeting is now expected to be postponed on 11th March
U.S. moves high-level U.S. meeting on China tech, possible new Huawei curbs to March: sources (Reuters) Trump administration officials have rescheduled for March 11 a critical meeting ...
Senate passes bill providing $1 billion for rural telecom networks to replace Huawei (ABC7 San Francisco) The Senate passed a bill that would provide $1 billion for rural telecom companies to replace equipment from Chinese tech giant Huawei.
A Democratic president could have a big impact on the tech industry — here's where the candidates stand on important tech issues (CNBC) The democratic presidential candidates have shared their views on issues like breaking up Big Tech, antitrust, online privacy and net neutrality.
Key House Democrat criticizes DHS for not submitting election security report on time (TheHill) House Homeland Security Committee Chairman Bennie Thompson (D-Miss.) on Friday raised concerns around the Department of Homeland Security’s (DHS) failure to submit a congressionally mandated election security report
Former NATO chief has 3 tips to secure 2020 election (Fifth Domain) Adm. James Stavridis has suggestions for the public and politicians.
West Virginia backtracks on using smartphone voting app in state primary (NBC News) Voters with disabilities will instead be able to use a system that prints out their completed ballot, which they can then mail in.
Senate Commerce Committee Is Cooking Up a Bill to Support Cyber Grand Challenges (Nextgov.com) Presidential advisers want their cybersecurity “moonshot” to become more than just another report gathering dust.
The future of defense contractor cybersecurity standards (Fifth Domain) Katie Arrington, CISO for the Office of the Under Secretary of Defense for Acquisition and czar for the new Cybersecurity Maturity Model Certification, told Fifth Domain her thoughts on CMMC's “constant state of evolution.”
For information operations, Air Force wants integration (C4ISRNET) The Air Force’s new information warfare command will open an operations center in March as part of a broader effort to better integrate the service’s information-related capabilities.
The Navy’s fleet-footed plan for hardening networks (C4ISRNET) NAVWAR Commander Rear Adm. Christian “Boris” Becker shares how a mindset change is speeding up how data feeds preparedness and how he envisions the information warfare enterprise moving forward.
Trump again nominates Rep. John Ratcliffe to be director of national intelligence (Washington Post) President Trump announced Friday that he would nominate Rep. John Ratcliffe as the next director of national intelligence, turning to a vocal political ally after dismissing his previous acting intelligence director amid new questions of election interference by Russia.
Litigation, Investigation, and Law Enforcement
Switzerland Files Criminal Complaint Over Crypto Spying Scandal (New York Times) The Swiss government has filed a criminal complaint over the U.S. Central Intelligence Agency's alleged use of a cryptography company as a front to spy on various governments' secret communications, the Swiss attorney general's office said on Sunday.
La lettre d’Europe: la Suisse, le pays où les espions sont les bienvenus (Le Soir Plus) L’affaire Crypto AG éclate au grand jour dans un pays très réputé pour son industrie du chiffrement.
FCC seeks $200M in total fines against top wireless carriers (Axios) FCC investigated wireless companies' sharing of customers location data.
T-Mobile Vows to Fight FCC Fines for Location Sharing (Wall Street Journal) Federal telecom enforcers told the top U.S. cellphone carriers to pay more than $200 million in penalties for allegedly mishandling sensitive location data, a punishment at least one company vowed to contest.
Leidos could net $100M-plus from Apple after Supreme court ruling (Washington Business Journal) A recent ruling in the decadelong case could soon net Leidos Holdings Inc. more than $100 million, but even the company is not holding its breath.
Opinion: Gantz, criminal fraud and his failed company Fifth Dimension (WIN) A competent police investigation will demonstrate whether Gantz and other senior personnel in the company participated in any alleged wrongdoing.
With Online Revenge Porn, The Law Is Still Catching Up (Law360) The law is still lagging behind the rise of nonconensual pornography — explicit images distributed online without the subject’s consent — and it’s forcing attorneys to get creative so victims can have some peace.