Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
December 26, 2017.
By The CyberWire Staff
North Korea has continued late last week and over the weekend to denounce recent attribution of WannaCry to Pyongyang as "grave political provocation," "reckless" and "baseless." Pyongyang has also promised unspecified retaliation (which may be a matter of routine form) and demanded that its accusers produce their evidence. The US is most commonly mentioned in these dispatches, although the UK was the first to officially call out the DPRK, and the US and UK were quickly joined by the three other Five Eyes: Australia, Canada, and New Zealand.
Proofpoint reports that the DPRK-linked Lazarus Group has expanded its targets from financial institutions to point-of-sale networks and individuals.
The Satori botnet, a Mirai successor that surfaced at the end of November and became relatively quiet after a takedown, may be reforming for a comeback. Netlab observed a spike in scanning of ports 52869 and 37215, which may represent an attempt by the botnet's controller to resume activity. That controller, "Nexus Zeta," is said by Checkpoint to be a script kiddie and an amateur (in the descriptive, non-pejorative sense).
The GoAhead webserver, widely used in IoT devices, was found vulnerable to remote code execution. The vendor, Embedthis, has patched.
Edward Snowden's got a privacy app out called "Haven," which CNET describes as "like a baby monitor on steroids."
WikiLeaks impressario Julian Assange's Twitter account went offline Christmas Eve but returned hours later with a video of a "bouncing corgi." (His followers did drop below 10,000, corgi lovers having yet to weigh in.)
Today's issue includes events affecting Australia, Canada, Egypt, Iran, Israel, Democratic Peoples Republic of Korea, Peru, Russia, Singapore, Turkey, Ukraine, United Kingdom, United States, and Venezuela.
A note to our readers on our holiday calendar: We won't be publishing the Week that Was on New Year's Eve, and the CyberWire Daily News Briefing will also take its regular US holiday break on New Year's Day. The Daily News Briefing will be out as usual through Friday this week, as will our Daily Podcast, the latter with some longform interviews. Research Saturday will be up this weekend. All publication returns to normal on January 2nd. Best wishes from all of us during this holiday season, and thank you for reading and listening.
WannaCry Influences Companies to Stock Bitcoin for Ransomware Emergencies(BItcoin News) Ransomware attacks aren't new to the internet. There are recorded instances of such attacks even before Bitcoin came into existence. However, in the recent years, the number of ransomware attacks involving demands for payment in Bitcoin has rocketed through the roof. These incidents, mostly targeting businesses have put many companies on edge, forcing them to invest in Bitcoin as a measure to deal with potential attacks in the future.
North Korean Hackers Targeting Individuals: Report(Security Week) North Korean state-sponsored hacking group Lazarus has started targeting individuals and organizations directly, instead of focusing exclusively on spying on financial institutions, Proofpoint reports.
Industry Reactions to U.S. Blaming North Korea for WannaCry(Security Week) The United States, Canada, Japan, Australia and New Zealand have all officially accused North Korea this week of being behind the WannaCry campaign. They join the United Kingdom, which blamed Pyongyang for the attack back in October.
The Opening of the North Korean Mind(Foreign Affairs) Foreign media is trickling in to North Korea, revealing the gap between Pyongyang’s propaganda and reality. The regime is well able to repress subversion in the short term, but over time the flow of outside information may be the best way to help the country evolve.
Should spies use secret software vulnerabilities?(C4ISRNET) It’s a choice of how best to protect the public: Exploit software vulnerabilities to collect intelligence information that may help keep people safe? Or disclose the flaw, letting the software company fix it and protect millions of regular computer users from malicious attacks by hackers?
Mirai Variant "Satori" Targets Huawei Routers(Security Week) Hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers have been observed over the past month, Check Point security researchers warn.
Amateur Hacker Behind Satori Botnet(BleepingComputer) A so-called "script kiddie" is behind the recently discovered Satori botnet that has scared security researchers because of its rapid rise to a size of hundreds of thousands of compromised devices.
Cybersecurity Predictions From ZeroFOX And Dyadic(Information Security Buzz) James C. Foster, CEO at ZeroFOX, a social media security firm based in Baltimore, give his insight about social media next year. James C. Foster, CEO at ZeroFOX: Social media will be the number one vehicle for ransomware distribution in 2018. Currently, there are nearly one million social media accounts compromised every day, and that number will continue to …
The professional cybersecurity groups(SC Media US) As cybersecurity has grown in importance within organizations, professional development has become a greater priority. These groups stand out as they educate and elucidate.
Cryptocurrency 101 and Is Bitcoin a bubble?(The Commentator) The questions on everyone’s mind the past few weeks has been – is Bitcoin a bubble? If it’s a bubble, when will it burst? If it’s not, is it too late to invest? Of course, there are no definite answers to the questions aforementioned. However, this article will attempt to shed some light onto the …
7 reasons why you must embrace the cryptocurrency wave(YourStory.com) Cryptocurrency is a form of digital asset developed to authorise transactions of money online. It emerged after the creation of Bitcoin in 2009. Since cryptocurrency is a virtual currency associated w...
Two Can Play at that Game: Thinking Like a Malicious Adversary(BlueCat) If you don’t know what you’re fighting, how can you expect to fight it? This whiteboard session delves into the criticality of DNS in developing a cyber security counter-strategy. Keep malicious adversaries in mind when structuring your domains and your network will be robust enough to battle them.
Silicon Valley Is Turning Into Its Own Worst Fear(BuzzFeed) We asked a group of writers to consider the forces that have shaped our lives in 2017. Here, science fiction writer Ted Chiang looks at capitalism, Silicon Valley, and its fear of superintelligent AI.
Proof of randomness builds future of digital security(Phys.org) In an effort to block emerging threats to online security, researchers at Princeton University have developed a method to verify the strength of random number generators that form the basis of most encryption systems.
Commentary: In democracies, voters warm to secret services(Reuters) In the early hours of Tuesday in the northern UK cities of Sheffield and Chesterfield, armed police blew open doors of homes and a Muslim community center, arresting four men aged between 22 and 41. Scanty information given to the news media spoke of a planned “Christmas bomb attack,” now presumably averted. The police, it emerged, were acting on information given by the secret services, probably the domestic service, MI5.
Revisions to Wassenaar cyber export-control agreement gain industry support(Inside Cybersecurity) International negotiators made changes to an arms-control agreement that for years had troubled U.S. tech companies -- which argued the export controls could undermine cybersecurity improvements -- with the latest revisions drawing industry applause as well as calls for additional changes.
Bill ropes in key players for defence(The Straits Times) A proposed Bill for cyber security will be tabled in Parliament for debate next year to shore up Singapore's defence against rising threats, many of which are state-sponsored.. Read more at straitstimes.com.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
5th Annual Journal of Law and Cyber Warfare Symposium(New York, New York, USA, October 18, 2018) The Journal of Law and Cyber Warfare will bring together distinguished thought leaders and cyber security experts across the industry for a day of collaboration and education. The Symposium will feature...
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.