This Version of Metacurity is on Hiatus While We Move to a New Format

While Metacurity has been a wonderful challenge over the past five years, it makes no financial sense in its current format. Therefore, we are going on hiatus until after Labor Day to create a new newsletter version of Metacurity. We are also going to set up an automated page, behind a paywall, that is lightly edited, with no original summaries, updated once per day, offering the same curated and clustered cybersecurity news developments you’ve come to expect from the site. Thanks to our smart and steady readers out there and sign up for our updates. Read more about this development here.
http://dlvr.it/RdMLDC

Online Exam Proctoring Company ProctorU Has Confirmed Data Breach, 440,000 People Allegedly Affected

Online exam proctoring solution ProctorU has confirmed a data breach after a threat actor released a stolen database of user records on a hacker forum. Last month, Bleeping Computer reported that a known data breach seller had leaked 18 company’s databases for free on a hacker forum. One of the leaked databases was for Proctoru.com and contains user records for 444,000 people allegedly registered at the online proctoring service. The database contains email addresses, full names, addresses, phone numbers, hashed passwords, the affiliated organization, and other information. Some of the colleges and universities that may be impacted are North Virginia Community College, UCLA, Princeton, University of Texas, Harvard, Yale, Syracuse University, Columbia, UC Davis, and many more.
http://dlvr.it/RdK1G2

Chinese Government is Blocking Encrypted HTTPS Connections That Use TLS 1.3 and ESNI

Since the end of July, the Chinese government has deployed an update to its national censorship tool, the Great Firewall (GFW), to block encrypted HTTPS connections that are being set up using interception-proof protocols and technologies, according to a joint report published this week by three organizations tracking Chinese censorship — iYouPort, the University of Maryland, and the Great Firewall Report. Chinese officials are only targeting HTTPS traffic that is set up with new technologies like TLS 1.3 and ESNI (Encrypted Server Name Indication).
http://dlvr.it/RdJHrz

Small Government Contractor Anomaly Six Can Track Movements of Hundreds of Millions of Mobile Phones Worldwide, Draw Location Data From More Than 500 Apps

A small U.S. company called Anomaly Six LLC with ties to the U.S. defense and intelligence communities has embedded its software in numerous mobile apps, allowing it to track the movements of hundreds of millions of mobile phones worldwide, according to interviews and documents reviewed by The Wall Street Journal. In its marketing material, Anomaly said it is able to draw location data from more than 500 mobile applications, in part through its own software development kit, or SDK, that is embedded directly in some of the apps.
http://dlvr.it/RdG6n4

Hackers Deface Tens of Reddit Channels to Show Pro-Trump Messages, NFL, Disneyland, Boston Celtics Channels Affected

A massive hack hit Reddit after tens of Reddit channels have been hacked and defaced to show messages in support of Donald Trump’s reelection campaign. The Reddit channels defaced include those for NFL, many TV shows, The Pirate Bay, Disneyland, Disney’s Avengers, Boston Celtics, several city channels, and more. The channels have combined tens of millions of subscribers. Although Reddit hasn’t issued any details on the hack, the massive scale of the incident suggests that the intruder(s) might have gained access to a high-privileged moderator or admin account. Channel owners who are having problems have been asked to report problems in a Reddit ModSupport thread. The Reddit hack also comes after Reddit banned r/The_Donald, a channel for Donald Trump supporters.
http://dlvr.it/RdCfBY

Troy Hunt Open Sources 'Have I Been Pwned,' Asks the Community to Help Support the Effort

On the heels of an aborted merger and acquisition initiative, highly respected cybersecurity expert Troy Hunt has decided open source his ground-breaking Have I Been Pwned code base. He said he is turning over the code to the public “for the betterment of the project and frankly for the betterment of everyone who uses it.” He said the project solely depends on him and is asking the community to help support the effort.
http://dlvr.it/RdCf64

Researchers Who Intercepted Signals of Eighteen Satellites Says Satellite Communications Put Millions of People at Risk

Satellite-based Internet is putting millions of people at risk, despite providers adopting new technologies that are supposed to be more advanced Oxford Ph.D. candidate James Pavur showed. Pavur intercepted the signals of 18 satellites beaming Internet data to people, ships, and planes in a 100 million-square-kilometer swath that stretches from the United States, Caribbean, China, and India. Pavur said current solutions such as VPNs are ineffective for satellite communications and that he is presenting his findings so that the community can devise solutions.
http://dlvr.it/RdCB4M

Government Bank Regulator Fines Capital One $80 Million for Inadequate Risk Assessment Processes That Led to Data Breach

The Office of the Comptroller of the Currency (OCC) has fined Capital One $80 million over a data breach last year that compromised the personal information of about 106 million card customers and applicants. The OCC said the bank failed “to establish effective risk assessment processes“ before transferring information-technology operations to the public cloud and “to correct the deficiencies in a timely manner.” The order requires the bank to make risk-management changes and beef up its cybersecurity defenses. The bank said it has already made many of the needed changes.
http://dlvr.it/Rd7ylB

Top Voting Machine Vendor ES&S Has a New Vulnerability Disclosure Policy That Gives Ethical Hackers More Latitude to Find Bugs

The country’s largest voting machine vendor ES&S announced a new vulnerability disclosure policy that will allow it to work more closely with security researchers to find software bugs in the company’s IT networks and websites. The new policy, which gives the company 90 days to fix problems before the researchers go public, allows researchers to probe ES&S’s corporate systems and public-facing websites, but not the election systems in place at jurisdictions around the country, which are subject to different testing regimes.
http://dlvr.it/Rd7ydQ

State Department Will Pay Up to $10 Million for Information on Foreign Government Hackers Trying to Interfere in U.S. Elections, Issues Report on Russia's Continued Disinformation Campaigns

The State Department said it would offer rewards of up to $10 million for information to help identify any person who, acting at the direction of a foreign government, tries to hack into election or campaign infrastructure. The diplomatic arm of the government offered the bounty on the same day it released a report that states Russia continues to use a network of proxy websites to spread disinformation in the West. The report, produced by the Department’s Global Engagement Center, says that the Strategic Culture Foundation is directed by Russia’s foreign intelligence service, the S.V.R., and stands as “a prime example of longstanding Russian tactics to conceal direct state involvement in disinformation and propaganda outlets.”
http://dlvr.it/Rd7T5j

Canon Hit by Maze Ransomware Attack, Attackers Claim Theft of Ten Terabytes of Data, Private Databases

Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. A suspicious outage has taken place on Canon’s image. canon cloud photo and video storage service resulting in the loss of data for users of their free 10GB storage feature. The image.canon site suffered an outage on July 30th, 2020, and over six days, the site would show status updates until it went back in service yesterday, August 4th. At that point, a message appeared that said, “there was no leak of image data.” Today, however, a widespread system issue occurred, and Canon’s USA website is displaying error messages. BleepingComputer has obtained a partial screenshot of the alleged Canon ransom note, which we have been able to identify as from the Maze ransomware. The attackers told Bleeping Computer they stole “10 terabytes of data, private databases, etc” as part of the attack on Canon.
http://dlvr.it/Rd4Fhs

Zoom Bond Hearing of Twitter Hack 'Mastermind' Was Interrupted When People Played Loud Music, Porn Video

A judge was forced to suspend the virtual bond hearing of Graham Clark, the 17-year-old accused of being the “mastermind” behind the recent massive Twitter hack after several people got into the Zoom meeting posing as CNN and BBC staffers and played loud music and even a porn video. Judge Christopher Nash said next time he’ll require a password.
http://dlvr.it/Rd4FdP

Hacker Publishes List of Plaintext Usernames and Passwords With IP Addresses for More Than 900 Pulse Secure VPN Enterprise Servers

A hacker has published a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers, an analyst at threat intelligence firm Bank Security discovered. ZDNet got a hold of the list the help of threat intelligence firm KELA and verified its authenticity. The list includes IP addresses of Pulse Secure VPN servers, Pulse Secure VPN server firmware version, SSH keys for each server, a list of all local users and their password hashes, admin account details, last VPN logins (including usernames and cleartext passwords) and VPN session cookies. The analyst said that all the Pulse Secure VPN servers included in the list were running a firmware version vulnerable to the CVE-2019-11510 vulnerability. Threat intelligence company Bad Packets said that earlier this year it discovered 677 of the 913 IP addresses to be vulnerable and it appears they haven’t patched yet.
http://dlvr.it/Rd3mVB

Microsoft Awarded $13.7 Million in Bug Bounties Over Past Year, Three Times the Amount Awarded During Previous Year

Microsoft awarded $13.7 million in bug bounties to security researchers who have reported vulnerabilities over the last 12 months through 15 bug bounty programs, representing more than three times the amount awarded during the previous year when researchers earned a total of $4.4 million in Microsoft bug bounty awards. So far, in 2020, Microsoft has launched two new research grants and six new bug bounty programs, receiving 1,226 eligible vulnerability reports from 327 security researchers located in countries from six continents.
http://dlvr.it/Rd0W59

NSA Releases Guidance to Defense and Security Personnel on How to Limit Collection of Mobile Location Data

The National Security Agency (NSA) released guidance to Department of Defense and other national security programs on how to limit the collection of location data from their devices. The NSA warns that in addition to mobile devices storing location data in their own mobile device logs, cellular networks receive real-time coordinates for cellphones every time they connect to the system, meaning that users can be tracked across a wide area. Another interesting piece of advice: limit web-browsing on the device as much as possible because that can yield several different forms of location data.
http://dlvr.it/Rd0W40

Interpol Warns of 'Alarming' Rate of Cybercrime Related to the COVID-19 Pandemic, Predicts That It Will Increase in the Near Future

Interpol warned of an “alarming” rate of cybercrime during the coronavirus pandemic, with criminals taking advantage of people working from home to target significant institutions. The law enforcement organization said that in one four-month period (January to April) around 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs, all related to COVID-19, were detected by one of its private-sector partners. Interpol has concluded that “a further increase in cybercrime is highly likely in the near future” and “threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.”
http://dlvr.it/Rd02xg

DigitalCrazyTown Stopped Publishing Years Ago - Please Visit Metacurity.com or DCT-Associates.com

Years ago, when I was gearing up to change careers, I launched DigitalCrazyTown as a place to keep my expertise and skills visible while I was exploring what to do. People I know in the communications and tech sector loved the name Digital Crazy Town, and in particular loved my email address, which ended (and still does) in digitalcrazytown.com. So my digitalcrazytown.com email address is the one I've been using for years and the one most people use.

Since this blog was active, however, I launched a news destination for the cybersecurity industry, Metacurity.com, and a new company, DCT Associates. I also write for CSO Online and other publications and do paid-speaking and consulting engagements.

So, if you happen to get an email from my digitalcrazytown.com email address, just know that even though the publication is now defunct,

Twitter Delicious Facebook Digg Stumbleupon Favorites More