Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
August 23, 2019.
The CyberWire's 6th annual Women in Cybersecurity Reception will be here in October.
Our 6th Annual Women in Cybersecurity Reception takes place October 24 at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC. The Women in Cybersecurity Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested in one of those, too.
By the CyberWire staff
Google has joined Facebook and Twitter in taking down social media accounts probably operated by Chinese government sock puppets. Mountain View blogged yesterday that it had closed two-hundred-ten YouTube accounts it found spreading coordinated disinformation about the ongoing protests in Hong Kong. Google didn’t explicitly attribute the activity to the Chinese government, but it did note that the activity was similar to the campaigns flagged by Twitter and Facebook. Google also observed behavior it associates with inauthenticity, notably the use of VPNs.
The SBU, Ukraine's security service, confiscated cryptomining rigs at the Yuzhnoukrainsk nuclear power facility. An undisclosed number of personnel are under investigation for illicitly mining cryptocurrency on the plant's computers. Cointelegraph noted the similarities to the case of the nuclear engineers Russian authorities arrested in February of 2018 for pulling Bitcoin from the Russian Federal Nuclear Center. The nuclear power and research sector deploys a lot of computational power, which attracts cryptojackers. The Uniam news service claimed that control systems at Yuzhnoukrainsk were connected to the Internet, which presents its own problems.
ESET reports the first known instance of spyware built on AhMyth open-source malware. "Radio Balouch" or "RB Music," advertised itself as a Balouchi-music streaming service. It delivered as promised, but also came with an information stealer. It has been expelled from Google Play.
Valve has patched the Steam flaws spurned bug hunter Vasily Kravets discovered. The company told Ars Technica that it recognizes its handling of the disclosures was a mistake. It's adjusting its policies accordingly.
Today's issue includes events affecting China, European Union, France, India, Israel, New Zealand, Russia, Ukraine, United Kingdom, United States.
Bring your own context.
A Palo Alto survey found that 62% of Americans feel that they should be responsible for the security of their own personal information, but only 24% claimed to have even so much as a rudimentary security process in place to meet that responsibility. (And, we might add, some fraction of that 24% is probably blowing sunshine.)
"As I've gotten more mature in this field it occurs to me that blaming the user for not being technical enough to see adversaries like OilRig and Emissary Panda and Reaper attacking their laptops, you know—that all just belongs in the pile of cybersecurity elitist B.S., OK? It just does. Right? I have problems spotting malicious links in email, and I've been doing this stuff for over twenty years. But the community has been expecting the grandmas of the world to know enough to spot these advance attacks. In hindsight, you know, that's just laughable."
—Rick Howard, head of Palo Alto Networks' Unit 42, on the CyberWire Daily Podcast, 8.21.19.
He's right, and his point applies not only to the grandpas and grandmas, but to millennial gamers, businesses of all sizes, government agencies, etc.
Is your cybersecurity program aligned with your business goals and objectives?
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with out partners at Cisco Talos, as Craig Williams discusses their research into the Heaven's Gate remote access Trojan. Our guest, Cathy Hall from Sila, shares thoughts on privileged access management.
Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte(Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.
TrickBot: Ono! New Tricks!(Binary Defense) The Binary Defense Threat Hunter team reveals unusual behaviors of a new TrickBot variant. Threat Hunting is an integral part of any successful cybersecurity effort.
27 fake apps removed from Play Store(DNA India) 27 fake apps removed from Play Store - Google reportedly removed 27 fake Android apps that prompted users to install a fake Play Store. Pune-based Quick Heal Technologies discovered these apps claiming they are from dropper category.
Banking Trojan Banjori Analysis Report(NSFOCUS, Inc.,) Banjori is a banking trojan that has been active since it was first spotted in 2013. It identifies personal online banking users in France, Germany, and the USA as major targets. After infecting a user, the trojan injects a malicious payload into the user’s active processes and collect the user’s information.
The Shady Secrets of Shadow Networks(Akamai) Shadow networks are side channels to traditional networks, undetected and working quietly in the background alongside what the traditional network was designed to do.
Seguin safe from ransomware cyber attack(Seguin Gazette) Nearly two dozen Texas cities recently were targeted in a cyber attack, but the city of Seguin was not one of those municipalities, a pair of local officials said.
Mobile Identity Is The New Security Perimeter(Forbes) The formidable challenges of securing a perimeter-less enterprise where the mobile device identities are the new security perimeter need a mobile-centric zero-trust network to succeed.
Understanding the Magnitude of Insider Threats: A Global Epidemic(Cyber Defense Magazine) As the nature of cyber threats has developed over the last 10+ years, the National Insider Threat Special Interest Group (NITSIG), founded by the author, has provided the U.S. Government and businesses with a “Central Source” of information related to Insider Threat Mitigation (ITM).
VMware acquires Carbon Black for $2.1B and Pivotal for $2.7 billion(TechCrunch) VMware today announced that it is acquiring Carbon Black, a publicly traded security company that focuses on securing modern cloud-native workloads. The price of the acquisition is about $2.1 billion. In addition, VMware also confirmed the acquisition of Pivotal, which will have a value of about $2…
Ping Identity files for $100M IPO on Nasdaq under the ticker ‘Ping’(TechCrunch) Some eight months after it was reported that Ping Identity’s owners Vista Equity had hired bankers to explore a public listing, today Ping Identity took the plunge: the Colorado-based online ID management company has filed an S-1 form indicating that it plans to raise up to $100 million in an…
Applied Insight Awarded New Cybersecurity Task Order With U.S. Air Force(Yahoo) Applied Insight, a market leader in solving complex technology challenges for federal government customers, backed by The Acacia Group, announced today that it has been awarded a new $16 million task order to provide cybersecurity and information assurance services to the U.S. Air Force Air Mobility Command. Under the Enterprise Security Services task order, the AI cybersecurity team will provide specialized technical services in support of AMC’s command and control systems, ensuring their ability to operate securely on Department of Defense, Air Force and AMC enterprise networks.
The war inside Palantir: Data-mining firm’s ties to ICE under attack by employees(Washington Post) So far, Palantir has stood firm in its support of the government, even as employees and activist groups say there is growing evidence that Palantir lends support to ICE agents whose work violates the civil liberties of undocumented immigrants. A workplace raid resulting in the arrest of 680 migrant workers in Mississippi on Aug. 7 was carried out by the unit of ICE that uses Palantir software to investigate potential targets and compile evidence against them.
The Case For ‘Smart’ Security(Above the Law) Artificial Intelligence is on track to disrupt well, everything -- but when it comes to AI and cybersecurity, there’s plenty to consider before implementing AI-based technology in your organization.
Facebook publishing 2015 data-scraping document(Seeking Alpha) Facebook (FB -0.2%) says it's agreeing with the D.C. attorney general to jointly make public a September 2015 document that shows company employees discussing public data scraping.
Document Holds the Potential for Confusion(Facebook Newsroom) We are agreeing with the District of Columbia Attorney General to jointly make public a September 2015 document in which Facebook employees discuss public data scraping.
Integrate(Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...
Washington DC Cybersecurity Conference(Washington, DC, USA, August 29, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
9th Annual Peak Cyber Symposium(Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Peak Cyber Symposium is designed to further educate Cybersecurity, Information Management, Information Technology and Communications Professionals by providing a platform to explore some of today's...
9th Annual Peak Cyber Symposium(Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Information Systems Security Association (ISSA) - Colorado Springs Chapter will once again host the 9th Annual Peak Cyber Symposium. This year's theme is "Cyber Hygiene: Everyday for Everyone." The...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.