Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 2, 2019.
By the CyberWire staff
The discovery of lawful intercept tools concealed in apps available in Google Play may be on its way to becoming a major scandal in Italy. Threatpost reports that Google has removed the applications from its store. The twenty-five apps affected contained spyware that researchers believe may have been produced by Italian security company eSurv; as SecurityWeek notes, eSurv has been difficult to contact about the matter. Motherboard says that Italian prosecutors have opened an investigation into eSurv amid suspicion that the intercept tools were commissioned by the Italian government.
India's election season is in full swing, and according to the Wall Street Journal government attempts to restrain fake news have yielded disappointing results. Politically loaded hoaxes are rampant on WhatsApp, despite the Facebook subsidiary's attempts to control them. Much misinformation seems domestic in origin, pushed by rival parties.
The first round of Ukraine's presidential elections is over, with a runoff between front-runner Volodymyr Zelenskiy (television actor and political neophyte) and incumbent President Petro Poroshenko scheduled for April 21st. TASS is authorized to disclose that Russia may decline to recognize the election results, citing widespread fraud and intimidation. This seems more information operation than news; other observers saw no such problems.
Hacktivists of OpIsrael are expected to hit the Jewish state on Sunday in their annual protest against Israel, the Allgemeiner and other sources report.
Motherboard says that investigators retained by Jeff Bezos concluded that NSO Group hacked the Amazon founder on behalf of the Saudi government. NSO Group denies involvement.
Today's issue includes events affecting Canada, China, India, Israel, Italy, Bailiwick of Jersey, Russia, Syria, Ukraine, United Arab Emirates, United States.
A note to our readers: The CyberWire is a finalist in the Cybersecurity Association of Maryland's 2019 Awards, eligible to win the 2019 People's Choice Award, and we'd appreciate your support. Please vote for us here, and feel free to spread the word. The deadline for voting is 4:00 PM Eastern Time on April 11th. Thanks for your support.
Adversaries are creating new attacks at such a speed and volume that signature and sandbox-based threat detection can’t keep up. Deep learning can help. By exposing neural nets to threat data, deep learning can learn to identify malicious traffic, even zero days seen for the first time. But why are advances possible today? How does deep learning differ from machine learning? Where’s the best place to apply deep learning? Get the answers here.
Disrupt and discredit: Russia still has Ukrainian elections in sights(KyivPost) Exit polls from the first round of Ukraine’s presidential election, released late on March 31, seem to confirm what has long been believed: that no openly pro-Russian candidate has a chance to secure this Ukrainian presidency. But it doesn’t seem that will stop the Kremlin from having its voice heard, or from trying to have …
Serious Path Traversal Flaw Found in Kubernetes(SecurityWeek) Kubernetes vulnerability allows attackers to steal sensitive information from a user’s workstation or execute arbitrary code. Flaw exists due to an incomplete patch released last year.
Vulnerability Summary for the Week of March 25, 2019(US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
New York Albany Capital Hit by Ransomware Attack(BleepingComputer) The City of Albany, the capital of the U.S. state of New York, was hit by a ransomware attack on March 30, with city officials working over the weekend to respond to the incident.
Security Patches, Mitigations, and Software Updates
VMware Patches Flaws Disclosed at Pwn2Own 2019(SecurityWeek) Security updates released by VMware for its vCloud Director, ESXi, Workstation and Fusion products patch several vulnerabilities, including flaws disclosed recently at Pwn2Own 2019.
ZNet Technologies signs distribution agreement with GlobalSign for PKI solutions(CRN - India) ZNet Technologies (a subsidiary of RP tech India) has announced that it has entered into IT security services distribution business by joining hands with GMO GlobalSign. GlobalSign is a leading provider of trusted identity and security solutions for the enterprises and one of the longest established Certificate Authority (CA) in the world. Becoming a distributor …
Zuckerberg’s call to regulate Facebook explained(Silicon Valley Business Journal) In an op-ed over the weekend, Facebook CEO Mark Zuckerberg laid out a case for how he believes his company should be treated and discussed four policy areas which he said the government should focus attention on. Here’s an annotated analysis of Zuckerberg’s post and what he is seeking to do with each area.
Trump’s next Secretary of Defense needs to have these 10 things(Fox News) The increasing complexity of the national security landscape, coupled with the readiness challenge that still remains, underscores that the appointment of the right Secretary of Defense will be President Trump’s most important appointment for the remainder of his first term.
Audit of the Federal Bureau of Investigation's Cyber Victim Notification Process(Office of the Inspector General U.S. Department of Justice) The objective of this audit was to evaruata the Federal Bureau of Invastrgatlon's (FBI) processueand practices for notifying and engaging with victims of cyber Intrusions. Speclftcally, we examined the FBI's adherence to Executive Order 13636, Improving crttlcal Infrastructure Cybersecurlty, and the FBI Cyber Dlvlston Policy Guida 0853PG as well as other related polldes.
Insider Threat Program Management 360 Training Course(Washington, DC, USA, June 25 - 26, 2019) The Insider Threat Defense Group will hold our most advanced training for Insider Threat Program (ITP) Management. This comprehensive 2 day training course covers all the aspects of an ITP, from A-Z; ITP...
InfoSec World 2019(Lake Buena Vista, Florida, USA, April 1 - 3, 2019) Cybersecurity has come a long way in 25 years, and InfoSec World has been there through it all. That's right, InfoSec World 2019 Conference & Expo is returning to Disney's Contemporary Resort on April...
Dynamic Connection 2019(Denver, Colorado, USA, April 2 - 4, 2019) Dynamic Connections 2019 will bring together over 1,000 attendees to learn, explore and create solutions needed today to help us thrive and operate successfully in the digital domain with confidence. Learn...
IP Expo Manchester(Manchester, England, UK, April 3 - 4, 2019) The event will showcase industry leaders and those at the forefront of technology, to encourage debate and inform attendees on the critical technological issues affecting modern business. IT and cyber...
QuBit Conference Prague 2019(Prague, Czech Republic, April 9 - 11, 2019) Over the past 5 years, QuBit has grown to be a leading cyber security community event in CEE region. This year's highlights include: excellent speakers and educational sessions, popular networking events,...
Mississippi College Cybersecurity Summit(Clinton, MIssissippi, USA, April 10, 2019) The 2019 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. It will provide valuable cybersecurity tools and...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.