— The cybersecurity community during the COVID-19 emergency
Coronavirus Will Not Delay Pentagon’s Contractor Cybersecurity Program, Official Says (Nextgov.com) The Defense Department signed an agreement with an accreditation body for the Cybersecurity Maturity Model Certification.
Cybercriminals' Promises to Pause During Pandemic Amount to Little (Dark Reading) As pandemic worsens, online profiteering -- from fraudsters to ransomware operators to cybercriminal hacking -- continues unabated, despite some promises from the underground.
Working from home makes you vulnerable to hackers. Here's how to stay safe (CNET) Now's the time for good tech hygiene, too.
Four Network Security Challenges for Organizations with a Remote Workforce (Core Security) Recently, the need for being able to work remotely has dominated the news, making it clear that the ability to connect from anywhere may soon become the norm for more businesses and industries than ever before. While remote work may be coveted by many employees, it can easily fill your cybersecurity team with dread. Telework can create many new security weaknesses for an IT environment, and can significantly increase your organization’s chance of a devastating data breach.
Remote work and cybersecurity: Coronavirus impact (SmartBrief) The coronavirus has caused an enormous shift to remote work across the globe. SmartBrief dives into why that might make organizations more vulnerable to cyber attacks.
Bug bounty platforms step up as coronavirus forces businesses to implement work from home policies (The Daily Swig) How is the Covid-19 pandemic affecting ethical hacking platforms?
COVID-19: Keeping Your Vulnerability Management Program on Track (Vulcan) With companies working remotely, vulnerability management may experience some challenges. All the while, it presents opportunities for the taking
DOD asks contractors to maximize telework capabilities (Defense Systems) The Pentagon is asking for 'maximum telework flexibilities' extended to DOD service members and civilian employees also be made available to contractors when possible.
Here’s the Pentagon’s all-inclusive guide to working through the coronavirus pandemic (Military Times) The Defense Department has issued comprehensive guidance for troops affected by the coronavirus pandemic.
COVID-19 Relief Bill Would Expand Remote Court Hearings (Law360) The U.S. Department of Justice would receive an extra $1 billion and the federal courts would get $7.5 million in a massive coronavirus relief bill that also would allow video or teleconferencing in some criminal hearings, according to a draft of the bipartisan deal reached early Wednesday.
Mobile networks send 'stay at home' Covid-19 text (BBC News) For the first time, UK mobile networks send out a government message with a link to more information.
Working from home? Switch off Amazon's Alexa (say lawyers) (ZDNet) One of the byproducts of doing all your work from home is that you might be discussing confidential matters. And who might overhear them? Well, there's your smart speakers....
Europe Tracks Residents’ Phones for Coronavirus Research (Wall Street Journal) Many European telecommunications companies are sharing mobile location data with governments to follow people’s movements after coronavirus lockdowns, focusing on compliance with privacy rules by anonymizing the data.
Akamai to slow down video game downloads during COVID-19 outbreak (ZDNet) Akamai says its working together with Microsoft and Sony to avoid global internet traffic bottlenecks.
Anomali Offers Open Source Threat Intelligence to Fight COVID-19-themed Cyber Attacks (AP NEWS) In response to the growing threat of Coronavirus (COVID-19)-themed cyberattacks, Anomali, a leader in intelligence-driven cybersecurity solutions, today publicly released over 6,000 open source Indicators of Compromise (IOCs) that were collected, curated, and validated by Anomali researchers.
Amid Coronavirus Outbreak, Bitdefender offers 12 months of FREE enterprise-grade security, for Healthcare Organizations (BW SC) BW Smart Cities - , Digital India-Cybersecurity without IT Overload, Comprehensive protection
SRA Launches Pandemic Risk Management Service (AiThority) SRA has experience in times such as these, having helped hundreds of banks effectively navigate the 2008 financial crisis
Microsoft will pause optional non-security Windows updates (Engadget) Because everyone, including IT people and Microsoft developers, already has enough to worry about right now, Microsoft is pausing all optional non-security releases for supported versions of Windows and server products. This will allow Microsoft to focus on security updates.
Election Integrity in COVID-19 Era (BankInfo Security) Matt Barrett and Joe Drissell of U.S. Cyberdome discuss the new initiative to foster cross-campaign cybersecurity collaboration and the ramifications of potentially
Cyber Attacks, Threats, and Vulnerabilities
Russian-Speaking Hackers Attack Pharma, Manufacturing Companies in Europe (BleepingComputer) Malware belonging to Russian-speaking threat actors was used in attacks in late January against at least two European companies in the pharmaceutical and manufacturing industries.
Group-IB: new financially motivated attacks in Western Europe traced to Russian-speaking threat actors (www.group-ib.com) Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected successful attacks in Western Europe carried out in late January 2020. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. Group-IB has immediately contacted the victims upon discovery. The tools used in the attacks were traced to Silence and TA505 — Russian-speaking financially-motivated groups.
Attacks by Silence (Group-IB) A comprehensive technical analysis of this small cybercriminal group’s tools, tactics, and evolution. This is the first time Group-IB’s reports of this kind have been made publicly available.
An Elite Spy Group Used 5 Zero-Days to Hack North Koreans (Wired) South Korea is a prime suspect for exploiting the secret software vulnerabilities in a sophisticated espionage campaign.
South Korean APT uses five zero-day flaws to turn the tables on North Korea (Computing) The group, linked to South Korea, used bugs in Internet Explorer, Google Chrome and the Windows Kernel to target North Koreans
Shadowy hacking group targets North Koreans, DPRK-focused professionals: Google (NK News - North Korea News) A sophisticated cyber group capitalized on a combination of five “zero-day” vulnerabilities to target persons inside North Korea and foreign individuals working on DPRK-related issues last year, a report issued by Google’s Threat Analysis Group (TAG) said Thursday. The report, which analyzed almost 40,000 warnings sent last year relating to government-backed phishing or malware attempts, …
‘Elite Hackers’ Thought Behind Cyber Attack On World Health Organization (Forbes) Is it thought that an elite hacking group was behind a cyber attack targeting the World Health Organization
Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits (SecurityWeek) A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take control of devices
Phineas Fisher Says They Paid $10,000 Bounty to Person Who Hacked Chilean Military (Vice) The notorious hacktivist announces they have given out a bounty to a hacker who breached the Chilean military.
Social Bluebook was hacked, exposing 217,000 influencer accounts (TechCrunch) Exclusive: TechCrunch obtained a copy of the database, which was breached in October 2019.
Rare BadUSB attack detected in the wild against US hospitality provider (ZDNet) Hackers use snail-mail to send target company an envelope with a malware-laced USB thumb drive.
BadUSB Stick Mailed to Company From ‘Best Buy’ (Infosecurity Magazine) Snail mail ‘phishing’ scam reveals rare sighting of thumb drive threat
Flaws in Diameter signalling protocol make all 4G networks prone to denial-of-service attacks (Computing) The protocol is used to authenticate message and information distribution in 4G networks
Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic (BleepingComputer) A currently unpatched security vulnerability affecting iOS 13.3.1 or later prevents virtual private networks (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users' data or leak their IP addresses.
Zoom iOS App Sends Data to Facebook Even if You Don’t Have a Facebook Account (Vice) Zoom's privacy policy isn't explicit about the data transfer to Facebook at all.
Who is listening to your Zoom call? Concerns grow over app's security (The Telegraph) When Boris Johnson hosted the country’s first ever videoconferenced Cabinet meeting on Tuesday, the event took place not through secret military video calling technology, but through Zoom.
Hackers target mobile users in Italy and Spain, taking advantage of coronavirus hot spots (CyberScoop) Attackers laced mobile apps with malware to try to steal data from Italian and Spanish residents looking for updates on the pandemic, according to ESET.
Malware Authors and Scammers Adapt to Current Events with Phishing and More (Forcepoint) Cyber criminals are opportunists that continuously evolve their methods of attack. And, as history has shown us, the bigger the global visibility of a cyberattack opportunity – be it government elections, religious holidays or global events such as we find ourselves in today – bad actors employ every tool in their arsenal to make the most of every attack opportunity.
KnowBe4, CyberFlorida warn malicious emails are on the rise amid Covid-19 (St Pete Catalyst) The jump in employees working from home to stop the spread of Covid-19 coronavirus has created an unwanted side effect. “The bad guys at the moment are going nuts with coronavirus scams,” Stu Sjouwerman, CEO of Clearwater cybersecurity training firm KnowBe4, told the St. Pete Catalyst. “We see three to four times more scams related [...]
Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic (BleepingComputer) The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic.
Free COVID-19 Threat List - Domain Risk Assessments for Coronavirus Threats (DomainTools) DomainTools is providing a free, curated list of high-risk COVID-19-related domains to support the community during the Coronavirus crisis. The list will be updated daily
Scammers Targeting New Remote Workers with Fake IT Emails (AppRiver) Security researchers have spotted scammers targeting new remote workers with fake emails from their employers’ IT departments.
Would You Exchange Your Security for a Gift Card? (Trustwave) We often talk about attackers targeting companies with social engineering attacks. These usually take the form of phishing attacks that attempt to trick the recipient into opening a malicious attachment or clicking on a malicious link. Less discussed are targeted attacks using physical media.
Advantech WebAccess (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess
Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of WebAccess, an HMI platform, are affected:
Maze ransomware group claims to have encrypted Chubb cyber insurer's systems (Computing) Chubb rejects the ransomware pgroup's claim, however, saying its network is fully operational
Cyber insurer Chubb had data stolen in Maze ransomware attack (TechCrunch) The breach occurred in March.
Ameren Missouri Equipment Supplier Targeted In Ransomware Attack (Saint Louis Public Radio) Ransomware attackers have stolen data from a third-party vendor that supplies utility equipment to Ameren Missouri power plants. Dozens of data files from
AMD Confirms Hacker Stole Information on Graphics Products (SecurityWeek) A hacker has stolen files related to some AMD GPUs and they plan on making them all public unless they get paid.
140K Patients Impacted in Tandem Diabetes Care Phishing Attack (HealthITSecurity) This week's breach roundup is led by a phishing attack on Tandem Diabetes Care in California, which potentially breached the data of 140,000 patients for three days in March.
USC, school districts getting 'Zoom-bombed' with racist taunts, porn as they transition to online meetings (Los Angeles Times) USC officials said they learned Tuesday that some online Zoom classes had been "disrupted by people who used racist and vile language."
Watch out! Scummy scammers target home deliveries (Naked Security) Anxiously waiting for a home delivery? Don’t be tricked by a message that says there’s a problem with your address…
Shelby still recovering from cyber attack (Shelby Star) The city of Shelby is still recovering from a cyber attack that shut down many city systems.
If there's something strange in Symantec's neighborhood, who you gonna call? Not Broadcom, it seems: Systems go down, cut off customers (Register) And now back on their feet after global two-hour wobble
Security Patches, Mitigations, and Software Updates
HPE says firmware bug will brick some SSDs starting in October this year (ZDNet) HPE releases firmware patch to prevent some SSDs from failing after reaching 40,000 hours of operation.
Remote Code Execution Vulnerability Patched in OpenWrt (SecurityWeek) A vulnerability that OpenWrt addressed in its opkg fork could have been exploited for the remote execution of arbitrary code
No Patch for VPN Bypass Flaw Discovered in iOS (SecurityWeek) Proton Technologies, the developer of ProtonMail and ProtonVPN, this week disclosed the existence of an unpatched iOS flaw that causes some VPN traffic to remain unencrypted
Cyber Trends
Public entities are under (cyber)attack (PropertyCasualty360) No one is immune to cyberattacks, but the risks are only expected to increase in the coming years.
Identifying vulnerabilities and protecting you from phishing (Google) Sharing the latest work from Google’s Threat Analyst Group to fight phishing attacks and identify attacks against zero-day vulnerabilities.
2019 Review: Cyber Threats and Trends Report (Neustar) Discover the latest trends in DDoS attacks and how to keep your organization safe. Learn more about prevention tactics, threat vectors, and more. Download today
The engineering world is still not keeping up with cyber security nor is there adequate standards coordination (Control Global) I have been very critical of the networking community not working with the engineering community on control system cyber security. However, I came across examples of the engineering community still not being aware of control system cyber security and its impact on systems engineering and safety.
Worrying gap in local consumer cybersecurity savvy (Security Brief) New research shows A/NZ consumers feel clued in, but there’s clear room for improvement in their education and tools.
Marketplace
Insurance Giant Munich Re Invests in Rogue Device Mitigation Firm Sepio Systems (SecurityWeek) Sepio Systems, a rogue device mitigation firm, has raised a further $4 million that supplements the Series A round of $6.5 million announced in November 2019.
Humio Raises $20 Million in Series B Funding (SecurityWeek) Log management platform Humio this week announced that it closed a $20 million Series B funding round, bringing the total investment raised to date to $32 million.
Amid an almost certain recession, KnowBe4 CEO preps for growth (St Pete Catalyst) Stu Sjouwerman, CEO of Clearwater cybersecurity training business KnowBe4 — the first technology unicorn headquartered in the Tampa-St. Petersburg area — is starting to run the privately held company as if it were a publicly traded firm. The company has recently brought two veterans of public company boards onto its own board of directors and [...]
SecureMisr acquired by Cysiv, a Trend Micro Group company (SME Advisor) Combination of SecureMisr’s deep cybersecurity expertise and Cysiv’s technology platform, vision and strong Trend Micro heritage will create better defences against cyberattacks
Symantec's Strategy as a Broadcom Unit (BankInfo Security) Innovation, consolidation and integration will be key areas of focus for Symantec's enterprise security business following its acquisition by Broadcom, says CTO
Aryaka is recognized as a March 2020 Gartner Peer Insights Customers’ Choice for WAN Edge Infrastructure (AP NEWS) Aryaka, the cloud-first WAN company and the only fully managed end-to-end SD-WAN provider, today announced the company was named a 2020 Gartner Peer Insights Customers’ Choice for WAN Edge Infrastructure.
SyncDog Named Winner in the 16th Annual Info Security PG’s 2020 Global Excellence Awards® (Yahoo) SyncDog Named Winner in ISPG's 2020 Global Excellence Awards
Ordr Appoints Enterprise Security Veterans to Executive Bench (Ordr) Company hires first CSO, CMO, and VP of Product Management amidst rapid growth and expanding market demand
ForgeRock Expands Leadership Team to Extend Success in Cloud and Identity Governance (ForgeRock) Renee Beckloff, VP of Cloud Success, and Sudhakar Peddibhotla, VP of Engineering, join digital identity leader
Products, Services, and Solutions
Forter Enables Merchants to Offer Competitive Returns Policies without Worry (RealWire) Returns Abuse Annually Costs U.S. Retailers $24 Billion
London, UK - 24th March, 2020 - Forter, the leader in e-commerce fraud prevention, today announced the release of Forter Returns Abuse Protect
Akamai Delivers Fast Deployment and Edge Computing for Developers With March 2020 Release (Akamai) With each iteration, Akamai moves nearer to our goal of enabling elite performance by the development teams that depend on Akamai for delivering reliable and highly performant experiences to their customers. The March 2020 release empowers teams to develop at...
Distology partners with US security platform TrapX (Prolific North) Stockport-based security software provider Distology has announced its partnership in the UK with TrapX - a leader in cyber deception.
()
Fort Oglethorpe purchases additional protective security software (Northwest Georgia News) The city of Fort Oglethorpe has agreed to purchase new security software to combat possible cyber threats.
ESET Launches Linux Antivirus Because Malware Isn’t Just for Windows (Softpedia) ESET Endpoint Antivirus for Linux now available
Panorays and CSA partner to deliver visibility into SaaS and cloud providers (Help Net Security) Panorays are partnering with the CSA to be a licensed distributor of the CSA’s Consensus Assessment Initiative Questionnaire (CAIQ).
HP to Bring Bromium Security Technology to SMBs with Select Commercial PCs (Channel Futures) HP is broadening the reach of the Bromium endpoint virtualization technology it acquired.
5 Things To Know About HP's Newest PC Security Offerings (CRN) HP's newest PC security solutions include the HP Pro Security Edition and HP Proactive Security.
RF Activity Detected With Sensor Solution (RFID Journal) Bastille Networks has released a portable kit for temporary deployments to help government agencies and companies view and manage the wireless activity taking place in their secure areas.
Glass Class: High-performance Security - The PolyScale Architecture (Bitglass) How do cloud security architectural design decisions affect vendors’ ability to provide a performant, scalable, and reliable platform?
BitSight Joins Duck Creek Partner Ecosystem to Help Insurers Underwrite Cyber Coverage (Globe Newswire) Partnership helps P&C insurers quickly and confidently underwrite cyber insurance coverage with industry-leading security ratings
SureCloud teams up with BitSight to provide highly automated vendor assurance program (Bdaily Business News) SureCloud, the provider of cloud-based, integrated risk management solutions, has announced its collaboration with cybersecurity ratings company BitSight.
A look at MTD vendor Zimperium, and their new product suite, MAPS (BrianMadden.com) With so many mobile threat defense vendors out there, it's always good to look at one from time to time to see what they offer. This time around it's Zimperium and their new MAPS SKU.
Delta Risk Announces Enhanced Integration with VMware Carbon Black (BusinessWire) Delta Risk, a managed security service provider, has expanded its partnership with VMware Carbon Black, a leader in next-gen endpoint security.
Technologies, Techniques, and Standards
Tupperware Hacked: Card Skimmer LIVE After Firm Ignores Warning (Computer Business Review) Five days after Malwarebytes noticed that retailer Tupperware had a malicious credit card skimmer on its site, it's still actively stealing customer details
Vulnerability reporting is dysfunctional (Freedom to Tinker) In January, we released a study showing the ease of SIM swaps at five U.S. prepaid carriers.
MY TAKE: Deploying ‘machine learning’ at router level helps companies prepare for rise of 5G (The Last Watchdog) Machine learning (ML) and digital transformation (DX) go hand in glove. We’ve mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated. Related: Defending networks with no perimeter Machine learning already is deeply embedded in the online shopping, banking, entertainment and social media […]
ZTE says end-to-end network slicing is crucial in the 5G era (RCR Wireless News) ZTE proposes that operators can use the technology of network slicing to work as virtual private network for different types of terminals
Analysis | The Cybersecurity 202: Nationwide voting by mail will be a massive undertaking say those who've done it (Washington Post) 'It’s going to be a herculean effort, but failure is not an option,' said Washington state Secretary of State Kim Wyman.
Design and Innovation
Pioneering deep learning in the cyber security space: the new standard? (Information Age) Applying deep learning in the cyber security space has many benefits, such as the prediction of unknown threats and zero time classification
Legislation, Policy, and Regulation
Boris Johnson Tests Positive as Global Virus Cases Surpass 500,000 (Wall Street Journal) The British prime minister’s diagnosis comes as governments around the world step up enforcement to quell the spread of the coronavirus, imposing fines or even arresting people who flout restrictions on movement and social-distancing rules.
How China is Exploiting the Coronavirus to Weaken Democracies (Foreign Policy) Beijing is using the pandemic to drive wedges between members of the European Union, and to advance its propaganda war against the United States.
Is China winning the coronavirus response narrative in the EU? (Atlantic Council) In the competition over narratives around the coronavirus pandemic, after a strong early showing from China, the EU is catching up.
Exclusive: U.S. prepares crackdown on Huawei's global chip supply - sources (Reuters) Senior officials in the Trump administration agreed to new measures to restrict the global supply of chips to China's Huawei Technologies, sources familiar with the matter said, as the White House ramps up criticism of China over coronavirus.
US prepares crackdown on Huawei's global chip supply (CRN Australia) Senior cabinet officials in the Trump administration agreed to new measures.
New law aims to block China from spying on U.S. telecommunications networks (The Washington Times) President Trump on Tuesday signed a new law aimed at preventing China from penetrating American telecommunications networks for electronic spying and data collection.
Pelosi says House will take up coronavirus relief bill on Friday (CBS News) The Senate approved a $2 trillion emergency package late Wednesday, sending it to the House for approval.
Senate Stimulus Bill Includes Resources for Federal Telework and Contracting Community (Nextgov.com) Portions of the Senate’s stimulus bill address immediate technological challenges for government.
Who should be responsible for critical infrastructure’s cybersecurity? (Fifth Domain) A new survey asked IT professionals who they think should be tasked with securing critical infrastructure.
Commission suggests creating reserve force of civilian cybersecurity experts (Fifth Domain) A new commission suggests several changes to address the government's cybersecurity workforce problems
Should government pay the ransom from digital hijacking? (Fifth Domain) The best protection against ransomware is prevention. But when it happens, how should the government deal with it?
Doctrinal Confusion and Cultural Dysfunction in the Pentagon Over Information and Cyber Operations (Lawfare) Within the Department of Defense, terms such as “information warfare” and “psychological operations” have elastic and ambiguous meanings. What does this reveal about the Department’s approach to non-kinetic operations?
Litigation, Investigation, and Law Enforcement
Small-time actor peddled fake coronavirus cure to millions online, feds charge in first covid-19 prosecution (Washington Post) Keith Middlebrook is the first to face criminal fraud charges over a coronavirus scam.
Hong Kong Police Arrest Opposition Politician Under Colonial-Era Law (Wall Street Journal) Authorities arrested an elected opposition politician under a British colonial-era anti-sedition law after she shared a Facebook post containing personal information of a police officer who allegedly shot a journalist.