Dateline the Internet: the Log4j vulnerabilities and related risks.
Log4j vulnerabilities: new patches and nation-state exploitation. (The CyberWire) In the midst of an Aquatic Panda sighting (this one an unsuccessful attempt to exploit Log4shell against an academic institution), vendors introduce both patches and upgrades to address other, recently discovered vulnerabilities in Log4j.
Why are your IT people so miserable? Log4j2itis (Computerworld) The biggest security problem of your life is happening right under your nose. Even if you don’t know about it, your IT admins do.
AQUATIC PANDA in Possession of Log4Shell Exploit Tools (CrowdStrike) CrowdStrike Falcon OverWatch exposes AQUATIC PANDA in possession of Log4Shell exploit tools during hands-on intrusion attempt. Learn about the process here.
Aquatic Panda infiltrated academic institution through Log4j vulnerability, says CrowdStrike (ZDNet) CrowdStrike said in a new report that they’ve seen a China-based group searching for intellectual property through Log4Shell.
Chinese Spies Exploit Log4Shell to Hack Major Academic Institution (SecurityWeek) China-linked cyberespionage group Aquatic Panda was recently observed exploiting the Log4Shell vulnerability to compromise a large academic institution
APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools (Threatpost) Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
China-based group used Log4j flaw in attack, CrowdStrike says (VentureBeat) CrowdStrike said it disrupted a cyber attack against an academic institution by a China-based group that exploited the Log4j vulnerability.
The Log4j saga: New vulnerabilities and attack vectors discovered (Help Net Security) The Apache Log4j saga continues, as several new Log4Shell attack vectors have been discovered by researchers worldwide.
Log4j, again, needs patching as new bug is found and squashed (SC Magazine) Apache releases patch for Checkmarx-discovered LCE vulnerability.
Log4Shell vulnerability Number Four: “Much ado about something” (Naked Security) It’s a Log4j bug, and you ought to patch it. But we don’t think it’s a critical crisis like the last one.
Another Remote Code Execution Vulnerability Patched in Log4j (SecurityWeek) Log4j developers have released an update to patch another remote code execution vulnerability, tracked as CVE-2021-44832.
Log4j 2.17.1 out now, fixes new remote code execution bug (BleepingComputer) Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent version of Log4j and deemed the safest release to upgrade to, but that advice has now evolved.
Contrast Security Reveals the Log4j Attack’s Effects on Global Enterprises (CIO Applications) The code security specialists at Contrast deliver an update on the most severe software vulnerability in history.
Microsoft Defender Receives Features for Detecting Log4j Vulnerabilities (WinBuzzer) Microsoft Defender for Containers and Microsoft 365 can now protect users against Log4Shell exploits from the Log4j flaws.
Microsoft security update sets klaxons blaring in… Microsoft Defender. What went wrong? (The Stack) A new functionality shipped by Microsoft to its own Defender security product has been setting klaxons blaring in SOCs and with security professionals after Defender itself detected it and flagged it as malicious.
Microsoft investigating Defender issue with Log4j scanner (VentureBeat) Microsoft is looking into reports that the Apache Log4j vulnerability scanner in Defender for Endpoint is triggering false positive alerts.
The numbers behind a cyber pandemic – detailed dive (Check Point Software) To get immediate support from our incident response team on Log4j CLICK HERE *Updated 14.12.2021 06:00 PST Precisely one year after the SolarWinds Hack,
Impact of CVE-2021-44228 Apache Log4j Vulnerability (Groupsense) A deep and dark web investigation into the critical remote code execution zero-day impacting the Apache Java-based logging utility Log4j (CVE-2021-44228).
After turbulent cyber year, agencies enter 2022 with fresh security crisis on hand (Federal News Network) Log4j will keep agencies busy into the new year, but experts say the federal enterprise made progress a year after SolarWinds.
Log4Shell is a dumpster fire that should have been avoided (Help Net Security) Log4Shell should have been avoided by following basic IT hygiene guidance, but the internet has not been built by way of hygiene.
NVIDIA, HPE Products Affected by Log4j Vulnerabilities (SecurityWeek) NVIDIA and HPE have confirmed that some of their products are affected by the recently disclosed vulnerabilities in the Apache Log4j logging utility.
What app developers need to do now to fight Log4j exploits (InfoWorld) Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future.
Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg (Hacker Noon) CVE 2021–45046, says the fix to address CVE-2021–44228 in Apache Log4j 2.15.0 was “incomplete in certain non-default configurations.”
Hedera Network Not Affected by Critical Zero-Day Exploit in log4j2 Library, Developers Claim (Crowdfund Insider) On Thursday, December 9, 2021, a “critical” zero-day exploit was reported in the widely used log4j2 library.
Attacks, Threats, and Vulnerabilities
Iranian hackers behind Cox Media Group ransomware attack (The Record by Recorded Future) The ransomware attack that crippled the IT systems and live streams of Cox radio and TV stations earlier this year was the work of Iranian hackers, The Record has learned.
Portugal’s Impresa media outlets hit by hackers (Reuters) The websites of one of Portugal’s biggest newspapers and of a major broadcaster, both owned by the country’s largest media conglomerate Impresa, were down on Monday after being hit by a hacker attack over the weekend.
Lapsus$ ransomware gang hits SIC, Portugal’s largest TV channel (The Record by Recorded Future) The Lapsus$ ransomware gang has hacked and is currently extorting Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso, the country’s largest TV channel and weekly newspaper, respectively.
Norwegian Media Firm Amedia Suffers Disruption Due to Cyberattack (SecurityWeek) Norwegian media company Amedia on Tuesday announced that it fell victim to a cyberattack that forced it to shut down multiple systems.
Cyberattack on one of Norway’s largest media companies shuts down presses (The Record by Recorded Future) Amedia, the largest local news publisher in Norway, announced on Tuesday that several of its central computer systems were shut down in what it is calling an apparent “serious” cyberattack.
Dozens of Norwegian newspapers go unprinted after cyber attack (euronews) Amedia, which publishes 78 local titles across the country, says its print distribution was affected for much of this week
Israel’s Jerusalem Post website hacked on Soleimani assassination anniversary (Reuters) Israel’s Jerusalem Post newspaper said on Monday its website had been hacked, in what it said was an apparent threat to the country.
Threat actor uses HP iLO rootkit to wipe servers (The Record by Recorded Future) An Iranian cyber-security firm said it discovered a first-of-its-kind rootkit that hides inside the firmware of HP iLO devices and which has been used in real-world attacks to wipe servers of Iranian organizations.
Implant.ARM.iLOBleed.a (Amnpardaz) HP servers provide a management module called iLO (a.k.a. Integrated Lights-Out), which turns on as soon as the power cable is connected, loading a full-blown proprietary operating system.
Microsoft kicks off 2022 with email blocking Exchange bug (iTnews) Coding error crashes anti-malware scanner.
Microsoft Exchange year 2022 bug in FIP-FS breaks email delivery (BleepingComputer) Microsoft Exchange on-premise servers cannot deliver email starting on January 1st, 2022, due to a “Year 2022” bug in the FIP-FS anti-malware scanning engine.
Microsoft Working To Fix Exchange Y2K22 Bug (OnMSFT.com) A date check failure is causing Microsoft Exchange email messages to be stuck in transport queues, and Microsoft confirmed it’s working on a fix.
More than 1,200 phishing toolkits capable of intercepting 2FA detected in the wild (The Record by Recorded Future) A team of academics said it found more than 1,200 phishing toolkits deployed in the wild that are capable of intercepting and allowing cybercriminals to bypass two-factor authentication (2FA) security codes.
This nightmare incident shows why you really shouldn’t store passwords in your browser (TechRadar) An infostealer is scooping up passwords stored in browsers, experts warn
Experts warn against storing passwords in Chrome after hackers target remote workers (New York Post) Hackers are preying on people working from home for passwords stored in web browsers, experts claim.
QNAP NAS devices hit in surge of ech0raix ransomware attacks (BleepingComputer) Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
Storage Devices of Major Vendors Impacted by Encryption Software Flaws (SecurityWeek) Storage devices from several major vendors are affected by vulnerabilities discovered by a researcher in a third-party encryption software they all use.
Researchers Dive Into Equation Group Tool ‘DoubleFeature’ (SecurityWeek) Check Point security researchers publish findings from a deep-dive into DoubleFeature, a component of the Equation Group’s DanderSpritz post-exploitation framework.
Cyber attack on UK’s Defence Academy had ‘significant’ impact, officer in charge at the time reveals (Sky News) Air Marshal Edward Stringer, who has since retired, says the “sophisticated” hack on the MOD’s Defence Academy in March 2021 had “consequences for operations”. He spoke to Sky News for his first television interview since leaving the military.
Cyber-attack on UK’s Defence Academy caused ‘significant’ damage (the Guardian) Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs
Instagram copyright infringment scams – don’t get sucked in! (Naked Security) We deconstructed a copyright phish so you don’t have to. Be warned: the crooks are getting better at these scams…
Threat Actors Abuse MSBuild for Cobalt Strike Beacon Execution (SecurityWeek) Recently observed malicious campaigns have abused Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines.
Are Apple AirTags Being Used to Track People and Steal Cars? (New York Times) Privacy groups sounded alarms about the coin-sized location-tracking devices when they were introduced. Now people are concerned those fears are being realized.
T-Mobile says new data breach caused by SIM swap attacks (BleepingComputer) T-Mobile confirmed that recent reports of a new data breach are linked to notifications sent to a “very small number of customers” that they fell victim to SIM swap attacks.
Another T-Mobile cyberattack reportedly exposed customer info and SIMs (The Verge) Potentially exposed info includes account and line numbers
Uber ignores vulnerability that lets you send any email from Uber.com (BleepingComputer) A vulnerability in Uber’s email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it for now.
Phishing attacks on central ministry officials get sharper, targeted (The Indian Express) Phishing attempts directed at employees of various central ministries have recently been mounted through compromised government domain email IDs, even as MeitY and NIC take measures to tackle such breaches
Opinion | The spyware crisis is much bigger than NSO Group (Washington Post) Meta, Facebook’s parent company, has a message about the scope and scale of the threat.
AP Exclusive: Polish opposition senator hacked with spyware (The Independent) Security researchers say they’ve confirmed that a third Polish opposition figure had his phone hacked with military-grade spyware from Israeli company NSO Group
What is spyware and how governments can use it for intimidation (Australian Financial Review) In the hands of repressive governments, spyware can be a tool of intimidation and retribution against activists, journalists and business executives.
Organizations Targeted With Babuk-Based Rook Ransomware (SecurityWeek) Rook – a piece of ransomware that emerged in late November has already made three victims, with the first of them hit less than a week after the malware was initially spotted.
Avos Locker remotely accesses boxes, even running in Safe Mode: Sophos (InfotechLead) Sophos, a global leader in cybersecurity, has revealed the AvosLocker attackers installed AnyDesk so it works in Safe Mode,
Hackers Are Getting Better and Better At Defeating Your 2FA Security (Gizmodo) Two-factor authentication is a widely used and trusted security mechanism, but criminals are increasingly using malicious toolkits that can outwit it.
RedLine malware shows why passwords shouldn’t be saved in browsers (BleepingComputer) The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea.
RedLine Malware Takes Emails and Passwords from Over 440,000 Accounts! Find Out If You’ve Been Pwned on ‘Have I Been Pwned’. (Brinkwire) RedLine Malware Takes Emails and Passwords from Over 440,000 Accounts! Find Out If You’ve Been Pwned on ‘Have I Been Pwned’. More than 400,000 email
LastPass users warned their master passwords are compromised (BleepingComputer) Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.
LastPass Automated Warnings Linked to ‘Credential Stuffing’ Attack (SecurityWeek) LastPass users are being targeted in so-called “credential stuffing” attacks that use email addresses and passwords obtained from third-party breaches.
LastPass says no passwords compromised in latest security scare (CNET) The investigation is ongoing. All the same, it’s time to update your master password.
LastPass quells cyber-attack fears, blames email notification surge on ‘glitch’ (The Daily Swig) Password vault investigation reveals no evidence of credential stuffing activity
LastPass confirms credential stuffing attack against some of its users (The Record by Recorded Future) Password manager app LastPass said today that a threat actor has launched a credential stuffing attack against its users in an attempt to gain access to their cloud-hosted password vaults.
Researchers say they found ‘Rosetta Stone’ for mapping systems infected with old Equation Group malware (SC Magazine) A diagnostics plug-in used to scour victim networks and identify appropriate tools for post-exploitation can be used to identify systems compromised by those same tools, researchers at Check Point Software said this week.
Experts Warn About Inactive Domains Being Used For Cyberattacks (TechDator) Researchers at Unit42 of Palo Alto Networks have discovered that one in five domains today on the internet is unsafe.
Why hackers love old domains (Israel Defense) Over 22% of dormant domains are suspicious, malicious, or not safe for work, according to a recent Palo Alto Networks study
Monero miner found on torrent download of new Spider-Man movie (SC Magazine) Researchers say companies need to reiterate to the rank-and-file staff the security risks of downloading torrent files.
Attack on recruitment firm affects government agencies (Business Insurance) A cyberattack on Australia-based IT recruitment agency Finite Group APAC Pty Ltd. by the Conti ransomware gang in October is affecting banks, businesses and government agencies across the country.
The British Council falls victim to two successful ransomware attacks (Security Brief) New cyber fears as The British Council falls victim to two successful ransomware attacks.
Shutterfly services disrupted by Conti ransomware attack (BleepingComputer) Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data.
Shutterfly Says Ransomware Attack Impacted Manufacturing (SecurityWeek) Shutterfly, an online platform for photography and personalized products, has confirmed that some of its services have been affected by a ransomware attack.
Personal and salary data for 637,138 Albanian citizens leaks online (The Record by Recorded Future) The Albanian government has confirmed and apologized on Thursday for a data leak that exposed the personal and salary-related information for 637,138 citizens, more than 22% of the country’s entire population.
Albanian Prime Minister Apologizes Over Database Leak (SecurityWeek) Albania’s prime minister has apologized for a big leak of personal records from a government database of state and private employees, which he said seems more like an inside job than a cyber attack.
Cryptocurrency and Exchange Phish Used to Steal User Information (Cofense) With the hype around cryptocurrency, threat actor exploits using this lure was a matter of time. Analysts at the Cofense Phishing Defense Center (PDC) have noticed a steady uptick in crypto-themed phishing campaigns. Threat actors are preying on emotions by flagging potentially unauthorized withdrawals from individual accounts.
IRS phishing scams warning – 5 ways to protect cash from Christmas thieves (The US Sun) THIEVES and hackers are increasing their efforts to steal money and data from taxpayers this Christmas season by posing as IRS officials in elaborate phishing scams. In a statement, the IRS said &#…
The cool retro phone with a REAL DIAL… plus plenty of IoT problems (Naked Security) You know you want one, because this retro phone is NOT A TOY… except when it comes to cybersecurity.
No puppy for Christmas: Online pet scams proliferate (Concord Monitor) The puppy was supposed to be a Christmas present for her husband, Bryan.But after Lauren Case, a registered nurse from Warren, Arkansas, plunked down $850 via a cash app for a cute teacup Yorkie named Rosy she saw online, she began to get…
IT Services Firm Inetum Discloses Ransomware Attack (SecurityWeek) French IT services company Inetum Group revealed just before Christmas that it had fallen victim to a ransomware attack, but claimed that impact on its operations was limited.
W.Va. state employees work overtime on Christmas to overcome ransomware attack (WCHS) More than 37,000 state employees will get their paychecks this Friday, after payroll administrators worked through the holiday weekend to overcome a recent ransomware attack. While most of were celebrating the holiday weekend with friends and family, many West Virginia state workers were putting in extra hours at the capitol to make sure 37,000 state employees would get paid this Friday. “They worked thousands of hours of overtime,” state auditor JB McCuskey said.
State Auditor: State workers will be paid on schedule despite cyber attack (WV MetroNews) An attack on its HR company happened earlier this month.
Jackson Public Schools Ups Cybersecurity After Hacker Attack (SecurityWeek) The public school district in Mississippi’s capital city is implementing new cybersecurity measures after hackers attacked its server last year.
Strætó Was Hit by Cyber-Attack (Iceland Review) Strætó, the Iceland Public Bus Network, came under attack from hackers yesterday, RÚV reports. The company‘s web servers were hacked but the app was not tampered with. Jóhannes Rúnarsson, the CEO of Strætó, said to RÚV that the incident had been reported to the Data Protection Authority, the Police and the Computer Emergency Response Team […]
Cyber attack disrupts Gloucestershire Council’s website (BBC News) The council’s online revenue and benefits, planning and customer services have been affected.
Security Patches, Mitigations, and Software Updates
Microsoft releases emergency fix for Exchange year 2022 bug (BleepingComputer) Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers.
High-Risk Flaw Haunts Apache Server (SecurityWeek) Remote code execution flaw patched in open-source Apache HTTP Server.
Apache HTTP Server 2.4 vulnerabilities (The Apache HTTP Server Project) This page lists all security vulnerabilities fixed in released versions of Apache HTTP Server 2.4. Each vulnerability is given a security impact rating by the Apache security team – please note that this rating may well vary from platform to platform. We also list the versions the flaw is known to affect, and where a flaw has not been verified list the version with a question mark.
Polygon upgrade quietly fixes bug that put $24B of MATIC at risk (Cointelegraph) The major bug on Polygon reportedly put more than $23.6 billion worth of MATIC at risk, and a hacker managed to siphon 801,601 MATIC before the issue was resolved on Dec. 5.
New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking (SecurityWeek) Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacking.
Johnson Controls exacq Enterprise Manager (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc.
Equipment: exacq Enterprise Manager
Vulnerability: Improper Input Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to enter malicious input resulting in remote code execution.
Moxa MGate Protocol Gateways (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Equipment: MGate MB3180/MB3280/MB3480 Series Protocol Gateways
Vulnerability: Cleartext Transmission of Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow remote attackers to obtain sensitive information.
There are more malicious domains online than ever before (TechRadar) Malicious domains that lie dormant can often remain undetected
How AI-powered fraud and aggressive ransomware could dominate 2022 (Information Age) Jason Steer, principal security strategist at Recorded Future, discusses how AI-powered fraud and ransomware could dominate 2022
How ransomware affected the health industry in 2021 (ETCIO.com) For the first time cyber attacks caused real harm to the patients, according to a study by the United States’ Cybersecurity and Infrastructure Sec..
2021 Social Engineering Attacks: A Look Back (Security Boulevard) 2021 Highlights 2021 has been a year full of everything from Kim and Kayne getting divorced, to a plethora of new social engineering attacks. Unlike the former, the latter issue…
Positive Technologies Reports Decrease In Unique Cyberattacks for the First Time in Recent Memory (Positive Technologies) Research from cybersecurity specialist finds ransomware attacks are declining, and ransomware operators have started ’rebranding’
Top 5 U.S. Espionage Cases of 2021 (ClearanceJobs) When it comes to espionage, 2021 had many insiders attempt to sell some of the nation’s most sensitive secrets to foreign nations.
Risk of cyber attacks in agriculture increasing (Farm Online) Whether it’s modern tractors, automated milking or automated feeding systems, ultimately these machines are controlled by computers or devices that can be compromised.
Worst Cyberattacks of 2021 (So Far) (SDxCentral) Before we start speculating on how bad cyber bugs are going to get next year, let’s look at some of the worst cyberattacks from 2021.
2021 Wants Another Chance (A Lighter-Side Year in Review) (Threatpost) The year wasn’t ALL bad news. These sometimes cringe-worthy/sometimes laughable cybersecurity and other technology stories offer schadenfreude and WTF opportunities, and some giggles.
The scariest security horror stories of 2021 (IT PRO) A crisis at Microsoft, the ransomware resurgence, and endless zero-days dominated headlines
Hacks raised questions about Pentagon’s role in securing cyber and networks: 2021 In Review (Breaking Defense) The military focused its efforts on networked warfare and the US government responded to cyberattacks.
Lessons learned from 2021 network security events (CSO Online) Rather than predict what 2022 will bring, let’s manage the future by implementing the lessons learned from this year’s biggest security threats.
22 cybersecurity statistics to know for 2022 (WeLiveSecurity) As we ring in the New Year, let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trends.
More attacks on cloud providers, home workers coming in 2022: Kaspersky (IT World Canada) Cloud providers face enough headaches from attacks by criminal hackers, but if researchers at Kaspersky are correct, nation-state actors will join the attacks in 2022. That’s one of the predictions Kaspersky made in its annual look at what’s coming from advanced persistent threat actors (APTs). Third-party cloud providers — including outsourced services such as online […]
Copycat and fad hackers will be the bane of supply chain security in 2022 (ZDNet) Experts explain why the supply chain is now a top target for cybercriminals — and what we should expect to see in 2022.
Supply chain and nation-state attacks will highlight 2022, says vendor (IT World Canada – Information Technology news on products, services and issues for CIOs, IT managers and network admins) Supply chain attacks and nation-state cyber warfare will continue to cause anguish for CISOs in 2022, says Check Point Software in its annual predictions blog. Supply chain attacks will become more common, the security company said, which will lead to governments beginning to establish regulations to address these attacks and protect networks. They will also […]
Cyber-insecurity trends: The dark side of DX emerges (Digital Journal) New cybersecurity findings put business leaders at odds with their company’s board members. Can the issues be resolved?
Why the UK’s energy sector is fragile and ripe to cyber attacks (Help Net Security) The NCSC has made it clear just how vulnerable the UK’s energy sector is likely to be at this moment in time.
Web3 is going just great (Web3 is going just great) A timeline of some of the greatest hits in cryptocurrencies, NFTs, and other web3 projects since the beginning of 2021
Shark Tank Star Joins Forces with Cybersecurity Visionary to Form New Industry Powerhouse (PR Newswire) Award-winning cybersecurity solutions providers Fishtech Group (“Fishtech”) and Herjavec Group (“Herjavec”) are pleased to announce their…
Herjavec, Fishtech Merge To Create Managed Security Goliath (CRN) Private equity firm Apax Partners has brought together Herjavec Group and Fishtech Group to form one of the world’s largest pure-play security solution providers.
Privoro Raises $30M in Series B Funding (FinSMEs) Privoro, a Chandler AZ-based company focused on mobile security hardware, raised £40M in Series B funding
Cybersecurity Startup Snyk Is Said to Plan 2022 IPO (Bloomberg) Boston-based company is in talks with banks on listing. Snyk’s backers include Tiger Global, Coatue, BlackRock.
Wipro To Acquire Cybersecurity Firm Edgile For $230M (CRN) ‘Adding Edgile’s strategic consulting capabilities and launching Wipro CyberTransform are significant milestones on our journey to becoming the trusted partner to security leaders and boardroom stakeholders,’ says Tony Buffomante, senior vice president and global head of cybersecurity & risk services at Wipro Limited.
Salt Security to join Unicorn club after reaching $1.5 billion valuation (CTECH) Alphabet’s independent growth fund CapitalG is believed to be among the investors in the $120-150 million round by the Israeli API security startup which has tripled its valuation in just seven months
Helping Companies Secure Access to Applications and Data with a Fresh Round of Funding (Appaegis) Appaegis Inc., a leading Data Centric Zero Trust access security company, announced that it raised $7.7M in seed funding. This round was led by Taiwania Capital, whose mission is to invest in enterprise software, AI, information security, and cloud infrastructure companies. Joining Taiwania Capital are TSVC, 500 Global, Alumni Ventures, Cyber … Continue reading Helping Companies Secure Access to Applications and Data with a Fresh Round of Funding
Record Number Of VC-Backed Cyber Companies Acquired in 2021, Even As Venture Funding Hits New Highs (Crunchbase News) Even in a year where few cybersecurity startups had problems raising money, a record number of venture-backed companies also saw exits through acquisition in 2021.
2021 In Review | Indian startups bag record $36 billion funds in 2021 (The Economic Times) This year, the volume of seed-stage deals dominated with nearly 396 deals aggregating to $705.86 million while about 166 investments at series A amounted to about $1.67 billion, data until December 20, showed.
The year Israeli cyber-wars leveled up (CTECH) The inflation in Israeli cybersecurity companies with similar products created fierce competition between the industry’s top names
The Companies Benefiting From Fragmenting Internet Privacy Rules (New York Times) Companies have sprouted up to help others navigate the varied laws around the world governing websites.
WISeKey Expects 2021 Revenues to Total $20M; Shares Rise (Nasdaq) At its Investor Day, global cybersecurity firm WISeKey International Holding Ltd. (NASDAQ:WKEY) said it expects 2021 revenues to increase 32% year-over-year to around $20 million.
“If Wiz is worth $6 billion, Palo Alto is worth more than a trillion” (CTECH) Unicorns are galloping into the abyss, Israel’s cybersecurity infrastructure is broken, and offensive cyber companies are doing business with criminals. Palo Alto may have entered the Nasdaq-100, but that is not going to hold back founder Nir Zuk
The hacker-for-hire industry is now too big to fail (MIT Technology Review) This is a big moment of turbulence and change for the hacking business. But the demand is here to stay.
Intel Apologizes to China Customers Over Xinjiang Stance (Bloomberg) Brand ambassador Wang Junkai cuts ties with the U.S. chipmaker. Intel asked suppliers not to use labor, products from Xinjiang.
Intel Apologizes After Asking Suppliers to Avoid China’s Xinjiang Region (Wall Street Journal) The chip maker said a letter it had sent to global suppliers was written only to comply with U.S. law and didn’t represent Intel’s stance on the region, where the Chinese government has conducted a campaign of forcible assimilation against religious minorities.
Facebook’s Pushback: Stem the Leaks, Spin the Politics, Don’t Say Sorry (Wall Street Journal) Chief Executive Mark Zuckerberg drove response to disclosures about company’s influence; sending deputies to testify in Congress
Fear of AI could pose the biggest cyber risk of all (Huawei) Excessive caution could allow the bad guys to pull ahead.
Backroom barricade keeping the hacker hordes at bay (Huawei) Security baseline forms bulwark against attacks
Huawei sets up precision manufacturing unit, in drive for self-reliance (Global Times) Chinese telecommunications firm Huawei set up a precision manufacturing unit with registered capital of 600 million yuan ($94.18 million) on Tuesday, expanding its drive to build a self-reliant industry chain.
Jack Dorsey’s hot Web3 takes are apparently too much for Marc Andreessen to handle (The Verge) Dorsey said you don’t own Web3 — VCs like Andreessen do.
Minerva Labs Wins 2021 CyberSecured Awards for Remote Work (Business Wire) Minerva Labs, a leading provider of pre-execution, active threat prevention platform, announced today that it has won the 2021 CyberSecured Awards in
Bug Bounty Radar // The latest bug bounty programs for January 2022 (The Daily Swig) New web targets for the discerning hacker
Products, Services, and Solutions
This $39 course helps you become an expert in cyber risk management (BleepingComputer) The NIST Cybersecurity & Risk Management Frameworks course helps you become a subject matter expert, with 21 hours of in-depth training. It’s normally priced at $295, but you can grab it today for only $39.
Du partners with IBM to enhance cyber security capabilities for UAE enterprises and government entities (Arabian Business) Martin Tarr, acting chief ICT officer, du reveals that successfully combating cyber security threats through efficient incident detection, analysis, and response has always been dependent on effective and comprehensive partnership
Infosec products of the month: December 2021 (Help Net Security) The featured infosec products this month are from: Action1, AwareGO, BlackBerry, Box, Castellan Solutions, Cloudflare, and more.
Technologies, Techniques, and Standards
CISA Pushes for Zero Trust in Latest 5G Guidance (Government CIO) Zero trust continues to be a major hallmark of cloud security, which includes 5G networks.
NSA’s Cybersecurity Collaboration Center Celebrates First Year (Hstoday) The insights shared by NSA enable partners to detect adversary targeting of their infrastructure and mitigate the activity.
How Long Before VPNs Are Mothballed? (Infosecurity Magazine) Why VPNs fail to address security challenges posed by enterprise mobility, BYOD, remote workers, cloud resources, third-party vendors and the network core
Los Angeles launches cybersecurity app for residents (StateScoop) Officials in Los Angeles this week started offering a mobile app meant to protect users from malicious websites, unsecured Wi-Fi networks and phishing attempts.
The Top 5 Cybersecurity Tools Companies Need to Implement Right Now (Infosecurity Magazine) The five cybersecurity tools companies must make sure to implement to lower their risk of being attacked
L.A. Metro, city of Los Angeles make LA Secure security app available (Mass Transit) The app offers protection of mobile devices to L.A. Metro riders, county residents and visitors against potential cyber threats.
Why Cyber Due Diligence Is Essential to the M&A Process (Dark Reading) That announcement may feel good, but if your prospective acquisition’s cybersecurity levels are substandard, it might be best to hold off.
The Need to Re-Invent Cybersecurity at the Enterprise Level (Infosecurity Magazine) There is a need to rethink enterprise cybersecurity architectures by adopting more holistic models of protection
How to tell if someone is stealing your home WiFi (Business Tech) Is your home WiFi sluggish? If you suspect someone is stealing your WiFi, here’s how you can detect and block unknown devices to ensure your home network is fully secure, according to cybersecurity firm, Trend Micro.
Terra Becomes Second-Largest DeFi Protocol, Surpassing Binance Smart Chain (Coindesk) Over $18 billion in value is locked on just 13 projects on Terra.
Cybersecurity campaign pushes through in 2022 (The Manila Times) MORE than 3,000 information technology professionals across the country viewed and joined the Information Security Officers Group (ISOG)’s month-long cybersecurity campaign,…
Design and Innovation
Northrop Adopts Responsible AI Principles to Help Build Trust in AI Systems; Vern Boyle Quoted (ExecutiveBiz) The Defense Innovation Unit released Responsible Artificial Intelligence guidelines that call for stakeholders to develop AI platforms using the principles of transparency, fairness and accountability and Northrop Grumman is adopting RAI principles to help establish trust in AI tools that the Department of Defense will rely on for all-domain operations, particularly in advancing the Joint
University loses 77TB of research data due to backup error (BleepingComputer) The Kyoto University in Japan has lost about 77TB of research data due to an error in the backup system of its Hewlett-Packard supercomputer.
Cybersecurity Careers are Plentiful, Seton Hall Students Are Told, But Soft Skills Matter (NJ Tech Weekly) n October, Seton Hall University held its second annual “Connect-Collaborate-Careers” cybersecurity conference — a Cybersecurity Awareness Month event. The conference was held virtually.
Virginia participating in CyberStart America competition (Augusta Free Press) The Commonwealth of Virginia is taking part in the 2021-2022 CyberStart America competition.
Legislation, Policy, and Regulation
The End of Cyber-Anarchy? (Foreign Affairs) How to build a new digital order.
China harvests masses of data on Western targets, documents show (Washington Post) China is turning a major part of its internal Internet-data surveillance network outward, mining Western social media, including Facebook and Twitter, to equip its government agencies, military and police with information on foreign targets, according to a Washington Post review of hundreds of Chinese bidding documents, contracts and company filings.
As Ukraine crisis heats up, so will cyberattacks, experts warn (CBC News) Western nations, including Canada, should brace themselves for the possibility of increased cyber and ransomware attacks if current tensions between Ukraine and Russia become worse — or even explode into open warfare early in the new year.
Cyber Attacks an Expected Element of Military Strategy as Russia Deploys on the Ukraine Border (CPO Magazine) The conflict between Russia and Ukraine has led to border tensions, but United States and British intelligence think that coordinated cyber attacks are a much more likely opening move than a physical incursion.
Defense plan, cybersecurity, weapons: Danilov on latest NSDC meeting agenda (Ukrinform) The National Security and Defense Council of Ukraine, chaired by President of Ukraine Volodymyr Zelensky, discussed priority measures to ensure national security against internal and external threats. — Ukrinform.
Biden tells Ukraine that U.S. will ‘respond decisively’ if Russia further invades (Reuters) U.S. President Joe Biden on Sunday told Ukraine’s President Volodymyr Zelenskiy the United States and its allies will “respond decisively” if Russia further invades Ukraine, the White House said in a statement.
U.S., Russia set for Jan. 10 security talks amid Ukraine tensions (Reuters) U.S. and Russian officials will hold security talks on Jan. 10 to discuss concerns about their respective military activity and confront rising tensions over Ukraine, the two countries said.
Ukraine lauds “full” U.S. support ahead of Joe Biden-Vladimir Putin call (Newsweek) The two presidents will speak on Thursday as the U.S. and its allies try to deter a possible Russian invasion of Ukraine.
Biden to speak with Ukraine President Zelenskyy, says he ‘made it clear’ to Putin that Russia cannot invade (CNBC) Biden this week urged Russia’s Vladimir Putin to lower the tensions with Ukraine, warning the U.S. was prepared to “respond decisively” if Russia invades.
An Existential Threat to Europe’s Security Architecture? (Foreign Policy) What happens next in Ukraine depends on the West’s readiness for dialogue, says Russia’s ambassador to the United States.
Biden, Putin Emphasize Diplomacy Ahead of Call Over Ukraine Crisis (The Moscow Times) President Joe Biden will offer his Russian counterpart Vladimir Putin a diplomatic path forward on the Ukraine crisis in a telephone call Thursday.
Biden tells Putin U.S. and allies will ‘respond decisively’ if Russia moves on Ukraine (NBC News) Biden also urged the Russian leader to “de-escalate tensions with Ukraine,” White House press secretary Jen Psaki said.
Biden says he warned Putin of ‘severe sanctions’ if Russia invades Ukraine again (Washington Post) President Biden said Friday that he warned Russian President Vladimir Putin in a call that there would be “a heavy price to pay” if Russia invades Ukraine again.
Putin warns Biden against major sanctions over Ukraine: Kremlin (Al Jazeera) US and Russian presidents discuss Ukraine tensions in phone call ahead of lower-level talks in Geneva next month.
Biden and Putin exchange warnings during phone call amid rising Ukraine tensions (the Guardian) Talks represent pair’s second conversation this month amid concern over Russia massing tens of thousands of troops near border
Russian diplomats and military to hold security talks with U.S. next month (Reuters) Russian diplomats and military officials will take part in talks with the United States next month on a list of security guarantees that Moscow wants from Washington, Russian Foreign Minister Sergei Lavrov said on Monday.
Security talks with US, NATO to start next month, Russian foreign minister says (Military Times) Last week, Moscow submitted draft security documents demanding that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe.
Borrell: ‘EU must be involved’ in US-Russia talks on Ukraine (POLITICO) ‘European security is our security. It’s about us,’ the EU’s top diplomat says ahead of January negotiations.
White House: Russia Stepping Up Disinformation In Possible Invasion Prelude (Defense One) U.S. sees rising likelihood of Russian military action against Ukraine, promises strong response.
Putin Remains Defiant, Threatens Ukraine in Annual Presser (Foreign Policy) Russia’s year-end telethon ends with the usual bombast about Ukraine, NATO, and Father Frost.
Amid fears Russia will invade Ukraine, Putin points finger at U.S. and NATO in marathon news conference (Washington Post) Russian President Vladimir Putin, in a marathon news conference Thursday, blamed the West for tensions on the Ukraine border and fears of war, but stopped short of issuing any pronouncements likely to drive further escalation.
Putin to mull options if West refuses guarantees on Ukraine (Military Times) Russian President Vladimir Putin said Sunday he would ponder a slew of options if the West fails to meet his push for security guarantees precluding NATO’s expansion to Ukraine.
Satellite images track new Russian military deployments near Ukraine (Military Times) Maxar Technologies is monitoring the military developments surrounding tensions and cites several new Russian deployments in Crimea and in western Russia near the Ukraine border.
Russia Returns Some Troops to Base After Training Near Ukraine (Bloomberg) More than 10,000 soldiers to head back after month of training. Drills were held in south, including in regions near Ukraine.
The NATO-Russia standoff could redefine the transatlantic relationship (Atlantic Council) The outcome of this dispute could rewrite the terms of security on the European continent for an entire generation.
Sweden’s top general on watching Russia and responding to an invasion of Ukraine (Defense News) Like others in Europe, Sweden bolstered its defense budget after Russia annexed Crimea from Ukraine 2014, and the government is continuing to deepen pan-Nordic defense cooperation.
Ukraine’s Military Has Come a Long Way Since 2014 (Foreign Policy) But so have Russia’s armed forces—making any conflict more of a toss-up than a walkover.
Bear, Meet Porcupine: Unconventional Deterrence for Ukraine (Defense One) By “going porcupine,” Ukraine can make it clear to Russia that invasion will be costly and unsuccessful. But Kiev needs help.
Training Civilians, Ukraine Nurtures a Resistance in Waiting (New York Times) Eastern European nations have drawn a lesson from America’s wars of the last decades: Insurgency works. Ukraine’s training of volunteers has become a factor in the standoff with Russia.
US considers giving Ukraine battlefield intel in anti-Russia provocation (PressTV) The US military is reportedly working on a scheme to provide Ukraine with battlefield intelligence in a purported bid to respond to perceived Russian offensive amid an escalating row with Moscow
U.S. Considers Warning Ukraine of a Russian Invasion in Real-Time (New York Times) U.S. officials say intelligence sharing is essential to the Ukrainian government’s survival, even as they try to avoid escalating the situation.
Two American Spy Planes Just Flew Right Over Ukraine. Their Mission: Map the Nearby Russian Army. (Forbes) A pair of the U.S. Air Force’s best surveillance planes on Monday flew over eastern Ukraine fewer than 40 miles from territory controlled by Russian-backed separatists.
U.S. helps Ukraine to strengthen its border with Russia, Belarus (Reuters) The United States will finance projects including surveillance and monitoring equipment to strengthen Ukraine’s borders with Russia and Belarus, amid continuing escalation with Moscow, Ukraine’s border service said on Tuesday.
How Biden Can Deter Putin from Invading Ukraine (The National Interest) If the administration is talking jaw-jaw, when the Kremlin is talking war-war, the Kremlin will draw (perhaps misleading) conclusions about its ability to act with impunity.
What Putin Really Wants in Ukraine (Foreign Affairs) Russia seeks to stop NATO’s expansion, not to annex more territory.
How Russia Decides When to Invade (Foreign Policy) Past attacks suggest Moscow probably won’t move on Ukraine.
Opinion | Ukraine stood with the West in 2014. Today we must stand with Ukraine. (Washington Post) The United States must continue to build an international coalition of partners in Europe and elsewhere who see the Russian threat with clear eyes.
Russia Is Playing With Fire in the Balkans (Foreign Affairs) How Putin’s Power Play Threatens Europe
Opinion: Canada’s Huawei decision will be a moment of reckoning for the country (The Globe and Mail) Allowing the Chinese tech firm to contribute to our next-generation telecom infrastructure would risk giving Beijing a way to exploit Canada
Japan and US expected to boost cooperation on ransomware threats (The Record by Recorded Future) Japanese government officials said the US and Japan are planning to agree on ransomware collaboration measures at an upcoming security summit, according to reports from Japanese media.
Companies Face Growing Challenges to Move Personal Data From Europe (Wall Street Journal) Negotiations to replace the U.S.-EU Privacy Shield agreement have gone on since 2020.
Companies Face Stricter Cyber Rules in 2022 (Wall Street Journal) In the new year security chiefs face increased cyber reforms, a workforce shortage, and ongoing threats from ransomware groups.
Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration (Nextgov.com) Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.
White House Enlists Software Industry to Improve Open-Source Security (Bloomberg) White House officials are asking major software companies and developers to work with them to improve the security of open-source software, according to an administration official.
Congress zooms in on cybersecurity after banner year of attacks (TheHill) The past 12 months stand as a banner year in the severity of cyberattacks that wreaked havoc on organizations large and small.
Lawmakers Want Biden to Play Bigger Role Pushing Tech Legislation (Wall Street Journal) Lawmakers say 2022 is shaping up as a pivotal year in their efforts to tighten regulations on social media and other internet platforms.
US Still Lacks Federal Cyber Strategy After Decades of Attempts (Nextgov.com) The United Kingdom, meanwhile, recently updated its approach, crediting strong regulatory measures with significant cyber-risk reduction over recent years.
Washington’s Secrecy Bubble Needs to Be Popped (Foreign Policy) Too much classification undermines the rule of law. Here’s how to fix a broken system.
Zscaler’s Stephen Kovac: FedRAMP Should Be Codified, Funded to Help Government Address IT Security Challenges (ExecutiveBiz) Stephen Kovac, chief compliance officer and head of global government affairs at Zscaler, said the role of the Federal Risk and Authorization Management Program in ensuring the security of federal information technology systems has become increasingly important and the government should provide FedRAMP with personnel, funding and other resources to enable the program to meet
Cyberspace Solarium Commission White Paper #6: Countering Disinformation in the United States (Cyberspace Solarium Commission) In its March 2020 final report, the U.S. Cyberspace Solarium Commission called on the U.S. government to promote digital literacy, civic education, and public awareness in order to build societal resilience to foreign malign cyber-enabled information operations.
Litigation, Investigation, and Law Enforcement
Iraqi National Security Agency captures ISIS social media specialist (Kurdistan 24) The Iraqi National Security Agency announced on Thursday that its units captured an ISIS member who was working as a social media specialist for the group.
What the Lieber Verdict Says, and Doesn’t Say, About Future Probes of Scholars’ Ties to China (Chronicle of Higher Education) A federal jury took fewer than three hours to find Charles M. Lieber, a former chairman of Harvard University’s chemistry department, guilty of lying to U.S. government officials about his ties to China.
Russian court fines Alphabet’s Google and Meta Platforms (Reuters) A Moscow court on Friday said it was fining Alphabet’s Google 7.2 billion roubles ($98 million) for what it said was a repeated failure to delete content Russia deems illegal, the first revenue-based fine of its kind in Russia.
India antitrust watchdog orders investigation into Apple’s business practices (TechCrunch) The Indian antitrust watchdog on Friday ordered an investigation into Apple’s business practices — in particular, the company mandating iPhone app developers to use a proprietary payments system — in India, where the American firm commands less than 2% of the smartphone market. Th…
Potential DOJ suits against Apple and Google delayed amid budget woes (POLITICO) Antitrust prosecutors had aimed to wrap up their probes of the two tech giants by Dec. 31. But now a decision on whether to sue could come in March or later.
Amazon Cloud Unit Draws Antitrust Scrutiny From Khan’s FTC (Bloomberg) Federal investigators have contacted companies about AWS unit. Outreach shows probe is active under FTC’s new leadership.
‘Give Us Details,’ Panel Asks People Who Think They Were Pegasus Targets (NDTV.com) The technical committee appointed by the Supreme Court to investigate the Pegasus spyware issue has sought information from people who suspect their phones were targeted.
Polish prosecutors decline to investigate phone hacking allegation (Reuters) Polish prosecutors said on Wednesday they would not investigate an allegation that the phone of a high-profile government critic was hacked, amid accusations that opposition figures have been subject to illegal surveillance.
Polish senator says prosecutors dragging feet over phone hacking (Reuters) A Polish opposition senator who believes his phone was hacked using sophisticated spyware developed by the Israel-based NSO Group has accused prosecutors of failing to act on the case, viewing it as a “hot potato” to be passed between offices.
Poland’s Tusk Calls Spyware Use ‘Crisis for Democracy’ (SecurityWeek) Polish opposition leader Donald Tusk on Tuesday said reports the government spied on its opponents represented the country’s biggest “crisis for democracy” since the end of communism.
virar: Virar man posts suicide note online; saved by cyber cops (The Times of India) In less than two hours, the Mumbai cyber police managed to track down a 30-year-old man to his Virar home and saved his life after he tweeted a two-p
Korean government tells Apple and Google stores to take down P2E games (Cointelegraph) South Korea’s Game Management Committee has asked major app stores to remove play to earn games from their marketplaces to combat speculative money-making games.
Highway Patrol finishes probe of Post-Dispatch, turns investigation over to Cole County prosecutor (St. Louis Post-Dispatch) State officials initially planned to thank the Post-Dispatch, but Gov. Mike Parson threatened the newspaper instead.
Parson says he believes prosecutor will bring charges in Post-Dispatch case (St. Louis Post-Dispatch) Missouri’s governor has often tangled with news outlets over coverage he doesn’t like.
Reporter likely to be charged for using “view source” feature on web browser (Boing Boing) A St. Louis Post-Dispatch reporter who viewed the source HTML of a Missouri Department of Elementary and Secondary Education website is now likely to be prosecuted for computer tampering, says Miss…
The governor of Missouri still doesn’t know how websites work (The Verge) According to him looking at website source code is a crime
Half a Dozen of India’s Crypto Exchanges Searched After Alleged Rupee 700M Tax Evasion Detected: Sources (Coindesk) The sources said the searches were initiated after a Mumbai tax authority recovered funds from crypto exchange WazirX.
Federal judge dismisses lawsuit against former top Saudi intel official (TheHill) A federal judge threw out a lawsuit on Wednesday against a former senior Saudi intelligence official after the director of National Intelligence earlier this year used the state secrets privilege to block sensi
In the Fight Against Cybercrime, Takedowns Are Only Temporary (Dark Reading) Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it’s far from a perfect strategy.
Lawsuit alleges Oregon snooped on pipeline opponents (Canada’s National Observer) “Civil rights and privacy advocates have been sounding the alarm about fusion centres for years,” said Farhang Heydari, executive director of the Policing Project, in a statement. “But TITAN is one of the worst offenders.”
Surveillance database tracks what technology police use in NH (Concord Monitor) As police gain access to increasingly advanced surveillance tools, researchers are constructing a nationwide, open-source database of technology to help level the playing field between the companies that sell equipment to departments and the citizens…
The Spy Who Got Away With Stealing America’s Nuclear Secrets (The Federalist) In ‘Sleeper Agent: The Atomic Spy in America Who Got Away,’ former Wall Street Journal reporter Ann Hagedorn provides a captivating account George Koval, who was born in Iowa and died a Soviet hero.