— The cybersecurity community during the COVID-19 emergency
DHS to advise telecom firms on preventing 5G cell tower attacks linked to coronavirus conspiracy theories (Washington Post) Disinformation has spurred sporadic attacks against cell towers in the United States.
US formally accuses China of hacking US entities working on COVID-19 research (ZDNet) DHS CISA and the FBI issue joint statement on recent Chinese cyber-attacks against COVID-19-related targets.
China calls U.S. accusation of hacking in COVID-19 research "slander" (Reuters) China's foreign ministry, asked about China-linked hackers breaking into U.S. COVID-19 research, said China opposed what it called slander from the United States.
()
Trading Standards warns of NHS contact-tracing phishing scam (Computing) Message telling people that they may be infected links to a malicious website which asks for personal details
Phishing scam hooked into NHS contact-tracing app detected (Engineering & Technology) The Chartered Trading Standards Institute (CTSI) has revealed evidence of a phishing scam themed around the NHS contact-tracing app, despite the app still only being at the testing stage.
The UK’s Contact Tracing App Breaks the UK’s Own Privacy Laws (and Is Just Plain Broken) (Gizmodo) Whether you love them or hate them (or think they won’t work), authorities around the world have universally embraced the concept of contact tracing tech in order to curb the coronavirus’s spread. In practice, however, these apps have fallen short of a lot of our expectations, with many turning out to be more invasive than any of us anticipated, if not downright broken.
SilverTerrier cyber crime group targets Covid-19 key workers (ComputerWeekly) Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang.
()
Enhanced Zeus Sphinx Trojan Used in COVID-19 Schemes (GovInfo Security) The operators behind the Zeus Sphinx malware have added new features and functionality to the Trojan, and more cybercriminals have deployed it within phishing
()
Shifting SBA guidance could create ‘legal mess’ for PPP recipients (Washington Business Journal) Small-business applicants have to pay special attention to which version of SBA guidance applies to them.
Stimulus Cops on Lookout for Fake Employees, Identity Theft (Wall Street Journal) Federal government steps up oversight of roughly $3 trillion in spending for businesses and households.
How a pandemic can kickstart cyber lessons (C4ISRNET) Lessons from the pandemic are piling up and should prompt government leaders to rethink how we operate, train and equip organizations.
5 easy steps to immediately bolster cybersecurity during the pandemic (Help Net Security) The following are a few short-term, easy-to-implement actions that IT managers can take now to bolster cybersecurity amid the current pandemic.
Are you ready for the post Covid-19 threat landscape? (IT-Online) In a digital world, with billions of people and even more devices connected to the Internet via private, public and corporate networks, cybersecurity has become a priority concern. T-Systems estimates that the world will see 50-billion connected IOT-devices by this year. By Lukas van der Merwe, specialist sales executive: security at T-Systems South Africa In …
Secure Hardware Technologies Markets Will Be Hit Hard By COVID-19 in 2020 (ABI) Trusted Platform Module Shipments forecasted down 17%, while Trusted Execution Environments growth will remain flat
Software engineers & sales staff most affected by layoffs at startups (ETCIO.com) Consulting and general management roles have also taken a hit, although sectors such as ed-tech, gaming and financial services are seeing an uptick an..
Tripwire Survey: 94% of Cybersecurity Professionals More Concerned About Security in Wake of COVID-19 (Tripwire) Majority of security teams lacked preparation for coronavirus impacts, and faced COVID-19-related attacks
Free Ransomware Assessment for Healthcare Organizations (Digital Defense) Digital Defense is offering up to $1 million worth of complimentary vulnerability assessments to healthcare organizations.
Fortinet Makes All Online Cybersecurity Training Courses Available for Free to Address Skills Gap (Eletimes) Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, announced it is opening the entire online, self-paced catalogue of advanced Network Security Expert training courses for free.
Cyber Attacks, Threats, and Vulnerabilities
New Spying Trojan Targets Diplomatic Entities in Europe via Spoofed Visa Application (Al Bawaba) Kaspersky technologies revealed new malware with a focus on diplomatic bodies in Europe, with the initial dropper spread as a spoofed visa application.
Danger zone! Brit research supercomputer ARCHER's login nodes exploited in cyber-attack, admins reset passwords and SSH keys (Register) Assault on TOP500-listed machine may have hit Euro HPC too, warn sysops
ARCHER » Service Status (ARCHER) ARCHER is a Cray XC30 system providing HPC facilities for UK researchers.
New Ramsay malware can steal sensitive documents from air-gapped networks (ZDNet) Ramsay can infect air-gapped computers, collect Word, PDF, and ZIP files in a hidden folder, and then wait for exfiltration.
Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks (WeLiveSecurity) ESET researchers have discovered Ramsay, a previously unreported cyber-espionage framework that is tailored for collection and exfiltration of sensitive documents and is capable of operating within air-gapped networks.
Ransomware now demands extra payment to delete stolen files (BleepingComputer) A ransomware family has begun a new tactic of not only demanding a ransom for a decryptor but also demanding a second ransom not to publish files stolen in an attack.
()
Google removed 813 creepware apps from the Android Play Store (ZDNet) The applications were discovered with a new algorithm called CreepRank, developed by a team of academics.
()
Multi-part Android spyware lurked on Google Play Store for 4 years, posing as a bunch of legit-looking apps (Register) Mandrake handlers could snoop on whatever victim did with their phone
Mobile banking Android malware horsing around in cyberspace (Deccan Herald) A mobile banking malware called "EventBot", which steals personal financial information, may affect Android phone users in India, the federal cyber-security agency has said in a latest advisory. The CERT-In has issued a caution, saying the Trojan virus may "masquerade as a legitimate application such as Microsoft Word, Adobe flash and others using third-party application downloading sites to infiltrate into victim device". A Trojan is a virus or malware that cheats a victim to stealthily attack its computer or phone-operating system.
Hacking Group Offers Another 27 Million Records for Sale: Report (BankIfno Security) After offering three large databases of compromised user data for sale on the darknet last week, a hacking group known as Shiny Hunters now is trying to sell four
()
Google Site Kit WordPress Plugin Vulnerability (Search Engine Journal) Critical vulnerability discovered in Google Site Kit WordPress plugin.
A cybercrime store is selling access to more than 43,000 hacked servers (ZDNet) The MagBo portal provides access hacked servers, with some belonging to local and state government, hospitals, and financial organizations.
Criminal forum trading stolen data suffers ironic data breach (Naked Security) Someone on the dark web is touting for sale an unusual database a lot of people might pay handsomely to get their hands on.
()
Thunderspy Attack Underscores Existing Thunderbolt Security Issues (Decipher) The new Thunderspy attack highlights a handful of shortcomings in the security model of the Thunderbolt chip used in many PCs.
‘Thunderspy’ enlightening—very, very frightening (TechBeacon) The moral of the story? Choose up-to-date hardware, and configure it correctly. And consider disabling suspend.
()
Microsoft: Worried about Thunderbolt attacks? Get a Windows 10 Secured-Core PC (ZDNet) Windows 10 Secured-core PCs can block Thunderspy attacks, argues Microsoft.
BlueScope IT 'disruption' feared to be ransomware attack (iTnews) Production systems impacted.
Remembering WannaCry (Security Boulevard) Exactly three years ago, a scourge known as WannaCry ransomware began its global spread. For Avast researchers, May 12, 2017 started like a typical Friday until Avast Antivirus blocked 2,000 users from ransomware attacks at 8am.
Madonna and Lady Gaga Among Global Stars Targeted in Hackers’ Extortion Plot Against Law Firm (The Daily Beast) Cyberattackers seeking more than $2M from Travelex got inside Allen Grubman’s celebrity law firm. Confidential docs are now leaking online as the hackers turn the screws.
Can Lady Gaga and Madonna get people to take security seriously? (ComputerWeekly) What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers.
Debunking myths related to client-side security and Magecart attacks (Help Net Security) The client-side landscape has been overrun by third-party script attacks executed by attackers utilizing methods made famous by Magecart attacks.
Scammers steal $10 million from Norway's state investment fund (BleepingComputer) Fraudsters running business email compromise scams were able to swindle Norfund, Norway's state investment fund, out of almost $10 million.
Service NSW emails hacked in cyber attack (NewsComAu) The email accounts of almost 50 NSW government employees have been breached in a cyber attack on the customer service department, putting the personal data of citizens at risk.
Ohio unemployment system thwarts cyber attack (Toledo Blade) Ohio says it was able to fight off a cyber attack that attempted to overwhelm the system through which employers can report employees who refuse ...
Cyber Attack: Return to normal well underway (GlobeNewswire) Following the cyber attack on April 29th that has affected part of its operations, Tarkett restarted its information technology systems and critical applications.
Security Patches, Mitigations, and Software Updates
RIP: Microsoft to drop support for Windows 10 on 32-bit systems (BleepingComputer) Microsoft has stated that future versions of Windows 10, starting with the May 2020 Update, will no longer be available as 32-bit builds on new OEM computers.
Windows 10 to get PUA/PUP protection feature (ZDNet) PUA/PUP-blocking option to be added in Windows 10 May 2020 update.
Vulnerabilities found and fixed in banking apps: Cybersecurity researcher (The Economic Times) According to the researcher, the problems included issues in biometric authentication, incorrect session handling, embedding of authentication credentials, API security and third-party risks like integration with WhatsApp.
Cyber Trends
Identity Security: A Work in Progress (Identity Defined Security Alliance) Report from the IDSA evaluates identity security, including identity-related breaches and how some companies are reducing risk, but still work in progress.
()
Parks Associates: 41% of US broadband households concerned about hackers accessing their devices (PR Newswire) Parks Associates research reveals 41% of US broadband households are concerned about hackers getting access to their devices. With concerns...
Addressing the Security Leadership Talent Gap (Kudelski Security) New report from the CISO community. Practical advice on how to recruit, retain, and develop CISO talent. Covers evolving roles, responsibilities & skillset
Stay Smart. Stay Safely Connected. (Cyber Tech Accord) IoT devices have become part of our daily lives and it is crucial that everyone is able to keep their devices secure.
Marketplace
VMware Advances Intrinsic Security Strategy at Connect 2020 Announcing Intent to Acquire Octarine to Expand Workload Security Solution into Kubernetes and Creation of Next-Gen SOC Alliance | VMware Carbon Black (VMware Carbon Black) Octarine acquisition will bring intrinsic security to containerized applications running in Kubernetes and build security capabilities into the fabric of the existing IT and DevOps ecosystems Newly created Next-Gen Security Operations Center (SOC) Alliance features industry-leading SIEM/SOAR vendors Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic
()
Zerodium stops accepting Apple bug submissions because it has too many to review (CyberScoop) A company that pays hackers to submit serious flaws says it’s made aware of so many flaws in Apple operating systems that it will stop acquiring new ones.
Lightstream Welcomes Rafal Los as Chief Security Strategist (The Herald Journal) Lightstream, a leader in cloud security, network transformation and managed services, today announced the hiring of Rafal Los as the company's new
Colin Murphy Appointed KnowBe4’s New Chief Information Officer (Infosecurity Magazine) Experienced IT pro joins C-suite of international cybersecurity awareness training provider
Sandra Bergeron Joins Sumo Logic Board of Directors (GlobeNewswire) Company Also Expands its Advisor Board with Artificial Intelligence Veteran Lisa Hammitt to Further Drive Growth and Innovation of its Category-leading Continuous Intelligence Platform
Products, Services, and Solutions
RedSeal Launches Five New Services to Measurably Reduce Cyber Risk Across Remote Workforces (GlobeNewswire) Secure remote workforce, cyber and cloud cyber visibility assessments along with tiered service offerings ensure overtaxed network infrastructures continue to be secure
Pulse Secure Responds to Growing Demand for Integrated Platforms with New Pulse Access Suite Plus (GlobeNewswire) Access Suite Plus offers simplified, modular Secure Access for hybrid IT with Zero Trust control
Sonatype Further Expands Coverage of Nexus Platform (GlobeNewswire) Nexus Lifecycle and Nexus Firewall add native support for eleven additional ecosystems
Motimatic Launches Cybersecurity Solution Designed To Engage Employees In The Fight Against Phishing Attacks (Motimatic) Leverages digital marketing technologies and behavioral science to inform, educate and motivate employees through social media channels
Code Protection Leaders Join Forces to Arm App Developers with Cutting-Edge Countermeasures Against Ever-Evolving Cyberattacks (Verimatrix) Verimatrix, (Euronext Paris: VMX), today announced a partnership with Jscrambler
Securonix Powers Booz Allen’s New Cloud-Based SIEM as a Service (BusinessWire) Next-Gen SIEM Securonix will help power a new cloud-based SIEM as a Service from Booz Allen Hamilton.
Technologies, Techniques, and Standards
Why all employees need cybersecurity training (Silicon Republic) Cybersecurity training may need to become a vital part of employee onboarding, while current employees will need to be upskilled.
How to implement least privilege in the cloud (Help Net Security) To mitigate risks associated with the abuse of identities, organizations are trying to enforce the principle of least privilege in the cloud.
How to Protect Applications from Cloud-Based Attacks (Radware Blog) Radware & Microsoft discuss the primary security threats to public cloud infrastructure and applications during the COVID-19 pandemic.
()
Shining a light on shadow IoT devices (TechRadar) What’s lurking on your network?
Design and Innovation
Facebook’s AI for Hate Speech Improves. How Much Is Unclear (Wired) The company says algorithms flagged almost 90 percent of the hate speech it removed in the first quarter. But it doesn’t report how much slipped through.
Crypto Startup School: A new type of computer drives waves of innovation (TechCrunch) In week one of a16z’s Crypto Startup School, the firm addresses “Crypto Networks and Why They Matter” and “Blockchain Primitives: Cryptography and Consensus.”
Thales receives Frost & Sullivan award for tech innovation with Gemalto digital ID wallet (Biometric Update) Frost & Sullivan has awarded Thales with the 2019 Global Company of the Year award for the Gemalto digital ID wallet with advanced features, certified security, privacy and strong performance, …
Scunthorpe Sans 🗯🚫 profanity-blocking font (VOLE.wtf) A s*** font that f***ing censors swearing automatically
Legislation, Policy, and Regulation
France to force web giants to delete some content within the hour (Reuters) Social networks and other online content providers will have to remove paedophile and terrorism-related content from their platforms within the hour or face a fine of up to 4% of their global revenue under a French law voted in on Wednesday.
France Threatens Big Fines for Social Media With Hate-Speech Law (Wall Street Journal) France is empowering regulators to slap large fines on social-media companies that fail to remove postings deemed hateful, one of the most aggressive measures yet in a broad wave of rules aimed at forcing tech companies to more tightly police their services.
Government tells social media companies they must go further to address disinformation (ComputerWeekly) House of Lords committee hears about government collaboration with social media firms to combat pandemic-related disinformation and online harms
Do we need tougher breach notification rules? (Computing) The Travelex ransomware raises the question, once again, of whether organisations should be obliged to provide more information
()
Trump extends U.S. telecom supply chain order aimed at Huawei, ZTE (Reuters) President Donald Trump on Wednesday extended for another year an executive order signed in May 2019 declaring a national emergency and barring U.S. companies from using telecommunications equipment made by firms posing a national security risk.
Trump extends executive order aimed at Huawei to guard US supply chain (South China Morning Post) Trump on Wednesday extended an executive order by another year that had prohibited US companies from using telecommunications equipment made by firms deemed a national security threat.
()
Lawmakers move to boost federal cybersecurity in annual defense bill (TheHill) Sen. Ron Johnson (R-Wis.) said Wednesday that he was pushing for inclusion of measures meant to defend the United States against cyber threats in the upcoming annual National Defense Authorization Act (NDAA).
Prioritizing Weapon System Cybersecurity in a Post-Pandemic Defense Department (CSIS) The coronavirus pandemic illustrates the extraordinary impact that invisible vulnerabilities—if unmitigated and exploited—can have on both the Department of Defense (DOD) and on national security more broadly.
()
Litigation, Investigation, and Law Enforcement
Merkel: evidence of Russian role in German parliament hack (Washington Post) German Chancellor Angela Merkel said Wednesday there’s “hard evidence” of Russian involvement in a cyberattack on the German parliament in 2015 that reportedly also involved the theft of documents from her own parliamentary office
Analysis | The Cybersecurity 202: New Jersey lawsuit tries to block Internet voting in the state (Washington Post) Online voting systems are derided by security experts but getting attention during the pandemic.
Financial Trade Group Says It Reaches Agreement With Exchanges in U.S. Database Dispute (New York Times) A financial industry trade group said on Wednesday it resolved a dispute with U.S. stock exchanges that had threatened to hold brokers liable for any breaches of a new trading database controlled by the exchanges and the Financial Industry Regulatory Authority (FINRA).
TikTok’s handling of child privacy gets another watchdog’s attention (Naked Security) Use of the kid-addicting, video-sharing app is exploding during lockdown, triggering yet another inquiry into how safe it is for young ones.
Intelligence Chief Declassifies List of Obama-Era Names in Unusual Step (New York Times) Richard Grenell has given the list to the Justice Department as the president and his allies press to reshape perception of the Russian investigation.
GOP senators release list of Obama officials, including Biden, who ‘unmasked’ Michael Flynn (Washington Post) ‘Unmasking’ is a routine practice used to identify U.S. individuals who are referred to anonymously in an intelligence document.
Biden, Comey Among Obama-Era Officials Who May Have Received Flynn Intel (NPR) Republican senators working with a sympathetic acting director of national intelligence have tied the likely Democratic presidential nominee into a years-long saga over the Russia imbroglio.
Judge Overseeing Michael Flynn’s Sentencing Just Dropped A Bombshell (The Federalist) The sentencing memorandum reveals for the first time concrete evidence that the FBI created multiple summaries of Michael Flynn’s questioning.
Judge Eyeing Possible Contempt Charge Against Flynn (Law360) A D.C. federal judge overseeing the government's criminal case against onetime Trump administration national security adviser Michael Flynn suggested Wednesday that he may hold the retired three-star general in criminal contempt for perjury.
Gleeson Tapped to Argue Against DOJ's Bid to Dismiss Flynn Case (New York Law Journal) Just days ago, John Gleeson, a partner at Debevoise and former EDNY judge, co-authored an op-ed that noted U.S. District Judge Emmet Sullivan could reject the Justice Department's motion to dismiss the Flynn case and hand down a sentence.
Senator Richard Burr – FBI obtains copy of iCloud data (9to5Mac) The FBI has obtained a copy of iCloud data belonging to Senator Richard Burr, chair of the Senate Intelligence Committee, after serving Apple with a warrant