Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
November 22, 2017.
By The CyberWire Staff
Uber disclosed late yesterday that it was breached by two hacker-extortionists in October 2016. The ride-service says that 57 million individuals were affected. Riders' names, email addresses and mobile phone numbers were lost, and 600 thousand drivers' names and license numbers were also exposed. User information was lost in many countries around the world; the affected drivers appear to have all worked in the US. Uber is reported to have paid the hackers $100,000 to delete the data and keep quiet about the whole thing.
The breach is said to be traceable to stolen credentials. Bloomberg and others report that the hackers got credentials from a private GitHub site Uber software developers used, and then employed those credentials to access data stored in an Amazon Web Services (AWS) bucket.
The incident and its cover-up were discovered in the course of an investigation of Uber's security team which the company's board commissioned this fall. Uber's CEO, Dara Khosrowshahi, who's been in the job since this September, said in a statement that he'd just learned of the incident, that Uber intended to do better, and that two executives responsible for handling the security incident are no longer with the company. Bloomberg reports that one of the two is CSO Joe Sullivan, a former US Federal prosecutor who joined Uber in 2015 from Facebook. Uber faces a great deal of scrutiny and litigation: the New York State Attorney General has already announced it's opened an inquiry.
Today's issue includes events affecting Brazil, China, European Union, France, Iran, Israel, Russia, Saudi Arabia, United Kingdom, United States.
A note to our readers: as we observe the Thanksgiving holiday here in the US, we'll be refraining from publishing both our Daily News Briefing and our Daily Podcast this Thursday and Friday. The Week that Was will be up as usual Sunday evening, and our Research Saturday Podcast will also appear as expected on November 25th. We resume normal publication of the Daily News Briefing and the Daily Podcast on Monday, November 27th. Until then, to all our readers and listeners in the US, enjoy Thanksgiving.
Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com
ON THE PODCAST
Our podcasts this Thanksgiving week feature something a bit different: extended interviews with cybersecurity thought-leaders. Today we hear from Tiffany Li, resident fellow at Yale Law School and the Information Society Project. We discuss artificial intelligence and the right to be forgotten in the context of EU law and the GDPR.
Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).
Cyber Attacks, Threats, and Vulnerabilities
Uber Paid Hackers to Delete Stolen Data on 57 Million People(Bloomberg.com) Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.
Code Execution Flaw Found in HP Enterprise Printers(Security Week) Researchers have found a potentially serious remote code execution vulnerability in some of HP’s enterprise printers. The vendor claims to have already developed a patch that will be made available to customers sometime this week.
Cobalt Hackers Now Targeting Banks Directly(Security Week) The notorious Cobalt hackers have shown a change in tactics recently, switching their attacks to targeting banks themselves, instead of bank customers, Trend Micro reports.
Stuxnet’s Footprint in Memory with Volatility 2.0(Penetration Testing Experts) We’ll examine Stuxnet’s footprint in memory using Volatility 2.0. A talk was given at Open Memory Forensics Workshop on this topic (see the online Prezi) and the details will be shared here for anyone who missed it. I picked this topic for two reasons. First, Stuxnet modifies an infected system in such ways that are …
Internet Wide Ethereum JSON-RPC Scans(SANS Internet Storm Center) Ethereum is certainly getting a lot of press this year, and with this, we also see the bad guys spending more effort to steal the shiny fresh off the digital mint crypto coins.
Final Version of 2017 OWASP Top 10 Released(Security Week) The final version of the 2017 OWASP Top 10 was released on Monday and some types of vulnerabilities that don’t longer represent a serious risk have been replaced with issues that are more likely to pose a significant threat.
Threat Predictions for Connected Life in 2018(Securelist) Every year, Kaspersky Lab’s experts look at the main cyberthreats facing connected businesses over the coming 12 months, based on the trends seen during the year. For 2018, we decided to extract some top predictions that also have big implications for everyday connected life.
Kaspersky Lab: Friend or Foe?(Legal Talk Network) David Ries talks about whether Kaspersky Lab is safe for lawyers to use, diving into where the controversy started and what the results have been so far.
Brazilian Armed Forces Summit Aligns Electronic Warfare Knowledge(Dialogo Americas) The Brazilian Ministry of Defense sponsors the annual event that brings together service members from the Army, Navy, and Air Force, as well as civilian experts to promote interoperability and capacity building in the field of electronic warfare.
Booz Allen-NVIDIA Team to Develop AI Training Program for Federal Employees(ExecutiveBiz) Booz Allen Hamilton will team up with NVIDIA to establish a hands-on training program designed to help federal employees hone their artificial intelligence skills, Nextgov reported Monday. The NVIDIA Deep Learning Institute and Booz Allen team aims to launch the program in early 2018 to help employees understand the basics of emerging technologies and create...
Vermont governor appoints 10 cybersecurity advisers(Fifth Domain) When the Republican governor announced the formation of the team last month he said that since January there had been more than 3.3 million attacks on the state’s computers, none of which were successful.
Skype joins list of apps on China's blacklist(Bull) Skype has apparently joined the lengthening list of internet communication tools on China's blacklist, with Apple saying Wednesday it was ordered to clear its download store of apps that violate national laws.
House Committees Get Serious in New Letter to Equifax(Security Week) The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter to Paulino Barros, the interim CEO of Equifax.
French police detain Russia's 'secret oligarch' in Nice(Deutsche Welle) Russian lawmaker Suleiman Kerimov, dubbed the "secret oligarch," has been taken into police custody in southern France. Russia's embassy has extended "all possible assistance" to the billionaire senator.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Hackers Challenge(New York, New York, USA, December 6, 2017) Welcome to the Hackers Challenge - a must-attend event for IT security professionals across all industries. Radware and Cisco invite experienced hackers to attack the cyber-defense of a website within...
Global Conference on Cyberspace (GCCS)(New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...
AutoMobility LA(Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.
CyberCon 2017: Beyond Cybersecurity(Pentagon City, Virginia, USA, November 28, 2017) The cyber front is about more than just security. Defending in cyberspace takes a holistic approach, encompassing technology, policy and people. That’s why we’re bringing together military, intelligence...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...
Cyber Security, Oil, Gas & Power 2017(London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.
Cyber Security Summit Los Angeles(Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.