Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
October 19, 2018.
By The CyberWire Staff
Reports of a Chinese supply-chain seeding attack continue to lose credibility. The US Director of National Intelligence says that, while of course the prospect of such attacks is worrisome, the Intelligence Community can't find any evidence that this one actually happened. And Supermicro, the firm whose motherboards Bloomberg reported had been salted with spy chips, has replied to an inquiry from US Senators with a categorical denial that it sustained a supply chain attack.
Twitter has blocked a botnet that was pushing what appeared to be Saudi government talking points concerning journalist Jamal Khashoggi's apparent murder.
Latvian sources say the country sustained, but parried, cyberattacks apparently directed at affected the October 6th elections. Some of the temporarily successful attacks posted pro-Russian messages in social media.
Cylance reports that Vietnam's cyber espionage threat group, OceanLotus (also known as APT32 or Cobalt Kitty) has shown renewed activity and upped its game in several respects, including through its use of obfuscated CobaltStrike Beacon payloads for command-and-control.
The town of West Haven, Connecticut, suffered a ransomware attack. Unable to think of any better option, the town decided to pay the $2000 the hackers demanded. The mayor says the criminals have restored West Haven's access to its data.
The hoods behind the GrandCrab ransomware have released decryption keys to a Syrian man who said they'd deprived him of photos of his sons, killed in that country's civil war. The extortionists also sent some ambiguous signals that they might remove Syrian targets from their hit list.
Through the LookingGlass™: Top Trends to Keep Your Organization Cyber Aware
It’s 2018 and threat actors continue to leverage the same tactics – phishing, ransomware, social engineering – against their targets. The best way to fight these threats is to start with the basics. Join LookingGlass on Wednesday, October 24 @ 2PM ET for a discussion on how cyber criminals are leveraging ‘old’ tactics in ‘new’ ways. We’ll give you tips and tricks to avoid being a victim to the same old schemes. Sign up now!
SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference(Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.
Maryland Cybersecurity Career & Education Fair(Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.
Latvia repulsed election day cyber-attack(Public broadcasting of Latvia) While the hacking of a social media site in Latvia on Saeima election day, October 6, made headlines, in fact the country was subjected to - and successfully repulsed - a wider cyber attack, reports Olga Dragileva of LTV's De Facto weekly investigative show.
Report: The SpyRATs of OceanLotus(Cylance) During an incident response investigation, our threat researchers and incident responders uncovered several bespoke backdoors deployed by OceanLotus Group (a.k.a. APT32, Cobalt Kitty), as well as evidence of the threat actor using obfuscated CobaltStrike Beacon payloads to perform C2. This white paper is dedicated to in-depth technical analysis of the malware, C2 protocols, TTPs and general observations.
Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection(Security Boulevard) In a case that shows you can teach an old exploit new tricks, a group of attackers who push information-stealing malware modified a well-known exploit in A group of attackers have modified a well-known exploit in a way that it bypasses detection by most antivirus programs.
SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords(BleepingComputer) A new SEO poisoning campaign has been discovered that is targeting keywords associated with the U.S. midterm elections. Users who are enticed to visit these pages will then be redirected to a variety of scam sites, adult sites, and sites pushing unwanted software.
GandCrab Devs Release Decryption Keys for Syrian Victims(BleepingComputer) In a post to an underground hacking and cybercrime forum, the GandCrab developers have released the decryption keys for Syrian victims. The release of these decryption keys was in response to a Tweet where a Syrian victim asked for help after images of his deceased children were encrypted.
Advertising frauds that continue to tarnish cryptography(Crypto Economy) Regarding the issue related to advertising frauds, without stopping to remember the collective ban that ICOs made at the beginning of this year, the lack of modesty of some malicious people does not respect the legitimate authorities of the countries
Team8 taps ex-NSA director for board of advisors(PE Hub) Team8, a cybersecurity think tank and company creation platform, has named Mike Rogers to its board of advisors. A former U.S. Navy admiral, Roger is the former ex-director of the National Security Agency and ex-chief of the Central Security Service. Team8's backers include Eric Schmidt’s Innovation Endeavors.
High-Tech Bridge to Uberize AI for Application Security Testing(CSO) ImmuniWeb® AI platform now offers fully customizable packages to proof test security and privacy of any web, mobile or IoT app, all purchasable in few clicks from any device. An average time of a sales transaction, including various human interactions, goes down from 15 hours to 8 minutes, saving almost two business days of buyer’s time.
How to remove fileless malware(Security Boulevard) What is fileless malware? How can you identify it? And how can you remove it from your system? Find out how to identify and manually remove this type of threat.
How To Avoid An Insider Threat Nightmare(Information Security Buzz) David Higgins, CyberArk offers his tips and recommendations to mitigate insider threat this Halloween… As Halloween looms, it would certainly feel like the right time to think of our favourite horror stories. From an enterprise IT perspective, there are too many to keep up with these days. From the constant threat of cyber attacks from …
Microsoft AI Ethicist Guides Businesses on Responsible Algorithm Design(WSJ) Microsoft has created a new position to help companies deploying AI to learn how to prioritize ethical principles including fairness, accountability and transparency in the development of the algorithms. “A lot of customers we engage with are grappling with the ethics discussion potentially for the first time,” says Tim O’Brien, Microsoft’s general manager of AI programs.
Saudi Silence on Khashoggi Must End(Atlantic Council) For many months, Trump administration officials have worried privately that Saudi Arabia's young prince Mohammed Bin Salman – in whom President Donald Trump and his son-in-law Jared Kushner had invested so much – was through rash actions...
Intel: Can the Khashoggi case really spell the end of MBS?(Al-Monitor) Sen. Lindsey Graham, R-S.C., raised eyebrows this week when the stalwart Saudi supporter told Fox News that Crown Prince Mohammed bin Salman “has got to go.” Now French newspaper Le Figaro is reporting that at least seven representatives of the clans that make up the royal family are meeting in “utmost discretion” to chart a course out of the diplomatic mess created by the disappearance...
Swedish court tells ISP to block The Pirate Bay in the country(HackRead) Another day, another court order against The Pirate Bay (TPB). This time, the Patent and Market Court of Sweden has ordered the telephone company and mobile network operator Telia to block The Pirate Bay and other torrenting websites including NyaFilmer, FMovies, and Dreamfilm in the country.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
2018 ICS Cyber Security Conference USA(Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...
Energy Tech 2018(Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...
Global Resilience Federation Summit on Third-Party Risk(Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management
other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.
Wild West Hackin’ Fest(Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event...
Symposium on Securing the IoT(Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...
SecureWorld Denver(Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber Security Dallas(Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.
InfoWarCon 18(Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...
RETR3AT Cybersecurity Conference(Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...
4th Annual Cyber Southwest (CSW) Symposium(Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...
Hybrid Identity Protection Conference(New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...
Cyber Security & Artificial Intelligence MENA Summit(Dubai, UAE, November 6 - 7, 2018) Cyber Security and Artificial Intelligence MENA Summit has been designed to bring you a remarkable opportunity to gain fresh insights into areas such as artificial intelligence and machine learning impact...
2nd Annual Aviation Cyber Security Summit Summit(London, England, UK, November 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.