Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 1, 2019.
By the CyberWire staff
Toyota disclosed Friday that attackers had accessed customer sales data on its servers in Japan, ZDNet reports. There's no attribution yet, but speculation has turned toward Vietnamese threat group APT32. Infosecurity Magazine says that Toyota's operations in Vietnam may also have been hit.
As risk of Magento e-commerce software exploitation rises, BankInfo Security and others recommend immediate patching. Threatpost has a summary of available fixes.
ZDNet reports the Russian government has served ten VPN providers with notice that they have thirty days to connect their services to a government blacklist of forbidden sites or cease operations. Of the ten providers Moscow's communications authority Roskomnadzor put on notice (NordVPN, Hide My Ass, Hola VPN, OpenVPN, VyprVPN, ExpressVPN, TorGuard, IPVanish, Kaspersky Secure Connection, and VPN Unlimited) four (TorGuard, VyprVPN, OpenVPN, and NordVPN) have already stated their intention of exiting the Russian market rather than comply.
Facebook CEO Zuckerberg has an op-ed in the Washington Post in which he asks governments to regulate him.
The AP reported late Friday that Tyler Barriss has been sentenced to twenty years in a US Federal prison for his admitted role in Andrew Finch's December 2017 swatting death. Barriss's two alleged conspirators, Shane Gaskill and Casey Viner, await their own decisions.
BleepingComputer calls it ironic, but it somehow seems inevitable: the website of the Nigerian National Assembly for about two weeks was serving up a landing page for phishing attacks that were after DHL credentials. Needless to say it wasn't government policy to host this phishing tackle.
Today's issue includes events affecting Australia, Belarus, Canada, China, Egypt, India, Iran, Israel, Italy, Japan, Democratic Peoples Republic of Korea, New Zealand, Oman, Russia, Saudi Arabia, Syria, Turkmenistan, Turkey, Uganda, Ukraine, United Arab Emirates, United Kingdom, United States, Venezuela, and Vietnam.
We understand that this is April Fool's Day, but to the best our knowledge, there are no pranks in this issue of the CyberWire. There really is, for example, a VPN that calls itself "Hide My Ass." We've seen it with our own two (or so) eyes. And believe it or not, it does seem that there was a credential-harvesting landing page insinuated into a Nigerian government site.
Adversaries are creating new attacks at such a speed and volume that signature and sandbox-based threat detection can’t keep up. Deep learning can help. By exposing neural nets to threat data, deep learning can learn to identify malicious traffic, even zero days seen for the first time. But why are advances possible today? How does deep learning differ from machine learning? Where’s the best place to apply deep learning? Get the answers here.
Cryptowinter or not! North Korean hackers care less when they attack(CoinNewsSpan) Every industry is sympathetic about the Cryptowinter that has been haunting the market since last November, except the state-sponsored North Korean hackers who have been rampaging accounts online. According to cyber security experts, both Mac and Windows OS users continue to remain vulnerable to the cyber attack, which was launched when the CryptoWinter started. The …
Exodus: New Android Spyware Made in Italy(Security Without Borders) We identified a new Android spyware platform we named Exodus, which is composed of two stages we call Exodus One and Exodus Two. We have collected numerous samples spanning from 2016 to early 2019.
Intel VISA: Through the Rabbit Hole(Black Hat Asia 2019) The complexity of x86-based systems has become so great that not even specialists can know everything. The recently discovered Meltdown/Spectre vulnerabilities, as well as numerous issues in Intel Management Engine, underscore the platform's mindboggling intricacies. So, the chips manufacturer has to actively use of various means for manufacturing verification and post-silicon debugging.
Is GDPR the new hacker scare tactic?(BetaNews) No one questions the good intent behind the EU’s General Data Protection Regulation (GDPR) legislation, or the need for companies to be more careful with the proprietary information they have about clients, patients, and other individuals they interact with regularly. While the provisions within the GDPR do help, they have also created new opportunities for hackers and identity thieves to exploit that data.
Google redirect: how to remove this virus(2-spyware) Google Redirect virus: the virtual annoyance that has been causing headache for computer users for years. Google redirect virus is a serious computer infection that causes
Ironically, Phishing Kit Hosted on Nigerian Government Site(BleepingComputer) Those who remember earlier days of the internet are familiar with the "Nigerian Prince letter," also known as the 419 scam. While that fraud typically runs from personal email accounts, another one uses an official Nigerian government website to host a phishing page for the DHL international courier service.
City of Albany experiences cyber attack(WRGB) Mayor Kathy Sheehan tweeted Saturday that the City of Albany has experienced a ransomware cyber attack. Mike Stamas, an expert at GreyCastle Security, says ransomware is a common exploit for hackers. Basically, it locks down computers, requiring payment to restore access to your network, files, and system information. Ransomware attacks can be instigated from anywhere, and take advantage of vulnerable software, or of a person clicking a link in a phishing email.
Albany cyber attack affecting records, police(Times Union) Police officers do not have access to internet-dependent systems, leaving them in the dark about manpower on patrols and possibly slowing down call response times a day after a ransomware cyber attack on the city, according to a Facebook post from the police union's vice president.
Annual Protest Raises $250K to Cure Krebs(KrebsOnSecurity) For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive, a now-defunct cryptocurrency mining service that was massively abused by cybercriminals. Krebs is translated as “cancer” in German.
Security Patches, Mitigations, and Software Updates
The Impact of Cyber Security theory in the World(Modern Diplomacy) The correct control of cyber security often depends on decisions under uncertainty. Using quantified information about risk, one may hope to achieve more precise control by making better decisions. Information technology (IT) is critical and valuable to our society. IT systems support business processes by storing, processing, and communicating critical and sensitive business data. In […]
Banks have created a fraudsters’ paradise(Times) It may not comfort Anthony Loehnis, the retired Bank of England grandee who transferred tens of thousands of pounds to fraudsters, but he is not alone. Google and Facebook were recently defrauded...
Technology Industry Report, 2019(Valimail) Tech Companies Make Progress in Anti-Phishing Protection: Sector’s Embrace of DMARC and SPF a Good Sign — But Implementation Challenges Remain.
Huawei: Hundred Billion Dollar Troll(Fortune) The Financial Times reported earlier this week that Chinese telecom equipment manufacturing giant Huawei Technology has hired top-drawer Washington public relations group Burson Cohn & Wolfe to “help it make its case in the US following months of media and political scrutiny.”
Thales successfully completes Gemalto purchase(Jane's 360) Defence and transportation company Thales has successfully completed its purchase of French digital security supplier Gemalto, with shareholders responsible for 85.58% of the company’s stock agreeing to its offer before a deadline on 28 March.
A total of 79,889,388 shares in Gemalto have now
Former IBM and Cisco Executive Tom Noonan to Join Bakkt as Chairman of Board · Cryptosumer(Cryptosumer) Kelly Loeffler, the CEO of institutional trading platform Bakkt, announced that former cybersecurity expert at IBM, Cisco and Endgame Tom Noonan will become the chairman of its board of directors. The development was reported in a Medium post published on March 29. Per the announcement, the founder, chairman and CEO of the Intercontinental Exchange (ICE)
Products, Services, and Solutions
200,000th Vulnerability Added To VulnDB (And Why You Should Care)(Risk Based Security) Risk Based Security today announced the addition of the 200,000th vulnerability to VulnDB, the preeminent database of vulnerability intelligence. This significant record highlights the scale of the security challenges faced by organizations, and the sheer volume of data that they need to be able to process.
Version 3 is in the wild!(Active Countermeasures) Although specifically, its version 3.1.4159 for all you Pi fans. This is a huge update that includes a lot of changes! We …
Securing Crypto Assets on the Blockchain - Rambus(Rambus) The rapid expansion of the cryptocurrency ecosystem demonstrates the power of the blockchain to revolutionize financial services and beyond. Yet at the same time, the inherent volatility provides a cautionary tale. With blockchain implementations gaining traction, it is clear that a new approach is required to …
Rethinking Response(F-Secure) While you know you will be targeted by a cyberattack, convincing the stakeholders in your business is not straightforward. But it will be you that has to answer for a breach, should it happen.
SMBs facing challenges in data backup
(Business Standard) Most small and medium businesses (SMBs) globally are facing challenges when it comes to backing up and recovering data, a new report said on Friday.
Dealerships' cybersecurity plan targets vendors(Automotive News) Stringent vendor standards are part of Zimbrick dealerships' broader effort to stay ahead of data security threats. The strategy also includes installing sophisticated firewalls, sending regular phishing email tests and limiting network access.
140th Cyberspace Operations Squadron unveils new facility(DVIDS) The 140th Cyberspace Operations Squadron held a ribbon cutting ceremony for the unveiling of their new fully operable facility on March 27, 2019, on Joint Base McGuire-Dix-Lakehurst, N.J.
Starting with only 21 members, in July of 2015, the 140th COS became the New Jersey Air National Guard's newest squadron. They are one of 12 Air National Guard cyber protection teams and are responsible for monitoring cyber-attacks to the nation's computer networks, stopping attacks, identifying hackers, and repairing the resulting damage.
Design and Innovation
New Facebook tool answers the question “Why am I seeing this post?”(TechCrunch) Facebook announced today that it is adding a feature called “Why am I seeing this post?” to News Feeds. Similar to “Why am I seeing this ad?,” which has appeared next to advertisements since 2014, the new tool has a dropdown menu that gives users information about why that post appeared in their Ne…
Morphisec Women in Cybersecurity Scholarship 2019(Morphisec) Morphisec is offering three scholarships worth $5,000, $2,000 and $1,000 for the 2019-2020 school year for female students currently studying cybersecurity or a cybersecurity-related topic.
BSC earns designation in cybersecurity excellence(Bismarck Tribune) The National Security Agency and the Department of Homeland Security have designated Bismarck State College as a National Center of Academic Excellence in Cyber Defense Education through academic year 2024.
UTSA sets up temporary home for new cyber hub(San Antonio Express-News) The University of Texas at San Antonio is building a National Security Collaboration Center and a School of Data Science at the university’s downtown campus.
Legislation, Policy, and Regulation
Cyber specialists will be watching — and learning from — Ukraine’s election(CyberScoop) From power outages to the crippling NotPetya wiper worm, Ukraine has been ground zero for disruptive cyber-operations linked to Russia in recent years. The weeks leading up to Ukraine’s presidential election have only reinforced that narrative. The country’s president accused the Russian government of conducting a denial-of-service attack on the country’s election commission. Only Moscow took issue with that claim. With that context in mind, the eyes of cybersecurity practitioners around the world – from officials in allied governments to private-sector specialists – will be on Kiev on Sunday as millions of Ukrainians go to the polls to pick a president. The Atlantic Council, a Washington, D.C.-based think tank, has assembled a team of analysts in Ukraine and the U.S. to watch for any signs of foul play on election day. “There is always a strong correlation between malware propagation and geopolitics,” said Kenneth Geers, a senior fellow at the council who …
US condemns Russia troop deployment to troubled Venezuela(Military Times) The Trump administration on Friday condemned Venezuela's President Nicolas Maduro for what it said was his reliance on foreign military personnel to stay in power and renewed a warning to Russia against getting involved.
Defence Cyber Agency to empower Indian armed forces
(Business Standard) As cyber threats from nation-state bad actors grow exponentially, India urgently requires to enhance the cyber capabilities of its armed forces, including the operationalisation of a Defence Cyber Agency, a new report has emphasised.
Issue the Executive Order(Center for Strategic and International Studies) Now that the United Kingdom’s report on Huawei is out, concluding that there is no way to manage the risk of using Huawei equipment, it is time for the U.S. to take the next step. You may think with all the recent clamor that the U.S. position is clear, but foreign partners say it is not.
Mark Zuckerberg actually calls for regulation of content, elections, privacy(TechCrunch) It’s been a busy day for Facebook exec op-eds. Earlier this morning, Sheryl Sandberg broke the site’s silence around the Christchurch massacre, and now Mark Zuckerberg is calling on governments and other bodies to increase regulation around the sorts of data Facebook traffics in. He’s hoping …
FBI, Retooling Once Again, Sets Sights on Expanding Cyber Threats (wall Street Journal) The FBI has launched its biggest transformation since the 2001 terror attacks to retrain and refocus special agents to combat cyber criminals, whose threats to lives, property and critical infrastructure have outstripped U.S. efforts to thwart them.
Army Takes a Broad View of Cybersecurity(SIGNAL Magazine) Building in security from the onset of capability development is a must if the Army is to successfully incorporate diverse innovative technologies into the force.
Decyzje- Urząd Ochrony Danych Osobowych.(UODO) ZSPR.421.3.2018. Na podstawie art. 104 § 1 ustawy z dnia 14 czerwca 1960 r. Kodeks postępowania administracyjnego (Dz. U. z 2018 r. poz. 2096, z późn. zm.) oraz art. 7 ust. 1 i 2, art. 60 i art. 101 ustawy z dnia 10 maja 2018 r. o ochronie danych osobowych...
Man Behind Fatal ‘Swatting’ Gets 20 Years(KrebsOnSecurity) Tyler Barriss, a 26-year-old California man who admitted making a phony emergency call to police in late 2017 that led to the shooting death of an innocent Kansas resident, has been sentenced to 20 years in federal prison.
Insider Threat Program Management 360 Training Course(Washington, DC, USA, June 25 - 26, 2019) The Insider Threat Defense Group will hold our most advanced training for Insider Threat Program (ITP) Management. This comprehensive 2 day training course covers all the aspects of an ITP, from A-Z; ITP...
InfoSec World 2019(Lake Buena Vista, Florida, USA, April 1 - 3, 2019) Cybersecurity has come a long way in 25 years, and InfoSec World has been there through it all. That's right, InfoSec World 2019 Conference & Expo is returning to Disney's Contemporary Resort on April...
Dynamic Connection 2019(Denver, Colorado, USA, April 2 - 4, 2019) Dynamic Connections 2019 will bring together over 1,000 attendees to learn, explore and create solutions needed today to help us thrive and operate successfully in the digital domain with confidence. Learn...
IP Expo Manchester(Manchester, England, UK, April 3 - 4, 2019) The event will showcase industry leaders and those at the forefront of technology, to encourage debate and inform attendees on the critical technological issues affecting modern business. IT and cyber...
QuBit Conference Prague 2019(Prague, Czech Republic, April 9 - 11, 2019) Over the past 5 years, QuBit has grown to be a leading cyber security community event in CEE region. This year's highlights include: excellent speakers and educational sessions, popular networking events,...
Mississippi College Cybersecurity Summit(Clinton, MIssissippi, USA, April 10, 2019) The 2019 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. It will provide valuable cybersecurity tools and...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.