Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 9, 2019.
By the CyberWire staff
Chronicle, Alphabet's security unit, has reported the results of their investigation of various strains of malware that have hit industrial systems: Stuxnet, Duqu, and Flame. Not only are some variants returning, but Chronicle sees them as connected to "GossipGirl," which it calls a "supra threat actor," a collection of threat actors interacting with one another in complex ways.
Securonix has taken a close look at LockerGoga, the ransomware strain that afflicted Norsk Hydro and others. The researchers conclude that LockerGoga's destructive functionality may well be a feature, not a bug.
Venezuela's Chavista regime continues to use its failing grid as a handy stick with which to beat the neighbors. According to Colombia Reports, this time, Mr. Maduro says, the cyberattacks against Venezuelan power generation and distribution are coming from Chile and Colombia. Both are in Mr. Maduro's view yanqui cat's paws.
Haaretz reports that a hacktivist ("DarkCoder") claims to have breached Israel's voter database as part of #OpIsrael. Whether DarkCoder has actually done so or simply regifted old breaches is unclear; investigation is underway.
If the Daily Beast has it right, the "preliminary forensic investigation" the US Secret Service performed on Mar-a-Lago gatecrasher Yujing Zhang's USB thumbdrive consisted of an agent plugging it into one of his agency's computers, where some sort of unwanted program began to run. (Security experts reached the conclusion by close-reading the Secret Service's account of the incident in the New York Times. Most of the experts don't think jacking in is necessarily a best practice.)
Today's issue includes events affecting Canada, Chile, China, Colombia, European Union, Iran, Ireland, Israel, Japan, New Zealand, NATO/OTAN, Russia, Thailand, Ukraine, United Kingdom, United States, and Venezuela.
Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow
When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The tour includes San Francisco, NYC, D.C., and Houston!
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) The inaugural Cybersecurity Impact Awards are open for nominations until April 12 and are dedicated to recognizing companies that have corporate or Federal headquarters in the DMV area for their leadership and innovation within the cybersecurity industry. Award winners will be honored during an awards ceremony on May 14.
Cyber Attacks, Threats, and Vulnerabilities
Hacker's Claims of Breaching Israeli Voter Registry Under Investigation(BleepingComputer) Israel's National Cyber Directorate and Population Authority are investigating the claims a hacker made on Twitter over the weekend of hacking the country's voting system and stealing the data of roughly 6 million Israelian voters three days before the 2019 Israeli legislative election.
Vulnerability Summary for the Week of April 1, 2019(US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
South Front – Russia hiding being Russian(StopFake.org) The website Southfront.org is focusing on news on security issues, foreign policy, military analysis and reports on military hardware. According to the Mission Statement, the site is produced by a “team of experts and volunteers from the four corners of the Earth“. The site attacks the “Mainstream Media” for hiding the “truth behind the causes that provoke the various conflicts facing the world today“. The site is professionally designed and registered in Moscow, at the Domain Name Registrar Reg.ru...
High-tech criminals targeting e-wallet users, experts warn(Eleven Media Group Co., Ltd) According to Kaspersky Labs Mobile Malware Evolution report, malware attacks almost doubled in 2018 from 66.4 million instances to 116.5 million. There are 23 e-wallet services with millions of customers with mobile devices. “E-wallet service providers are paying more attention to security, but as more software vulnerabilities are discovered, hackers can still take advantage to attack users,” Nguyen Van Cuong, head of the BKAV Technology Corporations cyber-security department, told Sai Gon Giai Phong (Liberated Sai Gon) newspaper.
5 Cybersecurity Myths Banks Should Stop Believing(Forbes) Cybersecurity is at the top of the list of bank CEO's concerns. But that doesn't mean there's consensus about what they believe about cybersecurity. There are five common myths about cybersecurity that need to debunked.
Data Security Now the Top New Zealand Consumer Priority(Scoop News) Wellington, 9 April 2019 – New research from Unisys Corporation (NYSE: UIS) reveals New Zealand bank customers rank data security as the issue that matters to them most about their bank – underscoring the importance of data security as banks prepare ...
Planetary Ransomware Victims Can Now Recover Their Files for Free(Security Boulevard) Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free. Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It’s not hard to find. Planetary ransomware, which earns its name for its use of planet-related file extensions including … Read More The post Planetary Ransomware Victims Can Now Recover Their Files for Free appeared first on The State of Security.
Coping With Burnout in the CISO Role(GovInfo Security) With no end in sight for CISO’s and security teams from steadily increasing sophistication and maturity in cyber threats, the sustained operating tempo is pushing
Online Harms White Paper(HM Government) The internet is an integral part of everyday life for so many people. Nearly nine in ten UK adults and 99% of 12 to 15 year olds are online. As the internet continues to grow and transform our lives, often for the better, we should not ignore the very real harms which people face online every day.
Nunes to send eight criminal referrals to DOJ concerning leaks, conspiracy amid Russia probe(Fox News) House Intelligence Committee ranking member Devin Nunes exclusively told Fox News' "Sunday Morning Futures" that he is preparing to send eight criminal referrals to the Department of Justice this week concerning alleged misconduct during the Trump-Russia investigation, including the leaks of "highly classified material" and conspiracies to lie to Congress and the Foreign Intelligence Surveillance Act (FISA) court.
Feds charge Maryland man accused of plotting ISIS-inspired attack at National Harbor(WJLA) Federal authorities have charged a man they believe was plotting to ram a stolen U-Haul truck into pedestrians in an ISIS-inspired attack at National Harbor. The U. S. Attorney’s Office for the District of Maryland on Monday charged Rondell Henry, 28, of Germantown, Maryland, by criminal complaint with interstate transportation of a stolen vehicle. The government filed a motion arguing for Henry to be detained pending trial as a flight risk and a danger to the community.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
QuBit Conference Prague 2019(Prague, Czech Republic, April 9 - 11, 2019) Over the past 5 years, QuBit has grown to be a leading cyber security community event in CEE region. This year's highlights include: excellent speakers and educational sessions, popular networking events,...
Mississippi College Cybersecurity Summit(Clinton, MIssissippi, USA, April 10, 2019) The 2019 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. It will provide valuable cybersecurity tools and...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, April 10 - 11, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...
ISC West 2019(Las Vegas, Nevada, USA, April 10 - 12, 2019) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...
Maryland Cyber Day(Hanover, Maryland, United States, April 11, 2019) Maryland Cyber Day is a combination of two events, MD Cyber Day Marketplace followed by MD Cybersecurity Awards Celebration. Marketplace features cybersecurity innovation, an expo, technology demos, “Ask...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.