Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
August 30, 2019.
By the CyberWire staff
Google's Project Zero has released details of its research into a quiet, sustained watering-hole campaign against iPhone users. They found five distinct exploit chains in use by the attackers. "There was no target discrimination," Google's blog says, "simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week." Apple patched the zero-day vulnerability the campaign exploited in February. Google notes that this single campaign probably represents the proverbial tip of the iceberg. There are probably others, Mountain View says, that remain undetected.
The Wall Street Journal reports that US prosecutors are investigating Huawei for alleged intellectual property theft.
PerCSoft, cloud provider for Digital Dental Record and a widely used back-up data repository for the US dental profession, has sustained a ransomware attack. KrebsOnSecurity says that PerCSoft may have paid the ransom to obtain a decryptor, but there are reports the decryptor hasn't been fully successful. The ransomware strain involved appears to be REvil, also known as Sodinokibi.
Apple has responded to privacy concerns over its recording of Siri interactions by deciding to disable recording and storage by default. This autumn users will be given the option of turning it on, Ars Technica reports, should they be interested in helping train the AI.
Cryptojacking charges have been added to the ones accused Capital One hacker Paige Thompson faces. An additional indictment was filed Wednesday, Infosecurity Magazine reports.
Today's issue includes events affecting Bulgaria, China, Germany, Ireland, Netherlands, United Kingdom, United States.
Bring your own context.
Microsegmentation can bring significant security advantages. But where should you start?
"You know, microsegmentation is, frankly, quite difficult. And what you need to do first is determine what your objective is. Is your objective to protect specific critical applications and their assets, or is your objective to fully segment the entire environment? Either way, you need to choose a starting point. And that typically centers around a specific application that you wish to protect. My advice, personally, is to start with your backup infrastructure. And I know that sounds counterintuitive. Why would you care about your backup infrastructure? But the reason you care about it is because it has every piece of protected information you could ever wish to protect. It is the most compelling target I can think of in the cloud or in the data center. If you get into the backup infrastructure, you've got all the keys to the castle."
—Peter Smith, CEO of zero trust segmentation firm Edgewise, on the CyberWire Daily Podcast, 8.28.19.
(And, seriously, do have a backup infrastructure.)
Happy Labor Day.
We'll be taking our customary US Federal holiday on September 2nd. Publication and podcasting will resume as normal on Tuesday. Research Saturday and the Week that Was will be out as normal tomorrow. Enjoy the holiday, America, including those of you are marking the traditional end of summer vacations with an early departure from work today. (Drive safely.)
Conduct secure and anonymous research on the open and dark web.
If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson tells us about how back-to-school season plays out in the fraud markets. The CyberWire's middle-school correspondent, Jack Bittner, shares his insights on how the sixth-through-eighth-graders are handling security nowadays.
Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte(Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
10th Annual Billington CyberSecurity Summit(Washington, DC, United States, September 4 - 5, 2019) The event will be an important Call to Action for the cybersecurity community and is the deepest examination of the cybersecurity and government at the local, state, Federal and International levels found anywhere.
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.
More_eggs, Anyone? Threat Actor ITG08 Strikes Again(Security Intelligence) X-Force IRIS observed ITG08, which has historically targeted POS machines in the retail and hospitality sectors, injecting malicious code into online checkout pages to steal payment card data.
Ransomware Bites Dental Data Backup Firm(KrebsOnSecurity) PerCSoft, a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack.
Philips HDI 4000 Ultrasound(CISA) 1. EXECUTIVE SUMMARY
CVSS v3 3.0
ATTENTION: Public exploits are available/exploitable from within the same local subnet
Equipment: HDI 4000 Ultrasound Systems
Vulnerability: Use of Obsolete Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could lead to exposure of ultrasound images (breaches of confidentiality) and compromised image integrity.
Cloud Security Boom Creates New Crop of Tech Darlings(Supply Chain Brain) A new generation of cybersecurity companies is creating billions of dollars in market value for investors as businesses increasingly turn to cloud-based products for better protection from sophisticated attacks.
F-Secure joins Broadband Forum to help shape Connected Home security standards(Global Security Mag Online) F-Secure has joined Broadband Forum, the communications industry’s leading organization focused on accelerating broadband innovation, standards, and ecosystem development, to better serve communication service providers and secure its wireless home offerings better in the battle against ever-increasing cyber threats.
Zix: The Mouse That Roared(Seeking Alpha) Zix is a cybersecurity company focused on Email. The company recently acquired AppRiver which is larger and has better metrics. As a result of the acquisition, Zix is left with a small amount of cash and a lot of debt.
SAIC Announces the Appointment of Two New Board Members(Yahoo) Joining the board are Carol Goode and Yvette Kanouff. Goode will serve on the Human Resources and Compensation Committee and the Nominating and Corporate Governance Committee. Kanouff will serve on the Audit Committee and the Risk Oversight Committee.
U.S. Official Involved in Huawei Dispute Steps Down(Wall Street Journal) A senior Commerce Department official overseeing an office at the center of President Trump’s battle with Chinese telecommunications giant Huawei Technologies is moving to a more junior position.
DHS sees more cyber outsourcing(Washington Technology) Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.
Big News For Facebook Investors And No One Noticed(Seeking Alpha) ...This week, the first Cartel the Senate of the Düsseldorf Higher Regional Court expressed massive doubts about the FCO's reasoning on which it based the restrictions. The Court decided that Facebook does not have to implement the antitrust office's orders for the duration of the appeal proceedings. In its explanatory statement the Düsseldorf Higher Regional Court has raised "serious doubts" as to the legality of the globally respected action against Facebook...
Md. top court upholds child porn charge against teen who texted friends(Maryland Daily Record) Delving into the high school world of sexting, Maryland’s top court ruled Wednesday that a 16-year-old who texted a video of herself engaging in a consensual sexual act with an adult was “involved” in distributing child pornography in violation of Maryland law.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
9th Annual Peak Cyber Symposium(Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Peak Cyber Symposium is designed to further educate Cybersecurity, Information Management, Information Technology and Communications Professionals by providing a platform to explore some of today's...
9th Annual Peak Cyber Symposium(Colorado Springs, Colorado, USA, September 3 - 5, 2019) The Information Systems Security Association (ISSA) - Colorado Springs Chapter will once again host the 9th Annual Peak Cyber Symposium. This year's theme is "Cyber Hygiene: Everyday for Everyone." The...
10th Annual Billington CyberSecurity Summit(Washington, DC, USA, September 4 - 5, 2019) This year's theme is, "Reinventing Cybersecurity: Addressing Tomorrow's Top Cyber Challenges." The summit has become the world's leading summit on government cybersecurity. It will convene again U.S. and...
2019 Intelligence and National Security Summit(National Harbor, Maryland, USA, September 4 - 5, 2019) The Intelligence & National Security Summit, powered by AFCEA International and the Intelligence and National Security Alliance (INSA), is the premier forum for unclassified dialogue between U.S. Government...
Derbycon 2019(Louisville, Kentucky, USA, September 4 - 8, 2019) DerbyCon isn’t just another security conference. We’ve taken the best elements from all the conferences we’ve ever been to and put them into one. DerbyCon is a place you can call home, where you can meet...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.