What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
April 17, 2019.
By the CyberWire staff
Military officers in Ukraine are being spearphished by a group seeking to install the Ratvermin backdoor, according to BleepingComputer. FireEye, which identified the campaign, links it to the Luhansk People's Republic. This is a region in Eastern Ukraine controlled by Russia and represented by the occupiers as being a breakaway state that's won its independence from Ukraine. Kiev regards Luhansk as nothing more than an administrative fig leaf for the Russian occupation.
The Washington Post sees the Luhansk operation as a troubling harbinger of small-state and non-state actors deploying increasingly sophisticated cyber weapons. Alternatively, this might be more realistically viewed as a Russian attempt to achieve plausible deniability, and not as a small-group breakout into the big time.
Supporters who wish to stand by Julian Assange, the BBC says, are doing so by taking two Yorkshire Councils' websites down. Presumably the attacks on Barnsley and Bedale would prompt a groundswell of hacktivist pressure in favor of Mr. Assange's release.
Computing reports that the Wipro hack may have targeted dozens of the company's clients.
The AP is reporting on another suspicious questioner, one Lucas Lambert, who said he was a venture capitalist and wished to talk with a Russia specialist at the Chatham House think tank about a cyber conference Mr. Lambert said his firm was organizing. But the conversations all turned quickly to whether anyone was being paid to bad-mouth Kaspersky Lab. The AP is reminded of a similar approach to Citizen Lab by one Michel Lambert back in February.
Today's issue includes events affecting China, France, Iran, Russia, Saudi Arabia, Ukraine, United States.
A note to our readers: if you find value in the CyberWire Daily News Briefing, why not encourage your colleagues to sign up as well? They can subscribe here. Thanks for your consideration (and, as always, thanks for reading).
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Malware Authors Have Already Won the Iron Throne(Zscaler) With the much-anticipated premiere of the final season of HBO's Game of Thrones, you can bet that malware authors are ramping up their efforts to infect viewers anxious to stream the series.
WAGO Series 750-88x and 750-87x(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: WAGOEquipment: Series 750-88x and 750-87xVulnerability: Use of Hard-coded Credentials2. RISK EVALUATIONThis vulnerability allows a remote attacker to change the settings or alter the programming of the device.
Security Patches, Mitigations, and Software Updates
Security flaw in EA’s Origin client exposed gamers to hackers(TechCrunch) Electronic Arts has fixed a vulnerability in its online gaming platform Origin after security researchers found they could trick an unsuspecting gamer into remotely running malicious code on their computer. The bug affected Windows users with the Origin app installed. Tens of millions of gamers use…
How BlackBerry Has Become a Cyber-Security Player(eWEEK) BlackBerry CTO Charles Eagan explains where his company's cyber-security efforts are headed and why, after 35 years and many technological changes, BlackBerry is fundamentally on the same mission.
Forcepoint Opens New State-of-the-Art Cyber Experience Center in Boston’s Seaport District(Forcepoint) Facility to serve as the new Forcepoint Global Center of Excellence for Behavioral Analytics driving cyber innovation and product development in understanding human behavior in partnership with Forcepoint X-Labs research division Forcepoint’s Cyber Experience Center, a multi-million dollar investment, uniquely delivers an immersive experience that brings to life today’s evolving threat landscape for enterprises and government agencies
What the Air Force learned from insurgents’ networks(C4ISRNET) Air Force leaders plan to experiment this summer with a mesh network that would allow military users in hard-to-reach areas to connect to the service’s top secret network and share intelligence information without the fear of losing service.
TPM & TEE – working together in harmony(Global Platform) As the line between mobile devices and computers becomes increasingly blurred, security architectures from two previously separate worlds are also converging.
UWF to host national platform for cybersecurity executives(University of West Florida Newsroom) WHAT: Cybersecurity executives in academia, business, government and the armed forces will address the rapidly-evolving cyber threat landscape and critical workforce shortage at the annual Centers of Academic Excellence Executive Leadership Forum. The University of West Florida in partnership with the National Security Agency and Department of Homeland Security will host the forum. Speakers include executives from …
Iran labels all US forces in Middle East ‘terrorists’(Military Times) It remains unclear how the bill’s passage in parliament would affect the Republican Guard’s activities in the Persian Gulf, where the U.S. Navy has in the past accused Iranian patrol boats of harassing American warships.
Shed Light on Cryptocurrency 'Dark Matter' Regulation at SEC(Competitive Enterprise Institute) A few days ago, the Trump administration issued a memorandum strongly discouraging what the Competitive Enterprise Institute’s Wayne Crews has called “regulatory dark matter.” The memo instructs federal agencies to submit all policymaking rules to Congress to be vetted under the Congressional Review Act, even if these rules come in the form of informal “guidance.”
Jacksonville Cybersecurity Conference(Jacksonville, Florida, USA, October 10, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Omaha Cybersecurity Conference(Omaha, Nebraska, USA, October 24, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Chicago Suburbs Cybersecurity Conference(Chicago, Illinois, USA, November 6, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
San Diego Cybersecurity Conference(San Diego, California, USA, November 7, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Orlando Cybersecurity Conference(Orlando, Florida, USA, November 14, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
IMPACT ’19(Chantilly, Virginia, USA, April 15 - 17, 2019) Prepare for the changes ahead and get out in front of the compliance curve by attending the 34th annual NSI IMPACT Forum on April 15-17 at the Westfields Marriott in Chantilly, VA. The theme of this year’s...
Insider Threat Summit 2019 (ITS5)(Monterey Bay, California, USA, April 17 - 18, 2019) ITS5 brings Government and Industry organizations and cybersecurity leaders together to better understand the type of threats that impact infrastructure and overall operations. Our two-day summit will...
SecureWorld Houston(Houston, Texas, USA, April 18, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.