2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
December 4, 2018.
By The CyberWire Staff
The Czech BIS counterintelligence service yesterday attributed last year's cyberattacks on the Foreign Ministry to Russia's GRU (a.k.a. Fancy Bear) (Reuters).
Quora, the widely used question-and-answer site, has been breached. The attackers made away with passwords, names, email addresses, and direct messages belonging to some 100 million users. Quora discovered the breach Friday; causes remain under investigation (Ars Technica).
Marriott is not drawing good reviews for its response to the breach it disclosed last week. The hospitality chain is, for example, using the domain "email-marriott.com" to send notifications to the half-billion or so affected customers. But that domain is easily spoofed by typosquatters, and several security firms, working gratis, have preemptively registered several of the more plausible typosquatting domains (TechCrunch). Observers see a string of breaches going back to 2015, mostly involving Starwood (PYMNTS) with many missed opportunities to prevent the recent problem. A lesson being drawn is that corporate mergers and acquisitions represent a cyber danger point (Enterprise Times).
Google researchers found a privilege escalation flaw in Kubernetes. It's now patched; users should upgrade (Infosecurity Magazine).
Two scam apps, “Fitness Balance app” and “Calories Tracker app,” have been booted from Apple's App Store. The apps displayed a message telling people to keep their finger on the iOS touch ID feature, meanwhile flashing a quick payment window (likely to be unnoticed) in which the victim's fingerprint authorized payments of roughly $100 (Ars Technica).
How to Budget for Insider Threat Management, Proactively
According to a Ponemon Institute study, 34% of cybersecurity professionals said a lack of budget was a major barrier to effective insider threat management. So, how do you ask for the budget you need to proactively detect and stop insider threats? The latest guide from ObserveIT gives you the in-depth information you need to ask for a dedicated insider threat line item in your cybersecurity budget. Download The Guide to Budgeting for Insider Threat Management today.
The latest Recorded Future podcast, produced in cooperation with the CyberWire, is also up. In this episode, "Controlling online access in Yemen's war zone," we have an opportunity to learn about the role the internet has played in Yemen’s civil war, as rival factions fight to gain control of information, access, and infrastructure.
And in our new CyberWireX podcast, we offer part two of a four-part series, “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace.” Experts take a look at the impact GDPR has had since its implementation in May 2018. Joining us for "Settling in with GDPR" are Emily Mossburg from Deloitte, Caleb Barlow from IBM, and Steve Durbin from ISF. Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto, the program sponsor.
Nato accused of massing troops on Russian border(Times) Russia has accused Nato of a massive build-up of troops and heavy weaponry along its borders as tensions rise over the crisis in Ukraine. Colonel-General Alexander Fomin, Russia’s deputy defence...
NATO exercises cyber defences as threat grows(Yahoo) The activity is taking place just 50 kilometres (30 miles) from the border with Russia, seen by the West as the biggest cyber threat after a string of attacks blamed on the Kremlin. Targets have included world sports bodies, the US Democratic Party and the world chemical weapons watchdog in the Netherlands
2015 Marriott Breach: Prelude To 2018 Attack?(PYMNTS.com) Marriott International, which announced last week it was the victim of a hack in which the bad guys accessed its reservation database for Starwood properties, could have stopped the breach years earlier. According to a report in the Wall Street Journal citing cyber security specialists, the breach in which the personal information of as many […]
Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities(TrendLabs Security Intelligence Blog) We delve into the protocol security issues that may crop up from a technology perspective. The scarce awareness that we’ve observed around the current state of MQTT and CoAP can enable attackers in achieving their goals, ranging from reconnaissance and lateral movement to remote control and targeted attacks.
Jared, Kay Jewelers Parent Fixes Data Leak(KrebsOnSecurity) The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.
The Hartford snaps up MGU Y-Risk; hires team(Intelligent Insurer) US-based The Hartford has purchased Y-Risk, a managing general underwriter (MGU) specialising in the sharing and on-demand economy, from Allstar Financial Group.
Iran: 5th Cyber Defense exhibition opens in Tehran(Army Recognition) The three-day event is organized by Iran's Civil Defense Organization, aims at providing the grounds for domestic players in the field of cyber security, electronic banking, industrial control systems, electronic security, and electromagnetics to showcase their latest developments and achievements.
5 Stocks That Will Double Their Yields In 7 Years(Forbes) If you want to figure out how long it will take to double your money in an investment, you use the “Rule of 72.” But income investors can put this rule to work, too, to figure out just how quickly their dividends will pile up.
Leak site's launch shows dilemma of radical transparency(AP NEWS) A new leak website is wrestling with what to make available to the public, an illustration of the difficulty of balancing full transparency with respect for privacy in an age of mass disclosures. The site, dubbed Distributed Denial of Secrets, is aimed at capturing the cascade of leaked data coursing through the web, securing it for researchers and journalists before it disappears amid the digital churn of the internet.
Israeli firm rejects alleged connection to Khashoggi killing(AP NEWS) An Israeli company known for its sophisticated phone surveillance technology on Monday rejected accusations that its snooping software helped lead to the killing of Saudi journalist Jamal Khashoggi. The NSO Group has faced similar claims in the past that its products were used to stifle dissent in other countries. But the alleged connection to the Khashoggi killing is the most high-profile case to date, drawing new attention to the secretive company's business practices and the Israeli government's oversight of private defense contractors.
Oath agrees to pay $5M to settle charges it violated children’s privacy(TechCrunch) TechCrunch’s Verizon-owned parent, Oath, an ad tech division made from the merging of AOL and Yahoo, has agreed to pay around $5 million to settle charges that it violated a federal children’s privacy law. The penalty is said to be the largest ever issued under COPPA. The New York Times…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2019 Securing New Ground(New York, New York, USA, October 29 - 30, 2019) The Security Industry Association (SIA) carefully curates topics and speakers for this two-day conference with the goal of inspiring our fellow leaders in the security about the potential of the global...
Securing Digital ID 2018(Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...
First Annual Maryland InfraGard Cybersecurity Conference(College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...
International Cyber Risk Management Conference(Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...
2018 Cloud Security Alliance Congress(Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...
Wall Street Journal Pro CyberSecurity Executive Forum(New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...
National Cyber League Fall Season(Chevy Chase, Maryland, USA, December 15, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.