Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 22, 2019.
By the CyberWire staff
TechCrunch reports that Sri Lankan authorities have shut down most social media in that country in an effort to prevent the spread of inflammatory rumor or disinformation. The restrictions follow a series of apparently coordinated suicide bombings that killed Christians at worship in Batticaloa, Colombo, and Negombo, and others, including guests staying at tourist hotels, at five other sites in Colombo. Police have arrested twenty-four, but no group has claimed responsibility.
Agence France Presse observes that Sri Lankan security authorities issued an alert over a week ago warning police that chatter collected from various intelligence sources, suggested the likelihood of jihadist attacks by "Nations Thawahid Jaman" during the Christian Holy Week. It remains unclear whether that group organized the bombings. Reuters quotes experts who see ISIS or al Qaeda in the attack's methods. Sri Lankan Defense Minister Wijewardene attributed the massacres to followers of "religious extremism." CNN says almost three hundred are dead; about five hundred are wounded.
The Times reported Saturday that the CIA shared intelligence with Five Eyes partners establishing Huawei's significant funding by Chinese security services. The Times treats this as significant, which suggests their sources see investment amounting to control, not simply purchase of goods and services. (More significant than what the Washington Post notes in an unrelated editorial about Microsoft's AI research cooperation with a Chinese military university.)
Marcus Hutchins, sometime hero of WannaCry's kill-switch, pleaded guilty to US Federal charges involving making and selling malware for "surreptitious interception of wire, oral, or electronic communication."
Adversaries are creating new attacks at such a speed and volume that signature and sandbox-based threat detection can’t keep up. Deep learning can help. By exposing neural nets to threat data, deep learning can learn to identify malicious traffic, even zero days seen for the first time. But why are advances possible today? How does deep learning differ from machine learning? Where’s the best place to apply deep learning? Get the answers here.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Attacks, Threats, and Vulnerabilities
CIA Offers Proof Huawei Has Been Funded By China's Military And Intelligence(Forbes) According to reports on Saturday, the CIA has shared evidence with agencies across the Five Eyes that Huawei has received funding from China's military and state intelligence. If true, this collapses the company's defense against Washington's claims of collusion and throws the battle wide open.
CIA warning over Huawei(Times) A Chinese telecoms giant that wants to supply vital technology for Britain’s new 5G mobile network has received funding from branches of Beijing’s state security apparatus, the CIA has told spy...
Bitcoin Mining Finally Profitable - Does That Prove We're in a Bull Market?(CCN) By CCN: According to Alex Krüger, an economist and a global markets analyst, the breakeven cost for efficient bitcoin mining operations currently hovers at around $3,550. https://twitter.com/krugermacro/status/1119760120584577029 Across major cryptocurrency markets, the bitcoin price is at $5,265,
Is Cyber-Risk Insurable?(Legaltech News) In an environment of moving targets, it seems unimaginable that insurance against cybersecurity attacks can be robust enough to provide real protection. But the possibility of suffering an attack is well accepted, and policies must be carefully read and updated as risks increase and change over time.
How Not To Handle a Security Breach as an MSP(Redmond Channel Partner) The ongoing security and public relations mess at Wipro, a massive IT outsourcing company based in India with many major U.S. customers, provides an object lesson in how not to handle a security incident as a managed service provider (MSP).
Safeguarding Personal Information Online(Safeguarding Personal Information Online) Have you ever Googled yourself before? Did you know that your birthday, home address, marriage records, phone numbers, email addresses, net worth, medical conditions, and much more are available online for ANYONE to access? Well, this is true!
Innovative Online Program Prepares Students For Jobs in Cybersecurity(The University Network) College students and recent graduates in 27 states now have an opportunity to discover their talents and pursue professional careers in cybersecurity, thanks to the emergence of the Cyber FastTrack program, an initiative of the SANS Institute, a distinguished cybersecurity company.
Sri Lanka blocks social media sites after deadly explosions(TechCrunch) The government of Sri Lanka has temporarily blocked access to several social media services following deadly explosions that ripped through the country, killing at least 207 people and injuring hundreds more. Eight bombings were reported, including during Easter services at three churches, on the h…
Setting Global Rules in Cyberspace(The Cipher Brief) Cyber Norms are critical 'rules of the road' countries need to agree to in order to bring stability to the Internet. So why are they so hard to agree to?
NSA Views IoT Cyber Bill As Key Security Booster(Meritalk) With the increasing ubiquity of internet of things (IoT) devices and the vast expansion of the cyber attack surface that those devices create, National Security Agency (NSA) IoT Enterprise Functional Team Lead Arlene Santos is emphasizing the importance of the IoT Cybersecurity Improvement Act reintroduced in Congress last month as way to address the cybersecurity concerns posed by rapid IoT device growth.
Mueller Report Sheds Light on Russia’s Concerns Over U.S. Sanctions(Wall Street Journal) Russian President Vladimir Putin expressed concern about the prospect of further U.S. sanctions and urged a banking executive to establish contact with the incoming Trump administration following the 2016 U.S. election, according to the Mueller report.
Mueller report is quite the page-turner(CNN) There was ammunition for Trump critics and defenders in the 448-page report. Republicans want to turn the page, saying the report clears Trump of collusion allegations. Democrats are turning its pages to unearth evidence for further investigation of the President.
Mueller's report looks bad for Obama(CNN) Scott Jennings writes that a key takeaway from the Mueller report is that Barack Obama's administration failed the United States with its tepid response to Russian interference in our democracy.
Was it a Chinese spy or confused tourist?(Security Boulevard) Politico has an article from a former spy analyzing whether the "spy" they caught at Mar-a-lago (Trump's Florida vacation spot) was actually a "spy". I thought I'd add to it from a technical perspective about her malware, USB drives, phones, cash, and so on.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Insider Threat Program (ITP) Management - Insider Threat Detection & Data Analysis(Miami, Florida, USA, April 22 - 23, 2019) Insider Threat Program Management - Insider Threat Detection & Data Analysis Training
The Insider Threat Defense Group will be holding its next class "Insider Threat Program (ITP) Management - Insider Threat Detection & Data Analysis", in Miami, FL, on April 22-23, 2019. At the completion of this training, students will be well versed on how to develop, implement, manage or enhance an ITP, and have the in-depth knowledge to gather, correlate and analyze an extensive amount of raw data sources to detect and mitigate Insider Threat Risks. The course has been taught to over 540+ organizations.
International Conference on Cyber Engagement(Washington, DC, USA, April 23, 2019) This year, the eighth annual International Conference on Cyber Engagement (ICCE) will be hosted for the first time by the Atlantic Council’s Scowcroft Center for Strategy and Security, in partnership with...
(ISC)² Secure Summit DC(Washington, DC, USA, April 23 - 24, 2019) (ISC)² Secure Summit DC evolved to assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of our event is to equip security leaders...
SecureWorld Toronto(Toronto, Ontario, Canada, April 24, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.