AT&T Cybersecurity Insights Report: Security at the Speed of 5G
AT&T Cybersecurity teamed up with 451 Research to survey organizations on their 5G security plans. Download today and see organizations’ 5G cybersecurity preparedness responses followed by gap analysis on what’s possibly being overlooked plus recommendations for strengthening 5G security efforts.
December 5, 2019.
CyberWire Pro, coming in 2020.
We're pleased to announce our new subscription program, CyberWire Pro, launching early in 2020. For cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time as it keeps you informed. Learn more and sign up to get launch updates here.
By the CyberWire staff
McAfee offers some updates on the Buran family of ransomware it first described in May. Buran (that is, “Blizzard”) is widely traded in Russophone criminal souks, where it’s flacked as a “stable offline cryptoclocker, with flexible functionality and support 24/7.” The Rig exploit kit is a common delivery mechanism.
Elsewhere in the criminal-to-criminal market, Proofpoint is following “Buer,” which it describes as a new loader. Buer has been distributed through malvertising that redirects to the Fallout exploit kit; it’s also being pushed by phishing, the payload carried in malicious Word document macros. The going price for Buer is $400.
Russian trolls have been active against public opinion in Lithuania, with an uptick in activity noticeable since early September. The target is NATO; the messaging trades on Second World War fears of Germany and Cold War fears of the US, with the now-familiar memes portraying local authorities as untrustworthy. Lithuania’s government is working against the disinformation, but is tight-lipped about specifics on opsec grounds, Nextgov reports.
Today's issue includes events affecting Australia, China, Denmark, Iran, Democratic Peoples Republic of Korea, Lithuania, NATO/OTAN, Russia, Saudi Arabia, United Arab Emirates, United Kingdom and the United States.
Bring your own context.
A perspective on election risk.
"I am becoming less and less concerned with the actual physical mechanism of voting because, as I mentioned earlier, I think the companies are doing a pretty good job on putting in access controls to those. What I actually am getting more concerned about is what I would consider left of the voting day, and that is the hacking of the voter database rolls, hacking at the DMV because that's connected to the election system. I'm worried about phishing. I'm worried about spoofing of websites on the day of the election, producing false information or misinformation, saying that a particular polling place is closed, or there's an email that looks like it's coming from the election official giving out false information. That's really kind of what I'm starting to become more concerned about than the actual physical day of voting."
—Earl Matthews, chief strategy officer at Verodin, a FireEye company, on the CyberWire Daily Podcast, 12.3.19.
Ward heelers for the 21st Century. Some of them won't be local. And some of their intelligence will be artificial.
A recommendation to our readers.
If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. It offers a monthly overview of news in this sector—take a look.
Without proper context, cyber threat intelligence is useless.
The appearance of new threats and security challenges requires effective tools for their timely identification and in-depth analysis. Without proper contextualization, intelligence is completely useless. Context™ – Cyber Threat Intelligence Platform for enterprises and government agencies delivers cyber threat intelligence harvested from millions of data points from the Deep and Dark Web, combined with data science for objective and actionable insights.
ON THE PODCAST
In today's Daily Podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee discusses the evolution of safety and security in industrial control systems. Our guest, Sean O’Brien from @RISK Technologies, describes how states and cities might prepare for election-targeted cyber attacks.
Hacking Humans is also up. In this episode, "I really wanted that shed," Joe shares the story of a woman losing her life savings to a scammer claiming to be from the FBI. Dave describes the $139 shed scam. The catch of the day is another threat to reveal compromising photos. Carole Theriault speaks with Chris Bush from ObserveIT about security threats from employee burnout.
IBM sounds alarm about more data-wiping malware from Iran(CyberScoop) IBM’s security experts said Wednesday they have uncovered previously unknown malware developed by Iranian hackers that was used in a data-wiping attack against unnamed energy and industrial organizations the Middle East.
Increase in attacks using Outlook flaw(SC Magazine) Organisations warned of full intrusion with just flaw and one phish - due to flaw they should have fixed and is actively used by multiple threat actors.
Quick Analysis of CVE-2011-0609 Adobe Flash Player(AlertLogic) The attack makes use of a SWF file embedded inside an Excel file, which is delivered as an email attachment. The vulnerability can allow an attacker to inject and execute malicious code on a target system.
Online Trust Audit for 2020 Presidential Campaigns Update(Internet Society) On 7 October 2019, the Internet Society’s Online Trust Alliance (OTA) released the Online Trust Audit for 2020 U.S. Presidential Campaigns. Overall, 30% of the campaigns made the Honor Roll, and 70% had a failure, mainly related to scores for their privacy statements. As part of this process, OTA reached out to the campaigns, offering …
State of the Internet(Akamai) As 2019 comes to a close, we want to thank you, our readers, for continuing to support Akamai’s State of the Internet /Security (SOTI) report.
2019 Thales Data Threat Report Financial Services Edition(Thales) Data security, starting with encryption and access management, is an important part of the mix. As data migrates away from the enterprise premises and to the cloud, network security is no longer sufficient to protect data.
Predictions About IoT and Digital Transformation in 2020(DigiCert) This time of year, three things are almost certain. You will be tempted by all flavors of festive treats. You will wish holiday greetings to friends, family, teammates, customers and partners so often you may go hoarse (worth it!). And you will contemplate what’s going to happen in 2020. You’ve likely even made some predictions …
The Copenhagen Post - Danish News in English(The Post) Elsewhere, SAS struggles, baggage strike hits CPH Airport and Shanghai to get a Legoland . Business Round-Up: Majority of Danish companies have endured a cyber attack
Coast Guard Intel Looking for Help on Cloud(MeriTalk) The U.S. Coast Guard (USCG) is looking to leverage the cloud for its intelligence unit as the demands of cyber combat and maritime activities are pushing the unit to embrace technology, according to a request for information released November 22. Responses are due by December 20.
F-Secure has completed restructuring(West) F-Secure has completed restructuring of operations as planned. The restructuring was estimated to result in annual cost savings of more than EUR 5 million to be achieved by the end of 2020 as originally announced on 7 October 2019. Restructuring included personnel reduction negotiations that resulted in reduction of approximately 60 full-time equivalents globally out of which approximately 25 from Finland.
Upstream announces Dimitris Maniatis as new CEO(RealWire)
Former CEO Guy Krief will join the Board of Directors
London, December 4th, 2019 - Leading mobile technology company, Upstream, announces former Head of Secure-D, Dimitris Maniatis, as its new CEO
Netskope Security Cloud Now Available in AWS Marketplace(Netskope) Listing enhances delivery of Netskope’s data-centric, cloud-smart, and fast platform to AWS customers LAS VEGAS – AWS re:Invent 2019 – December 3, 2019 – Netskope, a leader in cloud security, today announced the availability of Netskope Security Cloud in AWS Marketplace. Amazon Web Services (AWS) customers now have greater access to a proven cloud security …
Centrify Announces “Secure the Vote 2020”(BusinessWire) Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, today announced a new nationwide initiative to secure p
LogicMonitor Announces Innovative Enhancements to AIOps Solution(Yahoo) LogicMonitor today announced general availability of its AIOps early warning system, which marks the latest enhancement to its AIOps solution, LM Intelligence™. The new system is designed to provide actionable warning indicators for imminent issues. Combined with the single pane of glass view enabled
Autotalks announces first FIPS-Compliant C-V2X/DSRC chipset for secure deployment in the US(Green Car Congress) Israel-based Autotalks announced that its second-generation chipsets are FIPS-certified for secure C-V2X or DSRC deployment in the US. The announcement comes after Autotalks’ V2X chipsets achieved Federal Information Processing Standard 140-2 (FIPS 140-2) security level 3 certification from the US National Institute of Standards and Technology (NIST). Autotalks’ CRATON2 and...
Finding Long Connections With Zeek(Active Countermeasures) Hey folks. I’m Chris Brenton, and today I’m going to show you how to find the longest connections taking place on your network using Bro/Zeek’s conn.log.
Passwords: Our First Line of Defense(Black Hills Information Security) Darin Roberts // “Why do you recommend a 15-character password policy when (name your favorite policy here) recommends only 8-character minimum passwords?” I have had this question posed to me a couple of times in the very recent past. There were 2 separate policies that were shown to me when asking these questions. First was …
Webcast: Group Policies That Kill Kill Chains(Black Hills Information Security) On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Download slides: https://www.activecountermeasures.com/presentations/ 0:45 Introducing what a kill chain is and general background you need for this webcast 15:53 Getting into group policies, best practices, group policies that we’re not covering …
Kim Jong Un again rides horse up sacred peak as North Korea raps Trump(Military Times) North Korean leader Kim Jong Un rode a white horse up a sacred mountain in his second symbolic visit in less than two months, state media reported Wednesday, as his military chief lashed out at U.S. President Donald Trump for talking about a possible military option against the North.
Senators inch forward on federal privacy bill(TheHill) Senators argued for their dueling proposals for a federal privacy law during a highly anticipated hearing on Wednesday, marking the first time key Republicans and Democrats have taken their disputes public after months of closed-doors negotiations.
Huawei files appeal in U.S. court against FCC's rural carrier purchase ban(CNBC) The FCC last month voted unanimously to designate Huawei Technologies Co Ltd and peer ZTE Corp as national security risks, barring their U.S. rural carrier customers from tapping an $8.5 billion government fund to purchase Huawei or ZTE telecommunications equipment. Huawei filed a petition with the Fifth Circuit Court in New Orleans challenging the FCC...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CISO Leadership Forum(Austin, Texas, USA, December 4 - 5, 2019) Forget the typical conference, which may or may not focus on the latest industry buzz, vendor specific pitches or trendy new development. Our learning sessions are vendor agnostic only as we focus on peer-to-peer...
International Cyber Risk Management Conference(Bermuda, December 4 - 6, 2019) The International Cyber Risk Management Conference (ICRMC) provides delegates with an essential forum to learn from experts, network and share experiences with peers and colleagues, and get the answers...
St, Louis Cybersecurity Conference(St. Louis, Missouri, USA, December 5, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
CyberMaryland 2019(Baltimore, Maryland, USA, December 5 - 6, 2019) The CyberMaryland Conference includes thought leaders from Maryland’s Cyber Security sector and also features nationally recognized speakers and panelists on cyber and technology innovations. Sessions...
Anaheim Cybesecurity Conference(Anaheim, California, USA, December 11, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.