Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
March 1, 2018.
By The CyberWire Staff
German authorities said yesterday that they are investigating a cyber espionage campaign against Federal networks. The attack was detected in December, but the threat actors are believed to have been present in the networks for about a year before they were discovered. The campaign is attributed (not officially, but by anonymous sources close to the investigation) to Fancy Bear, Russia's GRU military intelligence service.
Deutsche Welle describes the Informationsverbund Berlin-Bonn (IVBB) network, the hackers' target, as a dedicated secure platform used only by "the Chancellery, the German parliament, federal ministries, the Federal Audit Office and several security institutions in Berlin and Bonn, the former German capital where some ministries still have offices."
UpGuard disclosed that it found another exposed AWS S3 bucket. This one belongs to Birst, a cloud business intelligence and analytics firm. The data exposed belonged to Capital One, the eighth largest US commercial bank. UpGuard thinks the data could provide attackers a "roadmap" to Capital One's infrastructure. [Update, 3.3.18: UpGuard has taken down its report on the breach. Birst and its corporate parent, Infor, have said that no data were exposed. An Infor representative told ITWire: "A Birst employee placed a copy of certain non-production components of the Birst software in a publicly-available S3 bucket to provide a prospective customer in the financial services industry non-production, read-only access to the software (a proof-of-concept). These components were not populated with data; no data from the financial institution was ever present in the test environment at any time, although the filename contained the name of the financial institution." Thus it appears that no data were exposed. Capital One contacted the CyberWire to point out that the report of a breach was inaccurate.]
Wandera describes RedDrop, Android malware distributed for the purpose of blackmailing its victims. RedDrop combines the functionality of spyware, Trojan, and data exfiltration. If users take apps only from reputable sources and enable Google Play Protect, they're probably safe.
Intel adds new fixes for Spectre to Broadwell and Haswell chips.
The US Federal Trade Commission has reached a settlement with PayPal subsidiary Venmo over the company's privacy and security practices. The US Securities and Exchange Commission has begun investigation into multiple ICOs, looking particularly at sales structures and presale agreements.
Struggling with your DLP? It's time to rethink your data loss prevention strategy.
Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.
And, in case you missed it, Recorded Future's Threat Intelligence Podcast (produced in cooperation with the CyberWire) is up. This episode features a talk with McAfee's Michael Rea on the art of managing formal intelligence requirements. He explains the value of formal management of your threat intelligence requirements, how best to do it, and why it helps make IT security teams more effective.
Billington International Cybersecurity Summit(Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832
Third Annual Cyber Investing Summit 5/15/18(New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.
Unprotected AWS Bucket Exposes 50.4 GB of Financial Giant's Data(HackRead) [Note, 3.3.18: See the article from ITWire, above, for updated information on this story. There appears to have been no breach.] Another day, another AWS Bucket exposed to the public - This time the AWS Bucket belonged to Birst, a Cloud Business Intelligence (BI) and Analytics firm.
There is still a lack of cyber resiliency of the electric grid(Control Global) October 10, 2016, I wrote a blog: “The NERC CIPs continue to expose the grid to significant cyber vulnerabilities even after the Ukrainian hack” This was because NERC, DOE, and DHS had effectively ignored the 2015 attack as it was against the distribution system. Ironically, two months later, the second Ukrainian cyberattack was against the transmission system. In both cases, the attack was step 1 of the 2 steps of Aurora. Enclosed are examples of what is not happening.
Phillips clinical imaging solution plagued by vulnerabilities(Help Net Security) Phillips is developing a software update to mitigate 35 CVE-numbered vulnerabilities in the Philips IntelliSpace Portal (ISP), a clinical imaging visualization and analysis solution that is used by healthcare and public health organizations around the world.
What Is A Botnet & How Does It Work?(Pwnie Express) Learn what botnets are, how they are created, and how they carry out DDoS attacks. You can also discover ways to prevent a botnet attack from affecting you.
Security Patches, Mitigations, and Software Updates
3 Emerging Healthcare Security Challenges(Bricata) Security professionals in health care face a difficult challenge: protecting an aging infrastructure with unique requirements of PII even as threats multiply and budgets remain flat. A renewed focus on some of the basics could reverse the trend.
Contractors gripe about DHS clearance woes(FCW) Varied and uneven security clearance processes for contractors across DHS components are leading to confusion and problems for vendors, industry experts told a congressional panel.
What employers need to know about cybersecurity jobseekers(Help Net Security) An ISC2 study sheds light on what motivates cybersecurity jobseekers and what’s most important to them for professional and personal fulfillment. Armed with this insight, employers can do a much better job appealing to top cybersecurity professionals.
Northrop Grumman awarded $95M OBIM contract(BiometricUpdate) Northrop Grumman has been awarded a 42-month, $95 million contract by the DHS Office of Biometric Identity Management (OBIM) to develop the first two stages of the Homeland Advanced Recognition Tec…
Virginia Cybersecurity Startup CounterFlow AI Inc. closes $2.7M Seed Round(California Newswire) Cybersecurity startup CounterFlow AI announced last week that it has raised $2.7 million in seed funding from Osage University Partners, the Charlottesville Angel Network, and a number of individual investors who also supported the founders' previous venture, nPulse Technologies (acquired by FireEye in 2014).
Cyber Insurer Coalition Raises $10 Million to Solve Cyber Risk for SMBs(Coalition) Coalition Inc., the first technology-enabled cyber insurance solution, announced today that it raised $10 million in Series A funding from leading technology investors including Vy Capital, Ribbit Capital, Valor Equity Partners, Sam Altman (President, Y Combinator), and Deep Nishar (Senior Managing Director, Softbank Vision Fund).
By Light acquires Axom for intell footprint(Washington Technology) By Light Professional IT Services acquires Axom Technologies to gain a new footprint in the intelligence community, a highly-sought after customer base in recent deal activity.
Qualys Hires Bill Solms To Head US Federal Division(WashingtonExec) Solms, who brings 30 years of experience, will help drive government IT initiatives to aid agencies maintain visibility and control of their complex networks and secure their digital transformations.
QBE North America launches online cyber response tool(Business Insurance) QBE North America, an operating division of Australia’s QBE Insurance Group Ltd., will include an online cyber response tool with all its cyber policies, the insurer said in a statement Wednesday.
Joseph Greenwald & Laake adding cybersecurity practice(Maryland Daily Record) Joseph Greenwald & Laake P.A. has recently added a new practice area in data privacy and cybersecurity, with a focus on compliance, government investigations and enforcement actions, data priva…
How to Fight Mobile Number Port-out Scams(KrebsOnSecurity) T-Mobile, AT&T and other mobile carriers are reminding customers to take advantage of free services that can block identity thieves from easily “porting” your mobile number out to another provider, which allows crooks to intercept your calls and messages while your phone goes dark.
Fleet Cyber Command to get new leader(Fifth Domain) Rear Adm. Timothy White has been nominated to serve as the next commander of Fleet Cyber Command/Tenth Fleet, as well as a third star.
Litigation, Investigation, and Law Enforcement
Judge to rule whether to suppress accused leaker's statement(Fifth Domain) Defense attorney Matthew Chester says the statement from Reality Winner, accused of leaking National Security Agency secrets, should be suppressed because federal agents intentionally chose not to read her Miranda rights out of fear that she would not talk if they did.
SINET ITSEF 2018(Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...
AFFIRM and USCC 5th Annual Cybersecurity Summit(Arlington, Virginia, USA, March 8, 2018) The 5th Annual Cybersecurity Summit is a place for important discussions about the challenges with cyber-security and is also a significant benefit both for the AFFIRM scholarship program, which helps...
PCI Security Standards Council Middle East and Africa Forum(Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...
SecureWorld Boston(Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber 9-12(Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
Infosecurity Magazine Spring Virtual Conference(Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...
3rd Annual Billington International Cybersecurity Summit(Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...
Infosecurity Magazine North America Virtual Conference(Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...
The Cyber Security Summit: Denver(Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Women in CyberSecurity 2018(Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...
Northeast Regional Security Education Symposium(Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
National Cyber League Spring Season(Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
4th Middle East Cyber Security Summit(Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...
Cybersecurity: A Shared Responsibility(Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...
Sea-Air-Space: The Navy League’s Global Maritime Exposition(National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.
2018 Mississippi College Cybersecurity Summit(Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...
ISC West 2018(Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.