Optimize your security teams with threat intelligence.
At Recorded Future, we believe every security team can benefit from threat intelligence. That's why we've launched our new Threat Intelligence Grader — so you can quickly assess your organization's threat intelligence maturity and get best practices for improving it. Get your Threat Intelligence Score™.
October 1, 2018.
By The CyberWire Staff
Facebook's large data breach, disclosed late last week, has drawn more regulatory scrutiny from the European Union. Ireland’s Data Protection Commission, which serves as Facebook’s lead privacy regulator for the EU, announced Saturday that it has required the company provide more information about the incident, including which European residents appear to be affected. Fines under GDPR could reach $1.63 billion. The UK has also told Facebook CEO Mark Zuckerberg that they want him to testify before Parliament about what some MPs call the "terrible disrespect" shown British citizens' data.
Last week's disclosure seems to have largely undone whatever good was worked by COO Sandberg's testimony before the Senate. The US Federal Trade Commission wants some answers, which is rarely a good thing for the company being asked to provide them, and comprehensive US privacy legislation seems (today at least) likelier.
In a distinct action, the European Parliament is considering initiating an audit of Facebook over its entanglement with the Cambridge Analytica data scandal.
Industry reaction to the Facebook breach has been to approve, generally of the company's incident response while disapproving of the missteps that permitted the exploitation in the first place.
US officials have been concerned about the possibility of Chinese election meddling for some time. A perceived decrease in the rate of Chinese cyberattacks may signify greater sophistication.
The guy in Taiwan who was going to livestream his obliteration of Mark Zuckerberg's Facebook page over the weekend decided against doing so. Instead he applied for a bug bounty.
Create a culture of cybersecurity awareness with Coachable Moments.
According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.
CyberMaryland Job Fair on October 9 in Baltimore, MD.(Baltimore, Maryland, United States, October 9, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 9 in Baltimore. Meet leading cyber employers including Bank of America, FireEye, NSA, Raytheon, USCYBERCOM and more. Visit ClearedJobs.Net or CyberSecJobs.com for more details.
Cyber Security Summits: October 16 in Phoenix and on November 29 in Los Angeles(Phoenix, Arizona, United States, October 16, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The CIA, Verizon, AT&T, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Two reasons to reconsider your Facebook membership(Graham Cluley) It's been a bad week for Facebook and its billion-plus users. Not only was it revealed that millions of users had their accounts exposed by a vulnerability, but the site has been up to dirty tricks with mobile phone numbers you gave them to supposedly enhance your security.
Until data is misused, Facebook’s breach will be forgotten(TechCrunch) We cared about Cambridge Analytica because it could have helped elect Trump. We ignored LocationSmart because even the though the company was selling and exposing the real-time GPS coordinates of our phones, it was never clear exactly if or how that data was misused. This idea, that privacy issues …
Industry Leaders Reaction on Recent Facebook Hack(Information Security Buzz) It is being reported that Facebook said an attack on its computer network led to the exposure of information from nearly 50 million of its users. The company discovered the breach earlier this week, finding that attackers had exploited a feature in Facebook’s code that allowed them to take over user accounts. Facebook fixed the vulnerability and notified law enforcement officials. More …
New Malware-as-a-Service Threat Targets Android Phones(Security Intelligence) Security researchers discovered a new malware-as-a-service offering designed to enable cybercriminals to infect Android phones and block users from running security solutions on their devices.
Voice Phishing Scams Are Getting More Clever(KrebsOnSecurity) Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams.
Bitcoin [BTC] demanded as ransom after cyber-attack on Port of San Diego(AMBCrypto) The Port of San Diego was recently hit with a cybersecurity attack, which led to the involvement of the Federal Bureau of Investigation [FBI] and the Department of Homeland Security [DHS]. Their systems were hit with a ransomware attack, which led to the attackers asking for their ransom in Bitcoin [BTC]. While how much money […]
Big U.S. Banks Face Increase in Attempted Cyberattacks(Wall Street Journal) Some large U.S. banks have seen an uptick in attempted cyberattacks in recent weeks, according to people familiar with the matter, at a time when federal officials are stepping up warnings to banks about cyberthreats.
Iron Bow Partners with H.I.G. Capital to Accelerate Growth(Odessa American) Iron Bow Technologies, an IT solution provider serving government, commercial and healthcare clients, today announced an equity partnership with H.I.G. Capital, a leading global private equity investment firm. The partnership will accelerate Iron Bow’s rapid growth in prospective markets across the public and private sectors.
6 security tips for freelancers(Kaspersky) Freelancers are beloved targets for cybercriminals, who use phishing and malware to steal credentials and money. Here’s how to avoid their traps and stay safe.
Reputational Risk and Third-Party Validation(BankInfo Security) Third-party ratings are increasingly popular as a means of selecting cybersecurity vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of
Are we speeding towards AI consciousness?(Computing) Jeff NG, Chief Scientist, Founders Factory, explains recent developments paving the way to AI consciousness and why it is important to our world's future
U.S. Vows To Go On Cyber Offense(Forbes) The U.S. vows to go on offense against cyber attackers. But experts say this is not a major change - it just applies conventional policy on conflict and espionage to the online world.
Sri Lanka’s cyber security strategy: Open for public comments soon(Sunday Observer) The much anticipated cyber security strategy for the country will be open for public comments within a couple of weeks, a senior official of ICTA told the gathering at the Organisation of Professional Associations of Sri Lanka (OPA) conference in Colombo last week.ICT Agency of Sri Lanka Director and Legal Advisor Jayantha Fernando said the cyber strategy will be available for public comment within the next couple of weeks and added that the draft strategy was presented to the Cabinet two weeks an ago.
MPs demand answer from Facebook boss over hack shock(The Telegraph) MPs have demanded that Mark Zuckerberg travels to the UK to face questions about his “terrible disrespect” for the data of citizens, following last week’s data breach at Facebook that resulted in 50 million user accounts being exposed to hackers.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
COSAC & SABSA World Congress(Kildare, Ireland, September 30 - October 4, 2018) For 25 years COSAC has delivered a trusted environment in which to deliver information security value from shared experience and intensive, productive, participative debate and development. Sales content...
Monterey Cyber Security Workshop 2018(Pacific Grove, California, USA, October 1 - 2, 2018) People with special expertise interested in making progress on the subjects at hand meet at the Monterey Incubator for a workshop to build an understanding of vital issues of the day. The workshop follows...
Cyber Defense Summit 2018(Washington, DC, USA, October 1 - 4, 2018) FireEye's annual Cyber Defense Summit will feature both training and an opportunity to hear from the experts. Introductory, intermediate and advanced training courses will be provided during the first...
Retail Cyber Intelligence Summit(Denver, Colorado, USA, October 2 - 3, 2018) Network with 250+ CISOs and their teams from retail and consumer facing industries: restaurants, hospitality, gaming, convenience, grocery and more. Share best practices, gain insights, network. This conference...
IP Expo Europe(London, England, UK, October 3 - 4, 2018) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forward. IP EXPO Europe is co-located at Digital Transformation EXPO...
Borderless Cyber USA 2018(Washington, DC, USA, October 3 - 5, 2018) How do you future proof your cybersecurity strategy? Can you identify and report cyber incidences so you can respond quickly to manage consequences? Public and private sector cyber experts from across...
Borderless Cyber USA(Washington, DC, USA, October 3 - 5, 2018) Automation, people, information sharing, intelligence, risk and the economics of risk have been identified as key cybersecurity strategy measures to focus on in order to keep pace with modern threats.
MSPWorld® Peer Group & Data Analytics Summit(Las Vegas, Nevada, USA, October 4 - 5, 2018) The MSPWorld® Peer Group & Data Analytics Summit is a revolutionary new concept for the managed services executive. Accessible only by MSPs, this conference will focus on small, peer lead groups exchanging...
4th European Cybersecurity Forum – CYBERSEC(Krakow, Poland, October 8 - 9, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
4th European Cybersecurity Forum – CYBERSEC(Krakow, Poland, October 8 - 9, 2018) CYBERSEC is a public policy conference dedicated to strategic aspects of cyberspace and cybersecurity. CYBERSEC 2017 brought together record-breaking 150 speakers and more than 1,000 delegates from all...
8th Annual (ISC)2 Security Congress(New Orleans, Louisiana, USA, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices,...
CyberMaryland 2018(Baltimore, Maryland, USA, October 9 - 10, 2018) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...
HoshoCon 2018(Las Vegas, Nevada, USA, October 9 - 11, 2018) Over 3 days, attendees will gain firsthand knowledge about blockchain security. You are invited to converse with technologists working on blockchain and cryptocurrency projects, hear key insights from...
U.S. Department of Transportation Cybersecurity Symposium(Washington, DC, USA, October 9 - 10, 2018) The U.S. Department of Transportation (DOT) Cybersecurity Symposium is 2 days of training sessions and educational seminars focused on the mission of protecting government networks and privacy. Hosted...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.