Cyber Attacks, Threats, and Vulnerabilities
Kaspersky: North Korean hackers getting more careful, targeted in financial hacks (CyberScoop) Lazarus Group is tweaking some of its malware, delivery mechanisms, and payloads to evade detection, according to Kaspersky Labs.
China Steps Up Its Information War in Taiwan (Foreign Affairs) Ahead of Saturday's election, the Chinese government has undertaken a vast information influence campaign in Taiwan.
()
Iran Is Getting Ready to Blow Up A Fake Aircraft Carrier, Again (Defense One) To test weapons, try out tactics, and intimidate adversaries, Iranian forces may attack its barge-borne “carrier” as soon as March.
()
()
Prepare For the Worst From Iran Cyber Attacks, As DHS Issues Warning: Experts (Breaking Defense) Experts warn that Iran almost certainly now has the cyber tools to inflict physical damage on US critical infrastructure.
Iran’s Military Response May Be ‘Concluded,’ but Cyberwarfare Threat Grows (New York Times) Cybersecurity experts are seeing malicious activity from pro-Iranian forces, and warning that Iran has the capacity to do real damage to American computer systems.
The US is worried about Iran retaliating with a cyberattack (Vox) Iran’s formidable cyber arsenal includes malware and DoS attacks.
()
Iran Cyber Threat Update (McAfee Blogs) Recent political tensions in the Middle East region have led to significant speculation of increased cyber-related activities. McAfee is on a heightened
New Iranian data wiper malware hits Bapco, Bahrain's national oil company (ZDNet) Saudi Arabia's cyber-security agency spots new Dustman data-wiping malware.
()
Las Vegas reports experiencing ‘cyber compromise’ (StateScoop) City officials acknowledged a network security incident that may result in brief service interruptions to residents, but few other details of the event are known.
()
No data believed to be lost after city of Las Vegas network breach (KSNV) No data is believed to have been lost following a cyber breach of the city of Las Vegas' network, the city said Wednesday. All systems are functioning as normal after Tuesday's compromise, according to a post from the city's Twitter account. "We do not believe any data was lost from our systems and no personal data was taken," the city tweeted. "We are unclear as to who was responsible for the compromise, but we will continue to look for potential indications.
The State of Threats to Electric Entities in North America (Dragos) This blog is a summary of the Dragos North American Electric Cyber Threat Perspective. Read the full perspective here. Attacks on electric systems – like attacks on other critical infrastructure secto
Major TikTok Security Flaws Found (New York Times) The vulnerabilities, which the app says it has fixed, could have let attackers manipulate content and extract personal data.
Hackers are searching for Citrix servers vulnerable to remote code execution flaw, security researchers warn (Computing) Citrix vulnerability puts more than 80,000 organisations at risk of attack
Citrix NetScaler CVE-2019-19781: What You Need to Know (The State of Security) Craig Young would strongly advise all organizations with NetScaler/ADC to apply the mitigation immediately to avoid compromise.
Cyber criminals stalked Travelex before launching attack (The National) Secretive group has threatened to delete the company’s data unless it is paid $6m
()
ICO: Travelex hasn't reported a data breach (Computing) 'The company has not reported a data breach,' ICO tells Computing, but adds that they may be required to 'explain why it wasn't reported'
Travelex Staff Go Back to Basics as Ransomware Cripples Systems (New York Times) Staff at foreign exchange firm Travelex are using pen and paper to serve thousands of customers after the company said cyber hackers were holding its systems to ransom, leading to a global blackout on its online currency exchange services.
Barclays, Lloyds, RBS and HSBC all hit by Travelex cyber attack (Mirror) An attack on Travelex has spilled over onto some of the UK's biggest banks, which relied on the firm to give customers a way to buy forign money online
College Athlete Recruiting Software Exposed Students' Medical Info, Grades (Vice) The exposed information from company Front Rush included physical evaluations, post-injury reports, and performance reviews from specific teams for particular players.
Medical Info of Roughly 50K Exposed in Minnesota Hospital Breach (BleepingComputer) The personal and medical information of 49,351 patients was exposed following a security incident involving two employees' email accounts as disclosed by Minnesota-based Alomere Health.
Vigilance Is The Best Defense To Cyber Attacks (Alomere Health News) Alomere Health understands the importance of protecting our patients’ information. On January 3, 2020, we began notifying some of our patients of an email incident that may involve portions of their information. On November 6, 2019, we learned that an unauthorized person(s) gained access to an Alomere Health employee’s email account between October 31 and …
Interpeak IPnet TCP/IP Stack (Update D) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available
Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River
Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River
Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection, Null Pointer Dereference
Why Phishing Threatens Your Brand’s Integrity (CPO Magazine) Study shows phishing attacks have reached the highest in three years and rising in emerging regions such as Brazil and other parts of South America. Why does it threatens a brand’s integrity?
Security Patches, Mitigations, and Software Updates
TikTok Confirms ‘Severe’ SMS Security Threat: Critical New Update Released (Forbes) This new security threat highlights the cybersecurity risks associated with the world's leading social media platforms.
Mozilla patches Firefox zero-day reported by Qihoo 360 (ZDNet) Chinese security firm claims there's also an accompanying Internet Explorer zero-day.
Google's Project Zero changes disclosure policy; Infosec community debates the need (SC Magazine) Project Zero goes public 90 days after disclosing the vulnerability to the affected organisation. Now, they have added a 14-day grace period on request
Cyber Trends
2020: The Vulnerability Fujiwhara Effect - Oracle and Microsoft Collide (RBS) Whether you are working in IT or not, you’re probably familiar with Microsoft’s Monthly Patch Tuesday. Introduced in 2003, this is when the software giant releases updates and patches for its software products. As we discussed in September 2018, we have seen more and more vendors piggybacking on thi
Why Is Payment Security Compliance Declining? (PaymentsJournal) When companies are attacked, personal and financial customer information from payment card data is often the target. The Payment Card
Marketplace
Trump is in a heated fight with Iran and these stocks are benefitting from it (Yahoo) Cybersecurity stocks are rocking as the conflict between the U.S. and Iran heats up.
Rockwell Automation to Acquire Avnet to Expand Cybersecurity Expertise (BusinessWire) Rockwell Automation signed an agreement to acquire Avnet Data Security, LTD. The move expands ROK's IT/OT cyber and network expertise globally.
AvePoint lands $200M investment to expand market for Microsoft cloud governance tools (TechCrunch) While Microsoft cloud services such as SharePoint, Microsoft Teams and Office 365 are used widely by large organizations, the products don’t come standard with an enterprise-grade control layer. That’s where AvePoint, a Microsoft independent software vendor (ISV), comes in. Today, the company announced a $200 million Series C investment.
Here's why IoT security startup Armis agreed to a $1.1B buyout on its way to an IPO (Silicon Valley Business Journal) Here's how this week's $1.1 buyout of rapidly growing Palo Alto-based IoT security startup evolved in the last two months, according to co-founder and CEO Yevgeny Dibrov.
Ring Fired Employees for Watching Customer Videos (Vice) "We are aware of incidents discussed below where employees violated our policies," a letter from Ring obtained by Motherboard reads.
MasterPeace Solutions Recognized by Raytheon with EPIC Award for Excel (PRWeb) MasterPeace Solutions Ltd., a rapidly growing cyber and technology company, today announced that they have been recognized by Raytheon, a technology and inn
Products, Services, and Solutions
Smarsh Expands and Enhances Support for Voice Compliance (BusinessWire) Smarsh®, helping customers get ahead – and stay ahead – of the risk within their electronic communications, today announced the expansion of support f
IT Pro Tuesday #49 | EveryCloud (EveryCloud) Hello IT Pro, We’re asking you, our community, to help us spread the word about some of the tips and tricks you use to make you more effective at your job. Let us know by email or in the comments below, and we’ll feature them over the next few weeks. Now that we’ve got that out of the way, let’s get onto the tools we have for you this week. As usual, we have to go through the disclaimer – we have no affiliation with any of the brands listed below unless we specifically say so.
Neustar approved as initial Secure Telephone Identity Certification Authority (Neustar) Click here for Neustar's press release archives from the year . Also find media kit download and PR contact info
VPNs—Better Off With ‘Em Or Without ‘Em? (Safe-T) With ZoneZero you can adopt a Zero Trust SDP architecture without getting rid of your VPN. Safe-T’s SDP enhances VPN security by adding SDP capabilities, allowing access to applications and services only after trust has been verified.
Mocana joins forces with Siemens to secure industrial IoT (Telecompaper) Mocana entered a new partnership with Siemens Digital Industries Software to bring Mocana’s security functionalities to any Industrial Internet of Things (IIoT) devices using MindSphere, the cloud-based IoT operating system from Siemens.
BlackBerry Cylance Extends Endpoint Security to Cars (MSSP Alert) BlackBerry Cylance & Amazon Web Services (AWS) partnership extends cybersecurity to connected cars. MSSPs must track emerging IoT security opportunity.
Technologies, Techniques, and Standards
How to Spot Data Breach Warning Signs to Protect Your Business (Benzinga) NYC area retail technology expert offers 5 steps to discover data security breaches earlier to save money and protect business reputation—in a new article from eMazzanti...
Crown Prosecution Service declares 'war on disks' is almost over (Computing) The CPS has transformed the way it handles multimedia, to raise security and lower costs
For the love of OPSEC, put your phone away (Military Times) Lectures of personal electronics use and operational security continue to fall on deaf ears.
Design and Innovation
CounterFlow AI Becomes First Commercial Sponsor of the Argus Project (CounterFlow) Network visibility provider will be the first to commercially integrate Argus with its AI platform
()
Facebook’s Ban on Deepfakes Is a Half-Step at Best (Medium) It’s better than nothing — but just barely
Facebook bans deepfakes, but not cheapfakes or shallowfakes (Naked Security) Quick-n-sleazy edits are still OK, such as the 75% slowdown that made Nancy Pelosi slur or the edit that turned Joe Biden into a racist.
TikTok revamps content rules, aiming to clear up which videos it allows or blocks (Washington Post) TikTok on Wednesday released a set of new, more detailed rules about the videos it permits and prohibits, seeking to respond to concerns that its policies to protect users failed to keep pace with its meteoric rise.
Twitter will put options to limit replies directly on the compose screen (The Verge) They’re inspired by Twitter’s beta app.
Ring has terminated employees for abusing access to people’s video data, Amazon tells lawmakers (Washington Post) The employees were fired after accessing users' data in a way that “exceeded what was necessary for their job functions,” an Amazon official said.
Legislation, Policy, and Regulation
‘Launch, launch, launch’: Inside the Trump administration as the Iranian missiles began to fall (Washington Post) An early warning helped soldiers in Iraq take cover and gave President Trump more time to plan a response.
Iran didn’t kill anyone in missile attack, spurring hopes for de-escalation (Military Times) With no casualties, the strikes may give the U.S. an opportunity to ease tensions with Iran.
Trump says Iran is ‘standing down’ after missile attacks on US troops (Military Times) The president's remarks came the morning after Iran fired more than a dozen rockets at U.S. base housing sites in Iraq.
Iraqi Shia cleric whose militia killed American troops says crisis is over following Iran strike and Trump speech (Military Times) Muqtada al-Sadr, whose Mahdi army led a resistance against American troops following the U.S.-led invasion of Iraq in 2003, also called for restraint and patience.
()
Trump wants NATO to be more involved in the Middle East. That may take some convincing. (Defense News) U.S. President Donald Trump called the NATO chief to ask for more regional support. Here's what was said.
()
Is a single cybersecurity congressional committee possible? (Fifth Domain) There is consensus among Congress that lawmakers need to consolidate their jurisdiction of cyber issues. One solution would be to move all cyber oversight to a single committee.
Litigation, Investigation, and Law Enforcement
Chhattisgarh panel says no govt link to WhatsApp snooping case involving activists (Hindustan Times) According to Citizen’s Lab report in October 2019, a Canada-based organisation that conducts research on cyber security, Pegasus and WhatsApp hacks were used in India by a group calling itself Ganges to target journalists and activists.
Air Force Could Tap Into Individuals’ Online Data to Combat Insider Threats (Nextgov.com) The request for information stems from an executive order issued in 2011.