2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
September 18, 2018.
By The CyberWire Staff
Citizen Lab has another report out on Pegasus spyware, NSO Group's lawful intercept product. They've found the tool in use in at least forty-five countries. Their scans aren't entirely clear—it's difficult to distinguish targets from users, for example—but Pegasus seems to be in widespread use. Observers note that while some of the regimes who employ the tool do so with lawful restraint, other, more repressive governments make more indiscriminate use of it.
Arbor’s Security Engineering & Response Team (ASERT) reports finding spearphishing emails targeting senior officials in Bahrain. They regard the campaign as similar to an OilRig distribution of the Bondupdater Trojan, discovered by Palo Alto Networks' Unit 42. OilRig is associated with the Iranian government.
Tenable has found a zero-day they're calling "Peekaboo" in the NUUO software widely used in networked video surveillance cameras. They think upwards of 100 brands and 2,500 different models of camera could be vulnerable. Exploitation of the flaw could yield access to the control management system, expose credentials for connected video cameras, and permit both disconnection of live feeds and image tampering. NUUO says a patch is being developed, and that in the meantime users should take steps to limit access to NUUO NVRMini2 deployments.
The theft of intellectual property from universities by hackers linked by SecureWorks researchers to Iran's government looks oddly like petty larceny. Papers are going for as little as £2 ($2.63) on WhatsApp.
Both major US political parties are working on a modus vivendi to control data abuse.
Yesterday’s Scorecard Won’t Protect Your From Tomorrow’s Breach
With 56% of global organizations experiencing third party breaches, it’s no surprise that third party risk is the hottest cybersecurity topic. Threat actors will continue to target third parties as long as their vulnerabilities go unchecked. You need a 24x7x365 monitoring solution. Read LookingGlass’ eBook to learn how to build a successful third party risk program, so your organization isn’t left relying on old data to protect your employees, customers, and brand.
And you may also be interested in Recorded Future's podcast, produced in cooperation with the CyberWire. In this episode, Allan Liska takes a look at the last several months and thinks there may be reason to believe concerns about a GDPR-pumped rise in spam may not have panned out.
The force is stronger when MSPs and MSSPs come together.(Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.
The Browser Can Win and Lose Midterm Elections(Washington, DC, United States, September 20, 2018) Join Authentic8 in DC for a happy hour and appetizers. Come learn how a browser can be tracked and used for campaign targeting, what technical hurdles are in the current campaign targeting landscape, and how you can protect yourself.
Cyber Security Summits: September 25 in NYC on October 16 in Phoenix(New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
FireEye Cyber Defense Summit 2018(Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.
Dragos Industrial Security Conference (DISC) 11/5/18(Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.
Tunneling Under the Sands(Arbor Networks Threat Intelligence) Executive Summary ASERT recently came across spear-phishing emails targeting the Office of the First Deputy Prime Minister of Bahrain. A similar campaign uncovered by Palo Alto’s Unit 42 found the activity distributing an updated variant of BONDUPDATER, a PowerShell-based Trojan, which they attribute to Iranian APT
GovPayNow.com Leaks 14M+ Records(KrebsOnSecurity) Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.
Cryptomathic supports Deutsche Post Qualified Electronic Signatures(Global Security Mag Online) Deutsche Post has entered the era of end-to-end digitalization by extending its Postident digital identity management services with Qualified Electronic Signatures (QES), enabling their clients to conduct all their business entirely online, with enhanced security and privacy and in full compliance with the eIDAS regulation.
Don't Trust Artificial Intelligence? Time To Open The AI 'Black Box'(Forbes) Despite its promise, the growing field of Artificial Intelligence (AI) is experiencing a variety of growing pains. In addition to the problem of bias, there is also the ‘black box’ problem: if people don’t know how AI comes up with its decisions, they won’t trust it.
Cybersecurity decisions that can’t be automated(CSO Online) Encourage those inside and outside your team to identify and challenge daily assumptions in order to adapt to change, think differently and make smarter, faster security related decisions.
China cries foul over move to block Huawei(The Australian) A leading Chinese academic has accused Canberra of violating the Law of the Sea treaty when it moved to block Chinese telecommunications company Huawei from building an undersea cable from the Solomon Islands to Australia.
Trump Eases Cyber Ops, But Safeguards Remain: Joint Staff(Breaking Defense) Fast doesn’t meant out of control. Brig. Gen. Grynkewich took pains to emphasize that civilian oversight remains intact and the Pentagon’s role will be rigorously defined under the new National Security Presidential Memorandum NSPM-13.
You Didn’t Think the Sony Saga Was Over, Did You?(Risk Based Security) On November 24th, 2014 a Reddit post appeared stating that Sony Pictures had been breached and that their complete internal network, nationwide, had signs that the breach was carried out by a group calling themselves GOP, or The Guardians Of Peace.
Smirking Russians are now the butt of the joke(Times) Ah, the theories. The theories and the jokes. Last week, as you’ll know, the two Russian suspects accused of seeking to murder the former spy Sergei Skripal did a bizarre, hilarious interview on...
Altaba to settle lawsuits relating to Yahoo data breach for $47 million(TechCrunch) Altaba, the holding company of what Verizon left behind after its acquisition of Yahoo, said it has settled three ongoing legal cases relating to Yahoo’s previously disclosed data breaches. In a Monday filing with the Securities and Exchange Commission, the former web giant turned investment …
NSA Must Give Up Info In Olympics Spy Suit, Attendees Say(Law360) A group of 2002 Winter Olympics attendees who claim they were spied on by the U.S. National Security Agency asked a Utah federal court to compel the agency to respond to their discovery requests, saying the NSA is hiding behind invalid state secret objections.
Air Space & Cyber Conference(National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SINET Global Cybersecurity Innovation Summit(London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place...
5th Annual Industrial Control Cyber Security USA(Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges...
Security in our Connected World(Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and...
Detect 18(National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...
Cyber Beacon(Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...
IT Security Leadership Exchange(Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...
Global Security Exchange(Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...
Connect Security World 2018(Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...
The Cyber Security Summit: New York(New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
5th Cyber Operations for National Defense Symposium(Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.