Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
January 12, 2018.
By The CyberWire Staff
F-Secure researchers have demonstrated a way to exploit Intel's Active Management Technology that enables them to bypass BIOS and BitLocker passwords. Exploitation could let an attacker take control of a device quickly (in "under thirty seconds").
IOActive and Embedi have identified one-hundred-forty-seven vulnerabilities in thirty-four mobile applications that are widely used to interact with industrial control systems.
AMD yesterday revised its estimate of how susceptible its chips are to Spectre. The company now believes they're severely affected by both Spectre vulnerabilities. AMD promises to make a patch available as soon as possible.
Intel, Microsoft, and other vendors continue to work on fixing Spectre and Meltdown. The performance penalty the patches will impose is now becoming clearer: troublesome, but less alarming than initially feared.
Security experts expect Fancy Bear to continue to make itself felt during the present Olympiad. Doxing in retaliation for drug disqualifications is thought unlikely to be the end of it.
Google ejects more malign apps from the Play Store. One, a phony Telegram app, is a spamming tool. The others—some sixty—are infected with "AdultSwine" malware that serves up indecent, graphic ads to, among others, children.
Monero miners are being installed in unpatched Oracle WebLogic servers.
Responding to public and official concerns, Facebook and Google continue to experiment with content moderation.
The US Congress considers legislation that would bar Federal contractors from using Huawei equipment.
EU officials say companies could have been fined under GDPR for Spectre and Meltdown if they'd come to light this May.
Today's issue includes events affecting Ecuador, Estonia, France, Germany, Japan, Montenegro, Russia, Turkey, Ukraine, the United Kingdom, United States, and Vietnam.
A note to our readers: On Monday we'll be observing the annual holiday in honor of Dr. Martin Luther King, Jr., and neither the Daily Briefing nor the Daily Podcast will be published. Research Saturday will be up as usual tomorrow, as will the Week that Was on Sunday. We'll return to our normal publication schedule on Tuesday, January 16th.
The board and cyber-risk oversight: Crown Jewels Risk Assessments.
Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.
Update on Pawn Storm: New Targets and Politically Motivated Campaigns(TrendLabs Security Intelligence Blog) The active espionage actor group Pawn Storm didn’t shy away from continuing their brazen attacks in the second half of 2017. Pawn Storm's attacks usually are not isolated incidents. We can often relate them to earlier attacks by carefully looking at the technical indicators and motives.
Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience(KrebsOnSecurity) KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient’s wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin. The friend said he had nothing to hide and suspects this is part of a random but well-crafted campaign to prey on men who may have a guilty conscience.
Is This The End Of Bitcoin's Ransomware Monopoly?(Information Security Buzz) News broke overnight that , a new variant of the HC7 Ransomware is in the wild that encrypts a victim’s files and appends the .PLANETARY extension to the filename. What makes this particular ransomware variant unique is that it may be the first one that accepts the Ethereum cryptocurrency as a ransom payment. Andy Norton, Director of Threat Intelligence at Lastline commented …
Intel Releases Linux CPU Microcodes To fix Meltdown & Spectre Bugs(BleepingComputer) On January 8th Intel released new Linux Processor microcode data files that can be used to mitigate the Spectre and and Meltdown vulnerabilities in Intel CPUs. Using microcodes, an operating system can fix known bugs in Intel CPU without having to perform a BIOS update on the computer.
Intel says patches can cause reboot problems in old chips(Reuters) Intel Corp on Thursday said that recently issued patches for flaws in its chips could cause computers using its older Broadwell and Haswell processors to reboot more often than normal and that Intel may need to issue updates to fix the buggy patches.
Meltdown and Spectre fallout: patching problems persist(Malwarebytes Labs) In the days since Meltdown and Spectre have been made public, we’ve tracked which elements of the design flaw, known as speculative execution, are vulnerable and how different vendors are handling the patching process.
The 2018 Eye on Privacy Report(MediaPro) The 2018 Eye on Privacy Report is now available. Download it now for details on how the average U.S. employee responds to sensitive data in real world scenarios.
Context Labs Acquires IoT ImpactLABS(Business Insider) Context Labs (CXL) announced today that it has acquired IoT ImpactLABS. The acquisition will further accelerate CXL's blockchain-based Immutably™ platform in its movement upstream in the supply chain, enabling the "Supply Chain of Everything." The acquisition will accelerate integration with IoT-connected devices, sensors and systems.
3 ways DHS is helping states with election security(FCW) A DHS official touted better relationships with state and local governments, increased information sharing and better tools as election security areas of focus before the upcoming midterm elections.
Pulses of light to encrypt data and protect security of cryptocurrencies(EurekAlert!) Data travels through thousands of miles of fiber optic cables underneath the world's oceans--via pulses of light. And according to experts, the data in these cables is at great risk of being intercepted. However, a newly designed frequency comb--recently developed by researchers at the USC Viterbi School of Engineering might be an effective tool for data encryption.
Democratic report warns of Russian meddling in Europe, US(Federal Times) A new report by Senate Democrats warns of deepening Russian interference throughout Europe and concludes that even as some Western democracies have responded with aggressive countermeasures, President Donald Trump has offered no strategic plan to bolster their efforts.
Russia dismisses Democratic US Senate report as unfounded(Federal Times) The 200-page report is the first from Congress to detail alleged Russian efforts to undermine democracies since the 2016 U.S. presidential election. Putin’s spokesman, Dmitry Peskov, said “the accusations of alleged meddling leveled against our country are absolutely unfounded.”
Director Addresses Cyber Conference(Federal Bureau of Investigation) At the International Conference on Cyber Security in New York, FBI Director Christopher Wray discussed how the FBI is evolving to stay ahead of threats in the digital age.
Whiffyleaks: Julian Assange told to take shower(Times) Julian Assange’s poor hygiene has played a role in the latest agitations by Ecuador to extricate him from his five-year standoff in its embassy, a well-placed source has told The Times. Staff at...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Security Titans(Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
DistribuTECH(San Antonio, Texas, USA, January 23 - 25, 2018) The 15-track conference brings industry thought leaders from all over the world opportunities to network, share knowledge and problem solve with worldwide utilities and product and service providers. Among...
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
ATARC Federal CISO Summit(Washington, DC, USA, January 25, 2018) This educational, one-day symposium will discuss the security challenges faced by Federal Chief Information Security Officers and examine the lessons learned and best practices used to secure the information...
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.