Olympic officials have confirmed that the winter games' official website was hacked during the opening ceremonies and remained unavailable for some twelve hours. A Pyeongchang 2018 spokesperson said the incident was a cyberattack and suggested that they know who was responsible. "In line with best practice," however, they will not yet offer any attribution. Tabloid speculation calls out the Russian mob and discerns a conventional criminal motive, but it's far too early to credit any snap judgment about cause and motivation.
Researchers over the weekend found cryptojacking on government websites in the UK, the US, and Australia. The miner, CoinHive, was apparently introduced through an accessibility plug-in, Browsealoud, developed by the British firm Texthelp. Texthelp confirms the compromise and is investigating.
The Sacramento Bee has decided to delete its (legally obtained) California voter database rather than pay extortionists to decrypt it.
IBM has issued patches for Spectre and Meltdown, and warned of a Lotus Notes bug.
Belgian police have released decryption keys for Cryakl ransomware on the No More Ransom site.
The CIA says reports it gave $100 thousand to a Russian informant as a downpayment on a million dollars promised for discreditable kompromat on President Trump are a crock (that is, "patently false"). This very odd and still developing story derives mostly from reports in the New York Times and the Intercept; the alleged transaction is said to be part of an operation to recover stolen classified information, which is itself at least as odd as any alleged kompromat.
Getting a leg up on your adversary – cyber espionage, cyber crime, or hacktivism – is no easy feat. You need strategic intelligence…from the experts. But what makes intelligence strategic? Learn more in LookingGlass’ webinar featuring the experts. Join our Sr. Directors of Research and Analysis Jonathan Tomek and Olga Polishchuk on February 21 @ 2PM ET for a discussion covering what security teams need to proactively defend against your next cyber attack. Sign up now!
ON THE PODCAST
In today's podcast we talk with our partners at Terbium Labs. Director of Analysis Emily Wilson offers a dark web scorecard on the 2018 Olympics and the 2018 elections, specifically addressing how matters stand in comparison with the last round of games and voting.
Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28(Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com
Compete to win prize money plus the chance to be DataTribe’s next big investment(Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.
Government websites hijacked by cryptomining plugin(Graham Cluley) More than 4000 websites, including many belonging to governments around the world, were hijacked this weekend by hackers who managed to plant Coinhive cryptocurrency-mining code designed to exploit the resources of visiting computers.
Domain Theft Strands Thousands of Web Sites(KrebsOnSecurity) Newtek Business Services Corp. [NASDAQ:NEWT], a Web services conglomerate that operates more than 100,000 business Web sites and some 40,000 managed technology accounts, had several of its core domain names stolen over the weekend.
Uh-oh. How just inserting a USB drive can pwn a Linux box(HOTforSecurity) Remember the notorious Stuxnet worm? It was a highly-sophisticated piece of malware - developed by the United States and Israeli intelligence - which targeted Iran's Natanz uranium enrichment facility. One of the things which made Stuxnet so notable was that it... #kdeplasma #linux #malware
Buffett's Business Wire now 'stable' after cyber attack(Reuters) Business Wire, the corporate news release distributor owned by Warren Buffett's Berkshire Hathaway Inc, on Friday said it had fended off a cyber attack designed to disable it, and that its system was now "stable."
DDoS Extortion and Attack Techniques(BankInfo Security) DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What
Lockheed gets extension on cyber range work(Washington Technology) Lockheed Martin will continue to support the National Cyber Range as the Defense Department continues to develop a larger and broader multiple award contract.
Zerodium Offers $45,000 for Linux 0-Days(Security Week) Hackers willing to find unpatched vulnerabilities in the Linux operating system and report them to exploit acquisition firm Zerodium can earn up to $45,000 for their findings, the company announced on Thursday.
King Mill to get new life with plans for 250 apartments on the horizon(WRDW) Work continues at Sibley Mill to create what they're calling Augusta Cyberworks, a cyber tech campus with a data center and office spaces. The same developer at Sibley Mill has just bought the even larger King Mill right next door. They have plans to turn that old mill into apartments.
Five smart TVs tested for security, privacy issues(Help Net Security) Consumer Union, a US-based nonprofit organization dedicated to unbiased product testing, has conducted a privacy and security evaluation of five smart TVs from the most widely sold TV brands in the US.
Parity Technologies engages Trail of Bits(Security Boulevard) We’re helping Parity Technologies secure their Ethereum client. We’ll begin by auditing their codebase, and look forward to publishing results and the knowledge we gained in the future. Parity Technologies combines cryptography, cellular systems, peer-to-peer technology and decentralized consensus to solve the problems that have gone unaddressed by conventional server-client architecture. Their Ethereum client is designed for
Why Is Blockchain Technology The Perfect Fit For IP Exchange? | TechBullion(TechBullion) The bold push for blockchain technology and cryptography by Satoshi Nakamoto in 2008 when he invented the cryptocurrency; Bitcoin, has brought on a wave of solutions to problems in different fields from fashion to finance and luxury shopping. It’s a whole new world for anyone looking to leverage the inherent security of blockchain technology and […]
The Immorality of Bad Software Design(Weekly Standard) You surely saw the news: At 8:07 on January 13, a quiet Saturday morning in Honolulu, Hawaii’s Emergency Management Agency sent out to a million cell phones a text that read, “BALLISTIC MISSILE THREAT INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL.”
Deterring Cyberattacks(Foreign Affairs) For years, the United States has failed to devise a strategy to deter or respond to cyberattacks. In the future, it must communicate what behavior is acceptable and what is not—and what Washington will do about it.
Bill In US Senate Calls For Cryptocurrency Terror Threat Assessment(ETHNews.com) A bill currently in the US Senate would call on federal personnel, including from the Department of Homeland Security, to develop and share with other law enforcement bodies a threat assessment describing how cryptocurrencies could be used to support terrorist activity.
Why Amazon, Apple, Facebook, and Google Need to Be Disrupted(Esquire) Four companies dominate our daily lives unlike any other in human history: Amazon, Apple, Facebook, and Google. We love our nifty phones and just-a-click-away services, but these behemoths enjoy unfettered economic domination and hoard riches on a scale not seen since the monopolies of the gilded age. The only logical conclusion? We must bust up big tech.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Security Summit: Silicon Valley(San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.
Security Titans(Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...
CyberThreat 18(Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...
Midlands Cyber: US Cyber Market Workshop(Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...
European Cybersecurity Forum – CYBERSEC Brussels(Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
The Cyber Security Summit: Atlanta(Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
PrivacyCon 2018(Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...
SINET ITSEF 2018(Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...
PCI Security Standards Council Middle East and Africa Forum(Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...
SecureWorld Boston(Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber 9-12(Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
3rd Annual Billington International Cybersecurity Summit(Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...
Infosecurity Magazine North America Virtual Conference(Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...
The Cyber Security Summit: Denver(Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Women in CyberSecurity 2018(Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.