— The cybersecurity community during the COVID-19 emergency
Illusive Networks Discovers New Nation-State Cyberattack Tools Linked to COVID-19 Phishing Scam (PR Newswire) Illusive Networks®, the leader in deception-based cyber defense solutions, today revealed it detected and thwarted a nation-state attack linked...
Cybercriminals Actively Exploiting RDP to Target Remote Organizations (McAfee Blogs) The COVID-19 pandemic has prompted many companies to enable their employees to work remotely and, in a large number of cases, on a global scale. A key
CISA Warnings Highlight Myriad Security Threats (Decipher) Over the past few days, the Cybersecurity and Infrastructure Security Agency has issued several alerts warning about nation-state actors targeting healthcare and medical research organizations, as well as ways organizations should protect their remote workforce.
COVID-19 - Malware Makes Hay During a Pandemic (McAfee Blogs) Special thanks to Prajwala Rao, Oliver Devane, Shannon Cole, Ankit Goel and members of Malware Research for their contribution and monitoring of related
Twitter steps up its fight back against 5G coronavirus conspiracy theories (The Telegraph) The theory, which has spread on social media, has resulted in attacks on telecoms masts
UK comms experts continue to question contact-tracing app (ComputerWeekly.com) Academics and comms industry experts challenge UK government scientists on their defence of NHS contact-tracing app, in particular the issue of centralised data gathering.
India's Covid-19 Contact Tracing App Could Leak Patient Locations (Wired) The system's use of GPS data could let hackers pinpoint who reports a positive diagnosis.
A Scramble for Virus Apps That Do No Harm (New York Times) Dozens of tracking apps for smartphones are being used or developed to help contain the coronavirus pandemic. But there are worries about privacy and hastily written software.
Shin Bet cyber founder: Coronavirus surveillance needed to save lives (The Jerusalem Post) Maybe empower new body to replace agency in future, protect privacy
ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications (ExtraHop) New Report Details IoT and Other Connected Devices Trends During Pandemic; Identifies Biggest Security Gaps for Organizations
RDP Attacks Surged by 330% in The US Amid Pandemic (Atlas VPN) According to data extracted and analyzed by Atlas VPN, remote desktop protocol (RDP) attacks rocketed by 330% in the US amid the COVID-19 pandemic. The rise in cyber-attacks correlates almost precisely with the start of lockdowns worldwide from March 10, 2020.
The Price of Fame? Celebrities Face Unique Hacking Threats (Dark Reading) Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
A perfect cyber storm is brewing as Nigerian scammers add to COVID-19 response team woes (SC Margazine) A Nigerian cybercrime group SilverTerrier targets healthcare organisations critical to COVID-19 response. Organisations advised "apply extra scrutiny to COVID-19-related email attachments."
The Cybersecurity of Health (Council on Foreign Relations) The coronavirus pandemic has highlighted the need for a patient-centric approach to the cybersecurity of healthcare technology systems.
Experts warn companies to prepare for security breaches when travel restrictions lift (PhocusWire) Travel companies may have seen an increase in phishing attacks due to the volume of refunds issued recently, but experts say they should brace for security breaches as restrictions lift.
7 Tips for Security Pros Patching in a Pandemic (Dark Reading) The shift to remote work has worsened patch management challenges and created new ones. Security pros share insights and best practices.
SBA bans RPA for PPP loan applications after bots clog system (SearchEnterpriseAI) The Small Business Administration is no longer accepting RPA for Paycheck Protection Program (PPP) finance applications, after a flood of RPA-generated applications overwhelmed the agencies' systems and triggered technical problems.
Justice Department Eyes Fraud in Lending Program for Small Businesses Hit by Coronavirus Crisis (Wall Street Journal) Federal prosecutors are mounting a broad search for fraud in emergency lending programs designed to assist businesses battered by the coronavirus crisis, a top Justice Department official said Tuesday.
The Economic Shutdown's Impact on Security Budgets (Security Boulevard) Cybersecurity spending, even if only driven by industry and government regulatory compliance mandates, has proven itself to be relatively resilient
Cloudera cuts staff in response to Covid-19 (Silicon Valley Business Journal) The Palo Alto software company is the latest tech player to conduct layoffs in response to the coronavirus pandemic.
San Jose cloud giant furloughs 27% of global workforce (Silicon Valley Business Journal) Nutanix Inc., led by CEO Dheeraj Pandey, is furloughing almost 1,500 employees.
Cohesity cuts staff weeks after raising $250M at doubled valuation (Silicon Valley Business Journal) The move is the latest in a wave of cost-cutting by venture-backed companies in the Bay Area during a pandemic emergency that shut down much of the nation's economy.
FrontStream Unveils the Industry’s First Peer-to-Peer Fundraising Plat (PRWeb) FrontStream, the leading provider of a complete suite of products that empower registered nonprofit organizations and socially responsible corporations to raise m
Buguroo launches Covid-19 Online Banking Fraud Resources Centre to protect consumers against rising tide of phishing attacks (Global Security Mag Online) buguroo announced its new Covid-19 Online Banking Fraud Resources Centre, which consumers and companies located anywhere in the world can use to check whether Covid-related emails, SMS messages and social posts are scams. The service – which is free-of-charge – has been launched to counter the growing wave of phishing activity that has accompanied the Coronavirus outbreak.
Free IR for cyber security attacks aimed at hospitals (ITWeb) Dimension Data offers free incident response for cyber security attacks aimed at hospitals during the COVID-19 pandemic.
ESET to support EU CERTs with free access to threat intelligence during Covid-19 (Telecom Paper) ESET said it implemented measures to assist national Computer Emergency Response Teams within the EU (EU CERTs) in mitigating threats during the Covid-19 crisis.
Cyber Attacks, Threats, and Vulnerabilities
A Department of Defense bulletin on a 'leaking' sinkhole has baffled cybersecurity experts (CyberScoop) A bulletin in mid-April from the DCSA said China was stealing data from contractors. But how the DCSA came to that conclusion is complicated.
()
Detecting COR_PROFILER manipulation for persistence - Red Canary (Red Canary) Red Canary detected adversaries abusing Microsoft's COR_PROFILER to achieve persistence and bypass User Access Control (UAC).
Lazarus Group Hides macOS Spyware in 2FA Application (Threatpost) The Dacls RAT has been ported from an existing Linux version.
Two Popular VPNs Exposed Users to Attacks Via Fake Updates (SecurityWeek) Researchers have analyzed the 20 most popular VPNs and found that two of them had vulnerabilities that exposed users to attacks via fake updates
Hackers hide web skimmer behind a website's favicon (ZDNet) Hackers created a fake image-hosting portal to hide a web skimming operation.
Kaiji malware spawns ‘army’ of Internet of Things devices after gaining root access (SC Magazine) New details emerge after security researchers discovered another strain of malware specifically built to infect smart IoT devices and Linux-based servers.
For 8 years, a hacker operated a massive IoT botnet just to download Anime videos (ZDNet) The botnet consisted solely of D-Link NAS and NVR devices and the botnet peaked at 10,000 bots in 2015.
Abnormal Attack Stories: Cisco Webex Phishing (Abnormal Security) In this attack, attackers are impersonating a notification from Cisco Webex in order to steal the credentials of employees. Quick Summary Platform: Office 365Email Gateway: MessageLabs# Mailboxes: 2,800 to 5,000Victims: EmployeesPayload: Malicious LinkTechnique: Impersonation What was the attack? Setup: Companies have largely transitioned to working from home where they can in response to the current...
Large-scale attacks leave nearly a million WordPress websites at risk (SC Magazine) Massive growth in XSS flaw attacks on WordPress websites over past week - up 30 times - mostly from a single threat actor.
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19 (Votiro) What happened: Votiro’s Research Team has discovered a malicious macro hiding in Microsoft Excel spreadsheets delivered via phishing emails appearing to be from UPS, FedEx, and DHL. The Excel spreadsheet includes an obfuscated macro that launches PowerShell in hidden mode and downloads a payload from geronaga.com, a website that is registered with a Chinese website […]
193 Law Firms – Advanced Data Breach Disclosure Update (TurgenSec Community) TurgenSec discovered a data breach at a legal software provider affecting over 190 law firms, including three magic circle law firms. We posted our public statement of the matter on the 27th of April. It
York University cyber attack looks like ransomware, says security expert (IT World Canada) Last week Toronto’s York University fell victim to what appears to be a ransomware attack, according to cybersecurity expert David Masson, and
Security Patches, Mitigations, and Software Updates
Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability (Cisco Security - CiscoTest Application) The Cisco Security portal provides actionable intelligence for security threats and vulnerabilities in Cisco products and services and third-party products.
()
Instacart Patches SMS Spoofing Vulnerability Discovered by Tenable Research (Tenable®) As grocery delivery services have seen an increase in traffic from users during the coronavirus pandemic, Tenable Research identified an SMS spoofing flaw that could have allowed an attacker to sen
Cyber Trends
Phishing and Fraud in Financial Services Threat Research Update (ZeroFOX) The financial services industry continues to be impacted by both the benefits and the risks of digital transformation. FinServ institutions must acknowledge that in this world of digital business, cyberattackers now have equal access to consumers.
The State of XOps Report Reveals IT and InfoSec Alignment Increases IT Security Confidence by Three Times (SaltStack) The State of XOps Report from SaltStack reveals IT and InfoSec alignment increases IT security confidence by three times over siloed teams with broken comms
Acunetix Web Application Vulnerability Report 2020 (Acunetix) Every year, Acunetix releases a vulnerability testing report that shows the state of web security. This is the report for 2020.
The SecureAuth 2020 State of Identity Report (SecureAuth) SecureAuth conducted the research using an online survey among 2,000 general population consumers in the U.S. Data was collected between March 16 and March 21, 2020. With nearly 50% of survey respondents currently in the U.S. workforce, the survey provides an objective data set with respect to the security and privacy habits consumers apply in both their personal and professional lives.
Financial Phishing Attacks Take Off, Malware Declines (Dark Reading) In the past year, the number of digital threats increased by nearly half as phishing swamped malware to become the most dominant attack technique.
()
CrowdStrike Cautions UK Businesses Of Looming Cyber Security Threats (Security Informed) Cybersecurity expert CrowdStrike has issued a stark warning to British businesses, telling them to crack down on lax remote working policies now or risk catastrophic exposure at the hands of...
SANS 2020 Cyber Threat Intelligence (CTI) Survey Results (Anomali) The use of cyber threat intelligence (CTI) for network defense is growing, with 80% of respondents producing or consuming CTI, compared with 60% in 2017.
2020 State of Hybrid Cloud Security Infographic (FireMon) State of Hybrid Cloud Security. Gain key insights on how the lack of automation & visibility, and network security complexity are impacting digital transformation initiatives.
Marketplace
Cybersecurity Market Review for Q1 2020 (Momentum Cyber) We are pleased to provide you with Momentum’s Cybersecurity Market Review for Q1 2020. Strategic activity in Q1 continued its strong momentum with 144 transactions deploying over $10.8B across M&A (49 transactions, $8.4B) and financing (95 transactions, $2.4B). However, we have begun witnessing the impacts of COVID-19 at the start of Q2 and expect strategic activity to decline significantly.
Microsoft in Negotiations to Acquire Israeli Cybersecurity Company CyberX (CTECH) Estimated $170 million deal is set to be completed in June
Zoom buys Keybase — its first acquisition — as part of 90-day plan to fix security flaws (CNBC) Zoom CEO Eric Yuan said adding Keybase technology will allow users to make sure that intruders don't enter meetings.
Clear Skye Raises $4.95M Led by Toba Capital to Meet Growing Global Demand for SaaS Identity Governance and Administration Solutions (BusinessWire) Clear Skye® Inc., the better way to IGA company, today announced that it has closed a $4.95 million Series A round of funding led by Toba Capital. Rou
Xator closes deal for InCadence (Washington Technology) Xator has closed its acquisition of InCadence in a move that adds new contract vehicles and further builds the buyer's portfolio in C4ISR, national security and intelligence.
Carbonite, Webroot Hit Business Goals; Parent OpenText Restructures (ChannelE2E) Carbonite & Webroot hit financial targets in latest quarter. But parent OpenText cuts some staff & temporarily reduces salaries amid economic uncertainty.
Fidelis Cybersecurity Wins U.S. Cyber Command Competition (Fidelis Cybersecurity) Company’s innovative Network Traffic Analysis solution is named the winner of the “Rotten Apple in the Bushel” competition for its innovative machine learning analytics.
Portshift Chosen as a 2020 Red Herring Top 100 Europe Winner (PRWeb) Portshift, a leader in Kubernetes-native solutions, today announced that Portshift has been selected as a 2020 Red Herring Top 100 Europe winner. After much
TransUnion Accelerates the Expansion of its Global Fraud Business and Hires Shai Cohen to Lead it (TransUnion) Announces the Global Fraud & Identity Solutions Group; Cohen held leadership roles at RSA, EMC and Intel
ZeroNorth Appoints Chris Riley as Senior Vice President of Sales (ZeroNorth) Following a year of 300% ARR growth and the doubling of its customer base, ZeroNorth’s appoints Chris Riley as SVP of Sales to accelerate the company’s current momentum and ignite the company’s next phase of growth.
Strider announces John Mullen, Former Assistant Director of CIA, Joins Company as Advisor (PR Newswire) Strider Technologies, developer of the world's first economic statecraft technology platform, announced today that John Mullen has joined...
()
Matthew G. Devost Joins Flashpoint Board of Directors (Olean Times Herald) Flashpoint, the globally trusted leader in risk intelligence, has today announced that Matthew G. Devost has been appointed to the company's Board of
Products, Services, and Solutions
KnowBe4 Launches Kit to Help Strengthen Passwords for World Password Day (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has launched a new...
Exabeam Partners with Orca Tech to Accelerate Business Growth in Australia and New Zealand (Exabeam) Exabeam, the Smarter SIEM™ company, and Orca Technology (Orca[...]
Ermetic Launches Analytics-based Solution that Protects AWS, Google Cloud and Microsoft Azure from Data Breaches (Ermetic) Platform Automates the Detection and Remediation of Identity and Access-based Risks to Enable Continuous Enforcement of Least Privilege Policies at Scale.
New from Satellite 2020: GitHub Codespaces, GitHub Discussions, securing code in private repositories, and more (The GitHub Blog) See what we announced at our first virtual GitHub Satellite including a full dev environment on GitHub powered by VS Code, a new way to have discussions with your communities, new ways to secure projects with code scanning and secret scanning, and more.
CISA and INL Release Commercial Routing Assistance App (Idaho Falls Magazine) The Cybersecurity and Infrastructure Security Agency (CISA) and Idaho National Laboratory (INL) launched a new Commercial Routing Assistance (CRA) tool today for truckers and other commercial drivers in the U.S.
Government authorities secure mobile communication with crypto solutions from Sectra | Sectra Group (Sectra Group) International medical imaging IT and cybersecurity company Sectra (https://sectra.com/) (STO: SECT B) is receiving new orders for its crypto solutions for mobile telephony, smartphones and the blue-light operations’ communication network TETRA from several European government authorities.
InQuest Partners with Joe Security to Exclusively Deliver Joe Sandbox to the US Public Sector (Olean Times Herald) InQuest, a leading provider of enterprise-scale file analytics, threat hunting and threat prevention solutions, today announced an exclusive reseller agreement with Joe Security, a leading provider of automated malware analysis.
Technologies, Techniques, and Standards
Make passwords at least 13 characters long and protect email with a strong passphrase, police advise (Computing) With Covid-19 related fraud through the roof it's time to review password policy, says South East Regional Organised Crime Unit
#WorldPasswordDay 2020: Promoting Good Password Practice During #COVID19 (Infosecurity Magazine) Promoting good password practice has never been more important amid the unprecedented remote working situation
Webcast: Free Tools! How to Use Developer Tools and Javascript in Webapp Pentests (Black Hills Information Security) I like webapps, don’t you? Webapps have got to be the best way to learn about security. Why? Because they’re self-contained and so very transparent. You don’t need a big ol’ lab before you can play with them. You can run them in a single tiny VM or even tiny-er Docker image on your laptop. …
Threat Hunting IoT and IIoT Devices (Active Countermeasures) Intro One of the challenges of agent-based security solutions is that they leave you with blind spots. They will help to lock down […]
FIRST updates coordination principles for Multi-Party Vulnerability Coordination and Disclosure (FIRST — Forum of Incident Response and Security Teams) As part of their mission to encourage global coordination and a global language, the Forum of Incident Response and Security Teams (FIRST) has released an updated set of coordination principles – Guidelines for Multi-Party Vulnerability Coordination and Disclosure version 1.1.
Design and Innovation
European nations may be hesitant to trust AI for cybersecurity (Fifth Domain) The United States is designating resources to develop artificial intelligence (AI) for cybersecurity, but European countries are slower to follow.
These are the people Facebook put in charge of deciding whether to delete controversial posts (CNBC) The board includes a former Prime Minister of Denmark and several former journalists.
Opinion | We Are a New Board at Facebook. Here’s What We’ll Decide. (New York Times) The company’s independent oversight body will focus on challenging content issues, such as hate speech and harassment.
Facebook will rue its left-wing oversight board appointments (The Telegraph) The board has been filled with people like the former Guardian editor Alan Rusbridger who conform to Facebook's liberal world view
Academia
CyberPatriot XII Nationals Champions Announced (Air Force Association) The Air Force Association's CyberPatriot program announced this week the winners of the twelfth season of its National Youth Cyber Defense Competition.
Identity governance and WVU’s security strategy (EdScoop) WVU’s CISO shares why investing in identity governance is important to universities to strengthen their overall security posture with users.
Legislation, Policy, and Regulation
No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body (TechCrunch) You can’t make access to your website’s content dependent on a visitor agreeing that you can process their data — aka a ‘consent cookie wall’. Not if you need to be compliant with European data protection law. That’s the unambiguous message from the European Data…
Czechs Sign Joint 5G Security Declaration With United States (New York Times) The Czech Republic has signed a joint declaration with the United States to strengthen cooperation on next-generation 5G networks and promote rigorous evaluations of suppliers and supply chains, Czech leader Andrej Babis said on Wednesday.
FCC Wants Help Interpreting Law to Fund Replacement of Huawei, ZTE Equipment (Nextgov.com) The commission is giving stakeholders 15 days to weigh in on a related rulemaking.
Marco Rubio: Smaller contractors need more time to comply with China regulations (Florida Politics) Federal contractors are being barred from using certain Chinese telecommunication equipment.
Exclusive: U.S. drafts rule to allow Huawei and U.S. firms to work together on 5G standards - sources (Reuters) The U.S. Department of Commerce is close to signing off on a new rule that would allow U.S. companies to work with China's Huawei Technologies on setting standards for next generation 5G networks, people familiar with the matter said.
US drafts rule to allow Huawei and US firms to work together on 5G standards, sources say (CNBC) The rule is only expected to address Huawei, the people familiar with the matter said, not other listed entities like Chinese video surveillance firm Hikvision.
Opinion | We may be dramatically overestimating China’s capabilities (Washington Post) A whirlwind of competition is coming that could make the Chinese 5G powerhouse go the way of Bell Telephone.
Analysis | The Cybersecurity 202: Democrats push a bill to combat child pornography without undermining encryption (Washington Post) The bill includes $5 billion for more police and prosecutors.
States blast EAC for slow-walking voting standards (FCW) The approval process has been going on for years, and several state officials worry the security standards will already be obsolete when they're finally approved.
Litigation, Investigation, and Law Enforcement
Cisco-Centripetal Virtual Patent Trial Opens With Few Glitches (Bloomberg Law) Computer experts laid the foundation for a high stakes case Wednesday between Cisco Systems Inc. and Centripetal Networks Inc. as their virtual patent trial opened after a few technical glitches.
Cisco Patent Trial Kicks Off Over Zoom Without A Hitch (Law360) A bench trial got underway Wednesday over Zoom due to the pandemic in a case where Cisco Systems is accused of infringing a startup's network security patents, starting with a technical tutorial that went smoothly even with the judge, attorneys and witnesses all participating remotely.
LabCorp Hit with Shareholder Lawsuit Over 2 Separate Data Breaches (HealthITSecurity) A LabCorp shareholder has filed a lawsuit against the testing giant in an effort to recoup share value losses incurred after two separate data breaches in less than a year.