2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
October 23, 2018.
SecurityWeek's ICS Cyber Security Conference
We're in Atlanta for SecurityWeek's 2018 ICS Cyber Security Conference, organized by SecurityWeek. We'll have updates on the proceedings throughout the week.
By The CyberWire Staff
The murder of Jamal Khashoggi in Saudi Arabia's Istanbul consulate continues to arouse international outrage. Turkey's President Erdogan addressed the death early today in an address to his Development and Justice Party, calling for Saudi Arabia to be more forthcoming about its role in the death and suggesting that any trial be held in Turkey. Hackers have defaced the Davos-in-the-Desert site with a picture showing both Khashoggi and, behind him, a sword-wielding Saudi Crown Prince Mohammed bin Salman. The site has been taken down; the attack looks like hacktivist work.
As Brazil's elections enter their final phase, WhatsApp messaging in that country is seeing a surge in politically-oriented questionable stories.
Bleeping Computer says it's receiving attention from the masters of the Kraken Cryptor Ransomware, who released version 2.0.6 of their tool over the weekend.
Zimperium reports finding remote-code-execution vulnerabilities in FreeRTOS, the open-source OS widely used in embedded systems. The bug's effects are seen across the IoT spectrum, from smart homes to critical infrastructure.
Cisco Talos has discovered remote-code-execution flaws in Live Networks LIVE555’s streaming media RTSPServer. Exploitation could trigger a stack-based buffer overflow.
US authorities continue to investigate a breach in Healthcare.gov that affects about seventy-five-thousand people. Hackers got in through the Federally Facilitated Exchanges (FFE).
Amazon and Supermicro have joined Apple in demanding that Bloomberg retract its story about Chinese supply-chain poisoning of motherboards with spy chips.
Russia's FSB intelligence service recommends that the Internet be brought under "proper governance." Few will receive this as unproblematic good-government advice.
A year in, companies unsure of risk under China's Cyber Security Law, says Control Risks.
Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.
Our special edition podcast is out as well. The topic is "Making the business case for privacy." Our guest is Cisco’s Chief Privacy Officer Michelle Dennedy, who joins us to discuss what exactly a chief privacy officer does at a global organization like Cisco, why she thinks we’re in the early stages of a privacy revolution, why we all tend to shake our heads cynically when a company claims, “Your privacy is important to us” and how, maybe, respecting the privacy of your users and customers could be a competitive advantage.
SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference(Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.
New York Times Event: Cyberwarfare with Google, Department of Justice & more(Washington, DC, United States, October 30, 2018) David Sanger, national security correspondent for The New York Times will moderate a discussion on cyberwarfare, one of the greatest threats to American democracy and commerce. He will be joined by John Demers, assistant attorney general for the national security division at the Department of Justice; Yasmin Green, the director of research and development for Jigsaw, a Google company; and Dmitri Alperovitch, co-founder of CrowdStrike, who discovered Russian hacking of the Democratic National Committee.
Maryland Cybersecurity Career & Education Fair(Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.
Who Is Agent Tesla?(KrebsOnSecurity) A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software.
Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption(BleepingComputer) Over the weekend, the Kraken Cryptor Ransomware released version 2.0.6, which now connects to BleepingComputer during different stages of their encryption process. It is not known what they are trying to achieve by doing this, but it does provide BleepingComputer with insight into the amount of its victims.
Arcserve Zero-Day Disclosure(Digital Defese) Digital Defense discloses four previously undisclosed vulnerabilities within the Arcserve Unified Data Protection platform. The vulnerabilities can open the door for potential compromise of sensitive data through access to credentials, phishing attacks and the ability for a hacker to read files without authentication from the hosting system.
Dipping Into The Honeypot(Arbor Networks Threat Intelligence) Executive Summary Brute-forcing factory default usernames and passwords remains a winning strategy for Internet of Things (IOT) botnet propagation. Botnet operators with the best list will produce the larger botnet and obtain superior firepower for launching DDoS attacks. IOT bots are indiscriminate – they will
Security Patches, Mitigations, and Software Updates
Multiple Arcserve® Zero-Day Vulnerabilities Disclosed by(Digital Defense) Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) uncovered four previously undisclosed vulnerabilities within the Arcserve Unified Data Protection platform. The vulnerabilities can open the door for potential compromise of sensitive data through access to credentials, phishing attacks and the ability for a hacker to read files without authentication from the hosting system.
Persistent Cyber Training Environment - W900KK-19-PCTE(Federal Business Opportunities: Opportunities) Army Contracting Command-Orlando is issuing this sources sought synopsis as a means of conducting market research to identify potential sources having an interest and industry technologies available to consolidate the integration and development of the Persistent Cyber Training Environment (PCTE) platform.
Facebook on Hunt for Big Cybersecurity Acquisition(The Information) In an effort to repair its tattered reputation around data protection, Facebook is stepping up efforts to acquire a major cybersecurity firm, according to four people familiar with the matter. Facebook has approached several security firms about an acquisition, two of the people said, although ...
Clegg can’t be Facebook’s gutless stooge(Times) Where better to go for news of Sir Nick Clegg’s move to Facebook than to his own page on the site? Our former deputy prime minister, the man who once defined the centre of British politics in much...
Applied Insight Acquires Mission IT Firm Organizational Strategies Inc.(AP NEWS) Applied Insight , a market leader in solving complex technology challenges for federal government customers and backed by The Acacia Group, announced today its acquisition of Organizational Strategies Inc ., a leading provider of analytics, mission IT, and intelligence, surveillance and reconnaissance services to government and commercial customers.
Former Booz Allen Exec Joe Logue Joins Novetta Board(WashingtonExec) Joe Logue, a former longtime Booz Allen executive vice president, has joined the board of directors of advanced analytics firm Novetta. Logue has over 20 Logue has over 20 years of experience supporting defense and intelligence community customers and a former long-time Booz Allen EVP.
5.5 billion GlobalPlatform-certified Secure Elements shipped in 2017(Global Security Mag Online) GlobalPlatform, the standard for secure digital services and devices, has conservatively calculated that more than 5.5 billion Secure Elements (SEs) deployed in 2017 were based on its specifications, an increase of over 1.5 billion from the previous year. Additionally, over the last three years, in excess of 1 billion SEs were embedded within mobile devices, 100% of which were based on GlobalPlatform technology.
CertainSafe® Announces Enhancements to Its Digital Safety Deposit Box(Tampa Bay News Wire) Secure online storage and sharing of private data for small and medium enterprises Colorado Springs, CO – October 22 2018 CertainSafe® (www.certainsafe.com), a cloud-based data security service provider, has introduced new features for its Digital Safety Deposit Box. Created to protect the most sensitive and private files of small and medium enterprises, CertainSafe’s digital vault is…
Elisa, F-Secure Join Forces to Simplify Connected Home Security(Global Security Mag Online) Cyber Security provider F-Secure and telecommunications company Elisa have joined forces to simplify how people can secure the internet-connected devices finding their way into homes. Elisa is planning to implement a new internet service that includes routers powered by F-Secure Connected Home Security, making them the first network operator in the world to include F-Secure’s innovative smart home security solution in the routers they provide to customers.
NEW TECH: Silverfort extends ‘adapative multi-factor authentication’ via key partnerships(Security Boulevard) Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary One recent validation comes from two long established, and much larger cybersecurity vendors – Checkpoint and Palo Alto Networks – that have
HTC opens up early access to its blockchain phone(TechCrunch) After months of talk, HTC’s blockchain phone is finally arriving — albeit in limited quantities. The hardware maker announced today at a crypto conference in Berlin that it’s opening up access to an early version the Exodus 1 handset to “cryptographers and developers from all over the world” throug…
Forging a Relationship With the Internet’s Most Hated Swatter(WIRED) A journalist strikes up a jail-cell correspondence with a man charged with instigating a fatal shooting. “Only by peering into the abyss of human malice can we divine how we can muster the strength to forgive the truly lost," he writes.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Secutech 2019(Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...
2018 ICS Cyber Security Conference USA(Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...
Energy Tech 2018(Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...
Global Resilience Federation Summit on Third-Party Risk(Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management
other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.
Wild West Hackin’ Fest(Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event...
Symposium on Securing the IoT(Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...
Times Talks: Arming for Cyberwarfare(Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the...
SecureWorld Denver(Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber Security Dallas(Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.
InfoWarCon 18(Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...
RETR3AT Cybersecurity Conference(Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...
4th Annual Cyber Southwest (CSW) Symposium(Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...
Hybrid Identity Protection Conference(New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.