Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
April 30, 2019.
By the CyberWire staff
The odd case of a large database holding PII affecting some eighty-million US households prompts concerns that identity thieves have already hit some kind of jackpot. vpnMentor, whose researchers discovered the exposure, says no one knows who owns (or owned, since it's been taken down) the database, but the data suggest online commerce.
A Bloomberg report of backdoors afflicting Huawei-manufactured Vodaphone equipment seems to point out at worst carelessness, and not the malice that "backdoor" has come to suggest. Huawei denies putting backdoors into the gear, telling ZDNet that this isn't about backdoors at all, but rather about old vulnerabilities that were fixed (as the Bloomberg piece mentions) when they were discovered in 2011 and 2012. The "backdoor" is apparently a familiar telnet issue.
US Secretary of State Pompeo says, according to the Hill, that Russia will remain a threat to US elections "for decades."
The US Department of Homeland Security has issued a Critical Functions List describing fifty-five areas that must be protected from cyberattack.
As reported in the Times of London, ISIS leader Abu Bakr al-Baghdadi made a rare appearance in the terrorist group's Internet channels to promise a worldwide wave of attacks in revenge for the Caliphate's extinction in the territories it once controlled. He praised the Sri Lanka murderers as the first wave of reprisal. Fox News notes that this seems to be al-Baghdadi's first appearance online since 2014.
Dog bites man: Naked Security points out that piracy streaming apps are teeming with malware. Who knew?
Today's issue includes events affecting Australia, Canada, China, European Union, Iraq, Mongolia, New Zealand, Russia, Syria, United Kingdom, United States.
Bring your own context.
Nobody's really comfortable with hotel wi-fi, but sometimes it's Hobson's Choice: either the hotel wi-fi or nothing. Most people seem to grin and bear the risk.
"Well, the bad thing is there isn't really much you can do, other than being careful, watching for odd behavior, trying to avoid these wireless networks, of course. But realistically, if you're traveling a lot, there isn't much you can do to avoid them. You could use your cellphone, for example; that's, of course, always a better option. Use some kind of LTE connectivity or so versus the hotel network, but then again, you may find yourself in a hotel with bad reception; that has happened to me. You really have to rely on the hotel network or whatever the open wireless access point or network is that you're using." Johannes Ullrich, Dean of Research at the SANS Institute, on the CyberWire Daily Podcast, 04.26.19.
Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow
When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The tour includes NYC, D.C., and Houston!
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners as Cisco Talos, as Craig Williams discusses their research into the malware markets found on Facebook. Our guest, Dean Pipes from TetraVX, shares some reflections on the root cause of shadow IT.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th(Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Cyber Attacks, Threats, and Vulnerabilities
SectorB06 using Mongolian language in lure document(Threat Recon) SectorB06 is a state sponsored threat actor group active especially within Asia. They have been exploiting vulnerabilities in Microsoft Office’s Equation Editor which Microsoft removed in Jan…
Docker Hub Breach Can Have a Long Reach(Decipher) Docker revoked tokens linking GitHub and Bitbucket with Docker Hub accounts after discovering “unauthorized access” in its Hub database. Developers should check their code to ensure no unauthorized changes have been made.
$1.75 Million Stolen by Crooks in Church BEC Attack(BleepingComputer) Hackers have stolen $1.75 million from the Saint Ambrose Catholic Parish following a successful BEC (Business Email Compromise) attack which was discovered on April 17 after payments related to the church's Vision 2020 project were not received by a contractor.
Consumer cryptomining has ‘gone the way of the dodo’, MalwareBytes(Yahoo) Consumer cryptomining – aka cryptojacking – “is essentially extinct,” according to a report released by cybersecurity company MalwareBytes. “Marked by the popular drive-by mining company CoinHive shutting down operations in early March, consumer cryptomining seems to have gone the way of the dodo. Detections
Vulnerability Summary for the Week of April 22, 2019(US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
2019 Eye on Privacy Report(MediaPRO) Our 2019 Eye on Privacy Report analyzes the knowledge and opinions of 1,000 U.S. employees on data privacy best practices and provides advice on building a risk-aware culture through privacy awareness training.
Google Shows First Cracks in Years(Wall Street Journal) Google’s once-untouchable online-advertising operation took a body blow, hurt by mounting competition and struggles within its increasingly high-profile YouTube unit.
FedEx CIO Looks to Industry Collaboration to Scale Blockchain(Wall Street Journal) Blockchain is expected within a few years to become an “inevitable and essential” tool in tracking goods and reducing fraud in the supply chain, said FedEx’s CIO—but collaboration will be needed for the technology to really take off.
3 Questions OEMs Should Ask About Cyber Security(Arilou) Trust and reliability in a cyber security solution are vital. What questions should OEMs be asking when assessing a solution? Ayal Lichtblau, VP of Sales at Arilou, answers the 3 most common questions.
Programmers solve MIT’s 20-year-old cryptographic puzzle
(MIT CSAIL) This week MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) announced that a 20-year-old cryptographic puzzle was just solved by a self-taught programmer from Belgium, 15 years earlier than MIT scientists expected.
DHS critical functions list(Washington Post) National Critical Functions: The functions of government and the private sector so vital to the United States that their disruption, corruption, or dysfunction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Detect '19(National Harbor, Maryland, USA, September 29 - October 2, 2019) Insights from compelling customer presentations highlighting real-world threat intelligence big data issues. Threat intelligence data is a valuable asset for security teams who unlock the value it contains.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Cyber Security Lunch & Learn(Waltham, Massachusetts, USA, April 30, 2019) Data Security breaches happen daily. Security and protection of intellectual property, financial information and client data require the strongest levels of protection from theft or attack, both inside...
Global Cyber Innovation Summit(Baltimore, Maryland, USA, May 1 - 2, 2019) The inaugural 2019 Global Cyber Innovation Summit brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber...
2019 Innovator's Showcase(McLean, Virginia, USA, May 2, 2019) The Intelligence and National Security Alliance (INSA) will showcase IR&D projects with national security applications at its 2019 Innovators’ Showcase. Held in partnership with the Office of the Director
social media for protecting or removing anonymity utilizing social media, internet-connected data stores, and other assets associated with life in a fully digital world, and ephemeris identity telemetry. including identifying characteristics such as biometrics, geolocation, digital signatures, and geo-environmental association..
Data Connectors Cybersecurity Conference Philadelphia(Philadelphia, Pennsylvania, USA, May 2, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.