How are you handling your cloud monitoring and security?
Cloud providers offer many security measures, but you’re ultimately responsible for securing your own data. While 53% of organizations are training their staff to manage cloud security, 30% of organizations plan to partner with an MSP. In our white paper, we discuss the considerations you need to make before choosing a solution.
December 4, 2017.
By The CyberWire Staff
Friday it was announced that Nghia Hoang Pho had pleaded guilty in the US District Court for the District of Maryland to willful retention of national defense information: between 2010 and May 2015, he took quantities of classified information home, with him, both in hard-copy and on his laptop. According to documents unsealed Friday, Pho was a developer with the National Security Agency's Tailored Access Operations (TAO) unit. He faces up to ten years in prison. He's free until sentencing, scheduled for April 6th, 2018.
The laptop Pho used to take classified information home with him is the one that's long been discussed in connection with the US Government's ban on Kaspersky products. He had Kaspersky security software installed which detected some of the sensitive files he'd placed on his machine. Kaspersky acknowledges that it did detect the files, but denies having read them, or done anything with them. Pho doesn't appear to be the source of the Shadow Brokers' leaks, so that mole-hunt remains ongoing.
Ciaran Martin, director of the UK's National Cyber Security Centre, Friday advised permanent departmental secretaries that Kaspersky software should not be used in systems holding information whose compromise would damage British national security. Saturday Barclay's withdrew free Kaspersky software it formerly provided to customers.
A PayPal Canadian unit, TIO Networks, reports losing 1.6 million customers' information in a breach.
Developments in the Uber breach investigation and litigation involving Waymo prompt three more Uber executives to leave the company.
DevSecOps experts from Visa and CYBRIC talk cyber threat survival.
How can you protect yourselves against breaches like Equifax? Swapnil Deshmukh, Sr. Director of Emerging Technologies Security, Visa and Mike D. Kail, CTO, CYBRIC weigh in. Rapid innovation and continuous delivery via DevOps exposes organizations to a constant, evolving cyber threat. Seamlessly embedding continuous security within existing ecosystems will enforce security across the production environment. In this webinar, you’ll learn cultural changes needed for true DevSecOps. Register for this webinar December 12 at 1PM ET.
Flying Blind: 2017 Cloud Configurations Gone Wrong(Webinar, December 7, 2017) How can you avoid data breaches from public cloud misconfigurations in the future? Join our team of cloud security experts for a 45-minute webinar to learn more about the steps you can take to improve your cloud security posture and keep your critical information protected.
Earn a master’s degree in cybersecurity from SANS(Online, December 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, December 21st, at 12:00pm noon ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
When Terrorists Learn How to Hack(The Cipher Brief) Terrorist groups are expanding their use of the internet beyond mere messaging and disseminating operational know-how, slowly adding a cyber-hacking toolset that could one day rival that of criminal or state-sponsored hacking. To date attacks have included website defacement, doxing of personally identifiable information, and distributed denial of service (DDoS) attacks. But this could grow …
New Shadow BTCware Ransomware Variant Released(BleepingComputer) A new variant of the BTCWare ransomware was discovered by Michael Gillespie, that appends the .[email]-id-id.shadow extension to encrypted files. The BTCWare family of ransomware infections targets its victims by hacking into poorly protected remote desktop services and manually installing the ransomware.
Top five ransomware attacks that caught the world’s attention(TEISS) Security research firm Malwarebytes had, in August, revealed that Mac and Android devices were hit by more ransomware attacks in the first half of this year compared to all of 2016, thereby signifying how this attack vector has become a weapon a choice for cyber criminals.
What's Behind the Rising Tide of Ransomware?(Security Intelligence) The rate of ransomware is rising, largely due to the availability of exploit kits and ransomware-as-a-service (RaaS) packages in underground marketplaces.
Hacked Password Service Leakbase Goes Dark(KrebsOnSecurity) Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the Hansa dark web market earlier this year.
Security Patches, Mitigations, and Software Updates
Multiple Vulnerabilities in Cisco Data Center Network Manager Software(Cisco) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
iOS 11 Encrypted Backup Change Reduces Security, Boosts Data Safety(TidBits) In iOS 11, Apple has changed things so encrypted iTunes backups can now be restored with either the separate backup password or the device passcode. This move reduces security, but it also reduces the likelihood that users will forget the password and lose access to their backups.
ClearCenter Acquires Minebox IT Services GmbH(Business Insider) ClearCenter today announced that it has acquired Minebox IT Services GmbH in a move to round out ClearCenter's Hybrid IT Linux-based IT management operating system, ClearOS.
Founders of hacking firm linked to Michael Flynn turn to cyber defense(Fast Company) The founders behind NSO Group, an Israeli company that makes “lawful intercept” tools used by governments to spy on terrorists and criminals—but also, as I reported yesterday, civilians in multiple countries—are doubling down not on attacking devices but defending them.
IT-Sicherheit: Wenn Legoland zurückhackt(Spiegel) Cyberangriffe können jeder Firma gefährlich werden, vom Maschinenbauer bis zur Bank. Erst allmählich erkennen Unternehmen in Deutschland das Risiko - und bereiten sich vor.
5 best IoT antivirus and antimalware solutions(Windows Report - Windows 10 and Microsoft News, How-to Tips) Most users won’t usually forget to protect their laptops and computers from all kinds of viruses that are able to wipe out or to severely infect their programs or their work and compromise their whole system’s security. But we don’t have to forget also to protect our IoT gadgets and gizmos and provide them with …
Data Security and Breach Notification Act(US Senate) To protect consumers by requiring reasonable security policies and procedures to protect data containing personal information, and to provide for nationwide notice in the event of a breach of security.
Former NSA Employee Pleads Guilty to Taking Classified Data(KrebsOnSecurity) A former employee for the National Security Agency pleaded guilty on Friday to taking classified data to his home computer in Maryland. According to published reports, U.S. intelligence officials believe the data was then stolen from his computer by hackers working for the Russian government.
Michael Flynn Pleads Guilty to Lying to the F.B.I.(New York Times) The guilty plea by President Trump’s former national security adviser brings the special counsel investigation of Russian interference in the 2016 election into Mr. Trump’s inner circle.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...
Hackers Challenge(New York, New York, USA, December 6, 2017) Welcome to the Hackers Challenge - a must-attend event for IT security professionals across all industries. Radware and Cisco invite experienced hackers to attack the cyber-defense of a website within...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.