The threat intelligence event of the year is just around the corner—Detect '18! Join team ANOMALI and your fellow professionals at the Gaylord National Resort & Convention Center September 19-21, 2018 in National Harbor, Maryland for timely education and training on today’s most compelling, relevant threat intelligence topics, breakout sessions designed for all levels of experience, and insights from compelling customer presentations highlighting real-world threat intelligence big data issues. Register today!
September 6, 2018.
By The CyberWire Staff
We may be seeing something that amounts, almost, to declared cyberwar between the UK and Russia. British Prime Minister May told Commons yesterday that the Government had identified the attackers responsible for the Novichok nerve agent attacks. She named Alexander Petrov and Ruslan Boshirov, characterizing them as GRU operatives. She said the attacks were "almost certainly" approved at a high level, and that "the full range of tools from across our national security apparatus" will be used against the GRU. That full range of tools is understood to encompass, principally, offensive cyber operations. The Prime Minister briefed President Trump and will communicate with the United Nations Security Council today.
Hearings on social media held yesterday by the Senate Select Committee on Intelligence elicited from Facebook's Sheryl Sandberg her example of what might companies like hers might be expected to do against foreign influence operations: suspend inauthentic accounts, the way Facebook, Google, and Twitter did when FireEye tipped them to such accounts' links to Iran's government. "In our mind that’s the system working," she said. But larger questions about disinfecting online nastiness remained unanswered, quite possibly because they're unanswerable.
The US Department of Justice announced that it will be looking at social media providers for signs of suppressing certain kinds of expression and for engaging in anti-competitive practices.
Qihoo 360 warns of multiple malware attacks spreading across vulnerable, unpatched MikroTik routers.
Palo Alto Networks reports that Iranian threat actor OilRig has adopted a more evasive variant of the OopsIE Trojan.
Traditional browsers betray you by revealing your identity. Security teams who use a cloud browser manage attribution and can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Authentic8 Silo, a secure cloud browser and egress from hundreds of points of presence around the world.
And this week's Hacking Humans podcast is up. In this edition, Dave gets scammed on an exit ramp. Joe describes real estate transaction scams. Is LinkedIn moonlighting in Himalayan tourism? Our guest, Asaf Cidon from Barracuda Networks, shares the social engineering trends his team is tracking.
Rapid Prototyping Event: The Chameleon and the Snake(Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
FireEye Cyber Defense Summit 2018(Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
GOBLIN PANDA Targets Vietnam Again(SecurityWeek) CrowdStrike security researchers have observed renewed activity associated with GOBLIN PANDA, a threat actor mainly targeting entities in Southeast Asia.
Browser Extensions: Are They Worth the Risk?(KrebsOnSecurity) Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine.
Security Patches, Mitigations, and Software Updates
Mozilla Appoints New Policy, Security Chief(SecurityWeek) Mozilla appoints Alan Davidson as new Vice President of Global Policy, Trust and Security. Davidson previously worked at the US Department of Commerce, New America and Google
China is beating the US on AI, says noted investor Kai-Fu Lee(TechCrunch) America may have created AI, but China is taking the ball and running when it comes to one of the world’s most pivotal technology innovations. That’s according to Kai-Fu Lee, a world-renowned AI expert who founded Sinovation, a China-U.S. fund that raised its fourth fund worth $1 billio…
How election security became a Homeland Security priority(Federal Times) Election security wasn’t a mission initially envisioned for the Department of Homeland Security, the sprawling department creating after the Sept. 11 attacks. But it’s now one of the highest priorities, Secretary Kirstjen Nielsen said Wednesday.
Justice Department’s threat to social media giants is wrong(TechCrunch) Never has it been so clear that the attorneys charged with enforcing the laws of the country have a complete disregard for the very laws they’re meant to enforce. As executives of Twitter and Facebook took to the floor of the Senate to testify about their companies’ response to internat…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Resilience & Infosec Conference(Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently
9th Annual Billington CyberSecurity Summit(Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses...
SecureWorld Twin Cities(Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
2018 International Information Sharing Conference(Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...
SecureWorld Detroit(Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cybersecurity for Small & Medium Sized Businesses(Gaithersburg, Maryland, USA, September 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland...
FutureTech Expo(Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual...
Insider Threat Program Development-Management Training Course(San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...
Air Space & Cyber Conference(National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SINET Global Cybersecurity Innovation Summit(London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...
5th Annual Industrial Control Cyber Security USA(Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.