BlackMatter's out of business and Groove was a goof (maybe). Four spyware vendors sanctioned. US BND 22-01. More Eyes? – The CyberWire

0
832

Cyberattackers have the advantage. ExtraHop is on a mission to help you take it back. Regain the upper hand with security that can’t be undermined, outsmarted, or compromised. With complete visibility from ExtraHop, enterprises can detect malicious behavior, hunt advanced threats, and forensically investigate any incident with confidence.
When you don’t have to choose between protecting your business and moving it forward, that’s security uncompromised. 
See how it works in the full product demo, free online at extrahop.com/cyber.
Group-IB reported this morning that the BlackMatter ransomware-as-a-service gang (apparently itself a rebranding of the DarkSide) has announced that it’s shuttering its criminal business. The gang cited “certain unsolvable circumstances associated with pressure from the authorities” as the reason for its decision to close. Rump services will continue for a time in order to give its affiliates information and decryptors, but the final word to the affiliates is a farewell wish for further success.
BlackMatter’s affiliates will probably simply move elsewhere in the C2C market, and the gang itself may or may not resurface in some form. Other criminal gangs are proving similarly protean. Flashpoint reports that the Groove gang now says its call for attacks against the US was a goof designed to embarrass Western media.
The US Department of Commerce has sanctioned four companies for providing foreign governments spyware. NSO Group and Candiru (both from Israel) have been added to the Entity List, as have Positive Technologies (of Russia), and the Computer Security Initiative Consultancy PTE (from Singapore).
CISA has issued Binding Operational Directive 22-01, which requires US Federal agencies to address known, exploited vulnerabilities.
Language introduced into the US House version of the Defense Authorization Act would add four new eyes to the familiar Five Eyes intelligence-sharing group, Defense One reports. Germany, Japan, India, and South Korea would join the five anglophone powers in the current pact. It’s not yet expansion, but a tentative move in that direction.
CISA has issued two more industrial control system advisories.
Today's issue includes events affecting Australia, Austria, Belarus, Canada, China, the Czech Republic, Germany, India, Iran, Israel, Japan, Kazakhstan, the Republic of Korea, New Zealand, Russia, Slovakia, Turkey, Ukraine, the United Kingdom, and the United States.
SOAR tools haven’t been widely adopted in OT environments yet, largely because of the contextual data deficiency found in most security alerts. To create an appropriate automated response, you need to know exactly which devices are compromised and whether you can/should isolate them, which up until recently has been extremely difficult to do. This webinar offers tips on how to get started with SOAR in OT environments.
Iran says national fuel network up and running, week after major cyber attack (Times of Israel) Authorities say country’s 4,300 service stations now fully working, after system that allows Iranians to fill their tanks for free or at subsidized prices was blocked
The Next Big Hack Could Come From the Stars (Bloomberg) A new era of space development also means more opportunities for hackers to hit vulnerable systems and cause havoc with the growing number of satellites spinning around our skies.
Groove's Mission to 'Manipulate the Western Media' (Flashpoint) Mocking Western media outlets and reporters is a constant fixture of threat actor conversations on top-tier illicit forums, including Groove-led RAMP.
The ‘Groove’ Ransomware Gang Was a Hoax (KrebsOnSecurity) A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax…
The Darker Things (Group-IB) BlackMatter and their victims
BlackMatter ransomware says its shutting down due to pressure from local authorities (The Record by Recorded Future) The criminal group behind the BlackMatter ransomware have announced plans today to shut down their operation, citing pressure from local authorities.
7 Trends: How Ransomware Operations Continue to Evolve (GovInfoSecurity) While ransomware remains many criminals' weapon of choice for reliably shaking down victims, the ransomware-attacker landscape itself continues to evolve in
Law Firms Stagger Through Ransomware Attacks (Above the Law) As the ransomware gangs move from big game to mid-size game, what’s a law firm to do?
Take a survey, spam your friends, download fleeceware (Avast) Avast researcher Jakub Vavra recently found fraudulent sites posing as national postal service sites in Germany, Austria, the UK, Belarus, Czech Republic, Russia, and Slovakia, as well as retail shops from the Ukraine and Russia.
The Booming Underground Market for Bots That Steal Your 2FA Codes (Vice) The bots convincingly and effortlessly help hackers break into Coinbase, Amazon, PayPal, and bank accounts.
Turkey: Hackers allegedly used streaming platform Twitch to launder $10m (Middle East Eye) Hundreds of streamers said to have taken 20 percent cut to help launder money stolen by hackers through credit cards
Twitch Breach Shows the Difficulty of Cloud Security (eSecurityPlanet) The recent Twitch breach showed how much difficulty even companies like Amazon have with securing their cloud environments. Want to know why it's so tough and what you can do to protect your data?
New GLS Spam Campaign Delivers a Malicious Link Via E-mail (Heimdal Security Blog) The new GLS Spam campaign works via a SPAM e-mail with a link that requires paying for a package in order to be delivered.
Iran-linked hackers leak medical records of 290,000 Israeli patients: Reports (ETCISO.in) Iran-linked Black Shadow hacking group uploaded the directory from Israel's Machon Mor medical institute with personal information, appointments and t..
Hackers claim to leak details of LGBTQ dating site after ransom not paid (Times of Israel) Iran-linked Black Shadow group says it released full database of Atraf website, after owners failed to pay $1 million; calls to LGBTQ helpline double following hack
After cyber attack, criminals put Atento data for sale on the 'deep web' (Play Crazy Game) O lockbit cybercriminal group, responsible for attack to the company of Attentive call center, in Brazil, announced on Sunday (31) to have leaked data of the company to sell, on the hidden internet (“deep web”). Atento was the victim of a cyber attack on October 17th, and has since reported that it has been working … Read more
California Clinic Network Cyber Incident Affects 656,000 (GovInfoSecurity) A recent cyberattack on Community Medical Centers in Northern California has potentially compromised the information of more than 656,000 individuals. Meanwhile,
Cybersecurity concerns grow in Maryland hospitals (Cumberland Times-News) Maryland hospitals are seeing an uptick in ransomware and other cybersecurity threats, mirroring a national trend, and a federal agency is investigating a dozen breaches among health care providers in the state.
Data Breach at University of Colorado (Infosecurity Magazine) Roughly 30,000 CU Boulder affiliates impacted by exploitation of software vulnerability
Investigation Continues Into Cause of IT Crash in NL’s Health Care System (VOCM) Much of the province's healthcare system remains in the dark this morning as an investigation continues into w…
N.L. officials cagey on source of health-care system disruption (CBC) Newfoundland and Labrador officials are refusing to reveal information about a health-care system failure that has already led to the cancellation of thousands of appointments and procedures, and doesn't have an end in sight.
Newfoundland and Labrador government pressed to release more information about apparent cyber attack (Saltwire) Government should be upfront and answer questions: Brazil
Report: US Medical Training Company Exposes 10,000s of Students to Fraud in Massive Data Breach (vpnMentor) A nationwide medical training school in the USA has been leaking student data for over a year. Everything from driver's licenses to high school diplomas were exposed and up for
FIN12 Ransomware: Why It’s a Healthcare Threat, How to Prevent an Attack (Health IT Security) FIN12 is efficient, unpredictable, and unafraid of targeting the healthcare sector, Mandiant experts warn.
Bandwidth.com expects to lose up to $12M following DDoS extortion attempt (The Record by Recorded Future) Bandwidth Inc. expects to lose between $9 million and $12 million because of service downtime caused by a series of DDoS attacks the company dealt with during late September and early October this year.
Google Patches Android Zero-Day Exploited in Targeted Attacks (SecurityWeek) The November 2021 security updates for Android patch a zero-day vulnerability that has been exploited in limited, targeted attacks.
Sensormatic Electronics VideoEdge (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: VideoEdge Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the execution of untrusted code when viewing the VideoEdge admin graphical user interface.
WECON PI Studio (Update A) (CISA) 1. EXECUTIVE SUMMARY ——— Begin Update A Part 1 of 4 ——— CVSS v3 7.8 ATTENTION: Low attack complexity ——— End Update A Part 1 of 4 ———
Cybercriminals Target Transport and Logistics Industry (Decipher) Cybercriminals claim they have access to various shipping and logistics company networks, causing what researchers say could be a “precarious situation” for the struggling supply chain sector.
Capitalizing on Chaos: Cybercriminals Increase Attacks on Vulnerable Retailers in 2021 As Global Supply Chain Crisis Worsens (Imperva) Monthly bot attacks on retail websites rose 13% in 2021 One-third of all login attempts on retail websites in 2021 are account takeover (ATO) attempts, compared to just 25.5% across other industry websites Application layer (L7) DDoS incidents grew nearly 200% in September 2021 as holiday shopping season begins  SAN MATEO, CA — November 3, […]
Cloudentity Research Reveals At Least 44% of Enterprises Report Experiencing Substantial API Security and Privacy Issues (Yahoo Finance) Today Cloudentity, a leading provider of authorization and identity for modern applications, announced its 2021 "State of API Security, Privacy and Governance" report conducted by PulseQA, revealing that in the last 12 months, at least 44% of respondents expressed substantial issues concerning privacy, data leakage, and object property exposure with internal or external-facing APIs.
2021 State of API Security, Privacy, and Governance (Cloudentity and PulseQA) APIs (Application Program Interface) are the underpinnings of app modernization and digital transformation, connecting users and systems to a network of services, applications, and databases.
Security Pros Know What They Need to Do, But Constrained by Lack of Resources (SecurityWeek) A new survey report describes security teams as trapped by a lack of resources into continuing what they have been doing rather than migrating their efforts to what they believe they should be doing.
Continuing Pandemic Concerns to Drive Global Mobile Identity Adoption to Over 850 Million Users by 2026 (ABI Research) Contactless technologies are seeing an uptake across almost all credential applications
63% of Australian organizations expect to face a cyberattack within a year (Intelligent CIO APAC) New Australian Cybersecurity Risk Report finds overconfidence despite potential threats. Nearly two-thirds of Australian organizations think a potential cyberattack on their organization is likely or very likely in the next 12 months, according to the 2021 Australian Cybersecurity Risk Report, a new report from Varonis Systems, a pioneer in data security and analytics. For the […]
Data Privacy at Risk as Insurance Technology Solutions Grow (PRWeb) Every day there are cyberattacks, and daily we move more of our lives online where we are vulnerable to attacks. Insurtech is no stranger to these sensit
New SailPoint Survey Exposes Concerning Generational Differences Regarding Corporate Email Use and Cybersecurity Posture (SailPoint) Findings show younger generations conduct more risky behavior, with 93% of Gen Z workers utilizing corporate email for personal use AUSTIN, Nov. 3,
Wabbi Raises Over $2M in Seed Funding for Continuous Security Adoption (Wabbi) Wabbi, a continuous security platform, announced it has raised $2.2million in an oversubscribed seed funding round led by Mendoza Ventures.
Vaultree Raises $3.3M to Develop a New Encryption Standard (Grit Daily News) Vaultree has secured $3.3 million in seed funding to usher in a new era of data protection via its next-generation encryption.
One of Darktrace’s largest shareholders to sell a third of shares after lock-up (the Guardian) Deep Defence is to sell 11m shares in cybersecurity firm worth about £70m at the company’s closing price on Tuesday
Fraud prevention platform FingerprintJS lands $32M to launch premium services (NewsBreak) Let the OSS Enterprise newsletter guide your open source journey! Sign up here. FingerprintJS, a Chicago, Illinois-based company developing a fingerprinting service for the web, today announced that it raised $32 million in series B funding led by Craft Ventures with participation from Nexus Venture Partners and Uncorrelated Ventures. Cofounder and…
VMware's spin-off from Dell Technologies completed (Light Reading) The spin-off from Dell Technologies provides VMware increased freedom to execute its multi-cloud strategy, a simplified capital structure and governance model and additional operational and financial flexibility.
cloudtamer.io Rebrands as Kion (BusinessWire) cloudtamer.io announces rebrand into Kion as well as major updates to its platform, Kion 3.0.
Huawei Said to Sell Key Server Division Due to U.S. Blacklisting (Bloomberg) Firm backed by government will likely participate in takeover. Chinese tech giant couldn’t buy x86 chips because of sanctions.
The Strange Saga of Huawei (New York Times) How the U.S. tries to keep the country safe and competitive as the future of technology becomes less American.
ShiftLeft Hits 407 % Annual Growth Driven By Rapid Adoption, Innovation (BusinessWire) ShiftLeft, an innovator in automated application security testing, announced 407% year over year revenue growth driven by increased customer demand.
KnowBe4 Named to Inc.’s First-Annual Best-Led Companies List (PRWeb) Inc. today announced its first annual Best-Led Companies list, an exciting 12-point measure of management excellence across the middle market — a select,
CrowdStrike Named One of the Best-Led Companies in America (BusinessWire) CrowdStrike, a leader in cloud-delivered endpoint protection and workload protection, today announced that it took a top spot in Inc.’s first annual Best-Led Companies list. Inc. ranked CrowdStrike fourth out of 250 companies, both public and private, that are making a massive impact on the U.S. economy, have a dedicated, thriving workforce, and represent some of the strongest revenue drivers in the country.
ZeroFox Wins Threat Intelligence Category in 2021 CISO Choice Awards (The Bakersfield Californian) WASHINGTON–(BUSINESS WIRE)–Nov 2, 2021–
Concentric Named a Cool Vendor in 2021 Gartner® "Cool Vendors™ in Privacy" Report (Yahoo Finance) Concentric Inc., a leading vendor of intelligent AI-based solutions for protecting business-critical data, today announced it has been recognized in the 2021 list of Cool Vendors in the "Cool Vendors in Privacy"1 report published by Gartner.
Identity And Access Management Trailblazer Paul Trulove Joins Authomize As Advisor (Yahoo Finance) Authomize, the first solution for continuously managing the Authorization Security Lifecycle across all cloud environments, announced today that Paul Trulove, who brings over 14 years of extensive expertise in the identity and access management market, has joined the company as an advisor.
Tessian Announces Allen Lieberman as its Chief Product Officer (IT News Online) Lieberman joins the Human Layer Security company from VMware Carbon Black
Steve Daheb joins Tanium as CMO (Help Net Security) Tanium announced the appointment of Steve Daheb to the position of Chief Marketing Officer (CMO) to increase Tanium’s brand momentum.
Virsec Strengthens Executive Team with Four Key Appointments (GlobeNewswire News Room) Expanded Leadership Team Further Positions Company for Hyper-Growth as More Customers Look to Virsec to Protect Their Software Workloads at Runtime…
Deep Instinct Expands Executive Leadership Team to Build Upon Recent Company Momentum (BusinessWire) Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today announced the addition of two key leaders to the executive
Corelight Announces Integration for Microsoft Defender for IoT as a Data Source for the Platform (Corelight) Corelight Announces Integration with Microsoft Defender for IoT
Pathlock Joins Microsoft Intelligent Security Association, Integrating with Microsoft Azure Active Directory to Deliver Best-of-Breed Access Capabilities (PR Newswire) Pathlock, a leader in Access Orchestration, today announced the company has joined the Microsoft Intelligent Security Association (MISA)….
ABAG Simplifies Security with Citrix® (Citrix Investor Relations) Company leverages secure access solutions to protect distributed employees while simplifying operations
Cowbell Cyber Partners with Sayata to Further Advance Cyber Insurance Digitization (Cowbell) Cowbell® Cyber, the industry’s first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced a partnership with Sayata, the leading broker platform for placing cyber and other commercial risks, to provide precise, instant quoting for cyber coverage through a 100% digital process, further increasing the speed at which cyber policies can be issued.
Blumira Adds Global Telecom Solutions (GTS) as a Major Strategic Partner (Blumira) Blumira announced a strategic partnership with Detroit-based telecom and cloud services firm, Global Telecom Solutions (GTS).
ROI of Modern Pentesting Report (Cobalt) Is your pentesting program worth it? Download the ROI of Modern Pentesting Report to learn how to s strengthen your security program today.
Devo Makes Streaming Analytics a Reality for SOC Teams with Intuitive Visual Correlation Engine (Devo.com) Devo Flow makes streaming analytics a reality for SOC teams with intuitive visual correlation engine
Eset beefs up consumer security products (iTWire) Security vendor Eset has updated its consumer products Eset Nod32 Antivirus, Eset Internet Security, and Eset Smart Security Premium with improved protection and new features. A key feature of Eset Smart Security Premium is LiveGuard, which provides an additional layer of protection against novel th…
BlackBerry and Okta Partner to Deliver Seamless Identity and Access Capabilities (BlackBerry) BlackBerry Limited announced today a technology integration between Okta, Inc.’s Identity Cloud and BlackBerry Spark® unified endpoint management (UEM).
Illusive Unveils New Identity Risk Management Offering for Microsoft Azure Active Directory (PR Newswire) Illusive, trusted by enterprises worldwide for protection against ransomware and cyber attacks, announced today Illusive Identity Risk…
Qrypt Offers Quantum Security for Enterprises Through the Cloud (BusinessWire) Entropy-as-a-Service Startup Qrypt Launches Cloud-based Quantum Key Distribution, in Addition to New Enterprise QRNG Platform
Zscaler Says ZPA Gets Provisional ATO at Impact Level 5 from DoD (MeriTalk) Cloud security provider Zscaler said that its Zscaler Private Access (ZPA) service has received a provisional authorization to operate at Impact Level 5 as published in the Defense Department’s Cloud Computing Security Requirements Guide.
Tech Data inks regional partnership with Cybereason (Reseller News) Tech Data has struck a partnership with Cybereason that will see it provide joint customers throughout Asia Pacific with a managed detection and response (MDR) offering.
FIDO Authenticator Certification for Veridium iOS and Android Mobile SDK (BusinessWire) FIDO Authenticator Certification for Veridium iOS and Android Mobile SDK
Mission Accessibility: BehavioSec Brings Behavioral Biometrics to the Masses (BehavioSec) How do you keep employees and customers engaged while at the same time employing a level of authentication superior to passwords and other knowledge-based methods? For years, organizations have had to choose one at the cost of the other. As a result, authentication processes have often become cumbersome journeys to be dreaded by employees and … Continue reading "Mission Accessibility: BehavioSec Brings Behavioral Biometrics to the Masses"
Infosec Institute Celebrates Successful Cybersecurity Training Integra (PRWeb) Infosec Institute, a leading cybersecurity education company, today announced their integration with Microsoft Viva Learning is now available to all Micros
SEON Unveils Fraud Prevention App for Shopify (The Daily News) SEON, the fraud fighters, today announced that its fraud detection and prevention app is now available on Shopify. SEON’s new app delivers smarter, easier fraud checks to help reduce chargebacks, lost payments and goods, and smarter fraud checks powered by AI and machine learning to Shopify’s 1.75 million merchants globally.
Tech Companies Push Users to Adopt Two-Factor Authentication (Wall Street Journal) Google said it plans to automatically enroll 150 million Google accounts and 2 million YouTube accounts in its two-step verification program by the end of the year.
Ransomware: what IT contractors' defence preparations should involve (ContractorUK) Gerrish Legal outlines the tech and legal framework to get in place before your data is held captive.
Why cloud bugs don't get CVEs, and why it's an issue (SearchSecurity) There is currently no CVE system that tracks and discloses security bugs in cloud services, and experts say it's a problem.
Proven third-party risk management strategies (Help Net Security) Organizations that have prioritized the development of a robust third-party cyber risk management (TPCRM) program are experiencing success.
Minimize Ransomware Damage by Stopping Lateral Movement (GovInfoSecurity) Organized ransomware groups like DarkSide and REvil consistently bypass existing defenses at some of the world’s most well-defended organizations. Once they gain entry, they move laterally to encrypt and steal as much sensitive data as possible. If you can stop their ability to move laterally, you dramatically reduce the scope of damage they can cause.
Businesses don't talk about being victims of cyberattacks. That needs to change (ZDNet) Organisations that fall victim to cyberattacks are rarely willing to discuss incidents, but more transparency is needed says an ex-NSA chief.
What Greek Mythology Can Teach Us About Present-Day Cybersecurity (SailPoint) The cybersecurity Pandora’s Box is still open, and it shows no signs of shutting down when it comes to our present-day digital posture. Last year, we
Facebook to Shut Down Facial Recognition in Photos, Videos (Wall Street Journal) The social-media platform said it would delete data related to the faces of more than one billion people, scrapping a feature that raised concerns among privacy advocates and regulators.
Facebook to Shut Down Face-Recognition System, Delete Data (SecurityWeek) Facebook said it will shut down its face-recognition system and delete the faceprints of more than 1 billion people, against growing societal concerns, especially as regulators have yet to provide clear rules
Facebook, Citing Societal Concerns, Plans to Shut Down Facial Recognition System (New York Times) Saying it wants “to find the right balance” with the technology, the social network will delete the face scan data of more than one billion users.
Facebook to drop Face Recognition, will delete templates on more than one billion people (The Record by Recorded Future) Facebook says it's shutting down its Face Recognition tagging feature and will delete templates on more than one billion people.
Facebook to shut down its facial recognition system and delete facial templates of more than 1 billion people (Computing) Limiting the use of the technology to 'a narrow set of use cases' will be appropriate, it says
7 lessons learned from the Vatican's artificial intelligence symposium (National Catholic Reporter) Sometime before December 2019, Bishop Paul Tighe, secretary of the Pontifical Council of Culture, and Michael Koch, then the German ambassador…
LSU Selected to Apply for National Centers of Academic Excellence in Cyber Operations (Yahoo Finance) The National Centers of Academic Excellence in Cyber Operations (CAE-CO) program recently selected LSU as the sole university allowed to apply for the CAE-CO designation in 2021. This designation is currently held by only 24 other universities across the nation. It’s an achievement that would not have been possible were it not for LSU Computer Science and Engineering Professor Golden G. Richard III, who is also the associate director for LSU’s…
Matt Hicks receives NSF CAREER award to develop tools for enhanced hardware security (Virginia Tech) Recently awarded a five-year Faculty Early Career Development (CAREER) award by the National Science Foundation, Hicks said his research will further enhance hardware security, especially in the United States, by identifying novel weaknesses and enabling him to learn more about the design space for security tools.
‘Nine Eyes’? Bill Would Look at Adding Four Countries to Intel-Sharing Pact (Defense One) Lawmaker says current ‘Anglophile view’ is insufficient against China.
Space hacking risks pose cyber policy test for Biden admin (README) The White House won’t be defining the space industry as critical infrastructure, despite mounting pressure from business and lawmakers.
CIA Director Burns met with Russian security council chief in Moscow (CNN) CIA Director Bill Burns is leading a delegation of senior US officials in Moscow for a two-day series of meetings with Russian officials, a US embassy spokesperson said on Tuesday.
CIA director meets in Moscow with top Russian official amid heightened tensions (CBS News) The Biden administration has been trying to foster a more stable and predictable relationship with the Kremlin.
CIA Director Makes Rare Trip to Moscow for Talks on Russia-US Ties (VOA) Biden sent a top Russia expert, Under Secretary of State Victoria Nuland, to Moscow for talks last month that failed to yield any progress
Jihadi Networks Are More Resilient Than We Think (Foreign Policy) The world may be distracted by other threats, but jihadis aren’t going away anytime soon.
Israel, US Step Up Direct Actions Against Iranian Drone Production (Breaking Defense) "This is not a new front, but now the actions will be more frequent and more aggressive," an Israeli defense source told Breaking Defense.
The U.S. Is Competing With the Wrong China (World Politics Review) China’s achievements in infrastructure are a distraction from more fundamental competitive challenges facing many Western countries, and particularly the U.S. China’s big advantage, and where the U.S. should be focusing much more, lies in the investments it is making in the education and training of its population.
What is NZ’s Cyber Security Emergency Response Plan? (Security Brief) The Cyber Security Emergency Response Plan (CSERP) is the framework that the government will use in the event of a cyber-emergency.
WSJ News Exclusive | Biden Administration to Order Federal Agencies to Fix Hundreds of Cyber Flaws (Wall Street Journal) The Biden administration is expected to issue a new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.
Binding Operational Directive 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities (cyber.dhs.gov) The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The federal government must improve its efforts to protect against these campaigns by ensuring the security of information technology assets across the federal enterprise. Vulnerabilities that have previously been used to exploit public and private organizations are a frequent attack vector for malicious cyber actors of all types. These vulnerabilities pose significant risk to agencies and the federal enterprise. It is essential to aggressively remediate known exploited vulnerabilities to protect federal information systems and reduce cyber incidents.
TSA Considers Rulemaking Process for Cybersecurity in Transportation Sector (Nextgov.com) The announcement from a White House official follows pressure from industry and GOP lawmakers questioning the administration’s use of security directives to improve the sector’s cybersecurity.
Republican Senators Questioning TSA’s Pipeline Cyber Directives Development (MeriTalk) A trio of Republican senators is seeking information from the Transportation Security Agency (TSA) about its process for developing the two pipeline security directives it issued this summer, according to an Oct. 28 letter sent to Department of Homeland Security (DHS) Inspector General (IG) Joseph Cuffari.
New US cybersecurity and IP surveillance export controls coming, following comment period (JD Supra) The Bureau of Industry and Security (“BIS”) published a new interim final rule on October 21, 2021. It takes effect in 90 days, or on January 19,…
US sanctions four companies selling hacking tools, including NSO Group & Candiru (The Record by Recorded Future) The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today.
Commerce Adds NSO Group and Other Foreign Companies to Entity List for Malicious Cyber Activities (U.S. Department of Commerce) The Commerce Department’s Bureau of Industry and Security (BIS) has released a final rule adding four foreign companies to the Entity List for engaging in activities that are contrary to the national security or foreign
Russia Police Catch, Then Release Hacker Wanted by U.S. (Bloomberg) Pavlovich says he was detained and released in St. Petersburg. Release comes amid ongoing Russia-U.S. cybersecurity talks.
Meta denies Kazakh claims of exclusive access to Facebook content reporting (NASDAQ:FB) (SeekingAlpha) Facebook parent Meta Platforms (FB +0.5%) is denying a claim from Kazakhstan's government that it received exclusive access to the company's content reporting system
CNA cyberattack in March exposed personal information of more than 75,000 people, filings reveal (Yahoo) A March cyberattack that shut down systems at Chicago-based insurance giant CNA exposed the personal information of thousands of employees, contractors and policyholders, the company revealed in a Securities and Exchange Commission filing Monday. More than 75,000 people were affected by the hack, which revealed names, personal identification and Social Security numbers, according to a data …
SEC rejects proposed amendment on CAT data breaches (Pensions & Investments) The SEC rejected a proposed amendment to the plan governing a CAT that would have held industry members liable in a data breach.
SIFMA Hails SEC's Decision On Audit Trail Cyber Liability (Law360) The Securities Industry and Financial Markets Association scored a win when the U.S. Securities and Exchange Commission struck down a bid by national securities exchanges to reduce their liability for data breaches tied to the consolidated audit trail, or CAT. 
Adapting to evolving cybersecurity risks, updated data security/privacy laws (Massachusetts Lawyers Weekly) This past year continued the trend of an increased focus on data security and privacy with the enactment of new laws and increased regulatory activity. Cyberattacks made national headlines as remote work continued to make organizations more vulnerable. Accordingly, organizations should regularly review and update their security posture with the assistance of knowledgeable experts.
After security flaw found, Missouri hires data breach group (Missouri Lawyers Media) Two weeks after a newspaper discovered a security flaw on a state website, Gov. Mike Parson’s administration has hired a company that performs data breach and credit monitoring services.
A cryptocurrency inspired by ‘Squid Game’ crashes. The industry has questions. (New York Times) The digital money, called Squid, began trading last week for a penny. It soared spectacularly, before the money vanished.
Man charged with hacking major US sports leagues to illegally stream games (WeLiveSecurity) A 30-year-old man has been charged with infiltrating the computer systems of major sports leagues in the United States to illegally stream their content for monetary gain,
For a complete running list of events, please visit the Event Tracker.
Understanding Cloud Native Supply Chain Attacks To Defend Against Them (Virtual, Nov 9, 2021) Cyber Threat Alliance Chief Analytic Officer Neil Jenkins and Palo Alto Networks Chief Security Officer of Public Cloud Matt Chiodi offer insights into protective measures for supply chains in the cloud by explaining how attacks occur and providing actionable recommendations for organizations. As the SolarWinds attack remains a threat to the global IT supply chain, organizations must prioritize cloud security in their hybrid work plans to protect critical data and applications.
Virtual Cybersecurity Summit Series (Virtual, Jul 8 – Nov 14, 2021) As the first community organizer to bring the live, immersive experience to cybersecurity conferences in North America, Data Connectors has conducted more than 50 virtual events to it's members. We are happy to announce that the Virtual Cybersecurity Summit Series will continue in 2021. summits feature industry experts, government agencies and innovative solution providers all bringing real world experience & knowledge to the forefront on specific cybersecurity topics and concerns.
The DataTribe Challenge 2021 (Fulton and Virtual, Maryland, United States, Sep 1 – Nov 3, 2021) The DataTribe Challenge is a unique annual competition that brings together the best entrepreneurs in the world looking to disrupt cybersecurity and data science. DataTribe selects three finalists that split $20,000 in prize money and one winner that could receive up to $2 million in seed capital. Finalists are announced on 10/14/21. The Challenge concludes in a pitch event on 11/3/21 where three finalists present to and network with cyber industry luminaries in-person. DataTribe will announce the winner at the end of this event.
Certified CMMC Professional (CCP) Exam Prep (Virtual, Nov 1 – 5, 2021) Edwards CMMC-AB approved CCP courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC Industry’s most respected consultants (e.g., Jacob Horne, Amira Armond*) along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now!
LA Blockchain Summit (Los Angeles and virtual, California, USA, Nov 2 – 3, 2021) LA Blockchain Summit is the leading conference & expo focused on blockchain investing, building and mainstream adoption. An exclusive, curated, high-impact, informative and thought-provoking event presented by some of the world’s foremost innovators, change makers and prominent leaders in the blockchain ecosystem. This is the preeminent industry conference that cannot be missed – presented over two full days, featuring insightful fireside chats with the most accomplished, powerful and astounding list of industry leaders and speakers.
2021 AT&T Security Conference (Virtual, Nov 3, 2021) It's never been a question of just protecting ourselves. Our network. Our data. Our devices. An onslaught of threats against an exponentially growing collection of connected devices and networks means we're all the target. We can't just protect our thing. We must protect the Everything. Get an inside look from the AT&T Chief Security Office and hear guests from the federal government, CNN and more. Here is some of what our experts will be talking about: What makes good open-source software, how to test it for security, and how to keep it running safely. Quantum computing: Friend or foe for security? Making a seven-layer vulnerability management salad. Automating cloud security compliance. Defending authentication from phishing attacks. Key legal topics for incident preparedness and response. Specific security sessions on 5G, connected cars, ad tech and more.

source