Cyber Attacks, Threats, and Vulnerabilities
Analysis | The Cybersecurity 202: Los Angeles county voting machine breakdown sparks concerns about November (Washington Post) Politicians are fuming: Hundreds of millions were spent on the custom machines.
Facebook purges hundreds of fake accounts from state actors, marketers (Naked Security) It removed 5 networks engaged in foreign or government interference in Egypt, India, Russia, Iran, and Myanmar/Vietnam. Some targeted the US.
Hackers Target Companies With Coronavirus Scams (Wall Street Journal) Criminals are using concerns about the coronavirus epidemic to spread infections of their own. They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.
Putin says Russia targeted from abroad by fake news on coronavirus (Reuters) Russia has been targeted from abroad by foes spreading fake news about the coron...
Microsoft OneNote Used To Sidestep Phishing Detection (Threatpost) A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger.
Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns (ZDNet) The RAT’s core functions remain the same but it is unusual that the malware has been rehashed over so many years.
T-Mobile Notifying Customers of Data Breach (SecurityWeek) T-Mobile is sending notifications to its customers to inform them of a data breach that resulted in some of their personal information being compromised
J.Crew says a hacker accessed customer accounts (TechCrunch) The clothing giant took almost a year to disclose the security incident.
J.Crew Disables User Accounts After Credential Stuffing Attack (BleepingComputer) US clothing retailer J.Crew announced that it was the victim of a credential stuffing attack around April 2019 that led to some of its customers' accounts and information being accessed by hackers.
Ryuk ransomware hits Fortune 500 company EMCOR (ZDNet) Company expects the incident to have an impact on its 2020 earnings, according to its 2019 Q4 financial report.
Ryuk ransomware attack forced industrial conglomerate EMCOR to shut down IT systems (Computing) The industrial giant claims that the Ryuk ransomware attack took place in mid-February
BREAKING NEWS: Carriers notified of hacker data breach of TQL’s IT systems (FreightWaves) Carriers were notified Thursday morning that hackers breached TQL’s IT systems and may have gained access to customers’ business information.
Tesco Issues 600,000 New Clubcards After Brute Force Attack (Infosecurity Magazine) It’s believed hackers used previously breached credentials
Boots halts Advantage Card payments (BBC News) Attackers using stolen passwords have tried to access Boots accounts, the company says.
Zero-Day Bug Allowed Attackers to Register Malicious Domains (BleepingComputer) A zero-day vulnerability impacting Verisign and several SaaS services including Google, Amazon, and DigitalOcean allowed potential attackers to register .com and .net homograph domain names (among others) that could be used in insider, phishing, and social-engineering attacks against organizations.
EternalBlue Longevity Underscores Patching Problem (Dark Reading) Three years after the Shadow Brokers published zero-day exploits stolen from the National Security Agency, the SMB compromise continues to be a popular Internet attack.
'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc (Register) Although exploitation is like shooting a lone fish in a tiny barrel 1,000 miles away
Cybercriminals are Increasingly Turning to Ransomware as a Secondary Source of Income (Security Magazine) Cybercriminals are increasingly turning to ransomware as a secondary source of income, says a new FireEye report.
Can You Really Hire a Hit Man on the Dark Web? (New York Times) A collection of online stores offer murder for pay. Researchers say they are scams, but people who want someone dead aren’t listening.
Nunavut government has spent $5M to cope with November ransomware attack (Nunatsiaq News) The Government of Nunavut has so far spent just over $5 million to deal with the ransomware attack that knocked out its computers on Nov. 2, says the
APWG Year-End Report: 2019 A Roller Coaster Ride for Phishing (PhishLabs) APWG’s Q4 report shows ups and downs for 2019 phishing attacks, with SSL sites, web email, social media and BEC as the top trends.
Kaiser Permanente Ventures and Mayo Clinic Invest in Ordr (PR Newswire) Ordr, the leader in security for enterprise IoT and unmanaged devices, today announced funding from Mayo Clinic and Kaiser Permanente Ventures....
Lockheed Martin Ventures and NextGen Venture Partners Invest in RunSafe Security (RunSafe Security) Lockheed Martin Ventures and NextGen Venture Partners Invest in RunSafe Security RunSafe’s patented process immunizes software across build and deploy toolchains MCLEAN, VA. – March 5, 2020 – RunSafe…
Huawei Rides on Indigenously Built Chips: Must Rivals Worry? (Yahoo) According to a Bloomberg report, China-based telecommunications equipment manufacturer Huawei is gradually finding its feet amid U.S. trade restrictions by ramping up its capabilities and developing various key components on its own.
Two incumbents join five newcomers on $990M defense intel contract (Washington Business Journal) Six area contractors will compete for task orders on the Defense Intelligence Agency's DORE2 contract.
These companies will be kings in the cybersecurity industry as consolidation takes hold (MarketWatch) Thirty-six thousand cybersecurity professionals attended the RSA conference in San Francisco last week, with a full roster of executive keynotes and four...
Mimecast Named a Strong Performer in Security Awareness and Training Solutions Report from Leading Analyst Firm (Globe Newswire) Mimecast Recognized for its Viral Videos, Real-world Testing, and Risk Scoring
Endace Wins Big in Cyber Defense Magazine and Info Security Products Guide Awards (RealWire) EndaceProbe Analytics Platform receives ten awards including Best Security Hardware, Best Packet Capture Product, Most Innovative Security Hardware, and Best Network Security and Management
EndaceProbe Analytics Platform receives ten awards including Best Security Hardware, Best Packet Capture Product, Most Innovative Security Hardware, and Best Network Security and Management
Enveil Opens UK Office To Advance Its ZeroReveal® Privacy Enhancing Technology Solutions (Globe Newswire) U.S.-based data security company expands global footprint to enable critical PET business functions
Infosys Opens Cyber Defense Center in Indy (Inside Indiana Business) An India-based digital services and consulting company is continuing to grow in central Indiana. Infosys (NYSE: INFY) has cut the ribbon on its new Cyber Defense Center in downtown Indianapolis. Locat
Anchin, Block & Anchin LLP Expands Firm's Cybersecurity Practice - Tab Bradshaw Joins as New Leader of Redpoint Cybersecurity LLC (Benzinga) Anchin is pleased to welcome Tab Bradshaw to the firm as Chief Operating Officer of its affiliate, Redpoint Cybersecurity. Redpoint...
BlackBerry Appoints Marjorie Dickman to Chief Government Affairs and Public Policy Officer (BlackBerry) BlackBerry Limited deepened its executive bench today with the appointment of Marjorie Dickman as the company’s first Chief Government Affairs and Public Policy Officer.
Ex-CISO of cryptocurrency exchange Gemini joins cybersecurity firm Horangi (The Business Times) THE former chief information security officer (CISO) of Gemini, Jim Rouse, has joined cybersecurity startup Horangi's ranks as its vice-president of cyber operations. Read more at The Business Times.
Coalfire Security Pros Named To HITRUST® Assessor Council (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, announced today that two of its healthcare security specialists, Zach...
SolarWinds welcomes Chrystal Taylor to Head Geeks group (ITBrief) Head Geeks share expertise in all areas of IT such as DevOps, security, networking, database, and more.
Guy who named 'BlueKeep' Windows flaw joins Microsoft Threat Protection (ZDNet) Microsoft gains a cybersecurity expert who thinks too much snake oil is being sold by cybersecurity vendors.
Products, Services, and Solutions
Announcing: Hysolate + CyberArk Integration to Protect Privileged Users from Cyber Threats (Hysolate) CyberArk Integration to Protect Privileged Users from Cyber Threats - Hysolate
Forescout Announces Strategic Partnership with Medigate to Reduce Risk of Medical IoT Devices (Globe Newswire) Forescout integrates with and resells Medigate to provide specific focus on device identification, security and operational management for health delivery organizations (HDO’s)
Verizon Business expands security portfolio with new solutions to help combat cybercrime (Verizon) Verizon Business is expanding its security portfolio with new security solutions to help businesses better protect themselves against cybercrime
Active Navigation’s Data Privacy Software Helps to Strengthen Equifax’s Cybersecurity Footprint (PR Web) Investments in new technologies help Equifax protect sensitive data
Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT (Security Intelligence) The combination of digital transformation and the "Internet of Everything" is reshaping the modern landscape of OT, IoT and IoMT, meaning threat management must evolve in response.
IBM’s Public Cloud Is Secure Enough for Crypto Custodians (CoinDesk) Announced Tuesday, the latest offering from Onchain Custodian is hosted entirely on Big Blue’s banking-grade public cloud.
Winning the war on security with Microsoft Teams (Technology Record) Store staff represent the frontline of a retailer’s brand. They’re the first point of contact for customers, and how they deliver their service can directly influence how consumers feel about certain stores. But it’s often overlooked that store staff are also the frontline of security, thanks to the sensitive information that’s shared among teams.
Cisco, Microsoft team to control growing IoT networks (Network World) Cisco will meld its recently released Intelligent Edge software with Microsoft’s Azure IoT Hub to make transferring data from edge devices to applications in the Azure cloud simpler.
A free, new tool can keep companies from tracking you online (CNET) Exclusive: Browser makers can and will use a carefully created and now freely shared list of companies that track your online activity.
Technologies, Techniques, and Standards
U.S. Cyber Officials Monitor Voting Amid Russian Disinformation Campaign (Time) Officials from four national security agencies monitored the presidential primaries for signs of foreign interference on Super Tuesday.
Ex-NSA Director Makes the Case for Collaboration (BankInfo Security) Retired General Keith Alexander knows a thing or two about building defenses. As the president of IronNet Cybersecurity, the ex-NSA director is now calling for
NCSC: Secure your webcams now (Naked Security) We don’t want to see what you do behind closed doors, but lots of hackers would be happy to pull up a chair to view that video stream.
GCHQ's infosec arm has 3 simple tips to secure those insecure smart home gadgets (Register) UK.gov tries the KISS approach to infosec advice for the public
How to avoid falling victim to a cyber attack (The Sydney Morning Herald) Our financial institutions are receiving an ever-increasing number of sophisticated cyber attacks, serving as a warning for consumers to ensure they are doing everything they can to protect their accounts.
A Brief History of Securing the Hybrid Cloud (CyberArk) As more organizations start using hyrbid cloud technology, it's important for them to be able to enforce enterprise-wide security across all environments.
Executing Keyboard Injection Attacks (Black Hills Information Security) Ray Felch // Preface: Following the work of the Bastille Research Group (See: https://github.com/BastilleResearch/mousejack), I was interested in knowing if these (keyboard injection) vulnerabilities were still valid. To my surprise, I was able to duplicate the attack on an inexpensive Logitech keyboard that I already had in my possession. This keyboard (Logitech K400r) is still …
Essentials for Building an Identity Management System (Built In) Identity is having a moment. Here’s what that means for developers and enterprises.
Design and Innovation
Devices on 5G networks demand differentiated security solutions (Help Net Security) While mobile phones will consume the bulk of the data, the number and variety of devices connected via 5G technology is likely to pose security threats.
Twitter is testing ephemeral tweets in Brazil and calling them "fleets" (The Verge) Snapchat Stories finally arrive on Twitter.
Research and Development
Swimlane Patent Validates SOAR as an Enabler Across all Security Use Cases (Yahoo) Swimlane today announced it has been granted US Patent 10,552,615, "Threat Response Systems and Methods."
Next Generation of Cyber Security Professionals Compete in National CyberCenturion Final (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) welcomed 60 young finalists to compete for the title of this year’s UK national CyberCenturion VI champions. In partnership with Cyber Security Challenge UK, CyberCenturion is a sister...
Big payday for USF’s new cybersecurity leader. But no national search. (Tampa Bay Times) The University of South Florida provost says J. Michael “Mike” McConnell, a 76-year-old former national security official, is by far the best choice to lead Cyber Florida.
Legislation, Policy, and Regulation
German BSI Tells Local Govt Authorities Not to Pay Ransoms (BleepingComputer) BSI, Germany's federal cybersecurity agency, recommends local governments and municipal institutions not to pay the ransoms asked by attackers after they get affected by ransomware attacks.
Parliament: New SG Cyber Talent initiative to groom 20,000 people for cyber-security roles (The Straits Times) A new SG Cyber Talent initiative will reach out to more than 20,000 people, some of whom will be groomed and talent-spotted for cyber security over the next three years.. Read more at straitstimes.com.
New Bill to prepare Australian law enforcement for the US CLOUD Act (ZDNet) The Telecommunications Interception Access Act amendment seeks to 'enhance the process of exchanging information held by communications providers for the purpose of criminal investigations and prosecutions'.
UK Cybersecurity Defense Standards Slip, Calls Made for Improvement (Infosecurity Magazine) The UK's cybersecurity rating slips as goverment calls for improvements in defenses
NSA Chief Says Super Tuesday Defenses Showed Improvement (Bloomberg) Extensive effort made 2018 look ‘like a pick-up game’. Government team gathered at 6 a.m. in a ‘chat system’
US Cyber Command leader says election security is agency's 'top priority' (TheHill) U.S. Cyber Command leader Gen.
Here’s why the State Department may need a new cyber office (Fifth Domain) The Cyberspace Solarium Commission will recommend a new bureau to get the department more involved in several issues.
Lawmakers grill Mnuchin on Treasury's cyber sanctions (FCW) Members of Congress pressed Treasury Secretary Steven Mnuchin about how effective the department's cyber-related financial sanctions were in deterring future behavior and how it was defining success.
Senate Passes Bill Requiring 5G Security Review (Wall Street Journal) The U.S. Senate passed legislation that would require the Trump administration to identify security threats and possible fixes within the equipment and software that support 5G wireless networks.
National Security Senators Introduce Bipartisan Legislation to Develop 5G Alternatives to Huawei (Mark R. Warner) Today, a bipartisan group of leading national security Senators introduced legislation to encourage and support U.S. innovation in the race for 5G, providing over $1 billion to invest in Western-based alternatives to Chinese equipment providers Huawei and ZTE.
Uncertainty Mounts as Key Surveillance Powers Near Expiration (Wall Street Journal) The Trump administration and lawmakers in both parties have failed so far to find a path forward to renew a set of key domestic surveillance powers due to lapse in 11 days, prompting heightened alarm among intelligence agencies that they will soon lose tools they consider vital to national security.
A Closer Look at CNCI and Cybersecurity Part 1 (Center for Strategic and International Studies) In this episode, host Jim Lewis talks with Marie “Neill” Sciarrone, President and Co-Founder of Trinity Cyber and former Special Assistant to the President and Senior Director of Cybersecurity Policy under George W. Bush. While at the White House, she was responsible for coordinating cybersecurity policy and programming for the Bush administration, including the influential Comprehensive National Cybersecurity Initiative (CNCI).
FBI working to ‘burn down’ cyber criminals’ infrastructure (Washington Post) To thwart increasingly dangerous cyber criminals, law enforcement agents are working to “burn down their infrastructure” and take out the tools that allow them to carry out their devastating attacks, FBI Director Christopher Wray said Wednesday.
An Undiplomatic Diplomat Wins Power in Trump’s Washington (New York Times) Richard Grenell, prone to pique and caustic tweets, is running the intelligence agencies in an acting capacity. He could be there for a while.
Smarter cyber security must underpin Europe’s digital future (Open Access Government) Alyn Hockey, VP of Clearswift, discusses why effective and smarter cyber security has to underpin Europe’s digital future
Small differences between how contractors, feds get clearances (Federal News Network) When the government vets people for security clearance, some small differences show up in how it looks at federal employees and contractors.
Governor Reeves signs executive order for cybersecurity task force (Mississippi Politics and News - Y'all Politics) On Wednesday, Governor Reeves addressed growing concern for governments and businesses around the world—cybersecurity. Already having participated in several sensitive discussions with his team, the Governor announced that cybersecurity was a joint priority that would include coordination between al
Litigation, Investigation, and Law Enforcement
Huawei pleads not guilty to new racketeering and fraud charges by US government in 2018 case (Computing) Huawei's lawyer told the court that the progress of the case could be delayed due to coronavirus outbreak
Defense Department linguist charged with leaking classified information to terrorist organization (Military Times) Mariam Taha Thompson, a linguist with the Defense Department, allegedly delivered classified information to a co-conspirator who has “apparent connections” to Hezbollah, the Lebanese Shiite group designated a foreign terrorist organization. Thompson held a Top Secret clearance at the time of her arrest, where she was attached to a special operations unit in Iraq.
Defense Department Linguist Charged with Espionage (US Department of Justice) Mariam Taha Thompson, 61, formerly of Rochester, Minnesota, was charged today in the District of Columbia with transmitting highly sensitive classified national defense information to a foreign national with apparent connections to Hizballah, a foreign terrorist organization that has been so designated by the Secretary of State.
Accused LinkedIn hacker worked with alleged SEC hacker, according to DOJ filing (CyberScoop) Yevgeniy Nikulin was in regular contact with Oleksandr Ieremenko, a Ukrainian national who allegedly hacked the U.S. Securities and Exchange Commission.
Hacker behind 2012 attacks on LinkedIn and Dropbox was in regular contact with alleged SEC hacker, according to DOJ filing (Computing) The hacker was arrested in Czech Republic in October 2016
Facebook Sets Spyware Firm NSO Back Over Court No-Show (BloombergQuint) Facebook Wins Malware Suit After NSO’s No-Show in Court
Facebook Gets Early Win Against NSO Group In Spyware Suit (Law360) A California federal court has ordered a default judgment against Israeli spy software vendor NSO Group Technologies Ltd., which Facebook says has refused for months to answer claims that it violated anti-hacking law by infiltrating the phones of about 1,400 WhatsApp users.
Cathay Pacific fined £500,000 over customer data (BBC News) The UK's Information Commissioner says the airline failed to protect customers' personal details.
This Small Company Is Turning Utah Into a Surveillance Panopticon (Vice) Banjo is applying artificial intelligence to government-owned surveillance and traffic cameras across the entire state of Utah to tell police about "anomalies."
Sheriff’s Office investigates data breach at Hillsboro R-3 district (Leader Publications) The Jefferson County Sheriff’s Office is investigating a reported data breach at the Hillsboro R-3 School District. The report claims a school district employee was responsible for the breach and