Attacks, Threats, and Vulnerabilities
U.S., allies accuse China of hacking Microsoft and condoning other cyberattacks (Washington Post) The condemnation stops short, however, of punishing China for its alleged actions, exposing the challenge of confronting the world’s second largest economy by an alliance with deep business ties there.
The Cybersecurity 202: The U.S. and allies are taking a stand against Chinese hacking. Here are three takeaways (Washington Post) The Biden administration and a bevy of allies are calling out China this morning for a raft of bad behavior in cyberspace, including a hack into Microsoft email servers that compromised at least 30,000 organizations in the United States alone.
Biden Administration Blames Hackers Tied to China for Microsoft Cyberattack Spree (Wall Street Journal) The U.S. government has “high confidence” that hackers tied to China’s main intelligence service carried out the unusually indiscriminate hack of Microsoft Exchange Server software that emerged in March.
U.S. Will Formally Accuse China of Hacking Microsoft (New York Times) The Biden administration is also expected to organize a broad group of allies to condemn Beijing for cyberattacks around the world, but stop short of taking concrete punitive steps.
White House formally blames China’s Ministry of State Security for Microsoft Exchange Hack (The Record by Recorded Future) The U.S. and a coalition of allies on Monday formally attributed the sweeping campaign against Microsoft Exchange email servers to hackers affiliated with China’s Ministry of State Security.
NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations (National Security Agency Central Security Service) The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber
Chinese State-Sponsored Cyber Operations: Observed TTPs (Cybersecurity Advisory : NSA, CISA, FBI) The National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and Allied cyberspace assets.
Chinese State-Sponsored Cyber Operations: Observed TTPs (CISA) This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND
Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department (CISA) This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds.
Hackers Penetrated Iran’s Railroad Computers Long Before July Attack (Iran International) Iranian officials say a cyberattack on the country’s railroads started with hackers penetrating the system at least a month earlier in June.
This ransomware gang hunts for evidence of crime to pressure victims into paying a ransom (ZDNet) “Extremely disciplined” Mespinoza attackers quietly enter networks via RDP attacks and search for files related to sensitive information that they threaten to publish if the victim doesn’t pay a ransom.
Fake Zoom App Dropped by New APT ‘Luminous Moth’ (Threatpost) First comes spear-phishing, next download of malicious DLLs that spread to removable USBs, dropping Cobalt Strike Beacon, and then, sometimes, a fake Zoom app.
Cryptographers unearth vulnerabilities in Telegram’s encryption protocol (CyberScoop) An international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular encrypted message app Telegram.
Defcon Talk Prompts New Windows Print Spooler Flaw Warning (SecurityWeek) Microsoft’s security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks.
More PrintNightmare: “We TOLD you not to turn the Print Spooler back on!” (Naked Security) The PrintNightmare continues. So does our advice, even though it stops your printer working.
Google: New Chrome Zero-Day Being Exploited (SecurityWeek) Google releases a Chrome browser refresh alongside a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks.
That iPhone WiFi crash bug is far worse than initially thought (The Record by Recorded Future) An innocuous iPhone bug that could crash the WiFi service has turned out to be far worse than initially thought after mobile security firm ZecOps showed on Friday how the bug could be abused for remote code execution attacks.
Windows Hello bypassed using infrared image (The Record by Recorded Future) Researchers from security firm CyberArk bypassed Windows Hello, the biometrics authentication system included with all Windows 10 versions, using just an infrared image of the device’s owner.
Critical WooCommerce Vulnerability Targeted Hours After Patch (SecurityWeek) On Thursday, WooCommerce said that on July 13 it received a report of a critical vulnerability in the plugin, urging users to update installations as soon as possible, but without providing additional information on the bug itself.
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases (Threatpost) The popular e-commerce platform for WordPress has started deploying emergency patches.
WooCommerce mandates security update after critical vulnerability was detected (TechRadar) Merchant data may be compromised
CloudFlare CDNJS Bug Could Have Led to Widespread Supply-Chain Attacks (The Hacker News) A critical RCE vulnerability in CloudFlare CDNJS infrastructure may have facilitated widespread supply-chain attacks.
HelloKitty ransomware is targeting vulnerable SonicWall devices (BleepingComputer) CISA is warning of threat actors targeting “a known, previously patched, vulnerability” found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware.
Terrifying Android scam is back, and here’s what you must do to avoid it (Express) A nasty Android threat, called Joker, is making an unwelcome comeback and ignoring the latest warnings could prove to be costly.
Vulnerabilities in Etherpad Collaboration Tool Allow Data Theft (SecurityWeek) Researchers discovered two vulnerabilities (CVE-2021-34817 and CVE-2021-34816) in Etherpad that allow modification or deletion of all data
Threats to the 2020 Tokyo Olympic Games (Recorded Future) The high profile and international nature of the Olympics make it an appealing target for those seeking to cause harm.
Japan goes on defense against cyberattacks ahead of Tokyo Olympics (Japan News) With only a week to go until the start of the Tokyo Olympics, the risk of cyberattacks grows greater by the day.
Ecuador’s state-run CNT telco hit by RansomEXX ransomware (BleepingComputer) Ecuador’s state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support.
Cyberattack on Moldova’s Court of Accounts destroyed public audits (BleepingComputer) Moldova’s “Court of Accounts” has suffered a cyberattack leading to the agency’s public databases and audits being destroyed.
The Security Threat of Voice Cloning (Avast) Advances in voice cloning enable very convincing and nuanced synthetic voices, and there are growing concerns that the technology could be compromised and used for malicious purposes.
An insurtech startup exposed thousands of sensitive insurance applications (TechCrunch) The exposed insurance applications included Social Security numbers, medical diagnoses, and detailed questionnaires about a person’s health past and present.
Ransomware hits law firm counseling Fortune 500, Global 500 companies (BleepingComputer) Campbell Conroy & O’Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack.
Bay Area Water System Apparent Cyber Victim (IndustryWeek) News is surfacing about another cyber attack, this time targeting a major water system.
Radware reveals hacktivists flying under the radar (iTWire) An in-depth survey of hacktivists by Radware has revealed new information on their activities. The data security specialist says that while some well-established threat actors are carrying out major ransomware attacks that capture news headlines, other cyber actors warrant companies&…
Security Patches, Mitigations, and Software Updates
Cisco Patches High-Risk Flaw in ASA, FTD Software (SecurityWeek) A security hole in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software could allow a remote attacker to cause a denial of service (DoS) condition.
Google Adds HTTPS-First Mode to Chrome (SecurityWeek) Google is about to give Chrome users a small security boost with new functionality that will attempt to automatically upgrade web pages to HTTPS.
Google patches Chrome zero-day, eighth one in 2021 (The Record by Recorded Future) Google has released security updates today for its Chrome web browser, including a patch to address a zero-day vulnerability that was exploited in the wild.
Several Vulnerabilities Patched in ‘MDT AutoSave’ Industrial Automation Product (SecurityWeek) Several serious vulnerabilities have been patched in the MDT AutoSave industrial automation product.
Instagram rolls out new tool to help users secure hacked accounts (The Record by Recorded Future) Instagram has begun rolling out a new security feature that will help users secure compromised accounts and kick out hackers.
Microsoft Confirms New Windows 10 Login Bypass Threat: Here’s The Fix (Forbes) Security researchers have found a way to bypass the Windows Hello facial recognition that is used by hundreds of thousands of Windows 10 users to login. Here’s what you need to know.
Fighting cyberweapons built by private businesses (Microsoft) A world where private sector companies manufacture and sell cyberweapons is more dangerous for consumers, businesses of all sizes and governments
Ransomware attackers are growing bolder and using new extortion methods (TechRepublic) IT and OT environments are increasing targets and threat actors are using Dark Web forums to launch cybercrimes, according to Accenture’s 2021 Cyber Threat Intelligence report.
Channel can be peacekeepers in the ransomware war (MicroscopeUK) There is a lot of anger around ransomware but equally there are opportunities for those with the ability to help users keep criminals at bay, as Nick Booth finds out
Big Game Hunting in Cyberspace Is Accelerating: Crowdstrike CEO (Bloomberg Technology) Crowdstrike CEO George Kurtz discusses how the White House is attempting to trace cryptocurrency transactions following recent ransomware attacks where hackers have obtained over $400 million in cryptocurrency, and whether it’s a viable strategy to combat cyber attacks. He speaks with Emily Chang on “Bloomberg Technology.” (Source: Bloomberg)
Inside the Industry That Unmasks People at Scale (Motherboard) Unique IDs linked to phones are supposed to be anonymous. But there’s an entire industry that links them to real people and their address.
Private Espionage Is Booming. The US Needs a Spy Registry (Wired) From Black Cube to Fusion GPS, the operatives-for-hire industry has recklessly exploded. Disclosure requirements could keep things in check.
Kiwi firms may be among ‘easy prey’ (NZ Herald) Cyber-attackers exploit misconceptions many organisations have about their IT security.
Airlines are increasingly becoming targets for cyber attacks (Travel Daily Media) According to a Eurocontrol report, there has been a significant increase in cyber attacks against various segments of the aviation industry over the last year.
Gamers the new target of scammers worldwide (Pickr) It’s not just you or the parentals being targeted by cybercriminals, as scammers focus on an industry worth billions: gamers.
Here’s where Maryland played a role in ID Technologies’ acquisition of Columbia-based Attila Security (Technical.ly Baltimore) The cybersecurity company wants to have a presence near talent and government operators at Fort Meade. All team members of Attila Security will join Ashburn, Virginia-based ID Technologies.
Enea to buy AdaptiveMobile (Light Reading) Enea has signed an agreement to acquire AdaptiveMobile Security Ltd, a leading provider of security solutions for mobile networks. The enterprise value of AdaptiveMobile Security amounts to approximately EUR 45 million on a cash and debt free basis. Enea estimates that AdaptiveMobile Security will have sales of approximately EUR 17 million for the full year 2021, with an EBIT margin in 2022 that will be close to Enea’s operating margin target. Closing is expected in July 2021.
Avantus Buys Cyber Platform Provider Occam’s Razor Technologies; Andy Maner Quoted (GovCon Wire) Looking for the latest GovCon News? Check out our story: Avantus Buys Cyber Platforms Provider Occam’s Razor Technologies. Click to read more!
Avantus Federal acquires cyber services firm (Washington Technology) Avantus Federal completes its first acquisition under the new name and branding that it unveiled to the market in November 2020.
OPSWAT Announces Asset Acquisition of Bayshore Networks to Expand Critical Infrastructure Protection Capabilities to OT/ICS Environments (PR Newswire) OPSWAT, the global leader in Critical Infrastructure Protection (CIP), today announced that it has acquired all assets of Bayshore Networks,…
ZeroFox Acquires Phoenix-Based Company, Reopens South Baltimore Office (SouthBMore.com) ZeroFox, the South Baltimore-based external threat intelligence and protection company, has made its second corporate acquisition in the last nine months with its recent purchase of Phoenix-based Vigi
Forcepoint closes acquisition of UK cybersecurity firm (CRN) Security vendor announced acquisition of Deep Secure in June
Latest M&A Chatter Involves Avast-NortonLifeLock, Intel (Channel Futures) The latest big-tech M&A talk involves a potential merger of rivals Avast and NortonLifelock, and Intel potentially acquiring GlobalFoundries.
Form 8.3 – AVAST PLC (Yahoo Finance) LONDON, July 16, 2021– FORM 8.3 LONDON, July 16, 2021–(BUSINESS WIRE)–
PUBLIC OPENING POSITION DISCLOSURE/DEALING DISCLOSURE BY
A PERSON WITH INTERESTS IN RELEVANT SECURITIES REPRESENTING 1% OR MORE
ECS parent backs acquisition of cyber, digital transformation (Washington Technology) The parent company of government technology business ECS backs an acquisition to help the public sector business bolster its cybersecurity and digital transformation posture.
Capgemini to acquire Empired for $233 million (CRN Australia) As global SI seeks to strengthen cloud and data capabilities in the region.
Clear Skye Announces Over 300% Revenue Growth in First Half 2021; Continues Global Expansion, Customer Addition, Product Innovation, and Industry Recognition (BusinessWire) Clear Skye experiences over 300% revenue growth in first half 2021, bringing cutting-edge IGA solutions to enterprise organizations.
CRN® Recognizes Axis Security on the 2021 Emerging Vendors List (PR Newswire) Axis Security, the leader in Zero Trust Network Access (ZTNA), announced today that CRN®, a brand of The Channel Company, has named Axis…
BIRD to invest $6m. in joint US-Israel innovation projects (The Jerusalem Post) The BIRD Foundation promotes collaborations between US and Israeli companies in various technological sectors for joint product development.
What to expect for cybersecurity investment as we emerge from the pandemic (VentureBeat) Cybersecurity is a red-hot sector, and venture capital firms are looking at the market and trying to predict what’s in store for the future.
Meet Shift5, the 50-person security startup quietly hiring execs away from hot startups like Tanium and Armis and landing millions in military contracts (Times News Express) Shift5 cofounders Michael Weigand, left, James Correnti, and Josh Losposino were Army buddies who founded a startup to protect the data in jets, trains,
Cyber company Darktrace hits new high on upgraded 2022 guidance (Reuters) Darktrace (DARK.L), the cybersecurity company that listed in April, upgraded its guidance for 2022 on Thursday as it said revenue for the financial year just ended would grow by a better-than-expected 40% plus to at least $278 million.
Council Post: Critical Questions To Ask When Joining A Startup (Forbes) If you have the opportunity to join a startup, get clarity on the following before you join.
Cybersecurity: An issue for both big and small businesses (BusinessNorth) It seems every other day there’s a news story of some major company being hacked, its information being held for some insane ransom. Maybe it’s a major fuel supplier or
CrowdStrike Wins Fourth Consecutive Award in Latest AV-Comparatives Mac Testing, Outshining Legacy Players and Other Next-Gen Endpoint Providers (BusinessWire) CrowdStrike Inc., a leader in cloud-delivered endpoint protection and workload protection, today announced Falcon Pro for Mac has won a fourth consecu
Cyber expert Crosspoint Capital follows huge debut fund success by bringing in two new managing directors (AltAssets Private Equity News) Cybersecurity and software infrastructure-focused buyout house Crosspoint Capital Partners has brought in two new managing directors.
Peraton names new C-suite executives, including its top IT officer (Washington Business Journal) The Herndon IT services contractor named its new top IT officer, alongside two other C-suite moves as it continues to absorb Perspecta.
Telos Corporation Appoints New Chief Financial Officer – Telos Corporation (Telos Corporation) Telos® Corporation (NASDAQ: TLS), a leading provider of cyber, cloud and enterprise security solutions for the world’s most security-conscious organizations, announced it has appointed Mark Bendza as executive vice president and chief financial officer, effective July 19, 2021. Bendza previously served as vice president in charge of investor… Read more
Products, Services, and Solutions
Introducing Workflows: Automations for Any Use Case (Persona) From setting custom rules to triggering actions, Workflows is a flexible, intuitive, and powerful way to automate your identity processes and more.
1Password’s new API pipes data into third-party tools such as Splunk (VentureBeat) 1Password’s new events API gives security teams “greater data visibility” and insights by piping data directly into third-party SIEM tools.
HUMAN BotGuard helps enterprise customers protect web and mobile apps from bot attacks (Help Net Security) HUMAN Security announced its newly-named BotGuard and a range of new features to expand protection from sophisticated bot attacks and fraud.
Exclusive Networks Pacific launches new MSSP platform (CRN Australia) With SentinelOne as first vendor on offer.
Cofense Delivers Industry’s First Cloud-Native Email Security for Microsoft 365 and Google Workspace – Deployable in Less than a Minute (BusinessWire) Cofense Protect MSP is already protecting hundreds of MSPs and their customers from phishing attacks, activated with one click in less than a minute.
Incedo Inc. Transforms Security Defenses and Becomes a Highly Resilient Organization with Check Point (Check Point Software) Incedo serves clients in financial services,
Technologies, Techniques, and Standards
Long-Awaited STIX, TAXII Cyberthreat Sharing Standards Approved (SDxCentral) STIX and TAXII, two popular open source projects that automate threat intelligence sharing, have been approved as full OASIS standards.
Deloitte Grants MS-ISAC Members Free Cyber Threat Intel (GovTech) Through a new partnership, the 10,000-plus government members in the Multi-State Information Sharing and Analysis Center will be able to access Deloitte’s Cyber Detect and Respond Portal at no cost.
Gating your revenue: How to keep orders flowing while keeping criminals out (Digital Commerce 360) All the latest webinars about Gating your revenue: How to keep orders flowing while keeping criminals out across DigitalCommerce360.
Trump Hacker and Friends on a Mission to Fix the Internet (SecurityWeek) The Dutch Institute for Vulnerability Disclosure (DIVD) is a volunteer group that has quietly prevented hundreds of cyberattacks since 2019 by finding vulnerabilities that could be exploited by hackers
Censorship circumvention tool helps 1.4 million Cubans get internet access (Reuters) Psiphon Inc’s freely available internet censorship circumvention tool has about helped nearly 1.4 million Cubans this week gain access to websites, the company said on Friday, after Cuba’s government curbed access to popular social media and messaging platforms.
Design and Innovation
CIOs Faced Trade-Off Between Speed and Perfection in Pandemic Response (Wall Street Journal) So-called technical debt accumulated at some companies as they moved quickly to boost digital capabilities
A wide range of computer information technology programs offered by FTCC (Illinois News Today) Students have a variety of options for their careers related to computer information technology at FTCC, from programs that teach them to build mobile applications to the creation of digital art. Advertising & graphic design. FTCC’s Advertising and Graphic Design Associate Program provides students with the skills needed to illustrate and design logos, advertising and …
Legislation, Policy, and Regulation
Japan goes on defense against cyberattacks ahead of Tokyo Olympics (Japan Times) With only a week to go until the start of the Tokyo Olympics, the risk of cyberattacks grows greater by the day.
A world in cyberwar (Korea JoongAng Daily) Tension is rapidly building after Russian cyberattacks on SolarWinds, a leading IT infrastructure and management software provider, and Colonial Pipeline, a top fuel pipeline operator, both in the United States. At least nine…
Russia’s National Security Strategy: Same book, new cover (Interpreter) The subtext of the country’s new security strategy reveals a regime beset by suspicion and insecurity.
Global Data Restrictions on the Rise Amid Privacy and Security Fears (Wall Street Journal) Chinese scrutiny of tech firms is part of a wave of measures around the world aimed at keeping data in-country.
Surveillance in Spotlight Amid Ongoing EU-U.S. Data Privacy Rift (Bloomberg Law) U.S. government surveillance remains in the spotlight one year after the European Union’s top court struck down a main mechanism that Facebook Inc. and about 4,000 other companies used to transfer data across the Atlantic.
UK Spy Agency Releases Annual Threat Report (SecurityWeek) MI5’s UK Annual Threat Update 2021 from director general Ken McCallum almost mirrors the threat warnings delivered by U.S. government agencies: ransomware and IP theft in cyber, and extreme right-wing terrorism amplified by online echo chambers.
Director General Ken McCallum gives annual threat update 2021 (MI5 – The Security Service) MI5 Director General Ken McCallum gave his annual threat update today, 14 July 2021, which was filmed at our headquarters in Thames House, London.
Foreign actors will seek to interfere in next Canada election – spy agency (Reuters) Foreign state-sponsored actors will try to interfere in the next Canadian federal election but not on the scale of the campaign mounted against the United States, Canada’s electronic signals spy agency said on Friday.
China Plans to Exempt H.K. IPOs From Cybersecurity Reviews (Bloomberg) CSRC has been meeting underwriters to explain new rules. Bankers say H.K. process will likely be less onerous than U.S.
Senate, NDIC move to protect depositors’ funds against cyberattack (Punch Newspapers) The Chairman, Senate Committee on Banking, Insurance and other Financial Institutions, Senator Uba Sani, said the committee has resolved to collaborate with the Nigeria Deposit Insurance Corporation to protect depositors’ funds against cyber-attack in commercial banks across the country.
China Wants a Chip Machine From the Dutch. The U.S. Said No. (Wall Street Journal) The Biden administration, continuing a Trump policy, seeks to stop ASML from selling China machines crucial to advanced microprocessors.
US Blacklists 6 Russian Organizations Over Security Concerns (BankInfoSecurity) The Department of Commerce is restricting trade with four Russian IT and cybersecurity firms, along with two other entities, over concerns that these organizations
Addition of Entities and Revision of Entry on the Entity List (Department of Commerce, Bureau of Industry and Security) In this rule, the Bureau of Industry and Security (BIS) amends the Export Administration Regulations (EAR) by adding six entities to the Entity List. These six entities, all of which are being added under the destination of Russia, have been determined by the U.S. Government to be acting contrary to the national security or foreign policy interests of the United States and are being added consistent with Executive Order 14024, Blocking Property With Respect To Specified Harmful Foreign Activities of the Government of the Russian Federation, issued on April 15, 2021. This rule also corrects one existing entry on the Entity List under the destination of Russia.
White House launches ransomware task force amid calls for retaliation against Russia (CBS News) The multi-agency effort comes as pressure mounts on President Biden to retaliate for Russia’s failure to curb cyberattacks on U.S. infrastructure.
The Whole Is Greater Than the Sum of its Parts: Taking a Holistic Approach to the White House Cyber Executive Order (Lumen Newsroom) By delivering the fastest, most secure platform for applications and data, Lumen plays a critical role in the communications and technology ecosystem that can help protect the cybersecurity of all things.
Key concepts in Biden’s Executive Order can improve cybersecurity (Fast Company) Here is a quick look at some of the key concepts in Biden’s order and what organizations can do to fulfill them and improve cybersecurity.
Bipartisan Bill Would Create International Security Standards for Tech Research (MeriTalk) Bicameral, bipartisan legislation introduced by four lawmakers this week aims to create international security standards with American allies for emerging technology research such as AI and quantum science.
Rep. Katko Calls for Increased CISA Funding (MeriTalk) Rep. John Katko, R-N.Y., ranking member of the House Committee on Homeland Security, called for increased funding for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), saying CISA “needs to be a $5 billion agency in the next five years.”
Recent Attacks Lead to Renewed Calls for Banning Ransom Payments (Dark Reading) While attackers in protected jurisdictions continue to get massive sums for continuing to breach organizations, the ransomware threat will only continue to grow
Biden on Facebook: ‘They’re killing people’ with vaccine misinformation (CNBC) “I mean they really, look, the only pandemic we have is among the unvaccinated, and that’s — they’re killing people,” Biden said.
Surgeon general issues warning over vaccine misinformation as White House turns up the heat on Facebook | CNN Politics (CNN) US Surgeon General Dr. Vivek Murthy warned Thursday health misinformation is “a serious threat to public health,” as administration officials grow increasingly concerned about misleading claims about coronavirus vaccines, leading to a confrontation with social media giant Facebook.
Facebook contests Biden’s claim that misinformation on the platform is “killing people” (Axios) “We’re dealing with a life or death issue here,” press secretary Jen Psaki said Friday.
Former NSA director: U.S. needs a new approach to ransomware response (Healthcare IT News) In advance of his appearance at HIMSS21, Admiral Michael S. Rogers, who also served as commander of the U.S. Cyber Command, says the government and private sector must work more closely and collaboratively.
Think you still have 4+ years to comply with CMMC? Think again. (Entrust Blog) First announced in January 2020 with a prolonged rollout through October 2025, many defense contractors may feel they still have lots of time to comply
Biden’s Cybersecurity Team Gets Crowded at the Top (Wired) It’s a lot of talent, but the US now has five overlapping roles jockeying for limited budgets, authorities, and bureaucratic victories.
Litigation, Investigation, and Law Enforcement
Pegasus: The new global weapon for silencing journalists (Forbidden Stories) At least 180 journalists around the world have been selected as targets by clients of the cybersurveillance company NSO Group, according to a new Forbidden Stories investigation, published today.
The Pegasus Project: A Worldwide Collaboration to Counter a Global Crime (Forbidden Stories) Today, for the first time in the history of modern spying, we are seeing the faces of the victims of targeted cyber-surveillance. This is a worldwide scandal – a global web of surveillance whose scope is without precedent.
About The Pegasus Project (Forbidden Stories) An unprecedented leak of more than 50,000 phone numbers selected for surveillance by the customers of the israeli company NSO Group shows how this technology has been systematically abused for years. The Forbidden Stories consortium and Amnesty International had access to records of phone numbers selected by NSO clients in more than 50 countries since 2016.
Private Israeli malware used to spy on journalists, activists: report (France 24) Private Israeli malware used to spy on journalists, activists: report
Data leak reveals international hacker group targeted journalists, activists, political leaders with spyware (FOX 2) An investigation by a global media consortium based on leaked targeting data provides further evidence that military-grade malware from Israel-based NSO Group, the world’s most infamous hacker-for-…
Takeaways from the Pegasus Project (Washington Post) Military-grade spyware leased by the Israeli firm NSO Group to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and the two women closest to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners led by the Paris-based journalism nonprofit Forbidden Stories.
Israeli Companies Aided Saudi Spying Despite Khashoggi Killing (New York Times) Ignoring concerns that Saudi Arabia was abusing Israeli spyware to crush dissent at home and abroad, Israel encouraged its companies to work with the kingdom.
Israeli Defense Ministry approved export of offensive cyber technology to Gulf states: N.Y. Times (Israel Defense) The New York Times claims that the Defense Ministry approved the sale of spyware to Saudi Arabia. The report follows many previous reports on the same topic
Private Israeli spyware used to hack cellphones of journalists, activists worldwide (Washington Post) NSO Group’s Pegasus spyware, licensed to governments around the globe, can infect phones without a click
Jamal Khashoggi’s wife targeted with spyware before his death (Washington Post) The cellphones of murdered Saudi columnist’s fiancee and associate hacked after his murder
In Orban’s Hungary, spyware was used to monitor journalists and others who might challenge the government (Washington Post) The deployment of the tool, confirmed with forensics, shows a willingness to use tactics previously deemed out-of-bounds
Despite the hype, iPhone security no match for NSO spyware (Washington Post) International investigation finds 23 Apple devices that were successfully hacked
NSO Group vows to investigate potential spyware abuse following Pegasus Project investigation (Washington Post) Human rights activists, political dissidents and others around the world expressed outrage at revelations regarding the use of the Israeli company’s software in widespread hacking
Letter from the editor (Washington Post) Dear Reader,
Today The Washington Post is joining news organizations across the globe to bring you an important story.
Revealed: leak uncovers global abuse of cyber-surveillance weapon (the Guardian) Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests
What is Pegasus spyware and how does it hack phones? (the Guardian) NSO Group software can record your calls, copy your messages and secretly film you
How does Apple technology hold up against NSO spyware? (the Guardian) The iPhone maker says it is keeping pace with malware, but the Pegasus project paints a worrying picture
Huge data leak shatters lie that the innocent need not fear surveillance (the Guardian) Our investigation shows how repressive regimes can buy and use the kind of spying tools Edward Snowden warned us about
Key Modi rival Rahul Gandhi among potential Indian targets of NSO client (the Guardian) Leak suggests Indian opposition leader among hundreds selected for possible surveillance by Modi government
Saudis behind NSO spyware attack on Jamal Khashoggi’s family, leak suggests (the Guardian) Forensic analysis shows phones of those close to journalist were targeted before and after he was murdered
VIPs ‘including Jamal Khashoggi’s wife’ targeted by cyber hackers (Mail Online) Hanan Elatr’s phone number was found on a leaked list of over 50,000 alleged to have been identified as potential targets for governments using the military-grade spyware.
NSO Group’s Pegasus spyware used to target journalists, activists around the world (Computing) Forensic analysis has confirmed the targeting of 37 phones
What Vietnam is doing with Israeli phone-hacking tech (Haaretz) A new investigation reveals that Cellebrite sells its digital forensics tools to a Vietnamese ministry known for persecuting bloggers, journalists and religious and ethnic minorities
Vietnam buying Israel spyware to repress opposition (Middle East Monitor) Israeli intelligence software Cellebrite is supplying Vietnam digital surveillance tools which it has used to quash opposition, rights groups say. Israeli newspaper Haaretz said Vietnam’s Publi…
Got Bitcoin, Will Buy Intel: U.S. Government Offers Cryptocurrency Bounty In Radical New Approach To Fighting Cybercrime (Forbes) For the first time in its history, the U.S. federal government is offering to pay for services with cryptocurrency.
UK court allows lawsuit against Dechert over Indian hacking allegations (Reuters) A Missouri businessman can sue Dechert LLP over his claim that the international law firm helped mastermind the hack and leak of his emails, a British court ruled on Friday.
California’s attorney general backs call for Global Privacy Control adoption (Digiday) California’s attorney general Rob Bonta is getting tougher on privacy enforcement when it comes to use of Global Privacy Control.
Amazon just got Fakespot booted off Apple’s iOS App Store (The Verge) The fake review spotting app’s founder says it was abrupt.
Government Can’t Give Riot Grand Jury Records To Deloitte (Law360) A D.C. federal judge on Friday rejected the government’s request to share all grand jury materials with Deloitte, which it hired to organize a large volume of the evidence in over 500 U.S. Capitol riot defendants’ cases, ruling that neither the private contractor nor its staff qualify as government employees under grand jury disclosure rules.
In Test of Section 230 Immunity, 2nd Circuit Panel Agrees to Rehear Argument in Pastor’s Lawsuit Against Vimeo | New York Law Journal (New York Law Journal) The judges, without explanation, agreed to rehear arguments in case where they ruled that the video platform was protected from a lawsuit over removal of a user from it platform by Section 230 of the Communications Decency Act.
Google Sued Over Rap Video On School Property With Kids (Law360) A New Jersey school district has hit Google with a federal lawsuit for displaying on YouTube a rap music video filmed on school property last month that allegedly lauded sexual acts, violence and drug use while also including district students without their parents’ permission.
Arizona Senate, Cyber Ninjas provide update on election audit (KTAR) Arizona Senate President Karen Fann scheduled a public briefing Thursday with the leaders of the ongoing election audit that she authorized.
Rep. Bill Posey Signs GOP Letter to Demand Answers From NSA About Illegally Spying on Fox News Host Tucker Carlson (Space Coast Daily) Rep. Bill Posey (FL-08) and Rep. Louie Gohmert (TX-01) led a letter to NSA Director Paul Nakasone demanding information on reports that the Agency illegally spied on Fox News host Tucker Carlson and planned to leak his personal emails to media outlets.