Where do cyber security professionals go to find jobs and career advice?
CyberSecJobs.com features thousands of opportunities across the country and overseas for cyber security pros. Check us out today by visiting CyberSecJobs.com.
June 18, 2018.
By The CyberWire Staff
South Africa-based insurer Liberty Life reported Saturday that it had sustained a breach by "unauthorized parties." It's an extortion play under a veneer of freelance penetration testing. Liberty, which says it regained control of its systems by Sunday, said of the attack: "An external party claims to have seized data from us, has alerted us to potential vulnerabilities in our systems and has requested compensation for this." The hackers claim to have obtained "sensitive data" about "top clients" which they'll release if their demands aren't met. Liberty denies that it's negotiating payment with the attackers.
F5 and Loryka report substantial cyber espionage activity targeting last week's Trump-Kim summit, most of it from Russia. US-CERT warns that DPRK hackers are back.
US Cyber Command is said to have been given, and to have used, more extensive cyber offensive authorities.
The impresario who's serving as the public face of the Russian online service, USA Really, Alexander Malkevich, is disporting himself in Washington. He's come to "test the limits of American freedom."
Europol has arrested five alleged members of the Rex Mundi cybercrime gang.
French authorities take down the Black Hand dark web market.
Alleged Silk Road collaborator "Variety Jones" has been extradited to the US.
Bitcoin and Ethereum investors have been hit with another round of wallet looting. According to Qihoo 360, the technique is the familiar one of clipboard hijacking.
The US Senate is expected to take up security issues concerning ZTE this week. Huawei may be next on the agenda.
Today's issue includes events affecting Australia, Canada, European Union, France, Iran, Israel, Democratic Peoples Republic of Korea, Pakistan, Russia, Saudi Arabia, Singapore, South Africa, Tajikistan, Thailand, Turkey, United States.
Correction: We transposed a letter Friday in our discussion of the rebranded Satan ransomware. The malware strain now goes by "DBGer," not, as we fumbled it, "DGBer."
How sharp is your incident response to cyber threats? Learn more in LookingGlass’ webinar!
Enabling your team with high-quality threat intelligence is imperative to stopping cyber attacks BEFORE they breach your network. But what distinguishes high-quality, actionable threat intelligence from low-quality "noise"? How are cutting edge CISOs and IT security teams applying threat intelligence to incident response? Find out in LookingGlass’ webinar with Security Ledger. Tuesday, June 26 @ 2pm ET. Sign up now!
The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19(Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.
Trump-Kim Summit Attracts Wave of Cyber-Attacks on Singapore(SecurityWeek) The number of cyber-attacks targeting Singapore skyrocketed from June 11 to June 12, during the meeting between U.S. President Donald Trump and North Korean President Kim Jong-un in a Singapore hotel, and most of these attacks originated from Russia
US Government warns of more North Korean malware attacks(HOTforSecurity) With Donald Trump and Kim Jong Un exchanging handshakes and smiles at the Singapore security summit earlier this month, you may have been fooled into thinking that all was cordial between the United States and North Korea. Look under the surface, however... #malwareattack #northkorea #usgovernment
MirageFox: APT15 Resurfaces With New Tools Based On Old Ones(Intezer) Coincidentally, following the recent hack of a US Navy contractor and theft of highly sensitive data on submarine warfare, we have found evidence of very recent activity by a group referred to as APT15, known for committing cyber espionage which is believed to be affiliated with the Chinese government. The malware involved in this recent campaign, MirageFox, looks to be an upgraded version of a tool, a RAT believed to originate in 2012, known as Mirage.
Bitcoin, Ethereum Copied Addresses Replaced by Crypto Malware to Steal Funds(CoinFrenzy | Blockchain News in Shorts) A new cryptocurrency-related malware has been found by Cybersecurity firm 360 Total Security. This malware is used to steal fund by hijacking the clipboard of the user which is then replaced with a copied Bitcoin [BTC] and Ethereum [ETH] address. Read on to know about his malware.
Hacker Breaches Syscoin GitHub Account and Poisons Official Client(BleepingComputer) A hacker gained access to the GitHub account of the Syscoin cryptocurrency and replaced the official Windows client with a version containing malware. The poisoned Syscoin Windows client contained Arkei Stealer, a malware strain specialized in dumping and stealing passwords and wallet private keys.
Social media quizzes can provide hackers with personal information(WINK NEWS) Social media quizzes may seem fun, but scammers can use the answers you post to steal personal information. ‘What’s Your Royal Guest Name’ recently circulated on social media. People can leave their answers in the comment section for others to see. In order to find out, users are told to name one of his or …
Notes on "The President is Missing"(Errata Security) Former president Bill Clinton has contributed to a cyberthriller "The President is Missing", the plot of which is that the president stops a...
Is AI the New Buzz Term Du Jour, Or Is There Meat on the Bone?(TechNative) Artificial Intelligence (AI) development has gained substantial traction of late and is fast becoming the new “cyber” in generating attention, speculation, and fear Sine 2010, AI has grown at a compounded annual growth rate of almost 60 percent, according to one source. Competition among nation states to “dominate” the AI sphere is reported to be fierce, raising concern that an “intelligence arms race” has already commenced with adversarial governments jockeying for supremacy. Dating back to 1956, AI was first coined by a Stanford University researcher and defined its key mission as a sub-field of computer science. Fast forward to today,
Debriefing: Cryptocurrency hacks(Korea JoongAng Daily) Coinrail, the seventh-largest cryptocurrency exchange in Korea, was hacked last week. The hackers made off with around 3.6 billion coins worth around 40 billion won ($36.9 million).
The heist sent a shockwave through the Korean cryptocurrency mark
F-Secure to buy MWR InfoSecurity for ~$106M+ to offer better threat hunting(TechCrunch) The ongoing shift of emphasis in the cyber security industry from defensive, reactive actions towards pro-active detection and response has fueled veteran Finnish security company F-Secure’s acquisition of MWR InfoSecurity, announced today. F-Secure is paying £80 million (€91,6M) in cash to p…
2018 Security Awareness Report(SANS Security Awareness) The report summarizes and analyzes the data from over 1,700 awareness professionals like yourself. Use this report to gain key insights and valuable metrics to benchmark and grow your program.
A Year After Wannacry: Lots of Work to Do(BaknInfo Security) One year after the Wannacry attack, cybersecurity is still failing, and the likelihood of a breach has never been greater, says Carl Leonard of Forcepoint.
How can real-time payments be secured?(Rambus) With account-based fraud on the rise, however, the move from standard to real-time transactions is causing significant security challenges for central banks and clearing houses. So, how can real-time payments be secured?
The Impact of Artificial Intelligence on R&D and Innovation(Wall Street Journal) CIO Journal Columnist Irving Wladawsky-Berger calls AI a new kind of research tool--"an invention of a method of inventing"--with the potential to open up new avenues of inquiry and enable a new approach to innovation itself.
Machines learn language better by using a deep understanding of words(TechCrunch) Computer systems are getting quite good at understanding what people say, but they also have some major weak spots. Among them is the fact that they have trouble with words that have multiple or complex meanings. A new system called ELMo adds this critical context to words, producing better underst…
Cal Poly SLO hosting cyber attack contest(Pacific Coast Business Times) For the last two weeks, computer engineering undergrad Cassidy Elwell has been staging a cyber attack at Cal Poly San Luis Obispo. Starting with a cast of characters and a storyline, Elwell has bee…
The flawed analogy between nuclear and cyber deterrence(Bulletin of the Atomic Scientists) “If Internet security cannot be controlled, it’s not an exaggeration to say the effects could be no less than a nuclear bomb,” said General Fang Fenghui, Chief of General Staff of the People’s Liberation Army of China, in April 2013. General Fang is not alone in drawing comparisons between nuclear and cyber weapons during the past few years.
GAO Dings 13 Agencies for Cyber Workforce Classification Issues(Meri Talk) The Government Accountability Office (GAO) issued a report Thursday that found many Federal agencies are not entirely up to speed in classifying members of their cybersecurity workforce, although many of them have traveled well down the road toward compliance.
Norwich University Cyber Security Summit(Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...
GovSummit(Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...
The Cyber Security Summit: DC Metro(Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...
Impact Optimize2018(Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.
Nuclear Asset Information Monitoring and Maintenance(Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...
Cyber Security Summit 2018(Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...
The Cyber Security Summit: Seattle(Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Health Cybersecurity Summit 2018(Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...
Global Cyber Security Summit(Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...
SINET61 2018(Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...
Community College Cyber Summit (3CS)(Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...
2018 Community College Cyber Summit (3CS)(Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.