Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
October 18, 2018.
By The CyberWire Staff
McAfee researchers report finding a hitherto unremarked "data reconnaissance implant" that's targeting Korean speakers. They're calling it "Oceansalt," an homage to the earlier Seasalt implant that the old Chinese Comment Crew used back in 2010. Indeed, Oceansalt reuses code from Seasalt. The Comment Crew, also known as APT1, is thought to have gone dormant since its exposure in 2013, but a copycat seems to be back. Operations are thought to be closely targeted, with implants distributed via two compromised sites based in South Korea, and to be prospecting targets in Canada and the US as well as in the Republic of Korea.
Facebook has concluded that the breach it recently sustained was the work of criminal spammers, and not a nation-state's intelligence service.
Twitter has released a trove of Russian tweets issued at the time of the UK's Brexit vote—the sockpuppets were for it.
Iranian operators have been using fake social media personae in (relatively ineffectual) attempts at influencing US elections.
Researchers at Poland's Silesian University of Technology have found remote code execution vulnerabilities in D-Link routers. SecurityWeek says no fixes appear to be available. Cisco Talos researchers have found flaws in Linksys E-series routers, but there are patches available for these.
NBC News sends GCHQ's National Cyber Security Centre a mash note, saying the US has nothing like it, and should copy it. We're fans of the NCSC, but perhaps NBC is overlooking the Department of Homeland Security's National Protection and Programs Directorate. NPPD fills a similar role.
Through the LookingGlass™: Top Trends to Keep Your Organization Cyber Aware
It’s 2018 and threat actors continue to leverage the same tactics – phishing, ransomware, social engineering – against their targets. The best way to fight these threats is to start with the basics. Join LookingGlass on Wednesday, October 24 @ 2PM ET for a discussion on how cyber criminals are leveraging ‘old’ tactics in ‘new’ ways. We’ll give you tips and tricks to avoid being a victim to the same old schemes. Sign up now!
And this week's Hacking Humans is up. Dave reveals a stealthy trademark scam. Joe describes the invocation of a judge's name to lure a victim. A listener shares a business scam from India. Joe interviews "Shannon," a listener who enjoys wasting phone scammer's time.
SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference(Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.
Maryland Cybersecurity Career & Education Fair(Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.
The Cybersecurity Imperative Benchmarking Study(Security Industry Association) Produced in partnership with ESI ThoughtLab and WSJ Pro Cybersecurity Sponsor partners: Security Industry Association (SIA), Baker McKenzie, CyberCube, HP Inc., KnowBe4, Opus, Protiviti and Willis Towers Watson
ControlScan Extends Managed Security Services Capabilities With Dunbar Cybersecurity Acquisition(GlobeNewswire News Room) ControlScan, a leader in managed security and compliance solutions that help secure networks and protect payment card data, announces it has acquired Hunt Valley, Md.-based Dunbar Cybersecurity, including its well-established Security Operations Center (SOC) and powerful SIEM platform, Cyphon. The move brings additional advanced capabilities to the best-in-class managed security services ControlScan delivers to the mid-level enterprise.
Cybersecurity Month: Novetta’s Athena Starry Talks With EM(ExecutiveBiz) As part of Cybersecurity Month, Executive Mosaic spoke with Athena Starry, vice president of the cyber & SIGINT division at Novetta. Here’s what she had to say: EM: What is your cyber background? Starry: I have a diverse background that encompasses everything from contracts, proposals, finance, accounting, budgets, business development and overall infrastructure support to...
Tenable Announces Increase of Several Thousand New Operational Technology Devices Covered by Industrial Security Offering(Tenable™) Solution expands device coverage of the top ten leading industrial manufacturers, including Honeywell, Rockwell and Mitsubishi, to secure critical infrastructure Tenable®, Inc., the Cyber Exposure company, today announced that Industrial Security -- an asset discovery and vulnerability management solution for operational technology (OT) systems developed in conjunction with Siemens -- now includes significantly wider and deeper coverage of several thousand new OT devices from the top ten leading industrial manufacturers. This expanded breadth and depth of coverage is a significant step forward to help organizations deploy a single Cyber Exposure solution which spans both IT and OT assets.
INSA Releases Framework for Better Cyber Threat Sharing(Meritalk) At the request of several Federal agencies, the Intelligence and National Security Alliance (INSA) has created and released a framework for organizations to better share indications and warnings (I&W) of cyberattacks and deconstruct that data into indicators that can be monitored.
Why DNSSEC Isn't Enough(Security Boulevard) When you type a URL into the top of your browser and hit “enter,” a number of complicated things begin to happen. Somehow, the alphanumeric English language of a URL gets translated into the machine language of an IP address, allowing your browser to resolve a new webpage.
Crypto Quantique unveils its ‘quantum driven secure chip’ for IoT devices(TechCrunch) With Gartner estimating that there will be 150 billion connected devices by 2030 — many of them mission critical, such as powering major national infrastructure — the risk and realisation that these devices aren’t secured properly is leading some cyber security experts to predict …
Open-source hardware could defend against the next generation of hacking(Fifth Domain) Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose?
University Opens New Sanford Cyber Security Lab(The Torch) The digital age of today is one that relies on the Internet to provide a constant flow of information, drive commerce and protect the foundation of society that witholds our personal information. Breaches of personal data and the loss of private information have become common occurrences. As the digital culture has spread, so has the...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
FAIRCON18(Pittsburgh, Pennsylvnia, USA, October 14 - 18, 2018) Focused on advancing cyber, operational risk management.The event will feature in-depth training seminars, insightful presentations from industry leaders, candid executive and practitioner-led discussions...
PCI Security Standards Europe Community Meeting(London, England, UK, October 16 - 18, 2018) The PCI Security Standards Council’s 2018 Europe Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry effort...
2018 ISSA International Conference(Atlanta, Georgia, USA, October 17 - 18, 2018) Join us for solution oriented, proactive and innovative sessions focused on Securing Tomorrow Today. Every day, cyber threats become increasingly intricate and difficult to detect. No cyber security professional...
Fifth Annual Cyber Warfare Symposium(New York, New York, USA, October 18, 2018) The Fifth Annual Cyber Warfare Symposium is an annual one-day event presented by the Journal of Law & Cyber Warfare in conjunction with academia, government and private industry organizations at NYU School...
5th Annual Women in Cyber Security Reception(Washington, DC, United States, October 18, 2018) This annual networking event highlights and celebrates the value and successes of women in the cyber security industry. Leaders from the private sector, academia, and government from across the region...
2018 ICS Cyber Security Conference USA(Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...
Energy Tech 2018(Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...
Global Resilience Federation Summit on Third-Party Risk(Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management
other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.
Wild West Hackin’ Fest(Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event...
Symposium on Securing the IoT(Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...
SecureWorld Denver(Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber Security Dallas(Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.
InfoWarCon 18(Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.