Cyber Attacks, Threats, and Vulnerabilities
US Officials: Foreign Disinformation Is Stoking Virus Fears (US News & World Report) The Trump administration is alleging that a foreign disinformation campaign is underway aiming to stoke fear amid the coronavirus pandemic.
No, 5G didn't cause the coronavirus pandemic (CNET) Influencers and Russia have linked the virus sweeping the globe to the new, super-fast wireless technology. They're wrong.
In fast-moving pandemic, sources of falsehoods spread by text, email, WhatsApp and TikTok elude authorities (Washington Post) Misleading text messages claiming that President Trump was going to announce a national quarantine buzzed into cellphones across the country over the weekend, underscoring how rapidly false claims are spreading — and how often it’s happening beyond the familiar misinformation vehicles of Facebook and Twitter.
TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years (Proofpoint) Proofpoint researchers are continuing to monitor malicious threat actor activity surrounding COVID-19. To date, the cumulative volume of coronavirus-related email lures now represents the greatest collection of attack types united by a single theme that our team has seen in years, if not ever.
Be wary of medical-related emails: Proofpoint (SC Media) Coronavirus may be the subject of choice for cybercriminal to lure victims into opening or responding to a message, but that does not mean other serious medical issues are also not being abused.
Hackers Attack Microsoft Windows Users: Dangerous Threat Group Exploits ‘COVID-19 Fear’ (Forbes) Another state-sponsored hacking group attacks a foreign government under the cover of coronavirus.
Health workers are top of phishers' target lists thanks to data value (Register) And HR folks aren't far behind, says Proofpoint strategist
Why ransomware continues to knock on healthcare's door, enter, and create havoc (Help Net Security) My name is Adam, and I’ve worked in the healthcare industry for over 15 years. In my current line of work, I assist healthcare facilities across the U.S.
HHS saw increase in network scanning in midst of COVID-19 outreach (CyberScoop) The Department of Health and Human Services saw an increase in outside scanning of some of its network as the department continues to respond to the novel coronavirus outbreak, a source with knowledge of the matter tells CyberScoop.
Hackers Attack Health and Human Services Computer System (New York Times) It was unknown whether the actions were the result of foreign actors or just hackers seizing on the coronavirus panic to try to create chaos.
Officials: HHS Cyber Attack Shows Importance of Cybersecurity Amid Pandemic Response (Government CIO) While the attack was reportedly unsuccessful, federal cybersecurity leads encourage agencies to 'remain vigilant'.
Cyber operations already impacting coronavirus response (TheHill) The recently-released by the bipartisan, congressionally-mandated Cyberspace Solarium Commission offers a roadmap to curb the effects and likelihood of cyber operations.
Health and Human Services Department Hit by Cyberattack Amid Coronavirus Response (TheStreet) The U.S. Health and Human Services Department was hit by a cyberattack amid its effort to respond to the coronavirus. The attack was intended to slow the response to the pandemic, a report says.
HHS suffers cyberattack as US deals with coronavirus response (CIO Dive) The intent of the attack was to slow systems, though it was unsuccessful "in a meaningful way," according to the Bloomberg report.
Cyber-Attack Hits U.S. Health Agency Amid Covid-19 Outbreak (Bloomberg) NSC tweet on disinformation Sunday was connected to attack. Cyber intrusion comes as U.S. battles the coronavirus pandemic.
US Health Department Hacked Amid Coronavirus Pandemic (Infosecurity Magazine) Cyber-attackers hack US Health and Human Services Department to spread disinformation
What you need to know about DDoS weapons today (Express Computer) Twenty years after its introduction, DDoS remains as effective as ever—and continues to grow in frequency, intensity, and sophistication. That makes DDoS defense a top cybersecurity priority for every organization
DOD faces network attacks amid telework uptick (FCW) The Defense Department's networks have been stressed since expanding telework to minimize coronavirus at defense agencies.
Attacks on DOD Networks Soar as Telework Inflicts ‘Unprecedented’ Loads (Defense One) As DOD scrambles to find equipment for those who can work from home, Pentagon leaders tell personnel: ‘No hand-shaking, no high-fives,” and clean your workstations.
City CIOs Help Keep Services Humming Amid Coronavirus Woes (Wall Street Journal) Technology leaders for major U.S. cities are helping ramp up the response to the coronavirus crisis while ensuring city services are running smoothly.
Analysis | The Cybersecurity 202: Coronavirus contingency plans may also pose election security challenges (Washington Post) A huge surge in vote by mail could invite tampering from adversaries.
Coronavirus: Kiwis warned against online phishing scams (Stuff) Scammers try to trick people into giving their passwords to learn urgent information about Covid-19.
Cloudflare Worker Employed as C&C Server by BlackWater Malware (The State of Security) Security researchers spotted BlackWater malware leveraging a Cloudflare Worker for command-and-control (C&C) functionality.
CovidLock: Android Ransomware Walkthrough and Unlocking Routine (Zscaler) This new ransomware targets Android users and plays on fears around the coronavirus.
A coronavirus-tracking app locked users' phones and demanded $100 (CyberScoop) You can always count on hackers to exploit a terrible situation to try to make a buck.
CovidLock Update: Deeper Analysis of Coronavirus Android Ransomware (DomainTools) The DomainTools Security Research Team, in the course of monitoring newly registered Coronavirus and COVID labeled domain names, discovered a website luring users into do
Spyware Stealer Locker Wiper: LockerGoga Revisited (Dragos) LockerGoga ransomware severely impacted the Norwegian metals giant, Norsk Hydro, and provides a blueprint for malicious entities to weaponize ransomware
Why the Norsk Hydro attack is a 'blueprint' for disruptive hacking operations (CyberScoop) It’s been a year since malicious code tore through the computer network of Norwegian aluminum giant Norsk Hydro, forcing the company to shift some of its operations to manual mode and inflicting tens of millions of dollars in damage.
Trade wars, cyber attacks and Brexit: Norsk Hydro recaps 2019 in annual report (Metal Miner) Last year proved to be a hectic one for Norwegian aluminum maker Norsk Hydro.
Private Equity Is a Tantalizing Target for Ransomware Hackers (BloombergQuint) Private Equity Is a Tantalizing Target for Ransomware Hackers
WordPress and Apache Struts weaponized vulnerabilities on the rise (Help Net Security) Total framework vulnerabilities in 2019 went down but the weaponization rate went up. WordPress and Apache Struts had the most weaponized vulnerabilities.
G DATA CyberDefense findet Bundeswehr-Laptop mit vertraulichen Informationen (presseportal.de) Bochum (ots) - Die Bundeswehr hat bei der Entsorgung eines alten Rechners Fehler in der Entsorgung gemacht - das haben Sicherheitsexperten von G DATA CyberDefense...
German army laptop with secret files sold for €90 on eBay (Times) A German military laptop containing sensitive documents including instructions on how to blow up a mobile anti-aircraft missile system has been found on eBay with an asking price of €90 (£82).
The Inside Scoop on a Six-Figure Nigerian Fraud Campaign (Check Point Research) Cybercrime is usually a one-way street. Shady types send their malicious documents and Trojans downstream to us innocent folk. Worst-case scenario, we get infected. Best-case scenario, we smirk, hit “delete” and move on with our lives. Either way, we’re left with many lingering questions. Who sends these out? Where did they get our email address?... Click to Read More
US Democratic Party Symbol Changed to a Rat in Google Search (BleepingComputer) The election symbol of the US Democratic Party has been changed to a rat within the Google search knowledge panel that shows when searching for the party's name, instead of the usual donkey-themed one.
Vulnerability Summary for the Week of March 9, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Most ransomware attacks take place during the night or over the weekend (ZDNet) FireEye: 27% of all ransomware attacks take place during the weekend, 49% after working hours during weekdays.
Adware Accounts For 72% Of All Mobile Malware (Scoop News) Avast Threat Labs intelligence shows the share of Android adware has risen by 38% in the last year Avast (LSE:AVST), a global leader in digital security products, has found that adware now accounts for the vast majority of Android mobile malware. ...
Network Security Topics Grabbing Headlines in Q1 2020 (Bricata) Check out our blog highlighting nine network security topics that made big news in the first quarter of 2020.
Open source bugs have soared in the past year (Naked Security) Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs.
Report: Shadow IoT is prevalent, insecure (TechCentral.ie) While the data protection pitfalls around the Internet of Things are undeniably numerous, new research from security vendor Zscaler underlines that one of the most serious problems emanates from the growing trend of ‘shadow IoT’, or the use of employee-owned devices on corporate networks. The company’s IoT in the Enterprise 2020 report says the blurring [&hellip
The Other Crisis: U.S. Companies Still Need Help Against Cyberattacks (Barron's) In the midst of the pandemic, an important commission is sounding an alarm. The private sector isn’t prepared to defend itself against the new environment of cyber threats.
28% of Indians are not aware of their router’s web administrative interface (CXOToday.com) - Globally, 39.32% employees don’t receive the technology support from their company to work away from the office - Avast shares tips on how people can secur
What the coronavirus outbreak can teach us about cybersecurity (Intelligent CIO Middle East) With cases of the Novel Coronavirus (COVID-19) emerging globally Brian Pinnock, Cybersecurity Specialist at Mimecast, tells us what the outbreak can teach us about cybersecurity.
National Crime Agency Eyes "Industrial Scale Data Analytics" to Tackle Organised Crime (Computer Business Review) The National Crime Agency (NCA) has set aside £4 million to fund a dedicated data analytics team who will be at the forefront of fighting organised crime...
The 10 most powerful cybersecurity companies (CSO Online) What makes these 10 security vendors the biggest power players? We break it down.
A Critical Internet Safeguard Is Running Out of Time (Wired) Shadowserver has helped keep the internet safe for 15 years. Unless it can raise funds fast, it's going to disappear.
Axis Security Emerges from Stealth with $17 Million in Funding to Redefine Private Application Access (PR Newswire) Axis Security, the private application access company, today emerged from stealth launching a purpose-built, cloud-native security and...
Rancher Labs closes $40M funding round to "run Kubernetes everywhere" (ZDNet) The six year-old startup is going after new markets that want to run Kubernetes clusters at the edge.
ZeroNorth Raises $10M Series A+ Round to Bring Continuous, End-to-End Security to DevOps; Enable Comprehensive Software and Infrastructure Vulnerability Management (Yahoo) ZeroNorth, the first provider of risk-based vulnerability orchestration across applications and infrastructure, today announced that it raised a $10 million Series A+ funding round led by Crosslink Capital with participation from other existing investors ClearSky, Rally Ventures and Petrillo Capital.
Checkmarx To Be Bought By Hellman & Friedman For $1.15B Valuation (CRN) Checkmarx is being purchased by private equity firm Hellman & Friedman (H&F) for a $1.15 billion valuation in the largest acquisition of an application security company ever.
Insight Partners sells security firm Checkmarx to Hellman & Friedman for $1.15B (TechCrunch) Checkmarx, an Israeli security company acquired in 2015 by private equity firm Insight Partners with an $84 million investment, was sold today to Hellman & Friedman, another private equity firm at a valuation of $1.15 billion. Nice little profit there, and the company will continue to hold a mi…
Riskonnect Acquires Xactium, a Leading Financial Services GRC Solution Provider, to Accelerate Global Growth and Drive Risk Management Innovation (Yahoo) Riskonnect, the leader in integrated risk management solutions, has acquired Xactium, a UK-based GRC software provider that revolutionizes the way enterprises evaluate and manage enterprise risk and compliance. The acquisition will accelerate Riskonnect’s global growth, strengthen its financial services
Deloitte acquires Aussie security player Zimbani (ARN) Deloitte Australia has ramped up its local cyber security practice by acquiring Melbourne-headquartered provider Zimbani.
The Demise Of Symantec (Forbes) After decades of powering the cybersecurity industry Symantec is no longer contributing.
Cyber investment exec talks COVID-19, Snowden & threat intel automation (SC Media) The cyber threat intelligence tech space has made significant leaps in the last few years, becoming far less manual, according to Hank Thomas, CTO of SCVX.
CyberArk ANZ boss Matthew Brazier departs (CRN Australia) Hires Thomas Fikentscher out of JXT Global as replacement.
Ex-Capgemini CEO joins Innovo (CRN Australia) More changes after recent rebrand.
Products, Services, and Solutions
Trivy Vulnerability Scanner from Aqua Security Adopted by Leading Cloud Native Platforms (Aqua) Aqua Security, the leading platform provider for securing cloud native applications and infrastructure, announced today that its open source Trivy vulnerability scanner is now available as an integrated option in several widely used cloud native platforms, including the CNCF’s Harbor registry, Docker, and Mirantis Docker Enterprise. Trivy is a …
PolySwarm provides latest enhancement to Basis Technology's incident r (PRWeb) PolySwarm, a threat intelligence and detection marketplace for identifying new and emergent malware, will now be used by Cyber Triage™, a tool for rapid incident
Alphabet's Verily launches a limited coronavirus screening website (CNBC) Alphabet's Verily on Sunday night launched a pilot of a COVID-19 screening and testing website in the San Francisco Bay Area, a day earlier than it said it would.
Trump announced Google was building a virus screening tool. Then someone had to build it (Washington Post) How a presidential promise launched Verily, an Alphabet-owned health science unit, to the front lines of the pandemic
To Track Coronavirus, Israel Moves to Tap Secret Trove of Cellphone Data (New York Times) The information, intended for use in counterterrorism, would help identify people who have crossed paths with known patients.
SAIC-Goodyear to Bring Blockchain Into Supply-Chain Security (Nasdaq) Science Applications International Corp. SAIC is partnering with The Goodyear Tire & Rubber Company on a pilot project to secure customer data across the supply chain with the help of blockchain technology.Science Applications has been the prime contractor in the Tire Succes
ConnectWise continues to Shift Left (Enterprise Times) ConnectWise has continued to enhance its security stance. It is adopting more shift left practices and reaffirmed it commitment to a Bug Bounty Program
Radiologex partners with Trusona to enhance secure access (Enterprise Times) The Radiologex/Trusona partnership hopes to solve the problems by providing one easy-to-use, blockchain-based platform with safety and speed built in.
GlobalPlatform Simplifies Integration of SEs into IoT Devices (GlobalPlatform) The standard for secure digital services and devices
Beachhead Solutions Offering MSPs and Their Clients Free Temporary Licenses to Accommodate Surge in Remote Workers (Globe Newswire) Additional SimplySecure licenses immediately available to MSPs and their clients to ensure device and data security while employees work remotely
PC Matic Offers Free Protection For Businesses Going Remote (PC Matic) PC Matic is offering free cybersecurity and remote management tools through the end of June, in light of the increased frequency of remote employees nationwide...
Technologies, Techniques, and Standards
Cybersecurity for Remote Workers: How Organizations Are Addressing The Risks (Attila) Here's how 8 different organizations are handling the cybersecurity risk of remote work, and what the best practices are for employers.
How Is The Remote Workforce Driving Cybersecurity: A Q&A With Tech CEO Dmitriy Akulov (OpenBusinessCouncil Directory) We sat down with tech CEO and Founder of jsDelivr, Dmitriy Akulov, to answer some questions about remote workforce and cybersecurity
How network modeling and cyber hygiene improve security odds for federal agencies (FedScoop) Modern network modeling platforms will help equip agencies to find and automatically update outdated configuration rules lurking on aging infrastructure.
How to Secure a Home WiFi Network for Remote Work (JumpCloud) Take these six concrete steps to ensure that your home WiFi network and asociated hardware is secure and properly configured for remote work.
Is VPN Still Valuable in a Zero-Trust Environment? (Technology Solutions That Drive Government) Agencies can shift away from perimeter-based defenses and toward zero trust to enhance their cybersecurity.
Should cities pay cybercriminals? (Cities Today - Connecting the world's urban leaders) Cities that refuse to pay cybercriminals a ransom can often end up paying more in recovery costs and lost revenue, says a new report.
Design and Innovation
How Wikipedia Prevents the Spread of Coronavirus Misinformation (Wired) A group of hawk-eyed experts operate on a special track to monitor medical information on the site.
Amid Social Distancing, Neighbors Mobilize Over Facebook (Wired) Social media has fomented a lot of division, but people are using it to strengthen their communities against the coronavirus pandemic too.
WSJ News Exclusive | TikTok to Stop Using China-Based Moderators to Monitor Overseas Content (Wall Street Journal) The popular short-video app said it would halt using China-based moderators to monitor overseas content and shift that work to those outside of China.
Research and Development
Legislation, Policy, and Regulation
Trump’s Reasonable—And Yet Still Worrisome—Emergency Declaration (The Atlantic) Americans must be alert to abuse of the president’s powers, both emergency and nonemergency, in ways that violate civil liberties without safeguarding the public’s health.
That text you're getting is a hoax. Trump is not calling for a national quarantine. (Mother Jones) On Sunday, the White House’s National Security Council put to bed a rumor circulating via text message that the president was planning to invoke the Stafford Act to impose a “two-week mandatory quarantine for the nation.”
Report calls for web pre-screening to end UK’s child abuse ‘explosion’ (Naked Security) The IICSA report cited “unprecedented levels of depravity” and said that encryption is getting in the way of current screening.
Senate Approves Short-Term Renewal of Surveillance Powers (Wall Street Journal) The Senate approved a short-term extension of a batch of expired domestic surveillance powers, delaying consideration of a host of privacy changes to pivot attention to the coronavirus crisis.
DoD names new permanent director to lead security clearance agency (Federal News Network) The Defense Counterintelligence and Security Agency will name a new permanent director after months of acting leadership.
Litigation, Investigation, and Law Enforcement
Muting Coronavirus Anger, China Empowers Its Internet Police (New York Times) Online enforcers are dragging in hundreds for questioning as an assault on online speech continues. They are a sign how Beijing has given censors a more punitive role.
ZTE denies knowledge of alleged US bribery investigation (ZDNet) Reports claim that ZTE may have paid off foreign officials to strengthen its global business position.
Justice Dept. abandons prosecution of Russian firm indicted in Mueller election interference probe (Washington Post) Citing classified matters, prosecutors drop the case against “Putin’s chef” and Concord Management and Consulting.
Justice Dept. Moves to Drop Charges Against Russian Firms Filed by Mueller (New York Times) The companies funded Russia’s social media-fueled interference in the 2016 election, prosecutors said. But they tried to weaponize the case instead of fight it.
Formal GDPR complaint against Google’s internal data free-for-all (Brave Browser) Brave has filed a GDPR complaint v Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business.
Apple fined €1.1bn by France over anti-competitive practices (Computing) France’s competition authority claims Apple struck deals to keep iPad prices high
Coronavirus Forces Mistrial In Finjan Patent Case (Law360) A California federal court cited the “extraordinary circumstances” of the coronavirus pandemic in declaring a mistrial in a patent infringement lawsuit on Monday after three days of proceedings, pausing the fight between software makers Finjan and ESET until the national emergency has passed.