Cyber Attacks, Threats, and Vulnerabilities
China accuses Taiwan of cyberattack amid coronavirus outbreak (Taiwan News) Chinese media counter Taiwan’s cyberwar remark with similar accusation, hint Taiwan’s special unit responsible for information theft
Advanced Russian Hackers Use New Malware in Watering Hole Operation (BleepingComputer) Two previously undocumented pieces of malware, a downloader and a backdoor, were used in a watering hole operation attributed to the Russian-based threat group Turla.
Russia-backed Turla crew's new malware has discerning taste when screening visitors to poisoned watering holes (Register) Previously unseen nasty spotted lurking in Armenian government websites
Russian intelligence-backed hackers go after Armenian embassy website with new code (CyberScoop) Computer code used by hackers tied to Russia’s FSB intelligence agency has haunted governments around the world for years. The hackers’ tools have been associated with a damaging breach of U.S. military networks in the mid-to-late 1990s, and used in a cunning hijacking of Iranian infrastructure more than two decades later. Now, malware analysts have surfaced a new piece of code that they say the Russian hacking group, dubbed Turla, is using to spy on government and think tank websites in the Eurasian country of Armenia...
TRRespass research reveals rowhammering is alive and well (Naked Security) “TRRespass” is a new trick for rowhammering – an attack where you write to a memory chip by reading it over and over (and over) again.
Crafty Web Skimming Domain Spoofs “https” (KrebsOnSecurity) Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data.
New flaw in Intel chips lets attackers slip their own data into secure enclave (TechCrunch) A new flaw in Intel chips threatens to allow attackers to not just view privileged information passing through the system but potentially also insert new data. The flaw isn’t something the average user has to worry about, but it is a sign of the times as far as the shape of threats to our inf…
Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks (SecurityWeek) SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news.
Flaws Riddle Zyxel’s Network Management Software (Threatpost) Over 16 security flaws, including multiple backdoors and hardcoded SSH server keys, plague the software.
Microsoft shares nightmare tale: 6 sets of hackers on a customer's network (ZDNet) Microsoft reveals its first report on incident response work carried out by its Detection and Response Team (DART).
Ransoming government (Deloitte Insights) As malware attacks increasingly hold various governments ransom over critical data, to pay or not to pay can become an impossible dilemma. Taking simple steps to secure IT infrastructure and data can help government organizations avoid this dilemma.
Study: Next Generation 911 Services ‘Highly Vulnerable to Cyber Attack’ (Homeland Security Today) Ben-Gurion University of the Negev researchers, who exposed vulnerabilities in 911 systems due to distributed denial of service attacks (DDoS), say the next generation of 911 systems that now accommodate text, images and video still have the same or more severe issues.
Adware Accounts for Major Chunk of Mobile Malware: Avast Cybersecurity Report (News18) There are two main types of adware: adware apps, which cause distraction and annoyance; and ad-fraud/ad-clickers, a more malicious type of adware.
Dutch government loses hard drives with data of 6.9 million registered donors (ZDNet) External hard drives stored all donor data from February 1998 to June 2010.
Comcast accidentally published 200,000 “unlisted” phone numbers (Ars Technica) Comcast made the same mistake once before and had to pay $33 million.
The Internet Avoided a Minor Disaster Last Week (Wired) A tiny backend bug at Let’s Encrypt almost broke millions of websites. A five-day scramble ensured it didn’t.
Hackers are exploiting the coronavirus pandemic to scam online shoppers (The New Daily) Just as heartless money-grabbers set up fake bushfire scams over summer, so too have hackers eager to exploit our fear of the COVID-19 pandemic.
Coronavirus scams to watch out for (American Banker) Financial institutions need to alert customers about emails or websites that pretend to offer important COVID-19 information but instead could end up stealing their account numbers or logins.
Secret Service: Criminals are using coronavirus fears to run email phishing scams (FOX 13 Tampa Bay) The United States Secret Service is warning the public to be aware of scammers who look to take advantage of coronavirus fears.
The cognitive psychological tricks hackers use to dupe users (ITProPortal) Cyberattackers exploit the human brain through visual cognitive tricks.
International car sales firm hit with $30m cyber ransom (Information Age) Another company crippled by ransomware.
Malware attack expected to keep Otterbein University’s computer network down this week (Columbus Dispatch) Otterbein University announced Tuesday that it does not expect damage from a malware attack that shut down its computer network Friday to be repaired this week.
Corey Feldman apologizes for '(My) Truth' streaming problems, blames hackers (EW.com) As Corey Feldman's sexual abuse documentary (My) Truth: The Rape of Two Coreys continued to be plagued by streaming issues, the actor issued an apology…
Security Patches, Mitigations, and Software Updates
Microsoft mistakenly reveals the existence of an unpatched bug along the lines of WannaCry (TechRadar) Major security hole is present in Microsoft’s SMBv3 protocol
Microsoft leaves critical bug unpatched on Patch Tuesday (Naked Security) Microsoft fixed bugs across a range of products on patch Tuesday, issuing patches for 115 distinct CVEs, with 26 rated critical.
Wormable Windows SMBv3 RCE flaw leaked, but not patched (Help Net Security) CVE-2020-0796 is a "wormable" vulnerability in the Microsoft Server Message Block (SMB) protocol that has yet to be fixed.
Windows has a new wormable vulnerability, and there’s no patch in sight (Ars Technica) Critical bug in Microsoft's SMBv3 implementation published under mysterious circumstances.
Intel Patches High Severity Flaws in Windows Graphics Drivers (BleepingComputer) Intel released security updates to address 27 vulnerabilities as part of March 2020 Patch Tuesday, with ten of them being high severity security flaws impacting Intel's Graphics Drivers for Windows and the Smart Sound Technology integrated audio DSP in Intel Core and Intel Atom CPUs.
Cyber Trends
2020 Unit 42 IoT Threat Report (Unit42) Unit 42's new report analyze 1.2 million IoT devices to better understand the current IoT threat landscape and identify the top IoT threats.
Cybercrime annual revenue is 3 times bigger than Walmart’s (Atlas VPN) Cybercrime revenue exceeds Walmart’s by $1 trillion. Yet, they are similar in the fact that both sell an extensive selection of products and services.
Analysys Mason Releases The Findings Of Its Global Study Into Cyber Security Buying And Adoption Trends In SMBs (Security Informed) Analysys Mason, a global technology analyst firm, announces the findings of its global study into cyber security buying and adoption trends in small and medium-sized businesses (SMBs) worldwide. The...
5 Myths About DDoS in 2020 (Radware Blog) The nature of DDoS attacks is shifting, and while some organizations might believe that DDoS is a thing of the past, this is not the case.
Human Error Accounts for 60% of Security Breaches (Infosecurity Magazine) Gallagher study finds companies exposed to service outages and data loss risks
Infrastructure and Security Challenges Threaten Multi-Cloud and Edge Deployments, New Survey from Volterra Shows (BusinessWire) New data from Volterra shows organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments.
Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals (Dark Reading) Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious.
Is being hacked inevitable? Security expert explains (Medical Economics) Kevin Johnson, CEO of Secure Ideas and a hacking expert, discusses a medical practice's chance of being hacked, and steps that every physician should take to secure their data.
Marketplace
INSA Statement: Implications of COVID-19 for the Cleared Workforce (Homeland Security Today) In case normal operations for classified work must be suspended for an extended period of time, INSA recommends several steps to mitigate the impact of such measures on the Trusted Workforce.
COVID-19 coronavirus outbreak and a security conference tries to play it down (ZDNet) If two attendees of your security conference were diagnosed with the novel coronavirus, how would you let everyone know? Perhaps not quite in the way the RSA conference did.
Cybersecurity center cancels symposium in Denver due to coronavirus (OutThere Colorado) The National Cybersecurity Center has canceled its Cybersecurity Symposium, scheduled for June 15-16 at the Gaylord Rockies resort near Denver
Twitter makes working from home mandatory for employees around the world in response to COVID-19 (TechCrunch) After “strongly encouraging” it earlier this month, Twitter said today that working from home is now mandatory for all employees around the world due to COVID-19 concerns. In announcement, the company said “we understand this is an unprecedented step, but these are unprecedented t…
DisruptOps raises $9M with serial entrepreneur, cyber security veterans taming the cloud (Startland News) A fresh funding infusion is expected to help DisruptOps strengthen its team and its ability to react to threats in the cloud, said Jody Brazil.
outSOC Acquires SIEMPlexus, Unveils SOCaaS Platform for MSSPs (MSSP Alert) outSOC exits stealth mode & unveils a multi-tier, white-label, security operations center-as-a-service (SOCaaS) platform for MSPs & MSSPs.
This risk management startup has raised $17.5M in new funding with another big-name backer (Washington Business Journal) Interos founder and CEO Jennifer Bisceglie led the supply chain company to new funding in 2019.
Dell Sells RSA Security Business to Symphony for $2.1 Billion (FinSMEs) Dell Technologies has announced that the negotiations with Symphony Technology Group (STG) have ended and that they will be selling RSA Security Business to the private equity firm. The sale of the legacy security firm is reportedly held at a value of $2.075 billion
Third IT firm acquisition takes Dynamic Edge turnover to £5m (OilVoice) Technology business Dynamic Edge has become a £5m turnover firm and extended its geographical reach following the acquisition of an IT company in the sout ...
Vista Equity Explores Sale Of Network Identity Provider Infoblox: Report (CRN) Vista Equity is weighing strategic options for network identity appliance provider Infoblox, including a potential sale, according to a PE Hub report.
10 European startups fighting fake news and disinformation (EU-Startups) Brexit. Terrorist attacks. Climate change. Corona virus. Whether its fake news, deep fakes, disinformation or the deliberate spreading of false information with the intent to deceive, it seems like this kind of phenomenon is on the rise.
We've seen how elections can be swayed, how spreading sensa
Huawei bets big on European 5G patents despite Trump's pressure (Bloomberg) Even as the Trump Administration pressures European countries to stop using Huawei...
Can Empathy Have an Impact on Business? Rapid7 Is Betting on It (Built In Austin) In a previous life as an independent sales rep, Gerald Blancett would work out of coffee shops or his home, chasing deals as a “lone wolf.” Closing deals was always front of mind, and he was skeptical about making the jump to a company that touted a great culture. “I was like, ‘Culture is cool, but culture doesn’t make dollars,’” Blancett playfully recalled from inside Rapid7’s Austin’s offices in late January.
The Tycoon Hunting Down The World’s Hackers—And Fending Off A Trump Ukraine Conspiracy Theory (Forbes) A year ago, the world didn’t really know much about CrowdStrike or its founder George Kurtz. A call between President Trump and Ukraine's President changed all that.
Record Number of TAG Recertifications Shows Commitment of Leading Companies to Protect Digital Ad Supply Chain (Benzinga) The Trustworthy Accountability Group (TAG), an advertising industry initiative to fight criminal activity in the digital advertising...
Wolfberry scoops international cyber award (South Wales Argus) Newport-based cyber company Wolfberry Cyber has been recognised as Best International Cyber Security Consultancy Firm at the Acquisition…
Lares Hires VP of Advisory Services, Extends vCISO Capabilities (Yahoo) Lares, a global leader in security assessment, red teaming, penetration testing, application security, and security program development, has expanded its Virtual Chief Information Security Officer (vCISO) services offering with the hiring of Dr. Mark Arnold as VP of Advisory Services.
Corero Network Security's Andrew Miller to step down as CFO (Shares Magazine) Shares provides unbiased commentary, ideas, views and news on stocks, funds, pensions and savings. Great investment tools with live data. Free registration.
Products, Services, and Solutions
TrueFort Achieves VMware Ready™ Status (Yahoo) Designation indicates that TrueFort Fortress XDR has achieved VMware’s highest level of endorsement and is supported on VMware vSphere for production.
ForgeRock Simplifies the Process for Companies to Migrate from Legacy Products to a Modern Identity Solution (Globe Newswire) ForgeRock®, the leading provider in digital identity, today announced new tools to help enterprise customers quickly and easily migrate identity and access management (IAM) capabilities from legacy vendors, such as Oracle or CA Technologies, to ForgeRock’s more secure and flexible platform.
Netwrix now delivers data classification for Google Drive and integrates with Microsoft Information Protection (Netwrix) Organizations can reduce security-related stress with trustworthy data tagging and prove compliance with the CCPA faster and more easily.
Thycotic Announces Expanded Availability of Cloud PAM Solutions in Canada (Yahoo) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today announced the availability of its cloud-native PAM solutions delivered via its new local data center in Canada.
Top Cybersecurity Employee Training Programs (eSecurity Planet) Employees are the weakest part of your cybersecurity defenses; here are 9 top security training vendors that can help.
Kudelski launches IoT security for automotive, industrial based on STM connectivity (Telecompaper) Kudelski announced the availability of its Kudelski IoT Security Platform integrated with ST4SIM eSIM products from STMicroelectronics. The integration creates a robust foundation for connected MCUs, such as STM32-based products, that is specifically adapted to the high functionality and security requirements for the industrial equipment and automotive manufacturer markets, the company said.
()
()
SailPoint introduces identity governance for IaaS platforms, resources and workloads (Help Net Security) SailPoint Technologies Holdings, the leader in identity management, introduced identity governance for IaaS platforms, resources and workloads.
BT Launches New Cybersecurity Advisory Services Practice (Infosecurity Magazine) Service will provide BT customers with advice on navigating their cybersecurity journeys
Vodafone launches managed cyber security services for UK businesses (Information Age) Vodafone Cyber Enhanced combines cyber security and defence-grade technology to protect the resources of critical national infrastructure providers
Technologies, Techniques, and Standards
Working from the Home Front Securely (Hysolate) Coronavirus Work From Home Policies for Endpoint Security: Methods That Enable Security & User Productivity
6 security metrics that matter – and 4 that don’t (CSO Online) The increasingly high stakes of getting security right and growing board interest means metrics are more important than ever. But there are some metrics that are more useful than others.
PwndLocker: Free Decryptor Frees Crypto-Locked Data (GovInfo Security) Security firm Emsisoft is offering free, customized decryptors to victims of PwndLocker ransomware, which first surfaced in late 2019 and has been tied to attacks
What Is Threat Hunting and Why Is It so Important? (Active Countermeasures) Hey folks, I’m Chris Brenton and today I want to …
How Threat Intelligence Feeds Are Evolving (GovInfo Security) Threat intelligence feeds are evolving, but Rob Cataldo of Kaspersky North America says it's important to put all this data into context to create better enterprise
Cyber Threat Intelligence: What's Next? (Authentic8 Blog) Video: Jake Williams (SANS & Rendition InfoSec) shares his thoughts about the future of Cyber Threat Intelligence (CTI) and OSINT collection. (Authentic8)
Webcast: Think You're Compromised? What Do We Do Next? (Black Hills Information Security) In this webcast, we will cover what we can do if we think there is a breach on our network. We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists …
Security Analytics (Raffael Marty) Artificial intelligence, security and visual analytics discussed by Raffael Marty
The Secret History of a Cold War Mastermind (Wired) Gus Weiss, a shrewd intelligence insider, pulled off an audacious tech hack against the Soviets in the last century. Or did he?
()
Ireland Warns Asset Managers Over Poor Cyber Practices (Law360) Ireland’s Central Bank has warned asset managers that some of their cybersecurity practices are inadequate and have not been improved in the last three years despite rising risks.
All endpoints are equal, but are mobile endpoints being treated the same way with security? (teiss) Jamie Andrews, EMEA Partner Director at Lookout, outlines the most popular tactics used by hackers to target individuals on their mobile devices and how to best mitigate against these threats.
Navy reforming its IT security processes to approve new systems in a day (Federal News Network) The Navy sees the new process, called RAISED, as a “critical enabler” for its ambitions to deploy newly-built software to ships in under 24 hours.
Design and Innovation
Brave browser to block web fingerprinting with randomisation (Naked Security) Brave is testing a new defence against fingerprinting: confusing algorithms by randomising some of the data they collect.
Disaggregated Scalable Firewall Framework Released (Infosecurity Magazine) US companies unite to develop a Disaggregated Scalable Firewall framework
Research and Development
Accidental breakthrough by UNSW researchers may have major implications for quantum computing (Computing) They controlled the nucleus of a single atom using just electric fields
Spending on R&D doubles in bid to drive innovation (The Telegraph) Spending on UK research and development is set to nearly double to £22bn per year within five years, after the Chancellor used the Budget speech to unveil a raft of measures designed to turbocharge the nation’s cutting edge science and technology.
US Pacific Northwest National Laboratory taps Verizon to explore 5G potential (ComputerWeekly) Comms giant links up with science and technology research body to explore opportunities for 5G to impact national security, energy efficiency and advance science in the US.
Academia
Cybersecurity Reports See Rise in Education Risks, Highlight Mobile (Campus Technology) Two cybersecurity reports that highlight mobile device risks — one from Verizon and the other from NetScout Systems — have also touched on education in their findings.
Legislation, Policy, and Regulation
Rising threats call for primary cyber resilience, new strategies for governments (Help Net Security) Cybercriminals are holding governments hostage with ransomware attacks, expanding their attack base, and asking for more money, according to Deloitte.
Russia to help PH on defense, cyber security, COVID-19 (Cebu Daily) The Russian government has affirmed its commitment to help the Philippines in developing its defense capacities both in the armed forces and cybersecurity.
UK.gov tells rebel MPs to go Huawei – but 5G Telecoms Security Bill was the price (Register) Narrow House of Commons victory sees fresh wave of counter-Chinese comms pledges
EU, Tech Firms Renew Alert System to Fight Coronavirus Disinformation (Wall Street Journal) The European Union is reviving an alliance formed last year with U.S. tech companies to combat online political disinformation, now focused on false information about the coronavirus.
White House asks Silicon Valley for help to combat coronavirus, track its spread and stop misinformation (Washington Post) White House officials on Wednesday sought to solicit new help from Amazon, Google and other tech giants in the fight against coronavirus, hoping that Silicon Valley might augment federal efforts to track the outbreak, disseminate accurate information and assist Americans who are out of work or school.
White House seeks Silicon Valley help battling coronavirus (POLITICO) The Trump administration implored the companies to use their technical expertise to help those dealing directly with the fallout of coronavirus.
[Letter from Senator Mark R. Warner, D-Virginia, to Vice President Michael Pence] (United States Senate) Dear Vice President Pence, I am deeply concerned that despite the seriousness of the novel coronavirus (COVID-19) outbreak, your task force and members of the Administration have failed to consistently counter the significant amount of misinformation conveyed to the American public.
Government, military search for ways to secure networks, shield technology supply chain from cyber attacks (Military & Aerospace Electronics) The U.S. government needs a national strategy for supply chain risk management of commercial supply chain vulnerabilities in U.S. federal information.
Cyberspace Solarium Commission seeks to restore cyber coordinator roles (Federal News Network) The Cyberspace Solarium Commission, in its final report, has recommended restoring and restructuring two cyber oversight roles previously eliminated during the Trump administration.
()
The DHS cyber agency has a key role in a new strategy (Fifth Domain) The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency will be a linchpin for an integrated cybersecurity effort between the federal government and private sector, but there are challenges.
Lawmakers criticize Trump's slashed budget for key federal cyber agency (TheHill) The bipartisan leaders of the House Homeland Security Committee on Wednesday sharply criticized the proposed drop in funding in President Trump’s budget for the Department of Homeland Security’s cyber agency.
House passes compromise bill on surveillance reform (Washington Post) The bill won support from GOP lawmakers angry about the monitoring of Carter Page and Democrats seeking privacy safeguards.
House Passes Revised Surveillance Law as Deadline Nears (Wall Street Journal) The House voted to renew domestic spying tools that expire in four days, overcoming opposition from an array of factions within both parties, in an attempt to wrap up legislative business before leaving town later this week as fears mount over the spread of the novel coronavirus.
It's time for Congress to sunset NSA's call data program (TheHill) NSA was right to shutter the call data records program. It's time for Congress to close the book on it.
Analysis | The Cybersecurity 202: Lawmakers, technologists fight over encryption in child exploitation bill (Washington Post) 'Encryption is a red herring… a subterfuge,' Sen. Richard Blumenthal says.
FBI Director Chris Wray Pitches Weakened Encryption At A Cyber Security Conference (Techdirt.) On May 29, 2018, the FBI promised to deliver an updated count of encrypted devices in its possession. As James Comey and his replacement, Chris Wray, continued to advocate for weakened encryption, the number of phones the FBI couldn't get into...
()
Senators dispute industry claims that a bill targeting tech's legal shield would prohibit encryption (CNBC) The EARN IT Act would tie legal immunity from third party content for online platforms to efforts to report child sexual abuse materials.
()
S.893 - Secure 5G and Beyond Act of 2020 (Congress.gov) This bill requires the President, in consultation with relevant federal agencies, to develop a strategy to secure and protect U.S. fifth and future generations (5G) systems and infrastructure.
Sen. Moran to Introduce Privacy Bill That Beefs Up FTC, Expands Consumer Rights (Morning Consult) Sen. Jerry Moran (R-Kan.) is planning to introduce a bill Thursday that will require the Federal Trade Commission to appoint at least 440 additional workers to oversee privacy and security, pre-empt most state and local privacy laws and mandate that companies solicit affirmative consent from users before collecting and sharing personal information about them.
Cyber Command prepares force assessment (Defense Systems) More personnel may be needed as the organization's election security role expands and cybersecurity threats evolve.
To Pay or Not to Pay Ransom Poses Big Dilemma for Governments (Channel Futures) In 2019 alone, governments reported 163 ransomware attacks with more than $1.8 million dollars in ransoms paid and tens of millions spent on recovery costs, a nearly 150% increase in reported attacks from 2018.
Litigation, Investigation, and Law Enforcement
Moving Against China’s Military for Hacking U.S. Company (The Heritage Foundation) As if identity theft alone isn’t enough of a concern for Americans, the Equifax hacking indicates that China’s military wants to weaponize sensitive personal information to undermine U.S. national security.
Los Angeles Utility Accused of Cybersecurity Coverup (Infosecurity Magazine) The LA Department of Water and Power allegedly concealed gaps in its cybersecurity from regulators
Whether Data Breach Is Inherent Injury Could Affect Millions (Law360) A split among federal courts on whether the mere risk of harm from unauthorized disclosure of personal information — as in the recent Hackensack Meridian Health breach — creates an injury justifying standing, means that some victims are denied redress, say Varant Yegparian and Ben Cohen at Schiffer Hicks.
Facebook Says 9th Circ. Ruling Can't Help Users In Data Row (Law360) Facebook users can't hold up a Ninth Circuit ruling in a separate privacy case as evidence their own wiretap claims should survive, the social media giant argued, saying the privacy case is completely different and shows why claims of unlawful browser data tracking should fail.
Vermont Sues Clearview AI Over Facial Data Collection (Law360) Vermont's attorney general is going after Clearview AI's practice of scraping billions of facial data points from the internet, while knocking the startup's data security claims as misleading.
Australian Federal Police calls for audit into its telco data requests (ZDNet) After finding 'compliance issues' from as far back as 2007, the AFP has commissioned PwC to independently audit requests it made to telecommunications carriers.
Attorneys: Chelsea Manning attempted suicide in Alexandria jail (Washington Post) The former Army intelligence analyst who leaked hundreds of thousands of documents to WikiLeaks was hospitalized days before a hearing as she seeks release from civil confinement for refusing to testify to a grand jury investigating the anti-secrecy website.