The same Russian nation-state actor behind the cyberattacks targeting SolarWinds customers in 2020, Nobelium, has targeted organizations integral to the global IT supply chain.
Risk professionals take note. Experts say the greatest cybersecurity risks to local governments and their "smart city" programs are emergency alert systems, video surveillance devices and traffic signals - a greater risk than breaches of open data, water consumption and gunshot detection technologies and more.
The National Security Agency (NSA) released a Cybersecurity Advisory on Russian state-sponsored actors exploiting CVE-2020-4006, a command-injection vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The actors were found exploiting this vulnerability to access protected data on affected systems and abuse federated authentication.
Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service (DDoS) attacks, and theft of personally identifiable information (PII), to more advanced activities—including social media-driven influence operations, destructive malware, and, potentially, cyber-enabled kinetic attacks, warns the Cybersecurity and Infrastructure Security Agency (CISA).
The United States has seized 27 domain names that Iran’s Islamic Revolutionary Guard Corps (IRGC) unlawfully used to further a global covert influence campaign
As we head into the final day before the 2020 election, disinformation on social media continues to make headlines as a means to sway public opinion and to discourage people from voting. For example, swing states have been targeted with evolving disinformation tactics in an attempt to influence what happens in the voting booth, while Black and Latino voters have been flooded with messages aimed to depress turnout by fueling cynicism and distrust in the political process.
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Cyber Command Cyber National Mission Force (CNMF) identified tactics, techniques, and procedures (TTPs) used by North Korean advanced persistent threat (APT) group Kimsuky to gain intelligence on various topics of interest to the North Korean government.
Acting Secretary of Homeland Security Chad F. Wolf released the Department of Homeland Security’s (DHS) Homeland Threat Assessment (HTA). This first-of-its-kind report synthesizes threat information across DHS including intelligence and operational components.
4iQ released its COVID-19 Threat Report, which explores a host of notable scams that have surfaced during these uncertain times, including sextortion/blackmail emails, fake news, ransomware and phishing campaigns.
From elections to North Korean nuclear threats and missile launches, it appears that cyber actors are using geopolitical events to achieve cyber activism and other goals.
