The recent boom in cyber-attacks is a reminder that we face increasingly sophisticated malicious adversaries. This can make understanding the risks to your attack surface feel overwhelming.
Not to worry! Read our latest e-book to learn what approaches your organization can take to manage your attack surface and better protect your organization from adversaries.
China has been engaging, Reuters reports, in an influence operation directed at arousing popular protests against Australian, Canadian, and US rare-earth mining companies. The sector is one in which China has a significant national interest, and the firms singled out for attention include Lynas Rare Earths Ltd, Appia Rare Earths and Uranium Corp, and USA Rare Earth. The campaign, “Dragonbridge,” discovered and named by Mandiant, seems aimed at market dominance. It makes heavy use of inauthentic social media personae. “The campaign used inauthentic social media and forum accounts, including those posing as residents in Texas to feign concern over environmental and health issues surrounding the plant, including via posts to a public social media group predisposed to be receptive to that content,” Mandiant said in its report. Dragonbridge doesn’t seen, so far, to have been particularly effective, but Mandiant thinks the approach on display, particularly the microtargeting of the audience it seeks to reach, bears watching.
Lumen’s Black Lotus Labs report that small office/home office (SOHO) routers are under active attack by operators using the ZuoRAT remote access Trojan. The operators are after bigger fish than home offices. Remote work has made SOHO routers an attractive point-of-entry into larger networks, and that appears to be the case here. “The sudden shift to remote work spurred by the pandemic allowed a sophisticated adversary to seize this opportunity to subvert the traditional defense-in-depth posture of many well-established organizations,” Lumen’s report says. “The capabilities demonstrated in this campaign – gaining access to SOHO devices of different makes and models, collecting host and LAN information to inform targeting, sampling and hijacking network communications to gain potentially persistent access to in-land devices and intentionally stealth C2 infrastructure leveraging multistage siloed router to router communications – points to a highly sophisticated actor that we hypothesize has been living undetected on the edge of targeted networks for years.”
Intezer this morning announced its discovery of malware it’s calling “YTStealer.” The malware has been aptly named, as the sole function is to steal authentication cookies from YouTube content creators. YTStealer is different from other malware, in that it only harvests credentials for YouTube and not any other service. If authentication codes are found in a browser’s database files in the user’s profile folder, the malware launches the browser in headless mode on the infected operating system and adds the cookie to the cookie store. The malware then uses a library called “Rod” to control the browser, and it navigates to the creator’s YouTube Studio page and steals information about the channel and encrypts it, sending it to a command and control center whose domain name is youbot[.]solutions. YouBot Solutions appears to be a company registered in New Mexico that describes itself by saying that it “provides unique solutions for getting and monetizing targeted traffic.” YouBot may well be connected outside the American Southwest: its red eye logo that appears on its Google business listing could be found, Intezer points out, on aparat [dot] com, an Iranian video-sharing website.
YTStealer is a C2C play: the researchers say that YTStealer is probably sold to other threat actors. They note that YTStealer often isn’t the only dropped malware on a device: RedLine and Vidar have been seen alongside the YTStealer malware. Much of the dropped malware is disguised as pirated versions of video and image software and game mods and cheats. Using only legitimate versions of software is a good way to have better control over what ends up on your computer, researchers conclude. The Hacker News has a summary of Intezer’s report.
The US Cybersecurity and Infrastructure Security Agency (CISA) yesterday released six industrial control system (ICS) security advisories, for:
The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. The Institute explains, “This list demonstrates the currently most common and impactful software weaknesses. Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.” The report includes recommended mitigations for the vulnerabilities listed, and it’s those mitigations CISA particularly commends to organizations’ attention.
Sky News asks the inflammatory question, “Could the Russian cyber attack on Lithuania draw a military response from NATO?” and then gives the more irenic answer, “Not so fast.” An opinion piece frames the issue like this: “A NATO member is under attack. Normally the meaning of this would be frighteningly clear, but this is an attack with a difference: not a physical attack, but a cyber attack; and working out what a cyber attack means is never simple.”
The issues involve responsibility (Killnet presents itself as a patriotic hacktivist group operating independently of Russian government control) and proportionality (the cyberattacks haven’t been particularly damaging, and in any case have fallen short of producing kinetic effects, consequences IRL, as the leetspeakers would put it).
The CyberWire’s continuing coverage of the unfolding crisis in Ukraine may be found here.
Today's issue includes events affecting Australia, Bulgaria, Canada, China, Finland, NATO/OTAN, Russia, Sweden, Turkey, Ukraine, the United Kingdom, and the United States.
PIPEDREAM is a new modular ICS attack framework that an adversary could leverage to cause disruption, degradation, and possibly even destruction depending on targets and the industrial environment. Read our complete analysis of the PIPEDREAM malware, and get actionable guidance on what you can do to mitigate risk from a cyber attack. Download now →
Ukraine at D+125: Disinformation on Kremenchuk. (The CyberWire) Russia concentrates on the Donbas as Ukraine retakes ground near Kherson in the south. Moscow says the missile strikes on the Kremenchuk shopping center were a Ukrainian provocation. NATO takes a harder line on Russia as Turkey withdraws its objection to membership by Sweden and Finland. Cyberattacks against Lithuania seem to fall short of triggering Article 5 (kinetically, at least).
Russia-Ukraine war: List of key events, day 126 (Al Jazeera) As the Russia-Ukraine war enters its 126th day, we take a look at the main developments.
Near Kherson, Ukrainians regain territory in major counteroffensive (Washington Post) At a school where Russian forces had set up a base in Ukraine’s southern Kherson region, three of their armored personnel carriers remained on the property — for now. They were damaged when Ukraine’s military recently forced the occupying soldiers back from this area. Over the weekend, three locals hammered at one vehicle to salvage spare parts.
The Real Key to Victory in Ukraine (Foreign Affairs) Why sustaining the fight is everything in a war of attrition.
Russia calls Kremenchuk mall attack another 'false flag operation' by Ukraine (Republic World) Russian Foreign Ministry spokeswoman Maria Zakharova dismissed the strike on a shopping centre in Kremenchuk as another "false flag operation" by Ukraine.
Ukrainian survivor: Only a 'monster' would attack a mall (AP NEWS) The mall was nothing extraordinary, but in the middle of a war it was an escape for those in this Ukrainian city who had decided not to flee. Then it exploded in a Russian airstrike .
Whilst the G7 dithers, Putin is rebuilding his strategic power (The Telegraph) China, Egypt, India, and Saudi Arabia are all strengthening their relationships with the Kremlin, despite the West's warnings
Ukraine Is the Korean War Redux (Foreign Policy) Russia’s invasion heralds the transition to a new global order—but it will be less stable than the Cold War.
Physically tough, boring in person and dangerous when cornered: lessons from a new Putin biography (The Telegraph) Philip Short’s Putin, the result of hundreds of interviews, is illuminating – but with a subject this volatile, it already feels out of date
The Source of Ukraine’s Resilience (Foreign Affairs) How decentralized government brought the country together.
Biden must rally against a Russia-led UN ‘cybercrime treaty’ (The Hill) In the midst of Russian-led cyber attacks against Ukraine and attempts to probe critical United States infrastructure, the United Nations began negotiations to draft a new cybercrime treaty. Improb…
Could the Russian cyber attack on Lithuania draw a military response from NATO? (Sky News) A cyber attack has been launched against Lithuania by a Russian hacking group – albeit one that denies a connection with Vladimir Putin's government. It has come about after the NATO member blocked Russia's access to its Kaliningrad exclave.
Microsoft's Defending Ukraine report offers fresh details on digital conflict and disinformation (CSO Online) Russia will use what it learned from its destructive cyber actions in Ukraine for other operations. "There is no going back to normal."
NATO set to expand as Turkey backs membership for Sweden, Finland (SeekingAlpha) Finland and Sweden have taken a major step towards NATO membership after Turkey flipped its position to support the countries joining the world's most powerful military alliance
Erdogan agrees to NATO expansion at Madrid summit (Al Jazeera) Turkey agreed to lift opposition to Sweden and Finland joining NATO, a breakthrough in an impasse clouding the summit.
Turkey lifts hold on Sweden, Finland joining NATO, following wide-ranging concessions (Breaking Defense) Sweden will lift an arms embargo on Turkey and the three nations will work more closely on counter-terrorism issues, per an agreement.
NATO calls Russia its 'most significant and direct threat' (AP NEWS) NATO declared Russia the “most significant and direct threat” to its members’ peace and security, as the military alliance met Wednesday to confront what NATO’s chief called the biggest security crisis since World War II.
NATO Secretary General Previews 'Transformative' Madrid Summit (U.S. Department of Defense) The upcoming NATO summit in Madrid will be transformative, as leaders meet to discuss Russia and China among other defense-related topics, NATO Secretary General Jens Stoltenberg said.
NATO to boost readiness numbers, approve new Ukraine aid at Madrid summit (Defense News) The increase to more than 300,000 on-alert troops will be matched with more prepositioned equipment and supplies stockpiles, notably air defense capabilities, said Secretary-General Jens Stoltenberg.
The NATO summit is chance to wean Europe off US military might (Defense News) In Madrid, Biden ought to drive a hard bargain with America’s European allies.
U.S. Sending Metal Shark Maritime Combat Boats to Ukraine, Company Says (USNI News) Louisiana-based company Metal Shark announced Tuesday that the U.S. would send six of its maritime combat vessels to Ukraine as part of the $450 million aid the White House announced last week. The White House said it would send 18 patrol boats to Ukraine as part of the latest assistance package, but would not identify …
Exclusive: US plants Trojan horse programs in hundreds of important Chinese information systems; new cyber weapon targets China, Russia (Global Times) On Wednesday China's official virus emergency response office and leading cybersecurity company disclosed a new vulnerability attack weapon platform deployed by the US National Security Agency (NSA), which cybersecurity experts believe is the main equipment of the NSA's computer network hacking operation team, and it targets the world with a focus on China and Russia.
Pro-PRC DRAGONBRIDGE Influence Campaign Targets Rare Earths Mining Companies in Attempt to Thwart Rivalry to PRC Market Dominance (Mandiant) Since June 2019, Mandiant has reported to customers on an influence campaign known as DRAGONBRIDGE, comprising a network of thousands of inauthentic accounts across numerous social media platforms, websites, and forums that have promoted various narratives in support of the political interests of the People’s Republic of China (PRC). We have since observed multiple shifts in DRAGONBRIDGE tactics, and in September 2021, we reported on an expansion of this campaign’s activity.
Miners ‘targeted’ in pro-China cyberwar claim (Australian Financial Review) An army of fake social media accounts allegedly tried to incite protests against Lynas Rare Earths as part of a campaign to bolster China’s national interest.
Pro-China digital campaign targets mining firms – cybersecurity report (Reuters) A pro-China propaganda campaign used fake social media accounts to try to stir up opposition, including protests, against mining firms that challenge China's business interests, U.S.-based cybersecurity firm Mandiant said on Tuesday.
Chinese Threat Actor Targets Rare Earth Mining Companies in North America, Australia (SecurityWeek) A Chinese threat actor has been conducting influence campaigns targeting rare earth mining companies in Australia, Canada, and the United States.
Chinese Hackers Target Building Management Systems (SecurityWeek) Chinese hackers targeted building management systems as part of a campaign whose apparent goal is data harvesting.
FBI: Stolen PII and deepfakes used to apply for remote tech jobs (BleepingComputer) The Federal Bureau of Investigation (FBI) warns of an increase in complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions.
Researchers uncover ZuoRAT malware targeting home-office routers (Help Net Security) Black Lotus Labs discovered a new remote access trojan (RAT) called ZuoRAT, which targets remote workers via their SOHO devices.
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks (Lumen) Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
RansomHouse Extortion Group Claims AMD as Latest Victim (RestorePrivacy) Update: AMD has acknowledged the potential breach and has provided us with a statement. RansomHouse, a relatively new data-extortion cybercrime group, has announced a major new victim. Today, the group published a new update on its darknet site and are claiming to have breached Advanced Micro Devices (AMD), the large chip manufacturing company. RansomHouse is …
RansomHouse gang claims to have some stolen AMD data (Register) Relative cybercrime newbies not clear on whether they're alleging to have gigabits or gigabytes of chip biz's data
CISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks (SecurityWeek) CISA says the Linux vulnerability tracked as CVE-2021-4034 and PwnKit has been exploited in attacks.
CVE-2022-30522 – Apache httpd Denial of Service (DoS) vulnerability (JFrog) CVE-2022-30522 is an Apache httpd vulnerability found by JFrog Security Research when analyzing the impact of a recent vulnerability patch. Read our analysis and guidance >
The Link Between AWM Proxy & the Glupteba Botnet (KrebsOnSecurity) On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a…
Over 900,000 Kubernetes instances found exposed online (BleepingComputer) Over 900,000 misconfigured Kubernetes clusters were found exposed on the internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks.
Remote Memory Corruption Bug Found in OpenSSL 3.0.4 (Decipher) A remotely exploitable memory corruption bug has been identified in OpenSSL 3.0.4 on x64 systems with the AVX512 instruction set.
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs (ReversingLabs) ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.
Chinese Researchers Find Critical Security Flaws in CoDeSys Automation Software (Infosecurity Magazine) Vulnerabilities could allow attackers to gain unauthorized access to company resources or carry out denial-of-service attacks
Nearly a dozen Codesys flaws addressed (SC Magazine) Codesys has already released fixes for 11 security flaws across its products identified by NSFocus, a Chinese cybersecurity company.
Apple revokes certificates for spyware app 'Hermit' distributed outside the App Store (9to5Mac) Google’s Threat Analysis Group (TAG), a group that specializes in tracking and analyzing government-backed hacking and attacks, recently published research on “Hermit” – a spyware that can compromise Android and iOS devices. Luckily, Apple has already found a way to stop the spread of this specific spyware on its devices. As shared on TAG’s official […]
LockBit 3.0 Ransomware Emerges With Bug Bounty Program (SecurityWeek) The LockBit 3.0 ransomware operation has been launched and it includes a bug bounty program offering up to $1 million.
Names, addresses of every CCW holder in California exposed, Sheriff’s Office confirms (KTLA) The names, addresses, and license types of every CCW holder in California were exposed as part of a data breach suffered by the state Department of Justice, according to the Fresno County Sheriff&#…
U.S. Bank of the West Found a Debit Card Stealing Skimmers on ATMs (Cyber Security News) Initially, a wave of suspicious withdrawal attempts that originated in November 2021 was identified by the bank. However, a more in-depth investigation has been conducted by the bank in coordination with law enforcement to get a proper conclusion..
Threat actors increasingly use third parties to run their scams (Help Net Security) Abnormal Security research shows a trend in financial supply chain compromise as threat actors impersonate vendors more than ever before.
Digital Shadows Weaken Your Attack Surface (Security Intelligence) Your travels through the internet cast a digital shadow. See how employers can lock this down to prevent attackers from having a hidden way inside.
Cloud security risks remain very human (InfoWorld) Most of us picture cloud security threats as bad actors in some hostile country. More often, it’s you and your coworkers.
2022 CWE Top 25 Most Dangerous Software Weaknesses (CISA) The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The list uses data from the National Vulnerability Database to compile the most frequent and critical errors that can lead to serious vulnerabilities in software.
Amazon quietly patches ‘high severity’ Android photos app vulnerability (The Record by Recorded Future) Amazon patched a high severity vulnerability affecting the Amazon Photos Android app in December.
Google Introduces New Capabilities for Cloud Armor Web Security Service (SecurityWeek) Google expands Cloud Armor features with adaptive protection, bot defense, new edge security policies, rate limiting, and support for proxy load balancers.
CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1 (CISA) CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication ("Modern Auth") before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authentication method that does not support multifactor authentication (MFA), which is a requirement for Federal Civilian Executive Branch (FCEB) agencies per Executive Order 14028, “Improving the Nation’s Cybersecurity”.
CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency) ICS-CERT released the following 6 advisories today, June 28, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.
ABB e-Design (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: e-Design Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Exploitation of these vulnerabilities could allow privilege escalation or a denial-of service condition.
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Omron Equipment: SYSMAC CS/CJ/CP Series and NJ/NX Series Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Plaintext Storage of a Password CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors. CISA is issuing this advisory to provide notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
Advantech iView (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Missing Authentication for Critical Function, Relative Path Traversal, Command Injection 2.
Motorola Solutions MOSCAD IP and ACE IP Gateways (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MOSCAD IP Gateway and ACE IP Gateway Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors.
Motorola Solutions MDLC (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MDLC Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Plaintext Storage of a Password CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors.
Motorola Solutions ACE1000 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Motorola Solutions Equipment: ACE1000 Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, Insufficient Verification of Data Authenticity CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors.
SANS 2022 Security Awareness Report: Human Risk Remains the Biggest Threat to Your Organization’s Cybersecurity (The SANS Institute) Learn Actionable Steps to Mature Your Security Awareness Programs and Compare Your Program Against Global Benchmarks
The State of Vulnerability Management (NopSec) Unremediated vulnerabilities are open doors that let malicious actors walk right through. Today, security teams are challenged enough by finding and shutting those open doors to keep their organization safe. Keeping track of those vulnerabilities and responding quickly and efficiently is one challenge—finding openings they might not even know about is another.
Ransomware Targeting Healthcare at an Alarming Rate | CDOTrends (CDOTrends) 66% of health organizations became ransomware victims in 2021.
Opinion | This Is What Happens When Tech Executives Start Believing Their Own Hype (New York Times) Silicon Valley breeds narcissists who run their companies as ideological vanity projects.
Infrastructure as Code (IaC) Security Leader oak9 Raises $8 Million in (PRWeb) oak9, cloud native trailblazer known for developer-first IaC security, has raised $14 million in funding over the last 15 months.
Siemens to buy U.S. software company Brightly in $1.58 bln deal (Reuters) Siemens is buying U.S. tech company Brightly Software from private equity owner Clearlake Capital for $1.58 billion, the German engineering group said on Monday, its latest move to broaden its software credentials and grow faster than rivals.
Siemens to Buy Buildings Software Firm Brightly for $1.6 Billion (Bloomberg) Brightly offers cloud-based infrastructure management software. Deal helps address growing software market for buildings.
WISeKey Announces the Divestiture of arago (GlobeNewswire News Room) WISeKey Announces the Divestiture of arago Zug, Switzerland, June 27, 2022 – Ad-Hoc announcement pursuant to Art. 53 of SIX Listing Rules – WISeKey…
XM Cyber Acquires Cyber Observer for Security Posture Management (Channel Futures) XM Cyber has acquired Cyber Observer, a provider of continuous controls monitoring (CCM) and cloud security posture management (CSPM).
W3C to become a public-interest non-profit organization (W3C Media Advisory) The World Wide Web Consortium is set to pursue 501(c)(3) non-profit status. The launch as a new legal entity in January 2023 preserves the core mission of the Consortium to shepherd the web by developing open standards with contributions from W3C Members, staff, and the international community.
Netskope Awarded First Ever U.S. Federal Civilian Government SASE Contract led by the United States Patent and Trademark Office (Netskope) SASE model eliminates perimeter-based security and networking appliances and legacy solutions for Federal Agencies and enables modern access control for
Huawei partners with U.S. publication it accused of bias to win new supporters (The Washington Times) Huawei’s new charm offensive to win over skeptics in the free world includes a fresh target: the media.
CISA Job Offer Hiring Events (CISA) CISA participates in a variety of career fairs, webinars, and hiring events. Learn how to participate.
Why the National Security Agency overpaid contractors during the height of the pandemic (Federal News Network) Remember the CARES Act, enacted at the height of the pandemic? Among other things, it let agencies reimburse contractors to pay employees unable to work at an approved federal site or to telework.
SecureAuth Expands Leadership Bench to Support Growth with Appointments of Dennis Dowd VP of Worldwide Sales and Karan Dua as CFO (Business Wire) Today, SecureAuth, a leader in access management and authentication, announces the appointment of Dennis Dowd as Vice President of Worldwide Sales whe
CSS Names Eva Markowitz as New SVP of Human Resources (PRWeb) Converged Security Solutions (CSS), the holding company supporting leading IT transformation, cybersecurity, and physical security companies Evolver and eVigilan
KnowBe4 Kicks Off Ransomware Awareness Month With Resource Kit (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, announced the release of a resource…
Netskope Delivers Continuous Cloud Risk Assessment With New CrowdStrike, KnowBe4, Mimecast Integrations (PR Newswire) Netskope, the leader in Security Service Edge (SSE) and Zero Trust, today announced the growth of the Cloud Risk Exchange featuring new…
Talon Cyber Security Selected for Exclusive Microsoft for Startups Program (Talon Cyber Security) By Being Selected for Microsoft for Startups, Talon to Speed Commercialization and Drive Adoption of Secure Enterprise Browser Tel Aviv, Israel – June 29, 2022 – Talon Cyber Security, provider of the first secure enterprise browser, today announced it has been selected as a partner for Microsoft for Startups, a global program dedicated to accelerating…
Cloudian Partners with Vertica to Deliver On-Premises Data Warehouse Platform on S3 Data Lake (GlobeNewswire News Room) Cloudian® today announced a partnership with Vertica, a Micro Focus (LSE: MCRO; NYSE: MFGP) line of…
Cloud Armor adds more edge security policies, proxy load balancers (Google Cloud Blog) Google Cloud expands its scope of DDoS and web application firewall protection with new edge security policies and proxy load balancers.
Introducing new Cloud Armor features including rate limiting, adaptive protection, and bot defense (Google Cloud Blog) Cloud Armor strengthens its already formidable defenses with new features to counter advanced L7 attacks and block malicious bots.
Crytica Security, Inc. Reduces APT, Zero-Day, and Malware Dwell Time to Less Than 180 Seconds (PR Newswire) Crytica Security, Inc., a stealthy cybersecurity start-up launched by industry veterans from Bell Labs, Apple, and HP today introduced the…
Cisco Joins Forces with GDIT to Deliver Private 5G (Cisco) GDIT and Cisco are expanding on a 30+ year partnership to drive innovation for digital transformation in government. Together, Cisco and GDIT can provide government agencies with simple and intuitive private 5G solutions for IoT and edge use cases.
Pentera and PlexTrac Partner to Automate Cybersecurity Remediation (GlobeNewswire News Room) Solution fast tracks time-to-remediation in hybrid IT environments…
Aurora Mobile Upgrades its Verification Service to JG Secured Verification to Provide Comprehensive Cyber-defense Solutions for Businesses (GlobeNewswire News Room) Aurora Mobile Limited (NASDAQ: JG) (“Aurora Mobile” or the “Company”), a leading provider of…
Measured creates new cybersecurity solution in partnership with Ostra (Insurance Business) Suite of cyber tools aimed at SME clients
FirstLight Seeks to Close the Cyber Security Gap for Its Customers with Several New Cloud-Based Security Solutions (GlobeNewswire News Room) FirstLight, a leading provider of digital infrastructure services to…
Introducing the New Verint – a New Cloud Platform and More AI (No Jitter) The company’s focus on CX has evolved through acquisitions and a growing AI portfolio.
IBM’s first cloudy mainframes scheduled to launch June 30 (Register) It’s not IaaS, it's reserved for test and dev – and will feed the golden goose that is the z/OS ecosystem
Airiam releases AirProducts to defend small and mid-sized enterprises against cyberattacks (Help Net Security) Airiam released AirProducts, its proprietary line designed to deliver cyber protection and digital transformation services to SMEs.
Phison and Cigent join forces to combat sophisticated threats and safeguard storage products (Help Net Security) Phison and Cigent announced an innovative partnership program called Cigent Secure SSD Ready to combat sophisticated threats.
Crossword Cybersecurity Supply Chain Cyber practice improves supply chain resilience for organizations (Help Net Security) Crossword Cybersecurity announced a new integrated Supply Chain Cyber practice to provide an end-to-end approach to supply chain security.
Commvault and Oracle Partner to Deliver Metallic® Data Management as a Service on Oracle Cloud Infrastructure to Accelerate Enterprise Hybrid Cloud Adoption (PR Newswire) Commvault, a global enterprise leader in intelligent data services across on-premises, cloud, and SaaS environments, has expanded its strategic…
Private-public sector data sharing key to greater national security (FedScoop) Splunk’s government affairs chief highlights public sector predictions and strategies in a new six-part podcast series on mission resilience.
Trends to watch when creating security strategy for the next two years (Help Net Security) Gartner analysts offer a look at the top security trends that will drive strategy decisions in global organizations in the next two years.
Council Post: Reflections Of A Former Hacker: How Leaders Can Protect Their Business From Cyber Threats (Forbes) As digital transformation and hybrid work-life present new opportunities for attackers, many older threats continue to cause problems for organizations.
Why digital trust needs to be a strategic imperative for your company (Help Net Security) Connectivity is soaring and digital transformation is accelerating, making it critical for everyone to invest in digital trust.
Listen: RBC’s cybersecurity takes a full-court press approach (Bank Automation News) Cybersecurity measures are a priority at Royal Bank of Canada (RBC), from monitoring and mitigation to solution investment. Banks rarely consider cybersecurity a finished process; the nimbleness of fraudsters and quick development of new hacking technology spur perpetually evolving security measures for risk and anti-money laundering (AML) divisions at most large financial institutions. But keeping
Hotel companies prioritise guest experience by improving cybersecurity capabilities – Intelligent CIO Middle East (Intelligent CIO Middle East) Hotel providers continually strive to offer more seamless and secure experiences to their guests and cybersecurity undoubtedly plays a big part in this. Here we take a look at why Germain Hotels has made Canary Technologies’ digital credit card authorisation solution the standard across all its properties, as well as how Jumeirah Hotel Group is […]
‘Supercookies’ Have Privacy Experts Sounding the Alarm (Wired) A German ad-tech trial features what Vodafone calls “digital tokens.” Should you be worried?
QuSecure Awarded Coveted SBIR Phase III Federal Government Procurement Contract for Post-Quantum Cybersecurity Solutions (Business Wire) QuSecure™, Inc., a leader in post-quantum cybersecurity (PQC), today announced the U.S. Federal Government has awarded QuSecure with the coveted Small
CYBER.ORG Launches Project Access, a National Effort to Increase Access to Cybersecurity Education for Students with Disabilities (Business Wire) CYBER.ORG announced today the kickoff of Project Access, a program designed to expand access to cybersecurity education for blind and vision impaired
Atlantic Council’s Cyber 9/12 Strategy Challenge expands to Scotland (Atlantic Council) The Abertay University cyberQuarter joins as a strategic partner for Cyber 9/12 Strategy Challenge, the world’s only multidisciplinary cyber competition.
European Cloud Restrictions Could Limit U.S. Providers’ Reach (Wall Street Journal) European cybersecurity authorities are drafting a new certification system for cloud services that could limit the amount of critical data held by American providers.
Securing cyber-physical infrastructure (JD Supra) The UK Government recently presented its proposed vision for how national cyber-physical infrastructure could accelerate innovation across the UK:…
Clear Rules Needed to Prevent Conflict and Struggle in Cyber Space, Says NCSC Chief (Infosecurity Magazine) NCSC chief executive Lindy Cameron explains that clear rules are needed to govern the use of cyber capabilities
Commercial cyber products must be used responsibly, says NCSC CEO (ComputerWeekly.com) NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel.
House Armed Services Committee concerned with state of Navy cyber readiness (FedScoop) The House Armed Services Committee is pushing the Navy to create a singular and special work role dedicated to cyberspace matters and is willing to play hardball with the service to get it to do so, according to a provision in its version of the fiscal 2023 National Defense Authorization Act. Not having such a […]
Praetorian, the Army’s Only Offensive Operations Cyberspace Brigade, Welcomes a New Commander (DVIDS) Colonel Matthew J. Lennox relinquished his command of the 780th Military Intelligence (MI) Brigade (Cyber) to Colonel Benjamin F. Sangster during a change of command ceremony hosted by Major General Michele H. Bredenkamp, commander of the U.S. Army Intelligence and Security Command, on the McGlachlin Parade Field, June 28.
Bulgaria expels 70 Russian diplomatic staff over espionage concerns (Reuters) Bulgaria said on Tuesday it was expelling 70 Russian diplomatic staff over espionage concerns and had set a cap on the size of Moscow's representation as tensions between two countries that were once close allies fractured over Ukraine.
Accused ‘NetWalker’ Ransomware Hacker Agrees to Plead Guilty (Bloomberg) Former Canadian government employee extradited to US this year. NetWalker crew extorted $46 million from victims, report says.
Netwalker ransomware affiliate agrees to plead guilty to hacking charges (The Record by Recorded Future) A prolific Netwalker ransomware affiliate pleaded guilty to several charges related to a hacking campaign against a company based in Tampa, Florida.
CSE used its new cyber attack powers to disrupt foreign extremists and cyber threat actors targeting Canadians: report (Standard-Freeholder) The agency reported over 300 known ransomware attacks in 2021, a 151 per cent increase on the previous year though officials contend the crime remains…
Canada’s national police force admits use of spyware to hack phones (POLITICO) The RCMP says it needs to use malware because encryption has made surveillance “exponentially more difficult.”
‘An Invisible Cage’: How China Is Policing the Future (New York Times) Vast surveillance data allows the state to target people whose behavior or characteristics are deemed suspicious by an algorithm, even if they’ve done nothing wrong.
For a complete running list of events, please visit the Event Tracker.
Digital safety snacks: Protect yourself from online abuse with short videos and workshops (Virtual, Jun 13 – Jul 28, 2022) PEN America, the Online News Association, and the International Women’s Media Foundation have teamed up to create step-by-step videos and hands-on workshops to help you defend yourself against online abuse. We’ll explain how to protect your most sensitive accounts from hackers and how to dox yourself before someone else does. We want to empower you to feel safer and more secure while maintaining the public profile you need to do your job. This series will include eight short video episodes and four virtual workshops, when you can follow along to complete your digital wellness check, ask questions, and get help if you get stuck. You can join one, two or all four sessions.
Emerging Technology Showcase (Virtual, Jun 29 – 30, 2022) The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) will host an Emerging Technology Showcase on June 29-30. The event will highlight cutting-edge cybersecurity technologies and demonstrate how these solutions can mitigate cyber threats in the consumer-facing sector. The Emerging Technology Showcase is tailored for strategic leaders and cybersecurity practitioners from physical and online retailers, gaming properties, grocers, hotels, restaurants, consumer product manufacturers, or any company that handles consumer data.
Economics of Cyber & Risk Management (Columbia, Maryland, USA, Jul 13, 2022) Businesses, government agencies, educational institutions, healthcare entities, and nonprofits alike are all grappling with IT (Information Technology) infrastructure challenges, and the pressures will not subside anytime soon. Teleworking, telehealth, virtual learning, and e-commerce are just a few daily practices being influenced by data security, access, and management. Simultaneously, labor shortages continue to challenge technology firms in their ability to combat digital adversaries. Future business profits undoubtedly will be linked to the cyber and risk management practices business entities put in place and the ongoing training their employees receive as they protect their data assets and intellectual property.
Hackers On Planet Earth (HOPE) (New York, New York, USA, Jul 22 – 24, 2022) The Hackers On Planet Earth (HOPE) conference, has run continuously since 1994, and is hosted by 2600 Magazine. We define hacking broadly: hardware, software, social engineering, artwork, and much more. Recent conferences have featured over 100 speakers and drawn several thousand attendees. If a hacking-related topic is in the public mind, we want to address it directly.
Cyber Risk Summit 2022 (Virtual, Jul 27, 2022) The CyberRisk Summit showcases the leading minds, best practices, and tech in cyber risk management. Join us to learn how innovators own risk across all cyber surfaces.
