skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

Uber disclosed late yesterday that it was breached by two hacker-extortionists in October 2016. The ride-service says that 57 million individuals were affected. Riders' names, email addresses and mobile phone numbers were lost, and 600 thousand drivers' names and license numbers were also exposed. User information was lost in many countries around the world; the affected drivers appear to have all worked in the US. Uber is reported to have paid the hackers $100,000 to delete the data and keep quiet about the whole thing.

The breach is said to be traceable to stolen credentials. Bloomberg and others report that the hackers got credentials from a private GitHub site Uber software developers used, and then employed those credentials to access data stored in an Amazon Web Services (AWS) bucket.

The incident and its cover-up were discovered in the course of an investigation of Uber's security team which the company's board commissioned this fall. Uber's CEO, Dara Khosrowshahi, who's been in the job since this September, said in a statement that he'd just learned of the incident, that Uber intended to do better, and that two executives responsible for handling the security incident are no longer with the company. Bloomberg reports that one of the two is CSO Joe Sullivan, a former US Federal prosecutor who joined Uber in 2015 from Facebook. Uber faces a great deal of scrutiny and litigation: the New York State Attorney General has already announced it's opened an inquiry.

HP plans to patch printer vulnerabilities soon.

Notes.

Today's issue includes events affecting Brazil, China, European Union, France, Iran, Israel, Russia, Saudi Arabia, United Kingdom, United States.

A note to our readers: as we observe the Thanksgiving holiday here in the US, we'll be refraining from publishing both our Daily News Briefing and our Daily Podcast this Thursday and Friday. The Week that Was will be up as usual Sunday evening, and our Research Saturday Podcast will also appear as expected on November 25th. We resume normal publication of the Daily News Briefing and the Daily Podcast on Monday, November 27th. Until then, to all our readers and listeners in the US, enjoy Thanksgiving.

Your cyber security posture is right of boom.

Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com

Our podcasts this Thanksgiving week feature something a bit different: extended interviews with cybersecurity thought-leaders. Today we hear from Tiffany Li, resident fellow at Yale Law School and the Information Society Project. We discuss artificial intelligence and the right to be forgotten in the context of EU law and the GDPR.

Research Saturday this week will feature a conversation about the Terdot banking Trojan with Bitdefender's Bogdan Botezatu.

Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Cyber Attacks, Threats, and Vulnerabilities

Uber Paid Hackers to Delete Stolen Data on 57 Million People (Bloomberg.com) Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

Uber Hacked: Information of 57 Million Users Accessed in Covered-Up Breach (Security Week) Uber covered up massive hack in 2016 for more than a year

Uber Paid Off Hackers to Hide a 57-Million User Data Breach (WIRED) The ridesharing service's latest scandal combines routine security negligence with an "appalling" coverup.

Uber data breach from 2016 affected 57 million riders and drivers (TechCrunch) Uber faced a data breach in 2016 that affected some 57 million customers, including both riders and drivers, revealing their names, email address and phone..

Uber admits hiding huge data breach (Computing) Over 57 million clients and staff affected by concealed hack

Uber Paid Hackers $100,000 to Cover Up a Breach Impacting 57 Million Customers (Motherboard) In addition to being yet another public relations nightmare for Uber, the way the company handled the breach might be in violation of data breach disclosure laws.

Uber Supposedly Paid Hackers $100,000 to Keep Quiet About a 2016 Data Breach (BleepingComputer) Uber confirmed that hackers breached some part of its network in October 2016 and made off with personal data for 50 million users and 7 million drivers.

Analysis | Would cyberattacks be likely in a U.S.-North Korea conflict? Here’s what we know. (Washington Post) Pyongyang has a track record of increasingly daring cyberattacks.

Saudi Arabia claims it was hit with cyber espionage attack that also targeted Israel (haaretz.com) Saudi's cyber officials say that they are among five Middle Eastern countries targeted in cyberattack attributed to 'MuddyWater' group

The State Department's Fumbled Fight Against Russian Propaganda (WIRED) Former staffers of the State Department's Global Engagement Center, tasked with fighting propaganda, say that 'administrative incompetence' has hamstrung efforts.

I Unknowingly Went to a Trump Protest Organized by Russian Agents (Motherboard) My understanding of protests changed after recently discovering the origins of a “Not My President” march I attended a few days after Trump’s election.

US-CERT warning over security vulnerabilities found in Apple MacOS and iOS (Computing) Security researchers have found dozen of vulnerabilities affecting iOS and MacOS

macOS Malware Spread Via Fake Symantec Blog (Security Week) A newly observed variant of the macOS-targeting Proton malware is spreading through a blog spoofing that of legitimate security company Symantec.

U.S. government warns businesses about cyber bug in Intel chips (Reuters) The U.S. government on Tuesday urged businesses to act on an Intel Corp alert about security flaws in widely used computer chips as industry researchers scrambled to understand the impact of the newly disclosed vulnerability.

Critical Flaws in Intel Processors Leave Millions of PCs Vulnerable (The Hacker News) Intel Patches Critical Flaws in Its Processors that Left Millions of PCs Vulnerable

Code Execution Flaw Found in HP Enterprise Printers (Security Week) Researchers have found a potentially serious remote code execution vulnerability in some of HP’s enterprise printers. The vendor claims to have already developed a patch that will be made available to customers sometime this week.

qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware (TrendLabs Security Intelligence Blog) We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A).

Cobalt Hackers Now Targeting Banks Directly (Security Week) The notorious Cobalt hackers have shown a change in tactics recently, switching their attacks to targeting banks themselves, instead of bank customers, Trend Micro reports.

Top Sites Expose Visitors to Breaches by Tracking Keystrokes (Infosecurity Magazine) Top Sites Expose Visitors to Breaches by Tracking Keystrokes. Princeton researchers find privacy and security concerns in use of session replay scripts

Google collects Android location data even if location service is off (HackRead) Smartphones are fun to use, but what if someone is watching every step you take and collecting data of wherever you go? That is what Google has been up to.

Samsung Pay Leaks Mobile Device Information (Dark Reading) Researcher at Black Hat Europe will show how Samsung Pay's security falls short and ways attackers could potentially bypass it.

Microsoft warns: Bogus Apple, Windows tech support sites open your phone app (ZDNet) Tech-support scam sites now contain click-to-call to "help" victims more easily contact their sham hotlines.

Stuxnet’s Footprint in Memory with Volatility 2.0 (Penetration Testing Experts) We’ll examine Stuxnet’s footprint in memory using Volatility 2.0. A talk was given at Open Memory Forensics Workshop on this topic (see the online Prezi) and the details will be shared here for anyone who missed it. I picked this topic for two reasons. First, Stuxnet modifies an infected system in such ways that are …

Microsoft Warns of Late-Year Spike in Office Threats (eWEEK) Attackers are using a handful of recent Office vulnerabilities and sophisticated techniques to slip through antivirus defenses and infect PCs.

Internet Wide Ethereum JSON-RPC Scans (SANS Internet Storm Center) Ethereum is certainly getting a lot of press this year, and with this, we also see the bad guys spending more effort to steal the shiny fresh off the digital mint crypto coins.

Final Version of 2017 OWASP Top 10 Released (Security Week) The final version of the 2017 OWASP Top 10 was released on Monday and some types of vulnerabilities that don’t longer represent a serious risk have been replaced with issues that are more likely to pose a significant threat.

New OWASP Top 10 List Includes Three New Web Vulns (Dark Reading) But dropping cross-site request forgeries from list is a mistake, some analysts say.

Has Everyone Really Been Hacked? (Security Week) There is little doubt that fear sells security products, hikes law enforcements agency (LEA) budgets and sells newspapers.

Police say everyone in UK has been hacked – Expert says not quite (Security Brief) UK's Police representatives have revealed virtually everyone in the country has been hacked, however, High-Tech Bridge's CEO disagrees.

Look Out! Black Friday Phishing and Cyber Attack Monday (Barracuda) Big Brands and Bonus Bucks Gift Cards: Cybercriminals launching widespread phishing campaigns spoofing popular brands aimed to steal your information.

Black Friday: When is a deal too good to be true? (Help Net Security) If you're shopping online, here's a few tips from PhishMe to keep in mind to make sure you avoid Black Friday cyber scams.

Cyber Monday Alert: Half of American Consumers Unable to Determine Safety of Online Shopping Sites, New Survey Finds (Business Insider) With Cyber Monday just days away – the official start of the busiest online shopping month of the year – a new survey of American consumers finds that only half think they can determine the safety and legitimacy of online shopping sites and 35% claim to have stopped an online purchase because of security fears.

Experts share how to protect identity, financial info during holiday shopping season (Fox 59) With the holiday shopping season just around the corner, experts say it’s important to keep an eye out for potential scams and attempts by thieves to gain control over your identity and financial information.

Why you don't need an RFID-blocking wallet (CSO Online) RFID wallets, sleeves and clothing are security snake oil. You don't need RFID protection because there is no RFID crime.

Security Patches, Mitigations, and Software Updates

Intel Patches Management Engine for Critical Vulnerabilities (eWEEK) A pair of security researchers found flaws in Intel's Management Engine that could have potentially enabled an attacker to execute arbitrary code without detection.

Patch on way 'this week' for HP printer vulns (Register) RCE? Check. Clear passwords? Check. Interfere with print jobs? Check

Cyber Trends

As unencrypted data becomes “negligence”, business leaders are taking encryption strategy away from IT (CSO) Business executives are increasingly recognising that unencrypted data represents a governance shortcoming tantamount to “negligence”, one Australian security innovator has warned as figures suggest that business unit leaders now have more influence over corporate encryption strategies than IT leaders.

Linus Torvalds: Some security folks can't be trusted to do sane things (CSO Online) Proposed changes to version 4.15 of the Linux kernel resulted in Linux creator Linus Torvalds going on a profanity-laced rant about security professionals.

Threat Predictions for Connected Life in 2018 (Securelist) Every year, Kaspersky Lab’s experts look at the main cyberthreats facing connected businesses over the coming 12 months, based on the trends seen during the year. For 2018, we decided to extract some top predictions that also have big implications for everyday connected life.

Marketplace

Israeli IoT cybersecurity co SCADAfence raises $10m - Globes English (Globes) The Tel Aviv based company provides cybersecurity systems for industrial operational technology (OT) networks.

Palo Alto Networks Growing Revenue from Both New and Updated Services (eSecurity Planet) Palo Alto Networks Growing Revenue from Both New and Updated Services

Meg Whitman steps down as HPE CEO, shares tumble (Computing) Whitman's six-year tenure saw HP split into four separate businesses

Silent Circle Appoints Andy Meister, CISSP as Vice President of Engineering (BusinessWire) Silent Circle today announced the addition of cybersecurity professional, Andy Meister, as the company’s Vice President of Engineering.

Products, Services, and Solutions

Amazon’s New ‘Secret Region’ Promises Easier Sharing of Classified Data (Defense One) CIA info chief says the intelligence community has been eager for a way to put secret-level data in a secure cloud.

The First AI-driven Solution for SAP Cybersecurity (PRNewswire) ERPScan, the most innovative ERP cybersecurity provider, announces the...

VIPRE Announces Launch of VIPRE Endpoint Security - Cloud Edition (VIPRE) VIPRE Security today announced the launch of VIPRE Endpoint Security - Cloud Edition, an innovative endpoint security cloud solution for small and medium-sized businesses (SMBs).

Cybertrust Japan Selects CryptoManager IoT Security Service from Rambus (BusinessWire) Cybertrust Japan selects Rambus CryptoManager IoT Security Service to provide enhanced protection for new IoT platform.

Tanium and Intelligence Services Group Partner to Deliver Unique Security Capability (PRNewswire) Tanium, the revolutionary and...

Tech company alliance gives critical infrastructure cybersecurity a boost (Fifth Domain) Defense contractor Raytheon and digital communications MetTel are collaborating with the aim to bake cybersecurity into government telecom modernization.

Kaspersky Lab: Friend or Foe? (Legal Talk Network) David Ries talks about whether Kaspersky Lab is safe for lawyers to use, diving into where the controversy started and what the results have been so far.

Keeper Launches Version 11 of its Flagship Consumer Password Manager (Business Insider) Keeper Security, Inc., the world's leading password manager and secure digital vault, today announced the release of its newest update for Keeper Unlimited.

Booz Allen-NVIDIA Team to Develop AI Training Program for Federal Employees (ExecutiveBiz) Booz Allen Hamilton will team up with NVIDIA to establish a hands-on training program designed to help federal employees hone their artificial intelligence skills...

Sophisticated industrial network monitoring without connectivity risks (Help Net Security) SecurityMatters and Waterfall Security Solutions announced a global partnership to protect industrial control systems from the most advanced cyber threats.

Technologies, Techniques, and Standards

Defining and securing the Internet of Things (Help Net Security) A new ENISA survey serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.

Ready for more secure authentication? Try these password alternatives and enhancements (CSO Online) Password-only authentication is dead. Combine passwords with multifactor authentication, social login, biometrics, or risk-based authentication to better protect users and your reputation.

A vulnerability by any other name (Hi, I'm Alex) Heartbleed, POODLE, Shellshock. Giving vulnerabilities names may be controversial, but there's no doubt it's effective.

Army Looks To Replace $6 Billion Battlefield Network After Finding It Vulnerable (Foreign Policy) Hailed as a transformation in battlefield communications, the WIN-T program can’t stand up to foes versed in sophisticated electronic warfare.

Brazilian Armed Forces Summit Aligns Electronic Warfare Knowledge (Dialogo Americas) The Brazilian Ministry of Defense sponsors the annual event that brings together service members from the Army, Navy, and Air Force, as well as civilian experts to promote interoperability and capacity building in the field of electronic warfare.

Insurers Can Protect Ratings with Cautious Approach to Cyber Risk: Fitch (Insurance Journal) The influence of cyber risk on insurer ratings is likely to be neutral or gradual as long as insurers continue take a cautious approach to the business, ac

Cybersecurity resources and tips for journalists and news media (WeLiveSecurity) Journalists and news media outlets face many issues on a daily basis and having cybersecurity resources and contacts at hand can make a huge difference.

The Definitive Guide to Sharing Threat Intelligence (Infosecurity Magazine) Download this whitepaper to learn the main points for consideration in regards to sharing threat intelligence.

Design and Innovation

Buggy Whips and Segways: Historical Misinnovation in National Security and Intelligence Technology (War on the Rocks) In the 1991 film Other Peoples’ Money, Danny DeVito plays Lawrence Garfield, a corporate raider hell-bent on acquiring and dismantling a cable-and-wire man

BlackBerry’s seven recommendations for a more secure smart car (IT World Canada) As cars get smarter and more connected, they are equipped with more mechanisms that can be targeted in cyberattacks, like infotainment systems

Cybersecurity Entrepreneur Wants AI to Make the Web a Nicer Place (CTECH) Israeli cybersecurity entrepreneur Idan Plotnik says that fixing the way we behave online is his “life’s mission”

Research and Development

Argonne scientists capture several R&D 100 Awards (EurekAlert!) Innovative technologies developed by researchers at the U.S. Department of Energy's (DOE) Argonne National Laboratory recently earned several R&D 100 Awards.

Legislation, Policy, and Regulation

US Senate takes aim at “warrantless surveillance” (Naked Security) The proposal would put curbs on Section 702, but will it pass?

Booz Allen-NVIDIA Team to Develop AI Training Program for Federal Employees (ExecutiveBiz) Booz Allen Hamilton will team up with NVIDIA to establish a hands-on training program designed to help federal employees hone their artificial intelligence skills, Nextgov reported Monday. The NVIDIA Deep Learning Institute and Booz Allen team aims to launch the program in early 2018 to help employees understand the basics of emerging technologies and create...

FCC chairman sets out to repeal ‘net neutrality’ rules (Maryland Daily Record) Federal Communications Commission Chairman Ajit Pai on Tuesday followed through on his pledge to repeal 2015 regulations designed to ensure that internet service providers treat all on…

FCC will also order states to scrap plans for their own net neutrality laws (Ars Technica) Double win for ISPs: No more net neutrality, and state laws will be preempted.

Senator Schatz on net neutrality: “This has to be a real political movement” (TechCrunch) Following the news yesterday morning that the FCC will be voting on the proposal to kill net neutrality come December 14, officials and advocacy organizations..

Ex-Facebook privacy manager dishes the dirt on your data (Naked Security) “Lawmakers shouldn’t allow Facebook to regulate itself. Because it won’t.”

Opinion | We Can’t Trust Facebook to Regulate Itself (New York Times) It has no incentive to do so. I would know — I worked there.

Facebook (still) lets housing advertisers exclude users by race (Ars Technica) ProPublica bought ads that excluded African-Americans, Spanish speakers, Muslims.

A Call for Greater Regulation of Digital Currencies (Dark Reading) A new report calls for international collaboration to create more transparency with virtual currencies and track money used for cybercrime.

New Cyber Civilian Corps to serve as a “volunteer fire brigade” in case of digital attack (Michigan Radio) Think for a moment of what a cyber-attack would mean for business, for government, for health care systems. Without the internet, it'd be incredibly

Vermont governor appoints 10 cybersecurity advisers (Fifth Domain) When the Republican governor announced the formation of the team last month he said that since January there had been more than 3.3 million attacks on the state’s computers, none of which were successful.

Marine Corps Sgt. Scott Stalker Assigned to Cybercom as Senior Enlisted Leader (Executive Gov) U.S. Marine Corps Master Gunnery Sgt. Scott Stalker, senior enlisted adviser for the Defense Intelli

Litigation, Investigation, and Law Enforcement

New York attorney general launches investigation of Uber’s $100,000 hack cover-up (TechCrunch) The revelation that Uber concealed a 2016 data breach affecting 57 million users and paid hackers to destroy the evidence is yet another PR nightmare for..

Skype joins list of apps on China's blacklist (Bull) Skype has apparently joined the lengthening list of internet communication tools on China's blacklist, with Apple saying Wednesday it was ordered to clear its download store of apps that violate national laws.

House Committees Get Serious in New Letter to Equifax (Security Week) The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter to Paulino Barros, the interim CEO of Equifax.

Former Blackwater chief to testify to House panel in Russia inquiry (POLITICO) Erik Prince is reported to have tried setting up secret communications between Trump and Putin.

Iranian charged in HBO hack as Congress weighs nuclear pact (POLITICO) The indictment comes amid allegations the charges were rushed to bolster Trump's case against Tehran.

Alleged Hacker Who Stole 'Game of Thrones,' Other HBO Shows Indicted (New York Law Journal) According to prosecutors the Iranian national formerly worked for the military before hacking HBO's network and then attempting to ransom the company' shows and information for $6 million.

Feds Indict Iranian for HBO Hack—But Good Luck Arresting Him (WIRED) Months after tormenting HBO with the release of unaired episodes and Game of Thrones spoilers, the alleged hacker has been indicted.

French police detain Russia's 'secret oligarch' in Nice (Deutsche Welle) Russian lawmaker Suleiman Kerimov, dubbed the "secret oligarch," has been taken into police custody in southern France. Russia's embassy has extended "all possible assistance" to the billionaire senator.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Hackers Challenge (New York, New York, USA, December 6, 2017) Welcome to the Hackers Challenge - a must-attend event for IT security professionals across all industries. Radware and Cisco invite experienced hackers to attack the cyber-defense of a website within...

Upcoming Events

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

CyberCon 2017: Beyond Cybersecurity (Pentagon City, Virginia, USA, November 28, 2017) The cyber front is about more than just security. Defending in cyberspace takes a holistic approach, encompassing technology, policy and people. That’s why we’re bringing together military, intelligence...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive...

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government...

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.