Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
November 20, 2017.
By The CyberWire Staff
UpGuard has found another set of unsecured Amazon Web Services S3 buckets, these with data collected, UpGuard says, on behalf of US Central Command and US Pacific Command. The data represent the scrapings of some 1.8 billion social media posts by VendorX, a now-defunct company that provided services to Central Command. The information isn't sensitive, the US Department of Defense says, nor was it processed for intelligence purposes. It wasn't obtained by exotic or surreptitious means, but using software freely available to anyone. The Defense Department characterizes the collection as part of its "public information gathering, measurement and engagement activities." UpGuard (which seems to be running neck-and-neck with Kromtech in the race to find and report exposed S3 buckets) suggests that collection of posts by US citizens is troubling.
Speaking of Kromtech, more details emerge on the exposed Australian Broadcasting Corporation data the company described last week. They found the database (about two years' worth of backups) in a scan on November 14th; ABC secured it "within minutes" of disclosure.
The latest case of apparent Russian influence campaigning comes from Scotland, where a lot of traffic favoring Scottish independence ("nae British slave," etc.) appears to emanate from Russian troll farms.
In Germany, Chancellor Merkel yesterday told President Frank-Walter Steinmeier that talks to form a coalition government have stalled. It appears there will either be a minority government or new elections.
Famous ur-hacker John Draper, a.k.a. Captain Crunch, has been banned from Defcon over allegations of inappropriate behavior with young men.
Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com
ON THE PODCAST
Our podcasts this Thanksgiving week feature something a bit different: extended interviews with cybersecurity thought-leaders. Today we speak with PwC's Jocelyn Aqua about consumer trust in cyber security. Other extended discussions will follow tomorrow and Wednesday.
Earn a master’s degree in cybersecurity from SANS(Online, November 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Tuesday, November 21st, at 1:00pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).
Australian broadcaster hit by data breach(ComputerWeekly) The Australian Broadcasting Corporation is the latest organisation to fall prey to misconfigured Amazon S3 storage buckets, exposing database backups and sensitive data such as login credentials
Barrage of tweets on independence linked to Russia(Times) Almost 400,000 Twitter messages about Scottish independence were posted by fake accounts, most believed to be Russian. Researchers say that hundreds of automated accounts — so-called Twitter bots —...
Russian link to GCHQ alerts(Times) A British intelligence agency has based warnings about hacking threats on research by a controversial Russian cybersecurity company. The National Cyber Security Centre (NCSC), part of GCHQ, has...
Cybersecurity firm warns of advances in cybercrime(Manila Bulletin Business) Cybersecurity company Fortinet issued new warnings in the cybercrime world with threats ranging from the more advanced hivenets and swarmbots built on machine learning and artificial intelligence (AI) technologies which will hit mobile and cloud usage, among other things.
Ransomware Targets SMBs via RDP Attacks(Security Week) A series of ransomware attacks against small-to-medium companies are leveraging Remote Desktop Protocol (RDP) access to infect systems, Sophos reports.
EMOTET Trojan Variant Evades Malware Analysis(Security Week) A recently observed variant of the EMOTET banking Trojan features new routines that allow it to evade sandbox and malware analysis, Trend Micro security researchers say.
One month later, Magniber ransomware is still out there(SANS Internet Storm Center) Last month in October 2017, several sources reported a new ransomware family distributed by Magnitude exploit kit (EK) [1, 2, 3]. Security researchers dubbed the new ransomware "Magniber" because it appears to have replaced Cerber ransomware as distributed through Magnitude EK. Cerber seems to have disappeared since then, but as November 2017 progresses, we're still seeing Magniber.
Child abuse on YouTube(Times) Google has made millions of pounds in advertising revenue from videos that exploit young children and appeal to paedophiles, experts say. Iceland, O2 and Which? are among companies to have...
2018 Security Predictions, by Forcepoint Security Labs(Forcepoint) A myriad of complex challenges will surface in 2018, threatening your ability to protect your users, data and networks in new ways. In the Forcepoint 2018 Security Predictions Report, our thought leaders assert that cybersecurity needs a forward-thinking, holistic approach to protect data in real-time, one that can transform a vulnerable employee to a defender of data.
Kaspersky warns cybersecurity needs attention(The Nation) Thailand may be an example of the classic case of having a huge population of Internet users but also low cybersecurity awareness. Perhaps that makes it fertile ground for Kaspersky, a large cybersecurity firm that is often in the news.
How NSS Labs' CAWS finds and fixes network threats(CSO Online) The public instance of the CAWS Continuous Security Validation Platform from NSS Labs is a valuable tool for alerting IT teams about real threats with the ability to breach their defenses. But for networks with high security needs, the product's private instance is worth the high price tag.
Senators propose limit on FISA ﬁles(The Denver Post) A pair of senators on Friday released their bipartisan proposal to renew a powerful surveillance authority for collecting foreign intelligence on U.S. soil, but with a new brake on the government…
Former State Department official talks cyber diplomacy in Bartels lecture(Cornell Chronicle) Returning to Cornell to give the annual Bartels World Affairs Fellowship Lecture Nov. 15, Christopher Painter ’80, former coordinator for cyber issues at the U.S. Department of State, discussed the power – and the limitations – of cyber diplomacy in a public lecture in Kennedy Hall’s Call Auditorium.
Everyone has been hacked, say police(Times) Virtually everyone in the country is likely to have had their personal data hacked and placed for sale on the dark web, police have said. Peter Goodman, the National Police Chiefs’ Council lead for...
Fund Targets Victims Scammed Via Western Union(KrebsOnSecurity) If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CyberCon 2017: Beyond Cybersecurity(Pentagon City, Virginia, USA, November 28, 2017) The cyber front is about more than just security. Defending in cyberspace takes a holistic approach, encompassing technology, policy and people. That’s why we’re bringing together military, intelligence...
Cyber 9-12(Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
The 3rd Annual Billington INTERNATIONAL Cybersecurity Summit(Washington, DC, USA, November 21, 2017) The 3rd Annual Billington International Cybersecurity Summit on March 21 in Washington, D.C. at the National Press Club, will attract over 400 attendees at the leading forum on global cybersecurity in...
Aviation Cyber Security(London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...
Global Conference on Cyberspace (GCCS)(New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...
AutoMobility LA(Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...
Cyber Security, Oil, Gas & Power 2017(London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.
Cyber Security Summit Los Angeles(Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.