Cyber Attacks, Threats, and Vulnerabilities
CIA was behind 11-year cyber campaign against China, claims Qihoo 360 (Computing) China’s Qihoo-360 names former CIA intelligence officer it claims was behind China cyber attacks, linking him to Vault 7 trove of attack tools
()
The CIA Hacking Group (APT-C-39) Conducts Cyber-Espionage Operation on China's Critical Industries for 11 Years (Qihoo 360) U.S.-related hacking group launched cyber-attacks against China
French Firms Rocked by Kasbah Hacker? (KrebsOnSecurity) A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned.
Joint Statement from DOS, DOJ, DOD, DHS, ODNI, FBI, NSA, and CISA on Preparations for Super Tuesday (FBI) The heads of the Department of State, Department of Justice, Department of Defense, Department of Homeland Security, Office of the Director of National Intelligence, Federal Bureau of Investigation, National Security Agency, and Cybersecurity and Infrastructure Security Agency released a joint statement on preparations for Super Tuesday.
Super Tuesday marks first major security test of 2020 (Auburn Citizen) Tuesday’s presidential primaries across 14 states mark the first major security test since the 2018 midterm elections, with state and local election officials saying they are prepared to deal with
The Cybersecurity 202: Super Tuesday will be big test for security of Los Angeles County's new voting machines (Washington Post) Today’s Super Tuesday contest will mark a critical test for the brand new voting machines that Los Angeles County had custom built in the hopes voting could be easy and accessible for its 5.2 million residents.
Some Election-Related Websites Still Run on Vulnerable Software Older Than Many High Schoolers (ProPublica) Our analysis found that websites in dozens of towns and counties voting on Super Tuesday have security weaknesses. Richmond, Va., still uses software from 2003.
February 2020 Coordinated Inauthentic Behavior Report (About Facebook) We're sharing an overview of all the networks we've taken down over the past month as part of regular CIB reports.
Years-Old 'Fox Kitten' Cyber Espionage Campaign Targeting VPN Vulnerabilities Has Given Iran a Global Foothold (CPO Magazine) Newly uncovered cyber espionage scheme shows Iranian hackers using unpatched VPN vulnerabilities as a point of entrance into the networks of government and private sector organizations.
New PwndLocker Ransomware Targeting U.S. Cities, Enterprises (BleepingComputer) Driven by the temptation of big ransom payments, a new ransomware called PwndLocker has started targeting the networks of businesses and local governments with ransom demands over $650,000.
Critical MediaTek rootkit affects millions of Android devices (xda-developers) A critical flaw in MediaTek processors went unpatched in devices due to OEM neglect. Google hopes the March 2020 Android Security Bulletin will fix this.
Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now (BleepingComputer) Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend.
Rail station wi-fi provider exposed traveller data (BBC News) The unprotected database included phone numbers, email addresses, dates of birth and reasons for travel.
()
Lockheed Martin, SpaceX And Tesla Caught In Cyber Attack Crossfire (Forbes) High-profile customers of a Denver-based parts manufacturer have been caught in the crossfire of a cyber attack
DoppelPaymer Ransomware Slams Supplier to Boeing and Tesla (BankInfo Security) Visser Precision, a U.S. manufacturer that supplies Tesla, Boeing and Lockheed Martin, appears to have been hit by the DoppelPaymer ransomware gang, which has begun
Ironpie robot vacuum can suck up your privacy (Naked Security) You might want to unplug this not-so-smart robot: researchers found they can watch video streams piped out from its security camera.
What Does Phishing Have to do with Coronavirus? (The National Law Review) As announcements relaying the spread of Coronavirus (COVID-19) continue daily, governmental agencies at all levels are offering information and guidance, and businesses are scrambling to prepare and p
Checkmarx Research: Smart Vacuum Security Flaws May Leave Users Exposed (Checkmarx) The application security testing world is made up of various different solutions, all with one ultimate aim – to protect software from hackers and attacks.
State-created Mac malware hijacked by ex-NSA hacker (9to5Mac) Security researcher and former NSA hacker Patrick Wardle has demonstrated a way to modify state-created Mac malware to run his own code instead of ...
Siri and Google Assistant hacked in new ultrasonic attack (Naked Security) Researchers have demonstrated how voice assistants can be secretly activated without ever physically touching the device.
This phishing email contains a password-protected file. Don't open it. (ZDNet) Researchers at Palo Alto Networks detail a strange new campaign which tricks users with phoney security and compromises networks.
Fresh phish! Stripe scam baked and delivered in under an hour (Naked Security) Less than an hour after the crooks registered their scamming domain, the phishing attack was under way.
HMRC Scam Calls Surge 234% in a Year (Infosecurity Magazine) UK tax office is a major target for phishers
Data breach potentially impacts hundreds of Brunswick County Schools employees (WWAY TV) The company that administers the Flexible Spending Account plans for Brunswick County Schools had a data breach, which means hundreds of school employees may be affected.
UK Home Office breached GDPR 100 times through botched management of EU Settlement Scheme (ZDNet) ID cards sent to the wrong addresses, third party data disclosures, and lost passports are only some examples of mishandling.
Terabytes Of Stolen Adult Content From OnlyFans Have Leaked (BuzzFeed News) An OnlyFans spokesperson told BuzzFeed News that no breach occurred, but sex workers are outraged.
Legal services giant Epiq Global offline after ransomware attack (TechCrunch) The legal services giant has banks, credit giants, and governments as customers.
()
Walgreens app exposes customer prescription data (CyberScoop) Pharmacy chain Walgreens is alerting customers that their prescription data and other information may have been exposed thanks to a flaw in the company’s messaging app.
Personal information of some Islanders may have been compromised in malware attack, says province (CBC) The province is now calling last week’s previous reported ransomware attack a ‘data breach’ and saying some Islanders personal information may have been compromised.
Carnival Corp units say were hit by cyber attack last year (Reuters) Two units of cruise operator Carnival Corp disclosed on Monday that they were th...
()
Names, birthdays, email addresses of thousands potentially exposed in SFU data breach (Global News) The school is asking students and staff to change their passwords immediately.
Ransomware scare at Spartanburg district one (WSPA 7News) A computer system alert in Spartanburg School District One, described as ransomware, put the I.T. team on high alert.
City of Cartersville Admits Paying Ryuk Ransomware Operators $380,000 (HOTforSecurity) Almost a year after getting infected with ransomware, the City of Cartersville in the U.S. State of Georgia this week admitted to paying ransomware operators $380,000 to unlock its systems. Cartersville reportedly got infected in early May last year when it saw “3... #Cartersville #fbi #Georgia
()
Vulnerability Summary for the Week of February 24, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Spraying cow urine to yoga: Indian politicians are peddling bizarre cures for Covid-19 (Quartz India) Meanwhile, incidence of the disease in the country is on the rise.
Can YouTube Quiet Its Conspiracy Theorists? (New York Times) A new study examines YouTube’s efforts to limit the spread of conspiracy theories on its site, from videos claiming the end times are near to those questioning climate change.
()
Security Patches, Mitigations, and Software Updates
Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla (Naked Security) In all, the update covers five Windows and Linux desktop CVE vulnerabilities, including one rated as critical.
Your Android phone is at risk from a new threat Google accidentally created (Express.co.uk) ANDROID users are facing a new danger and it's been created by Google's recent attempts to stop dangerous apps being available on its Play Store.
Cyber Trends
At RSA: Major Security Themes for 2020 (Facebook Watch) What were the major #security themes + takeaways from #RSAC 2020? We met up with The CyberWire's Dave Bittner, Security Weekly's Paul Asadoorian and Matt...
Report Details Evolving 'Good vs. Evil' Cybersecurity Struggle (Virtualization Review) VMware's new Carbon Black cybersecurity report breaks things down into the most basic of concepts: the eternal cat-and-mouse struggle between 'good' and 'evil,' providing constiutents of the former with advice to defend themselves from those in the latter camp.
()
CrowdStrike Global Threat Report 2020 Reveals Top Adversary Trends (CrowdStrike) Findings from the report indicate that during 2019, financially motivated cybercrime activity occurred on a nearly continuous basis.
Global Threat Report 2020: Forward from George Kurtz (CrowdStrike) Read the forward of 2020 Global Threat Report from CrowdStrike CEO and Co-founder, George Kurtz, and download your copy of CrowdStrike's annual threat report.
Report reveals impact of GDPR on breach detection rates in EMEA (Continuity Central) The international business continuity management news, jobs and information portal
Why small businesses in India should take cybersecurity seriously (Livemint) According to a 2019 study by Accenture, 43% of all cyberattacks worldwide are aimed at SMBs.Startups also feature high the list of potential targets of cyber-criminals
Cyber planners should be carefully watching the coronavirus (TheHill) When it comes to studying viruses, there is a striking amount of overlap between the real and cyber worlds.
Marketplace
Have I Been S0ld? No, trusted security website HIBP off the table, will remain independent (Register) Owner Troy Hunt staying in the saddle after potential deal falls through
Project Svalbard, Have I Been Pwned and its Ongoing Independence (Troy Hunt) This is going to be a lengthy blog post so let me use this opening paragraph as a summary of where Project Svalbard is at: Have I Been Pwned is no longer being sold and I will continue running it independently. After 11 months of a very intensive process culminating
Follow the cybersecurity money (SC Media) Venture capitalists have poured money into cybersecurity in recent years – their investments offer a glimpse at what products, solutions and startups are
Why is China’s Huawei building a factory in France? (South China Morning Post) The Shenzhen-based company announced plans to invest US$219 million in a French factory that will serve its European customers even as the US tries to shut the firm out of Europe.
Can Huawei ease 5G security concerns with a European factory? (Abacus) Huawei is building a new factory in France for 4G and 5G equipment, bringing it closer to the continent where it has more than half of its 5G contracts
Sophos Eyes More M&A After Close Of $3.9 Billion Thoma Bravo Deal (CRN) Sophos plans to continue pursuing strategic acquisition opportunities in emerging technologies following the $3.9 billion sale of the SMB platform security stalwart to Thoma Bravo.
Sophos opens new chapter with take-private acquisition (Sophos News) Accelerating the next-gen transition to deliver enhanced cybersecurity solutions for our customers
As RSA opens a new chapter, Rohit Ghai sees security's strength in the human element (SiliconANGLE) When it chose “Human Element” as the central theme of its annual U.S. conference, RSA Security LLC must have gazed deep into a crystal ball and foreseen the near-term future.
SASE Adoption Grows as Cato Networks Reports 220% Increase in 2019 Bookings (Cato Networks) SASE Adoption Grows. 70% of Cato customers chose a Cato SASE solution of SD-WAN with built-in advanced security. Cato also more than doubled the mobile VPN licenses sold with SD-WAN.
Mindshare Announces 2020 Cohort (PRWeb) Mindshare, an exclusive organization designed for CEOs of the most promising high tech companies in the Washington, DC metropolitan area, announces the members
The Crypsis Group Named Hot Security Company of the Year in the 16th Annual Info Security PG's 2020 Global Excellence Awards® (PR Newswire) The Crypsis Group, a leading incident response, risk management and digital forensics firm, today announced that Info Security Products Guide,...
Zyxel receives 20-year award for security from ICSA Labs (Information Age) Zyxel has joined Microsoft and Check Point in receiving a 20-year Award for Excellence in Information Security Testing (EIST) from ICSA Labs
Brinqa Cyber Risk Management Platform Named Winner of Three InfoSec Awards During Last Week’s RSA Conference 2020 (Yahoo) Brinqa™, a leader in Cyber Risk Management, today announced that it won three InfoSec Awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information magazine. Brinqa Cyber Risk Management Platform won the Best Product Award in Risk Management, the Cutting Edge Award in Vulnerability
Digital Guardian Wins SC Media 2020 Trust Award for Best DLP Solution (Yahoo) Digital Guardian today announced that the DG Data Protection Platform has been recognized as a Trust Award winner in the "Data Loss Prevention (DLP) Solution" category for the 2020 SC Awards.
Menlo Security Moves to Larger Headquarters to Accommodate Growth! (Menlo Security) We’re excited to announce that, because of remarkable growth over the last seven years, Menlo Security is expanding. This is a reflection of what we’re doing and have been doing—relentlessly focusing on 100 percent safe protection from malware to give our customers peace of mind with their most valuable data and intellectual property.
Maersk prepares to lay off the Maidenhead staffers who rescued it from NotPetya super-pwnage (Register) Staff found out after seeing their own jobs advertised in India
Products, Services, and Solutions
Proact signs multiyear managed services contract with SBU (Cision) The Swedish Agency for Health Technology Assessment and Assessment of Social Services (SBU) has...
AVG AntiVirus for Mac review: A good free option (Macworld) AVG AntiVirus for Mac offers free protection that covers just the basics.
Orange Egypt launches cloud computing services with Huawei (Telecompaper) Orange Egypt has announced the inauguration of a data centre for cloud computing services, Orange Business Cloud, in Alexandria in cooperation with Huawei.
5 standout products from RSA 2020 (CSO Online) 2020 will be remembered as the year the human element finally came to security.
FIME launches Smartspy+ to evaluate any transaction, anywhere (FIME) FIME has launched its new Smartspy+ solution to support the adoption of contact and contactless transaction technologies for payments, transport and access control.
Technologies, Techniques, and Standards
New cybersecurity labelling scheme for connected devices to be launched this year (CNA) SINGAPORE: A new cybersecurity labelling scheme to help consumers make informed purchasing choices about network-connected smart devices will be ...
Navy tries to fix its woefully antiquated information technology (IT), cyber security, and networks (Military & Aerospace Electronics) Designed in the 1990s, the Navy’s network structures open lanes of vulnerability for adversaries who can get into the networks and wreak havoc.
CAA focuses on cybersecurity with introduction of ASSURE (Advance) Nettitude have recently announced a new accreditation with the Civil Aviation Authority (CAA) and Crest called ASSURE, the introduction of which provides a new cybersecurity audit model for third parties providing services to the aerospace industry.
'Kr00nk' bug has made over 1B devices vulnerable. This is how to protect yours (azcentral) The "Kr00k" bug impacts any Wi-Fi-enabled device that uses chips made by either Broadcom or Cypress.
Cybersecurity ‘Hygiene’ for Lawyers (New York Law Journal) In his State E-Discovery column, Mark A. Berman writes: The prevalence of “hacking,” “ransomware” and “phishing” attacks, scams and other unauthorized digital intrusions demonstrates the need to use reasonable and appropriate technology to safeguard confidential and privileged information.
Go Hack Yourself (ABA Banking Journal) Banks fight hacking by emulating attacks—and even inviting white-hat hackers in.
Keys to Building High Performing Teams (SIGNAL Magazine) Team culture and staff attitude and aptitude are factors.
Kentucky’s cyber protection team wraps up first deployment. (DVIDS) A unique unit within the Kentucky National Guard has returned from the Washington D.C. area after spending the last year conducting cyberspace operations in support of US Cyber Command.
The 13-member unit is a part of the 175th Cyber Protection Team, which consists of Soldiers from Alabama, Tennessee, and Kentucky. They joined other states in rounding out an organization called Task Force Echo.
Design and Innovation
Cyber toolkit a 'complete package' for detectives, companies (EurekAlert!) Purdue cybersecurity experts developed the all-in-one toolkit, called the Toolkit for Selective Analysis and Reconstruction of Files (FileTSAR), to help detectives solve cybercrimes.
Research and Development
The Untold Story of the Man That Made Mainstream Encryption Possible (Medium) Meet Whit Diffie, the man who invented public key cryptography and brought encryption to the masses
Academia
Exabeam Cybersecurity Scholarship Program Is Open For Applications (The University Network) Cybersecurity company Exabeam is now accepting applications for its Exabeam Cybersecurity Scholarship Program. The company is seeking to award three scholarships totalling $8,000: $5,000 for the first
UW-River Falls to launch cybersecurity master's program (RiverTowns) The UW System Board of Regents has approved the creation of a 12-course, 34-credit online master’s program in cybersecurity — a collaborative effort by UW-River Falls, UW Extended Campus and seven other universities in the system.
Legislation, Policy, and Regulation
A Cyberspace ‘FIFA’ to Set Rules of the Game? UN States Disagree at Second Meeting (Council on Foreign Relations) In mid-February, country representatives convened at the United Nations to hold the second formal meeting of the Open-Ended Working Group on international cybersecurity.
A Cyberspace ‘FIFA’ to Set Rules of the Game? UN States Disagree at Second Meeting (Council on Foreign Relations) In mid-February, country representatives convened at the United Nations to hold the second formal meeting of the Open-Ended Working Group on international cybersecurity.
US Doubles Down International Efforts to Contain North Korean ‘Malign Cyber Activities’ (Sputnik) According to a Trump administration official, Washington is renewing efforts to hem in Pyongyang’s “malign cyberactivities,” sharing intelligence with its allies to put additional pressure on the North Korean government as negotiations seem unlikely to be revived.
Senior administration officials warn of foreign influence campaigns ahead of Super Tuesday (TheHill) The leaders of eight federal agencies on Monday jointly urged the public to be vigilant of foreign influence operations around the presidential primaries ahead of Super Tuesday, also emphasizing the federal government’s coordination in defending a
US warns foreign actors: Stay out of Super Tuesday or 'face sharp consequences'
(ABC News) Top officials across the U.S. government on Monday issued an unusual joint warning to 'foreign actors' to stay out of the Super Tuesday primaries.
Defense Officials Prepare for ‘Super Tuesday’ (MeriTalk) As the U.S. prepares for the 2020 presidential primary’s “Super Tuesday,” officials from the nation’s defense agencies are trying to quell election security concerns.
Bill to help small telecoms excise Huawei goes to Trump (Bozeman Daily Chronicle) The Senate has passed a bill to provide $1 billion for small telecom providers to replace equipment made by China's Huawei and ZTE, sending the measure
Low federal funding to replace Huawei and ZTE equipment could force rural telecoms to find partners (Business Insider) The US Senate's "rip and replace" bill provides only $1 billion to cover the cost of replacing Huawei and ZTE equipment on rural networks.
Did Trump just box in the Senate? (NBC News) The Senate must confirm as DNI a Texas congressman who inflated his resume, or leave in place an acting director without significant intel experience.
Cape Girardeau city council approves funding to pay for January cyber attack (KFVS) The City Council approved up to a half-a-million dollars from the city’s emergency fund to pay for expenses related to the January cyber attack on city services.
Litigation, Investigation, and Law Enforcement
Coder charged in massive CIA leak portrayed as vindictive (Washington Post) A software engineer on trial in the largest leak of classified information in CIA history was “prepared to do anything” to betray the agency, federal prosecutors said Monday as a defense attorney argued the man had been scapegoated for a breach that exposed secret cyberweapons and spying techniques.
How to gather cyber threat intelligence from dark markets without breaking US law (Help Net Security) The U.S. DOJ has released guidelines for orgs that want to gather cyber threat intelligence but want to stay on the right side of the law.
Why Threat Intelligence Gathering Can Be a Legal Minefield (Dark Reading) In new guidance, the Department of Justice says security researchers and organizations run real risks when gathering threat intelligence or dealing with criminals in underground online marketplaces.
Exclusive: Newly obtained documents show Huawei role in shipping prohibited U.S. gear to Iran (Reuters) China’s Huawei Technologies, which for years has denied violating American trade...
US charges two Chinese nationals for laundering cryptocurrency for North Korean hackers (ZDNet) UPDATE: The Department of Justice has also indicted the two Chinese nationals on money laundering-related charges.
ACLU Sues to End ICE’s Rigged Algorithm for Detaining Immigrants (The Intercept) ICE is using an algorithm to determine whether detainees should be released or not, but eliminated options for both release and bond.
Judge orders Hillary Clinton deposition in email flap (POLITICO) The former secretary of state's sworn written answers were "incomplete, unhelpful, or cursory," Lamberth says.
()
'Hit piece': Devin Nunes sues <i>Washington Post</i> for $250M over Russia intelligence briefing story (Washington Examiner) Rep. Devin Nunes filed a lawsuit for $250 million in damages against the Washington Post and intelligence reporter Shane Harris, alleging that a story from the paper related to a classified House Intelligence Committee briefing on Russian interference amounted to defamation.
FedEx Tries To Shake Derivative Suit Over Cyberattack (Law360) FedEx, its executives and board of directors told a Delaware federal judge they should be excused from a shareholder derivative suit over a 2017 cyberattack, arguing the investors never raised concerns to the board that the company was downplaying the impact of the hack.
Apple faces lawsuits after admitting to slowing down older iPhones (The Telegraph) Apple faces two class action lawsuits claiming that it deceived customers using an "immoral" tactic to slow down older phones.
Detectives investigate data breach at Jefferson County School District (KMOV.com) The Jefferson County Sheriff's Office is trying to determine the full extent of a data breach at the Hillsboro R-3 School District, but believe there could