Attacks, Threats, and Vulnerabilities
Ransomware group ‘Hades’ claims more victims as investigators seek answers (CyberScoop) A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year.
Unknown Threat Group using Hades Ransomware (Accenture) Accenture reveals an unknown threat group is using self-proclaimed Hades ransomware in cybercrime operations that have impacted three victims. Read more.
Denmark’s central bank exposed in SolarWinds hack, media report says (Reuters) Denmark’s central bank was compromised in last year’s global SolarWinds hacking operation, leaving a “backdoor” to its network open for seven months, IT media Version2 reported on Tuesday, citing documents related to the case.
Microsoft: SolarWinds Hackers Continue to Target IT Companies (SecurityWeek) Microsoft says it has observed new activity associated with Nobelium, the Russia-linked threat actor that compromised IT management and monitoring solutions provider SolarWinds.
Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users (Motherboard) The company said the hackers targeted video games in China, potentially to cheat and compromise their accounts.
Nefilim Ransomware Attack Through a MITRE Att&ck Lens (Trend Micro) Nefilim is a new breed of ransomware attacks that use advanced techniques for a more targeted and virulent attack. Read to prevent these modern attack techniques.
XSS Vulnerability in Cisco Security Products Exploited in the Wild (SecurityWeek) Shortly after a PoC was released for an XSS vulnerability affecting Cisco ASA and FTD products, reports emerged of the flaw being exploited in the wild.
NewsBlur Restores Service After Hacker Wipes Database (SecurityWeek) Personal news reader NewsBlur was down for several hours last week after a hacker managed to wipe the service’s database.
Cobalt Strike: Favorite Tool from APT to Crimeware (Proofpoint) In 2021, Cobalt Strike is appearing in Proofpoint threat data more frequently than ever. Cobalt Strike is a legitimate security tool used by penetration testers to emulate threat actor activity in a network. However, it is also increasingly used by malicious actors – Proofpoint saw a 161 percent increase in threat actor use of the tool from 2019 to 2020. This aligns with observations from other security firms as more threat actors adopt hacking tools in their operations.
Cisco routers come under attack, including a destructive hacktivist campaign (The Record by Recorded Future) Cisco ASA routers and FTD firewalls are currently seeing exploitation attempts from threat actors and bug bounty hunters alike after proof of concept code was posted online last week.
Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground (Threatpost) After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it’s happened again – with big security ramifications.
Food For Thought: How Hackers Are Using Your Control Systems to Launch Cyberattacks (Food Processing) We’re talking to renowned cybersecurity expert Joe Weiss about why the biggest global threat to food safety is probably something you aren’t really aware of.
Almost 100 people to get free ID theft and credit monitoring due to school district data breach (Fairbanks Daily News-Miner) Reuben Leake purchased four computer servers and three data vaults in 2019 and discovered there were student records, employee records, teacher records and other data on some of the equipment.
Hackers are investing in each other’s operations—just like VCs invest in startups (Fast Company) Ransomware continues to grow more sophisticated and lucrative, and now security firm LIFARS says operators have built a Silicon Valley-like VC ecosystem.
Ransomware gangs now creating websites to recruit affiliates (BleepingComputer) Ever since two prominent Russian-speaking cybercrime forums banned ransomware-related topics [1, 2], criminal operations have been forced to promote their service through alternative methods.
FireEye CEO: Bitcoin enables cyberattacks (NASDAQ:FEYE) (SeekingAlpha) Kevin Mandia, CEO of cybersecurity company FireEye (FEYE), said Monday that there was no question that cryptocurrencies like Bitcoin (BTC-USD) enabled cybercrime.
Threat Spotlight: Cryptocurrency & email threats (Journey Notes) Barracuda researchers analyzed email attacks and found that the volume of cryptocurrency-related attacks closely follows the growing price of bitcoin.
Cases Currently Under Investigation (U.S. Department of Health & Human Services – Office for Civil Rights) This page lists all breaches reported within the last 24 months that are currently under investigation by the Office for Civil Rights.
All groups – Threat Group Cards: A Threat Actor Encyclopedia (Thai CERT) [A summary of known threat groups compiled by Thai CERT.]
Technology director for Midland schools discusses ransomware (Midland Daily News) Dziedzic: ‘It is becoming a much larger problem.”
Security Patches, Mitigations, and Software Updates
Vulnerability Summary for the Week of June 21, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Google to require 2FA and a physical address from Android app devs (The Record by Recorded Future) After seeing an increase in fraud and malicious developer accounts, Google has announced on Monday plans to require additional identity verification from developers who want to list apps on the official Play Store.
Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious Rootkit (Dark Reading) Rogue driver was distributed within gaming community in China, company says.
5 Things That Motivate Malvertisers (MarTech Series) Cyber criminals look for ways to infiltrate ad networks and ad serving platforms using various types of malvertising in the digital ad ecosystem. The intention is to exploit and harm website users directly, via the introduction of malware, phishing attacks, ransomware or forced redirects
Report: Scams Accounted for Nearly 60% of User-generated Malicious Content in Q1 2021 (GlobeNewswire News Room) Sift’s Q2 2021 Digital Trust & Safety Index Exposes Continued Expansion of Weaponized Content Attacks, Growing Consumer Concern of Content Fraud and Scams…
Truecaller Releases its Seventh Annual “Insights U.S. Spam & Scam Report,” Showing $29.8 Billion Lost to Scam Calls in Past Year (PR Newswire) Truecaller, the world’s best caller ID and spam blocking app, today announces the results of its seventh annual “Insights U.S. Spam & Scam…
Armis Data Highlights Need for Enterprise Security as End Users Lack Awareness of Major Cyber Attacks (GlobeNewswire News Room) Data signals importance of businesses prioritizing a focus on security as employees return to the office…
Quantifying Cybersecurity Culture: New Study Links Employee Sentiment to Security Posture (Infosec) Infosec’s latest research report reveals significant variation in security culture across industries and departments, guidance on how to quantify security culture.
Cybersecurity Culture — Quantified (Infosec) We surveyed over 1,000 working professionals to measure employee perceptions quantify cybersecurity culture. Here’s what we learned.
Lightbulb moment? CERT NZ survey finds small businesses switching on to cyber security (Reseller News) Three in five small businesses believe they should be doing more to keep secure online, according to a survey by government cyber agency CERT NZ.
Threat Intelligence Executive Report 2021 Volume 3 (Secureworks) The Secureworks® Counter Threat Unit™ (CTU) researchers frequently serve as expert resources for the media, publish technical analyses for the security community, and speak about emerging threats at security conferences.
2021 H1 Cybercrime Statistics (Atlas VPN) Atlas VPN compiled their 2021 H1 cybercrime statistics to provide a clear look on the cyber-threat landscape.
Bit Discovery Banks $4 Million for Attack Surface Management Tech (SecurityWeek) Bit Discovery has banked another $4 million in venture capital funding to compete in the crowded attack surface management space.
Accenture Acquires Sentor, Enhancing Its Cyber Defense and Managed Security Services in Sweden (BusinessWire) Accenture has acquired Sentor, a Sweden-based independent provider of cyber defense and managed security services.
DevOps platform JFrog bolsters security with $300M Vdoo acquisition (VentureBeat) DevOps company JFrog today announced that it has acquired Israeli product security company Vdoo in a deal worth $300 million.
Cyber update: DataTribe invests $2.5M into Denver startup preventing key compromise (Technical.ly Baltimore) Plus, Fugue launches a new version of its open source infrastructure as code security tool.
Daniel Loeb-backed SentinelOne hikes IPO price range, to raise over $1 bln (Reuters) Cybersecurity firm SentinelOne Inc, backed by billionaire investor Daniel Loeb’s hedge fund Third Point, has boosted the price range for its IPO and is now looking to raise about $1.02 billion, a regulatory filing showed on Monday.
CrowdStrike competitor SentinelOne boosts IPO price range to $31-$32 (Pending:S) (SeekingAlpha) California-based cybersecurity software company, SentinelOne (S)has raised the price range for its IPO and is now looking to raise about $1.02B, up from$928M and could be valued at up…
GitHub Paid Out Over $1.5 Million via Bug Bounty Program Since 2016 (SecurityWeek) GitHub says it has paid out more than $1.5 million through its bug bounty program since 2016, including over $500,000 in 2020.
eXtending Detection and Response to the Cloud: Why Fidelis Acquired CloudPassage (Fidelis Cybersecurity) Fidelis is evolving our Active XDR platform with a solution that grows with customers’ needs as they migrate more business to the cloud.
TruSight joins Cloud Security Alliance (Finextra) TruSight, the financial industry’s leading provider of validated third-party risk data, today announced that it has joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Internet Noise Contributing to Unnecessary Alert Overload for SOC Teams (PR Newswire) GreyNoise Intelligence, the anti-threat intelligence company, is helping security operations center (SOC) teams improve analyst efficiency,…
GreyNoise and the Feds (GreyNoise) GreyNoise is working with the US federal government, what this means for us, and why we’re excited about it.
Jose Muniz Joins Elevate Security as Vice President of Engineering (PR Newswire) Elevate Security, a leader in Human Attack Surface Management, today announced Jose Muniz has joined the company as Vice President of…
Cybersecurity Industry Leader Samir Kapuria Joins Crosspoint Capital Partners as Managing Director (PR Newswire) Crosspoint Capital Partners (“Crosspoint”), a private equity investment firm focused on cybersecurity, privacy, and infrastructure software…
NetAbstraction Announces First Members of New Advisory Board (WFMZ) NetAbstraction, the network obfuscation company, today announced that Mike Aiello, Chief Product Officer at HUMAN Security and a former Google cybersecurity executive as
Devo Technology Adds Former Microsoft and Carbon Black Executives to Expanded Leadership Team (Devo) Devo Technology Adds Former Microsoft and Carbon Black Executives to Expanded Leadership Team
Finite State Adds Three Veteran Cybersecurity Executives as need for Device & Supply Chain Security Surges (BusinessWire) Finite State, the innovation leader in supply chain security and risk management for connected IoT/IIoT and embedded devices, has added three veteran
Products, Services, and Solutions
DeltaNet International Launches Phishing Simulation Tool to Help Organisations Combat Phishing Attacks with Cybersecurity Awareness Training (ResponseSource Press Release Wire) DeltaNet International, a global eLearning provider of compliance training solutions, has today announced the availability of its Phishing Simulator, to help organisations strengthen their cybersecuri…
Threat Stack Announces Enhanced Compliance Functions to Accelerate Audits with New Reporting (BusinessWire) Threat Stack announced 2 new product capabilities to the Threat Stack Cloud Security Platform, compliance classifiers & enhanced compliance reporting.
Untangle Addresses Need For Threat Prevention at the Network Edge with Launch of SD-WAN Router 3.1 (PR Newswire) Untangle® Inc., a leader in comprehensive network security for small-to-medium businesses (SMBs) and distributed enterprises, today announced…
Flashpoint Named Key Partner of Palo Alto Networks’ New Cortex XSOAR Threat Intelligence Management 2.0 Helping Security Teams Tackle Global Threats at Unprecedented Scale (BusinessWire) Flashpoint announces support of Palo Alto Networks’ Cortex XSOAR Threat Intelligence Management 2.0, 360-degree threat visibility for joint customers
McAfee Powers Holistic Home Security for CenturyLink Customers (BusinessWire) McAfee Corp. (Nasdaq: MCFE) – McAfee and CenturyLink, a communications company providing fiber internet and voice services to small businesses and con
Zimperium expands to secure southern African mobiles (ITWeb) The mobile threat defence company gets local representation from Corr-Serve.
CUJO AI Unveils the Future of Connected Living, Extends Digital Life Protection Outside the Home Network (PR Newswire) CUJO AI, the global leader of cutting-edge cybersecurity and network intelligence solutions for network operators today announced that the…
Kaspersky creates power station scenario available to play in virtual reality (ITP) It allows senior leaders to learn how cybersecurity-related decisions impact the business
Democratizing Cybersecurity Careers With Fortinet TAA (International Business Times) There is a tremendous opportunity to increase the number of people entering the field as new grads enter the workforce this summer and others look to change careers or try something new.
HID Global Expands Physical Access Control Credential Choice with Industry’s Most Feature-Rich MIFARE® DESFire® Product-Based Credential (Yahoo Finance) HID Global announces the most feature-rich implementation of the latest MIFARE DESFire EV3 credential.
ExtraHop Experts Contribute Network Detection and Response Expertise to MITRE ATT&CK Framework (BusinessWire) ExtraHop Contributes Network Security Expertise to MITRE ATT&CK Framework
LastPass MSP Introduces PSA Provisioning Integrations (The LastPass Blog) LastPass now offers provisioning integrations with two Professional Services Automation (PSA) solutions, ConnectWise Manage and Datto Autotask.
Fugue Announces Regula v1.0 for Open Source Infrastructure as Code Security (Fugue) Regula includes support for Terraform and AWS CloudFormation to validate AWS, Azure, and Google Cloud resources, hundreds of prebuilt rules, and dev tooling.
Tackling the Challenge of the Growing Cybersecurity Gap (Vanderbilt Industries) The SolarWinds cyberattack of 2020 was cited by security experts as “one of the potentially largest penetrations of Western governments”…
ISARA Corp. Introduces Advance® Crypto Agility Suite to Address Critical Cryptographic Blind Spots (ISARA Corporation) ISARA Corp…today announced the launch of the ISARA Advance™ Crypto Agility Suite…to discover their cryptographic blind spots…equip them to take action against the looming threat of encryption-breaking quantum computers. Cryptography is…always overlooked, exposing vulnerabilities and risks.
Technologies, Techniques, and Standards
Scant evidence that cyber insurance boom is leading to better security (SC Media) A British study calls for a ‘reset’ in cyber insurance, calling the current model unsustainable and possibly ineffective.
Cyber Insurance and the Cyber Security Challenge (Royal United Services Institute) Governments and businesses are struggling to cope with the scale and complexity of managing cyber risk. Over the last year, remote working, rapid digitalisation and the need for increased connectivity have emphasised the cyber security challenge. As the pursuit of approaches to prevent, mitigate and recover from malicious cyber activity has progressed, one tool that has gained traction is cyber insurance. If it can follow the path of other insurance classes, it could play a significant role in managing digital risk.
Colonial Pipeline shows how not to handle a ransomware attack (American Banker) The government helped the gas pipeline operator recoup some of the funds it paid to cyberthieves, but that’s unlikely to happen often. Banks should shore up password security to minimize risk and be willing to reject hackers’ demands in the event of a breach.
Measuring the Effects of Influence Operations: Key Findings and Gaps From Empirical Research (Carnegie Endowment for International Peace) Influence operations can have measurable effects on people’s beliefs and behavior, but empirical research does not yet adequately answer the most pressing questions facing policymakers.
OT Cyber Security for Water Utilities (Radiflow) Protecting the most critical natural resource – water. Radiflow’s multi-tiered solution suite for critical ICS covers all facets of protection, monitoring and management needs.
Six steps to securely work from anywhere (IT World Canada) As most organizations consider their long-range plans for returning to the office or a hybrid of on-site and continued remote work, today’s new security perimeter is managing user identities virtually.
GDPR three years in: Three strategies for continuous compliance (ITProPortal) GDPR made the privacy picture murkier and requires companies to adopt a continuous compliance mindset.
Back to school security (Security News Desk UK) As educational facilities return to the new normal, it is important to update cyber and physical security defences to protect learners in a new environment As educational institutions return to normal it is important to highlight some of the biggest security risks that the sector is facing. One of the biggest being cybersecurity, as a lot of work will continue to
Canadian Navy Team Wins DOD (U.S. DEPARTMENT OF DEFENSE) A team from the Royal Canadian Navy came out on top in the Defense Department
Design and Innovation
Migration to Post-Quantum Cryptography (NIST NCCoE) The NIST National Cybersecurity Center of Excellence (NCCoE) is initiating the development of practices to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks.
Research and Development
If You’re Part Of A Data Breach, You Probably Don’t Know It (Science 2.0) Most people don’t recall the LinkedIn data breach from nine years ago, the Adobe customer cyber attackers from eight years back, that Equifax exposed private information of millions of people just four years ago.Those are the high profile ones but most participants in a recent University of Michigan study remained unaware that their email addresses
After Nearly 60 Years, National Intelligence University Moves to ODNI (Government Executive) “We’re one stop on that journey for developing that future officer, that future leader,” said the university president.
Legislation, Policy, and Regulation
India a Third-Tier Cyber Power, Lagging Behind China and Russia: Study (NDTV Gadgets 360) The 182-page study by the International Institute for Strategic Studies talked about the key areas where India lags when it comes to cyber-security.
The Quad Is a Delusion (Foreign Policy) The new grouping won’t give the United States any more leverage over China than it already has—and it might raise tensions in the region higher…
US plays cyber-victim blaming China, but is really the attacker (Global Times) In cyberspace, the strength of the US is very strong with stranglehold monopoly on many key resources. However, the US continually accuses other countries of carrying out false information or cyberattacks against it.
White House is said to be working on executive order on antitrust (NASDAQ:AMZN) (SeekingAlpha) The White House is said to be developing an executive order that will ask government agencies to consider antitrust concerns in decision making. No final decision has been made at…
Cybersecurity Leaders Scramble to Decipher SBOM Mandate (SecurityWeek) News analysis: The U.S. government’s push for Software Bill of Materials (SBOMs) has prompted fresh discussions around open source software security, transparency and governance.
Lawmaker, Tech Companies Clash on Software Transparency Requirements (Nextgov.com) The National Institute of Standards and Technology has defined “critical software” in accordance with an executive order to institute procurement standards federal agencies must follow.
House Bill Urges More Funding and Data on K-12 Cybersecurity (GovTech) The Enhancing K-12 Cybersecurity Act hopes to bolster funding for school cybersecurity, as well as federal data tracking of cyber crimes amid an increase in ransomware and phishing incidents in schools.
New Bipartisan Bill Aims to Bolster Federal Cyber Workforce; Sen. Maggie Hassan Quoted (Executive Gov) Sen. Maggie Hassan, D-N.H., and John Cornyn, R-Texas, have presented a bill that aims to fortify the
Hassan, Cornyn float bill to create new federal cybersecurity training programs (FCW) One part of the bill would create a pilot program to train vets to work in cybersecurity.
Lawmakers introduce American Cybersecurity Literacy Act (Security Magazine) Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure.
Sen. Wyden proposes new shield law to protect journalists’ phone, email records (Washington Post) Sen. Ron Wyden, a longtime critic of government surveillance programs, proposed legislation Monday designed to protect journalists’ data from government subpoenas in the wake of recent admissions by the Justice Department that investigators seized reporters’ records hoping to identify sources.
Ransomware Threat and Cybersecurity Regulation: What’s Next? (Bloomberg Law) Recent large-scale ransomware attacks are increasing calls for greater federal cybersecurity regulation. Freshfield Bruckhaus Deringer attorneys Brock Dahl and Boris Feldman say that prohibiting ransomware payments, making information-sharing about attacks mandatory, and mandating security measures are ideas that seem to be gaining traction among policy makers and companies should prepare.
GAO urges NASA to step up cybersecurity efforts (Fox Business) NASA’s Office of the Inspector General warned in a May report that “attempts to steal critical information are increasing in both complexity and severity,” with phishing attempts against NASA doubling and malware attacks increasing “exponentially” during the COVID-19 pandemic.
Four states propose laws to ban ransomware payments (CSO Online) Some state legislatures are debating bills that could limit or ban ransom payments. A better option, experts say, is mandatory reporting of ransomware attacks.
EU Clears Britain Data Transfers For GDPR, Law Enforcement (Law360) The European Commission said on Monday that it has adopted decisions which will allow law enforcement agencies and businesses to freely pass personal data from the bloc to Britain for four years.
Litigation, Investigation, and Law Enforcement
Government Antitrust Lawsuits Against Facebook Thrown Out by Federal Judge (Wall Street Journal) A federal judge ruled that the Federal Trade Commission and states didn’t make valid claims that Facebook engaged in unlawful monopolization.
Judge dismisses FTC and state antitrust complaints against Facebook (CNBC) A federal court on Monday dismissed the Federal Trade Commission’s antitrust complaint against Facebook.
Lawsuits: Patients ‘Harmed’ by Scripps Health Cyberattack (GovInfoSecurity) Several proposed class action lawsuits against Scripps Health allege that a recent ransomware attack put personal and health information of nearly 150,000
WSJ News Exclusive | Raees Cajee, Blamed by Investors for Billions of Dollars in Crypto Losses, Says Fraction Is Missing (Wall Street Journal) South African cryptocurrency entrepreneur Raees Cajee said less than $5 million is missing.
The Cybersecurity 202: Election security could be set back by the partisan audit in Arizona (Washington Post) Election security experts are waiting with a mixture of resignation and dread for the results of a hyperpartisan audit that’s wrapping up in Maricopa County, Ariz.
Top Pentagon Cyber Official Probed Over Disclosure Concerns (Bloomberg) Katie Arrington has had her security clearance suspended. Arrington has led a cybersecurity initiative for contractors.
Justices Won’t Hear CBP Warrantless Electronics Search Fight (Law360) The U.S. Supreme Court ruled Monday it would not weigh in on claims that the U.S. Customs and Border Protection’s warrantless searches of electronic devices at border crossings and airports are unconstitutional, despite circuits disagreeing on the legal standard courts should use to decide whether a search is allowed.