A number of observers were struck by apparent similarities between the British Airways breach and the earlier incident at Ticketmaster. This morning RiskIQ offered an explanation for the similarity: the company says that the two hacks were conducted by the same criminal group, "Magecart." The company has been tracking Magecart since 2015. The researchers also say the gang remains active on an unusually large scale, conducting "digital skimming" attacks against a range of enterprises: they scan for websites that don't secure payment card data entry forms, and then take whatever's available. This time their attack seems to have been more tailored than usual. British Airways hasn't commented on the attribution.
Trend Micro has responded to accusations that surfaced over the weekend and resulted in the ejection of some of its security apps from the Apple Store. They don't, the company says, report anything to Chinese servers. And the data collection on user systems they do perform is a one-time thing at the time of installation, not an ongoing scraping of information. Furthermore, it was fully disclosed in the end-user license agreement. Trend Micro says it's now discontinued that particular feature in its apps.
An important case goes before the European Court of Justice this week. Google will be challenging aspects of the EU's "right to be forgotten." In this case Google seems to be on the side of the free-speech angels: many observers see broad application of the right to be forgotten as the entering wedge of more intrusive censorship.
Today's issue includes events affecting China, Estonia, European Union, France, Georgia, Israel, Italy, Russia, United Kingdom, United States.
A quick note to our readers: Hurricane Florence is expected make a landfall on the Carolina Banks Thursday afternoon. Here in Baltimore we're north of its track, but we're already seeing heavy rains and some minor local flooding. We don't expect to receive a crippling hit, although of course that could change. If we should miss a day or two (which we don't expect) it's because we're weathered in, not because we've quit on you. Should we go dark for a bit, we'll be working to restore service as soon as possible. If you're in the Carolinas or anywhere else in the storm's path, stay safe and keep out of harm's way. Best of luck to all.
$8.76 million: The average yearly cost of insider threats. Get the report.
Insider threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by downloading the full report. Get your copy today.
ON THE PODCAST
In today's podcast, we hear from our partners at Accenture, as Justin Harvey shares tips on building an effective incident response plan. Our guest is Colin McKinty from BAE systems, discussing the launch of The Intelligence Network, a collaborative task force developed in partnership with Vodafone and Surrey University, to engage, unite and activate the global security community in the fight against cybercrime.
Also, in case you missed it, Recorded Future's podcast, produced in cooperation with the CyberWire, has its latest edition up. This one features an interview with Chris Wolski, head of information security and data protection at Perdue Farms. He shares insights into protecting Purdue's brand, product, and people at the intersection of the cyber and physical worlds.
Rapid Prototyping Event: The Chameleon and the Snake(Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
Cyber Security Summits: September 25 in NYC on October 16 in Phoenix(New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
FireEye Cyber Defense Summit 2018(Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
Two of the Five Eyes share their cyber priorities.(The CyberWire) Among the Summit's highest profile presentations were keynotes by Jeremy Fleming, Director of Britain's Government Communication Headquarters (GCHQ) and General Paul Nakasone, Director of US Cyber Command and Director, National Security Agency (NSA). They were clear that the special relationship between the agencies they lead is strong, and they were equally in agreement that cyberspace is now a principal arena of great power competition.
US Federal priorities: military and civilian.(The CyberWire) A number of senior US civilian officials and military officers represented their organizations at the Summit. There was a general consensus that cybersecurity increasingly pervades everything their enterprises do (but that everyone needs to do more security-by-design), that legacy systems remain a field of vulnerabilities (and that their modernization and replacement represents an opportunity to improve security), and that the Government competes for cyber talent at a disadvantage (and must look for creative ways of attracting people into Federal service).
Answers to Your Questions on Our Apps in the Mac App Store(Trend Micro) Reports that Trend Micro is “stealing user data” and sending them to an unidentified server in China are absolutely false. Trend Micro has completed an initial investigation of a privacy concern related to some of its MacOS consumer products. The results confirm that Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and...
Three Trend Micro Apps Caught Collecting MacOS User Data(Dark Reading) After researchers found the security apps collecting and uploading users' browser histories, Apple removed the apps from its macOS app store and Trend Micro removed the apps' browser history collection capability.
Google Launches Alert Center for G Suite(SecurityWeek) Google is making it easier for G Suite administrators to access notifications, alerts, and actions by bringing them all together in a single place with the launch of a new alert center.
Sound, Fury, And Nothing One Year After Equifax(Simply Security) One year ago today, Equifax suffered what remains one of the largest and most impactful data breaches in U.S. history. Last September, it was revealed that the personal information of 145 million Americans, almost 700,000 UK citizens, and 19,000 Canadians was stolen by cybercriminals. This information included names, addresses, birthdays, Social Security numbers, and—in some...
Huawei & Honor's Recent Benchmarking Behaviour: A Cheating Headache(AnandTech) Does anyone remember our articles regarding unscrupulous benchmark behavior back in 2013? At the time we called the industry out on the fact that most vendors were increasing thermal and power limits to boost their scores in common benchmark software. Fast forward to 2018, and it is happening again.
How Automation Helps Security Managers(SecurityWeek) Stan Engelbrecht explains at how automation and orchestration can replace chaos with order, and how security folks in management positions can benefit from this needed change.
Professionalizing Cybersecurity Practitioners(SecurityWeek) Done correctly, a cybersecurity professional body will benefit the nation, its businesses, and the practitioners. Done badly, it could prove an unmitigated disaster.
Too Many Tools? How Many Tools does the SOC Have?(Bricata) Studies show the security operations center (SOC) may have anywhere from 10 to 100 cybersecurity tools. The real problem, however, isn’t the number of tools, but the lack of integration. #securityanalytics #securityintegration #soc
Former Cyber Diplomat Says U.S. Cutback Sends Wrong Message(Wall Street Journal) While Estonia and other countries expand their diplomatic efforts on cybersecurity, the U.S. Department of State downsized its relevant office last year when Deputy Assistant Secretary Rob Strayer replaced Chris Painter, the outgoing coordinator for such issues who took office in 2011.
Rep. Luetkemeyer introduces breach-notice bill focused on finance sector(Inside Cybersecurity) Attempting to move past a long-running inter-sector stalemate over breach-notification legislation, House Financial Services subcommittee Chairman Blaine Luetkemeyer (R-MO) today introduced legislation that would codify notice requirements for financial services entities including insurers.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Infosecurity North America(New York, New York, USA, November 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business...
2018 International Information Sharing Conference(Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they...
SecureWorld Detroit(Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
Cybersecurity for Small & Medium Sized Businesses(Gaithersburg, Maryland, USA, September 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland...
Air Space & Cyber Conference(National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SINET Global Cybersecurity Innovation Summit(London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...
5th Annual Industrial Control Cyber Security USA(Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...
Security in our Connected World(Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...
Detect 18(National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...
Cyber Beacon(Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...
IT Security Leadership Exchange(Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.