2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
November 14, 2018.
By The CyberWire Staff
A BGP (Border Gateway Protocol) leak Monday routed traffic through China and to a lesser extent through Russia and Nigeria (SecurityWeek). The incident now appears to have been the result of an error and not a malicious campaign: a misconfiguration in a Nigerian ISP seems to have caused the rerouting (WIRED). There have been recent jitters over the possibility of BGP hijacking for espionage and surveillance purposes, but this was all a mistake.
Cylance describes a sophisticated cyberespionage campaign directed against Pakistan, with the air force particularly affected. The campaign is "Operation Shaheen," the threat actor "the White Company." Cylance evaluates the White Company as a nation-state actor, but they don't say which nation-state that might be. Operation Shaheen was carefully prepared, with extensive reconnaissance and the ability to evade no less than eight anti-virus products.
In yesterday's Patch Tuesday, Microsoft addressed more than sixty issues with sixteen patches. Adobe fixed issues in Flash Player, Acrobat and Reader (KrebsOnSecurity).
Italian prosecutors have given up their efforts to bring Phineas Phisher, hacker of the Hacking Team, to book (Motherboard). He hasn't been found and is presumably free as a bird.
Tyler Barris pled guilty to Federal charges related to his involvement in a Kansas man's SWATting death last year. He'll receive at least twenty years in prison (Ars Technica).
The US Congress passed legislation to reestablish the National Protection and Programs Directorate as the Cybersecurity and Infrastructure Security Agency (CISA), now the lead US civilian cybersecurity agency (Department of Homeland Security).
Securing the Vote: How Easily Could Our Elections Be Hacked?
U.S. voting systems are broken. They are peppered with risks from people, process, and technology – and something must be done to regain voter confidence. In the latest Securealities report, Coalfire identifies these vulnerabilities and provides recommendations for remediation based on analyses from their work on voting networks and systems, plus 3,000 cybersecurity engagements in the past year.
Cyber Security Summit: November 29 in Los Angeles(Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Rapid Prototyping Event: The Turing Test(Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.
Free VPN App Investigation(Top10VPN) We investigated the top free VPN (Virtual Private Network) apps in Apple's App Store and Google Play and found that over half are run by highly secretive companies with Chinese ownership. Very few of these hugely popular apps, which have hundreds of millions of installs worldwide, do anywhere enough to deserve the trust of consumers looking to protect their privacy.
Security Patches, Mitigations, and Software Updates
Patch Tuesday, November 2018 Edition(KrebsOnSecurity) Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.
Privacy, cloud and evolving threats: a survey of Forcepoint customer cybersecurity concerns(Forcepoint) A survey of more than 1,000 Forcepoint customers finds that cybersecurity professionals are concerned about privacy, cloud and infrastructure security, while also trying to find the balance between ensuring security and enabling access. Meeting these challenges is made more difficult by the ever-evolving cyber threats IT professionals must address and the ongoing risk of human error.
Novetta acquires Berico Technologies(Intelligence Community News) McLean, VA-based Novetta announced on November 12 the acquisition of Berico Technologies, based in Reston, VA. Novetta’s acquisition of Berico is rooted in the alignment of mission, capabilit…
Abusix Joins Open Invention Network as Licensee(WBOC) Abusix, a specialist provider of Threat Intelligence and Subscriber Security solutions for Telcos and Internet Service Providers (ISPs), has joined the largest patent non-aggression community in history, created by and for Linux and Open Source Software supporters.
The Bricata Comprehensive Network Protection Platform Earns FIPS...(Bricata) NIST Has Issued Certificate #3325 to Bricata, Completing Rigorous FIPS 140-2 Testing Process for Deployments in U.S. Federal Government November 14, 2018 – Columbia, Md. – Bricata, Inc., a leading provider of comprehensive network protection, today announced the immediate... #bricata #fips #news
How to design a cyber-secure smart grid(Power Engineer) The European Network for Cyber Security (ENCS) has launched a new training course that it claims will give security architects “the knowledge to design secure smart grid systems”.
Build the Capacity to Hunt for Publicly Disclosed Indicators of...(Bricata) Earlier this year federal authorities unveiled multi-stage and widespread cyber-attacks on the U.S. energy sector and other infrastructure locations. At the time, these attacks had been ongoing for at least a year and incurred several successful compromises... #ics #networksecurity #threathunting
Phishing Training is a Tool, Not a Solution(SecurityWeek) It’s time to swing the pendulum back, and put the responsibility to do battle with phishing campaigns back where it most correctly belongs—on the security systems.
Bank of America Obtains Crypto Patent, is it Planning to Operate a Wallet?(NewsBTC) A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely. The second largest A sure sign of growing adoption and institutional interest in cryptocurrencies is when major banks start to look at them more closely.
The UN GGE is dead: Time to fall forward(ECFR) The top down UN GGE process appears dead in the water. International norms and laws for responding to cyber attacks must now be built from the bottom up.
Paris Call for Trust and Security in Cyberspace(France Diplomatie) Cyberspace now plays a crucial role in every aspect of our lives and it is the shared responsibility of a wide variety of actors, in their respective roles, to improve trust, security and stability in cyberspace.
Intel Asks for Comments on Draft Federal Privacy Law(SecurityWeek) Intel has developed and published a draft model federal bill that it calls the "Innovative and Ethical Data Use Act of 2018", and is inviting comments from businesses, privacy experts and the general public.
China scours social media, erases thousands of accounts(Reuters) China’s top cyber authority has scrubbed 9,800 social media accounts of independent news providers deemed to have posted sensational, vulgar or politically harmful content on the Internet, it said late on Monday.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 7, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
BSides Huntsville(Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...
CPX Europe 360 2019(Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
Symposium on Securing the IoT(San Francisco, California, USA, March 27 - 29, 2019) Want to share your passion and knowledge for Securing the 25 Billion devices connected to the Internet? Topics currently being selected for tracks include: Authenticating Blockchain, Secure Medical & Healthcare,...
Infosecurity North America(New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...
Kingdom Cyber Security(Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.
API Security Summit(London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations
from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.
The Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
Securing Digital ID 2018(Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...
First Annual Maryland InfraGard Cybersecurity Conference(College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...
International Cyber Risk Management Conference(Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...
2018 Cloud Security Alliance Congress(Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...
Wall Street Journal Pro CyberSecurity Executive Forum(New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.