Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 25, 2019.
By the CyberWire staff
Sri Lanka's investigation into the Easter massacres continues, as does the national state of emergency. The jihadists seem to have achieved one victory in addition to the murders they intended: CNA says the Catholic Church in Sri Lanka will suspend all services until the government can secure them. FDD's Long War Journal describes video of figures allegedly associated with the bombing pledging allegiance to ISIS.
Avast has found some "aggressive" adware apps on Google Play. They're for the most part "lifestyle" apps, and they've achieved some thirty-million downloads. Some of the apps in question are Pro Piczoo, Photo Blur Studio, Mov-tracker, Magic Cut Out, and Pro Photo Eraser. They've been reported and many are now gone.
JASK describes some context-aware phishing that distributes the Qbot banking malware. The payload is carried by an email that appears to be a reply to messages in one of the victim's existing email threads, BleepingComputer explains.
Facebook announced yesterday that it was setting aside $3 billion against the likelihood that a Federal Trade Commission investigation of data abuse will go against the company, the Wall Street Journal reports. Estimates of the total settlement are running, the Times says, as high as $5 billion. But for all that, Facebook's stock price hasn't suffered. Indeed, it's up, on reports of higher revenue.
Honor among thieves? Proverbially there is none, and so the proprietors of the dark web contraband souk Wall Street Market seem to have scampered. Infosecurity Magazine and others are calling it an exit scam.
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, India, Malaysia, New Zealand, Russia, Sri Lanka, United Kingdom, United States, and Venezuela.
Bring your own context.
So, heaven forfend, but suppose you became infested with malware? Not that we're saying it would happen, but what if? Do you shout great Caesar's ghost, wave your hands, shut everything down, and wipe everything clean? Not necessarily. Probably not. Actually, no, not at all.
"The first thing that many organizations make a mistake in is actually destroying the evidence, thinking they're doing the right thing... And the first thing that people want to do is say, well, let's go reimage that box. And reimaging is absolutely the wrong thing to do because you absolutely don't know how the adversary got on there. You don't know what they've stolen or grabbed. And you also don't know if the adversary has moved laterally off of there, or if they have a secondary or tertiary persistence mechanism." Justin Harvey, of Accenture, on the CyberWire Daily Podcast, 4.23.19.
And, great Caesar's ghost, practicing incident response might help avoid this and other missteps. Plans improvised during crises often develop unhappily.
Adversaries are creating new attacks at such a speed and volume that signature and sandbox-based threat detection can’t keep up. Deep learning can help. By exposing neural nets to threat data, deep learning can learn to identify malicious traffic, even zero days seen for the first time. But why are advances possible today? How does deep learning differ from machine learning? Where’s the best place to apply deep learning? Get the answers here.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Attacks, Threats, and Vulnerabilities
Analysis: The Islamic State's allegiance videos(FDD's Long War Journal) The Islamic State's Amaq News Agency has released a video of eight jihadists in Sri Lanka swearing allegiance to Abu Bakr al-Baghdadi before a series of bombings on Easter Sunday. The video is similar to a string of others released by Amaq since mid-2016.
Bayer contains cyber attack it says bore Chinese hallmarks(defenceWeb) German drugmaker Bayer has contained a cyber attack it believes was hatched in China, the company said, highlighting the risk of data theft and disruption faced by big business. Bayer found the infectious software on its computer networks early last year, covertly monitored and analyzed it until the end of last month and then cleared …
Qbot Malware Dropped via Context-Aware Phishing Campaign(BleepingComputer) A phishing campaign dropping the Qbot banking Trojan with the help of delivery emails camouflaging as parts of previous conversations was spotted during late March 2019 by the JASK Special Operations team.
TA505 hackers thwarted at the door of a big financial org(CyberScoop) A failed attempt to breach a big financial institution is providing new data on a global criminal hacking group known for authoring the widely-used Locky ransomware. The group, dubbed TA505, has stalked financial organizations on multiple continents.
nCipher Survey Reveals Americans Trust Banks Most With Their Personal Data(nCipher Security) nCipher Security, the provider of trust, integrity and control for business-critical information and applications, reveals new research indicating that people trust banks and other financial entities to safeguard their personal data more than other organizations. The findings also illustrate how easily that trust can be eroded, along with Americans’ personal data protection concerns relative to banking and digital payments.
2019 Payment Card Fraud & the Financial Crime Ecosystem Report(Security Scorecard) Cybercriminals continue to infiltrate payment card systems to obtain cardholder data. Despite the rigorous compliance requirements set out by the Payment Card Industry Security Standards Council (PCI SSC), merchants and vendors find themselves as prime targets.
Lydsec Acquires Keypasco Security Business(Global Security Mag Online) The Taiwanese tech company Lydsec Digital Technology Co., Ltd. acquires the online security business of Swedish security company Keypasco AB. The two companies have been partners since 2012 and this is the natural next step towards a stronger brand and continued strong product development.
Stuart McClure on BlackBerry/Cylance(InnovationsAus.com) The first time Cylance founder chief executive Stuart McClure travelled to Australia, as a 19-year-old, he had a near-death experience en-route that changed his outlook on life quite profoundly. He says he began seeing the world in a different way.
Adams locates appʼ in Flatiron innovation hub(Real Estate Weekly) Adams & Co. Real Estate announced that Dashlane, Inc., a tech firm specializing in password management, has signed a 16,625 s/f ten-year lease at 44 West 18th Street. The New York-based, award-winning firm will utilize the full fourth floor for its national headquarters. James Buslik and Alan Bonett of Adams...
AppRiver Bolsters Email Encryption Offering(AP NEWS) AppRiver, a Zix (NASDAQ: ZIXI) company and leading provider of cloud-based cybersecurity, productivity, and compliance services, today announced that ZixEncrypt, will be available for AppRiver partners beginning on April 25, 2019.
Debunking The Myths And Reality Of Artificial Intelligence(Forbes) In this article, we debunk key AI myths and misunderstandings that are distracting organizations and derailing many AI initiatives. We recommend practical solutions to accelerate AI adoption with fewer risks and maximum transformative effects on current and future business and workforce.
Air Force Launches Electronic Warfare Roadmap: EMS ECCT 2.0(Breaking Defense) The Air Force is looking across the enterprise to build a comprehensive map of all electronic warfare capabilities for the second stage of its landmark service-wide probe of how to bolster the Air Force’s EW and cyber warfare capabilities.
Does your company have an AI ethics dilemma?(Information Age) The ethics of Artificial Intelligence has been in the news -- particularly with the creation and almost immediate collapse of Google’s AI Ethics board. But do companies that are new to AI tools need to be asking themselves: 'Do I have to 'care' about ethics?' asks Alexa Hagerty and Igor Rubinov.
Cyberspace new battle ground against ISIS, says Mohamad Sabu(Malay Mail) Defence Minister Mohamad Sabu has called for greater vigilance against the threat of ISIS in cyberspace, warning that it “keeps the virtual form of caliphate alive through the diabolical language of hatred.” Condemning the recent terror attacks in Sri Lanka and New...
DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says(CyberScoop) Any nation-state behind recent hijackings of Domain Name System (DNS) records should, in theory, be held responsible under the latest cyberwarfare norms agreement made by 20 countries at the UN in 2015, says America’s top cyber diplomat. “One of the norms is disrupting physical infrastructure providing services to the public, and I think that fully encapsulates the internet’s DNS function,” Amb. Robert Strayer told CyberScoop Tuesday on the sidelines of the Atlantic Council’s International Conference on Cyber Engagement.
ZTE prepares for 5G trials in India despite security concerns(TelecomLead) ZTE, one of the telecom network makers from China, said it is awaiting spectrum allocation to mobile operators to conduct the 5G tests in India. Indian telecom operators such as BSNL, Bharti Airtel, Vodafone Idea and Reliance Jio are planning to join the 5G race in 2020. But the Government is yet to finalize the …
NSA Recommends Dropping Phone-Surveillance Program(Wall Street Journal) The National Security Agency has recommended that the White House abandon a U.S. surveillance program that collects information about Americans’ phone calls and text messages, saying the logistical and legal burdens of keeping it outweigh its intelligence benefits.
Fourth Sri Lanka hotel bomb failed to explode(Times) One of the Easter Day bombers tried to attack a fourth luxury hotel in the Sri Lankan capital but was foiled by a faulty suicide vest, The Times has learnt. The bomber, who once studied in England...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Driving Digital Conference 2019(Nitra, Slovakia, October 3 - 4, 2019) An international program conference focused on cyber security in the automotive industry. The aim of the conference is to support the emergency of the Driving Digital program by bringing the topics awareness...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Data Connectors Cybersecurity Conference Memphis(Memphis, Tennessee, USA, April 25, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Cyber Security Lunch & Learn(Waltham, Massachusetts, USA, April 30, 2019) Data Security breaches happen daily. Security and protection of intellectual property, financial information and client data require the strongest levels of protection from theft or attack, both inside...
Global Cyber Innovation Summit(Baltimore, Maryland, USA, May 1 - 2, 2019) The inaugural 2019 Global Cyber Innovation Summit brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber...
2019 Innovator's Showcase(McLean, Virginia, USA, May 2, 2019) The Intelligence and National Security Alliance (INSA) will showcase IR&D projects with national security applications at its 2019 Innovators’ Showcase. Held in partnership with the Office of the Director
social media for protecting or removing anonymity utilizing social media, internet-connected data stores, and other assets associated with life in a fully digital world, and ephemeris identity telemetry. including identifying characteristics such as biometrics, geolocation, digital signatures, and geo-environmental association..
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.