Outmaneuver your most sophisticated cyber enemies—automatically.
Cyber attacks are getting more sophisticated. Cybercrime and data breach costs will reach the billions and even trillions in the next few years. These are things we already know. But what are you doing to help your cybersecurity teams (who are already stretched thin) mitigate the billions of threats? The ScoutShield threat intelligence gateway keeps your overburdened teams from throwing in the towel by blocking threats automatically – making their lives easier and saving you from cyber attacks. Watch our video to learn more.
March 27, 2018.
By The CyberWire Staff
Kaspersky defends its decision to blow the anti-ISIS Slingshot cyber campaign. It's their job to "take the fish from the water." They don't care what language said fish speaks; they "have to catch it."
Atlanta's SamSam ransomware infestation seems unusually resistant to remediation. Estimates now suggest it will take the city months to recover, but Atlanta's city mothers and fathers are being tight-lipped about details. The criminals have taken down their "contact portal" as they've received increased scrutiny (and gotten tired, evidently, of answering questions).
British Defence Secretary Gavin Williamson calls Russian bots "the Lord HawHaws" of the Twenty-first Century.
Twenty-two countries (more may come) have now taken action against Russia in solidarity with the UK over the nerve agent attack in Salisbury. One-hundred-eighty-two Russian nationals are affected, most of them diplomats declared persona non grata. (Lithuania is the outlier here. In addition to expelling diplomats, Vilnius has told twenty-one other Russian nationals to leave and banned a further twenty-three from entering the country.) The sixty the US has told to leave include forty-eight from the Russian embassy in Washington and eighteen from Russia's UN delegation in New York. The US says they're all engaged in espionage. Washington has also ordered the Russian consulate in Seattle closed.
The British anti-doping organization sustained a cyberattack over the weekend, and suspicion turns to Fancy Bear (Russia's GRU). But this seems more likely to be Fancy's normal business than blowback for HM Government's work to rally the civilized world against the Salisbury incident.
Struggling with your DLP? It's time to rethink your data loss prevention strategy.
Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.
XM Cyber is coming to RSA(San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.
Eugene Kaspersky defends ‘Slingshot’ report(The Australian) Kaspersky Lab boss and founder Eugene Kaspersky has defended his company’s controversial “Slingshot” report, which uncovered an alleged US military malware program targeting ISIS and potentially put lives at risk.
Watering Hole Attack Exploits North Korea's Flash Flaw(SecurityWeek) An attack leveraging the compromised website of a Hong Kong telecommunications company is using an Adobe Flash vulnerability (CVE-2018-4878) that has been exploited by North Korea since mid-November 2017.
Meet Federico Tenga: The guy who teaches North Koreans about Bitcoin(ExpressVPN) Despite being the most hermetic country on Earth, North Korea is certainly no stranger to cyberspace—in both its uses and abuses. Despite a tiny local internet user base and just a few dozen local websites, cybercrime in the Democratic People’s Republic of Korea (DPRK) is estimated to be a multi-billion dollar industry.
Third-party IoT risk management not a priority(Help Net Security) A new report uncovered an alarming number of respondents who believe their organization will suffer from a catastrophic IoT related attack in the next two years, and shows that many are not properly assessing for third party IoT risks and do not have an accurate inventory of IoT devices.
Sanny Malware Updates Delivery Method(Threatpost) Attackers, purportedly hailing from Korea, are stepping up their malware campaign with three new techniques ranging from abusing UAC and targeting Windows 10.
Cryptocurrency Mining Craze Going for Data Centers(Bitdefender) Cryptocurrency is a virtual currency that uses cryptography to guarantee anonymity and provide anti-counterfeit features, enabling anyone to make transactions without being regulated by government or banking institutions. Anonymous and decentralized, virtual currency became synonymous with money laundering, tax evasion, and cybercrime.
SamSam group deletes Atlanta's contact portal after the address goes public(CSO Online) An image shared with local media during the early stages of a SamSam ransomware infection in Atlanta exposed the contact portal assigned to the city by the group responsible for the attack. When questioned about their actions via the exposed portal, the SamSam group later deleted the contact form, calling the questions and comments spam.
Side-channel information leakage in mobile applications(SANS Internet Storm Center) Smartphones today carry an unbelievable amount of sensitive information. As absolutely everything is going mobile these days, we have to pay special attention on security of mobile applications, specifically data at rest (data stored on a mobile device) and data in transit (data transferred to the target server).
Building Cyber Resilience: Compromise Response Intelligence in Action(Baker Hostetler) This is our fourth Report addressing the issues entities care about most when it comes to incident response. The Report’s focus remains consistent with that of prior years, although this year we emphasize the importance of using Compromise Response Intelligence in addition to the measures necessary to be Compromise Ready.
The Once and Future InfoWars(War on the Rocks) David Patrikarakos, War in 140 Characters: How Social Media is Reshaping Conflict in the Twenty-First Century (Basic Books, 2017). Violence, like Twitter, is a means of communication. If we do not understand it as such, its place in international relations makes no sense. As Thomas Schelling wrote in 1966: “The power
JASK and the future of autonomous cybersecurity(TechCrunch) There is a familiar trope in Hollywood cyberwarfare movies. A lone whiz kid hacker (often with blue, pink, or platinum hair) fights an evil government. Despite combatting dozens of cyber defenders, each of whom appears to be working around the clock and has very little need to use the facilities, t…
Three Myths About Cyber Insurance (Healthcare Informatics Magazine) Given the escalating number of attacks and increasing financial costs, the rate of cyber insurance adoption is somewhat surprising. There are three myths about cyber insurance that are keeping more businesses from adding these policies.
Preventing the Next Ransomware Attack(Infosecurity Magazine) While there is no simple solution to protect against ransomware attacks, there are a few key tactics that security teams can take that will boost their immunity.
Diplomats ousted: US, Europe punish Russia over spy case(Military Times) The United States and more than a dozen European nations kicked out Russian diplomats on Monday and the Trump administration ordered Russia’s consulate in Seattle to close, as the West sought joint punishment for Moscow’s alleged poisoning of an ex-spy in Britain.
Statement from the Press Secretary on the Expulsion of Russian Intelligence Officers(The White House) Today President Donald J. Trump ordered the expulsion of dozens of Russian intelligence officers from the United States and the closure of the Russian consulate in Seattle due to its proximity to one of our submarine bases and Boeing. The United States takes this action in conjunction with our NATO allies and partners around the …
Are Cyber-Related Indictments a Good Deterrent Strategy?(Technative) In mid-March 2018, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated five entities and 19 individuals under the Countering America’s Adversaries Through Sanctions Act (CAATSA) as well as Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.”
FCC wants Chinese tech out of US phones, routers
(Washington Examiner) U.S. officials are discouraging U.S. telephone and internet companies from purchasing Chinese technology that could be used for surveillance, Federal Communications Commissioner Ajit Pai announced Monday.
DHS hires new cybsersecurity adviser ahead of 2018 midterm elections(Washington Examiner) The Department of Homeland Security has hired the former chairman of the Election Assistance Commission, Matt Masterson, to help federal, state, and local authorities coordinate cybersecurity efforts ahead of the 2018 midterm elections, the department announced Monday.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
National Cyber League Spring Season(Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
4th Middle East Cyber Security Summit(Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...
Cybersecurity: A Shared Responsibility(Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...
Sea-Air-Space: The Navy League’s Global Maritime Exposition(National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.
2018 Mississippi College Cybersecurity Summit(Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...
ISC West 2018(Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...
CYBERTACOS San Francisco(San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...
RSA Conference 2018(San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...
Our Security Advocates(San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.
5th Annual Cybersecurity Summit(McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.
Secutech(Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...
INFILTRATE(Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...
Automotive Cybersecurity Summit 2018(Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...
Global Cyber Security in Healthcare & Pharma Summit(London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...
Secure Summit DC(Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...
HACKNYC(New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...
SecureWorld Kansas CIty(Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.