Beginner’s Guide: Open Source Network Security Tools
With so many open source tools out there, it's hard to know where to start. Get your copy of “Beginner’s Guide: Open Source Network Security Tools” today to learn how you can use open source tools for: network discovery, network IDS, vulnerability scanning & penetration testing.
August 5, 2019.
By the CyberWire staff
Comparitech reports that a bookseller and publisher in Mexico, Librería Porrúa, left a MongoDB instance publicly accessible. The bookseller was warned by researchers on July 15th that its database was accessible, but apparently did not take action to secure it in time. Criminals claim to have copied the data, then wiped them. They've demanded 500 Bitcoin, almost $6 million, to restore the data. The affected database contained 2.1 million customer records, according to Information Security.
Another destructive attack, GermanWiper, is destroying files in victim systems and then demanding ransom for their restoration, Computing reports. In this case, however, restoration seems impossible. BleepingComputer describes the attack: the infection vector is a phishing email, and the phishbait is a polite inquiry about a job opening from "Lena Kretschmer." Once a system is infected, the ransom note says the data are encrypted, but in fact they're gone, overwritten.
Both Apple and Amazon have changed how their digital assistants handle users' commands and ambient conversations. Apple told TechCruch it was suspending "grading" Siri's responses by having contractors review them. Users will in the near future be given the choice of opting into or out of such grading. Bloomberg reports that Amazon has also given users the option of declining human review of their interactions with Alexa.
Investigators are working through the digital exhaust of the El Paso and Dayton shooters, and are finding the sadly familiar disinhibition and self-absorbed nihilism so often seen among those who've made the ascent into a life lived online.
Today's issue includes events affecting Canada, China, Germany, India, Iran, Kenya, Oman, Russia, United Kingdom, United States.
Bring your own context.
Black Hat is being held this week in Las Vegas. Why go? What would you learn there that you can't get online?
"It gives you an unfiltered input on what are important aspects of the security problems. For example, while a top executive might be more concerned about how a certain solution allows him or her to report upwards about what a solution has done, somebody in the trenches might be more interested in how they can shorten the time to remediation. So for example - and I'm talking generically, you know - somebody sees a problem, a security problem, how fast they can handle the problem and find a solution to it. Those conversation oftentimes have driven our design or my understanding of how people, you know, use a specific solution."
—Giovanni Vigna, Lastline CTO and professor of computer science at the University of California Santa Barbara, on the CyberWire Daily Podcast, 8.1.19.
What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
Codenomicon August 6 Skyfall Lounge Las Vegas(Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!
Courageous Women CISO Brunch with Synack and CyberWire at Black Hat(Las Vegas, Nevada, United States, August 7, 2019) Connect and Collaborate with Fellow CISO Security Leaders at Black Hat. As always, you can expect an intimate environment with delicious food, refreshing drinks, and great company. Join us Wednesday, August 7, 10:00 AM at Delano Las Vegas, Suite TBD.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Capital One Data Breach: Cyberint's Take(Cyberint) Facts: On July 29th, 2019 Capital One Financial Corporation, a US-based bank holding company specializing in banking, credit cards, loans and savings, today released a statement regarding the detection of a breach resulting in unauthorized access to personal data pertaining to over 100 million Canadian and US credit card applicants and customers.
StockX was hacked, exposing millions of user records(TechCrunch) It wasn’t “system updates” as it claimed. StockX was mopping up after a data breach, TechCrunch can confirm. The fashion and sneaker trading platform pushed out a password reset email to its users on Thursday citing “system updates,” but left users confused and scrambl…
StockX Password Reset Emails Are Legit, Suspicious Activity Detected(BleepingComputer) The StockX sneaker and streetwear resale site has started sending out emails to all of their users stating that they need to reset their passwords due to a system update. While these emails are legitimate, as they do not provide much details, users have been concerned that they are phishing attempts or their accounts are being hacked
New version of MegaCortex targets business disruption(Accenture) iDefense engineers have identified and analyzed a recently updated version of the dangerous ransomware MegaCortex, which is known to have previously caused costly incidents across various industries in Europe and North America.
DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords(Security Affairs) Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen)devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws. We first met this team of experts […]
Amazon Alexa voice recordings sent into Polish homes(Deutsche Welle) Private voice commands told to Amazon's virtual assistants are being transcribed by agency workers, a newspaper reports. Numerous cases have emerged of smart speakers spying on users breaking the law or having sex.
Beware of Emails Asking You to "Confirm Your Unsubscribe" Request(BleepingComputer) A long-running scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam.
Keeping a Hidden Identity: Mirai C&Cs in Tor Network(TrendLabs Security Intelligence Blog) We found new samples of Mirai targeting IP cameras and DVRs with exposed ports and default credentials. Like its predecessors, it allows attackers remote access and the use of infected devices to form a botnet for DDoS attacks. However, the C&Cs were traced back to the Tor network, keeping the cybercriminals' identities anonymous and protecting the servers from being shut down despite discovery.
Security Patches, Mitigations, and Software Updates
Siemens Fixes VxWorks Holes(ISSSource) Siemens has updates for multiple vulnerabilities involved in the embedded VxWorks in its SIPROTEC 5 Ethernet plug-in communication modules and devices, according to a report from Siemens ProductCERT.
Analyzing the Black Hat USA 2019 Business Hall(Swagitda) Prerequisite plug that you should come see my talk with Dr. Nicole Forsgren at Black Hat next week (16:00 in South Pacific)!
What type of vendors are showing themselves off in the Business Hall? Are they mostly startups? Exactly like last year, 46% of the vendors in the Business Hall are startups backed by venture capital (VC) firms. Private companies represent only 13% of total vendors this year (vs. 17% last year), and there are far more acquired companies (“M&A” within the chart) this year (8% vs.
Battle Of Wits: US-Iran Cyber Escalation – OpEd(Eurasia Review) Through the darkness of the pathways that we march, evil and good live side by side and this is the nature of life. We are in a continuous imbalance and inequivalent confrontation between democraci…
The El Paso Shooting and the Gamification of Terror(Bellingcat) On August 3, 2019, at around 11am local time, initial police reports indicated that a gunman had walked into an El Paso Wal-Mart and opened fire. As of the publication of this article, at least eighteen people have died and several others have been injured. One victim was a four-month old infant. As we’ve seen...
Terminating Service for 8Chan(The Cloudflare Blog) The mass shootings in El Paso, Texas and Dayton, Ohio are horrific tragedies. In the case of the El Paso shooting, the suspected terrorist gunman appears to have been inspired by the forum website known as 8chan.
Navy CNO takes over Gallagher court-martial amid controversy(Navy Times) In a stunning move Saturday, Chief of Naval Operations Adm. John Richardson removed all court-martial authority from Navy Region Southwest, the command that had been weighing a sentence for Special Warfare Operator Chief Edward “Eddie” Gallagher.
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
Sacramento Cybersecurity Conference(Sacramento, California, USA, August 8, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Wicked6 Cyber Games(Las Vegas, Nevada, USA, August 8, 2019) On August 8, 2019, six elite collegiate cyber teams go head-to-head in the thrilling environment of a Las Vegas esports arena. They’ll battle it out as they search for and defeat the foe, all while an...
Hack the Sea(Las Vegas, Nevada, USA, August 8 - 11, 2019) Hack The Sea is a three day mini-conference that will be held in the villages of DEF CON 27. Hack The Sea will provide a variety of hands-on, collaborative learning experiences ranging from mini-workshops...
DEF CON 27(Las Vegas, Nevada, USA, August 8 - 11, 2019) DEF CON is a hacker convention which takes place immediately following Black Hat in Las Vegas every year.
Cybersecurity Summit, New York(New York, New York, USA, August 13 - 14, 2019) The Cybersecurity Summit, New York, invites information security practitioners to learn about the latest trends in data breaches and frauds, and about mitigation strategies. ISMG’s Global Summit focuses...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.