2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
September 17, 2018.
By The CyberWire Staff
A ransomware attack (or, as airport authorities hedge it, an attack similar to ransomware) took departure board screens offline for two days at Bristol Airport in the UK. The screens were disenabled as part of a general response to detection of the attack. The airport believes the attack was "speculative" rather than specifically targeted.
Several universities in the UK, Cambridge and Oxford among them, sustained cyberespionage incidents in which sensitive technical material was taken on behalf of Iran.
The EternalBlue exploits, widely believed to have been stolen from the US NSA, continue to turn up in infestations around the world. A great many of the infections involve cryptojacking.
Several evolved ransomware strains are circulating in the wild. A new variant of Dharma is out. Ryuk is not only encrypting files, but disabling endpoint protection on infected devices. SynAck (not to be confused with the legitimate security company with the similar name) evades detection with Process Doppelgänging. Kraken Cryptor masquerades as the legitimate security tool SuperAntiSpyware.
The EU advances consideration of its next major Internet regulation: hosts will, if the measure passes, have one hour to remove "extremist" content from their services. The clock begins when authorities notify providers. Fines would be in the GDPR range.
North Korea is said to be turning to false identities and online services to evade economic sanctions, using Upwork, Freelancer, Github, Slack, LinkedIn, PayPal, and Facebook to facilitate IT service sales.
Russian disinformation over the Novichok attacks seems, the Washington Post reports, to be backfiring.
Today's issue includes events affecting China, Canada, Denmark, Egypt, Estonia, European Union, India, Indonesia, Iran, Netherlands, New Zealand, Philippines, Russia, Taiwan, Thailand, Turkey, United Kingdom, United States, and Vietnam.
Yesterday’s Scorecard Won’t Protect Your From Tomorrow’s Breach
With 56% of global organizations experiencing third party breaches, it’s no surprise that third party risk is the hottest cybersecurity topic. Threat actors will continue to target third parties as long as their vulnerabilities go unchecked. You need a 24x7x365 monitoring solution. Read LookingGlass’ eBook to learn how to build a successful third party risk program, so your organization isn’t left relying on old data to protect your employees, customers, and brand.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
The Browser Can Win and Lose Midterm Elections(Washington, DC, United States, September 20, 2018) Join Authentic8 in DC for a happy hour and appetizers. Come learn how a browser can be tracked and used for campaign targeting, what technical hurdles are in the current campaign targeting landscape, and how you can protect yourself.
Cyber Security Summits: September 25 in NYC on October 16 in Phoenix(New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
FireEye Cyber Defense Summit 2018(Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
Tech’s New Problem: North Korea(Wall Street Journal) Hiding behind fake profiles on Facebook and LinkedIn, a group linked to Pyongyang solicited information-technology work, then stiffed its subcontractors, a WSJ investigation shows. The technique, replicated more widely, could be bringing millions of dollars in hard currency to the country.
New Brrr Dharma Ransomware Variant Released(BleepingComputer) A new variant of the Dharma Ransomware was released this week that appends the .brrr extension to encrypted files. This variant was first discovered by Jakub Kroustek who tweeted a link to the sample on VirusTotal.
Companies Wary of Cyberattacks, Phishing During Hurricanes(Wall Street Journal) Hurricane Florence could make companies vulnerable to cyberattacks as firms race to protect computer systems and networks ahead of the storm expected to hit the Southeast U.S. Friday, cybersecurity experts say.
Keys schools computer system hacked(Florida Keys News) The Monroe County School District has been forced to shut down its computer system for nearly three days due to a cyberattack through ransomware called GandCrab.
How to crash and restart an iPhone with a CSS-based web attack(HOTforSecurity) A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage. Sabri Haddouche tweeted a link to webpage containing his 15-line proof-of-concept attack, which exploits... #applesafari #csswebattack #iphone
New Android Botnet Pops Up on Malware-as-a-Service Market(Security Boulevard) Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other cybercriminals.
A history of the next 10 years in banking(Quartz) Through an unlikely series of cosmic events, Quartz obtained a dispatch from Sept. 15, 2028, describing the conditions on the 20th anniversary of Lehman's collapse.
From the bookshelf: ‘The perfect weapon’(The Strategist) The new cold war is being fought in cyberspace on a continuing basis and with ever more sophisticated technologies. The Western powers, principally the United States and its allies, confront growing intrusions from adversaries ranging ...
Microsoft Acquires Another AI Company, Lobe(PCMAG) Founded in 2015, Lobe makes an AI tool that lets developers build custom deep learning models for their apps without having to write code. The team plans to continue developing Lobe as a standalone service for multiple platforms.
Three things to watch in SAIC-Engility combo(Washington Technology) SAIC's planned acquisition of Engility hasn't been greeted as a barn-burner in the market yet. But maybe that's not such as bad thing as both companies try to move beyond their legacies.
IT Security: Bomgar to Become BeyondTrust(Security Boulevard) Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust. Terms of the deal were not disclosed. Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust.
Exabeam adds updated case management module to flagship analytics(Intelligent CIO Middle East) Exabeam, the next-gen security management company, has announced the addition of case management functionality into Exabeam Advanced Analytics and Exabeam Entity Analytics, its market-leading user and entity behaviour analytics (UEBA) solutions. The case management offering helps security teams organise and streamline their response efforts to boost security operation centre (SOC) productivity. Exabeam Case Management is […]
Technologies, Techniques, and Standards
Will The Latest IBM Proposal For Supplier’s Declaration Improve Transparency in AI Algorithms?(Analytics India Magazine) Deep learning has had enormous impact on the fields of computer vision, natural language and many other fields. But deep learning models have also been plagued with unexplainability and lack of transparency. The black box nature of DL models is the chief cause for non-interpretability. Now, to overcome these shortcomings, researchers are focusing on ‘Explainable AI’ wherein scientists can understand DL models and trace how the output was achieved. So far, DL models have achieved near human accuracy in image recognition, but through brute force techniques wherein they are fed terabytes of data.
Businesses Urged Not To Pay Cyberattackers(PYMNTS.com) Small business owners are making a grave mistake if they assume their firms are not a prime target for cyberattackers. Not only are small and medium-sized businesses (SMBs) a prime target, but such an attack can be detrimental to a small company without the resources to combat a security threat. Nearly half of the small […]
Securing Mass Transit Railway Systems(Mass Transit) By putting in the necessary time and effort to prepare and implement a robust cybersecurity strategy, railway operators can not only avoid potential loss of revenue but also enhance their reputation as a reliable provider of hassle-free, on-time service.
What is card-on-file EMV payment tokenization?(Rambus) The way we pay is changing. Consumers are now using their PC, smartphones, wearable devices and even cars to buy goods and services. The size and value of the card-not-present (CNP) market is increasing exponentially as payment use-cases across e-commerce, m-commerce and the Internet of Things (IoT) emerge and mature. What is card-on-file? The process …
8 critical safety tips for safer online banking(Security Boulevard) Prevent digital attacks and protect your hard-earned dollars with these 8 critical safety tips for safer online banking. The post 8 critical safety tips for safer online banking appeared first on Emsisoft | Security Blog.
Design and Innovation
Launching the cybersecurity moonshot(Fifth Domain) The United States is reliant on digitally-connected technologies that are fundamental to our national security, public safety, and economic prosperity. Our nation’s ability to protect and enhance the cybersecurity is a national imperative.
Voldemort, Alex Jones, and my Facebook account(Skating on Stilts) For those who've been waiting (and maybe hoping) that I'd be suspended from Facebook after I linked to infowars.com, we have an answer. I began the experiment when a guy named Brandon Straka, leader of the conservative #WalkAway initiative, announced that he had been given a 30-day account suspension for linking from Facebook to his upcoming interview on infowars.
India excludes Huawei and ZTE from 5G trials (Korea Times) India has excluded Huawei and ZTE from participating in trials to speed up 5G technology in the country amid security concerns surrounding the Chinese telecoms equipment providers. Local media reported Friday that the Department of Telecommunications has asked Samsung, Cisco, Ericsson and Nokia to be project partners for the trials.
Skripal Poisoning Suspect's Passport Data Shows Link to Security Services(Bellingcat) Read The Insider Russian report on this same topic here. An ongoing Bellingcat investigation conducted jointly with The Insider Russia has confirmed through uncovered passport data that the two Russian nationals identified by UK authorities as prime suspects in the Novichok poisonings on British soil are linked to Russian security services. This finding directly contradicts...
Army Wrongly Ignored Palantir In $206M Deal, Fed. Circ. Says(Law360) The U.S. Army’s decision to shut data analytics firm Palantir Technologies out of a $206 million intelligence system procurement violated a statute requiring federal agencies to give preference to commercial companies in contracting whenever possible, the Federal Circuit ruled, putting teeth into the largely untested law.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Insider Threat Program Development-Management Training Course(San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will...
Air Space & Cyber Conference(National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SINET Global Cybersecurity Innovation Summit(London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...
5th Annual Industrial Control Cyber Security USA(Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...
Security in our Connected World(Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...
Detect 18(National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...
Cyber Beacon(Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...
IT Security Leadership Exchange(Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...
Global Security Exchange(Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...
Connect Security World 2018(Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...
The Cyber Security Summit: New York(New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
5th Cyber Operations for National Defense Symposium(Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.