The US Government, specifically the White House, yesterday joined the British Foreign Office in attributing last year's NotPetya pseudoransomware campaign to Russia. This was an unsurprising statement, as US officials have long regarded Russia as the prime suspect. NotPetya began with attacks in Ukraine and spread to other countries. The UK was particularly affected. Exploits leaked by the Shadow Brokers (who attributed them to NSA) were instrumental in the NotPetya attacks.
Recorded Future's research suggests that the Olympic Destroyer malware that hit the Winter Games' during the opening ceremonies was deployed in a complex, multipart operation. They also point out that circumstantial code similarities to malware known to have been developed by various nation-states, including China and North Korea, are consistent with false flag misdirection, and provide thin at best evidence of the existence of a "cyber axis of evil." Speculation about responsibility for Olympic Destroyer continues.
Aqua has published a study of how cryptocurrency miners successfully attack container environments.
Comodo's 2017 Global Malware Report observes that online advertising and digital media buys have continued to increase their role as vectors for malware distribution.
FedEx has secured an AWS S3 bucket left open (apparently inadvertently) to the Internet.
Secureworks researchers track the proliferation of SamSam ransomware. They find the criminal operators ("Gold Lowell") unusually hands-on, devoted to effective exploitation of readily available commodity attack tools.
Oracle is said to have acquired Zenedge for an undisclosed sum. VMWare's purchase of CloudCoreo is seen as a push into the cloud security market.
Getting a leg up on your adversary – cyber espionage, cyber crime, or hacktivism – is no easy feat. You need strategic intelligence…from the experts. But what makes intelligence strategic? Learn more in LookingGlass’ webinar featuring the experts. Join our Sr. Directors of Research and Analysis Jonathan Tomek and Olga Polishchuk on February 21 @ 2PM ET for a discussion covering what security teams need to proactively defend against your next cyber attack. Sign up now!
ON THE PODCAST
In today's podcast we speak with our partners at RSA, as their CTO Zulfikar Ramzan discusses the hype surrounding blockchain technology. Our guest is Jack Rhysider, producer and host of the Darknet Diaries podcast, who shares true stories from the dark side of the Internet.
Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28(Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com
Compete to win prize money plus the chance to be DataTribe’s next big investment(Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.
White House Blames Russia for 'Reckless' NotPetya Cyber Attack(US News and World Report) The White House on Thursday blamed Russia for the devastating 'NotPetya' cyber attack last year, joining the British government in condemning Moscow for unleashing a virus that crippled parts of Ukraine's infrastructure and damaged computers in countries across the globe.
Kaseya Virtual System Administrator: New Updates(eSentire Managed Detection and Response) Originally published on 2018-01-29eSentire has observed an unknown threat actor attempting to deploy a Monero cryptocurrency miner to multiple eSentire cus...
Multi-Stage Word Attack Infects Users Without Using Macros(BleepingComputer) Spam distributors are using a new technique to infect users with malware, and while this attack relies on having users open Word documents, it does not involve users having to allow the execution of macro scripts.
SAP Cyber Threat Intelligence report – February 2018(Security Boulevard) The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats. Key takeaways The first set of SAP Security Notes in 2018 consists of 26 The post SAP Cyber Threat Intelligence report – February 2018 appeared first on ERPScan.
Global Malware Report Confirms Prevalence, Role Of Advertising(Media Post) A day after the Director of National Intelligence Dan Coats released the U.S. intelligence agencies' 2018 Worldwide Threat Assessment, highlighting how digital media has become a vector for a variety
of national security threats, a new report revealed the prevalence of malicious code worldwide, as well as in the U.S.
Global Malware Report 2017(Comodo Threat Research Labs) Malicious software, or malware, refers to computer code that can be harmful to both computer systems and their users.
Why the cyber threat landscape could grow under GDPR(Information Age) The General Data Protection Regulation (GDPR) is only 3 short months away, with the incoming regulation seeing businesses across Europe and beyond bolster their cyber security in an effort to comply
Agencies Better At Cybersecurity Than Vendors, Study Says(Law360) Cybersecurity at contractors is lagging behind that of federal agencies, security ratings firm BitSight said in a report Thursday, a day after a U.S. Department of Homeland Security official revealed DHS had launched an initiative for agencies to study cybersecurity throughout their supply chains.
Intel offers to pay for Spectre-like side channel vulnerabilities(Help Net Security) Intel is raising considerably the awards it plans to give out for helpful vulnerability information, and is offering a new bug bounty program focused specifically on side channel vulnerabilities, i.e., vulnerabilities that are rooted in Intel hardware but can be exploited through software.
LinuxInsider Headlines(Linux Insider) SentinelOne this week announced a partnership with Microsoft to bolster threat protection for mixed platform users, making computing safer for Linux machines in a multiplatform workplace. SentinelOne will integrate its Endpoint Protection Platform with Microsoft's Windows Defender Advanced Threat Protection service to cover Mac and Linux device platforms.
Using the Chrome Task Manager to Find In-Browser Miners(BleepingComputer) The use of browsers to mine for digital currency is becoming a major problem. With more and more sites incorporating in-browser mining scripts such as CoinHive and web extensions injecting them into web pages, people will continue to be affected by this attack. Thankfully, we can easily detect miners using the Chrome Task Manager.
Critical Infrastructure Protection: Additional Actions Are Essential for Assessing Cybersecurity Framework Adoption(Government Accountability Office) Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors. Federal policy directs nine federal lead agencies—referred to as sector-specific agencies (SSA)—in consultation with the Department of Homeland Security and other agencies, to review the cybersecurity framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.
Cybersecurity is not something; it is everything(Brookings) Four years ago, the Obama Administration rolled out the Cybersecurity Framework from the National Institute of Standards and Technology (NIST). It has proven to be an essential and indispensable ro…
Creating a New Crime: Cyber-Harassment(New Jersey Law Journal) The inclusion of cyber-harassment in the Domestic Violence Statutes will enable victims of domestic violence to prove an act of cyber-harassment by producing the allegedly offending communication.
California man convicted of directing cyber attack against Norman business(KFOR.com) A California man was convicted on one count of directing distributed-denial-of-service(DDoS) cyber attacks against two websites owned by Oklahoma telescope retailer Astronomics in August 2016. 44-year-old David Goodyear was charged in August 2017 with attacking the websites of Astronomics, a family-owned telescope retailer in Norman.
ATM Skimmer Kingpin Escapes UK Police(BleepingComputer) In what many consider to be a monumental failure on the part of UK police, the ringleader of a notorious ATM skimming gang has escaped prosecutors and is believed to be hiding abroad, after being let out on bail.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security Titans(Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...
CyberThreat 18(Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...
Midlands Cyber: US Cyber Market Workshop(Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...
European Cybersecurity Forum – CYBERSEC Brussels(Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
The Cyber Security Summit: Atlanta(Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
PrivacyCon 2018(Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...
SINET ITSEF 2018(Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...
PCI Security Standards Council Middle East and Africa Forum(Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...
SecureWorld Boston(Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber 9-12(Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
3rd Annual Billington International Cybersecurity Summit(Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...
Infosecurity Magazine North America Virtual Conference(Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...
The Cyber Security Summit: Denver(Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Women in CyberSecurity 2018(Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
National Cyber League Spring Season(Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.