Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
March 23, 2018.
By The CyberWire Staff
The US has just indicted nine Iranian hackers for conducting cyberespionage on behalf of the Revolutionary Guard.
Guccifer 2.0, the persona adopted by those who doxed the US Democratic National Committee, has been identified, sources say, as a team of operators in Russia's GRU military intelligence agency. The identification is credited to a lapse at the GRU: they apparently forgot to activate their VPN client before logging in.
SamSam ransomware has disabled several citizen-facing services in Atlanta. The FBI has begun investigating.
Facebook CEO Mark Zuckerberg and COO Sheryl Sandberg receive little love for their public handling of the Cambridge Analytica affair. Both have now spoken publicly, but, as WIRED says, that's either five days or two years late. They've suggested they're "open" to regulation, and regulation they may well get, open or not.
The US Federal Trade Commission is investigating whether Facebook violated a consent decree that required them to obtain users' permission before sharing their data. Should the FTC find Facebook in violation, it could face fines of $40,000 per violation.
In the UK, suspended Cambridge Analytica CEO Alexander Nix is being recalled to testify in a Parliamentary inquiry into fake news.
Bleeping Computer reports that Google's, Twitter's, and (again) Facebook's CISOs are leaving their positions.
Britain's European allies prepare to expel Russian diplomats in solidarity with the UK over the attempted assassination of Sergei Skripal.
US National Security Advisor H.R. McMaster will leave his post on April 9th, to be replaced by former UN Ambassador John Bolton.
Today's issue includes events affecting China, Estonia, European Union, France, Germany, Israel, Latvia, Lithuania, Nigeria, Poland, Romania, Russia, St Kitts and Nevis, United Kingdom, United States.
A note to our readers: the CyberWire is happy to have been selected as a finalist for the Maryland Cybersecurity Diversity Award (and the Cybersecurity Association of Maryland's People's Choice Award). You can find out more about the awards (and how to vote for us, if you'd like) here. Voting has been extended now that weather has postponed the event until March 27th.
Don’t be liable for your third party’s data breach
Third party risk has spiked in the past few years, and with new regulations – GDPR, NY Cyber Regulations, etc. – in place, organizations need to be as informed as possible to arm themselves against a third party breach. However, third party risk exists across a spectrum – and not all vendors require the same level of attention. Read more in our eBook to learn how to match your solution to your third party risk.
CYBERTACOS San Francisco(San Francisco, California, United States, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made up of influential security reporters who will discuss what they are covering and how to best work with them.
XM Cyber is coming to RSA(San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.
Dateline 3rd Annual Billington International CyberSecurity Summit
Malware leverages web injects to empty users' cryptocurrency accounts(Help Net Security) Criminals trying to get their hands on victims' cryptocurrency stashes are trying out various approaches. The latest one includes equipping malware with Man-in-the-Browser capabilities so they can hijack online accounts and perform fraudulent transactions on the fly.
Windows 10 (Infosecurity Magazine) Webroot's report shows large consumer adoption of Windows 10.
State of the web in 2017(Menlo Security) In 2017, cyber criminals successfully exploited long-held measures of trust, such as site reputation or category, to avoid detection and increase the effectiveness of their attacks. Bottom-line: no website is totally safe.
Malicious apps in app stores decrease 37 percent(Help Net Security) Malicious mobile apps were on the decline in Q4 of 2017 largely due to a decrease in the inventory of AndroidAPKDescargar, the most prolific dealer of blacklisted apps, according to RiskIQ.
Buyers Biting On Anti-Phishing Security(Forbes) The anti-phishing threat management space has already seen a handful of deals this year, and more could be on the way as phishing, in which hackers try to steal information through email trickery, still pose a threat to businesses.
New infosec products of the week: March 23, 2018(Help Net Security) The most important infosec releases of the week come from the following vendors: Gemalto, Trusted Knight, Dome9 Security, Minerva Labs, RedLock, QuintessenceLabs, SecureAuth and Core Security.
Worried About Being on Facebook? Some Options Explained(SecurityWeek) A snowballing Facebook scandal over the hijacking of personal data from millions of its users has many wondering whether it's time to restrict access to their Facebook information or even leave the social network altogether.
May’s EU allies prepare to expel Russian diplomats(Times) Russia’s spy networks across Europe were under threat last night as at least five EU countries prepared to follow Britain and expel diplomats in response to the Salisbury poisoning. The move came...
Trump announces $60 billion tariff on Chinese high-tech and other goods(TechCrunch) Following months of investigations by the U.S. Trade Representative Robert Lighthizer, the Trump administration announced today at a White House briefing that the administration intends to place tariffs on about $60 billion of Chinese goods, with the bulk of them likely to be focused on the high-t…
Cambridge Analytica’s Nix recalled by fake news probe(TechCrunch) Stock up on the popcorn — the currently suspended CEO of the firm at the center of a data handling and political ad-targeting storm currently embroiling Facebook, Cambridge Analytica, has been recalled by a UK parliamentary committee that’s running a probe into the impact of fake news b…
Why I Took Legal Action Against Cambridge Analytica(Motherboard) If I win, I can show the world a voter file with 5,000 data points the company compiled. I can show others where that information came from, how to request the information for yourself, and how to opt-out. If I win, everybody wins.
It's Too Late(Motherboard) After the Cambridge Analytica fiasco, Mark Zuckerberg says Facebook is taking steps to secure data given to third-party applications. But it's already been stolen and laundered.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
5th Annual Cybersecurity Summit(McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.
Women in CyberSecurity 2018(Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...
Northeast Regional Security Education Symposium(Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium...
KNOW Identity Conference 2018(Washington, DC, USA, March 26 - 28, 2018) The premier global event for the identity industry, the KNOW Identity Conference is the nexus for identity innovation, offering a uniquely differentiated, powerful, and immersive event that convenes the...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
National Cyber League Spring Season(Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
4th Middle East Cyber Security Summit(Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...
Cybersecurity: A Shared Responsibility(Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...
Sea-Air-Space: The Navy League’s Global Maritime Exposition(National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.
2018 Mississippi College Cybersecurity Summit(Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...
ISC West 2018(Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...
CYBERTACOS San Francisco(San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...
RSA Conference 2018(San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...
Our Security Advocates(San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.
Secutech(Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...
INFILTRATE(Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...
Automotive Cybersecurity Summit 2018(Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...
Global Cyber Security in Healthcare & Pharma Summit(London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.