2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
August 24, 2018.
By The CyberWire Staff
FireEye said that YouTube was also infested with Iranian front accounts, and yesterday Google took action to terminate "dozens" of them. They were channels for the Islamic Republic of Iran Broadcasting, the state-run media outlet that's been under US sanctions since 2013.
The Secureworks Counter Threat Unit this morning reported its discovery of "COBALT DICKENS," an extensive Iranian credential stealing campaign that targeted universities across sixteen domains with more than 300 spoofed pages in fourteen countries.
The Democratic Party confirmed that its phishing false alarm was produced by over-zealous, ill-conducted red-teaming by the party's Michigan wing.
Another election security own-goal was reported late yesterday in Texas, where nearly fifteen-million voter records were found in an exposed server by a New Zealand breach hunter who goes by the nom-de-hack "Flash Gordon." It's so far unknown who mishandled the data, but UpGuard suggests it may have been the Republican-leaning firm Data Trust.
US National Security Advisor Bolton is calling for Russia to knock off its attempts to influence US elections. Coincidentally or not, an Atlantic Council think-piece reminds everyone of the Panama Papers, and suggests that if you want to deter Russian cyber operations, a sound counter-value retaliatory strategy would go after the oligarch's bank accounts.
China promises trade retaliation against Australia for excluding Huawei and ZTE from its 5G network. Such retaliation will be a new Government's problem: Malcolm Turnbull is out as Australia's Prime Minister, replaced by Scott Morrison.
NSA alumna and leaker Reality Winner was sentenced to five years.
Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.
Cyber Security Summits: August 29 in Chicago & in NYC on September 25(Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Rapid Prototyping Event: The Chameleon and the Snake(Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
Cyber Attacks, Threats, and Vulnerabilities
Back to School: COBALT DICKENS Targets Universities(Secureworks) Despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that targeted university credentials using the same spoofing tactics as previous attacks.
Tech Giants Target Accounts Linked to Iran(Wall Street Journal) Google, Facebook and Twitter are zeroing in on Iran, scrubbing their online networks of fake accounts, videos and social-media posts by the rising cyber adversary aimed at spreading misinformation.
Kremlin spreads lies about MMR jab(Times) Kremlin-sponsored social media accounts have promoted discredited theories about the MMR jab as part of an effort to sow doubt in the West over the safety of vaccines. Russian government “trolls”...
What's In a (Threat Intelligence) Name?(Security Intelligence) A lot of things in the threat intelligence world have multiple names, and these aliases often complicate the process of researching and dealing with security threats.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Energy Tech 2018(Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
The Air Force Information Technology & Cyberpower Conference(Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection...
The Cyber Security Summit: Chicago(Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Intelligence & National Security Summit(National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will...
Cyber Resilience & Infosec Conference(Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently
9th Annual Billington CyberSecurity Summit(Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses...
SecureWorld Twin Cities(Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
2018 International Information Sharing Conference(Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.