North Korea is widely expected to resume its ambitious program of cyber operations following its modified, limited restraint during the run-up to this week's US-DPRK summit.
Researchers at Kaspersky Lab report an espionage campaign against an unnamed Central Asian country's servers. The evidence points to a Chinese threat group tracked variously as "LuckyMouse," "Emissary Panda," "APT27," and "Threat Group 3390."
Dixons Carphone, the large British electronics retailer, sustained a big data breach, losing data for some 6 million customer's paycards. Dixons says the effect of the loss was limited (most of the cards were chip-and-pin) and that it's seen no evidence of fraud emerging from the breach so far. British authorities, including the National Crime Authority, the National Cyber Security Centre, the Financial Conduct Authority, and the Information Commissioner's Office, are investigating. The complexity of the investigation suggests its importance: this is the first major breach since GDPR implementation.
Intel reports finding another CPU security issue in its Core-based processors. Called "Lazy State," the bug is already addressed in some systems; other mitigations will follow.
Chinese and Russian companies continue to face headwinds driven by security concerns. ZTE's recovery remains in doubt, Australia is very leery of Huawei, and the European Parliament yesterday voted overwhelmingly in favor of a ban on Kaspersky products.
Proposed EU copyright laws have aroused considerable alarm. "The end of the Internet as we know it" is widely predicted. Much opposition derives from a proposal to, essentially, extend Facebook content-moderation to the Internet as a whole.
Under GDPR non-compliant companies face trade-offs on borrowed time, says Control Risks.
Control Risks says non-compliance is a truly enterprise risk for companies operating in the EU. It burdens already taxed programs with particular measures to protect personal data and disclose security issues. Many worry that resources catching up to GDPR before an incident occurs trade-off other critical initiatives, leaving them vulnerable nonetheless. Companies must get executives and experts involved in managing the risk and competing priorities. Let Control Risks help you be both secure and compliant.
And the latest edition of Hacking Humans is up. We talk about some of the challenges professional athletes face in their online lives. They're high-profile targets for scammers of all kinds, and their experiences hold some important lessons for others. Stephen Frank from the National Hockey League Players Association joins us to share how professional athletes protect themselves from online scams. (And the only kind of Russian collusion anyone wants to see in the NHL is between Kuznetsov and Ovechkin.)
The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19(Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.
Cyber Attack on Mexico Campaign Site Triggers Election Nerves(US News & World Report) The website of a Mexican political opposition party was hit by a cyber attack during Tuesday's final television debate between presidential candidates ahead of the July 1 vote, after the site had published documents critical of the leading candidate.
Cortana Hack Lets You Change Passwords on Locked PCs(BleepingComputer) Microsoft has patched a vulnerability in the Cortana smart assistant that could have allowed an attacker with access to a locked computer to use the smart assistant and access data on the device, execute malicious code, or even change the PC's password to access the device in its entirety.
A Bunch of Compromized Wordpress Sites(SANS Internet Storm Center) A few days ago, one of our readers contacted reported an incident affecting his website based on Wordpress. He performed quick checks by himself and found some pieces of evidence:
Snapchat launches privacy-safe Snap Kit, the un-Facebook platform(TechCrunch) Today Snapchat finally gets a true developer platform, confirming TechCrunch’s scoop from last month about Snap Kit. This set of APIs lets other apps piggyback on Snap’s login for sign up, build Bitmoji avatars into their keyboards, display public Our Stories and Snap Map content, and generate bran…
Top Cybersecurity Expert Anup Ghosh Joins Accenture Security(WLNS) Accenture (NYSE: ACN) today announced the appointment of industry veteran and cybersecurity expert, Dr. Anup Ghosh, as managing director in Accenture Security. In his new role, Ghosh will bring his technology focused background and executive leadership to lead strategic technology investments that help scale Accenture Security?s rapid growth in the managed security services business.
Active cyber deception: Can it improve cloud security?(SearchCloudSecurity) Active cyber deception techniques can be used to defend cloud environments, as well as on-premises networks. Learn about the potential benefits and drawbacks of these strategies for enterprises.
Consider these three things when developing an insider threat program, experts say(Fedscoop) The bad news is that cyberthreats aren’t just on the outside, trying to get in. Employees, former employees and contractors can expose valuable information or sensitive networks, sometimes unintentionally. The good news is that it’s possible to develop a program to spot such activity, leaders from the National Security Agency, the Secret Service and Carnegie Mellon University …
Top 10 cybersecurity tips to secure the 2018 U.S. election(SC Media US) The 2018 Election is still five months away, but there has been no shortage of effort on the part of local, state and federal officials to ensure every ballot cast is legitimate and voters are not being intentionally spoofed by news planted by the nation's enemies.
Can DoD Take the Point on Quantum Computing?(MeriTalk) The possibilities of quantum computing have been floating on the horizon for a while now, at least since renowned physicist Richard Feynman dreamed up the idea in 1982. But like the horizon itself (at least in a world that isn’t flat), it always seems to recede despite all efforts to close in on it. Until now.
There's A New Cold War Brewing In Cyberspace(Nasdaq) Amid mounting criticism that the Trump administration is doing too little to punish Russia, the U.S. Treasury has imposed new sanctions on individuals and companies alleged to have worked aided and abetted Moscow’s intelligence services in conducting cyberattacks on the U.S.
Here are the experts who will help shape Europe’s AI policy(TechCrunch) The European Commission has announced the names of 52 experts from across industry, business and civil society who it has appointed to a new High Level Group on AI which will feed its strategy and policymaking around artificial intelligence. In April the EU’s executive body outlined its appro…
Senate approves Krebs to lead NPPD(FCW) After running the operation for almost a year, the temporary head of the National Protection and Programs Directorate is set to be sworn in as the group's official director.
Librarian Sues Equifax Over 2017 Data Breach, Wins $600(KrebsOnSecurity) In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Dynamic Connections 2018(Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive...
Norwich University Cyber Security Summit(Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...
GovSummit(Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...
The Cyber Security Summit: DC Metro(Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...
Impact Optimize2018(Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.
Nuclear Asset Information Monitoring and Maintenance(Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...
Cyber Security Summit 2018(Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...
The Cyber Security Summit: Seattle(Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Health Cybersecurity Summit 2018(Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...
Global Cyber Security Summit(Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.