skip navigation

More signal. Less noise.

Beginner’s Guide: Open Source Network Security Tools

With so many open source tools out there, it's hard to know where to start. Get your copy of “Beginner’s Guide: Open Source Network Security Tools” today to learn how you can use open source tools for: network discovery, network IDS, vulnerability scanning & penetration testing.

Daily briefing.

Black Hat, BSides, and Def Con

We're in Las Vegas at Black Hat this week. Here are some of the stories that have caught our eye.

The interpenetration of criminal groups and espionage services.

Sometimes it's a protection racket; at other times it's more like moonlighting. APT41 seems to be moonlighting.

FireEye released a report this morning on APT41, a Chinese group that’s been observed executing espionage operations as well as financially motivated criminal campaigns. At Black Hat last night, FireEye’s John Hultquist, Nalani Fraser, and Barry Vengerik summarized and answered questions about the report. APT41 is known for targeting the video game industry, which the researchers believe is due to a hobbyist's interest used for financial gain. They said that there was a significant shift in the group’s activities in late 2015, in which the hackers moved away from intellectual property theft and towards strategic intelligence gathering from multiple different industries, including healthcare, telecoms, high-tech companies, and software supply chains. Simultaneously, APT41 continues to target the video game industry for what appears to be personal financial gain, although the researchers noted that it was strange that the Chinese government would allow them to use the same tools used in other state-sponsored campaigns for personal reasons.

"Broken, as an industry."

At Synopsys’ Codenomi-con last night, we heard Chris Roberts, Chief Security Strategist of Attivo Networks, say that “we are arguably broken, as an industry.” He pointed out that companies have increased their spending on cybersecurity to billions of dollars, while data breaches continue to rise. There could of course be a causal relationship here: if attacks increase, it's reasonable to expend an increase in spending on security. But Roberts sees this as a sign of misapplied effort, and not as a case of the Butterfield Effect.

He criticized disproportionate spending on conferences and marketing, and an inordinate focus on technologies and buzzwords that don’t really help customers. Roberts said that to fix this problem cybersecurity companies need to do a much better job of listening to their customers. He also argued that there needs to be an increased focus on proactive response, rather than simply detecting malicious activity. Additionally, Roberts said the industry needs to start bringing in fresh blood from other sectors, particularly from those sectors that know how to operate safety-critical systems, such as engineers. (As an aside, we note that an umpire at the US Naval War College's recent cyber war game argues a similar conclusion about a role for operating engineers.)

For organizations, Roberts recommended increasing awareness training to at least a monthly frequency, pointing out that attackers adapt their phishbait to match the time of year. Having a plan is essential, even if that plan is as simple as knowing whom to contact when things go wrong. Finally, Roberts argued that you can’t measure security—you can only measure risk. Organizations need to construct their defenses based around this concept, knowing that nothing can be completely secured against every threat.

Roberts concluded by quoting Dr. Martin Luther King Jr.: “We may have all come on different ships, but we're in the same boat now.”

We'll have further observations from Black Hat (and Def Con) throughout the week.

CISA yesterday warned that criminal campaigns are already in circulation to exploit news of last weekend's tragic killings in Texas and Ohio, urging that people be particularly wary of emails whose subject lines allude to either or both tragedies. CISA also says the scammers won't confine themselves to email: "Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to these events."

The Wall Street Journal reports that President Trump responded to the Dayton and El Paso shootings by directing the Justice Department to work with state and local authorities, and with major social media platforms to identify individuals likely to commit mass killings before those individuals actually open fire.

Trend Micro finds that LokiBot has grown more persistent, and also added steganographic obscuration features.

The US Justice Department announced yesterday that it had indicted a Pakistani national, Muhammad Fahd, with "conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act." Fahd allegedly bribed workers at AT&T's facility in Bothell, Washington, to disable AT&T proprietary locking software on customers' phones, which would enable the unlocked phones to be used in any compatible network. Since AT&T subsidized a substantial cost of phones for customers in service contracts with the company, unlocked phones are valuable commodities.

Notes.

Today's issue includes events affecting China, India, Israel, Kazakhstan, Democratic Peoples Republic of Korea, Pakistan, United States, and Venezuela.

Bring your own context.

Can you smell security? Not literally (usually) but maybe in a metaphorical sense.

"So code smells are a well known phenomenon in software, but more from a software maintenance perspective.... And one example of that is the 'shotgun surgery' code smell. So for instance, if you want to make some changes and if you have to make a single change and you have to make a lot of little changes in a lot of different places, then effectively, you're doing a kind of shotgun surgery, which means that your code is not very well modularized.... 

"And recently, we and other researchers as well - particularly at North Carolina State University - have been looking into whether there's an equivalent of the code smell, but more like a security smell? And there are interesting findings that you can actually see by looking at the code in itself that there are symptoms of where there might be, for example, poor security practices. So I mentioned there is work that has gone on at North Carolina State University, and they have looked at, particularly, code scripts that are used to deploy various pieces of software. And there are particular smells that you see there in the sense of that there are admin privileges by default or hardcoded secrets, empty passwords and things like that.

—Awais Rashid, professor of cybersecurity at the University of Bristol, on the CyberWire Daily Podcast, 8.2.19.

So maybe sniff out some misconfigurations in your cloud services, your IoT devices, and so on.

What if your security strategy added zeros to your bottom line?

Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.

In today's podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses how the Commonwealth of Virginia is updating legislation to address Deep Fakes. Our guest, James Plouffe from MobileIron, goes over the challenges of authentication and the legacy of passwords. 

And check out Recorded Future's weekly podcast, produced in partnership with the CyberWire. In this episode, "The Inevitable Evolution of SIEMs," Monzy Merza of Splunk discusses SIEMs and how they’ll need to evolve to keep up with the changes happening in the industry and the world at large.

Courageous Women CISO Brunch with Synack and CyberWire at Black Hat (Las Vegas, Nevada, United States, August 7, 2019) Connect and Collaborate with Fellow CISO Security Leaders at Black Hat. As always, you can expect an intimate environment with delicious food, refreshing drinks, and great company. Join us Wednesday, August 7, 10:00 AM at Delano Las Vegas, Suite TBD.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

CyberTexas Job Fair, August 20, San Antonio. Visit ClearedJobs.Net or CyberSecJobs.com for details. (San Antonio, Texas, United States, August 20, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free CyberTexas Job Fair, August 20 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.

Cyber Warrior Women Summer Social: Sip and Paint (Columbia, MD, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.

Dateline Black Hat, BSides, and Def Con

Black Hat USA 2019 Cybersecurity Conference: Day 2 News (MSSP Alert) Black Hat USA 2019 conference news spans MSSPs, Arctic Wolf Networks, AT&T Cybersecurity, BlackBerry, CrowdStrike, DFLabs, Digital Guardian, enSilo, Jask, Ping Identity, Proficio, Qualys, Secureworks & more.

APT41: A Dual Espionage and Cyber Crime Operation « APT41: A Dual Espionage and Cyber Crime Operation (FireEye) APT41 is a prolific Chinese cyber threat group that carries out state-sponsored espionage activity.

Chinese State Hackers Attack Video Games And Cryptocurrencies For ‘After Hours’ Personal Gain: Report (Forbes) The latest report into China's state hackers has a nasty twist. Those same hackers have been abusing the tools of their espionage trade for significant financial gain.

Chinese cyber spies are stealing money from video game firms on the side (ZDNet) Researchers at FireEye say contractors working for the state-sponsored APT41 group are still targeting video games companies outside of work.

APT41 Is Not Your Usual Chinese Hacker Group (PCMAG) APT41 is 'highly agile and persistent,' FireEye says. In one instance, the group deployed over 150 unique pieces of malware in a year-long campaign against a single target.

Meet APT41, the Chinese hackers moonlighting for personal gain (CyberScoop) In a first for China-based group, FireEye said, the hackers are using malware typically reserved for spying for personal gain.

Black Unicorn Awards – Winners (Cyber Defense Awards) Of the 100 accepted nominations, only 50 made the cut. Of those 50, 20 are notable mentions which we will continue to watch as they operate their businesses. Of those 50, 30 made the cut as finalists. Of these 30 finalists, 10 winners are currently being selected by Judges Robert Herjavec, David DeWalt and Gary Miliefsky, 3 industry experts.

Black Unicorn Report (Cyber Defense Magazine) Predictions of Cybersecurity companies with current and future potential to reach a $1B valuation

Mimecast Rejected Over 67 Billion Emails. Here's What It Learned (Dark Reading) New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.

Mimecast Threat Intelligence Report: Black Hat Edition (Mimecast Threat Center) The Mimecast Threat Intelligence Report: Black Hat Edition capitalizes on research conducted by the Mimecast Threat Center alongside Mimecast engineers with the objective of enhancing our email and web security services.

Mimecast introduced community based tailored threat intelligence tool at Black Hat 2019 (Packt Hub) Yesterday, at Black Hat 2019, Mimecast Limited, a leading email and data security company, introduced Mimecast Threat Intelligence which offers a deeper

VMRay Announces Partnership With SentinelOne to Combat Evasive Malware (Yahoo) VMRay, a provider of automated malware detection and analysis solutions, today announced a new partnership with SentinelOne, the autonomous endpoint protection company. The new partnership will enable SentinelOne customers to dramatically

McAfee Announces New Partnerships and Certified Integrations (Yahoo) McAfee Security Innovation Alliance and McAfee CASB Connect Program Now Includes 158 Partners Worldwide

Will Congress ever get better at technology security? (Fifth Domain) Budgets, physical limitations and partisan politics hamper Congress' ability to become more savvy to rapidly changing technology.

Black Hat: Flaws in Kid’s Tablet App Raise Privacy Woes (Threatpost) Several serious privacy flaws in a kid's tablet were disclosed this year at Black Hat, which could allow a bad actor to track or send messages to children.

#BSidesLV: DNC CISO Talks Need to be Secure by Design (Infosecurity Magazine) Democrats CISO talks of need to tear up

#BSidesLV: I Am The Cavalry Reflect on Six Years of Achievement, More to Accomplish (Infosecurity Magazine) I Am the Cavalry reflect on six years of achievement and contemplate next steps

Cyber Attacks, Threats, and Vulnerabilities

New Intel SWAPGS Flaw Spells Bad News for Users (Infosecurity Magazine) Firms and consumers urged to patch

Researchers discover troubling new security flaw in all modern Intel processors (The Next Web) The flaw could see attackers steal passwords, login credentials, and more.

Twitter ‘fesses up to more adtech leaks (TechCrunch) Twitter has disclosed more bugs related to how it uses personal data for ad targeting that means it may have shared users data with advertising partners even when a user had expressly told it not to. Back in May the social network disclosed a bug that in certain conditions resulted in an account’s …

New Echobot Botnet Variant Uses Over 50 Exploits to Propagate (BleepingComputer) A new variant of Echobot botnet has been spotted to include over 50 exploits leading to remote code execution (RCE) vulnerabilities in various Internet-of-Things devices.

LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks (TrendLabs Security Intelligence Blog) Our analysis of a new LokiBot variant shows that it has improved its capabilities for staying undetected within a system via an updated persistence mechanism and the use of steganography to hide its code.

Zero-Day Bug in KDE 4/5 Executes Commands by Opening a Folder (BleepingComputer) An unpatched zero-day vulnerability exists in KDE 4 & 5 that could allow attackers to execute code simply by tricking a user into downloading an archive, extracting it, and then opening the folder.

Cryptolocking WordPress Plugin Locks Up Blog Posts (Threatpost) A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts.

With warshipping, hackers ship their exploits directly to their target’s mail room (TechCrunch) Why break into a company’s network when you can just walk right in — literally? Gone could be the days of having to find a zero-day vulnerability in a target’s website, or having to scramble for breached usernames and passwords to break through a company’s login pages. And certain…

New ‘warshipping’ technique gives hackers access to enterprise offices (ZDNet) Delivery workers may inadvertently provide the bridge between hacker and victim.

Package Delivery! Cybercriminals at Your Doorstep (Security Intelligence) Find the latest security analysis and insight from top IT security experts and leaders, made exclusively for security professionals and CISOs.

Capital One Cyberattack Technical Analysis and Detection Using Security Analytics (Securonix) On July 29, 2019, we learned of a massive cyberattack and data breach targeting Capital One. The Securonix Threat Research Team has been actively investigating the details of the attack to help our customers detect,…

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns (CISA) In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events.

iovation Research: Fraudsters Increasingly Leveraging Mobile Devices for Schemes (iovation) TransUnion company explores top continents and countries for risky mobile transactions, and types of behavior businesses to need to look for to catch mobile fraud

Baldr malware unpicked with a little help from crooks’ bad opsec (Naked Security) New research from Sophos takes an exhaustive look at the Baldr password stealer.

Baldr vs The World: A SophosLabs report (Sophos News) A new stealer enjoys a wild ride, but is it a flash in the pan or a long term threat?

Clever Amazon Phishing Scam Creates Login Prompts in PDF Docs (BleepingComputer) The goal of any phishing scam is to make you do something you shouldn't do. Such is the case with a phishing campaign that utilizes PDF attachments that display login prompts that to many would look legitimate.

Secretive 'Machete' hacker group steals GBs worth of sensitive files from the Venezuelan military (The Next Web) ESET researchers uncover a cyber-espionage campaign — operated by Machete — stealing sensitive documents from the Venezuelan military forces.

MegaCortex Redesign is a $5.8m Challenge to Firms (Infosecurity Magazine) Ransomware authors improve automation and usability

Bishop Fox Uncovers Security Flaws in Mass Transit Mobile Apps (PR Newswire) Bishop Fox, the largest private professional services firm focused on offensive security testing, has uncovered an...

This cryptocurrency stealing malware was blocked more than 360,000 times over the past year (Hard Fork | The Next Web) According to the latest figures from cybersecurity firm Avast, a cryptocurrency stealing malware has been blocked more than 360,000 times by its software.

Hackers love to see you on Wi-Fi, home or public (Gulf News) You might actually be surprised how easy it is to hack into your home Wi-Fi network

Shape Security Blog : Healthcare CAPTCHA: The Cure that’s Worse than the Disease (Shape Security Blog) A healthcare insurer was forced to use a CAPTCHA. 70% of their aged patients could no longer refill their prescriptions. It was a complete disaster.

Millions of Android Smartphones Vulnerable to Trio of Qualcomm Bugs (Threatpost) Flaws in Qualcomm chipset expose millions of Android devices to a hacking threat.

New tool for cybercriminals: Apps that generate international phone numbers (ETCIO.com) The apps provide users the option to get a local number in a foreign country and make international calls

Exclusive: High-security locks for government and banks hacked by... (Reuters) Hackers could crack open high-security electronic locks by monitoring their powe...

African bank foils suspected North Korean cyber attack (ComputerWeekly.com) An African bank is among the financial institutions to be targeted by North Korea’s multi-billion dollar cyber theft campaign to support its weapons programmes.

Oh Snoop: Why Truecaller knows when your salary is credited (ETCIO.com) Truecaller UPI signup fiasco is more than just a phonebook snoop. From the message of salary credited to your personal data, it has more twist than yo..

Fourth Florida city in two months reports it was swindled in cyber scam (The Center Square) A fourth Florida municipality since June has acknowledged it has been cyber-scammed but, unlike the three other cases, this time the theft did not include a date breach, “ransomware” or

Downtown Naples will continue despite lost funds after spear phishing attack (Naples Daily News) The Eighth Street South Project will continue as planned despite loss of funds after spear phishing attack

Joe Biden and Kamala Harris were top targets of misinformation around July primary debates, report says (Newsweek) The falsehoods identified by VineSight were not run-of-the-mill social media jabs, but high-performing tweets that passed a certain threshold for virality.

Democrats and Doctors Behind Latest Wave of Leaked Data (Threatpost) Patient medical history and over 6 million email addresses tied to Democrats were detailed in a misconfigured storage buckets over the past few weeks.

Controversy after Storm Area 51 temporarily taken down (KTNV) Controversy is swirling after a viral Facebook event calling for people to storm Area 51 was abruptly taken down and then restored hours later.

Indie developer flooded with racist, misogynist abuse after announcing Epic partnership (TechCrunch) The two developers of an indie game called Ooblets have been subjected to "tens of thousands if not hundreds of thousands" of abusive messages following their decision to put their game on the Epic Games Store. It's a worrying yet entirely unsurprising example of the toxic elements of the gaming co…

We did the thing (Ooblets) A rather large announcement

Security Patches, Mitigations, and Software Updates

SWAPGS Vulnerability in Modern CPUs Fixed in Windows, Linux, ChromeOS (BleepingComputer) Both Microsoft and Redhat have released advisories about a new variant of the Spectre 1 speculative execution side channel vulnerabilities that could allow a malicious program to access and read the contents of privileged memory in an operating system.

Silent Windows update patched side channel that leaked data from Intel CPUs (Ars Technica) It took a year, but the patch fixes a new speculative-execution flaw found by Bitdefender.

iOS 13 privacy feature will force total overhaul for Facebook apps (Ars Technica) Apple is set for another privacy showdown with Facebook and VoIP apps.

NVIDIA patches high-severity bugs in Windows GPUs and SHIELD (Naked Security) NVIDIA has patched five bugs in its Windows GPU display driver, three of which could allow an attacker to execute code on the system.

Cylance Protect AV vulnerability patched (SC Magazine) Cylance has patched a vulnerability in the antivirus product that allowed attackers bypass the system's machine learning algorithm and insert suspect code

Cyber Trends

State of Threat Detection and Response (Fidelis Security) Key insights include: Confidence in security defenses have a ripple effect - Nearly half of respondents (49.02%) don’t have visibility of their entire cyber terrain and over half (55.03%) don’t have control over blind spots which lowers their confidence in their organization’s ability to identify insider threats...

Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends (Solar Winds) Midmarket companies face considerable business challenges as they adopt and embrace technology that will help them grow into the enterprises of tomorrow.

Cloud Security Alliance Report Lists Top 11 Threats (MeriTalk) The Cloud Security Alliance (CSA) released its Top Threats to Cloud Computing Report today. The report, which was created after surveying 241 cloud industry experts, highlights the top 11 threats facing cloud computing. The report noted that cloud security issues are “often the result of the shared, on-demand nature of cloud computing.”

Has Medical Device Security, Awareness Improved in Healthcare? (HealthITSecurity) As the threat landscape continues to expand and with healthcare's reliance on legacy platforms, HealthITSecurity.com asked two leaders whether the sector is improving its medical device security.

Why Modern Identity Verification is Crucial in Today’s Threat Landscape (Infosecurity Magazine) Multiple digital identity checks for remote verification will help increase pass rates

M&A activity can create cybersecurity holes, ACSC warns (CSO) Merger mania is seeing new organisations absorbed quickly – but without care, exploitable security gaps are inevitable

Cybersecurity Leaders Face Challenges with Cyber Transformation (Security Magazine) CSOs and CIOs ranked cybersecurity transformation as one of the most challenging aspects of cyber risk management that are related to the entire infrastructure. 

Kellermann: Hackers Emboldened by Lack of Prosecutions (BankInfo Security) The hacking subculture has been emboldened by a lack of prosecutions for cybercrime worldwide, says Tom Kellermann of Carbon Black, who addresses the evolving

'Critical national infrastructure is a tempting target for cyber threat actors' (Express Computer) California based cybersecurity company CrowdStrike effectively tackles the most modern-day and malicious cyber threats. Mike Sentonas, VP Technology of CrowdStrike, claims that none of the establishments which are under Crowdstrike shelter, fell to prey to any internet crime

Email - everybody's darling - Why users and hackers love email (SC Magazine) 55% of US workers think that email communication prevents them from doing their job properly with both spam as well as loss and theft of data major concerns which encrypting data has not overcome.

Marketplace

Your Company's Surprising Supply Chain Exposure on Huawei (Forbes) U.S. corporate leaders who believe that the firestorm surrounding Huawei won’t singe their companies might want to think again.

DeepCode Raises $4M Seed Round Led by Earlybird to Improve Software Development With AI-Powered Code Reviews (Yahoo) DeepCode, the platform for AI-powered code reviews, today announced that it has raised $4 million (CHF3.92 million) in seed funding led by Earlybird, with participation from 3VC and existing investor btov Partners. DeepCode has previously raised CHF1.1 million. The new funding will enable DeepCode

Defense Intelligence Agency Secures Intel Analysis Solutions (SIGNAL Magazine) BAE Systems Technology Solutions & Services Inc., Rockville, Maryland (HHM402-19-D-0005); Bluehawk LLC,* West Palm Beach, Florida (HHM402-19-D-0008); Booz Allen Hamilton Inc., McLean, Virginia (HHM402-19-D-0007); CACI Inc. – Federal, Arlington, Virginia (HHM402-19-D-0015)...

US Air Force Bug Bounty Program Nets 54 Flaws for $123,000 (Dark Reading) The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.

The Air Force sends good guys in to hack its cloud (Fifth Domain) The Air Force invited ethical hackers into its IT networks again this spring and a new series of penetration test found 54 vulnerabilities.

AT&T Launches Public Bug Bounty Program on HackerOne (BleepingComputer) Today AT&T is announcing their launch of a new public bug bounty programs on the HackerOne platform. This program will allow security researchers to report security bugs to AT&T in order receive a monetary reward.

Capital One Breach a Win for Crowdsourced Cybersecurity (Bloomberg) Some offer pats on the back, others dangle ‘bug bounties.’ Security researcher alerted bank to leaked data in GitHub file.

Movers and shakers: ‘Our operating model is so powerful’ - Simon Gillespie of Dimension Data (CIO New Zealand) ICT leaders on the move and in the news

NCC announces Booz Allen Hamilton as Space ISAC's newest founding member (The Colorado Springs Business Journal) Booz Allen Hamilton is the newest founding member of Space ISAC, the National Cybersecurity Center and Space Information Sharing and Analysis Center

Booz Allen and Hypergiant Industries Form Strategic Relationship to Speed the Adoption of Artificial Intelligence (BusinessWire) Booz Allen and Hypergiant Industries Form Strategic Relationship to Speed the Adoption of Artificial Intelligence

Inside the dark web scramble to get far-right conspiracy site 8chan back online (The Independent) Bad actors have thrived on dark web because it allows website owners and visitors to obscure their location and internet address

Revealed: how Peter Thiel’s Palantir quietly won £10m of MoD contracts (NS Tech) The Ministry of Defence (MoD) has quietly awarded more than £10m of contracts to a controversial surveillance company set up by the Paypal billionaire and Trump supporter Peter Thiel, NS Tech can reve

CyberSponse is Proud to Announce the Opening of its New Middle East Office (PRWeb) CyberSponse, the premier SOAR Solution for enterprises, is expanding efforts globally by establishing a new office presence in Dubai, United Arab Emirates.

Kenna Security Names Caroline Japic Chief Marketing Officer (West) Award winning marketing professional will lead a new era of growth

Products, Services, and Solutions

CrowdStrike Introduces CrowdScore, Industry-First CxO Score Measuring Real-Time Threat Level of an Organization (Yahoo) CrowdStrike® Inc., a leader in cloud-delivered endpoint protection, today announced the launch of CrowdScore™, a new industry innovation on the CrowdStrike Falcon® platform. CrowdScore is a simple metric that enables CxOs to instantly see the real-time threat level their organizations are facing, allowing

Harlingen WaterWorks System Transforms VDI Performance and Reliability (PRWeb) Scale Computing, a market-leader in edge computing, virtualization and hyperconverged solutions, today announced that Harlingen WaterWorks System (HWWS), a Te

Proficio Partners with PatternEx to Bring Artificial Intelligence-based Threat Detection to Proficio Clients (Yahoo) PatternEx's Virtual Analyst Platform to Maximize the Productivity of Proficio's Global Team of Security Analysts

42Crunch Adds OpenAPI Editing Tools to its API Security Platform (Security Boulevard) Enables any developer to become a security expert and the driving force of API Security

ForgeRock Delivers Open Source IoT Edge Controller Solution to Secure Device Identities (West) Adds Trusted Identity at Device Level; Released Under Apache 2.0 License for Rapid Adoption in Consumer and Industrial IoT Use Cases

Netwrix to introduce its Data Classification platform (Netwrix) The solution, based on the technology acquired from Concept Searching in December, enables organizations to reduce the exposure of sensitive data, meet compliance requirements, and improve employee productivity.

Strategic Distribution Agreement Between NessPRO And NanoLock Security (Nanonolock Security) NessPro will distribute NanoLock’s unique technology for securing IoT and connected edge devices.

1touch.io Launches Portuguese Version of Solution to Help Enterprises (PRWeb) 1touch.io, the leading provider of data and privacy management control solutions, announced today the general availability of a Portuguese version of its s

Bugcrowd Establishes Standard for Crowdsourced Security Workflow Management | Bugcrowd (Bugcrowd) New standardized workflows, advanced reporting, and enhanced skills matching help operationalize true security intelligence Bugcrowd, the only true SaaS platfor

Bugcrowd Announces Industry’s First Platform-Enabled Cybersecurity Assessments for Marketplaces (Bugcrowd) Bugcrowd for Secure Marketplaces enables bulk adoption of crowdsourced security for marketplace and app store owners  Bugcrowd, the only true SaaS platform buil

 Arctic Wolf Announces the Arctic Wolf Agent To Protect Endpoints and the Workforce (BusinessWire) Arctic Wolf Networks, a leading security operations center (SOC)-as-a-service company, today announced the Arctic Wolf™ Agent, an endpoint monitoring

Thycotic launches high-velocity vault for securing access to DevOps environments (ITWeb) The vault enforces corporate password and access policies without slowing down the development and delivery of application updates that businesses need to stay competitive, says Jai Dargan, vice-president of product management at Thycotic.

GrayHair Achieves SOC 2 Compliance and HITRUST Controls Mapping (Yahoo) GrayHair Software, the trusted partner and provider of mail tracking and address hygiene services to the largest mailers and mail service providers in the country, today announces the successful completion of a Service Organization Control (SOC) 2® Type II Audit

ThreatConnect Launches Developer Partner Program (Yahoo) ThreatConnect Inc.®, provider of the industry’s only intelligence-driven security operations platform, is excited to announce the launch of its Developer Partner Program. ThreatConnect’s Developer Partner Program will provide third-party companies with the resources and support they need to develop,

After near-miss attack, Hong Kong law firm turns to Darktrace AI (Cambridge Network) Darktrace, the world’s leading cyber AI company has today announced that one of Hong Kong’s largest domestic law firms, ONC Lawyers, is using its cyber AI platform to defend sensitive client information.

Recorded Future Amplifies Orchestration and Automation Strategies With Original Intelligence and Enhanced Integration (Yahoo) New Security Control Feeds Provide Organizations With Uniquely Curated, High Fidelity Indicators of Compromise, While Enhancements to Usability Help Fulfill Promise of SOAR Solutions BOSTON , Aug. 6, 2019 ...

ForgeRock Delivers Open Source IoT Edge Controller Solution to Secure Device Identities (West) Adds Trusted Identity at Device Level; Released Under Apache 2.0 License for Rapid Adoption in Consumer and Industrial IoT Use Cases

KnowBe4 Launches PhishML to Help Identify and Assess Dangerous Message (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced PhishML (Machine Learning), a new

Technologies, Techniques, and Standards

What all the stuff in email headers means—and how to sniff out spoofing (Ars Technica) Parsing email headers needs care and knowledge—but it requires no special tools.

Former DHS, intelligence leaders launch group to protect presidential campaigns from foreign interference (TheHill) Two former Homeland Security secretaries, along with other former top intelligence officials, launched a non-profit group on Tuesday intended to protect presidential campaigns from foreign interference, such as cyber attacks, at no cost.

Using Social Media to Prevent Mass Shootings Faces Challenges (Wall Street Journal) President Trump’s call for law enforcement and social-media companies to develop technology to prevent mass shootings cuts to the heart of several enormous challenges, experts say.

The gap between war games and reality - Observations from the 2019 Naval War College Cyber War Game (Control Global) I participated in the Naval War College Cyber War Games July 25-26, 2019 in Newport, RI. I have provided my observations and recommendations.

Clash of the Apps (Infosecurity Magazine) One of the biggest issues I see these days is the deployment of incident response tools to aid an investigation

8 Actionable Tips a CISO Can use to Communicate to the Board or C-suite (Bricata) The growing importance of security to business has made communicating with a board of directors an essential duty for a CISO – here are some tips for getting your message across.

Kazakh Authorities Say Testing Of Web Traffic Spy Tool Near Completion (RadioFreeEurope/RadioLiberty) Kazakhstan's main security service said it will finish testing an encryption-busting root certificate on August 7 that critics say allow it to spy on user activity on the Internet.

Thinking like a Cyber Criminal: Strategies to Keep Small Businesses Secure (Channel Futures) Who are these attackers targeting the networks of small businesses, and what are their motivations? LogMeIn sat down with Attila Torok, Director of Security Engineering at LogMeIn, and asked him to dive into the mindset of these cybercriminals.

Design and Innovation

Can a wearable token improve Army network security? (C4ISRNET) A small identity device could serve as a viable battlefield replacement for Common Access Cards.

Research and Development

DARPA Is Taking On the Deepfake Problem (Nextgov.com) The agency wants to teach computers to detect errors in manipulated media using logic and common sense.

Academia

Hacking with elite white hats (ASU Now: Access, Excellence, Impact) At the world’s largest hacking conference starting Thursday, some of the top hackers around will compete to earn the coveted black badge only the best earn. ASU is playing a leading role at DEF CON, where attendees include cybersecurity professionals, security researchers and federal officials. “It’s considered either the Olympics or the Super Bowl of hacking,” said ASU's Adam Doupé, associate director of the Center for Cybersecurity and Digital Forensics who will be helping to lead the competition efforts.

CSM Students – Turned CSM Employees – Advance in National Cyber FastTrack Competition, Earn Scholarships (The Southern Maryland Chronicle) News Release, College of Southern Maryland Two previous College of Southern Maryland cybersecurity students and who now works at the

LCC awarded elite status by NSA/Department of Homeland Security (WSYM) LCC has been designated a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) through academic year 2024 by the National Security Agency and the Department of Homeland Security.

Legislation, Policy, and Regulation

Exclusive: China warns India of 'reverse sanctions' if Huawei is blocked - sources (Reuters) China has told India not to block its Huawei Technologies [HWT.UL] from doing bu...

How to Understand the United States and Iran (Foreign Affairs) From the Nuclear Deal to the Brink of Crisis

Atlantic Council Statement on the Appointment of Christopher Porter as National Intelligence Officer for Cyber at the Office of the Director of National Intelligence (Atlantic Council) Atlantic Council President and CEO Frederick Kempe today issued the following statement on the appointment of Christopher Porter, Atlantic Council Senior Fellow and Chief Technology Officer for Global Cybersecurity Policy at...

Israel training autistic adults for cybersecurity jobs (Israel21c) New initiative will enable people with disabilities to fill job openings such as security operations center inspector.

Litigation, Investigation, and Law Enforcement

AT&T employees took bribes to plant malware on the company's network (ZDNet) DOJ charges Pakistani man with bribing AT&T employees more than $1 million to install malware on the company's network, unlock more than 2 million devices.

Leader of Conspiracy to Illegally Unlock Cell Phones for Profit Extradited from Hong Kong (US Department of Justice, Office of Public Affairs) A 34-year-old citizen of Pakistan, who is alleged to have paid insiders at telecommunications giant AT&T to plant malware and otherwise misuse computer networks to unlock cellphones, was charged in a 14-count federal indictment unsealed yesterday following his extradition from Hong Kong to the Western District of Washington.

8chan owner called before Congress following El Paso shooting (RNZ) The online message board 8chan is being called before Congress to testify about its racist and notorious content.

Israeli firm behind WhatsApp spyware hack faces lawsuit from Amnesty International (Easton Caller) Secretive Israeli firm behind WhatsApp spyware hack is sued by Amnesty International over ‘surveillance of its staff‘

Facebook sues two app developers for click injection ad fraud (TechCrunch) Facebook has filed lawsuits against two app developers accused of generating fraudulent revenue using the social media giant’s advertising platform. The company announced the legal action in a blog post Tuesday. “The developers made apps available on the Google Play store to infect thei…

Enforcing Against Click Injection Fraud (Facebook Newsroom) Facebook filed suit against two app developers for misrepresenting that a real person had clicked on their ads.

Fake Dell support rep admits to talking US colleges out of $874,000 (Naked Security) His victims: UCSD and a Pennsylvania university. He hid out in Kenya for nearly 8 months before being nabbed.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Virginia Cybersecurity Education Conference (Fairfax, Virginia, USA, August 13 - 14, 2019) The goal of the Virginia Cybersecurity Education Conference is to get attendees thinking about ways to engage students at all grade levels in hands-on, meaningful educational activities related to cybersecurity.

9th Annual Peak Cyber Symposium (Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Information Systems Security Association (ISSA) - Colorado Springs Chapter will once again host the 9th Annual Peak Cyber Symposium. This year's theme is "Cyber Hygiene: Everyday for Everyone." The...

Security Leaders Summit New York Fall (New York, New York, USA, September 12, 2019) If there is anything that unifies CISOs, change is the one constant. For 2019, the focus is on the rapid evolution of the security industry, the rising tide of visibility on security organizations, and...

Fraud Force Summit (Portland, Oregon, USA, September 18 - 20, 2019) The Fraud Force Summit is iovation's annual conference bringing customers, prospective customers, partners and industry experts together to connect, collaborate and share. The landscape for fraud prevention...

Security Leaders Summit Boston (Boston, Massachusetts, USA, September 26, 2019) If there is anything that unifies CISOs, change is the one constant. For 2019, the focus is on the rapid evolution of the security industry, the rising tide of visibility on security organizations, and...

Security Leaders Summit Atlanta (Atlanta, Georgia, USA, October 17, 2019) If there is anything that unifies CISOs, change is the one constant. For 2019, the focus is on the rapid evolution of the security industry, the rising tide of visibility on security organizations, and...

National Security Leaders Symposium (Naples, Florida, USA, October 27 - 29, 2019) If there is anything that unifies CISOs, change is the one constant. For 2019, the focus is on the rapid evolution of the security industry, the rising tide of visibility on security organizations, and...

Upcoming Events

Sacramento Cybersecurity Conference (Sacramento, California, USA, August 8, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Wicked6 Cyber Games (Las Vegas, Nevada, USA, August 8, 2019) On August 8, 2019, six elite collegiate cyber teams go head-to-head in the thrilling environment of a Las Vegas esports arena. They’ll battle it out as they search for and defeat the foe, all while an...

Hack the Sea (Las Vegas, Nevada, USA, August 8 - 11, 2019) Hack The Sea is a three day mini-conference that will be held in the villages of DEF CON 27. Hack The Sea will provide a variety of hands-on, collaborative learning experiences ranging from mini-workshops...

DEF CON 27 (Las Vegas, Nevada, USA, August 8 - 11, 2019) DEF CON is a hacker convention which takes place immediately following Black Hat in Las Vegas every year.

Cybersecurity Summit, New York (New York, New York, USA, August 13 - 14, 2019) The Cybersecurity Summit, New York, invites information security practitioners to learn about the latest trends in data breaches and frauds, and about mitigation strategies. ISMG’s Global Summit focuses...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.