What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
April 16, 2019.
By the CyberWire staff
KrebsOnSecurity reported yesterday that IT outsourcing and consulting firm Wipro had been compromised, and its networks turned against some clients. Computing this morning said the company acknowledged sustaining a successful phishing attack, is investigating, and that the attacker may have been a nation-state.
Ecuador has come under a large number of attacks, AFP reports, most of them apparently distributed denial-of-service attacks, since its revocation last week of asylum for WikiLeaks' Julian Assange.
NBC News says, on the basis of leaked documents, that Facebook's public assertions of commitment to privacy have long been at best an afterthought to the social network's monetization of personal data, at worst entirely disingenuous.
The European Union has ratified its controversial copyright reform law. Critics find Articles 11 and 13 particularly troubling, note VentureBeat and others.The former establishes a link tax to compensate copyright owners; the latter makes platforms legally liable for user infringements.
YouTube yesterday flagged live-streamed video of the tragic Notre Dame fire as possible misinformation, and ran an explanatory box below such streams that offered to hip viewers to the truth by displaying images and information about the 9/11 attacks. According to TechCrunch, YouTube says the algorithm did it, and that they're sorry that the algorithm "made the wrong call." The algorithm was unavailable for comment.
More European governments decline to ban Huawei, although many acknowledge security risks associated with the company's hardware. Bloomberg observes that close regulation of 5G networks seems very likely, and that such regulation will probably significantly encumber Huawei.
Today's issue includes events affecting Australia, Belgium, Brazil, Canada, China, European Union, France, Germany, India, Russia, United Kingdom, United States and Venezuela.
A note to our readers: if you find value in the CyberWire Daily News Briefing, why not encourage your colleagues to sign up as well? They can subscribe here. Thanks for your consideration (and, of course, thanks for reading).
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Experts: Breach at IT Outsourcing Giant Wipro(KrebsOnSecurity) Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [NYSE:WIT] is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond to questions about the alleged incident.
New Details Emerge on Windows Zero Day(Dark Reading) The CVE-2019-0859 vulnerability, patched last week, is the latest in a string of Windows local privilege escalation bugs discovered at Kaspersky Lab.
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec(TrendLabs Security Intelligence Blog) Ransomware may have experienced a decline in 2018, but it seems to be getting back on track — only this time, attacks are looking to be more targeted. Coming on the heels of news about a ransomware attack against a U.S. beverage company which addressed the company by name in the ransom note, this blog post looks into a BitPaymer ransomware variant (detected by Trend Micro as Ransom.Win32.BITPAYMER.TGACAJ) that hit a U.S. manufacturing company.
Why you shouldn't buy fake followers and likes on Instagram(Evening Standard) We know we shouldn’t measure our self-worth via Instagram likes or a high follower count but we often can’t help comparing ourselves to friends and peers just a little bit. Unfortunately, if you take measures to improve that count on the sly, say in the form of downloading apps to boost likes or followers, it most certainly will do more harm than good.
Vulnerability Summary for the Week of April 8, 2019(US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
The Illusive 99.9%(Nyotron) Study of the efficacy of modern antivirus products against known malware
Credential stuffing: Canada’s newest cyber threat(Canadian Underwriter) A new cyber threat called “credential stuffing” is emerging, and Canada is the third-most targeted country in the world, according to a new report. Credential stuffing is when hackers take a stolen username and password and then run it through…
97% of Gemalto shares have been tendered to the Thales offer(AP NEWS) Reference is made to the joint press release by Thales (Euronext Paris: HO) and Gemalto (Euronext Amsterdam and Paris: GTO) dated 29 March 2019 on the results of the recommended all-cash offer by Thales for all the issued and outstanding shares of Gemalto (the Offer) in which the Offer was declared unconditional and the Post-Closing Acceptance Period was announced.
Census Bureau counts on new cybersecurity concerns(Fifth Domain) The U.S. Census Bureau identified more than 1,100 census system security weaknesses last year, according to a March report from the Government Accountability Office. Now, the Bureau is working to keep its data safe from hacks.
Can Private Coalitions Ensure Internet Safety? (Newsmax) The old playbook has been tech behemoths determining how best to safeguard ensure consumer privacy and security. This overreliance on a few to protect the many is plainly not working.
AI in Cybersecurity: Why Do Cyber-Hacks Still Succeed?(Ziften Endpoint Security) This is my 3rd blog on artificial intelligence (AI) in cybersecurity, coming in the wake of our recent announcement that Ziften Zenith has added Advanced anti-virus (AV) built on a foundation of AI. Previously, we took a look at how machine learning-based cybersecurity systems operate differently from traditional, signature-based antivirus software. We also discussed the …
Why Enterprise Anti-Virus Isn’t Working(Ziften Endpoint Security) Most headline-grabbing enterprise cyber attacks repeat the same sad story: Enterprise anti-virus products were deployed across the endpoint population, the most targeted asset class in the enterprise The anti-virus products did not prevent the attack or sound the alarm Attackers prowled across the victim cyber landscape undetected for weeks or months or even years Can …
ICE Now Aided by ‘Enhanced’ Spy Powers(The Daily Beast) DHS’ intel chief says the immigration enforcement agency is now reaping the benefits of extra intelligence ‘collection’—and civil libertarians are concerned.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Atlanta Cybersecurity Conference(Atlanta, Georgia, USA, September 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Phoenix Cybersecurity Conference(Phoenix, Arizona, USA, September 19, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Little Rock Cybersecurity Conference(Little Rock, Arkansas, USA, September 26, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Kansas City Cybersecurity Conference(Kansas City, Missouri, USA, October 3, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Toronto Cybersecurity Conference(Toronto, Ontario, Canada, October 17, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
IMPACT ’19(Chantilly, Virginia, USA, April 15 - 17, 2019) Prepare for the changes ahead and get out in front of the compliance curve by attending the 34th annual NSI IMPACT Forum on April 15-17 at the Westfields Marriott in Chantilly, VA. The theme of this year’s...
San Antonio Cybersecurity Conference(San Antonio, Texas, USA, April 16, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Insider Threat Summit 2019 (ITS5)(Monterey Bay, California, USA, April 17 - 18, 2019) ITS5 brings Government and Industry organizations and cybersecurity leaders together to better understand the type of threats that impact infrastructure and overall operations. Our two-day summit will...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.