Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
December 22, 2017.
By The CyberWire Staff
The company affected by the attack on industrial control systems, said to have been in the Middle East, had been unnamed. But it's now said, according to Foreign Policy, to be Saudi Aramco. Foreign Policy sources their story to a report they say they've obtained that was prepared by Area 1 Security. Circumstantial and preliminary attribution continues to point toward Iran.
North Korean denials of responsibility for WannaCry have moved into familiar rhetorical terrain: "The U.S., a source of all social evils and a state of global cyber-crimes, is unreasonably accusing the DPRK without any forensic evidence. This cannot be construed otherwise than an expression of its inveterate repugnance towards the DPRK." While they can't be troubled to reply to every American "grave political provocation," this one can't be tolerated, because it's aimed a "tarnishing the image of [a] dignified country."
Online magazine Salon more-or-less agrees with the Supreme Leader, seeing the Five Eyes' attribution of WannaCry to Pyongyang as resembling other bogus war-scare "ruses," but most observers think the attribution, inevitably circumstantial to some degree, probably holds up.
WannaCry still remains in circulation, hitting the unprepared and unpatched.
South Korean police see North Korea as the prime suspect in the Youbit hack.
Bitcoin and other cryptocurrencies crashed hard this morning, losing up to a third of their valuation. It's probably not the end of the speculative bubble, but it's at least a sharp correction.
More bad news for Kaspersky Lab: Lithuania has banned the company's products from Lithuanian infrastructure.
Today's issue includes events affecting Argentina, Azerbaijan, Brazil, China, Colombia, European Union, India, Iran, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Mexico, Peru, Philippines, Portugal, Russia, Saudi Arabia, Spain, Thailand, Ukraine, United Arab Emirates, United Kingdom, United States, Venezuela, and Vietnam.
A note to our readers on our holiday calendar: We won't be publishing the Week that Was on either this Sunday or New Year's Eve, and the CyberWire Daily News Briefing will also take its regular US holiday breaks on Christmas (Gregorian calendar, because that's how we roll here in Maryland, so Monday, December 25th) and New Year's Day. The Daily News Briefing will be out as usual next Tuesday through Friday, as will our Daily Podcast, the latter with some longform interviews. Research Saturday will be up as usual this weekend and next. All publication returns to normal on January 2nd. Best wishes from all of us during this holiday season, and thank you for reading and listening.
How are you handling your cloud monitoring and security?
Cloud providers offer many security measures, but you’re ultimately responsible for securing your own data. While 53% of organizations are training their staff to manage cloud security, 30% of organizations plan to partner with an MSP. In our white paper, we discuss the considerations you need to make before choosing a solution.
ON THE PODCAST
In today's podcast we speak with our partners at Booz Allen Hamilton, as Chris Poulin talks about how the transition to self driving cars might be made, and about the problem with selling fear and uncertainty. Speaking of selling, and the fear, uncertainty, and doubt that so often frames it, we also chat with Gigamon's Kim DeCarlis about marketing cyber security.
Commentary: Making sense of North Korea’s hacking strategy(Reuters) Pyongyang is ramping up its cyber warfare. Just this week, a White House official blamed North Korea for the WannaCry attack that took down hospitals, banks and businesses in May and noted that Facebook and Microsoft recently took action against the infamous North Korean Lazarus hacker group. And that’s just the tip of the iceberg.
Digmine Malware Spreading via Facebook Messenger(BleepingComputer) Users across several countries are being targeted in a campaign that delivers a new strain of malware named Digmine that installs a Monero cryptocurrency miner and a malicious Chrome extension which helps it propagate to new victims.
The seven most colossal data breaches of 2017(Security Boulevard) This year saw a handful of spectacularly bad security fails that resulted in massive sets of compromised data. Here are the most colossal data breaches of 2017. Categories: Cybercrime Hacking Tags: data breachesdata breaches of 2017EdmodoEquifaxUberVerizon (Read more...) The post The seven most colossal data breaches of 2017 appeared first on Malwarebytes Labs.
SafeBreach Examines Malware Success Rates(PYMNTS.com) A new report studying the success rates of malware attacks on enterprise suggests a failure among corporations to adequately protect their systems. New research from SafeBreach, released in its Hacker’s Playbook Findings Report, analyzed 3,400 data breach strategies and 11.5 million conducted simulations. According to the report, malware attacks successfully infiltrated enterprises’ systems most of […]
2018 Predictions: ICS Cybersecurity Goes Mainstream(Nozomi Networks) After a year that began with the fall-out from another Ukraine electric grid attack, saw the discovery of the first toolset since Stuxnet to target physical systems (CrashOverride/ Industroyer) and included significant harm from ransomware attacks (WannaCry, Petya/NotPetya), what’s in store for 2018?
Are Your Medical Records Safe? NO. - Security Boulevard(Security Boulevard) Radware’s Web Application Security Report finds security flaws in the healthcare industry What do healthcare institutions, insurance companies, hospitals, pharmaceuticals and manufacturers of medical equipment all have in common? If you guessed room for improvement when it comes to protecting applications, you’re correct. The data records these organizations keep are highly sensitive as they affect The post Are Your Medical Records Safe? NO. appeared first on Radware Blog.
Incident Response: Your Last Line of Cybersecurity Defence(Information Security Buzz) In 2018, no executive that reads the papers can be unaware of the cybersecurity risks facing their organisation. With the size and frequency of data breaches increasing, companies should be prepared to handle one when it happens. The best way to cope with a security incident is to hit the ground running. A well-structured, efficient …
Five blockchain use cases(RCR Wireless News) The potential use cases of blockchain go beyond powering digital currency like bitcoin, including securing patient medical records and...
Blockchain and Quantum Computing(The National Law Review) 2018 promises great inroads in the realm of "quantum computing." While conventional computers use binary data or bits (i.e., 0s and 1s) to store and process information...
Encryption perspectives in a world of quantum computers(eeNews Europe) Potentially, in the connected world, all kind of devices that encrypt data to be sent, received and stored, could be affected by the decoding power of quantum computers. Although realistic threats against today’s encryption algorithms may be 10 to 15 years away, new encryption mechanisms should already be considered for devices with long lifecycles that are installed nowadays.
Lithuania bans Kaspersky Lab software on sensitive computers(Reuters) Software from Moscow-based company Kaspersky Lab is a threat to Lithuanian national security and its products will be banned on sensitive computers, Lithuania's government said on Thursday. It is the latest setback for the software maker.
Keeper CEO Offers Clarity(Keeper Blog) We have great admiration and respect for the InfoSec community, the press that covers this industry, and of course place the protection and security of our customers’ information as the top priority. We want to offer clarity regarding our recent lawsuit directed to the contents of the Ars Technica article, which has undergone revisions since …
U.K. Man Avoids Jail Time in vDOS Case(KrebsOnSecurity) A U.K. man who pleaded guilty to launching more than 2,000 cyberattacks against some of the world’s largest companies has avoided jail time for his role in the attacks. The judge in the case reportedly was moved by pleas for leniency that cited the man’s youth at the time of the attacks and a diagnosis of autism.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.