2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
November 13, 2018.
By The CyberWire Staff
Finland investigates apparent Russian GPS jamming during NATO exercises (Deutsche Welle).
Jihadist groups, pushed by social media into temporary online occultation, counsel members to spread malign inspiration through hijacked accounts (Naked Security).
RiskIQ and Flashpoint this morning issued a joint report on Magecart, the family of carding campaigns against e-commerce sites. The researchers identify six criminal groups as responsible for Magecart activity, and they trace the threat from its modest origins as the Cart32 online shopping cart backdoor (discovered in 2000) to the present threat responsible for large-scale attacks on large enterprises including Ticketmaster and British Airways. Magecart proper emerged in 2015. The criminals monetize their theft of paycard data either by selling it to other, pettier crooks in carding fora, or by enlisting mostly unwitting mules to buy goods and ship them to the gang.
Cathay Pacific has told Hong Kong's Legislative Council data regulators that the breach it sustained was sophisticated and lasted for several months as the airline sought with difficulty to parry the attacks (Bloomberg Quint). The attacks were discovered in March; the airline struggled (at considerable effort and expense) with containment until August, at which time it began to be able to assess the extent of customer data loss: "far worse than thought" (Star). Cathay Pacific has established a site that worried customers may consult if they're concerned for their data's security.
Asked if there will be another Cambridge Analytica scandal, UK Information Commissioner Denham bets on form and says, "I suspect there will" (Telegraph).
Today's edition of the CyberWire reports events affecting Australia, Belgium, Canada, China, Finland, France, India, Iraq, NATO/OTAN, Netherlands, New Zealand, Russia, Syria, Taiwan, United Arab Emirates, United Kingdom, United States, and Vietnam.
Securing the Vote: How Easily Could Our Elections Be Hacked?
U.S. voting systems are broken. They are peppered with risks from people, process, and technology – and something must be done to regain voter confidence. In the latest Securealities report, Coalfire identifies these vulnerabilities and provides recommendations for remediation based on analyses from their work on voting networks and systems, plus 3,000 cybersecurity engagements in the past year.
Cyber Security Summit: November 29 in Los Angeles(Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Rapid Prototyping Event: The Turing Test(Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.
Cyber Attacks, Threats, and Vulnerabilities
Russia ‘disrupted Nato wargames by jamming GPS’(Times) Russian electronic warfare to disrupt Nato wargames are suspected to have caused the widespread jamming of satellite-based navigation systems in Norway and Finland that put airline passengers at risk.
Symantec: ‘Gallmaker’ Cyber Attack Group Uses ‘Living off the Land’ Tactics to Avoid Detection(ExecutiveBiz) Symantec has identified a new cyber espionage group dubbed Gallmaker that launches attacks on some government, defense and military organizations in Eastern Europe and the Middle East. The company said Thursday the Gallmaker group uses publicly available hacking tools and “living off the land” techniques to access targeted computers and avoid detection by traditional security...
US banks prepare for Iranian cyberattacks as retaliation for sanctions(KPAX.com) As the United States reinstated economic sanctions on Iran on Monday, American banks were gearing up for retaliatory Iranian cyberattacks. Bank executives believe Iranian hackers could attempt to disrupt financial services, perhaps as they did between 2011 and 2013 — with denial-of-service attacks that interrupted bank websites and other internet financial services. Last week, CNN …
Securiosity: All quiet on the election front(Cyberscoop) Everything ended up being quiet when it came to election security. But there were still plenty of other breaches and security advisories to talk about. In our interview, we talk to Digital Shadows CEO Alastair Paterson about Facebook, digital risk and whether he sees a sea change coming for the way people think about their privacy online.
Information Warfare: Twitter Brings Dezinformatsiya To The World(Strategy Page) Twitter, the popular messaging app, began in 2006 and it soon became a favorite tool for Russian dezinformatsiya (disinformation) operations That was because it was easier to conceal Russian involvement Messages were limited to 140 characters, meaning
NBC News Signal presents factory of lies: Democracy under attack(NBC News) Americans elected Donald Trump president after a bruising campaign mired by disinformation online and suspicious hacks. We now know the Russian government interfered in the elections by manipulating social media in a bold attempt to influence the vote. The Russian tactics may have been new, but their propaganda playbook is age-old. The NBC News Business, Tech and Media team recounts what happened in 2016 and sheds light on what it means for our democracy going forward.
Privilege Escalation Flaw In WP GDPR Compliance Plugin Exploited In The Wild(Wordfence) After its removal from the WordPress plugin repository yesterday, the popular plugin WP GDPR Compliance released version 1.4.3, an update which patched multiple critical vulnerabilities. At the time of this writing, the plugin has been reinstated in the WordPress repository and has over 100,000 active installs. The reported vulnerabilities allow unauthenticated attackers to achieve privilege escalation, …
Taking Cryptojacking Out of the Shadows(Infosecurity Magazine) The only way to truly prevent cryptojacking is to prevent the malware from getting installed in the first place, rather than waiting to detect it post-breach.
The Mad Dash to Find a Cybersecurity Force(New York Times) Employers and educators are rethinking the way they attract and train potential employees to meet the demands of an increasingly vulnerable online world.
Italian-founded IoT cybersecurity startup EXEIN raises €2 million(Tech.eu) Cybersecurity startup EXEIN from Rome has raised a €2 million funding round from United Ventures for its IoT firmware security solution. The company was founded in July this year as a spin-off project undertaken of an Italian cybersecurity company Aspisec led by its CEO Gianni Cuozzo. EXEIN claims that firmware has become the weak point …
Synack Launches Veterans Cyber Program(Meritalk) Synack, a crowdsourced security testing firm, announced Thursday the launch of its Synack Veterans Cyber Program which will “recruit, empower, and deploy veterans in the cybersecurity industry.”
Armistice Day(Acumin) In light of the 100th anniversary of the end of WW1 this Sunday on Armistice Day, Acumin Consulting would like to pay our respects to those who helped our country 100 years ago.
Arilou And Alpine Announce Co-Developing Of Secure Infotainment System(NNG) Arilou Information Security Technologies, a supplier of high-end cyber security solutions for the automotive industry, and Alpine Electronics, Inc., a leading manufacturer of in-car audio equipment, mobile multimedia components, and in-vehicle infotainment systems announced joining forces to create the concept of an infotainment system securing the vehicle’s CAN bus against malicious hacking attempts.
At USAA, cybersecurity is a '24/7 problem'(San Antonio Express-News) At USAA’s Cyber Threat Operations Center in San Antonio, cybersecurity experts are constantly monitoring attempts by cybercriminals to get into members’ accounts.
New weapon to fight risk of cyber attack(BQ) A voucher scheme has been launched to help small businesses and third sector organisations to combat the menace of e-crime by securing a Cyber Essentials accreditation.
Why Family Offices Need To Prioritize Cyber-Security(Forbes) Cyber-crime statistics indicate that family offices are becoming more frequent victims of targeted data breaches, often wreaking havoc on systems and posing a significant reputational and financial risk when sensitive information is accessed.
France Seeks Global Talks on Cyberspace Security(SecurityWeek) The French government announced a "Paris Call" for talks to lay out a common framework for ensuring internet security, following a surge in cyberattacks which has dented confidence in global networks.
California Regulates Online Bots(Cooley) Citing the proliferation of online bots used to deceive consumers and influence voters, the California legislature recently passed the nation’s first law directly regulating online bots. Enacted o…
FBI Records Show Former FBI Director James Comey’s Use of Personal Email(Cause of Action Institute) Cause of Action Institute has acquired former FBI Director James Comey’s work-related emails from his personal Gmail account. Garnered from the FBI through the first of rolling document productions in an ongoing Freedom of Information Act (FOIA) lawsuit, the email records start to shed light on the extent of Comey’s …
Bug Bounty Hunter Ran ISP Doxing Service(KrebsOnSecurity) A Connecticut man who’s earned bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 7, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
BSides Huntsville(Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...
CPX Europe 360 2019(Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
Capital Cybersecurity Summit(Tysons Corner, Virginia, USA, November 13, 2018) The 2018 Capital Cybersecurity Summit will feature keynote speakers and panels offering unique insights on emerging cybersecurity technologies, digital solutions, operations and enforcement from the private...
Infosecurity North America(New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...
Kingdom Cyber Security(Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.
API Security Summit(London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations
from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.
The Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Securing Digital ID 2018(Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...
First Annual Maryland InfraGard Cybersecurity Conference(College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...
International Cyber Risk Management Conference(Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...
2018 Cloud Security Alliance Congress(Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...
Wall Street Journal Pro CyberSecurity Executive Forum(New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.