— The cybersecurity community during the COVID-19 emergency
5 cyber issues the coronavirus lays bare (Fifth Domain) As more and more U.S. schools and businesses shutter their doors, the rapidly evolving coronavirus pandemic is helping to expose society’s dependence — good and bad — on the digital world.
Pentagon denies ABC News report that intelligence warned of ‘cataclysmic’ coronavirus pandemic last November (Washington Examiner) WHAT, WHEN DID DOD KNOW?: The National Center for Medical Intelligence issued a rare public denial of a report by ABC News, which alleged that “concerns about what is now known to be the novel coronavirus pandemic were detailed in a November intelligence report” by the NCMI, which is part of the…
Battling COVID-19, is DoD prepared for an onslaught of disinfo and propaganda from foreign competitors? (Military Times) Until DoD shifts its paradigm for information, it will continue to lag behind not only China, but also Russia and extremist groups with a more systems level approach to national information strategy.
How the 5G coronavirus conspiracy theory tore through the internet (WIRED) From an interview with an obscure Belgian doctor to apparent arson attacks in the UK, the conspiracy theory that 5G is somehow linked to the coronavirus pandemic has spread unlike any other
Lies About Covid-19 Might Be Deadly, but They're Not Unique (Wired) When this is over, a return to “normal” for content moderation would be a huge mistake.
Latin America Under Threat of Cyber Crime Amid Coronavirus (InSight Crime) Online scams, ransomware attacks and phishing email schemes have proliferated in Latin America amid the coronavirus pandemic, exposing the dangers hackers pose to people, banks and governments.
Saudi CERT warns against phishing attacks in relation to COVID-19 (Arab News) The Saudi Computer Emergency Response Team (Saudi CERT) has warned that people are using the coronavirus disease (COVID-19) pandemic to initiate online phishing scams and attempt to steal personal information. “Be careful and beware of messages that you could receive from fake accounts under the name of the Ministry of Health asking you to click on an unknown link,” Saudi CERT wrote on Twitter.
Mumbai: In lockdown, crime moves from the street, to cyberspace (Free Press Journal) City cyberpolice have drawn up a list of hackers and historysheeters, which they are heavily scrutinising amid the lockdown, as there has been a significant rise in the number of cybercrimes in this period.
FBI Warns Financial Institutions To Beware of Coronavirus-Related Scams (Security Today) Business email compromise attacks continue to be effective, tricking victims into transferring funds to fraudulent accounts.
COVID-19 changed a lot, but threat actors & tools remain strangely familiar (SC Media) COVID-19 has forced massive changes upon businesses, but the overall cyber threat landscape remains fairly stable, according to researchers at FireEye.
Hackers move at lightning speed to take advantage of trends, even a global pandemic (Wandera) In this post, we will put a spotlight on one specific threat related to COVID-19 to demonstrate how nimble attackers are.
SafeBreach Hacker’s Playbook Updated for US-CERT Alert AA20-099A (SafeBreach) SafeBreach Labs has updated the Hacker's Playbook™ with new simulations for attacks described in US-CERT COVID-19 Exploited by Malicious Cyber Actors (AA20-099A) which details the growing use of COVID-19 related attacks by APT groups.
Coronavirus chaos ripe for hackers to exploit medical device vulnerabilities (MedTech Dive) Interpol warned that cybercriminals are using ransomware to target healthcare organizations already overwhelmed by COVID-19, and noted a significant increase in detected health system attacks since the start of the pandemic.
COVID-19 Part 4: Data Tells the Story (PerimeterX) Web Application Traffic and Bot Attacks Rise in Freelance, Media, E-learning and Marijuana Segments during pandemic.
Analysis: Internet traffic related to coronavirus - the good and the bad (Wandera) Wandera’s experts analyzed year-to-date queries from around the globe that were related to COVID-19 to see how traffic to both safe and malicious websites was trending.
Coronavirus on the darknet Pt 2: The scams keep on coming (DarkOwl | Dark Web Search Engine) This is a continuation of our previous discussion (linked below) about how the global pandemic has created an incredible surge in COVID-19 related scams on the dark web. DarkOwl analysts have been tracking the developments in DarkOwl Vision and have consolidated a round-up of some interesting, conce
Coronavirus scams on the darknet: Pt 1 (DarkOwl | Dark Web Search Engine) Viruses on the darknet are nothing new. You can easily find vendors selling Bots, Password Crackers, Rootkits, Adware, Backdoor Access, Keyloggers, or any other form of Malware, Toolkits and Viruses (MTV) across a wide swath of forums and marketplaces. So, when you see the darknet exploding with d
What cybersecurity threats are we seeing? (NTT Ltd.) Criminal organizations and hackers often take advantage of a crisis to escalate their attacks. The COVID-19 pandemic is no exception.
Cybercriminals now using malware and adware to exploit virtual meeting apps (TechRepublic) Skype is the most targeted app with 120,000 suspicious files exploiting its name, according to security provider Kaspersky.
Why Remote Collaboration Applications are the New Zero Day Frontier (Morphisec) Remote collaboration applications have become the new norm for how to conduct business, increasing the out-of-network attack surface for cyberattacks.
Google, Microsoft talk up security after Zoom firestorm (Computerworld) As Zoom continues to fight continuing privacy and security concerns about its platform, Microsoft and Google look to reassure users that their platforms are safe.
Microsoft shares new threat intelligence, security guidance during global crisis (Microsoft Security) Our threat intelligence shows that COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to the pandemic. We’re seeing a changing of lures, not a surge in attacks. These attacks are settling into the normal ebb and flow of the threat environment.
Zoom has fixed an eavesdropping issue tied to their 'waiting rooms' (CyberScoop) Zoom fixed an issue that would have allowed users in "waiting rooms" to spy on meetings even if they weren’t approved to attend them.
Zoom Security: Here’s What Zoom Is Doing To Make Its Service Safer (Forbes) After multiple security and privacy issues, people are worried about using video conferencing app Zoom. What is Zoom doing to make its service safer?
Zoom's CEO Wants You to Trust the Company Again (Time) 'We learned a lesson,' he said regarding issues with the company's privacy practices
Zoom creates council of CISOs to solve security, privacy issues (BleepingComputer) Zoom's CEO Eric S. Yuan announced today that the company has formed a CISO council and an advisory board to collaborate and share ideas on how to address the videoconferencing platform's current security and privacy issues.
WFH darling Zoom is a security and privacy disaster - let me count the ways (diginomica) Zoom isn't everyone's favorite in the current crisis or beyond.
Zoom should be criticized for poor communication rather than privacy, security, expert says (Notre Dame News) The video platform Zoom has experienced overnight success with offices and schools closed around the world due to the coronavirus pandemic. The increased usage has resulted in a string of security concerns, which, according to a University of Notre Dame cybersecurity and privacy expert, have largely been blown out of proportion.
No more Zoom for home learning after hacking incident (The Straits Times) All teachers will stop using video conferencing platform Zoom for their home-based teaching, after hackers hijacked the streaming of a lesson to show obscene pictures to some students.. Read more at straitstimes.com.
Despite FBI Warning, US Military, Government Workers Still Using Zoom (Voice of America) U.S. military and government employees continue to use the popular videoconferencing application Zoom for official business, despite FBI warnings about privacy and security issues, an action experts fear is increasing the risk of government data breaches.
US Senate, German government tell staff not to use Zoom (ZDNet) The two organizations now join a list that also includes the Taiwanese government, the Australian government, SpaceX, Google, and New York state area schools.
()
For some CIOs, the decision to limit the use of Zoom isn’t a big deal (Federal News Network) GSA and DHS’s Cybersecurity and Infrastructure Security Agency (CISA) told agencies that the Zoom for Government platform, which runs on a government community cloud and has received a Federal…
Comedian Hamish Blake's Stunt Zooms In on Critical Cybersecurity Threat (Epoch Times) Popular Australian comedian Hamish Blake may have alerted the world to a cybersecurity risk following his "Zoom for ...
DoD Lists Security Do’s and Don’ts for Teleworkers (FEDweek) The DoD CIO’s office has produced a document of IT security-related do’s and don’ts for teleworkers, a timely document government-wide as the number of
()
If Remote Working is the New Norm, How Do We Do it Securely? (Infosecurity Magazine) Remote working has become the new norm for many people
Panel Discussion: Cybersecurity and Privacy in the 'New Now' (BankInfo Security) The COVID-19 pandemic has dramatically changed how we live and work - for now. But will some of these changes last beyond the crisis? If so, what impact can we
RSA’s Carey Eyes Lessons Learned from Pandemic (MeriTalk Q&A) Robert Carey, VP/GM Global Public Sector Solutions at RSA Security, has rightly earned the ability to take the long view of large-scale technology deployments across both the private and public sectors. He’s six years into a second private-sector career with previous stops at GDIT and Vencore since capping off an eight-year run as CIO of the Department of the Navy, and then Principal Deputy CIO at the Department of Defense.
U.S. Intelligence Contractors Say Virus Relief Funding Rules Fall Short (New York Times) Contractors complain that guidelines released by the intelligence community are much stricter than the Pentagon’s — and it’s not always clear which set applies.
Real-time Data Could Save More People from Covid-19 (New Security Beat) It’s clear that the virus that causes Covid-19 travels freely. It needs no visa, having breached many points of entry. Experts at Imperial College London estimate that “in the absence of [...]
Morphisec Expands Threat Prevention Coverage to Collaboration Tools to (PRWeb) Morphisec, the leader in Advanced Threat Prevention, today announced it has added capabilities for hardening popular remote collaboration app
Hackers Invited to Share Bug Bounties with #COVID19 Charity (Infosecurity Magazine) HackerOne makes it easy for hackers to donate bug bounties to the COVID-19 Solidarity Response Fund
Verizon Media Launches COVID-19 Search Engine For Research (Media Post) The COVID-19 search engine will help medical professionals and researchers find data without having to build their own search back-end technology.
Free cybersecurity tools coming online to protect WFH staffers (SC Media) Several cybersecurity firms are going the extra mile to help customers set up a safe environment for their telecommuting workforce.
Security Conferences in 2020: What’s Canceled, Postponed, Going Virtual or Proceeding as Planned? (Security Magazine) Which security conferences have been canceled, postponed or going virtual in 2020 due to the coronavirus? Here is a list of security conferences for cybersecurity and physical security professionals, that are still proceeding as planned, going virtual or that have been postponed or canceled.
Cyber Attacks, Threats, and Vulnerabilities
Personal data of 115mn Pakistani mobile users go on sale on Dark Web (Business Recorder) The company that has found the data dump says that the cybercriminal behind this data breach is demanding $2.1 million for the data.A Pakistani cybersecurity company has discovered a data
Malvertising campaign spoofs Malwarebytes website to deliver info-stealer (SC Media) Adversaries created a fake webpage that impersonates Malwarebytes and used it as a gateway in a malvertising campaign designed to deliver an info-stealer.
Copycat Site Serves Up Raccoon Stealer (Threatpost) Visitors to the fake site expecting antivirus offerings will instead encounter the Fallout exploit kit and a possible malware infection.
Compromised Zoom Credentials Swapped in Underground Forums (Threatpost) Thousands of compromised Zoom credentials were discovered in underground forums as cybercriminals look to tap into the burgeoning remote workforce.
'Unkillable' Android Malware App Continues to Infect Devices Worldwide (Dark Reading) The xHelper Trojan has compromised over 55,000 devices so far, Kaspersky says.
This Android Malware Can Never be Deleted And Will Ruin Your Phone Even After Restore (News18) Once this malware is installed on the phone, it gives the xHelper’s handlers the full access to all apps and data on your Android phone as well as the ability to execute tasks.
Potential data breach reported at CMHIP (Pueblo Chieftain) Officials from the Colorado Department of Human Services Office of Behavioral Health said on Wednesday that the Colorado Mental Health Institute at Pueblo experienced a potential data breach.
Travelex paid the ransom, breach investigation still underway: report (CIO Dive) After discovering the attack, the company took down its websites globally to contain the spread of the virus.
Large email extortion campaign underway, DON'T PANIC! (BleepingComputer) A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer's webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends.
Rockwell Automation RSLinx Classic (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.8
ATTENTION: Low skill level to exploit
Vendor: Rockwell Automation
Equipment: RSLinx Classic
Vulnerability: Incorrect Permission Assignment for Critical Resource
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local authenticated attacker to execute malicious code when opening RSLinx Classic.
Steal This Fingerprint (Decipher) Research shows that attackers can bypass fingerprint sensors on some devices with as high as an 80 percent success rate.
Security Patches, Mitigations, and Software Updates
April 2020 Patch Tuesday forecast: Uncertainty reigns, but patching endures through pandemic (Help Net Security) April 2020 Patch Tuesday forecast: What's in store for us this month and what happenings defined the past 30 days? Find out from Ivanti.
Cyber Trends
2020 Q1 cybersecurity analyst call: "A sorting hat for cybersecurity." (The CyberWire) This quarterly analysts’ call took up the effects of the coronavirus pandemic on the cybersecurity sector, and of its implications for the practice of cybersecurity generally.
()
Why Cybersecurity Should Be Your Company's Next Social Good Investment (Security Boulevard) Focusing on security is a social responsibility every company should take to protect its consumers and its data, for the benefit of all.
Cybersecurity prevention can save your company $682K (TechRepublic) Ponemon study shows that 82% of attack costs go toward detection, containment, recovery, and remediation.
Marketplace
Navy, Senate Researching Cyber Services (Nextgov.com) The Navy is putting feelers out for an intelligence analyst, while the Senate explores the landscape for penetration testing.
Secretive big data company Palantir expects $1 billion in revenue this year and to break even for the first time in its 16-year history (Business Insider) Palantir is reportedly preparing for an IPO. It's known for its work with government organizations, including its controversial contracts with ICE.
Zscaler snaps up cloud security startup Cloudneeti (SiliconANGLE) Publicly traded cybersecurity provider Zscaler Inc. today said it’s acquiring Cloudneeti Corp., a Seattle startup that helps companies find configuration-related vulnerabilities in their cloud applications.
German security firm Avira has been acquired by Investcorp at a $180M valuation (TechCrunch) Mergers and acquisitions largely grinded to a halt at the end of March, in the wake of the coronavirus pandemic spreading around the world, but today comes news of a deal out of Europe that underscores where pockets of activity are still happening. Avira, a cybersecurity company based out of German…
Akamai CEO Touts Traffic Growth on its Platform, Warns of Increased Cybersecurity Risks (Media & Entertainment Services Alliance) Akamai saw global traffic on its platform grow 30% over the past month as Internet usage soared around the world amid the coronavirus crisis, according to Akama
Closing the cyber skills gap: Nine perspectives on Cyber 9/12 (Atlantic Council) On March 20-21, 2020, the Atlantic Council Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative executed its first-ever virtual Cyber 9/12 Strategy Challenge.
Cybersecurity and Compliance Experts Approved as BuyBoard Vendor (Yahoo) CampusGuard, a full service cybersecurity and compliance services firm focused on the specific needs of education institutions, state and local governments, agencies, and healthcare providers has been awarded a competitively procured BuyBoard National Purchasing Cooperative agreement for Software Services
F5 Updates End-to-End App Security with Optimized AI and Broadened Portfolio (Integration Developer News) F5 is bringing AI and machine learning to the tricky job of balancing app performance with security and protection. F5’s latest app-centric security rollout now sports technology from recently acquired Shape Security.
F5 on the hunt for DevOps channel specialists (MicroscopeUK) Security player is keen to make sure it has the resellers signed up to support its recent acquisitions.
Cybersecurity Engineer Interview Questions: 4 Ways to Prepare (Dice Insights) Cybersecurity engineer interview questions can take many forms, but all serve a singular purpose: Allowing a potential employer to evaluate how well you
Cofense Announces Key Additions to Leadership Team Including Former Proofpoint Executive (PR Newswire) On the heels of one of the strongest quarters in company history, Cofense® , the global leader in intelligent phishing defense solutions, today...
()
Products, Services, and Solutions
Appdome Joins Check Point Technology Partner Program, Introduces Appdome for SandBlast App Protect (PR Newswire) Appdome, the industry defining, no-code mobile integration and solutions platform, today announced that it has joined Check Point Software...
()
Technologies, Techniques, and Standards
How Can Critical National Infrastructure Be Protected From Cyber Threats? (CPO Magazine) While digitalisation increases productivity and output for critical national infrastructure, the industry needs to find a balance between the benefits of interconnectivity and exposure to cyber risks.
()
Never Pay Ransomware Hackers to Recover Data, Research Recommends (MSSP Alert) Nearly half of employees in North America businesses don’t know what to do should a ransomware attack hit their companies, Kaspersky research found.
It’s Official: The October 2020 Outdoor EMV Deadline Remains. How Does That Impact You? (Cybera) The COVID-19 pandemic has been front-and-center in the global news cycle for the past few months, and the impact continues to permeate our daily lives. But we’ve recently seen a specific piece of industry news that will have profound implications for all fuel and C-store retailers: The Outdoor EMV deadline.
()
Design and Innovation
All hackers in the Cyber 2.0 International Hackers Challenge fail (Jerusalem Post) With no winner, the NIS 10,000 prize was instead donated to the charity group the "Good Guys Association." However, it will not be the last such challenge.
Research and Development
DARPA is pouring millions into a new AI defense program. Here are the companies leading the charge (Protocol) Intel and Georgia Tech are spearheading Pentagon-backed efforts to defend against attacks that could trick tomorrow's self-driving cars, facial recognition and weapons detection software.
DARPA snags Intel to lead its machine learning security tech (TechCrunch) Deception attacks, although rare, can meddle with machine learning algorithms.
Intel Joins Georgia Tech in DARPA Program to Mitigate Machine Learning Deception Attacks (Intel Newsroom) What's New: Intel and the Georgia Institute of Technology (Georgia Tech) announced today that they have been selected to lead a Guaranteeing Artificial
In the Battle Against the Machines, She’s Holding Her Ground (New York Times) Ellie Leonard’s transcription business has thrived, despite the arrival of automated services and advancing A.I. technology.
Academia
UGA likely to add advanced degree in cybersecurity (Online Athens) The University System of Georgia is poised to add a new advanced degree in cybersecurity.
Legislation, Policy, and Regulation
()
()
Germany moves to make it easier to block foreign takeovers (KATU) Germany's Cabinet on Wednesday approved legislation that will make it easier for authorities to prevent foreign takeovers of strategically important companies. The changes are meant to bring rules in Germany, Europe's biggest economy, in line with a year-old European Union directive on screening foreign investment.
Signal sends smoke, er, signal: If Congress cripples anonymous speech with EARN IT Act, we'll shut US ops (Register) Secure messaging app says it could not continue operations in America under proposed law
Bipartisan group of senators demands Trump explain intel IG firing (POLITICO) The letter, signed by eight senators, represents Congress’ clearest denunciation yet of the decision to sack the intelligence community inspector general.
D.C. enacts data breach requirements and consumer protections (Lexology) On March 26, the mayor of the District of Columbia signed Act 23-268 to expand data privacy and consumer protection measures. Among other things, the…
Litigation, Investigation, and Law Enforcement
()
Facebook just filed a lawsuit against a software engineer who it says was helping scammers dodge its ad-review system and post ads related to coronavirus, cryptocurrency and diet pills (Business Insider) Cloaking fools ad-review systems by showing websites that wouldn't raise red flags while users would see an entirely different website, Facebook said.
9th Circ. Revives Wiretap Claims In Facebook Privacy Suit (Law360) The Ninth Circuit ruled Thursday that Facebook users accusing the company of unlawfully tracking browsing histories could move forward with several wiretap and privacy claims, but that they had failed to allege the necessary elements for three other allegations.
Google Can't Ditch Privacy Suit Over Recording Users (Law360) A California federal judge said Thursday she'll likely trim some claims from a proposed class action alleging Google Assistant software surreptitiously records consumers without consent in violation of privacy laws, but she'll allow the consumers a chance to amend their complaint.
Amazon Can't Arbitrate Kids' Alexa Privacy Battle (Law360) A Seattle federal judge on Thursday shot down Amazon's bid to arbitrate suits brought by children alleging its Alexa voice-activated speakers violate state privacy laws, saying the children cannot be bound by the arbitration agreement in the conditions of use for a product their parents bought.