Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
January 10, 2018.
By The CyberWire Staff
Iran's Internet crackdown continues. It's not just the blocking and censorship of the filternet, but online control extends to active surveillance and offensive cyber operations against Iranian citizens.
Turla, which has never really gone away, is back with more sophisticated and elusive exploits against consular and ambassadorial targets. The cyber espionage group, one of the organs of Russian intelligence, is active for the most part against the Near Abroad: former Soviet Republics. It has appeared, however, in operations against more far-flung targets. Turla has been recently observed using a Flash installer to infect targets. The downloads appear to come from legitimate sites.
The US has accused Russia of undertaking a large information campaign aimed at influencing Mexico's 2018 national elections.
The still-unattributed cyber offensive targeting South Korean companies during the run-up to the Pyeongchang Winter Olympics appears to depend upon effective timing and compelling phishbait, that is, on good social engineering as opposed to technically sweet hacking.
A new mobile banking Trojan, FakeBank, has appeared in Russia. The criminals behind it are afflicting customers of Sberbank, Letobank, and VTB24. FakeBank is distinguished by its sophisticated use of multiple layers of obfuscation.
Patch Tuesday saw Microsoft fix fifty-six security issues. Redmond addressed not only Spectre and Meltdown, but also a zero-day in the Office Equation Editor.
If you're thinking of downloading a flashlight app for your Android phone, don't. Too many of them are malicious, and it's not worth the risk. Get a cheap LED light for your (physical) keychain instead.
The board and cyber-risk oversight: Crown Jewels Risk Assessments.
Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.
Aadhaar breaches fuelled by rogue admin accounts(Naked Security) Not long ago trumpeted as the world’s largest biometric database, India’s Aadhaar system covering 1.2bn citizens is rapidly acquiring a less impressive reputation as the easiest to breach.
New Mobile Malware Uses Layered Obfuscation and Targets Russian Banks(TrendLabs Security Intelligence Blog) Last year, we saw the Fanta SDK malware target Russian bank Sberbank users and employ unique defensive measures. Now, another bank malware family has appeared, targeting even more Russian banks while using new and evolved obfuscation techniques. This family is named FakeBank, and so far the related samples we have collected number in the thousands. These samples show that the malware targets not only Sberbank, but also other Russian banks like Letobank and the VTB24 bank.
‘LightsOut’: Malicious Flashlights Apps On Google Play - Information Security Buzz(Information Security Buzz) If you’re thinking of downloading a handy flashlight app for your phone, beware: Check Point researchers have detected a new type of adware roaming Google Play, the official app store of Google, hidden in 22 different flashlight and utility apps. Dubbed ‘LightsOut’, the adware code reached a spread of between 1.5 million and 7.5 million …
Security Patches, Mitigations, and Software Updates
Microsoft’s Jan. 2018 Patch Tuesday Lowdown(KrebsOnSecurity) Microsoft on Tuesday released 14 security updates, including fixes for the Spectre and Meltdown flaws detailed last week, as well as a zero-day vulnerability in Microsoft Office that is being exploited in the wild. Separately, Adobe pushed a security update to its Flash Player software.
Apple Adds Spectre Protections to Safari, WebKit(Security Week) Updates released by Apple on Monday for iOS, macOS and Safari should mitigate the effects of the vulnerabilities exploited by the recently disclosed attack method named Spectre.
Air Force Eyes Software Task Order Award to Raytheon-Led Cyber Venture(ExecutiveBiz) The U.S. Air Force has announced its plan to award a task order to Forcepoint to provide a software platform for the service’s warrior preparation center. Raytheon operates Forcepoint as a cybersecurity joint venture with investment firm Vista Equity Partners. A FedBizOpps notice posted Monday says the Air Force Europe’s WPC will use the Trusted Thin Client software offering to enable exercise...
5 of the best antivirus with free VPN(Windows Report) Are you interested in an Antivirus with free VPN? Or maybe you prefer security combined with anonymousity while surfing the web. Look no further, this …
What the Haven app shows us about the value of Open Source(CSO) Christmas may have come a few days early this past December for security advocates with the introduction of the Haven app, bringing with it a fair amount of excitement, criticism, and an excellent opportunity to explore some of the less often discussed aspects of working with open source.
Pelosi — lead fight to block government spying on Americans(San Francisco Chronicle) The U.S. House of Representatives could soon vote to do something truly historic and deeply dangerous: authorize the warrantless surveillance of Americans. That’s unless Democratic leaders — starting with House Minority Leader Nancy Pelosi — speak out.
FBI chief calls unbreakable encryption 'urgent public safety issue'(Reuters) The inability of law enforcement authorities to access data from electronic devices due to powerful encryption is an "urgent public safety issue," FBI Director Christopher Wray said on Tuesday as he sought to renew a contentious debate over privacy and security.
VTech Announces Settlement with the US Federal Trade Commission on Cyber Attack Incident(AsiaOne) VTech Holdings Limited (VTech, HKSE: 303) announced that its wholly owned subsidiaries, VTech Electronics Limited and VTech Electronics North America, L.L.C., have reached a settlement with the US Federal Trade Commission (FTC) to resolve an investigation of a cyber attack in 2015 and certain technical issues involving notice and consent under the Children's Online Privacy Protection Act (COPPA). Although VTech has agreed to this settlement to address these long-resolved issues, VTech does not admit any violations of law or liability.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
DistribuTECH(San Antonio, Texas, USA, January 23 - 25, 2018) The 15-track conference brings industry thought leaders from all over the world opportunities to network, share knowledge and problem solve with worldwide utilities and product and service providers. Among...
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
ATARC Federal CISO Summit(Washington, DC, USA, January 25, 2018) This educational, one-day symposium will discuss the security challenges faced by Federal Chief Information Security Officers and examine the lessons learned and best practices used to secure the information...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.