— The cybersecurity community during the COVID-19 emergency
Interpol: Ransomware attacks on hospitals are increasing (BleepingComputer) The INTERPOL (short for International Criminal Police Organisation) warns that cybercriminals are increasingly attempting to lockout hospitals out of critical systems by attempting to deploy ransomware on their networks despite the currently ongoing COVID-19 pandemic.
FBI Cops 1200 Scam Complaints in a Single Week: Report (Smart Office) Working from home via telework could give scammers increased access via the software use to run it, the FBI has warned.
SEC Suspends Trading in Two Stocks Over Coronavirus Claims (Wall Street Journal) The SEC issued suspension orders for dental supplier No Borders Inc. and apparel maker Sandy Steele Unlimited Inc. on Friday.
Coronavirus-related cyberattacks surge in Brazil (ZDNet) There has been a 124% increase in phishing attacks in March as a result of WhatsApp messages with content relating to the pandemic.
Australia on the cyber offence to bring down COVID-19 scammers (ZDNet) Cracking down on offshore cyber criminals who are targeting Australian households and businesses through devious scams and attacks amid the coronavirus outbreak.
Authoritarian Regimes Seek To Take Advantage of the Coronavirus Pandemic (Center for American Progress) This troubling trend could lead to greater global competition at a time when cooperation between world powers is needed more than ever.
Coronavirus is testing the limits of Russia’s surveillance state (Washington Post) Moscow held back on requiring digital bar codes to leave home, but other regions are pushing ahead with mobile tracking.
Covid-19: the race to create privacy-focused contact tracing tools (Computing) As authorities seek technological solutions to the pandemic, experts fear the consequences for civil liberties
YouTube tries to limit spread of false 5G coronavirus claims after cellphone towers attacked (CNN) YouTube and other social media platforms are taking steps to limit the spread of conspiracy theories falsely connecting 5G networks and the coronavirus pandemic after a string of attacks on cellphone towers.
How Facebook is battling dangerous 5G coronavirus conspiracy theories (The Telegraph) The Government will meet with top social media companies such as Facebook this week after a wave of attacks on phone masts
WhatsApp imposes new limit on message forwarding to curtail spread of fake news (Computing) User are now allowed to forward a message to only one chat at a time
How to mitigate the privacy issues of video conferencing platforms (Computing) Legal experts from Kemp Little explain what individuals and organisations should do to mitigate some of the many privacy concerns inherent in some of the major video conferencing platforms available today
Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know (The Hacker News) Use Zoom Video Conferencing App? — Here's Everything You Need to Know Why Zoom Making So Many Negative Headlines In Cybersecurity
[Letter to Zoom about security and privacy] (Senator Michael Bennett) Dear Mr. Yuan: The outbreak of the novel Coronavirus Disease 2019 has required an unprecedented reliance on video conferencing platforms like Zoom.
Cyber criminals are trying a new trick to cash in on Zoom's popularity (ZDNet) As remote working becomes the norm because of coronavirus, cyber attackers are taking advantage by tricking people into downloading malware.
Who Knew Microsoft Will be Winning at User Security & Privacy (Wccftech) Who Knew Microsoft Will be Winning at Security & Privacy - Company Takes on Zoom's Privacy Disasters & Allays Fears of Microsoft Teams
Analysis | The Cybersecurity 202: Virtual campaigning could give hackers new ways to attack the 2020 election (Washington Post) Yet campaigns aren't giving details about how they are protecting themselves.
Pandemic Raises Cyberattack Fears; Election Security Trouble? (Governing) This week’s security newsletter covers the growing concerns about hacker opportunities while states and localities struggle to manage operations during the COVID-19 outbreak. Meanwhile, what to do about election security?
Technology: This is how African cyberspace has reacted to the coronavirus (The Union Journal) Between isolation measures, curfews, social distances and all kinds of limits to physical contact, social networks in Africa, like in many other corners of the world, have become a kind of window. It
Remote working has increased risk of a cyber breach, say over 70% of UK businesses (The Commentator) Research from Centrify has revealed that over three quarters of UK companies believe the risk of a cyber increase is much higher due to remote working during the Covid-19 crisis
Don’t just put the latest cybersecurity report on a shelf because of the pandemic (Fifth Domain) A new report to Congress made roughly 75 recommendations for how the United States can better protect and defend against cyberattacks, but this list may be too much as the administration and Congress will likely be too much following the COVID-19 pandemic.
House allows staffers to introduce bills via secure email amid coronavirus pandemic (Federal News Network) The House, after some initial reluctance, is taking steps for members and their staff to work remotely more easily during the coronavirus pandemic.
Spies, Unable to Telework, Adapt Their Access to U.S. Secrets (Wall Street Journal) By splitting some of their teams, U.S. spy services are taking steps similar to those being implemented or considered by some large private employers.
Introducing Splunk Remote Work Insights: Our Solution for the New Work-from-Home Reality (Splunk-Blogs) Introducing Splunk Remote Work Insights (RWI), a solution composed of technical add-ons, dashboards and connectors to deliver real-time visibility across multiple disparate systems
Microsoft Launches Free Zero Trust Assessment Tool (SecurityWeek) Microsoft has launched a free zero trust assessment tool that helps organizations see where they are and provides recommendations for moving forward
Free MOBILEOC (Critical Start) Free use of CRITICALSTART’s platform developed to provide remote collaboration, workflow, and response for a SOC.
Free Cybersecurity for 90 Days During COVID-19 Pandemic (Trinity Cyber) Please sign up to receive Trinity Cyber’s no obligation service for 90 days
Cyber Attacks, Threats, and Vulnerabilities
Decade of the RATs: Novel APT Attacks Targeting Linux, Windows and Android (Inside BlackBerry) BlackBerry researchers have released a new report that examines how five related APT groups operating in the interest of the Chinese government have systematically targeted Linux servers, Windows systems and Android mobile devices while remaining undetected for nearly a decade.
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather
than Skill — Intelligence for Vulnerability Management, Part One (FireEye) FireEye Mandiant Threat Intelligence documented more zero-days exploited in 2019 than any of the previous three years.
This Map Shows the Global Spread of Zero-Day Hacking Techniques (Wired) The collection of countries using those secret hacking techniques has expanded far beyond the usual suspects.
Roaring trade in zero-days means more vulns are falling into the hands of state spies, warn security researchers (Register) Flaw variety hipper with snoops than cash-hungry crooks right now
More Attackers Have Begun Using Zero-Day Exploits (Dark Reading) Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.
Darkhotel exploits zero-day in VPN to attack China assets (SC Magazine) North Korean hacking group accused of sophisticated campaign against global Chinese government interests
Magecart Hackers Continue Improving Skimmers (SecurityWeek) A Magecart Group 7 skimmer identified earlier this year has the ability to create iframes to steal payment data
8,000 Unprotected Redis Instances Accessible From Internet (SecurityWeek) Trend Micro’s security researchers discovered 8,000 unsecured Redis instances that were exposed to anyone with an Internet connection
Just 17 per cent of all internet-facing Microsoft Exchange servers are patched against CVE-2020-0688 vulnerability (Computing) More than 31,000 Exchange 2010 servers have received no update since 2012
80% of all exposed Exchange servers still unpatched for critical flaw (BleepingComputer) More than 350,000 of all Microsoft Exchange servers currently exposed on the Internet haven't yet been patched against the CVE-2020-0688 post-auth remote code execution vulnerability affecting all supported Microsoft Exchange Server versions.
These are the countries trying to hack US critical infrastructure (TechRepublic) Dan Patterson speaks with cybersecurity expert Robert Lee about how Russia, Iran, China, and North Korea pose a threat to US industrial infrastructures.
Hackers’ forum hacked, OGUsers database dumped (again) (Naked Security) A rival hacking forum has yet again hacked OGUsers and doxxed its database for one and all to grab.
FBI warns again of BEC scammers exploiting cloud email services (BleepingComputer) FBI's Internet Crime Complaint Center (IC3) has issued today a public service announcement warning of cybercriminals abusing popular cloud-based email services as part of Business Email Compromise (BEC) attacks.
Backdoors & Breaches: Logon Scripts (Black Hills Information Security) This blog post discusses the relevance and techniques involved in logon script abuse. While the Backdoors & Breaches card is featured for this topic, the post will provide context for understanding how an attacker can abuse this functionality and details that are useful in monitoring for such abuses. Operating systems typically have …
Vulnerability Summary for the Week of March 30, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Google Rolls Back Recently Introduced Chrome CSRF Protection (SecurityWeek) Google last week announced that it has started rolling back a cross-site request forgery (CSRF) protection introduced in early February with the release of Chrome 80
Apple Safari Flaws Enable One-Click Webcam Access (Threatpost) The white-hat hacker who discovered the vulnerabilities received a $75,000 from Apple's bug-bounty program.
The Economic Value of Prevention (Deep Instinct) Read the conclusive report on The Economic Value of Prevention in the Cybersecurity Lifecycle.
Microsoft Buys Corp.com So Bad Guys Can’t (KrebsOnSecurity) In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million.
Cato Networks Secures $77 Million Investment in Largest Funding Round Yet (Cato Networks) The latest investment brings the total funding above $200 million, demonstrating investors’ confidence in Cato's vision to provide enterprises with an agile and secure network that can adapt to whatever comes next.
Accellion Secures $120 Million in Financing Led by Bregal Sagemount to Accelerate Adoption of the Enterprise Content Firewall (Accellion) This investment positions Accellion to accelerate acquisitions to further consolidate siloed applications under the enterprise content firewall.
Privitar lands $80M as cybersecurity interest grows amid COVID-19 (PitchBook) Data privacy startup Privitar has raised $80 million, reflecting a growing investor interest in cybersecurity driven in part by the coronavirus outbreak.
CyberMDX Secures $20 Million in Funding to Secure Hospital Networks and Critical Medical and IoT Devices (PR Newswire) CyberMDX, a leading healthcare cybersecurity provider delivering visibility, threat prevention, and operational efficiency for medical devices,...
Okera Raises $15 Million to Meet Growing Customer Demand, Names Nick Halsey CEO | Markets Insider (Business Insider) Okera today announced the company has raised $15 million in new funding to help provide enterprises w...
BitMEX operator commits $400K to cybersecurity nonprofit Shadowserver (The Block) HDR Global Trading, the operator of cryptocurrency exchange BitMEX, has offered a $400,000 grant to nonprofit security organization Shadowserver Foundation
CISO MAG interview with Chris Wolf, Vice President, and CTO, Global Field & Industry, VMware (CISO MAG) In an exclusive interview with CISO MAG, Wolf discusses discuss how the Carbon Black acquisition will strengthen the security of VMware’s offerings.
Corero Reports Widened Annual Loss But Still (MorningstarUK) Corero Network Security PLC on Monday reported a widened loss for 2019 on ...
Scale Computing Delivers Record Quarterly Revenue with Growth Rate of (PRWeb) Scale Computing, a market leader in edge computing, virtualization and hyperconverged solutions, achieved record revenue in Q1 driven by the manufacturing, hea
Trend Micro Honored as 2019 Google Cloud Technology Partner of the Year for Security (Citizen Tribune) Trend Micro Incorporated ( TYO: 4704; TSE: 4704 ), a global leader in cybersecurity solutions, today announced that it has been awarded as the 2019 Google Cloud Technology Partner of the Year for Security. This award recognizes accomplishments on Google Cloud and further confirms Trend Micro’s leadership in cloud security.
Will Industry Veteran Tarek Kuzbari accomplish Cybereason dream to lead in Middle East ? (TechSprouts) In a recent announcement made by the ambitious cyber defence company, Cybereason, it launched its operations in the Middle East.
CACI adds former deputy national intelligence director to board (Washington Business Journal) The veteran of many intelligence community leadership posts will join the Arlington technology company immediately.
Cynet Expands North American Sales Operations with New Leadership and (PRWeb) Cynet today announced the official opening of the company's North American sales operations in Boston. The new office follows the recent app
Products, Services, and Solutions
Nozomi Networks and Deloitte Partner to Deliver IT, OT and IoT Security Services in EMEA (Nozomi) Relationship adds Nozomi Networks industrial strength OT and IoT visibility and threat detection capabilities to Deloitte’s portfolio of cyber risk solutions, including a Nozomi Networks managed security service across Deloitte’s Cyber Intelligence Centers in EMEA
Regulus Cyber Collaborates with HARMAN to Offer Software-Based GPS Cybersecurity Solution to Vehicle Manufacturers (Olean Times Herald) Regulus Cyber, creator of the first "anti-virus" software to protect satellite navigation and timing across a wide range of applications, including automotive, mobile,
Zilliqa partners with Bugcrowd to start Bug Bounty Program (CoinNewsSpan) Zilliqa has announced its strategic collaboration with Bugcrowd, to lay the foundation of its Bug Bounty program for its global customer base.
Deutsche Telekom Taps Palo Alto Networks’ Managed Security (SDxCentral) Palo Alto Networks scored another high-profile service provider partner in Telekom Security, Deutsche Telekom’s managed security services business.
Perception Point Receives Top Overall Ranking in SE Labs Independent Testing, Achieving 96% Accuracy Rating and 0% False Positive Rate (PR Newswire) Perception Point, a 360-degree Prevention as a Service company offering fast interception of any content-based attack across email and all...
Technologies, Techniques, and Standards
How to encourage “naturally secure” behaviour? (Teiss) How do you encourage "naturally secure behaviour" in your organisation? It all begins with "culture" says Bridget Kenyon, DIS EMEA CISO and Information Security Programmes, Thales.
Comprehensive Threat Detection (Bricata) Comprehensive network threat detection requires looking at traffic from several different perspectives. Read more in our blog.
The Critical Role of SSL Inspection to Avoid Secure Malware Delivery (Menlo Security) If you think the little green lock of https equals security, think again. Many people mistakenly assume that as long as an SSL certificate is present, they’re safe from attack, but that couldn’t be further from the truth.
Design and Innovation
Lesson of the Day: ‘This Sculpture Holds a Decades-Old C.I.A. Mystery. And Now, Another Clue.’ (New York Times) In this lesson, students will learn about attempts made to decode the sculpture Kryptos. Then, they will try some decoding on their own, or learn about historical code breakers.
Research and Development
General Motors Applies For Decentralized Blockchain Map Patent (Forbes) General Motors has applied for a blockchain patent that would see dynamic mapping uploaded to the blockchain.
Legislation, Policy, and Regulation
White House strategy paper to secure 5G envisions America leading global 5G development (CSO Online) Though light on details, the paper offers clues as to how the US government sees the development and security of 5G communications moving forward.
Huawei and the Third Offset (Council on Foreign Relations) In order to effectively mitigate the security risks posed by Huawei, the U.S. Department of Defense needs to fund and integrate cutting-edge technologies from the private sector.
U.S. chipmaking industry pushes back on proposed export rule changes (Reuters) Industry groups are pushing back on proposed changes to U.S. export controls that would impact the sale of certain semiconductors and other technology to China, while highlighting the role chips play in addressing the COVID-19 pandemic.
Congress flummoxed by firing of top intel watchdog (POLITICO) One senator called Trump's decision to fire Michael Atkinson “terrible on a lot of levels," while another didn't appear bothered by it.
The future of the Department of Homeland Security (Federal News Network) The threats to the U.S. are rapidly evolving. That’s prompted think tank The Atlantic Council to launch a big review called The Future of DHS project.
Litigation, Investigation, and Law Enforcement
Senate Intel Russia probe enters homestretch with key unanimous approval (POLITICO) The most recent report is the fourth in a series of five.
U.S. Labels Russian White Supremacist Group as Global Terrorist (Wall Street Journal) The Trump administration branded a Russian white supremacist group and its top members as global terrorists on Monday, making use of a tool normally used to target radical Islamist groups overseas.