— The cybersecurity community during the COVID-19 emergency
Spike in Snake Ransomware Activity Attributed to New Campaign (The State of Security) Security researchers attributed a spike in Snake ransomware activity to a new campaign that's targeted organizations worldwide.
Large scale Snake Ransomware campaign targets healthcare, more (BleepingComputer) The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days.
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware (KrebsOnSecurity) Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems.
Unemployed Americans offered ‘remote jobs’ as money mules (BleepingComputer) Cybercriminals are exploiting the increasing number of layoffs during the current pandemic to recruit new money mules which can later be used to help them launder money gained from illicit activities.
CISA COVID Response Letter (Washington Post) Dear Director Krebs, In this letter we, the undersigned computer and election security experts, offer strong concerns about the content of the document entitled “Electronic Ballot Delivery and Marking” published under your “COVID-19 and Elections” web page...
Analysis | The Cybersecurity 202: Coronavirus has upended election security training with just months before November (Washington Post) A USC-led program has moved online and must prepare for a host of new threats.
Hackers Target WHO by Posing as Think Tank, Broadcaster (Claims Journal) The messages began arriving in World Health Organization employees' inboxes in early April, seemingly innocuous emails about the coronavirus from news
Hackers Target WHO by Posing as Think Tank, Broadcaster (Bloomberg) Iranian group Charming Kitten behind attacks, researcher says. WHO subjected to ‘very clever attacks’ amid pandemic response.
Fake news Facebook accounts used coronavirus to attract followers (Naked Security) In April, the company yanked 1,887 misleading accounts, pages and groups tied to eight influencer networks building fake engagement.
Britain’s ex-spy chiefs got rich off ‘Russian threat’ warnings, but IGNORED alarm bells on pandemic risk – report (RT International) What do Britain’s former spy chiefs get up to after they leave their posts? They make “millions” scaremongering about the “Russian threat” and lobbying the government on behalf of private interests, a new investigation confirms.
NHS reveals code behind virus-tracing app (BBC News) More than 40,000 people have downloaded the contact tracing app so far, ahead of a wider release.
Contact-tracing app fails to protect privacy and human rights (ComputerWeekly) Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee.
Privacy International to Palantir: We are watching you (ComputerWeekly) Privacy International expresses a qualified welcome for Palantir’s responses to questions about its data integration role in the NHS Covid-19 data store, but continues to raise concerns
A passwordless server run by NSO Group sparks contact-tracing privacy concerns (TechCrunch) Experts say centralized databases of citizens' location data pose a security and privacy risk.
Istanbul Municipality’s aid website targeted in cyber attack (Ahval) A spokesman for the opposition-run Istanbul Municipality said on Thursday that the website for its aid campaign to help people struggling financially due to the COVID-19 pandemic had been targeted in a cyber attack, T24 reported.
Israel to Launch ‘Cyber Defense Shield’ for Health Sector (The Media Line) Israel is preparing to inaugurate a “cyber defense shield” for the country’s health care sector amid a spike in attacks since the beginning of the global COVID-19 epidemic.
FTC warns 45 more sellers of scam Coronavirus treatments (Consumer Information) Every day we are reading about researchers studying potential ways to prevent, treat or cure COVID-19.
CIOs Set Aside Rivalry for Collegiality to Tackle Coronavirus IT Problems (Wall Street Journal) ‘We are sharing anything and everything right now,’ says Cisco’s CIO.
For PPP recipients: You may be subject to whistleblower lawsuits under false claims law (Silicon Valley Business Journal) For the vast majority of small businesses that received money under the Paycheck Protection Program (PPP) initiative, the structure of the loan terms may have inadvertently exposed them to a well-known, but rarely used, federal law.
Facebook will allow most employees to work from home through end of 2020 (CNBC) Facebook CEO Mark Zuckerberg will announce Thursday that most of the company's employees will be given the choice to continue to work from home through the end of 2020, a company spokeswoman told CNBC.
Air Force rolls out Advanced Battle Management System devices in COVID-19 fight (C4ISRNET) Intended to be demonstrated at an ABMS test in April, the Air Force has begun deploying unclassified personal devices that allow operators to access classified information.
Nuclear command leverages academia, industry data in COVID-19 fight (U.S. Air Force) Through a partnership with the Cyber Innovation Center, Louisiana Tech University, and Virtualitics Inc., Air Force Global Strike Command officials rapidly developed a daily report consisting of
COVID-19 Crisis To Help Akamai Replicate $300 Million+ Revenue Growth From The Past 2 Years? (Trefis) As per Trefis estimates, the coronavirus pandemic could indeed aid Akamai's (NASDAQ: AKAM) revenue growth across both its segments. The company's revenue comprises of two segments i.e. Web Division and Media & Carrier Division. Akamai's revenue has risen from $2.5 billion in 2017 to $2.9 billion in 2019, up by more than 15% in 2 years.
RiskIQ COVID-19 Internet Intelligence Gateway Fights Pandemic of Cybercrime (RiskIQ) The global response to COVID-19 revealed a host of new opportunities for threat actors, with FBI cybercrime reports quadrupling during the pandemic.
Develop Tailored Cybersecurity Self-Assessments to Help Secure Your Remote Workforce (Security Intelligence) Promote security awareness among your remote workforce and inform future training efforts by distributing tailored cybersecurity self-assessments to your employees.
Verizon donates $1 million to New Jersey Pandemic Relief Fund (Yahoo) Verizon’s total COVID-19 crisis commitment now stands at over $55 million in contributions and donations to nonprofits around the globe.
How the 'hinge event' of Covid will change everything (KITV) We all have a general sense of what "national security" means and what threatens it.
Cyber Attacks, Threats, and Vulnerabilities
Russian hackers accessed emails from Merkel's constituency office: Der Spiegel (Reuters) Russia's GRU military intelligence service appears to have got hold of many emails from Chancellor Angela Merkel's constituency office in a 2015 hack attack on Germany's parliament, Der Spiegel magazine reported on Friday, without citing its sources.
Rekonstruktion eines Cyberangriffs: Wie russische Hacker Angela Merkels Mailkonten knackten (Spiegel) Ermittler sind sicher, dass der russische Militärgeheimdienst dahintersteckt: Unbekannte verschafften sich 2015 Zugriff zu Dienstrechnern der Kanzlerin - die enthielten den kompletten E-Mail-Verkehr aus ihrem Abgeordnetenbüro ab 2012.
Chinese APT group Naikon targeted Western Australia government (ZDNet) Naikon's method is to infiltrate a government body, then use that body's contacts, documents, and data to launch attacks on others.
China’s Military Is Tied to Debilitating New Cyberattack Tool (New York Times) An Israeli security company said the hacking software, called Aria-body, had been deployed against governments and state-owned companies in Australia and Southeast Asia.
Blindsided: WA vows full investigation into alleged Chinese cyber attack (7NEWS.com.au) The premier promises he’ll ‘get to the bottom’ of extraordinary espionage claims.
Naikon APT Hid Five-Year Espionage Attack Under Radar (Threatpost) The Chinese APT has been discovered behind a five-year espionage campaign that compromises government servers – and uses that as leverage for other attacks.
Naikon Targeted Attacks (Kaspersky) Naikon is a threat actor that appears to be Chinese-speaking. Its primary targets are top-level government agencies and civil and military organizations. Naikon is one of the most active APTs in Asia, especially around the South China Sea, and has been spying on entities in the area for around five years, since at least 2010.
China 'used Word document to launch cyber-attack' on Australia (Mail Online) The report by Israeli cyber-security company Check Point said hackers known as Naikon targeted a worker in the office of the Western Autralian premier.
Chinese tech giant Tencent reportedly surveilled foreign users of WeChat to help censorship at home (CNBC) Chinese internet giant Tencent has been surveilling content posted by foreign users on its wildly popular messaging service WeChat in order to help it refine censorship on its platform at home, according to a new report.
Opinion | WeChat users outside China face surveillance while training censorship algorithms (Washington Post) Such practices are the antithesis of the responsible social media management that users should expect, especially during a pandemic.
()
New Kaiji Botnet Malware Targets IoT, But ‘New’ Doesn’t Mean ‘Undetectable’ (Bitdefender) Kaiji is a new IoT malware botnet written in Golang from scratch that searches for poorly configured SSH services and brute-forces its way in. But even if it’s new strand of malware, a powerful security solution can still pick up its nefarious behavior and intercept it on the way.
Why a small Facebook bug wreaked havoc on some of the most popular iOS apps (The Verge) Facebook’s code is everywhere. And when it breaks, so do the apps that rely on it.
Shiny Hunters hackers try to sell a host of user records from breaches (BleepingComputer) Three more high-profile databases are being offered for sale on a hacker forum by the same group claiming the Tokopedia and Unacademy breaches, and the more recently reported theft of Microsoft's private GitHub repositories.
Hackers Turned Virginia Government Websites Into Elaborate eBooks Scam Pages (Vice) Two subdomains of an official Virginia government website were hijacked and enrolled into a eBooks scam.
Starslord 2.0 malware: What it is, how it works and how to prevent it (Infosec Resources) The sLoad malware was discovered for the first time in 2018. It delivers various Trojans to the infected computers, including but not limited
3.68 Million MobiFriends User Credentials Stolen and Shared on Hacking Forum (RBS) The credentials of nearly 4 million MobiFriends users have recently been discovered by our Data Breach Research team on a prominent deep web hacking forum. The leaked data sets are currently available in a non-restricted manner despite being originally offered for sale.
Based out of Barcelona, Mo
Unacademy data breach: Hacker allegedly steals data of 2.2 cr users, sells it on dark web (Zee Business) Online learning platform Unacademy is the latest victim of data breach in India with around 2.2 crore users suffering a major loss recently. A hacker was able to obtain the database of Unacademy users and has started selling them on the dark Web for $2,000 (roughly Rs. 1,51,800), according to US-based cybersecurity firm Cyble.
Vcrypt ransomware brings along a buddy to do the encryption (Naked Security) Here’s a ransomware story with a difference. Some of your files can be recovered without paying, while others get wiped out forever.
One of the biggest European banks leaking sensitive data on their website (CyberNews) Santander, the 5th largest bank in Europe, had a misconfiguration on its website that could allow hackers to potentially phish Santander’s bank customers.
Why Are We So Stupid About RDP Passwords? (BankInfo Security) In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.
Attacking SCADA: Vulnerabilities in Schneider Electric SoMachine and M221 PLC (CVE-2017-6034 and CVE-2020-7489) (Trustwave) While most of these implementations are protected to a certain extent by unique complexity, 24/7 monitoring, and built-in fault tolerance and redundancy, vulnerabilities and attacks targeting them should not be discounted.
()
Advantech WebAccess Node (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess Node
Vulnerabilities: Improper Validation of Array Index, Relative Path Traversal, SQL Injection, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read
2.
Roblox Hacker Demands Bounty For Fake Software Bug (The Tech Education) Roblox is a game platform that allows users to create their own games and play games created by other users. Recently, Roblox was under the threat of a few hackers who had managed to breach the wall of the online platform and obtain information. Hacker bribes for information Two days ago, Roblox faced the threat […]
Security Patches, Mitigations, and Software Updates
Next round of Zoom updates targets consumer security (ComputerWeekly) Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend.
Samsung smartphone users at risk from critical security bug. Patch now (The State of Security) Samsung has released a security update for its smartphones which includes a critical fix for a vulnerability that affects all devices sold since 2014.
Cyber Trends
World Password Day Survey: Global Remote Workforce (OneLogin) Explore the findings of our survey and explore security measures and passwords practices of remote workers.
Balbix Releases State of Password Use Report 2020 (BusinessWire) Balbix Inc., provider of the industry’s first system for cybersecurity posture transformation, today released its State of Password Use Report 2020. T
Every other employee is watching adult content on office devices: Kaspersky report (Hindustan Times) According to the report, 18% watch adult content on devices given to them by office
H2 2019: Duration of phishing attacks grows, use of banking trojans wanes (Help Net Security) The lifespan of phishing attacks in H2 2019 has grown considerably and resulted in the tremendous increase in the number of phishing websites blockages
Marketplace
Hub Security raises $5M Series A for its cryptography platform (TechCrunch) Hub Security, a Tel Aviv-based startup that developed a software and hardware platform for cryptographic operations, today announced that it has raised a $5 million Series A round led by AXA Ventures. Crowdfunding platform OurCrowd also participated in this round. Like most companies at the Series …
AXA Ventures Leads $5 Million Investment in Next-generation Cybersecurity Startup Hub Security (MarketWatch) Hub Security, a startup that offers military-grade...
Dtex raises $17.5 million to detect cyberthreats with AI while preserving privacy (VentureBeat) Dtex, which is developing a privacy-preserving cybersecurity platform for enterprise customers, raised $17.5 million in venture capital.
Clearview AI Says It Will No Longer Provide Facial Recognition To Private Companies (BuzzFeed News) Facing numerous lawsuits, the New York startup said it "is cancelling the accounts of every customer who was not either associated with law enforcement or some other federal, state, or local government department, office, or agency.”
Microsoft’s Azure Sphere Bug Challenge Pays $100K for IoT Security (Threatpost) A three-month bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within the Azure Sphere IoT security suite.
Telos Corporation Awarded $66.4M U.S. Air Force Contract to Support Theater Deployable Communications Black Core Upgrade (Telos Corporation) Telos to deliver modules and kits to support TDC Black Core Architecture upgrade.
()
Products, Services, and Solutions
Partnership with SKOUT Cybersecurity and Lookout enables small businesses to quickly mitigate cyber risks and safeguard their business (Globe Newswire) Web.com Group, a leading web technology company helping millions of customers around the globe thrive in a connected world, today announced the introduction of a new, end-to-end Cyber Security Solution.
Exostar Expands Risk Management Suite with New Product to Support Cybersecurity Maturity Model Certification (BusinessWire) Certification Assistant now available to guide all DIB companies on their CMMC Level 1-5 & NIST 800-171 cybersecurity hygiene improvement journeys.
Breached Organization uses Network Insight to Pinpoint Source of Infection (Core Security) A Core Security partner was contacted by a large institution with what is becoming an all too common problem: they had suffered a massive breach from an advanced persistent threat (APT), and they wanted to make sure it never happened again. Read on to find out how Network Insight proved to be the right advanced threat detection solution for their needs.
Deloitte Partners with Palo Alto to Extend Its Cybersecurity Services (Infosecurity Magazine) Palo Alto Networks to become a strategic partner across Deloitte's EMEA network
Thycotic and Cybrary Partner to Launch New Podcast: 401 Access Denied (Thycotic) World-Class Cyber Security Experts Discuss the Latest Threats, Current Global Security Challenges and Share Advice in Bi-Weekly, Interactive Forum
Recorded Future Strengthens Relationship With Amazon Web Services, Supports Amazon GuardDuty (PR Newswire) Recorded Future, the largest global security intelligence provider, today announced support for Amazon GuardDuty, a threat detection service...
Zimperium enhances its offering with ZecOps’ advanced mobile forensics capabilities (Help Net Security) Zimperium announced a strategic partnership with ZecOps, enhancing Zimperium’s offering with ZecOps’ advanced mobile forensics capabilities.
Tool fatigue among businesses prompts IBM to deploy open-source-based security solution (SiliconANGLE) Tool fatigue among businesses prompts IBM to deploy open-source-based security solution - SiliconANGLE
Technologies, Techniques, and Standards
()
So you've set up MFA and solved the Elvish riddle, but some still think passwords alone are secure enough (Register) OK, a third agreed with Thales when it asked the question
World Password Day: Six pieces of advice from the cybersecurity industry (Verdict) Today is World Password Day, an annual event designed to raise awareness of the importance of strong online security and promote better password habits.
()
Why World ‘Password’ Day Needs a Refresh (Fast Mode) If you didn’t realize that the first Thursday in May was World Password Day, you’re not the only one. Intel Security officially declared it back in 2013,
Is It the End for Passwords (Avast) Everyone is still using them, but to commemorate World Password Day, we look at the growing number of password-free solutions that promise to someday eradicate our reliance on passwords.
()
Design and Innovation
The Republic of Facebook (Just Security) Its Oversight Board for content moderation, with members named today, may help address problems of online speech and censorship. But it is only one part of the answer.
Legislation, Policy, and Regulation
Europe Seeks Greater Powers to Tackle Its Money-Laundering Problem (Wall Street Journal) The EU said it wants to boost the continent’s power to fight money laundering following a series of scandals that have made Europe a center of financial crime.
Submissions to UK 5G security review are mostly hostile to Huawei (Telecoms.com) UK Parliament is reviewing the government’s decision to allow the limited involvement of Huawei kit in its 5G networks.
Pentagon official: FCC decision on 5G threatens GPS, national security (TheHill) Pentagon officials on Wednesday criticized the Federal Communications Commission's (FCC) recent decision to allow Virginia-based satellite communications company Ligado to deploy a nationwide mobile network, saying that it could have adv
Pentagon, Senators Blast FCC Decision to Let Company Share GPS Spectrum (Nextgov.com) Space Force chief, Pentagon tech leaders, and the Armed Services chairman led calls to reconsider the controversial license for Ligado.
Litigation, Investigation, and Law Enforcement
Justice Department Is Dropping Case Against Ex-Trump Adviser Michael Flynn (NPR) After months of wrangling following the Russia investigation, prosecutors aren't going ahead with the case based on the former national security adviser's false statements to the FBI.
FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange (ComputerWeekly) Roger Stone, a political strategist and associate of US president Donald Trump exchanged private messages with WikiLeaks founder Julian Assange, documents released by the FBI last week reveal. Stone, who worked for Donald Trump’s presidential campaign and retained close ties with senior campaign figures, promised to back Assange, if the US government took action against the Wikileaks founder.
House intel transcripts show top Obama officials had no 'empirical evidence' of Trump-Russia collusion (Fox News) Newly released transcripts of interviews from the House Intelligence Committee’s long-running Russia investigation reveal top Obama officials acknowledged that they knew of no “empirical evidence” of a conspiracy between the Trump campaign and Russia in the 2016 election, despite their concerns and suspicions.
Huawei Loses Bid to Revive Patent on Mobile Telecommunications (Bloomberg Law) U.S. appeals court, without issuing formal opinion, affirmed Patent Trial and Appeal Board decision that Huawei patent is invalid