Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
November 27, 2017.
By The CyberWire Staff
A group of anti-ISIS Muslim hacktivists, "Daeshgram," has succeeded in breaking into ISIS news agency Amaq, and introducing fake news into Amaq's sites. Their goal, they say, is to contribute to the discrediting of ISIS by flooding Amaq users with bogus and scandalous, yet plausible, content. They have attempted to craft the fake news for believability (announcements that an ISIS radio station had been destroyed in an airstrike, things like that). ISIS handed Daeshgram a victory when it told followers not to trust links presented in Amaq.
ISIS struck a Sufi mosque in Egypt over the weekend, killing more than 300 worshippers, many of them children. An attack on a mosque is unusual for the terrorist group, but they've been denouncing Sufism online for some time.
Observers note with misgivings an increase in North Korean university training on blockchain technology. Recorded Future, for example, dismisses the notion that this is an innocent intellectual trend. Most see the training as a harbinger of more attempts to loot Bitcoin and other cryptocurrencies on behalf of the Pyongyang regime. Criminal interest in cryptocurrency theft is rising across the board. The SANS Institute has been blogging about an increase in scans for Bitcoin and Ethereum wallets.
Imgur, the image-sharing service, disclosed Friday that it had been hacked in 2014, losing some 1.7 million email addresses and passwords, probably to brute-forcing. Researcher Troy Hunt discovered the breach on Thursday and immediately informed Imgur. Their swift disclosure is being widely commended. (Detection, of course, was slow.)
Today's issue includes events affecting Australia, Egypt, European Union, India, Democratic Peoples Republic of Korea, Republic of Korea, Oman, Pakistan, Russia, Saudi Arabia, United Kingdom, United States.
Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it. getleftofboom.com
Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).
Earn a master’s degree in cybersecurity from SANS(Online, December 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, December 21st, at 12:00pm noon ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
Ransomware surges again, as cybercrime-as-a-service becomes mainstream for crooks zdnet(Science and Technology) Purchase cybercrime-as-a-advantage apparatus championing intimidation much as malware and DDoS is no yearner upright something championing small equable or ambitious hackers digital image file. Organized crook pack are enchanting work of these help as the clandestine crook scene at to beautify another professionalised and fully fledged.
Should Uber Users be Worried About Data Hack?(Security Week) The theft of the personal data of 57 million Uber riders and drivers highlights how vulnerable we make ourselves when we install apps on our mobile phones and tablet computers.
Name+DOB+SSN=FAFSA Data Gold Mine(KrebsOnSecurity) KrebsOnSecurity has sought to call attention to online services which expose sensitive consumer data if the user knows a handful of static details about a person that are broadly for sale in the cybercrime underground, such as name, date of birth, and Social Security Number. Perhaps the most eye-opening example of this is on display at fafsa.ed.gov, the Web site set up by the U.S. Department of Education for anyone interested in applying for federal student financial aid.
YouTube adverts fund paedophile habits(Times) Some of the world’s biggest brands are advertising on YouTube videos showing scantily clad children that have attracted comments from hundreds of paedophiles, The Times can reveal. BT, Adidas...
Finally, India is gearing up to face cyber security threats(The Economic Times) Almost half of IT decision makers around the world, including India, still believe that business executives are not making cybersecurity a significant enough priority or focus, according to a survey by cyber security solutions provider Fortinet.
Could the Army identify bad guys by their gait?(C4ISRNET) A team at the U.S. Army Communications-Electronics Research, Development and Engineering Center (CERDEC) wants to take biometric data — from fingerprints to how someone walks and beyond — to the battlefield.
Schools Are Training Students to Be Cyber Sleuths(Education Week - Curriculum Matters) With a growing field and a dearth of skilled workers to fill available jobs, it's little wonder there's a push to get middle and high school students into cybersecurity training.
Legislation, Policy, and Regulation
Deterring Cyberattacks(Foreign Affairs) For years, the United States has failed to devise a strategy to deter or respond to cyberattacks. In the future, it must communicate what behavior is acceptable and what is not—and what Washington will do about it.
NSA Internet Surveillance Under Section 702 Violates the First Amendment(Electronic Frontier Foundation) The First Amendment is too often overlooked in discussions of the National Security Agency’s vast surveillance authorities. But as Congress considers whether to reauthorize Section 702 of FISA this winter, we must remember that it’s not just our Fourth Amendment rights to privacy that are in...
States turning to insurance for cyber attacks(The Quad-City Times) Cyber attacks on government agencies — like the recent event where hackers gained access to Iowa’s public employee pension accounts, stealing hundreds of thousands of dollars —
Uber in Legal Cross-Hairs Over Hack Cover-Up(The Bull) Two US states said Wednesday they are investigating Uber's cover-up of a hack at the ride-sharing giant that compromised the personal information of 57 million users and drivers.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
AutoMobility LA(Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.
CyberCon 2017: Beyond Cybersecurity(Pentagon City, Virginia, USA, November 28, 2017) The cyber front is about more than just security. Defending in cyberspace takes a holistic approach, encompassing technology, policy and people. That’s why we’re bringing together military, intelligence...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...
INsecurity(National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...
Cyber Security, Oil, Gas & Power 2017(London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.
Cyber Security Summit Los Angeles(Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...
cyberSecure(New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...
Hackers Challenge(New York, New York, USA, December 6, 2017) Welcome to the Hackers Challenge - a must-attend event for IT security professionals across all industries. Radware and Cisco invite experienced hackers to attack the cyber-defense of a website within...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.