The CyberWire Daily Briefing, 4.13.20

Dateline

China Pushes Viral Messages to Shape Coronavirus Narrative (Wall Street Journal) China has been buying up ads on U.S. social-media sites and adopting online tactics reminiscent of Russian disinformation campaigns in an apparent attempt to shape the story internationally about the coronavirus response, according to researchers analyzing the activity.

Far right-wing and radical Islamist groups are exploiting coronavirus turmoil (Washington Post) Security officials warn that extremist groups may be emboldened by the chaos.

Foreign Spies Are Targeting Americans on Zoom and Other Video Chat Platforms, U.S. Intel Officials Say (Time) Intelligence officials say China's cyberspies have moved fastest and most aggressively during the pandemic

Huawei warns UK against 5G U-turn after pandemic (BBC News) The telecoms firm faces risk of being cut out of 5G networks as part of a backlash against China.

Is NSO Group Using the Pandemic to Expand its Spying Capabilities? (Vice) In the name of helping governments quell the modern-day plague, the company might just be expanding its questionable business.

NHS phone app holds key to lifting UK’s coronavirus lockdown (Times) Ministers have ordered the creation of an NHS mobile phone app the government hopes will help end the coronavirus lockdown.The app would allow mobile phones to trace users who have come into contact

Thousands of techies in locked-down India are braving coronavirus daily to keep the world running (Quartz India) Essential services.

Covid-19 Has Wiped Out 33% of Cryptocurrency Scammers’ Revenue, But That’s Not the Whole Story (Chainalysis) Media outlets and governments around the world have warned of scammers taking advantage of the Covid-19 crisis.

Maharashtra's apex cyber-crime investigation unit cautions against frauds; over 180 cases registered so far (Mumbai Mirror) As cases of people having been duped by cyber criminals who are cashing in on the situation prevailing during the long lockdown period pour in, the state's nodal cyber crime investigation wing, Maharashtra Cyber, has made an appeal to citizens not to fall prey to the enticing overtures made by the crooks over social media/ text messages and e-mails to entrap the unsuspecting users.

When your laptop is your workspace, the real office never closes (Help Net Security) Given the laptop is the new office, did the office ever close? All applications are available in the cloud and users can access them from anywhere.

Small businesses unprepared for remote working, most don't provide cybersecurity training (Help Net Security) The move to a virtual workplace has increased cybersecurity concerns for small businesses, but many still have not implemented remote working policies.

Apple, Google to Turn Smartphones Into Coronavirus Tracking Devices (Wall Street Journal) In a rare joint effort among tech rivals that is likely to raise privacy concerns, software built into smartphones would alert users if they were in contact with someone infected with the pathogen.

How Apple and Google are tackling one of the toughest parts about tracking COVID-19 exposures (The Verge) Adoption is the hard part of contact tracing apps so far — but if it’s baked into the operating system, it gets a lot easier

Apple and Google are building a coronavirus tracking system into iOS and Android (The Verge) It will use Bluetooth connections, not location tracking.

Apps collecting data to help stop the virus spread must limit sharing of information, cybersecurity expert says (CNBC) Personal information shared for contact tracing purposes need to be limited so that it doesn't turn into a mass invasion of privacy long term, according to Josephine Wolff.

Why Bluetooth apps are bad at discovering new cases of COVID-19 (The Verge) False positives and rampant privacy issues suggest we need to make a new investment in hiring people. Public health workers offer a blueprint for contact tracing

Lockdown halts migration of nomadic tribes, may affect intel gathering by security forces (The Times of India) Nainital: The ongoing lockdown has affected the migration cycle of several nomadic hill tribes like Bhotiya, Shauka and Rung.

Demand for Video Calling Continues to Surge, Microsoft and Others Say (New York Times) Microsoft Corp said on Thursday that video calling and educational usage of its Teams productivity software had risen in recent weeks as employees work remotely and some U.S. schools cancel in-person classes for the rest of the academic year.

Google will show virtual care options more prominently in search results (The Verge) Telehealth services have seen a surge in demand due to the pandemic.

COVID-19 related phone scams and phishing attacks increasing (South Florida Times) The CDC has become aware that members of the general public are receiving calls appearing to originate from CDC ...

Is It Safe to Use Zoom? (Intelligencer) The video-call software has seen enormous growth and has had its many security issues exposed.

Zoom Isn’t Malware But Hackers Are Feeding That Narrative, And How: Zoom-Related Threats Up 2,000% (Forbes) Zoom isn't malware, and that's a fact. Another is that hackers are feeding that narrative.

Hackers love to find exploits in Zoom, sell on Dark Web (Express Computer) Video meet app Zoom that has gained immense popularity among the enterprises, SMBs and schools in India and elsewhere to connect remotely, has also become a treasure trove for both ethical and not-ethical hackers who have zeroed in on the video conferencing app to find privacy and security bugs and make money

Coronavirus: Zoom restricted or banned at multiple organisations (ComputerWeekly.com) Use of videoconferencing tool has been banned at Google and in parts of the German and US governments.

New York City forbids Zoom in schools, indicating security concerns (iTMunch) As schools lie vacant, students yet have to learn. But administrators in New York City say that schools are not allowed to use Zoom for distant teaching, indicating security concerns with the video conferencing facility. Instead, the city’s Dept. of Education is transitioning classes to Microsoft Teams, which the spokesperson stated has the “same abilities …

CU Boulder takes security precautions against “zoom bombing” (FOX31 Denver) Transitioning to an online work and class space has certainly come with some challenges. The FBI has warned about a rise in “zoombombing’ — hackers d…

Zoom hacking saga shows why cyber hygiene is so important (The Straits Times) While security and convenience are a fine balancing act for firms, users should not have to trade their privacy for convenience.. Read more at straitstimes.com.

The Viral ‘Study’ About Runners Spreading Coronavirus Is Not Actually a Study (Vice) Belgian researchers chose to bypass all standard science publishing protocols to publish research that has been overhyped and isn't well understood.

How not to get ‘rick-rolled’ on Zoom (The Star Online) With millions of Americans driven indoors by the novel coronavirus, they're turning in big numbers to teleconferencing and video-chat platforms to host happy hours with friends, both teach and attend classes, and conduct business meetings.

Government reports, once advisory, effectively law (News-Press NOW) The coronavirus sent many local and state agencies scrambling for guidance on how they should decide which businesses could remain open and which should shutter their doors.

Layoff Data Report: Startups Under Fire Amid COVID-19 Pandemic (Crunchbase News) Startup entrepreneur Roger Lee has counted a total of 204 verified layoffs of more than 16,000 people since March 11.

Looking for a Job? Big Tech Is Still Hiring (Wall Street Journal) With many people out of work as the nation limits business activity to fight coronavirus spread, well-capitalized tech companies have a chance to poach skilled workers who until recently were gravitating to smaller upstarts, veteran technology recruiters say.

Big Tech Ensures a Payday (Silicon Valley Business Journal) Silicon Valley's giants haven't forgotten their vendors

Demand for cybersecurity in India to rise post COVID-19 (Express Computer) Digitisation in India will dramatically rise in a post COVID-19 scenario which in turn will increase demand for greater cybersecurity and privacy, experts said

Ravens' Harbaugh worried about tech security (ESPN) Ravens coach John Harbaugh is concerned about team information being hacked with new technology being rolled out because of the coronavirus.

All I need in life is this Facebook group where everyone pretends to be ants (The Verge) It’s just as wholesome as it sounds.

Helping existing customers is key for Forcepoint channel (MicroscopeUK) Recently appointed EMEA vice-president of sales shares his view of how Forcepoint channel will get through the coronavirus and grow in the future.

Dell Technologies Bolsters PC Security for Today's Remote Workers (Direct2DellEMC) Cybercriminals are opportunistic by nature, altering their attack methods to compromise endpoints and access critical data. This is never truer than

Free Security Evaluation for Healthcare Provider Teams (Axonius) We're offering a free cybersecurity evaluation to healthcare provider teams to help find blind spots in their security posture as they adapt to a remote workforce.

CPSI Launches Turnkey Telehealth Solution to Help Providers Address th (PRWeb) CPSI (NASDAQ: CPSI), a community healthcare solutions company, is launching a new solution, TalkWithYourDoc.com. By leveraging technology developed by its wholly...

Hackers Invited to Share Bug Bounties with #COVID19 Charity (Infosecurity Magazine) HackerOne makes it easy for hackers to donate bug bounties to the COVID-19 Solidarity Response Fund

Virtual cybersecurity conferences: An expanding list (The Daily Swig) With in-person events now impossible due to Covid-19, many orgs are taking their security conferences online

Cyber Attacks, Threats, and Vulnerabilities

Russian Trolls Hype Coronavirus and Giuliani Conspiracies (The Daily Beast) A Daily Beast investigation reveals dozens of Russian accounts pushing disinformation on everything from Joe Biden to the origin of the novel coronavirus.

Security Companies in South Korea Discover North Korean Cyberattack (Radio Free Asia) Hackers attempted to break into an unknown target using information about South Korean political candidates who escaped from North Korea.

New Wiper Malware impersonates security researchers as prank (BleepingComputer) A malware distributor has decided to play a nasty prank by locking victim's computers before they can start Windows and then blaming the infection on two well-known and respected security researchers.

San Francisco Intl Airport discloses data breach after hack (BleepingComputer) San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020.

San Francisco Airport Cyber Attack Confirmed: Windows Passwords Stolen (Forbes) Hackers compromised SFO websites and stole Windows login credentials, airport breach notice warns

2 San Francisco Int. airport websites hacked with info-stealer code (HackRead) Both websites were hacked in March 2020, allowing unknown hackers to steal sensitive data including passwords.

Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay (Register) Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs

Sodinokibi Ransomware to stop taking Bitcoin to hide money trail (BleepingComputer) The Sodinokibi Ransomware has started to accept the Monero cryptocurrency to make it harder for law enforcement to track ransom payments and plans to stop allowing bitcoin payments in the future.

Latest Botnet Offers DDoS Attacks on Demand (BankInfo Security) The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch

Staff mailboxes at Italy's Monte dei Paschi suffer hacker attack: document (Reuters) Hackers have accessed the mailboxes of some employees at Italian state-owned bank Monte dei Paschi ‹BMPS.MI› and sent emails to clients, according to a notice to customers seen by Reuters.

Suspecting Cyber Attack, MSC Reports Network Outage (gCaptain) Mediterranean Shipping Company says it has experienced a network outage and it cannot rule out the possibility of a cyber attack, the company said Friday. The outage began in one of MSC’s data centers in Geneva, Switzerland and the company shut down its servers in response. In an update late Friday, the company said the …

Sextortion emails and porn scams are back – don’t let them scare you! (Naked Security) There is no video and the whole thing is a scam to prey on your fears.

PENNCREST officials: Cyber-attack in February has been resolved (Meadville Tribune ) A cyber-attack on PENNCREST School District in February has been resolved with no exposure of personal information or other sensitive data, according to district officials.

User briefly shares graphic images after taking over Milwaukee Election Commission Zoom meeting (TMJ4) An unidentified user briefly hijacked the Milwaukee Election Commission's Zoom meeting Sunday, taking over the screen and sharing graphic imagery.

Cyber trolls' message to Meghan Markle demanding the 'return of Harry to UK' (Honey) Prince Harry and Meghan Markle's recent departure from the royal family has drawn attention from trolls across the world.

Security Patches, Mitigations, and Software Updates

VMWare releases fix for critical vCenter Server vulnerability (BleepingComputer) VMware released a security update that fixes a critical vulnerability in the vCenter Server virtual infrastructure management platform that could allow attackers to gain access to sensitive information and potentially take control of affected virtual appliances or Windows systems.

Cyber Trends

Thales Data Threat Report: Cloud an ‘Inflection Point’ for Data Security (Channel Futures) The new Thales Data Threat Report from IDC shows digital transformation projects are complicating data security efforts, especially in the cloud.

UK businesses at risk of losing £6 million through credit card theft (Business Matters) A staggering £6million could be lost in the UK as result of corporate credit card theft, with 500,000 workers holding a business credit card

Singapore Ranks Most Prepared in Cybersecurity Readiness: Deloitte (CISO MAG | Cyber Security Magazine) According to the Deloitte Cyber Smart Index, Singapore is the most prepared economy to tackle cyberattacks in the APAC region

Was Leisure Suit Larry Really an Accomplice in Early Banking Cyberattacks? (Vice) In the late 80s, Sierra's hokey horndog was connected to a major computer virus, and rumor had it that the publisher may have created it to punish pirates.

Marketplace

Airbrake Raises $11M to Monitor for Coding Errors in Real-Time (AustinInno) Buggy apps mean lost opportunities for businesses everywhere.

Bugcrowd raises $30M in Series D to expand its bug bounty platform (TechCrunch) The bug bounty company has raised $80 million to date.

Cato Networks seals significant investment to take SASE forward (ComputerWeekly.com) More validation for secure access service edge solutions as SD-WAN provider scoops cash injection

Huawei’s founder on cybersecurity and sanctions (South China Morning Post) In a recent interview with the South China Morning Post, the founder of Huawei, the world’s largest telecommunications equipment supplier and China’s biggest smartphone maker,…

Huawei courts more developers in app rivalry with Google, Apple (ABS-CBN News) Huawei called on developers to join its growing app marketplace, present in some 400 million devices, as it released its second premium smartphone with its own mobile services front and center.

Why Palo Alto Networks Stock Dropped 11% in March (The Motley Fool) Investors sold off most cybersecurity specialists last month.

Gambling company to set aside $30 million to deal with cyber-attack fallout (ZDNet) In the middle of a merger, SBTech will have $30 million placed in escrow to deal with the repercussions of a suspected ransomware infection.

Coalfire's Bayerkohler Wins Women Leaders In Technology Award (The Grand Junction Daily Sentinel) Coalfire, a provider of cybersecurity advisory and assessment services, announced today that Anne Bayerkohler, director of quality and compliance at Coalfire, has been

Incoming IBM CEO Arvind Krishna faces monumental challenges on multiple fronts (TechCrunch) Arvind Krishna is not the only CEO to step into a new job this week, but he is the only one charged with helping turn around one of the world’s most iconic companies. Adding to the degree of difficulty, he took the role in the midst of a global pandemic and economic crisis. No pressure [&hell…

ForgeRock Appoints New Chief Technology Officer (Globe Newswire) Globally recognized technologist Eve Maler will draw on 20 years of digital identity and security experience to help shape the company’s next stage of growth and innovation

AttackIQ Strengthens Leadership Team with New Chief Marketing Officer and Senior Director of Cybersecurity Strategy and Policy (BusinessWire) AttackIQⓇ, the leading independent vendor of breach and attack simulation solutions, today announced the appointments of Julie O'Brien as chief market

Claroty Deepens Leadership Bench With of Chief Financial and CPO (AiThority) Claroty, the global leader in industrial cybersecurity, announced the appointment of Udi Bar Sela as CFO and Grant Geyer as CPO.

Former Homeland Security Advisor Tom Bossert Joins Beacon Global Strategies' Board of Advisors (Yahoo) Beacon Global Strategies (BGS) is pleased to announce that Mr. Thomas P. Bossert, who most recently served as Assistant to the President for Homeland Security and Counterterrorism, has joined the firm's Board of Advisors.

GroupSense Names Adam Bregenzer Chief Technology Officer and Jeffrey Duran Chief Marketing Officer (PR Newswire) GroupSense, a digital risk protection company, today announced it has named Adam Bregenzer as chief technology officer and Jeffrey Duran as...

Products, Services, and Solutions

Congrats To The USAF and Wickr: This news could mean significant reduction in several key cyber risks for critical missions (CTOvision.com) I’ve know and used Wickr for quite a while. We use the pro version at OODA and strongly endorse it to all our OODA members (and even provide a discount to members wanting their own pro version here). We also use it whenever possible for business discussions external to the company. We have kicked the …

TransArmor Personal Data Protection from Fiserv tokenizes and encrypts personal data (Help Net Security) TransArmor Personal Data Protection from Fiserv, incorporating data security technology from Protegrity, helps businesses secure consumers’ personal data.

Social Distancing and Isolation—A Good Idea for You and Your Browser (Menlo Security) Just as physical isolation helps keep us virus free in the age of COVID-19, browser isolation does the same thing for your laptop or mobile device. As companies struggle to handle the sudden shift to a remote workforce, some are turning to cloud-based solutions to protect their users

How LoginRadius Can Help Retailers and E-commerce Industry to Manage Customer Identities (Security Boulevard) As the retail and e-commerce industry enters the new era of digitalization, customer experience while interacting with a brand has taken a giant leap forward. It has in fact, pushed products and services as a secondary entity to the overall shopping experience. They are no longer the driving motivation for shoppers to approach a store.

Technologies, Techniques, and Standards

How to Cover Your Tracks Every Time You Go Online (Wired) Online tracking can often feel downright invasive. From using VPNs to clearing browser histories, we've got your back.

Will Today's Cybersecurity Guidelines and Standards Become Mandates for Connected Aircraft Systems? (Avionics) Aviation cybersecurity mandates by the European Union Aviation Safety Agency (EASA) and the FAA are coming in the next two years.

You have to consider cybersecurity at all points of a cloud migration (Help Net Security) IT teams can take advantage of cloud native tools to help mitigate these risks, but they should not rely solely on these tools.

Rail Insider-Railroads, suppliers commit to transparency on cyber attacks. Information For Rail Career Professionals From Progressive Railroading Magazine (Progressive Railroading) Progressive Railroading - Railroads face a range of cyber threats from ransomware infestations to physical perimeter security.

Examining a Hospital Ransomware Outbreak (Healthcare Cybersecurity) Hospitals are quickly becoming one of the hackers’ favorite ransomware targets. The steady stream of media reports announcing the latest healthcare...

Cybersecurity efforts by N.C. National Guard responders help protect elections, governments and residents from attacks from variety of foes (Winston-Salem Journal) The team has been busy this year, with attacks increasing because of elections, the Republican National Convention scheduled in Charlotte this August, and even the coronavirus pandemic, according to NCNG

Research and Development

Data61 launches foundation to advance critical systems security (Security Brief Asia) “We are taking this step to increase participation from the seL4 community, to aid further adoption and provide a sustainable, long-term trajectory for seL4.

How the US can avert a 'quantum catastrophe' (GCN) A new report from the RAND Corp. called the threat to modern communications posed by quantum computing “urgent but manageable” and offered recommendations to government leaders.

Debunking Myths about Quantum Cryptography (Infosecurity Magazine) Given how much data is stolen from U.S. industry and government, quantum could be a huge problem.

Academia

Murray State student earns top 10 finish in Palo Alto Networks competition (Murray Ledger and Times) Murray State University telecommunications systems management (TSM) student Jesse Chowning from Bloomfield has been named a top 10 finalist in the Palo Alto Networks “Secure the Future Competition.”

Legislation, Policy and Regulation

The Role DHS Can Play in Election Security (Technology Solutions That Drive Government) DHS can play an advisory role in helping state and local governments bolster their cybersecurity ahead of November.

Litigation, Investigation, and Enforcement

Dutch police arrests suspect behind DDoS attacks on government sites (BleepingComputer) A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020.

Dutch Police takes down 15 DDoS-for-hire services in one week (HackRead) Europe has become a hub for cyber crimes ranging from online child abuse platforms to DDoS-for-hire services and dark web marketplaces being operated from the continent. At the same time, law enforcement authorities are doing what’s possible to tackle the issue.

PTA investigates data breach of 115mn Pakistani mobile users (Business Recorder) PTA is trying to verify the authenticity of the claim. A Pakistani cybersecurity company discovered a data dump of 115 million Pakistani mobile users' data, which have been put up for sale on t

DOJ finds errors in additional warrant applications (Federal Times) A Justice Department watchdog report from December found errors and omissions in applications to monitor the communications of a former Trump campaign aide, and an audit released last week found problems with additional applications between 2014 and 2019.

It’s Official: Every Aspect of Crossfire Hurricane Was Shady (National Review) The official explanation would be a lot easier to believe if every other aspect of the Russia-collusion investigation didn’t reek of corruption.

Barr on Durham Investigation: ‘Evidence Shows That We’re Not Dealing with Just Mistakes or Sloppiness’ (National Review) “And if people broke the law, and we can establish that with the evidence, they will be prosecuted,” Barr stated.

Barr says he supports Trump’s ouster of intelligence watchdog who received whistleblower complaint that helped spark impeachment (Washington Post) Barr said Trump “did the right thing” in removing Michael Atkinson as the intelligence community inspector general.

‘It’s Bull****’: Trump Aide Reveals Extent of ‘Russian Meddling’ in 2016 Race to Secret FBI Source (Sputnik) Instead of challenging him on policy, Donald Trump’s opponents spent nearly three years accusing the president of being a Russian agent, and claiming that the Kremlin...

Chicago, Equifax reach $1.5M Settlement Over Data Breach (Law360) The city of Chicago says it has reached a $1.5 million settlement to resolve a lawsuit against Equifax Inc. over a massive 2017 data breach that exposed the sensitive personal information of roughly 147 million people.

High Court Asked Not To Hear Facebook Privacy Case (Law360) A man convicted of murder in California urged the U.S. Supreme Court on Thursday not to take up Facebook and Twitter’s claim that privacy rights under the Stored Communications Act trump criminal defendants’ rights to evidence, saying his case is still working its way through the lower courts.

Ahmedabad: Cyber-crime police arrests man from Jamalpur for obscene post (Ahmedabad Mirror) The Ahmedabad Cyber-crime Police on Saturday arrested a man from Jamalpur area of the city for putting up obscene and derogatory posts on social media.

Prank or vendetta, but in any case a wiper. SFO hacked. Ransomware updates. DDoS-for-hire busts. COVID-19 and cybersecurity.

At a glance.

Bring your own context.

CSO Perspectives, now available to CyberWire Pro subscribers.