Former DoD Chief Software Officer Says U.S. Failure to Respond to Chinese Cyber, Other Threats Means We Have 'No Fighting Chance'

Scotland's biggest engineering firm hit by cyberattack, NSA warns of wildcard TLS certificates and new ALPACA TLS attack, Twitch defaced with Bezos picture, Cox Media suffered ransomware attack, more

The Pentagon’s first chief software officer Nicolas Chaillan told the Financial Times he resigned from his post at the Department of Defense due to the failure of the U.S. to respond to Chinese cyber and other threats that are putting his children’s future at risk.

“We have no competing fighting chance against China in 15 to 20 years. Right now, it’s already a done deal; it is already over in my opinion,” he said, adding there was “good reason to be angry.” He also said that U.S. cyber defenses in some government departments were at “kindergarten level.” Chaillan plans to testify to Congress about the Chinese cyber threat to U.S. supremacy, including in classified briefings, over the coming weeks. (Katrina Manson / Financial Times)

Related: DAILYSABAH, Business Insider, BusinessWorld, Cybersecurity| Reuters.com, Deutsche Welle, Jerusalem Post, RT USA, Asia One World, Satellite Today

One of Scotland's most prominent engineering firms, Weir, was hit last month by a"sophisticated" attack and had been forced to delay shipments worth more than £50 million (around $68 million) in revenue.

The company said its engineering applications “are now restored on a partial basis, and other applications are being brought back online in a progressive manner in order of business priority.” (BBC News)

Related: City Wire, Bleeping Computer, Enterprise Times

Share Metacurity

Following a massive breach and leak of its entire system, Amazon-owned Twitch’s website pages were defaced with a picture of Amazon founder Jeff Bezos.

It’s unclear how the background images were changed or whether the security breach aided this latest incident. (Tom Warren / The Verge)

Related: Forbes, Bleeping Computer, Digital Journal, CNN.com, The Register - Security, Cyberscoop, Digital Journal, HackRead

A Navy nuclear engineer and his wife, Jonathan and Diana Toebbe, have been charged with repeatedly trying to pass secrets about U.S. nuclear submarines to a foreign country, asking for $100,000 in payment during encrypted communications with what they thought was a foreign power but was instead the FBI.

The FBI strung the couple along with cryptocurrency payments arranged via a series of “dead-drops.” One package that Toebbe left behind at one of the drops contained a 16-gigabyte data card that “was wrapped in plastic and placed between two slices of bread on a half of a peanut butter sandwich.” They hid another data card in a chewing gum package. After receiving $70,000 in cryptocurrency, Toebbe provided a decryption key to read the contents of one of the data cards. (Devlin Barrett and Martin Weil / Washington Post)

Related: Security News | Tech Times, City A.M. - Technology, The Register - Security, ZDNet Security, Justice.gov, Justice.gov

Get 50% off for 1 year

Analysts from ESET said they uncovered a new malware strain, called FontOnLake, that targets Linux systems. Based on current evidence, they believe was the malware was used in a handful of targeted attacks.

Typical of targeted attacks where operators take down their infrastructure after achieving their objectives, the command and control servers of the FontOnLake malware operators are now down. (Catalin Cimpanu / The Record)

Related: Digital Information World, Security Week, Sensors Tech Forum

The National Security Agency (NSA) has issued a technical advisory this week warning organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack.

The NSA urged organizations to secure servers against scenarios where attackers could access and decrypt encrypted web traffic. (Catalin Cimpanu / The Record)

Related: NSA, Security Week

In an effort led by the National Economic Council and the National Security Council, the Biden administration is weighing an executive order on cryptocurrencies as part of an effort to set up a government-wide approach. The order would charge federal agencies to study and offer recommendations on relevant areas of the new digital currencies.

The goal is to coordinate work on digital currencies throughout the executive branch, with the idea of creating a “crypto czar” position in the White House, sources said. (Jennifer Epstein and Benjamin Bain / Bloomberg)

Related: Reuters

In data breach notification letters sent via U.S. Mail to over 800 impacted individuals, Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live T.V. and radio broadcast streams in June 2021.

Personal information exposed during the attack includes names, addresses, Social Security numbers, financial account numbers, health insurance information, health insurance policy numbers, medical condition information, medical diagnosis information, and online user credentials stored for human resource management purposes. (Sergiu Gatlan / Bleeping Computer)

Related: Security Affairs, DataBreaches.net, The Record

Pegasus surveillance software made by Israeli spyware company NSO is no longer effective against U.K. numbers, sources familiar with the software’s developer said.

The company implemented a change preventing client countries from targeting +44 numbers after discovering that Dubai leader Sheikh Mohammed bin Rashid al-Maktoum used Pegasus to hack into mobile phones belonging to Princess Haya and her divorce lawyer Fiona Shackleton.

Related: PogoWasRight.org, Sputnik News, Times of Israel, The Register - Security, Computing.co.uk

Researchers at cloud infrastructure security company Ermetic say the “dozens of environments” they surveyed had identities with a risk factor as well as the ability to perform ransomware on at least 90% of the buckets in an AWS account.

They also found that more than 70% of the environments had machines publicly exposed to the internet and identities whose permissions let the exposed machines perform ransomware. They also found that more than 45% of the environments had third-party identities with the ability to perform ransomware by elevating their privileges to the admin level. (Steve Zurier / S.C. Magazine)

Related: WebProNews, Ermetic

Follow Us on Twitter

In a seed funding round, New Zealand cyber security education company SafeStack Academy raised 2.3 million New Zealand dollars (around $1.6 million U.S. dollars).

Sydney VC Jelix Ventures led the round alongside trans-Tasman investors, including Carthona Capital, N.Z. VC K1W1 and the country’s growth capital fund, NZGCP. (Simon Thomsen / Startup Daily)

Photo by wu yi on Unsplash