Facebook takes down Evil Eye. FBI alert warns of Mamba ransomware evolution. Huawei joins CERT-IOC. Slack’s backtrack. – The CyberWire


Did you know that geoFence is US veteran owned and operated?

Cyber Attacks, Threats, and Vulnerabilities

FBI sends out private industry alert about Mamba ransomware (The Record by Recorded Future) The US Federal Bureau of Investigations has sent out this week a private industry notification to US organizations warning about attacks carried out by the Mamba ransomware gang, along with basic instructions about how organizations could recover from an attack if the intrusion was caught in its early stages.

Facebook disrupts China-based hackers it says spied on Uyghur Muslim dissidents and journalists living outside China, including in the U.S. (Washington Post) Facebook has disrupted what it says is a China-based espionage campaign against Uyghur Muslim journalists, dissidents and activists living overseas, including in the United States, the social media giant announced Wednesday.

Facebook Disrupts Chinese Spies Using iPhone, Android Malware (SecurityWeek) Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that use iPhone and Android malware to hit journalists, dissidents and activists around the world.

Facebook caught Chinese hackers using fake personas to target Uyghurs abroad (TechCrunch) Facebook on Wednesday announced new actions to disrupt a network of China-based hackers leveraging the platform to compromise targets in the Uyghur community. The group, known to security researchers as “Earth Empusa,” “Evil Eye” or “Poison Carp” targeted around …

Facebook Moves Against ‘Evil Eye’ Hackers Targeting Uyghurs (Wired) The company’s investigation into a Chinese espionage campaign took researchers beyond Facebook’s own platforms.

Microsoft: Ongoing, Expanding Campaign Bypassing Phishing Protections (SecurityWeek) Microsoft warns that the long-running ‘Compact’ phishing operation is using several email services to hide the malicious intent of their messages.

Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million (ZDNet) Free trials can cost mobile app users thousands of dollars in the long run.

A newly-wormable Windows botnet is ballooning in size (TechCrunch) Purple Fox malware infections have rocketed by at least 600% in the past year.

Honeywell Says Malware Disrupted IT Systems (SecurityWeek) Industrial giant Honeywell detected a malware infection that caused disruption to some IT systems.

Guns.Com Got Hacked (Gizmodo) Watch out, firearm lovers. The subtly-named guns.com, a place where Americans can go to pick out whatever stylish boomstick they like and have it shipped straight to their neck of the woods, seems to have a pretty awful data breach on its hands.

Pupil coursework lost during ‘spike’ in school cyber attacks (Schools Week) Schools have lost financial records, students’ coursework and Covid-19 testing data during a recent “spike” in cyber attacks targeting the education sector. The National Cyber Security Centre (NCSC) today published an alert warning schools and other education settings to take further precautions to protect themselves against ransomware following “an increased number” of attacks since late…

Insurer CNA Says Cyberattack Caused Network Disruption (SecurityWeek) Insurer CNA says its network was disrupted and certain systems, including corporate email, are affected.

Insurer CNA Reports It Has Been Hit by ‘Sophisticated’ Cyber Attack (Insurance Journal) Commercial lines insurer CNA reported that it has sustained a “sophisticated cybersecurity attack” that caused a network disruption and impacted certain

Cyber attack suspected in CNA’s loss of website and systems (Insurance Day) Company forced to disconnect systems from network

[CNA incident disclosure] (CNA) On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email.

UM victim of cyber-attack, student information potentially compromised (The Miami Hurricane) The University of Miami was the victim of a cyber-attack and now subsequent ransom request. The news was first reported by Bleepingcomputer.com.

University of Northampton ‘severely impacted’ by cyber attack (Computing) Latest in a series of attacks on educational establishments

PPS works to restore full functionality after cyber attack (ITWeb) Two weeks after falling victim to a cyber attack, the Professional Provident Society says full functionality of its IT systems is gradually being reinstated.

Air Charter Firm Solairus Aviation Suffers Data Breach (SecurityWeek) Private aviation services provider Solairus Aviation says employee and client data was stolen in a security incident involving a third-party vendor.

FatFace tells customers to keep its data breach ‘strictly private’ (TechCrunch) Employees had their National Insurance numbers and bank account details taken.

Cyber Trends

IoT malware attacks worldwide surge by 66% to over 50 million in 2020 (Atlas VPN) From wearables and baby monitors to defibrillators and industrial robots — Internet of Things (IoT) devices are slowly taking over our lives both in personal and business settings. However, so are cyber threats related to these devices.

The state of Office 365 backup (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.

Bolster Research Shows Cryptocurrency Scams Nearly Doubled in 2020 and Forecasts More This Year  (BusinessWire) Bolster, a deep learning-powered, next generation fraud prevention company, today announced key findings in their first annual, ground-breaking Crypto

Cryptocurrency is going mainstream, so are the scams (Bolster Blog) Seems every day there is another headline about cryptocurrency and the hold it’s now rapidly taking on Wall Street and Main Street. Take for example this recent assessment of Bitcoin (BTC-USD) by investment bank Citi—“With the recent embrace of the likes of Tesla Inc and Mastercard Inc, Bitcoin could be at the start of a ‘massive transformation’ into the mainstream.”

Source Defense Unveils Website Trust & Client-side Security Report (PR Newswire) Source Defense, the market leader in client-side web security, today released its 2021 Website Trust & Client-side Security Report. This new…

[Industry Report] Website Trust & Client-side Web Security Report (Source Defense) The key takeaways from the Source Defense 2021 Website Trust Survey performed on a wide audience, emphasize that companies who ask customers to complete online forms are responsible for protecting the information – and brand reputation and loyalty is at stake.

15.5 lakh cyber security incidents in 2019, 2020, Govt tells Lok Sabha (The New Indian Express) According to the information reported to and tracked by the CERT-In, 3,94,499 and 11,58,208 cyber security incidents were observed during 2019 and 2020, respectively.

India saw nearly 200% surge in cyber-attacks in 2020, Union govt tells Parliament (The News Minute) India experienced a sharp increase in cyber attacks, by nearly 200%, last year amid the COVID-19 pandemic. Over 1.5 million cybersecurity incidents were reported in the last two years and 1.15 million of them were recorded in 2020 alone, the government informed the Lok Sabha on Tuesday. According to the information reported to and tracked by the CERT-In, 394,499 and 1,158,208 cybersecurity incidents were observed during 2019 and 2020, respectively. This represents almost a two-fold increase in cybersecurity incidents over the last two years.

Businesses urged to act as two in five experience cyber attacks in the last year (East Midlands Business Link) Two in five businesses (39%) report having cyber security breaches or attacks in the last 12 months, according to new figures.

Are disrupted employees a new cybersecurity threat? (Security Magazine) Another challenge is the new home office, where spouses may be working remotely, often alongside their children attending school online. Home networks lack typical protections and bifurcations of the corporate office and may be prone to attacks using lateral movement techniques.


Ketch raises $23M to automate privacy and data compliance (TechCrunch) Ketch, a startup aiming to help businesses navigate the increasingly complex world of online privacy regulation and data compliance, is announcing that it has raised $23 million in Series A funding. The company is also officially coming out of stealth. I actually wrote about Ketch’s free Priv…

Morphisec Raises $31M Funding Led by JVP to Enable Every Business to S (PRWeb) BE’ER SHEVA, Israel and BOSTON (PRWEB) March 25, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced that it raised $31 million in funding led by J

Kroll Expands Cyber Risk Offering with Acquisition of Redscan (Duff & Phelps) Kroll acquires Redscan expanding Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources. Read more

Clearlake Capital and TA Associates-Backed Ivanti Closes Acquisition of Cherwell to Deliver Personalized Employee Experiences in the Everywhere Workplace (BusinessWire) Ivanti, Inc., the automation platform that makes every IT connection smarter and more secure, backed by Clearlake Capital Group, L.P. (together with i

Trava Secures $3.5M in Seed Funding (Trava) TDF Ventures, High Alpha Capital, and M25 invest in Trava’s integrated cyber platform.

Huawei first tech company in cyber response team of Islamic countries’ grouping (Gulf News) Chinese telecom giants’s name was sponsored by UAE and Malaysia entities

Huawei Joins Global Cyber Security Platform To Provide Expertise in Cyber Crisis Management (Albawaba) Huawei has officially joined the Organisation of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT), a leading international cyber security platform.

ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar (Threatpost) CEO says Apple rejected a security update needed to protect human-rights abuse evidence.

Apple blocks Proton updates when Myanmar users need them most (ProtonVPN Blog) Myanmar citizens have used Proton tools to communicate securely and access the truth. But Apple has blocked us from sending out important app updates.

Venafi Machine Identity Management Fund Doubles the Number of Developer Projects in 2020 (BusinessWire) New global technology leaders that joined the fund include Akeyless, Anjuna Security, OpenFaaS, Sidechain Security, Service Rocket and more

Nutanix software transition tops new CEO’s to-do list (SearchStorage) Rajiv Ramaswami left VMware to take the helm at Nutanix. VMware now is suing him for breach of contract, as the two vendors fight for market dominance.

CTERA Networks accelerates its expansion (Information Age) The rise of remote branch and work offices due to Covid-19 has confirmed the success of CTERA Network’s edge approach

Commit Expands Into North America Under the Leadership of CRO & Managing Director, Max Nirenberg (BusinessWire) Commit, the leading Israeli-based global tech and custom software solutions firm is expanding into North America. Commit USA is led by Max Nirenberg.

Gordon Hurst to become Chair of Darktrace (PR Newswire) Darktrace, a leading autonomous cyber security AI company, today announced that Gordon Hurst will succeed Robert Webb QC as Chair. Gordon has…

IRONSCALES Announces Addition of Moshe Lerner to Advisory Board (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced that experienced senior executive, Moshe Lerner has been appointed to

Products, Services, and Solutions

Byos Announces Partnership With Insight Enterprises Inc. (BusinessWire) Byos Announces partnership with Insight Enterprises Inc. for sales of Byos Inc. family of patented plug-and-play Secure Endpoint Edge solutions

Motorola announces partnership with Zimperium, enabling mobile threat defense for B2B customers on its ThinkShield for mobile platform (Zimperium) Motorola and Zimperium, one of the global leaders in mobile security, announced a partnership to provide B2B customers with industry-leading mobile threat defense (MTD) through the ThinkShield for mobile platform. Security has always been at the core of what Motorola does, and by adding this Zimperium solution to its portfolio, Motorola is offering world-leading, business-grade security on Motorola devices secured by ThinkShield for mobile.

Fondeadora Selects AU10TIX For Automated Identity Verification Services (PR Newswire) Fondeadora, Mexico’s fastest-growing challenger bank, today announced that it has selected AU10TIX, the global leader in identity verification,…

Centre Expands Into Cybersecurity With CMMC-AB RPO Designation And New Hire (ITNewsOnline) Centre Expands Into Cybersecurity With CMMC-AB RPO Designation And New Hire

Check Point CloudGuard Network Security now integrates with Oracle Cloud Infrastructure’s new Flexible Network Load Balancer (Check Point Software) Jeff Engel Cloud Alliance Engineering Check Point is thrilled to announce support for Oracle Cloud Infrastructure’s new Flexible Network Load Balancer

IBM Rolls Out Hybrid Cloud Security Services Suite (SDxCentral) IBM Security rolled out a suite of new services that aim to unify security policy and controls across customers’ hybrid cloud environments.

TCS lance une plateforme automatisée de correction des vulnérabilités pour aider les entreprises à se prémunir des cyber-risques (Global Security Mag Online) Tata Consultancy Services dévoile sa plateforme SaaS de correction automatisée des vulnérabilités destinée à aider les entreprises à lutter par anticipation contre le risque d’attaques malveillantes. Cette plateforme permet à la fois l’identification mais aussi la hiérarchisation des vulnérabilités à partir des bibliothèques de logiciels de TCS pour une correction proactive de ces vulnérabilités.

How Sydney’s TribeTech resells quantum computing-powered services (CRN Australia) Through systems rented from major cloud providers.

Constella Introduces Surface Web Data to Bolster Intelligence API Offering (Constella) Constella Intelligence, a leading global Digital Risk Protection company, today announced that the Company’s API now includes surface …

StrongKey Announces Passwordless Single Sign-on to Extend the Value of Its Open Source FIDO Server (PR Newswire) StrongKey, the leader in open source authentication and encryption solutions, announced the availability of single sign-on (SSO) capabilities…

MITRE Engenuity and Cybrary Partner to Offer First-Ever MITRE ATT&CK® Training and Certification Product (PR Newswire) Cybrary, the world’s largest online cybersecurity professional development platform, and MITRE Engenuity, MITRE’s tech foundation for public…

Data Theorem Launches Industry’s First App-Aware Full Stack Cloud Security Product Protecting Cloud-Native Apps, API Services and Serverless Cloud Functions (BusinessWire) Data Theorem, Inc., a leading provider of modern application security, today introduced Cloud Secure, the industry’s first application-aware full stac

Threat Stack Announces Enhanced Security Analytics to Proactively Identify Risk and Speed Remediation (BusinessWire) Threat Stack today announced the Threat Stack Cloud Security Platform now offers new security analytics.

Tableau releases first integration with Einstein Analytics (SearchBusinessAnalytics) Nearly two years after Salesforce acquired Tableau, the first analytics integration between the two was unveiled on March 23 with Einstein Discovery now available in Tableau.

Technologies, Techniques, and Standards

Differential Privacy for Complex Data: Answering Queries Across Multiple Data Tables (NIST) So far in this blog series, we have discussed the challenges of ensuring differential privacy for queries over a single database table. In practice, however, databases are often organized into multiple tables, and queries over the data involve joins between these tables. In this post, we discuss the additional challenges of differential privacy for queries with joins, and describe some of the solutions for this setting.

How to Create a Successful Incident Response Plan (EC-Council Official Blog) Organizations need a dedicated incident response team along with a well-documented incident response plan that can help them overcome a data breach as soon as possible. Find out how to craft the perfect plan and keep attacks at bay.

What Are the Different Ways to Establish a Successful IR Plan? (EC-Council Official Blog) Regardless of the size of your business and the industry it operates in, your organization needs to have an effective cybersecurity incident response plan. Learn how to create one in this blog.

Blurring Boundaries: Keeping ‘Consumer’ Scams Out of the Business Environment (Infosecurity Magazine) Every business should act now to safeguard themselves and mitigate the impact of an attack

A new resolution: Course-correct any rushed pandemic-driven decisions (Security Magazine) In 2020, organizations fast-tracked digital transformation and cloud migrations to provide remote capabilities to employees, customers and overall processes. Many times, these programs were started without a proper threat landscape analysis. In 2021, it’s important to revisit any rushed decisions made in 2020 that could impact a company’s digital footprint and cybersecurity. 

Here’s the secret for managing cyber vulnerabilities with limited resources (ITProPortal) Learn how to provide truly optimal protection for your organization’s crown jewel assets.

The 7 deadly sins of records retention (CSO Online) Record retention is both a fact of life and a growing headache for organizations burdened by a spiraling number of regulations and legal obligations. Here are worst (and best) practices for securing data and documents.

Quelle gestion des risques pour les entreprises dites sensibles ? (Global Security Mag Online) Pour Philippe Gillet, CTO de Gatewatcher, les entreprises dont le secteur est souverain ou plus largement sensible doivent se préparer aux risques en ayant conscience des différents types de menaces. Anticiper semble être la seule solution possible.

Webcast: OPSEC Fundamentals for Remote Red Teams (Black Hills Information Security) During remote red team exercises, it can be difficult to keep from leaking information to the target organization’s security team. Every interaction with the target’s website, every email sent, and every network service probed leaves some trace that the red team was there. Mature blue teams can correlate those pieces of information to identify red […]

Legislation, Policy and Regulation

How to reverse three decades of escalating cyber conflict (Atlantic Council) Cyber conflict has not escalated from a fight inside its space to a more traditional armed attack. This happy state may not last.

Facebook’s Zuckerberg set to argue for tweaks to liability protection (SeekingAlpha) Facebook (FB) CEO Mark Zuckerberg is set to argue for “thoughtful reform” of protections that tech platforms enjoy from liability for posting content when he speaks…

Zuckerberg suggests how to tweak tech’s liability shield (Axios) Zuckerberg wants to make protections for unlawful content conditional on platforms’ ability to meet best practices.

Testimony of Mark Zuckerberg Facebook, Inc. [remarks as prepared] (US House of Representatives) Hearing Before the United States House of Representatives Committee on Energy and Commerce Subcommittees on Consumer Protection & Commerce and Communications & Technology March 25, 2021 Testimony of Mark Zuckerberg Facebook, Inc. I want to start by extending my deepest condolences to the families of the Capitol police officers who lost their lives in the wake of January 6 and my appreciation to the many officers who put themselves at risk to protect you.

New Recommendations to the Biden Administration: NYU and Harvard Centers, With Other Experts, Advise White House on Countering Disinformation (NYU Stern Center for Business and Human Rights) Proposals for new regulation of social media giants and limits on Section 230 liability protection come just days before March 25 hearing on Capitol Hill, where CEOs of Facebook, Twitter, and Google will face tough questioning about harmful content

Recommendations to the Biden Administration On Regulating Disinformation and Other Harmful Content on Social Media (Harvard Kennedy School Mossavar-Rahmani Center for Business and Government, NYU Stern Center for Business and Human Rights) This white paper recommends a range of steps the Biden Administration should take to counter disinformation and other harmful content on major social media platforms. In recent years, the spread of disinformation online has eroded crucial democratic institutions and discourse, especially in connection with elections and with disproportionate impact on underrepresented communities. The Administration should move swiftly to address this threat in a variety of ways.

Making the National Cyber Director Operational With a National Cyber Defense Center (Lawfare) Without a National Cyber Defense Center, the Office of the National Cyber Director will fail to move the needle in improving the U.S. cybersecurity posture.

Biden Moving Slowly in Filling Key National-Security Posts (Wall Street Journal) While the White House quickly chose leaders for the Pentagon, State Department and major intelligence agencies, top officials handling much of the day-to-day work on security matters haven’t been nominated.

Lawmakers Want to Know Where Buck Stops in Cyber (Bloomberg) Hi, this is Alyza on the cybersecurity team. U.S. lawmakers are looking for someone to blame. Recent major cyber-attacks have blindsided U.S. companies and officials. But unlike, say, a terrorist bombing or a more pedestrian crime, it’s not clear which government agencies are responsible for the attacks’ prevention and cleanup.

Public-Private Partnership is ‘Critical’ to Cybersecurity (Meritalk) Preventing cyberattacks is more important than ever and the National Security Agency’s (NSA) Cybersecurity Collaboration Center is working with government and industry partners to share information and tackle cybersecurity as a “team sport.”

Lawmakers reintroduce legislation to secure internet-connected devices (TheHill) Sen. Ed Markey (D-Mass.) and Rep. Ted Lieu (D-Calif.) on Wednesday again rolled out legislation intended to help secure internet-connected devices and increase consumer confidence in them. 

The Pentagon could help improve resilience of the US electric grid (Defense News) A strategic enterprise approach across U.S. military installations in partnership with electric utilities could potentially enhance grid stability and resilience, benefiting national security.

Finally, let me just add that geoFence is the solution for blocking NFCC countries and I know your father would feel the same!

Leave a Reply

Your email address will not be published. Required fields are marked *