2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
October 31, 2018.
By The CyberWire Staff
Influence operations of various kinds continue to romp through social media as social networking platforms grapple (under election-driven scrutiny) with the inherent difficulty of content moderation and various other alternative forms of rumor control. Bitdefender and other security companies have been tracking information operations serving up fake news and other forms of propaganda. The focus is naturally enough on next week's US midterm elections, but influence campaigns have been active in Brazil, the UK, and elsewhere.
Recorded Future and McAfee have released their study of Kraken Cryptor, with particular attention devoted to how the ransomware is distributed through a black-market affiliate scheme.
Another strain of ransomware, SamSam, which crippled Atlanta earlier this year, is being tracked by Symantec, which concludes that SamSam is being used mostly against US targets.
The US Department of Justice yesterday released an unsealed grand jury indictment of ten Chinese nationals, at least two of them serving intelligence officers, charging them with industrial espionage against at least thirteen US companies in the aerospace sector. The activities revealed in the indictment show the Ministry of State Security's adherence to classic forms of agent recruiting and handling.
The US Geological Survey's Inspector General found the source of a major malware infestation that propagated across the Interior Department agency: an employee used his Government device to surf through some nine-thousand pages of adult content. One could see maybe a slip here or there, perhaps a baker's dozen of moments of weakness, but nine thousand, wow, that seems like supererogation.
Create a culture of cybersecurity awareness with Coachable Moments.
According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Webroot, as David Dufour offers thoughts on processor vulnerabilities. Our guest is Maria Rerecich from Consumer Reports on their product testing processes, and how they’ve evolved to keep up with the times in the cyber age.
Maryland Cybersecurity Career & Education Fair(Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.
Bitdefender Finds Hackers Targeting High-Profile US Election...(Bitdefender Labs) Here at Bitdefender Labs we are closely watching the US Midterm Elections in search of anomalies in malware, spam, misinformation and social network activity. What is a ‘fake domain’? Typically, a fake website. Hackers register variations of valid website domains in order to... #electionsecurity
Twitter’s U.S. midterms hub is a hot mess(TechCrunch) Today, Jack Dorsey tweeted a link to his company’s latest gesture toward ongoing political relevance, a U.S. midterms news center collecting “the latest news and top commentary” on the country’s extraordinarily consequential upcoming election. If curated and filtered properl…
Facebook caught in an election-security Catch-22(AP NEWS) NEW YORK (AP) — When it comes to dealing with hate speech and attempted election manipulation, Facebook just can't win. If it takes a hands-off attitude, it takes the blame for undermining democracy and letting civil society unravel. If it makes the investment necessary to take the problems seriously, it spooks its growth-hungry investors. That dynamic was on display in Facebook's earnings report Tuesday, when the social network reported a slight revenue miss but stronger than expected profit for the July-September period.
Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims(McAfee Blogs) Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Read Recorded Future's version of this analysis. Rising from the deep, Kraken Cryptor ransomware has had a notable development path in recent months. The first signs of Kraken came in mid-August on a popular underground forum. In
Semmle Discovers Six Critical Vulnerabilities Affecting Macs, iPhones, and iPads(Semmle) Today, Apple announced a series of critical remote code execution vulnerabilities in Apple’s XNU operating system kernel. XNU is the kernel of macOS, iOS, and other Apple operating systems, which run on more than 1.3 billion devices globally. The vulnerabilities are in XNU’s networking code and its client-side NFS implementation. They were discovered by Kevin Backhouse from the Security Research Team here at Semmle, using our variant-analysis engine to search for vulnerability patterns in source code.
Yes, you should update your iPhone to iOS 12.1, but its lock...(HOTforSecurity) Apple has released its first major update to iOS 12 - iOS 12.1 - bringing a host of new features to iPhones and iPads including dual SIM support, Group Facetime, and for those who needed more of them in their life - 70 new emoji. Apple is less keen to brag about... #ios #iphone #maliciouswebsite
OTX Trends Part 3 - Threat Actors(AlientVault) This is the third of a three-part series on trends identified by AlienVault in 2017.Part 1 focused on exploits and part 2 addressed malware. This part will discuss threat actors and patterns we have detected with OTX.Which threat actors should I be most concerned about?Which threat actors your organization should be most concerned about will vary greatly. A flower shop will have a very different threat profile from a defense contractor. Therefore below
Endgame Introduces Total Attack Lookback™ for Comprehensive Incident Review(Endgame) Includes 120 days of non-repudiable forensic information that exceeds average adversary dwell time at zero additional cost ARLINGTON, VA - October 31, 2018 - Endgame, the leader in unified endpoint protection against targeted attacks, today announced it has made critical threat intelligence data available to all customers free of charge through Total Attack Lookback™ – the industry’s first forensic review feature to exceed average adversary dwell time.
AlienVault - Open Threat Exchange(AlienVault Open Threat Exchange) Learn about the latest online threats. Share and collaborate in developing threat intelligence. Protect yourself and the community against today's latest threats.
Allot Communications reaches deal with Swiftel Networks(Proactiveinvestors NA) Allot Communications Ltd (NASDAQ:ALLT) - Allot will provide Swiftel with a distributed denial-of-service (DDoS) protection system to offer it as a service across their broad network of internet service provider and enterprise customers
Military Cyber Teams On Standby For Elections(Breaking Defense) “We haven’t deployed anyone, just to be clear,” Edwin Wilson said. “We’ll have a traditional prepare-to-deploy order, (and) the members and teams are on recall ready to go within hours.”
The Role of Technology in Compliance(TetherView) Learn about various technology compliance frameworks as they relate to cyber risk management. TetherView - the most comprehensive private cloud for business
10 Years of the Blockchain: What Is Bitcoin, Really?(Motherboard) The Bitcoin white paper was released into the world 10 years ago today, so we asked some influential people in the space—including the guy who spent 10,000 bitcoins on pizza in 2010—what it is and where it's going.
Bank of America awarded new patent for storing cryptography keys(BCFocus) In an interesting development on Tuesday, Bank of America was awarded a patent for systems and devices for hardened remote storage of private cryptography keys used for authentication, according to documents released by the US Patent and Trademark Office (USPTO).
[Superseding indictment](US Department of Justice) UNITED STATES OF AMER]CA, Plaintiff, V ZHANG ZHANG_GU] (1), aka "leanov, " aka "1eaon, " zHA RONG (2), cHAr MENG (3), aka "Cobain," L]U CHUNLIANG (4), aka "sxpdi-cl-," aka "Fangshour " GAO HONG KUN (5), aka "mer4en7y, " ZHUANG XTAOWET (6), aka "jpxxavr " MA ZHrQr (1) , aka "Le Mar " Lr xrAo (B), aka "zhuan86 " GU GEN (9), aka "Sam Gur" TrAN Xr (10), Defendants.
Zuckerberg gets joint summons from UK and Canadian parliaments(TechCrunch) Two separate parliamentary committees, in the UK and Canada, have issued an unprecedented international joint summons for Facebook’s CEO Mark Zuckerberg to appear before them. The committees are investigating the impact of online disinformation on democratic processes and want Zuckerberg to a…
Infantino expects release of info from cyberattack on FIFA(AP NEWS) FIFA President Gianni Infantino is braced for a release of private information gained by hackers after world soccer's governing body said its computer network was subject to another cyberattack. The disclosure comes in the same month the U.S. Department of Justice and the FBI said Russia's military intelligence body was responsible for a hack on FIFA in 2016, which led to evidence from anti-doping investigations and lab results being published. FIFA did not provide details about the data gained in the latest attack this year on e-mail systems, but it has been contacted by media outlets about internal information contained in private exchanges.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cyber:Secured Forum 2019(Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...
SecureWorld Denver(Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cyber Security Dallas(Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.
InfoWarCon 18(Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...
RETR3AT Cybersecurity Conference(Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...
4th Annual Cyber Southwest (CSW) Symposium(Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...
Hybrid Identity Protection Conference(New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...
Hybrid Identity Protection Conference 2018(New York, New York, USA, November 5 - 6, 2018) The Hybrid Identity Protection Conference is the premier educational and networking event for identity experts. Learn what cutting-edge industry leaders are doing to improve identity protection in the...
Cyber Security & Artificial Intelligence MENA Summit(Dubai, UAE, November 6 - 7, 2018) Cyber Security and Artificial Intelligence MENA Summit has been designed to bring you a remarkable opportunity to gain fresh insights into areas such as artificial intelligence and machine learning impact...
2nd Annual Aviation Cyber Security Summit Summit(London, England, UK, November 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations,...
Federal IT Security Conference: FITSC 2018(College Park, Maryland, USA, November 7, 2018) Phoenix TS and Federal IT Security Institute (FITSI) are partnering to host the third annual Federal IT Security Conference (FITSC) this November. Speakers from NIST, DHS, the Defense Department as well...
SINET Showcase(Washington, DC, USA, November 7 - 8, 2018) Highlighting and advancing innovation. SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity.
SecureWorld Seattle(Seattle, Washington, USA, November 7 - 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Infosecurity North America(New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...
Kingdom Cyber Security(Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.