Attacks, Threats, and Vulnerabilities
Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (SecurityWeek) Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations
SnapMC skips ransomware, steals data (NCC Group Research) Over the past few months NCC Group has observed an increasing number of data breach extortion cases, where the attacker steals data and threatens to publish said data online if the victim decides not to pay. Given the current threat landscape, most notable is the absence of ransomware or any technical attempt at disrupting the victim’s operations.
Academics find Meltdown-like attacks on AMD CPUs, previously thought to be unaffected (The Record by Recorded Future) Two academic papers have been published over the past two months detailing new side-channel attacks in AMD processors that have eerily similar consequences to the Meltdown attack disclosed in early 2018, to which AMD CPUs were previously thought to be immune.
How Impersonation Attacks Fool Users (Avanan) Hackers use impersonated messages from reputable brands to fool users. In this case, scammers are impersonating DocuSign.
Once-in-a-decade discovery made by international cyber security company built by former spies (PR Newswire) Field Effect, a global cyber security company, has released details of their discovery of seven 0-day vulnerabilities in Microsoft Windows software and…
Blox Tales: Microsoft Defender Vishing Using AnyDesk (Armorblox) This blog focuses on a Microsoft Defender vishing campaign where attackers tried to get victims to download AnyDesk for an RDP attack.
Heads up: Verizon’s Visible MVNO accounts are getting hacked left and right (AndroidPolice) Users are reporting account hijacks, address changes, and unauthorized purchases
Apparent Verizon Visible hack was credential stuffing attack, says carrier [U] (9to5Mac) Multiple reports of an apparent Verizon Visible hack, with attackers changing shipping addresses, then ordering phones that are charged …
Verizon’s Visible confirms accounts were breached – report (FierceWireless) Some customer accounts for the Verizon-backed all-digital prepaid brand Visible were breached after bad actors obtained password and login information from “outside sources,” the company confirmed on social media Wednesday.
Verizon-owned wireless carrier Visible confirms account hacks, denies breach (The Record by Recorded Future) Visible, an all-digital wireless service provider based in the US and owned by Verizon, confirmed today that hackers gained access to customer accounts, but the company denied any breach of its backend infrastructure.
Verizon Visible customers targeted in a credential-stuffing attack (SiliconANGLE) Verizon Visible customers targeted in a credential-stuffing attack – SiliconANGLE
Acer confirms second security breach this year (The Record by Recorded Future) A spokesperson for Taiwanese computer maker Acer has confirmed today that the company suffered a second security breach this year after hackers advertised the sale of more than 60 GB of data on an underground cybercrime forum.
Acer India servers breached? Hackers claim over 60GB data accessed (Hindustan Times) In what could be a second data breach at technology company Acer this year, a hacker group has claimed it has accessed over 60GB of data from its India servers
Romance scams with a cryptocurrency twist – new research from SophosLabs (Naked Security) Romance scams and dating site treachery with a new twist – “there’s an app for that!”
Belgium’s Covid App Reports Data Breach Days Before Pass Rollout (Bloomberg) Watchdog says the leak exposes data of 39,000 people. Brussels is due to roll out Covid pass mandate for restaurants.
We analyzed 80 million ransomware samples – here’s what we learned (Google) Leaders at organizations across the globe are witnessing the alarming rise of ransomware threats, leaving them with the sobering thought that an attack on their business may be not a matter of if, but when.The stakes are becoming higher.
EU Cybersecurity Month: Hybrid working makes phishing attacks harder to spot (Lexology) The EU Cybersecurity Month (“ECSM”) is the EU’s annual awareness campaign that takes place every October across Europe. Through this initiative…
Hacker gets SSN, other information of 3 Missouri teachers in data breach (KSDK) According to the Department of Elementary and Secondary education, the hacker took the teachers’ records by decoding a web application
OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances (Threatpost) Cybercriminals exploited bugs in the world’s largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
Necro Python Botnet Goes After Vulnerable VisualTools DVR (Official Juniper Networks Blogs) In the last week of September 2021, Juniper Threat Labs detected a new activity from Necro Python (a.k.a N3Cr0m0rPh , Freakout, Python.IRCBot) that is actively exploiting some services, including a
FreakOut Botnet Turns DVRs Into Monero Cryptominers (Threatpost) The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
Accidental Data Deletion: The Fear Is Real (Nextgov.com) Data handling is an organization-wide responsibility.
Sunderland University suffers ‘extensive IT disruption’ after cyber attack (Computing) Online teaching, website and email severely affected in what appears to be the latest cyber attack on higher education
Ovzon to Supply US DoD Customer With Satellite Broadband Terminals (Via Satellite) Ovzon, a satellite hardware company based in Sweden, has received an order for satellite terminals from an unnamed U.S. Department of Defense (DoD) customer. The order, announced Monday, marks the second new U.S. DoD customer for Ovzon in the last 90 days as the company looks to continue to expand its core customer
In new cybersecurity incident, Alaska seafood agency hit by ‘nefarious third party’ (Alaska Public Media) The Alaska Seafood Marketing Institute, which operates separate computer systems from the state’s executive branch, discovered the activity in August, said Jeremy Woodrow, the institute’s executive director.
Security Patches, Mitigations, and Software Updates
Intel, VMWare Join Patch Tuesday Parade (SecurityWeek) Tech giants Intel Corp. and VMWare joined the security patch parade this week, rolling out fixes for flaws that expose users to malicious hacker attacks.
SAP Patches Critical Vulnerabilities in Environmental Compliance (SecurityWeek) On Tuesday, its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News.
Trends
F-Secure Threat Highlights Report (F-Secure) It is the end of September 2021, and we are three quarters of the way through the year.
Hybrid Work Pushes to End Passwords: Cisco’s Duo Security Report Finds Biometric Authentications Surge Significantly During Pandemic (Cisco) Multi-factor authentications soar as enterprises move away from passwords to secure hybrid workers
Stronger Cyber Controls Are Needed to Counter Ransomware Pandemic, According to New Allianz Risk Report (BusinessWire) Cyber insurer Allianz Global Corporate & Specialty analyzes the latest ransomware risks and outlines how companies can strengthen their defenses
Ransomware trends: Risks and Resilience (Allianz) Cyber intrusion activity globally jumped 125% in the first half of 2021 compared with the previous year, according to Accenture, with ransomware and extortion operations top two contributors behind this triple‑digit increase
Phishing by the numbers – September 2021 – Cyren (Cyren) This blog is part of our monthly blog series analyzing incident response data from Cyren threat researchers and Cyren security clouds including Cyren Inbox Security.
Everyday cybersecurity practices inadequate among many online consumers (Help Net Security) Everyday cybersecurity practices for securing data, protecting identity and sharing information remain inadequate despite increased threats.
The state of security in a hybrid world (Citrix) OBJECTIVES: Deliver qualitative + quantitative research focused on the state of security in a hybrid work environment
HP Wolf Security Threat Insights Report (HP Wolf Security) Welcome to the Q3 2021 edition of the HP Wolf Security Threat Insights Report. Here our security experts highlight malware trends identified by HP Wolf Security from the third quarter of 2021, equipping security teams with the knowledge to combat emerging threats and improve their security postures.
Huawei, Ericsson or Nokia? Apple or Samsung? U.S. or China? Who’s Winning the 5G Races (Wall Street Journal) The competition among equipment makers, countries and cellphone companies is heated. Here are the leaders in each of those races.
Marketplace
Why enterprises are massively subcontracting cybersecurity work (VentureBeat) Enterprises increasingly are subcontracting cybersecurity responsibilities because they have trouble finding full-time qualified workers.
Leading Cybersecurity Company Completes Merger with Newtown Lane… (Appgate) Appgate, the secure access company, announced it successfully completed its merger with Newtown Lane Marketing on October 12, 2021.
Money Moves: Arlington cyber firm Shift5 raised a $20M Series A round (Technical.ly DC) Plus, BrainScope raised $35 million in fresh funding and Xometry has a new scholarship program for Howard University students.
GitLab Announces Pricing of Initial Public Offering (GitLab) GitLab Announces Pricing of Initial Public Offering
Open Source Security Foundation Raises $10 Million in New Commitments to Secure Software Supply Chains (PR Newswire) The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it has raised $10…
How to Start a Cybersecurity Career in Chicago (Elmhurst University) Here are the education requirements and training you’ll need to jump-start a cybersecurity career in the greater Chicago area.
Microsoft Agrees to Human Rights Review in Deals With Law Enforcement, Government (Bloomberg) After shareholder proposal, Microsoft to commission independent report on company’s contracts.
Pathlock Closes Third Quarter with Record Enterprise Adoption (PR Newswire) Pathlock, the leading provider of unified access orchestration, today announced the company’s most successful third quarter since inception….
Axiad Joins FIDO Alliance to Further an Identity-first Mindset (Axiad) Axiad today announced it has joined the FIDO Alliance, an association with a focused mission: authentication standards to help reduce the world’s over-reliance on passwords.
Products, Services, and Solutions
225 of Kasasa’s Financial Institution Clients Select Industry-Leading Identity Verification and Fraud Platform from Socure (BusinessWire) Kasasa®, an award-winning financial technology and marketing provider, and Socure, the leading provider of digital identity verification and fraud sol
Socure Announces the Launch of Its Public Sector Business with a Mission to Improve Access to Government Digital Services and Eliminate Fraud (BusinessWire) Socure, the leading provider of digital identity verification and fraud solutions, today announced the launch of its public sector business led by ide
Theta Lake Expands RingCentral Partnership Including Global Service Provider Support and Cross Industry Vertical Security and Compliance Features (BusinessWire) Theta Lake, a RingCentral Premier ISV Partner and winners of RingCentral’s 2020 ISV Developer of the year for its collaboration security and complianc
BreachQuest Adds Recovery and Remediation Business Line (PR Newswire) BreachQuest, the company revolutionizing incident response, today announced the launch of its Recovery and Remediation (R&R) business line to…
Radware Protects Service Providers and Carriers from Phantom Floods That Fly Below the Radar (Radware) Radware®, (NASDAQ: RDWR) a leading provider of cyber security and application delivery solutions, today announced it has enhanced its DefensePro® DDoS Protection solution. In a market first, the company launched a Quantiles DoS Protection capability that enables service providers and carriers to surgically and automatically mitigate phantom flood attacks and traffic anomalies that historically have gone undetected.
Elisity Strengthens TD SYNNEX Cybersecurity Offerings (BusinessWire) Elisity, Inc. today announced that TD SYNNEX will add Elisity’s Zero Trust Access platform to its cybersecurity portfolio.
Technologies, Techniques, and Standards
NIST seeks data security partners – Intelligence Community News (Intelligence Community News) On October 8, the National Institute of Standards and Technology (NIST) posted a request for letters of interest from organizations wishing to participate in the Data Classification Practices: Facilitating Data-Centric Security Management project.
How Utilities Should Conduct Cybersecurity Training (Technology Solutions That Drive Business) Attacks on utilities have surged. Here’s how to prepare employees for defense.
Incident Response: 5 Principles to Boost the Infosec/Legal Relationship (Threatpost) Effective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it.
CyberPeace Is Tracking Cyberattacks on Healthcare for Societal Impact (The Sociable) With a leadership team dominated by World Economic Forum members and Agenda contributors, the CyberPeace Institute is mapping and tracking cyberattacks on healthcare systems with a new Cyber Incident Tracer to understand the societal impact of disruptive attacks like ransomware and data breaches.
Coalfire Cloud Advisory Board Plots Smartest Path (Coalfire.com) Cybersecurity industry pioneers recently came together to define best-practice paths to secure cloud application development and management in Coalfire’s latest Securealities research report, Smartest Path to DevSecOps Transformation.
Smartest Path to DevSecOps Transformation (Coalfire) Smartest Path to DevSecOps Transformation
How to protect databases from exfiltration by Super Users (CoolTechZone) A practical guide to database protection methods. You will find out who superusers are and what rights they are endowed with. We also analyzed the common mistakes superusers make and what needs to be done to prevent database hacking.
Unraveling the Dark Web (ISACA) When discussing the dark web, some might say that one will never find a more wretched hive of scum and villainy. But if that is true, why does it continue to exist?
Top 10 Considerations When Evaluating a Cloud Network Security Solution (Check Point Software) Cloud security has become business-critical as organizations expand and
Design and Innovation
Call of Duty’s new anti-cheat system includes a kernel-level driver to catch PC cheaters (The Verge) Call of Duty: Warzone will get the driver first later this year.
Academia
ALperovitch Institute: About the Institute (The Johns Hopkins University) With the generous financial support of Dimitri Alperovitch and Maureen Hinman, the Johns Hopkins University School of Advanced International Studies has established the Alperovitch Institute for Cybersecurity Studies to support SAIS students and faculty dedicated to cutting edge research and excellent instruction focused on the intersection between cybersecurity, statecraft, and policy.
West Virginia’s Marshall University launches Institute for Cyber Security; Sen. Capito touts potential (WV News) Marshall University on Wednesday launched its new Institute for Cyber Security with a ribbon cutting ceremony.
UHCL : Cybersecurity Minor Can Complement Multiple Degrees (Pasadena, TX Patch) Across all industries, data breaches and hacking are a constant concern. October is Cybersecurity Awareness Month, created as a collabor …
Legislation, Policy, and Regulation
White House kicks off international ransomware meeting amid global barrage (CyberScoop) A parade of nations recounted grim experiences with ransomware at the start of a two-day White House-led summit on Wednesday, where the gathered officials will collaborate on how to counter the rise of digital extortion.
As Russian voting moves online, Putin’s foes say another path to curb Kremlin is lost (Washington Post) Critics call Russia’s online voting system a “black box” and an “absolute evil.” President Vladimir Putin says it’s the way of the future and, like progress, “cannot be stopped.”
EU legislation introduced to ban anonymous domain registration (BleepingComputer) The European Union is drafting legislation that could soon end individuals registering domains anonymously on the continent.
DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (European Commission) This proposal is part of a package of measures to improve further the resilience and incident response capacities of public and private entities, competent authorities and the Union as a whole in the field of cybersecurity and critical infrastructure protection.
New Australian ransomware plan could freeze or seize cryptocurrencies (The Record by Recorded Future) Australian authorities are laying the groundwork to seize or freeze cryptocurrencies linked to cybercrimes regardless from where the attacks originated.
Australia to tackle ransomware data breaches by deleting stolen files (BleepingComputer) Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan,” which is a set of new measures the country will adopt in an attempt to tackle the rising threat.
Govt’s ransomware action plan gets a lukewarm welcome (iTWire) The Federal Government's Ransomware Action Plan has received a lukewarm welcome from security professionals, with one calling for an increased focus on prevention and adoption of advanced cyber security measures. H. Daniel Elbaum, chairman and joint chief executive of VeroGuard, said: "Whils…
After Spike in Ransomware Attacks, U.S. Looks to Go on the Offensive (Foreign Policy) The Biden administration is circling the wagons to address growing cyberthreats.
Lawmakers’ latest idea to fix Facebook: Regulate the algorithm (Washington Post) Whistleblower Frances Haugen says the software that decides what we see in our social feeds is hurting us all. But reforming it won’t be easy.
Why Section 230 ‘Reform’ Effectively Means Section 230 Repeal (Techdirt.) Some lawmakers are candid about their desire to repeal Section 230 entirely. Others, however, express more of an interest to try to split this baby, and “reform” it in some way to somehow magically fix all the problems with the Internet…
The next big cyberthreat isn’t ransomware. It’s killware. And it’s just as bad as it sounds. (Yahoo) Hackers increasingly target infrastructure – from hospitals and water supplies to banks and transit – in ways that could injure or kill.
Cybersecurity bills advance in U.S. Senate (Homeland Preparedness News) Two bipartisan bills from U.S. Sens. Gary Peters (D-MI) and Rob Portman (R-OH) on cybersecurity and infrastructure were approved by the U.S. Senate Homeland Security and Government Affairs Committee and now head to the full Senate for a vote. The … Read More »
Playing dumb no longer an option against ransomware reporting (Security Brief) Given the massive amounts of data enterprises hold, it may seem like an impossible task to prove what data was accessed and by whom. It isn’t.
CISA’s Wales Leans on Private Sector for Ransomware Help (MeriTalk) Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said today that the private sector needs to do more to help the government combat ransomware attacks, and expressed hope that the recently formed Joint Cyber Defense Collaborative (JCDC) effort between government and industry will go a long way toward providing a coordinated approach to deal with those and other cybersecurity threats.
Privacy Update: FCC Seeks Public Comment on the Current and Future Regulation of the “Internet of Things” (JD Supra) FCC Seeks Public Comment on the Current and Future Regulation of the “Internet of Things”
What you should know about the K-12 Cybersecurity Act of 2021 (JD Supra) On October 8, 2021, President Biden signed the bipartisan K-12 Cybersecurity Act of 2021 into law. While the act offers little in the way of concrete…
Twin DOJ Initiatives Tackle Cybersecurity Fraud and Cryptocurrency Enforcement (JD Supra) Key Points – On October 6, 2021, the DOJ announced two new initiatives: the Civil Cyber-Fraud Initiative and the National…
Treasury Actions to Counter Ransomware (JD Supra) On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced several actions focused on disrupting…
‘Absolutely Not True’: Army CIO Answers Claim US Has Already Lost To China In AI (Breaking Defense) “If you looked at both what we have in the Department of Defense and Intelligence Community, across the federal government and our industrial partners, we have the best AI technology,” Army CIO Ray Iyer said.
Maybe losing the AI race to China isn’t such a bad idea (Vox) A top Pentagon software official recently quit his job, claiming that the US is dragging its heels.
Litigation, Investigation, and Law Enforcement
US diplomat asks Albanian prosecutors to investigate mass citizen data breach (www.euractiv.com) US Ambassador to Albania Yuri Kim has called on prosecutors to investigate any breach of citizens’ privacy following the mass publication of personal data before April’s general elections.
Irish regulator proposes 36 mln euro Facebook privacy fine – document (Reuters) Ireland’s Data Protection Commission (DPC) has proposed fining Facebook up to 36 million euros ($42 million) in one of more than a dozen probes it has opened into the social media giant, according to a draft decision published by the complainant on Wednesday.
Facebook Can Process Data Without Consent: Irish Watchdog (Law360) Facebook does not need to get consent to process European users’ data if the users agree to terms of service, Ireland’s Data Protection Commissioner has said in a draft ruling that an activist claims endorses a “legal trick” that “undermines” EU privacy laws.
NJ Fertility Clinic Inks Deal To Settle AG’s Data Breach Probe (Law360) A New Jersey fertility clinic has agreed to pay $425,000 and strengthen its data security to resolve claims that it failed to put adequate measures in place to protect health information that was swept up in a data breach that affected nearly 15,000 patients, the state attorney general said Tuesday.
Judge rules neighbour’s Ring doorbell cameras breached privacy (Mail Online) Jon Woodard, 45, may have to pay Dr Mary Fairhurst more than £100,000 in damages after a judge found his use of the cameras broke data laws.