North America

January 15, 2021 — In a deceptively cryptic tweet, the world’s richest man told his 42 million followers to just: “Use Signal.”

Many of them followed that order blindly, and it led to a very expensive mistake.

They thought Mr Musk was telling them to buy shares in a small medical device firm (Signal Advance). So they did, without knowing what it actually was. Source: News

Mountain View, California: January 11,2021 — Signal and Telegram messaging apps are seeing a sudden increase in demand after larger rival WhatsApp’s updated terms of service raised eyebrows on social media last week.

This is even as Turkish President Recep Tayyip Erdogan’s media office and the country’s defence ministry told journalists they are quitting WhatsApp as well, joining the global flight from the popular messaging app over new usage terms that have sparked privacy concerns. Source: The Straits Times

December 2, 2020 — You might expect the United States is the country affected most by data theft in the past seven years. A British consumer website called USwitch came up with that nugget by calculating the amount of publicly-announced data stolen per 100,000 of a country’s population. In second place, South Korea. And number three: Canada. The United Kingdom was in fourth place, followed by Australia. That ranking gives weight to big data thefts rather than the number of breaches. Source: IT World Canada 

November 30, 2020 — Chris Krebs, a lifelong Republican, was put in charge of the agency handling election security by President Trump two years ago. When Krebs said the election was the country’s most secure ever, Mr. Trump fired him. Now, Krebs speaks to Scott Pelley.

Though the transition has begun, President Trump remains largely holed up in the White House tweeting false accusations of a rigged election from behind a crumbling wall of lawsuits. No legal challenge, no recount, no audit has changed the outcome in any state. Source: CBSNews

November 16, 2020 — Digital integrity simply means, keeping our data, ours. Sustaining the digital integrity of our nation’s private and government systems in governance, finance, industry, defense, healthcare, goods and services is essential to our national security. In a digital age, US national security is dependent on cyber security technologies’ ability to protect, deny, and defend our private and government networks from attack, intrusion, corruption, and theft. In a nation of ubiquitous cyber risk and unimpeded attackers, we are all ‘virtually’ on our own. Source: Huffpost

November 6, 2020 — The U.S. Department of Energy (DOE) has launched the Operational Technology (OT) Defender Fellowship, another step toward defending the critical infrastructure that underpins America’s security and prosperity. The OT Defender Fellowship program is a collaboration with DOE’s Idaho National Laboratory (INL) and the Foundation for Defense of Democracies’ (FDD) Center for Cyber and Technology Innovation (CCTI) that will deepen the cybersecurity knowledge of key U.S. front-line critical infrastructure defenders. Source: Security Magazine

October 12, 2020 — Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android’s Home button to lock the device behind a ransom note.

The findings concern a variant of a known Android ransomware family dubbed “MalLocker.B” which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as an obfuscation mechanism to evade security solutions. Source: The Hacker News

October 10, 2020 — A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Source: Krebs on Security

Sunnyvale, CA: October 6, 2020 – Arctic Wolf®, the leader in security operations, today announced the release of its 2020 Security Operations Report. Using data collected from the Arctic Wolf® Platform and real-world experiences from the Arctic Wolf Concierge Security® Team, the Arctic Wolf Security Operations report quantifies key security operations data from the thousands of environments protected by Arctic Wolf. Source: Dark Reading 

October 5, 2020 — Insurance is one of the most promising tools for addressing pervasive cyber insecurity. A robust market for insuring cyber incidents could, among other things, financially incentivize organizations to adopt better cyber hygiene—thereby reducing cyber risk for society as a whole. But cyber insurance is not yet mature enough to fulfill its potential, partly due to uncertainty about what kinds of cyber risks are, or can be, insured. Source: Carnegie Endowment for International Peace

October 5, 2020 — Visa Payment Fraud Disruption (PFD) analysed malware samples recovered from the independent compromises of two North American merchants. In these incidents, criminals targeted the merchants’ point-of-sale (POS) terminals in an effort to harvest and exfiltrate payment card data. 

According to a security alert published in September 2020, the attacks took place in May and June 2020, respectively. Source: Visa Security Alert

 – Universal Health Services, one of the largest US health systems, confirmed on October 3 that the ransomware attack reported last week has affected all of its US care sites and hospitals, spurring clinicians into EHR downtime procedures. 

Hackers launched the cyberattack around 2AM Sunday, September 27, which prompted a number of staff members and clinicians from around the country to take to Reddit to determine the scope of the attack. The thread detailed outages to computer systems, phone services, the internet, and data centers. 

Source: Health IT Security

Washington, DC: September 30, 2020 – The Cyber Readiness Institute (CRI) today expanded its partnership with the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) with the launch a new cybersecurity toolkit specifically focused on helping companies protect themselves, their customers, and their employees as millions have moved to remote work arrangements over the past six months. Source: Dark Reading

September 23, 2020 — The head of the Canadian Centre for Cyber Security says a goal can’t be set for when Canadians will be fully cyber-secure, but that education needs to be consistent, not be fear-based, and it needs to use simple language.

“I don’t really have a timeline, I don’t think that it’s going to be every Canadian will be cyber trained by 2035,” Scott Jones said in an interview. Source: Yahoo Finance

USA: September 22, 2020 — The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this announcement to raise awareness of the potential threat posed by attempts to spread disinformation regarding the results of the 2020 elections. Source: ESPC

September 8, 2020 — A ransomware attack forced Hartford, Conn., to call off the first day of classes. A website crash left many of Houston’s 200,000 students staring at error messages. And a server problem in Virginia Beach disrupted the first hours back to school there.

For millions of American schoolchildren, the Tuesday after Labor Day traditionally marks the end of summer vacation and the start of the first day of classes. But this year, instead of boarding buses and lugging backpacks, many students opened their laptops for online instruction at home, only to encounter technical glitches.

Source: The New York Times

Washington: September 4, 2020 — The National Space Council issued new cybersecurity principles to help defend America’s space systems Sept. 4. According to the White House, Space Policy Directive-5, or SPD-5, will foster practices within the government and commercial space operations to protect space systems from cyberthreats. Source: C4ISRNET

September 3, 2020 — This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM). Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme—referred to by the U.S. Government as “FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks.” Source: US CERT

Image: Microsoft

August 31, 2020 — The importance of cybersecurity in facilitating productive remote work was a significant catalyst for the two years-worth of digital transformation we observed in the first two months of the COVID-19 pandemic. In this era of ubiquitous computing, security solutions don’t just sniff out threats, they serve as control planes for improving productivity and collaboration by giving end-users easier access to more corporate resources. Source: Microsoft

Statement from the Office of the Chief Information Officer of the Government Canada on recent credential stuffing attacks

Ottawa, Ontario: August 15, 2020 – The Government of Canada is taking action in response to “credential stuffing” attacks mounted on the GCKey service and CRA accounts. These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts. Source: Treasury Board of Canada Secretariat

San Francisco: July 16, 2020 – Twitter (TWTR.N) said hackers accessed its internal systems to hijack some of the platform’s top voices including U.S. presidential candidate Joe Biden, reality TV star Kim Kardashian, former U.S. President Barack Obama and billionaire Elon Musk and used them to solicit digital currency. Source: Reuters

July 10, 2020 – Digicert says, come Saturday, July 11, it will revoke tens of thousands of encryption certificates issued by intermediaries that were not properly audited. Source: The Register

Washington: July 10, 2020 — In recognition of the growing convergence of cyber and traditional financial crimes, the U.S. Secret Service is formally merging its Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs) into a single unified network, which will be known as the Cyber Fraud Task Forces (CFTFs). Source: ESPC Editor

July 5, 2020 – A recent Inspector General’s (IG) report finds that NASA struggles with implementing cybersecurity policies amid a huge spending of $2.3 billion on IT, networking and security technology in 2019. Source: ESPC Editor

July 2, 2020 – Zoom Video Communications Inc said on Wednesday it has added over 100 features to its video conferencing as part of its 90-day plan to address security and privacy concerns. Source: Reuters

February 7, 2020 – The U.S. Department of Defense (DoD) recently published a new set of cybersecurity standards, known as the Cybersecurity Maturity Model Certification (CMMC) version 1.0. The new standards will require defense companies to adhere to a set of rules and mandates if they want to do business with the Pentagon procurement programs. According to DoD, any company that does business with the Pentagon will have to get some level of certification and their defense acquisition workforce will need to be trained on how to apply the model to their contracts. Source: CISO MAG

May 3, 2019 – THE NATIONAL SECURITY Agency develops advanced hacking tools in-house for both offense and defense—which you could probably guess even if some notable examples hadn’t leaked in recent years. But on Tuesday at the RSA security conference in San Francisco, the agency demonstrated Ghidra, a refined internal tool that it has chosen to open source. Source: WIRED