Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
August 20, 2019.
The CyberWire's 6th annual Women in Cybersecurity Reception will be here in October.
Our 6th Annual Women in Cybersecurity Reception takes place October 24 at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC. The Women in Cybersecurity Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested in one of those, too.
By the CyberWire staff
Twitter has identified and suspended 936 accounts it determined to be engaging in coordinated activity to discredit the ongoing protests in Hong Kong. China blocks Twitter, so the accounts either used VPNs or specially unblocked IP addresses on the mainland. Crediting Twitter with having tipped it off, Facebook followed suit, and terminated seven pages, three groups, and five accounts engaged in the same campaign of coordinated inauthenticity designed to mislead and misdirect protesters in Hong Kong. Facebook is also blocked in China. As the Wall Street Journal notes, the fact that many of the social media accounts involved were operating unblocked from the mainland strongly suggests that they were operating on behalf of the Chinese government.
Twitter also changed its advertising policy in a gesture toward cracking down on government-run influence campaigns. Henceforth the company will no longer sell advertising to state-sponsored media. Those media will continue to be able to tweet, just not buy ads. It seems likely that more state control will become covert and deniable.
Cisco Talos discovered and helped remediate eight vulnerabilities in Google's Nest Cam IQ Indoor camera. The issues could have been exploited to commit denial-of-service attacks, code execution, and information theft.
Researchers at vpnMentor report that they've found that the niche adult site, "Luscious," is leaky. That is, it exposes data on the roughly one-million registered users that include usernames, personal email addresses, activity logs, country of residence, and gender.
Lawfare has published an appeal for public engagement with the Cyberspace Solarium Commission.
Today's issue includes events affecting China, France, Greece, India, Pakistan, Russia, United Arab Emirates, United States.
Bring your own context.
There's been enough litigation to show that insurance companies and their clients don't always agree on when a claim for damages incurred in a cyberattack should be paid. What about war clauses, for example?
"You need to have an understanding of at least one of the outcomes you need in order for them to pay out. But if you look at where they're basically saying the recent breach was an act of war, an act of war is becoming a common tool that insurance companies are using to limit their risk and liability for a breach. You have to assume that there will be collateral damage in any state-sponsored cyberwarfare campaign, right? If you look at the U.S. military, they sort of cordon off or they organize their theaters by coms. There's Northcom, Africom, Southcom. Cybercom is a global command, if that makes sense, right? So while - if you look at the U.S. and the Ukraine, we are - I Googled it - we are 5,687 miles away from the Ukraine. And while you might be 5,000-plus miles away from a conflict, if it's a cyber conflict, in most cases, you are digitally fractions of a second away from that conflict. If you have a public IP address, you are basically in theater. So you have to understand exactly what risks you're going to take in terms of what Get Out of Jail Free cards are there for the insurance company.... You have to understand what are the things that could nullify your policy, right? And you need to understand that we live in this world where if it's a digital conflict, if you have a public IP address, you are in theater, and you definitely run the risk of collateral damage in the way that physical confrontations don't."
—John Smith, principal sales engineer at ExtraHop, on the CyberWire Daily Podcast, 8.16.19.
Cyber insurance remains a maturing market, and some important actuarial data and risk decisions are still taking shape.
Is your cybersecurity program aligned with your business goals and objectives?
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Booz Allen Hamilton, as Michael Sechrist continues his discussion of cities' paying ransom to cyber extortionists. Our guest is John Bennett, General Manager of Identity and Access Management at LogMeIn, and he describes the growing cyber threats to small and medium businesses.
Cyber Warrior Women Summer Social: Sip and Paint(Columbia, MD, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte(Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.
Information operations directed at Hong Kong(Twitter) We are disclosing a significant state-backed information operation focused on the situation in Hong Kong, specifically the protest movement and their calls for political change.
Apple's iOS 12.4 Has a Bug That Enabled a Jailbreak(Digital Trends) It appears iOS 12.4 may not be the safest version of iOS, according to a new report. Apparently, Apple accidentally unpatched a security flaw that was previously fixed in iOS 12.3 -- and the result is that any phone with iOS 12.4 can now be jailbroken. We don't recommend users jailbreak their iPhones.
Vulnerability Summary for the Week of August 12, 2019(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available
Software bug caused CBP airport system outage(FCW) A computer system outage that led to long passenger lines at international airports across the country on Aug. 19 was caused by a software bug, according to Customs and Border Protection.
Security Patches, Mitigations, and Software Updates
Multiple HTTP/2 DoS flaws found by Netflix(Naked Security) Netflix has identified several denial of service (DoS) flaws in HTTP/2, a popular network protocol that underpins large parts of the web. Exploiting them could bring servers grinding to a halt.
RiskIQ Taps FireEye Veteran Dean Ćoza to Lead Product, Technology Teams(Yahoo) RiskIQ, the global leader in attack surface management, today announced the appointment of Dean Ćoza to its leadership team as Chief Product Officer. Most recently the Executive Vice President at Absolute Software, Ćoza brings over 20 years of experience leading product and technology teams at industry
GV creates new biomedical & cybernetic engineering degrees(Grand Valley Lanthorn) Grand Valley State University works hard to be an adaptive and advancing school, often creating new degrees to satisfy a changing job market and economy. As both of these things change, GVSU has created news degrees in biomedical science like Biomedical Engineering with electrical emphasis, which is for students who will apply the fundamentals of...
A look at the Islamic State affiliate’s rise in Afghanistan(Military Times) A suicide bombing at a wedding party in Kabul claimed by a local Islamic State affiliate has renewed fears about the growing threat posed by its thousands of fighters, as well as their ability to plot global attacks from a stronghold in the forbidding mountains of northeastern Afghanistan.
US Commerce Department adds 46 Huawei affiliates to entity list(TechCrunch) Update: Huawei has responded to the DoC’s move, We oppose the US Commerce Department’s decision to add another 46 Huawei affiliates to the Entity List. It’s clear that this decision, made at this particular time, is politically motivated and has nothing to do with national securit…
Navy Moving Ahead to Create Special Cyber Office - USNI News(USNI News) The Navy Department will soon create a new office led by a special assistant to the secretary who will have sweeping authority to integrate and manage the critical areas of information management and security, aided by four deputies responsible for buying the right technology, determining strategies to better handle digital information and …
States to Move Forward With Antitrust Probe of Big Tech Firms (Wall Street Journal) A group of state attorneys general is preparing to move forward with a joint antitrust investigation of big technology companies, according to people familiar with the situation, adding another layer of scrutiny to an industry already under a federal spotlight.
Trump alleges Google manipulated voters against him(TheHill) President Trump alleged Monday that Google manipulated millions of voters into supporting former Secretary of State Hillary Clinton in the 2016 election, saying the company “should be sued” in his latest attack
Did SEAL Team 6 commit unlawful command influence in catfishing case?(Navy Times) Called the “mortal enemy of military justice,” UCI occurs when superiors utter words or take actions that improperly influence the outcome of court-martial cases, jeopardize the appellate process or undermine the public’s confidence in the armed forces by appearing to tip the scales of justice.
Investigating cyber-security at U.S. Central Command(FOX13news) While the college admissions scandal exposed students getting undue help on their exams, FOX 13 started hearing and investigating claims of a different kind of cheating in one of the most sensitive parts of our government.
Russian Man Who Tried to Burn Down Offices of Internet Regulator Reportedly Gets Probation(Gizmodo) Earlier this month, a court in Russia’s Ulyanovsk Region sentenced a man to one and a half years’ probation after he reportedly tried not one, not two, but three times to burn down the regional offices of national internet regulator Roskomnadzor, with Interfax reporting (via TorrentFreak) that one local said he had done so to seek revenge over blocking of piracy sites.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SecureWorld Bay Area(Santa Clara, California, USA, August 21, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Pittsburgh Cybersecurity Conference(Pittsburgh, Pennsylvania, USA, August 22, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Integrate(Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...
Washington DC Cybersecurity Conference(Washington, DC, USA, August 29, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.