White House Unveils 100-Day Sprint to Better Power Grid Security
REvil gang demands $50 million ransom from Apple/Quanta, Hackers exploit Pulse VPN vulnerabilities to breach U.S. gov't and defense contractor systems, SonicWall flaws exploit by a hacking group, more
Don’t miss out on our special content and offers, and gain access to our archives by becoming a premium subscriber today!
The White House finally unveiled its 100-day plan to protect the U.S. power grid from cyberattacks which include a series of consultations between utilities and the government that will likely take years to implement.
The goal of the plan is to “continue to advance technologies and systems that will provide cyber visibility, detection, and response capabilities for industrial control systems of electric utilities,” according to the Department of Energy (DOE), which is in charge of the initiative. DOE released a new Request for Information (RFI) to “seek input from electric utilities, energy companies, academia, research laboratories, government agencies, and other stakeholders to inform future recommendations for supply chain security in U.S. energy systems.”
After suspending an executive order by the Trump Administration, EO 13920, that banned the supply of electric power components from certain foreign adversaries, particularly China, that order has now resumed effect under Biden’s new EO. (Michael Riley and Jamie Tarabay / Bloomberg)
Related: TIME, Defense Daily Network, Circle ID, Defense Daily, Industrial Cyber, Dark Reading: Threat Intelligence, Nextgov, InsideDefense.com, The Hill: Cybersecurity, Energy.gov, Dale Peterson, The Record by Recorded Future, Homeland Security Today, InsideCyberSecurity.com, Cyberscoop, UPI.com, Tripwire, TIME, Industrial Cyber, Nextgov, WGRZ - News, TribLIVE Today's Stories, Tech Xplore, Courthouse News Service, Stars and Stripes, WSJ Pro - Cybersecurity - Home, DataBreachToday.com, CNN.com
The REvil ransomware gang is demanding that Apple pay a ransom demand to avoid having leaked on the dark web confidential information that it allegedly stole from laptop maker Quanta Computer.
The gang posted 21 screenshots depicting Macbook schematics and threatened to publish new data every day until Apple or Quanta paid the ransom demand. One source says that the hackers asked for a $50 million ransom demand, similar to the sum they requested from laptop maker Acer last month. (Catalin Cimpanu / The Record)
Related: Gizmodo, HackRead, The Record, Bloomberg, CNA ENGLISH NEWS, The Register - Security, TechCentral, IGN All, DataBreachToday.com, Techradar, Macworld, Cyber Kendra, Trusted Reviews, Tech - Nikkei Asian Review, Business Insider, AppleInsider, SiliconANGLE, TechDator
Cybersecurity firm FireEye and VPN appliance maker Pulse Secure announced that two hacking groups, including at least one confirmed Chinese cyber-espionage outfit, have used a new zero-day vulnerability in Pulse Secure VPN equipment to get inside U.S. defense contractors and government facilities across the world.
The attacks, which exploited old Pulse Secure vulnerabilities plus one new zero-day flaw, began in August 2020, when the first group, which FireEye tracks as UNC2630, began targeting US defense contractors and European organizations. The attacks took over the Pulse devices, installing one of seven malware strains that acted as web shells and backdoors into the hacked organization. The attacks expanded in October 2020, when a second group, which FireEye named UNC2717, began using the same techniques and zero-day to install their own malware set.
Ivanti, the company behind the Pulse Secure VPN brand, issued temporary mitigations to deal with the attacks, with a final fix slated for May. DHS issued an emergency directive ordering all federal agencies to patch their Pulse Secure appliances by Friday. (Catalin Cimpanu / The Record)
Related: Reddit - cybersecurity, ComputerWeekly: IT security, Cisco Blog, Dark Reading, FCW, The Register - Security, The Hill: Cybersecurity, Cyberscoop, Bleeping Computer, Reuters: World News, MSSP Alert, Law & Disorder – Ars Technica,HotHardware.com, Tenable Blog, CERT Recently Published Vulnerability Notes, Slashdot, SC Magazine, ETTelecom.com, Reuters, FireEye, Pulse Secure, CSO Online, Breaking Defense, Business Insider, TechTarget, TechNadu, Cyber Kendra, GRIMM Blog, IT Pro, GovernmentCyber.com, Security Affairs, Infosecurity Magazine, Technology Decisions, DataBreachToday.com, SiliconANGLE, The Hacker News, Help Net Security
FireEye analysts first discovered in March 2021 that a hacking group had used three zero-day vulnerabilities impacting SonicWall products to breach corporate networks and install backdoors.
The hackers targeted SonicWall ES, an email security appliance that companies use in a cloud-hosted or on-premises format to scan email traffic for security threats. SonicWall released three patches for the flaws last week but failed to release information about their severity. (Catalin Cimpanu / The Record)
On the heels of major data security breaches of users’ Facebook accounts, which the social media giant has attempted to portray as nothing more than mere data scraping, someone has released a tool that lets a user see which email address is linked to a Facebook account even if the Facebook user didn't publicly advertise their address.
Facebook admits that the video display a genuine bug, which the company says it overlooked by closing a bug bounty report too soon. (Joseph Cox / Motherboard)
Related: BBC News, TechNadu, CyberNews, The Register - Security, Privacy News Online, The New Daily, CISO MAG, BGR, Pocket-lint, BusinessLine - Home, Tech.Co, Web Pro News, PogoWasRight.org, DataBreaches.net, ZDNet Security, Business Insider, The Tribune
Group IB estimates that Lazarus' profits from the use of crypto-stealing JS-sniffers at 0.89993859 BTC ($8,446,55 at the moment of the transaction and $52,611 as of April 9, 2021) and 4.384719 ETH ($9,047 as of April 9, 2021). (Ionut Ilascu / Bleeping Computer)
Video app TikTok and its Chinese parent ByteDance might face monetary damages worth billions of pounds (dollars) in London's High Court over allegations they illegally harvested the private data of millions of European children.
Anne Longfield, the former Children's Commissioner for England, said that every child who has used TikTok since May 25, 2018, may have had private personal information illegally collected by ByteDance through TikTok for the benefit of unknown third parties. In a lawsuit, Longfield alleges that TikTok violated the UK and European Union data protection laws by processing youngsters' data without adequate security measures, transparency, the consent of guardians, or legitimate interest. (Kirstin Ridley / Reuters)
Researchers at ESET warn that attackers promote sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers.
Users tricked into visiting the fake store receive an automatically downloaded file called the 'Ficker'’ or 'FickerStealer,' which is information-stealing malware in disguise. In addition to stealing passwords, the malware can steal over fifteen cryptocurrency wallets, swipe documents, and take screenshots of the active applications running on victims' computers. (Lawrence Abrams / Bleeping Computer)
The latest research by Trend Micro shows that a Mac malware campaign targeting Xcode developers called XCSSET has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps.
The malware now further attempts to steal account information from multiple websites, including cryptocurrency trading platforms Huobi, Binance, NNCall.net, Envato, and 163.com, with abilities to replace the address in a user's cryptocurrency wallet with those under the attacker's control. (Ravie Lakshmanan / The Hacker News)
Third-party SaaS applications visibility provider Grip Security landed $6 million in a seed funding round.
The round was led by cybersecurity-focused YL Ventures, with participation from CrowdStrike CEO and co-founder George Kurtz and a group of other angel investors with deep roots in the cybersecurity industry. (Frederic Lardinois / TechCrunch)
Privacy-preserving platform company Cape Privacy raised $20 million in a Series A venture funding round.
Evolution Equity Partners led the round with participation from new investors Tiger Global Management, Ridgeline Partners, and Downing Lane. Existing investors Boldstart Ventures, Version One Ventures, Haystack, Radical Ventures, and many individual investors also participated. (Ron Miller / TechCrunch)