Unrest and fighting in Ethiopia appear to have prompted the government to shut down most of the country's Internet access. Twitter and Facebook have been out since Tuesday; other services are affected as well.
Bitcoin is used for many legitimate purposes, but it has its dodgy uses, too. Many criminals demand ransom or other payments in Bitcoin. So do pariah states: North Korea, its finances crippled by international sanctions, increasingly turns to Bitcoin as a source of badly needed funds.
Investigation into the TRITON attack on a Middle Eastern industrial plant continue. FireEye's Mandiant unit is working on the incident, regarded as unusually dangerous because TRITON infects safety systems. A nation-state is widely suspected, with initial suspicion turning toward Iran.
The UK's senior military officer warns that Britain's undersea cables are vulnerable to disruption.
Synaptics wants everyone to be clear: that issue with its keypad on HP laptops involved a debugger. Synaptics isn't in the keylogger business.
Fortinet has patched a credential leaking flaw in its VPN client. Palo Alto Networks also has a patch out, theirs for a hole in its firewall that could permit remote attacks.
The Manhattan District Attorney has charged a New York resident, Louis Meza, with arranging a stick-up to relieve one of Mr. Meza's friends of valuables. The stick-up man specifically demanded the password to the victim's Ethereum wallet.
A London man has received six years plus for his role in Dridex.
In the US, the FCC has cancelled net neutrality. Litigation to follow.
Today's issue includes events affecting Ethiopia, Iran, Democratic Peoples Republic of Korea, Nigeria, Russia, Saudi Arabia, Slovenia, United Kingdom, United States.
A note to our readers, and especially to our Patrons: Patreon has decided not to roll out the increased fees they'd announced recently for their service. We're happy to say Patrons will no longer be charged a large processing fee for their pledges. And we'd like to take this opportunity to thank all of you who've signed up as Patrons. You help us keep the CyberWire up and running.
When 95% of breaches are human error, why is it on the last line of our security budget?
Probably because until now, you haven’t found a solution that works. NINJIO produces 3-4-minute-long animated Episodes that teach your end-users how not to get hacked. This is done through Hollywood story telling. A new Episode is produced every 30 days on the most current breaches. Your end-users emotionally connect with the first scene of every Episode, so they’re engaged throughout the Episode. NINJIO tells stories, not lectures and has a 98.5% renewal rate. NINJIO works. See a free in person demo.
Earn a master’s degree in cybersecurity from SANS(Online, December 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, December 21st, at 12:00pm noon ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
Permissions Flaw Found on Azure AD Connect(Threatpost) A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network.
Popular Destinations Rerouted to Russia(BGPMon) Early this morning (UTC) our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System.
Dissecting PRILEX and CUTLET MAKER ATM Malware Families(TrendLabs Security Intelligence Blog) For a while now, Trend Micro has focused its efforts on covering ATM malware, especially new families that come up with features that stealthily target banking customers. In this blog post, we're going to cover two that have recently come to our attention: Prilex and Cutlet Maker. Each of them is interesting in their own right, but for different reasons.
A Very Malicious Christmas(Anomali) In 2017, Americans are projected to spend $906 million on gifts, up from $785 in 2016. A significant chunk of that total will be spent online. As consumers turn to the internet, those looking to exploit them are increasing at a similar rate.Over the last 5 years, the festive season has seen actors ramping up Christmas themed campaigns to directly target businesses and consumers. This post outlines a very small number of particularly prolific attacks that have been observed over
List of Cloud Statistics(Clutch) In the past year, we released multiple reports featuring original data on the cloud industry. We’ve collected the most important data points here, offering insights into businesses’ opinions on cloud security trends, spending habits, and more in 2017.
Thales Regroups Its Digital Assets and Appoints New Talents(Thales) Beginning January 1, 2018, Thales will regroup its digital businesses and expertise under a transverse Digital Business Unit. David Jones is appointed Senior Vice-president Digital Business Unit, Thales, effective on 8 December 2017. He will be based in California.
Is Your Security Workflow Backwards?(Dark Reading) The pace at which information security evolves means organizations must work smarter, not harder. Here's how to stay ahead of the threats.
Tech alone can’t save your business from cyberattacks(The Next Web) Chris Young, CEO of McAfee just spoke at TNW New York. We’re sharing his views on the importance of company culture in cyber security. For a growing number of CEOs, security is now a top concern — but most aren’t doing enough to protect their companies from harm. Data breaches jumped 29 percent in the …
Laptop Security: Not Sexy, But A Real Cybersecurity Imperative(LinkedIn) As an executive at a cybersecurity company, I typically make the rounds to all of the industry’s “must attend” events to stay on top of the latest trends, learnings and industry buzz. These forums are where the good guys go to learn what the bad guys do.
Beginner's Guide to Admin Permissions(Business News Daily) Administrator accounts typically fall to IT, but not all small businesses have a dedicated person. Here's what you should know, plus tips for beginner admins.
FCC votes down Obama-era ‘net neutrality’ rules(The Washington Times) Not even a bomb threat and impromptu evacuation could stop the Federal Communications Commission from voting Thursday to repeal net neutrality, setting up another legal battle between the Trump administration and Democratic attorneys general.
Senate may put off most anticipated Russian probe findings(Honolulu Star-Advertiser) With no firm conclusions yet on whether President Donald Trump’s campaign may have coordinated with Russia, the Senate intelligence committee could delay answering that question and issue more bipartisan recommendations early next year on protecting future elections from foreign tampering.
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.