Don’t slow down development for application security.
We know that application security testing is a bottleneck for software development—but it’s also crucial. You need a solution that can simplify and automate as much of that process as possible without grinding development to a halt. Code Dx automates the most time-consuming steps in AppSec testing, keeping your DevOps pipeline running as smoothly as possible.
December 16, 2019.
By the CyberWire staff
Multiple reports say that Iran's government has indicated that it's succeeded in fending off another cyberattack. Tehran is again being tight-lipped about the incident, beyond saying that it successfully defended itself, and that the target was "electronic government systems." There's been some a priori speculation about the usual adversaries in the press, but as the BBC points out, Iran's Telecommunications Minister was more specific, saying that the attack used tools associated with APT27, a Chinese-speaking threat group. The Islamic Republic News Agency quotes the ministry as characterizing the attack as "foreign spying."
Around mid-day Friday more cyberattacks hit Louisiana. The City of New Orleans was most prominently affected by what BleepingComputer says has been tentatively identified as (again) Ryuk ransomware. CNN reports that the city declared a state of emergency and disconnected systems from the Internet as a precautionary measure. Emergency services are said to have been unaffected, and City Hall is open for business today, as New Orleans officials characterize the effects of the attack, WBRZ says, as "minimal." In addition to New Orleans, there are reports in WBRZ that sheriff's offices in three Louisiana parishes, Rapides, Washington, and Orleans, were also subjected to an attack at the end of last week. It's unclear whether these attacks are related.
Hackensack Meridian Health, New Jersey's largest hospital health network, was afflicted by ransomware for five days, forcing postponement of about a hundred elective surgeries, the Daily Beast reports. Hackensack Meridian got out from under the attack by paying the ransom.
Today's issue includes events affecting Australia, China, European Union, Germany, India, Iran, New Zealand, Russia, United Kingdom, United States.
Bring your own context.
So here's a question: why are so many data buckets left exposed to the Internet?
"It could be a number of things. And I don't have the statistics, but I'd say one of the most common ones is just that nobody is just keeping track of it. It's a miscommunication between the people who are setting these up, who usually just care about, you know, achieving some form of task in their jobs, and security, who are unaware of the fact that somebody spun up all these storage options and they just don't know that it's happened. By default, usually the access becomes public, and then nobody's aware of the fact that there could be a lot of confidential information in there. And what usually ends up - is there are a lot of both hackers and just other bodies who scan, you know, the range of the S3 buckets and start looking for information that could be confidential or shouldn't be publicly accessible. And very quickly, they find these leaks, and breaches end up happening."
—Dean Sysman, CEO and co-founder of Axonius, on the CyberWire Daily Podcast, 12.12.19.
It's Delphic: know thyself. Or at least be aware that a big gap can open up between "I told them to take care of it" and "That's the first I've heard of it."
Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
And a CyberWire Special Edition Podcast is out: "Capturing the flag at NXTWORK 2019." Capture the Flag competitions are an increasingly popular and valuable way for both cyber security students and seasoned professionals to test their skills, stay sharp and maybe even put a bit swagger on display. We set out to capture the excitement of a capture the flag event. As luck would have it, our sponsors at Juniper Networks were hosting a capture the flag hackathon at their annual NXTWORK conference in Las Vegas, and they invited our CyberWire team to join them to experience it for ourselves.
Information Security Institute Virtual Information Session(Online, January 23, 2020) Our graduate students in the Johns Hopkins University Information Security Institute work alongside our faculty who are world-renowned for their research in cryptography, privacy, medical information security, and network and system security. To learn more, register for the January 23rd one-hour session to get an overview of the Information Security Institute. Panelists will provide a program overview, areas of research, admissions requirements, and discuss life in Baltimore.
6th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 25, 2020) The 6th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 25th, in Baltimore, Maryland. Learn about the do’s and don’ts of risk management with industry leaders and other cyber professionals. Check out the details at http://isi.jhu.edu and click on 6th Annual Cybersecurity Conference for Executives.
F-Secure Finds Major Vulnerabilities in Popular Wireless Presentation System(Yahoo) Consultants with cyber security provider F-Secure have discovered several exploitable vulnerabilities in a popular wireless presentation system. Attackers can use the flaws to intercept and manipulate information during presentations, steal passwords and other confidential information, and install backdoors
Inside ‘Evil Corp,’ a $100M Cybercrime Menace(KrebsOnSecurity) The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers.
Security Patches, Mitigations, and Software Updates
Intel Fixes Dangerous Plundervolt Vulnerability(HOTforSecurity) Intel has quickly released a fix for the new and already infamous Plundervolt vulnerability found in Intel 6th, 7th, 8th, 9th, and 10th generation processors, alongside Xeon Processor E3 v5 and v6, and Xeon Processor E-2100 and E-2200. Security researchers... #ilnerability #intel #Plundervolt
2019 Fraud risk report(NuData Security) Billions of exposed user records are fueling mass-scale attacks daily, from the simplest automation-based to the most sophisticated fraud that emulates human behavior.
DDoS Threats Report 2019 Q3(Nexusguard) While the ongoing implementation of DNSSEC continued to drive the growth of DNS Amplification attacks in the quarter, the sharp rise in TCP SYN Flood attacks is also worthy of considerable attention.
Chinese tech firm Huawei's bullying attitude fails to win over hearts and minds(Hong Kong Free Press) A French academic, Valerie Niquet, a senior research fellow at the Foundation for Strategic Research, is being sued by Huawei France. The Chinese telecom giant has accused Niquet of libel, and, as @HuaweiFactsFR explained in a tweet on November 23 (in French): “In March 2019, #Huawei has filed three lawsuits for libel against a private individual. …
WidePoint Appoints Kellie Kim as Chief Financial Officer(West) WidePoint Corporation (NYSE American: WYY), the leading provider of Trusted Mobility Management (TM2) specializing in Telecommunications Lifecycle Management, Identity Management and Digital Billing & Analytics solutions, has appointed Kellie Kim as the company’s new Chief Financial Officer (CFO).
Cipherloc Continues New Strategic Focus with Go-To-Market Leadership Hires(Yahoo) Ben Poernomo joins CipherLoc from Symantec Corporation's National Security Group, after a previous career in military, government and commercial cybersecurity roles. Ben will be based in the Washington, D.C. area and will lead the go-to-market strategy for CipherLoc's quantum-secure encryption
Factoring RSA Keys in the IoT Era(Keyfactor) Researchers Identify RSA Certificate Vulnerability, Keyfactor researchers successfully break nearly 250,000 distinct RSA keys. 1 in every 172 active RSA certificates are vulnerable to compromise or attack.
CyberX launches partner program in IoT security market(SearchITChannel) CyberX, a company that provides cybersecurity in the IoT and industrial control system sectors, has unveiled a channel program for managed service providers, consultants, integrators and technology providers. Learn more about the initiative.
“Link In Bio” is a slow knife(Anil Dash) We don’t even notice it anymore — “link in bio”. It’s a pithy phrase, usually found on Instagram, which directs an audience to be aware that a pertinent web link can be found on that user’s profile. Its presence is so subtle, and so pervasive, that we barely
The Case for a Mostly Open Internet(ITIF) Policymakers should seek to maximize the benefits of Internet openness while maintaining carefully designed guardrails that reduce the Internet’s most clearly harmful uses.
India shuts down internet once again, this time in Assam and Meghalaya(TechCrunch) India maintained a shutdown of the internet in the states of Assam and Meghalaya on Friday, now into 36 hours, to control protests over a controversial and far-reaching new citizen rule. The shutdown of the internet in Assam and Meghalaya, home to more than 32 million people, is the latest example …
China Threatens Retaliation Should Germany Ban Huawei 5G(Yahoo) China’s ambassador to Germany threatened Berlin with retaliation if it excludes Huawei Technologies Co. as a supplier of 5G wireless equipment, citing the millions of vehicles German carmakers sell in China.“If Germany were to take a decision that leads to Huawei’s exclusion from the German
Trump Agrees to Limited Trade Deal With China(Wall Street Journal) President Trump has agreed to a limited trade agreement with Beijing that will roll back existing tariff rates on Chinese goods and cancel new levies set to take effect Sunday as part of a deal to boost Chinese purchases of U.S. farm goods and obtain other concessions, according to people familiar with the matter.
Man guilty of keeping defense secrets at home(The Daily News of Newburyport) A Massachusetts man has pleaded guilty to keeping classified national defense documents at his home without proper authorization, federal prosecutors said Friday.
The Lawfare Podcast: Countering Chinese Espionage(Lawfare) Recently, former CIA officer Jerry Lee was sentenced to 19 years in prison for conspiring to share classified information with the Chinese government. During the time in which Lee was in touch with Chinese intelligence agents, dozens of CIA sources in China were arrested or killed—a catastrophe for CIA operations in the country. What's the connection between this disaster and the Lee case? And what do both mean for Chinese counterintelligence work overall?
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2020 Billington CyberSecurity Summit(Washington, DC, USA, September 8, 2020) Billington CyberSecurity produces world class educational forums and virtual seminars about the threats, challenges, and opportunities related to protecting our nation's critical cyber infrastructure.The...
CPX 360 Bangkok(Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.