Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
August 22, 2019.
The CyberWire's 6th annual Women in Cybersecurity Reception is just around the corner.
Around the corner at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC, that is. Our 6th Annual Women in Cybersecurity Reception takes place October 24. The Women in Cyber Security Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested.
By the CyberWire staff
Researchers at Anomalireport finding an active North Korean cyber espionage campaign directed against universities, think tanks, and foreign ministries. The infection method is phishing, with the malicious payload taking victims to fake websites. In some instances the bogus sites masqueraded as login pages for government diplomatic portals. The threat group is thought to be connected to Pyongyang's missile program.
FireEye describes ongoing cyber espionage directed against the healthcare sector. The researchers associate the campaign with the Chinese government. It seems to have two goals. First, the operators are interested in simply acquiring large quantities of personal information, a goal many such campaigns have. Second, the campaign appears to be particularly interested in cancer research.
A researcher has disclosed a second zero-day vulnerability in Valve's Steam platform. The issue is thought to affect more than 96 million users worldwide, Bleeping Computer reports.
Detailed information about the coordinated ransomware attack that hit local-government targets in Texas last Friday remain sparse, but Ars Technica and WIRED have compilations of what's known so far. Twenty-three organizations have been affected. The attacks came from a single source authorities decline to name. The affected organizations also haven't been specified, although a few names have leaked. In general larger counties and cities seem to have been more resilient.
ESPN reports that impassioned and very disappointed fans of Veracruz's losing fútbol side have hacked the club president's Twitter account because he's "tarnishing the badge," and because doing so is their first step in "taking back their club."
Today's issue includes events affecting Australia, China, European Union, Germany, Israel, Kazakhstan, Democratic Peoples Republic of Korea, Republic of Korea, Japan, Mexico, Netherlands, Portugal, Russia, United Kingdom, United States.
Bring your own context.
Advice to buck up and protect yourself from ransomware.
"There are basically two factors in terms of why ransomware still even is a thing. If everyone had proper backups, ransomware would never have been a thing - just simple as that. There'd be no profit for it because everyone would just be, like, 'hit the restore button.' That's how it should be. The second factor, of course, is the whole controversy of paying the bad guys. That's what keeps them going. But there'd be no reason to pay them if you had backups."
—Michael Gillespie of Emsisoft, and also proprietor of the ID Ransomware website, on Hacking Humans, 8.22.19.
Thus, two points: first, backup is easier and cheaper than you may think. And, second, paying ransom fuels a bandit economy.
Is your cybersecurity program aligned with your business goals and objectives?
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success.
And Hacking Humans is up. In this episode, "Backups backups backups," Joe describes a primitive (but effective) phishing scheme being tracked by Bleeping Computer. Dave shares news from a Black Hat presentation on phishing stats from Google. The catch of the day is a friendly invitation from Hawaii. Our guest is Michael Gillespie from Emsisoft describing the ID Ransomware project.
Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte(Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.
ECB takes blame for Bird website infection(bobsguide) A malware infection which caused the shutdown of a European Central Bank (ECB) website should not be blamed on its third-party service provider, according to a spokesperson at the ECB, as the central bank is responsible for its upkeep.
Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks(BleepingComputer) The threat actor that hit multiple Texas local governments with file-encrypting malwarelast week may have done it by compromising a managed service provider. The attacker demanded a collective ransom of $2.5 million, the mayor of a municipality says.
CashFlows turns to Akamai for cyber protection(Finextra Research) Akamai (NASDAQ: AKAM), the intelligent edge platform for delivering and securing web experiences, today announced it is protecting CashFlows, an innovative FinTech offering comprehensive merchant services, alternative payments, and BIN Sponsorship solutions (card issuing and ATMs), from the growing threat of Distributed Denial of Service (DDoS) attacks against its cloud-based services.
Properly Safeguarding Distributed Internet of Things Networks(DH2i) Aside from the internet itself, The Internet of Things has the potential to become the most transformative technological application of our times. Conservative estimates indicate it will encompass approximately 30 billion devices in the next couple years, more than half of which will include machine to machine communication. With each of those smart devices connected Read More...
Google denies reports of unannounced changes to Android app review process(TechCrunch) Multiple reports this week claimed Google had quietly rolled out a more in-depth app review process to all developers — changes designed to keep the Play Store safer from spam, malware and copycat apps. Those reports are inaccurate, Google tells TechCrunch. Instead, the company is giving itse…
Why These Social Networks Failed So Badly(Gizmodo) Sixteen years ago, the sun set on Web 1.0, and we embarked by the light of our smartphones to 24/7 connectivity, down a road paved with corporate blunders, littered with yesterday’s top 8 friends, scrubbed n00ds, trashed chiptune tracks, bomb threats, and downy unicorn costumes. Comedic treasures were born and abandoned by parent companies; screaming crowds running through billowing tear gas from police vanished behind defunct video players. Devs dreamed of love, artists of postmodern interfaces, and unknowns of entertainment careers. Netizens injured themselves for stunts, by accident, and on purpose. We submitted to our overlord Mark Zuckerberg and the army of influencers. And so many rubber ducks wailed.
Cyberthreat assessment tool contract signed between USAF, Radiance Technologies(Military Embedded Systems) Cyberengineering firm Radiance Technologies has won a potential five-year, $99.9 million contract to design, build, develop, and integrate a set of tools and models for the U.S. Air Force to use in the assessment of cyber vulnerabilities on Internet of things-based devices and other distributed systems.
You Won't See Quantum Internet Coming(Gizmodo) The quantum internet is coming sooner than you think—even sooner than quantum computing itself. When things change over, you might not even notice. But when they do, new rules will protect your data against attacks from computers that don’t even exist yet.
Virginia Tech receives federal award for counterintelligence work(VT News) The award, given annually since 2010, recognizes up to four companies and/or institutions, out of about 10,000, that exhibit the best counterintelligence results and cooperation to support the U.S. government’s efforts to detect and stop foreign entities from stealing national security information.
Defense Intelligence Agency cyber operations chief talks cybersecurity(DVIDS) The Joint Worldwide Intelligence Communications System and the Department of Defense Intelligence Information System are major topics this week at the Defense Intelligence Agency Department of Defense Intelligence Information Intelligence System Worldwide Conference, Aug. 18-22, 2019.
Schools Brace for Cyberattacks(Wall Street Journal) As hacks against schools wreak more damage, state governments are moving to help school districts recover from attacks and prevent new ones.
Litigation, Investigation, and Law Enforcement
Suspect in Huge Capital One Breach Seeks Release From Jail(SecurityWeek) Lawyers for a transgender woman charged in a massive data breach at Capital One asked a judge to release her from federal custody, saying that for her to remain jailed with men is a serious threat to her mental health.
Covington Interim Report(Facebook) Facebook strives to “give people the power to build community and bring the world closer together.” Consistent with that mission, over 2 billion people use Facebook’s products and services to share ideas and news, organize events, and promote candidates for federal, state, and local office.
Here's the data Facebook's bias report doesn't show you(Media Matters for America) Facebook issued a report regarding right-wing cries of bias on the platform. Notably, the report includes no actual data supporting those claims. Nor does the Wall Street Journal op-ed penned by former Sen. Jon Kyl.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Pittsburgh Cybersecurity Conference(Pittsburgh, Pennsylvania, USA, August 22, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Integrate(Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...
Washington DC Cybersecurity Conference(Washington, DC, USA, August 29, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
9th Annual Peak Cyber Symposium(Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Peak Cyber Symposium is designed to further educate Cybersecurity, Information Management, Information Technology and Communications Professionals by providing a platform to explore some of today's...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.