The threat intelligence event of the year is just around the corner—Detect '18! Join team ANOMALI and your fellow professionals at the Gaylord National Resort & Convention Center September 19-21, 2018 in National Harbor, Maryland for timely education and training on today’s most compelling, relevant threat intelligence topics, breakout sessions designed for all levels of experience, and insights from compelling customer presentations highlighting real-world threat intelligence big data issues. Register today!
September 4, 2018.
By The CyberWire Staff
CrowdStrike has confirmed claims by Intrusion Truth that APT 10 (also known as Stone Panda) is operated by the Tianjin Bureau of China's Ministry of State Security. Intrusion Truth, described as "shadowy," represents itself as a hacktivist group dedicated to exposing Chinese intelligence.
Zscaler researchers are tracking a spam campaign that directs users to .tk sites (the national top-level domain for Tokelau) in the service of, for the most part, an ad-fraud campaign. Zscaler estimates the ad fraud brings in more than $20 thousand a month, and other associated scams pull in additional revenue. Tokelau, which allows anyone to register a domain, has a population shy of fifteen hundred but the largest presence on the Internet.
Two implausible scams are circulating. One, a celebrity advance-fee come-on, tells the gullible that Pope Francis wants to give away a small fortune in Bitcoin. The other, crude ransomware, displays the face of former President Obama and represents him as declaring that he's encrypted your files, but that he'll recover them for you in exchange for "a tip." It should be, but isn't, needless to say that neither the current Pope nor the former President are involved in any of this.
Check Point researchers have found, and made available, a decryptor for RansomWarrior ransomware.
On Wednesday the US Congress will hold hearings on the tech industry. They're interested in political influence, privacy, and monopolistic practices. The Senate Intelligence Committee will interrogate Facebook, Twitter, and Google. The House Commerce Committee will confine itself to Twitter.
Today's issue includes events affecting Australia, China, Cuba, European Union, Israel, Republic of Korea, Lebanon, Qatar, Philippines, Russia, Tokelau, United Arab Emirates, United Kingdom, United States.
Traditional browsers betray you by revealing your identity. Security teams who use a cloud browser manage attribution and can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Authentic8 Silo, a secure cloud browser and egress from hundreds of points of presence around the world.
Rapid Prototyping Event: The Chameleon and the Snake(Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
FireEye Cyber Defense Summit 2018(Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
China’s Muslim Crackdown Extends to Those Living Abroad(Wall Street Journal) Chinese Uighurs living overseas have become a focus of one of government’s largest mass incarcerations in decades. Beijing is concerned that radical Islamic militants are behind a sporadically violent Uighur separatist movement in Xinjiang.
I am invisible - Monero (XMR) Miner(Quick Heal Blog) From the last one year, Quick Heal Security Labs has been observing a boost in the number of mining malware. Nowadays malware authors are using mining as a replacement for Ransomware to make money. Recently Quick Heal Security Labs came across a malware which mines Monero(XMR). This miner has many...
Tech-Support Scams Prompt Google to Act(Wall Street Journal) Google is taking action to weed out scam artists who advertise on its platform aiming to defraud customers seeking technical support by masquerading as authorized service agents for companies such as Apple.
Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy(CP Blog) Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi botnet. In other words: from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police have already been alerted on such a topic as well as National and International …
The post Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy appeared first on Security Affairs.
Industrial group warns Congress of gas pipeline threat(Midland Reporter-Telegram) Lobbyists representing U.S. manufacturing and chemical companies are urging Congress to secure natural gas pipelines against physical and cyber attack. In letter sent to the Senate Energy and Natural Resources Committee and the House Energy and Commerce Committee this week, Industrial Energy Consumers of America President Paul Cicio said Congress should create mandatory security standards similar to those required of electric utilities.
While Data May Be Worth Trillions, It Is Not The New Oil(Forbes) The world faces a data conundrum where likening data to the new oil misses the many shortfalls of this comparison. The main one being that there is no universally accepted accounting method showing the enterprise value of data.
Regulate to Liberate(Foreign Affairs) In an world increasingly driven by the ability of private companies and governments to collect vast amounts of personal data online, the European Union's ambitious new data rules enshrine data privacy as a fundamental right rather than a luxury.
Infinite IO Closes $10.3 Million Funding Round(CRN) Infinite IO co-founder and CEO Mark Cree talks with CRN about the company’s technology, which transparently moves data to the cloud while increasing existing storage system performance.
DARPA seeks transparency in cyber battle(Jane's 360) Key Points
DARPA's Transparent Computing programme aims to detect cyber threats through linking together a system's activities
It is particularly difficult to spot 'Advanced Persistent Threats', where adversaries can appear to be legitimate users
The US Defense Advanced Research Projects Agency
Applications now being accepted for the CyberCorps Scholarship for Service program(The University of Alabama in Huntsville) UAH, a National Center of Academic Excellence in Information Assurance Education, is requesting student applications for full scholarships to study cybersecurity through its renewed five-year, $5 million National Science Foundation (NSF) CyberCorpsⓇ Scholarships for Service (SFS) program.
Rules on reporting cyber attacks, IT glitches out soon: BSP(BusinessMirror) A circular that will require banks to report as soon as possible any cyber attack and other information technology (IT)-related incidents in their systems is expected to be released in September, a ranking Bangko Sentral ng Pilipinas (BSP) official said.BSP Deputy Governor Chuchi Fonacier told r
NSA leaker asks Trump for pardon(Niagara Gazette) An ex-National Security Agency contractor sentenced to five years and three months in prison for leaking classified information will ask President Donald Trump to pardon her in
Roger Stone, former Trump adviser, claims DNC contractor more likely behind hack than Russians(The Washington Times) President Trump’s former campaign adviser Roger Stone pushed back Wednesday against a key finding reached by federal law enforcement and intelligence officials investigating Russian involvement in the 2016 general election, casting doubt on the origin of Guccifer 2.0, the suspected state-sponsored internet persona he admittedly communicated with during Moscow’s alleged multi-pronged interference campaign.
Hollywood accuses itself of piracy(Naked Security) As the EFF puts it, the makers of buggy bots (there are two so far) are poster children for the failure of automated takedown processes.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
National Cyber League Fall Season(Chevy Chase, Maryland, USA, December 15, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
Intelligence & National Security Summit(National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will...
Cyber Resilience & Infosec Conference(Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently
Incident Response 18(Arlington, Virginia, USA, September 5 - 6, 2018) If you work for a vendor or product company, please understand this is not a sales event. IR18 is a community-driven event that aims to disrupt the traditional approach and is more focused on community,...
9th Annual Billington CyberSecurity Summit(Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses...
SecureWorld Twin Cities(Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
2018 International Information Sharing Conference(Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...
SecureWorld Detroit(Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
FutureTech Expo(Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual...
Insider Threat Program Development-Management Training Course(San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...
Air Space & Cyber Conference(National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SINET Global Cybersecurity Innovation Summit(London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.