Attacks, Threats, and Vulnerabilities
Flubot Android malware now spreads via fake security updates (BleepingComputer) The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections.
Watch out for this fake Android security update — it’s really malware (Tom’s Guide) FluBot goes meta with bogus warning about FluBot infection
Conti gang threatens to dump victim data if ransom negotiations leak to reporters (The Record by Recorded Future) The Conti ransomware gang has published a rare public statement today threatening hacked companies that they will leak their stolen files if details or screenshots of the ransom negotiations process are leaked to journalists.
Coinbase Attackers Bypassed Account Authentication (Infosecurity Magazine) At least 6000 customers had funds stolen after raid
Hackers bypass Coinbase 2FA to steal customer funds (The Record by Recorded Future) More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase’s SMS-based two-factor authentication system to breach accounts.
Offshore havens and hidden riches of world leaders and billionaires exposed in unprecedented leak (ICIJ) The Pandora Papers reveal the inner workings of a shadow economy that benefits the wealthy and well-connected at the expense of everyone else.
Pandora Papers: Secret wealth and dealings of world leaders exposed (BBC News) The offshore dealings of presidents, prime ministers and royalty feature in the Pandora Papers.
Here Are the Biggest Revelations From the Pandora Papers Leak (Bloomberg) Unprecedented leak of financial data details offshore assets. Investigative journalist group obtained 11.9 million documents.
Pandora papers: biggest ever leak of offshore data exposes financial secrets of rich and powerful (the Guardian) Millions of documents reveal offshore deals and assets of more than 100 billionaires, 30 world leaders and 300 public officials
Pandora papers live: Boris Johnson says ‘all Tory donations vetted’; Kremlin dismisses ‘unsubstantiated claims’ (the Guardian) UK PM says donations are vetted in accordance with rules; Vladimir Putin’s spokesperson says claims are ‘unsubstantiated’
What the ‘Pandora Papers’ show about how the powerful hide money from public view (NPR.org) The global investigation sheds new light on how the world’s wealthy use a network of lawyers and financial institutions to obscure their finances from authorities, their creditors and the public.
Scam sites offering fake streams of new James Bond movie (CNET) Researchers warn of malicious files designed to look like No Time to Die.
A wolf in sheep’s clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus (Talos) A blog from the world class Intelligence Group, Talos, Cisco’s Intelligence Group
Hackers rob thousands of Coinbase customers using MFA flaw (BleepingComputer) Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company’s SMS multi-factor authentication security feature.
DeFi bug accidentally gives $90 million to users, founder begs them to return it (CNBC) About $90 million went out in error to users of Compound, a decentralized-finance staking protocol. The founder is begging users to return the tokens.
Cyber attack that took out phones ‘determined and deliberate,’ according to Walla Walla’s PocketiNet president (Union-Bulletin.com) “This really reveals a homeland security problem with our government,” PocketiNet President Todd Brandenburg said. “This is going to keep happening … the biggest question is: Who’s next?”
Slack Is Down for Many People Worldwide (Gizmodo) The workplace messaging app might not be restored until 5 p.m. ET on Friday for some people.
Kansas county pays ransom to resolve cyber attack (Salina Post) POTTAWATOMIE COUNTY –Officials are making progress in restoring computer systems and machines after a ransomware attack encrypted several se
Pottawatomie Co. pays hackers to restore computer systems after cyber attack (WIBW) The county was able to resolve the attack by paying less than 10% of the hacker’s original demands.
Tesuque Casino shuts down due to cyber attack (KRQE NEWS 13) A New Mexico casino is planning to reopen soon after being the victim of a cyber-attack last month. The Tesuque Casino says it shut down on September 25 after discovering t…
Security Patches, Mitigations, and Software Updates
Who Will Patch Your VPN First? You, or Your Adversaries? (Eclypsium) What makes these types of Internet-facing VPN device vulnerabilities so insidious is that once an attacker has compromised a VPN device, there is hardly anything they can’t then do to the enterprise…
The next wave of cyberattacks will have 5G to thank (teiss) Rolling out 5G means a huge investment in structurally different network hardware that can support the velocity and volume 5G promises.
The 2021 Ransomware Risk Pulse: Energy Sector (Black Kite) Ransomware on the Rise Across Critical Infrastructure
GDPR fines in Q3 almost hit €1B, 20x more than in Q1 and Q2 combined (Finbold) The EU GDPR fines for 2021 Q3 hit €984.47 million, which is almost 20 times higher than cumulative fines of €50.26 imposed during Q1 and Q2.
Advanced Threat Research Report, October 2021 (McAfee) We’ve shifted new focus to prevalence. In other words, the team is now paying attention to how often do we see the threat in the globe, and more importantly who does it target?
There’s a Multibillion-Dollar Market for Your Phone’s Location Data (The Markup) A huge but little-known industry has cropped up around monetizing people’s movements
Data Governance Trends Report – CIO Wish List (Egnyte) See why ransomware is a top data security concern for large companies, and read opinions on how AI can solve challenges in security and compliance.
UK finance sector severely vulnerable to rising cyberattacks (HR News) The UK’s finance sector is struggling to keep cybercriminals at bay, new research by Keeper Security has revealed. The 2021 Cybersecurity Census Report
STUDY: Millennials and Gen Z Say They are Bigger Victims of Cybercrime (GlobeNewswire News Room) Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2021 from National Cybersecurity Alliance and CybSafe for Cybersecurity Awareness Month…
One Identity Acquires OneLogin, Adding Market-Leading Access Management Solutions to the Industry’s only Unified Identity Security Platform (One Identity)
Solutions address increasing flood of security incidents caused by mismanaged identities, helping organizations enhance their overall cybersecurity posture
The combined entity will serve more than 10,000 customers while actively managing 300…
How IonQ is planning to bring a quantum computer to the masses (Fast Company) The company is going public today via SPAC—even though its years away from its goal of a 1000-qubit quantum computer.
McAfee-FireEye Merger Makes STG’s Plans Clearer (eSecurityPlanet) As McAfee Enterprise and FireEye Products merge, RSA Security remains a separate company in STG’s portfolio.
McAfee Enterprise, FireEye Products Merged Into $2B Entity (SecurityWeek) Private equity firm Symphony Technology Group announced the merger of McAfee Enterprise and the newly acquired FireEye Products into a single pure-play cybersecurity company.
Third-Party Identity Risk Provider SecZetta Raises $20.5 Million (SecurityWeek) Third-party identity risk solutions provider SecZetta this week announced that it has raised $20.5 million in Series B funding, which brings the total raised by the company to $30.5 million.
IGI Cybersecurity Announces Commitment to Global Efforts Advocating for Cybersecurity and Online Behavior Change during Cybersecurity Awareness Month (GuruFocus) GuruFocus Article or News written by ACCESSWIRE and the topic is about:
Cyber Insurance Prices To Surge After COVID-19, S&P Warns (Law360) Ratings giant S&P Global has warned that cyber insurance prices will skyrocket over the next two years, after the pandemic led to a spike in cyberattacks, and warned insurers and reinsurers to form partnerships to prepare for the changing sector.
Google offers $1 million sponsorship to secure open source software (The Record by Recorded Future) Google has announced today a $1 million sponsorship for a new pilot program aimed at enhancing the security of critical open source software projects.
#BeCyberSmart: Cybersecurity awareness champions (Newsroom | TikTok) By Luna Wu, Global Security Business Operations and Portfolio Lead at TikTok At TikTok, we believe that everyone benefits from a safer and more secure world. This Cybersecurity Awareness Month and all
Swimlane Wins Cybersecurity Breakthrough Award for ‘Overall SOAR… (Swimlane) This past year has seen businesses embracing digital transformation at an unprecedented rate, while at the same time, businesses have been challenged to defend an expanded attack surface and “keep up” with the deluge of security alerts that puts IT and security teams on the back foot of defending…
Recorded Future Named Threat Intelligence Company of the Year by CyberSecurity Breakthrough (PR Newswire) Recorded Future, the world’s largest provider of intelligence for enterprise security, today announced that it has been named Threat…
Bitdefender expands marketing leadership with two key appointments (Help Net Security) Bitdefender announced two additions to its marketing leadership to bring experience and to lead product and marketing teams.
Ex-BBC news head joins Huawei as Chinese telecoms giant seeks to boost image after ‘espionage’ bans (The Telegraph) The UK government has banned British telecoms firms from buying equipment from Huawei, citing security and espionage concerns
Products, Services, and Solutions
Cybersecurity Index – Team8 (Team8) The WisdomTree & Team8 Cybersecurity Index is a first of its kind index that is geared towards tracking innovations in cybersecurity made by companies in the public markets. Trust in our digital infrastructure has gone from very important to absolutely critical.
Blackpanda and Pandamatics Partner with SentinelOne to Provide Incident Response and Cyber Insurance for APAC Businesses – Headlines of Today (Headlines of Today) SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced a strategic partnership with Blackpanda, Asia’s premier digital forensics and incident response firm, and Pandamatics Underwriting, an Asia-focused cyber insurance coverholder. The partnership delivers a single source cyber resilience solution, providing customers with protection against advanced threats.
Shin Bet Vets Team Up With Volkswagen to Revolutionize Automotive Cybersecurity (Algemeiner.com) The Volkswagen logo. Photo: Wikimedia Commons. CTech – In Tsafrir Kats’ office, near his desk, hangs a photograph of an …
Microsoft Announces Partnership with Cyber Insurance Firm At-Bay (Redmond Channel Partner) Microsoft will be entering a multiyear partnership with At-Bay, a San Francisco-based insurance company that focuses on enterprise data.
Group-IB partners with Spire Solutions to bolster Middle East’s cyber environment (EIN) Group-IB, one of the leading solution providers dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and intellectual property protection, has signed a partnership agreement with Spire Solutions, the Middle East and Africa region’s leading value-added distributor.
Mosyle Launches Market’s First Encrypted DNS Filtering & Security Solution With Automated Deployment for Apple Devices (BusinessWire) Mosyle, the leader in modern Apple MDM and security, today introduced its Encrypted Domain Name System (DNS) Filtering & Security Solution, the ma
IDology Wins Finovate Award for Best Identity Management Solution (PR Newswire) IDology, a GBG Company, announced today it has been recognized as the industry’s best identity management solution by Finovate. This award is…
XSOC CORP Recognized by CyberSecurity Breakthrough Awards Program for Overall Encryption Solution of the Year (BusinessWire) XSOC CORP, a leading developer of extensible, secure, optimized cryptographic tools, platforms and protocols was named the winner of the “Overall Encr
Xylem, Dragos Partner to Bring Cybersecurity Leadership to Water Utilities (BusinessWire) Xylem and Dragos partner to bring cybersecurity leadership to water utilities.
JFrog Authorized as a Numbering Authority for Vulnerabilities Exposure (BusinessWire) JFrog has been named a CVE Numbering Authority (CNA) allowing the company to assign CVE identification numbers to software security vulnerabilities.
Samsung SDS chooses Pradeo to protect its customers’ mobile devices (Pradeo Security) Pradeo and Samsung SDS are announcing today the recent signature of a commercial partnership. Pradeo’s Mobile Threat Defense services are now integrated with Samsung SDS on-premises Enterprise Mobility Management solution and resold by Samsung SDS’s sales teams.
Technologies, Techniques, and Standards
Achieving Secure Digital Transformation in Manufacturing (Dragos | Industrial (ICS/OT) Cyber Security) Cyber attacks on manufacturing companies and critical infrastructure threats continue to increase, and managing the operational risk associated with digital transformation is both a cybersecurity and operations challenge. Join Dragos, Deloitte, ServiceNow, and select customer CISOs for best practices to digitally transform manufacturing operations securely in today’s hyperconnected world. Hear directly from this diverse team…
Academics discover hidden layer in China’s Great Firewall (The Record by Recorded Future) A team of academics from the University of Maryland has discovered a previously hidden layer in China’s Great Firewall censorship system.
4 steps to protect the C-suite from business email compromise attacks (CSO Online) Preventing top executives from becoming BEC victims requires a different approach. Putting the risk in business terms is key.
Risky business: walking the tightrope between cybersecurity and business productivity (teiss) Yet with data breaches, ransomware and nation-state attacks becoming a part of the everyday vernacular for businesses and consumers alike.
Three kinds of phish: What distinguishes the best phishing campaigns and how to avoid falling for them (ITProPortal) What distinguishes the best phishing campaigns and how to avoid falling for them
When Are Virtual Chief Information Security Officers the Right Choice? (ISACA) Cybersecurity executive management and leadership are a key component to securing an organization’s infrastructure and assets properly.
New cybersecurity degree comes to campus – Royal Purple (Royal Purple) Check out royalpurplenews.com and visit local distribution stands for newspapers. News sections include news, opinions, arts & rec, lifestyle, Biz & Tech and sports.
Discover the best online cybersecurity degrees (ZDNet) Cybersecurity careers can offer six-figure salaries and promising job growth. Online cybersecurity degree programs help professionals launch careers.
Legislation, Policy, and Regulation
Britain to carry out ‘offensive’ cyber attacks from new £5bn digital warfare centre (The Telegraph) In an interview with The Telegraph, Ben Wallace says Britain will act in response to assaults by ‘hostile states’ such as Russia
National Cyber Force to be based in Samlesbury (BBC News) The group, which includes officials from MI6 and GCHQ, aims to counter threats from hostile states.
UK’s National Cyber Force headquarters to be based in Samlesbury, Lancs (Computing) It will provide thousands of highly skilled jobs to the North-West region
SERI: Alleged Malaysian Government Data Breaches Must Be Addressed (Digital News Asia) Emphasis on security by design & privacy by design for public digital services Review our data protection laws & update the Personal Data Protection Act The recent news report of a potential data breach at Malaysia’s National Registration Department (JPN) raises concern regarding the security measures that are in place to protect the rakyat’s data. The report states that a database of four million Malaysian citizens containing data freshly obtained from JPN and hasil.gov.my (Inland Revenue Board) through the MyIdentity API has been put on sale through an online forum. 1.
White House plans 30-country meeting on cyber crime and ransomware -official (Reuters) Top U.S. national security advisers will gather officials from 30 countries this month with plans to combat the growing threat of ransomware and other cyber crime, President Joe Biden said on Friday.
Statement by President Joe Biden on Cybersecurity Awareness Month (The White House) Cyber threats can affect every American, every business regardless of size, and every community. That’s why my administration is marshalling a
US to work with 30 countries to tackle ransomware problem (The Record by Recorded Future) The Biden administration announced today plans to hold a meeting with representatives from 30 countries, including NATO allies and G7 partners, on the topic of cybercrime, with a particular focus on ransomware and the abuse of cryptocurrency.
First on CNN: Biden administration to convene 30 countries to crack down on ransomware threat (CNN) The White House will convene a 30-country meeting this month to try to ramp up global efforts to address the threat of ransomware to economic and national security, President Joe Biden said in a statement shared exclusively with CNN.
Proposed Bill Would Require Organizations to Report Ransomware Payment (SecurityWeek) Senators have introduced a new bill that would require critical infrastructure organizations to report cyberattacks to CISA, and private entities to report ransomware payments.
Afghanistan, China, And The Gray Zone: House Committee Passes Intel Bill (Breaking Defense) The bill also requires the IC to share information with the Defense Department’s Unexplained Aerial Phenomena Task Force.
New emergency cyber regulations lay out ‘urgently needed’ rules for pipelines but draw mixed reviews (Washington Post) The government in July issued emergency rules to strengthen the cybersecurity of the nation’s most important energy pipelines in a bid to prevent a repeat of the Colonial Pipeline shutdown earlier this year that sparked massive fuel shortages and gasoline panic-buying.
WSJ News Exclusive | Biden Administration Seeks to Regulate Stablecoin Issuers as Banks (Wall Street Journal) The Biden administration is considering ways to impose bank-like regulation on the cryptocurrency companies that issue stablecoins, according to people familiar with the matter, including prodding the firms to register as banks.
President Biden Touts Cybersecurity Efforts (BankInfoSecurity) As Cybersecurity Awareness Month kicks off this week, U.S. President Joe Biden has weighed in on his administration’s efforts to curb cyberattacks and bolster the
Team Biden’s curious mercy for Russian, Chinese cyber threats (New York Post) President Biden routinely talks tough on Russia and China, but his actions tell a far different story.
Huawei’s Fall Serves as a Blueprint for U.S.-China Policy (Real Clear Politics) The Chinese Communist Party made strategic investments in key industries and companies over the last 20 years. Until recently, few in the West seemed to notice…
Got more than $600 in the bank? The IRS wants the OK to snoop on you (Arizona Republic) The Biden administration wants to use an enormous data grab tou00a0identify unreported taxable income. It’ll come at a cost for all of us.
Enterprise Data Strategy: Empowering Data Informed Diplomacy (US State Department) When our foreign affairs professionals are equipped with highquality and timely data, we can make the world safer, more just, and less divided.
Coast Guard Embarks on Cyber Offense (SIGNAL Magazine) This fall, the USCG is adding new cyber offensive capabilities and is growing its existing cyber defense, reports the commander of the Coast Guard’s Cyber Command.
Air Force squeezes new cyber defense teams out of its communications squadrons (C4ISRNet) The Air Force has officially created three new mission defense teams focused on cyber defense of local installations and missions.
New Director of HHS Office for Civil Rights Announced: What could Lisa J. Pino’s appointment mean for future HIPAA enforcement? (JD Supra) More than eight months into the Biden administration, the U.S. Department of Health & Human Services (HHS) announced the appointment of Lisa J. Pino…
Whole-of-State Cybersecurity Gains Ground in Government (GovTech) Governments are embracing a larger role in collective cybersecurity, creating cross-jurisdictional partnerships to make states, cities and counties more secure. Here’s what that looks like in practice.
Gov. Ducey to launch new Arizona Cyber Command Center (KOLD) The center will open Monday, Oct. 4.
Litigation, Investigation, and Law Enforcement
Russian IT Leader’s Treason Case Shows Cyber Impasse With U.S. (Bloomberg) Founder of Group-IB cybersecurity firm faces 20 years’ prison. Sachkov, expanding globally, was critical of hackers’ immunity.
Two ransomware operators arrested in Ukraine (The Record by Recorded Future) Two members of a ransomware gang were arrested in Ukraine following a joint international law enforcement operation.
Ransomware gang arrested in Ukraine with Europol’s support (Europol) On 28 September, a coordinated strike between the French National Gendarmerie (Gendarmerie Nationale), the Ukrainian National Police (Національна поліція України) and the United States Federal Bureau of Investigation (FBI), with the coordination of Europol and INTERPOL, has led to the arrest in Ukraine of two prolific ransomware operators known for their extortionate ransom demands (between €5 to €70 million). Results of the action day
Behind the Crypto Broker Accused of Enabling Ransomware Hackers (Bloomberg) Suex is first digital currency exchange sanctioned by U.S. Platforms can allow cyber gangs to launder illicit proceeds.
Gift card fraud: four suspects hit with money laundering charges (Naked Security) Gift card fraud may sound like small beer against ransomware – but it’s personal, it hurts, and it’s still a multi-million dollar problem.
How a Secret Google Geofence Warrant Helped Catch the Capitol Riot Mob (Wired) A WIRED investigation has found 45 federal criminal cases that cite Google geolocation data to place suspects inside the US Capitol during the January 6 riot.
Whistle-Blower to Accuse Facebook of Contributing to Jan. 6 Riot, Memo Says (New York Times) In an internal memo meant to pre-empt a “60 Minutes” interview, Facebook defended itself and said that social media was not a primary cause of polarization.
Irish Police Say Europol, Interpol Helped Dismantle Hackers’ Infrastructure (Wall Street Journal) After a May ransomware attack on the national health system, Irish investigators are still mum on its provenance, but say international help is ‘vital’ to addressing cybercrime.
$92M TikTok Privacy Deal Gets Ill. Judge’s Early OK (Law360) An Illinois federal judge has given his early blessing to a $92 million settlement resolving biometric and other data privacy claims against TikTok and its parent company, finding the deal fair despite several objections over its value to class members.