The US Navy continues to be relatively close-lipped about Chinese exfiltration of sensitive information from a contractor's systems. The unnamed contractor, working for the Naval Undersea Warfare Center in Rhode Island, is said to have reported a cyber incident, losing information that's believed to concern sensors, submarine cryptographic systems, and weapons.
The cyberespionage threat actor Patchwork, also tracked as Dropping Elephant, is showing renewed interest in US think tanks, repurposing think tank articles and studies as phishbait. Volexity calls the group out as an Indian unit.
Banco de Chile disclosed the loss of about $10 million during a May attack, when hackers successfully took the money via electronic transfer. The criminals used wiper malware to corrupt the master boot records of some 9000 systems. This aspect of the attack was apparently misdirection intended to distract IT staff while the hackers accomplished their main objective: SWIFT transfer fraud.
Coinrail, a cryptocurrency exchange based in South Korea, disclosed yesterday that it had been the victim of a cyberattack in which ICO tokens for Pundi X, NPER, and Aston were taken. There's also the possibility that tokens for Dent and Tron were stolen as well. The exchange estimates that between $30 million and $40 million were taken; it's working to freeze the stolen assets. The incident spooked investors: cryptocurrency valuations took a significant hit as speculators dumped their holdings.
The G7 (maybe all seven, but at least six of them) agreed to take coordinated, concerted action in response to cyberattacks by hostile states.
Today's issue includes events affecting Australia, Canada, Chile, China, France, Germany, India, Italy, Japan, Democratic Peoples Republic of Korea, Republic of Korea, NATO/OTAN, Philippines, Russia, United Kingdom, United States..
Under GDPR non-compliant companies face trade-offs on borrowed time, says Control Risks.
Control Risks says non-compliance is a truly enterprise risk for companies operating in the EU. It burdens already taxed programs with particular measures to protect personal data and disclose security issues. Many worry that resources catching up to GDPR before an incident occurs trade-off other critical initiatives, leaving them vulnerable nonetheless. Companies must get executives and experts involved in managing the risk and competing priorities. Let Control Risks help you be both secure and compliant.
The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19(Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.
Chinese hackers steal sensitive Navy program data(Fifth Domain) Cyberattacks sponsored by the Chinese government infiltrated a U.S. Navy contractor’s computers, allowing digital thieves to access sensitive data related to secret Navy projects on a submarine anti-ship missile.
Patchwork Cyberspies Target U.S. Think Tanks(SecurityWeek) The cyber-espionage group known as "Patchwork" (AKA Dropping Elephant) has been launching cyberattacks directly against United States-based think tanks, Volexity reveals.
Hackers Can Hijack, Sink Ships: Researchers(SecurityWeek) Insecure configurations and vulnerabilities in communications and navigation systems can allow hackers to remotely track, hijack and sink ships, researchers warn
Attack Vectors in Orbit: The Need for IoT and Satellite Security in the Age of 5G(TrendLabs Security Intelligence Blog) Already a vital part of the critical infrastructure of the internet, satellites are set to take on a more significant role with the emergence of 5G cellular network technology and the continuing expansion of the internet of things (IoT). While terrestrial networks handle peak load well, disaster handling and critical infrastructure scenarios are served well by satellites, which are unaffected by most ground-based events. Ensuring the security of satellites, therefore, acquires even greater importance and warrants more initiatives to that end.
Data disaster: How a malware infection struck an Aussie HR site(PS News) A security breach at one of the world’s largest human resources providers, Australian company PageUp, has resulted in tens of companies that were using their services notifying employees and applicants last week that their personal data might have been stolen last month.
Bitcoin price falls but doesn’t flatline(TechCrunch) Those not looking at the Bitcoin markets lately will either gasp or smile. Bitcoin, down from its all time high of around $19,000, is now floating at $6,785 as of this writing. To many this means that either the Bitcoin experiment is over or, to many more, that it has just begun. There are plenty […
The Age of Tech Superheroes Must End(Wall Street Journal) Silicon Valley has an accountability crisis, and at its root is the idolatry of its founder-CEOs, writes Christopher Mims.
Google pledges not to use AI for weapons or surveillance(C4ISRNET) Google pledged Thursday that it will not use artificial intelligence in applications related to weapons, surveillance that violates international norms, or that works in ways that go against human rights. It planted its ethical flag on use of AI just days confirming it would not renew a contract with the U.S. military to use its AI technology to analyze drone footage.
US Commerce Secretary: Huawei no threat to US national security(Totaltelecom) The FCC is currently investigating a number of Chinese companies on the grounds that they pose a threat to the US' national security, though many analysts suggest that the US is simply using the situation as leverage for its trade talks with China
Zscaler Security As A Service Delivers(Seeking Alpha) It seems to be a terrific solution commanding an equally terrific valuation. However, there is a lot to be said for the shares as there is already operational l
Carbon Black: Waiting For The Pop(Seeking Alpha) Carbon Black, the endpoint security company that went public in May, has just released its first earnings quarter since going public. Despite beats to top-line
Duo Security Appoints Technology Leader William Welch as President and Chief Operating Officer(Duo Security) Duo Security, one of the fastest growing cybersecurity companies in the world and leading provider of zero-trust security with Duo Beyond, today announced the expansion of its leadership team with the appointment of William Welch as President and Chief Operating Officer (COO). Welch brings more than 25 years of experience to Duo after holding successful senior leadership positions with technology giants such as ZScaler, HP, Symantec, and Oracle.
Cyber learning at Goldman Sachs(Professional Security) Goldman Sachs is to use the browser-based cyber training platform Immersive Labs’ to provide cyber security teams with purpose-built scenarios. The investment bank intends to then deploy the virtual learning platform among its 8,000 developers and potentially other types of workers across the firm to aid cyber resiliency.
Changing the paradigm of control system cyber security(Control Global) Cross-correlating the electrical characteristics of process sensors in real time provides a new capability to change the paradigm of control system cyber security as well as reliability, availability, productivity, and safety monitoring
When the NSA Hired Mad Men(The Daily Beast) The National Security Agency was once a young agency that had to make a name for itself. It went for a psychedelic look, as recently declassified posters of the ’50s & ’60s show.
FC2 Supports Student Research into Smart Safehouses(Florida Center for Cybersecurity) With support from the Florida Center for Cybersecurity, six students from the University of South Florida's (USF) College of Engineering have embarked on a yearlong internship to develop a state-of-the-art, cyber-ready safehouse.
Net Neutrality Rules Expire as Backers Turn to Congress, Courts(Bloomberg) The Obama-era net neutrality regulations that barred broadband providers from slowing or blocking internet traffic expired Monday, a major milestone in a debate that continues in the courts and Congress as Democrats press to restore the rules.
Marine Corps weighs wooing older members for new cyber force(ABC News) The head of the Marine Corps says it's time the U.S. military branch known for its fierce, young warriors becomes a little more mature. The Marine Corps is considering offering bonuses and other perks to entice older, more experienced Marines to re-enlist as it builds up its cyber...
Notorious Kindle Unlimited abuser has been booted from the bookstore(TechCrunch) A few levels past the bestsellers and sci-fi/romance/adventure titles on Kindle Unlimited, in the darkest corners of the Kindle Direct Publishing market, there are books that are made entirely out of garbage designed to make scammers hundreds of dollars a day. One user, who called his or herself Ch…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Transport Security and Safety Expo(Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly...
Dynamic Connections 2018(Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive...
Norwich University Cyber Security Summit(Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...
GovSummit(Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...
The Cyber Security Summit: DC Metro(Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...
Impact Optimize2018(Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.
Nuclear Asset Information Monitoring and Maintenance(Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...
The Cyber Security Summit: Seattle(Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Cyber Security Summit 2018(Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...
Health Cybersecurity Summit 2018(Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.