Jen Easterly Confirmed as Head of CISA
Solar Winds patches zero-day flaw, Trickbot comes back from take-down, Guess notifies customers of data breach, Kaseya finishes issuing patches, Scheider Electric flaw could allow takeover, more
 |
Know someone who would benefit from a premium subscription to Metacurity? Given them a gift subscription today!
Following an eight-month leadership void during a time of damaging cybersecurity crises, the Senate finally confirmed Jen Easterly to lead the Cybersecurity and Infrastructure Security Agency.
Lawmakers unanimously voted to make Easterly only the second person to head the 2,500-employee agency responsible for protecting federal networks and offering security advice to critical infrastructure operators, small businesses, and local governments.(Eric Geller / Politico)
Related: ZDNet Security, DataBreachToday.com, Homeland Security Today, DHS.gov, Inside Cybersecurity, CNN, Engadget
Senate Cloakroom @SenateCloakroom
Confirmed by voice vote: Executive Calendar #176 Jen Easterly to be Director of the Cybersecurity and Infrastructure Security Agency, Department of Homeland Security. @DHSgov
Senate Cloakroom @SenateCloakroom
Confirmed by voice vote: Executive Calendar #176 Jen Easterly to be Director of the Cybersecurity and Infrastructure Security Agency, Department of Homeland Security. @DHSgovUS software company SolarWinds released security updates to patch a zero-day flaw in its Serv-U file transferring technology that has been actively exploited in the wild.
Microsoft discovered the vulnerability, a remote code execution (RCE) bug that can be exploited via the SSH protocol to run malicious code with elevated privileges on SolarWinds applications. (Catalin Cimpanu / The Record)
Related: IT Pro, SiliconANGLE, DataBreachToday.com, The Hacker News, NDTV Gadgets360.com, MSSP Alert, Heimdal Security Blog, Candid.Technology, Help Net Security, Verdict
Facebook-owned messaging app WhatsApp is facing a barrage of complaints by the European Consumer Organisation and other watchdogs over its controversial privacy policy update that allows the app to share data with Facebook and other organizations.
The European Consumer Organisation (BEUC) and eight members criticized the changes. They filed complaints with the European Commission and the European network of consumer authorities, saying WhatsApp was unfairly pressuring users to accept its new policies. (Fon Yun Chee / Reuters)
Related: Tech Xplore, Associated Press Technology, The Independent, EL PAÍS, The Seattle Times, Silicon Republic, Telecomlive.com, DAILYSABAH, ET news, DIGIT, Natasha Lomas – TechCrunch, Gadgets Now, IT Pro, Channel, EURACTIV.com, NDTV Gadgets360.com, SecurityWeek, Engadget
Researchers at Bitdefender say that Russian-speaking threat group Trickbot, named after the malware it uses, has rebuilt much of its infrastructure in response to a Department of Defense take-down last fall to prevent disruptions ahead of the 2020 elections.
Bitdefender researchers say that the group has recently upgraded a tool that helps them remotely control victims’ computers called a VNC module and leverage the tool to plot what appears to be its next massive operation. (Shannon Vavra / Daily Beast)
Related: Security News | Tech Times, The Hacker News, The Verge, Gizmodo, Bitdefender
American fashion brand retailer Guess notified affected customers that it was the victim of a data breach between February 2, 2021, and February 23, 2021.
Guess told affected customers that "The investigation determined that Social Security numbers, driver's license numbers, passport numbers and/or financial account numbers may have been accessed or acquired." The company offers complimentary identity theft protection services and one year of free credit monitoring through Experian to all impacted individuals. (Sergiu Gatlan / Bleeping Computer)
Related: ZDNet Security, Security News | Tech Times, PYMNTS.com, Security Affairs, SecurityWeek, Databreaches.net, Silicon Angle
Software provider Kaseya made good on its promise to issue patches by July 11 for three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.
The company said that all of its software-as-a-service (SaaS) customers were back up as of this morning, while the company was still working to restore on-premises customers that needed help. (Lisa Vaas / Threatpost)
Related: IT Pro, The Hacker News, RBS, Big News Network, Heimdal Security Blog, HackRead, Security Affairs, CRN, Threatpost, The Register - Security, DataBreachToday.com, Softpedia News, E Hacking News, Secplicity – Security Simplified, Check Point Research, SecurityWeek, HackRead, Malwarebytes Labs, E Hacking News, Kaseya
Researchers at Armis said that a vulnerability in ICS supplier Schneider Electric’s popular control systems could allow hackers to control those systems.
The vulnerability would allow attackers to hijack a command that would leak a password hash from Schneider’s memory Modicon programmable logic controllers (PLCs), giving them remote authentication to change PLC commands. The attack, however, requires the attackers first to gain network access. (Tonya Jo Riley / Cyberscoop)
Related: The Register - Security, TechRepublic, Help Net Security, CSO Online, Armis
London-based Financial Stability Board (FSB), which coordinates financial rules for the G20 group of nations, says that pandemic-induced remote working opened up new possibilities for cyberattacks.
"Financial institutions have generally been resilient, but they may need to consider adjustments to cyber risk management processes, cyber incident reporting, response and recovery activities, as well as management of critical third-party service providers, for example, cloud services," the FSB said. (Huw Jones / Reuters)
Related:ETTelecom.com, Business Standard, Telecomlive.com, City AM
Researchers at Proofpoint say that Iranian hackers with links to the country's Islamic Revolutionary Guard Corps, called Charming Kitten or TA453, impersonated two academics in an attempt to hack journalists, think tank analysts, and other academics.
In early 2021, the hackers sent emails to targets pretending to be Dr. Hanns Bjoern Kendel and Dr. Tolga Sinmazdemir, who both teach international relations focusing on the Middle East at the School of Oriental and African Studies (SOAS) University of London. The hackers’ goal was to steal targets' passwords by controlling real web pages linked to SOAS and inserting malicious login buttons for Google, Yahoo, Microsoft, Outlook, AOL, and Facebook. (Lorenzo Franceschi-Bicchierai / Motherboard)
Related: Proofpoint
Red team hacking exercises conducted by the NSW Auditor-General revealed “significant weaknesses” in the cybersecurity schemes Sydney Trains and Transport for NSW.
“Transport for NSW and Sydney Trains are not effectively managing their cybersecurity risks,” Auditor-General Margaret Crawford wrote in the report. (Anton Nilsson / NCA NewsWire)
Iranian aviation tycoon Farhad Azima filed a draft legal claim in the UK alleging that a former partner at Philadelphia-based law firm Dechert LLP helped direct Indian hackers to steal his emails as his relationship with Ras Al Khaimah Investment Authority (RAKIA) soured.
Azima says that RAKIA, a Dechert client, used the stolen emails to win a $4 million-plus fraud judgment against him in a British court. In March, a UK court of appeals reversed a lower court ruling and said that Azima could retry his claims against the law firm. (Raphael Satter / Reuters)
Related: Reuters
China’s Ministry of Industry and Information Technology said it had issued a draft three-year action plan to develop its cyber-security industry.
The plan is being unveiled at the same time Beijing tightens its grip on the country's technology sector, signaled by its regulatory probe of U.S.-traded ride-hailing giant Didi Global. (Voice of America)
Related: Big News Network, Reuters: World News, Al Bawaba, Telecomlive.com, Economic Times, Engadget, ThreatQuotient, DIGIT, Devdiscourse News Desk
Secure access service edge (SASE) provider Netskope announced closing a $300 million investment round.
ICONIQ Growth led the oversubscribed insider investment, joined by other existing investors, including Lightspeed Venture Partners, Accel, Sequoia Capital Global Equities, Base Partners, Sapphire Ventures, and Geodesic Capital. (Christine Hall / TechCrunch)
Related: SecurityWeek, Fortune, Reuters, Fierce Telecom, Pulse 2.0
Argentina-based fraud and identity protection company VU announced it had landed $12 million in Series B venture funding.
Investors in the round include Globant and Agrega Partners, NXTP Ventures, Bridge One, the IDB Lab, and Telefónica. (Christine Hall / TechCrunch)
Related: Investsize
Quantexa, an AI-based solutions company that develops systems to help detect and stop money laundering, fraud, and other illicit activity, has raised $153 million in a Series D investment round.
Warburg Pincus led the round, with existing backers Dawn Capital, AlbionVC, Evolution Equity Partners (a specialist cybersecurity VC), HSBC, ABN AMRO Ventures, and British Patient Capital also participating. (Ingrid Lunden / TechCrunch)
Related: PR Newswire