NSO Group says to blame its customers
In response to criticism for its Pegasus spyware being found on a number of high profile world leaders’ devices, NSO Group reiterated that its software is only made available to military, law enforcement and intelligence agencies from countries with good human-rights records, but compared itself to a car manufacturer being held responsible for damage done by a drunk driver. The company also questioned the legitimacy of a leaked list of 50,000 numbers of alleged Pegasus targets, saying its customers average 100 targets a year, and that any numbers of devices with Pegasus installed was a coincidence.
Saudi Aramco confirms data leak
The world’s largest oil producer confirmed some company files were leaked by a contractor. This came to light when a threat actor attempted to extort the company for $50 million over a claimed 1TB leaked data trove. The company said there are no signs that its systems were breached, and the extortion attempt does not appear tied to a ransomware operator.
Sophos to acquire Braintrace
Braintrace was founded in 2016 and provides a network detection and response solution to inspect network traffic and filter out suspicious activity. What differentiates the company in the space is its ability to use remote network packet capture to get visibility into cloud network traffic across the major cloud providers without being on-site. Sophos plans to integrate Braintrace’s tech into its adaptive cybersecurity ecosystem. The deal comes roughly a year after the private equity firm Thoma Bravo completed its $3.9 billion takeover of Sophos.
Akamai DNS outage impacts security sites
An issue impacting Akamai’s Edge DNS service resulted in a number of sites going down in the early afternoon of July 22nd. LastPass, Cloudflare, AWS, and Oracle Cloud were among the many impacted services. The company said it began rolling out a fix to the issue around 1pm ET, with services gradually coming back online. The company said the issue was not the result of a cyber attack, although no underlying cause was announced.
Thanks to our episode sponsor,
FCC emergency broadband program struggles to reach people
Nearly four million households have enrolled in the FCC’s emergency broadband benefit program since it launched in May, but a new report by the Benton Institute for Broadband & Society found this represents only 1 in 12 eligible households. The program provides eligible households a discount of up to $50 per month on broadband service. The researchers noted that areas with small, locally focused internet service providers have particularly high adoption due to proactive enrollment efforts. Some large ISPs have attempted to put up barriers to customers taking advantage of the program, with Spectrum requiring users to commit to continuing service after the benefit runs out for unspecified rates.
FTC announces policy on right-to-repair
The agency issued a policy statement pledging to take on unlawful “right to repair” restrictions and encouraging competition in product repair markets. Under this new policy, the FTC will use its existing authorities to support independent repair shops and lower repair costs for consumers. This comes a few days after an executive order endorsed similar rules as part of a set of initiatives to promote competition.
When will infrastructure attacks turn lethal?
The analysts at Gartner estimate that threat actors will have weaponized operational technology environments to harm of kill people by 2025. Gartner classifies these as “cyber-physical attacks,” and includes things like electronic medical equipment or physical infrastructure. The firm estimates that by that year, these attacks will cost companies $50 billion to remediate IT systems, litigation, and compensation. Overall Gartner found that firms should shift focus on threat management to real world harms, rather than information theft.
Misconfiguration exposes data from 80 municipalities
Cybersecurity researchers from WizCase discovered the data leak, coming from the classic cause of a misconfigured Amazon S3 bucket. 86 buckets used by the PeopleGIS mapping service, were set up to not be encrypted or require authentication. Citizens’ addresses, contact details, IDs, photographs of individuals, photographs of properties, building and city plans, driver license numbers, tax documents, and other sensitive data was exposed as a result. To add to the exposure, many documents were digitally redacted using transparent tools like a marker, which revealed information simply by changing document contrast. It’s unclear how many people were impacted by the leak.