Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
February 1, 2019.
By the CyberWire staff
Facebook continues its purge of inauthentic accounts. Ars Technica reports that the social network has taken down more than seven hundred pages that were being directed "from Iran," amplifying Islamic Republic state media content and targeting audiences in the Middle East and South Asia. Facebook stops short of calling it an Iranian government operation: patriotic activism is also possible.
Twitter has been active against information operations as well, offering an account of 2018 election influence attempts emanating from Russia, Iran, and Venezuela. The company also took down follow-bot services ManageFlitter, Statusbrew, and Crowdfire. As Graham Cluley explains, Twitter finds them in violation of its automation rules.
Fancy Bear, Russia's GRU, seems to have hit a prominent Washington think tank: the Daily Beast says CSIS was prospected by the military intelligence service. If Russian information operations continue, the Foundation for the Defense of Democracies suggests the US respond in kind.
The Media Trust reports discovery of adaptive malware hitting Alexa 500 sites.
NETSCOUT reports a wave of CoAP reflection/amplification DDoS attacks, mostly affecting China, for now.
Experiencing poor performance with your legacy antivirus? Try CB Defense.
Does your legacy antivirus slow down end user endpoints? Try Carbon Black's lightweight, next-generation antivirus + endpoint detection and response solution in your environment for free!
Compare CB Defense to your current solution using real-world scenarios, and see how operations transform across your security and IT teams. After you've finished your 15-day trial, you'll have everything you need to build a business case and make the switch. Gain superior protection, simplified operations, and actionable visibility today.
DreamPort Event: The Red Hat Ansible Tower Workshop(Columbia, Maryland, United States, February 7, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting the Red Hat Ansible Tower Workshop. This workshop will enable you to create playbooks, while building in security. Automation features will save time, empower junior staff, offload senior staff and automate your most tedious tasks!
Cyber Job Fair, Feb 13, San Antonio(San Antonio, Texas, United States, February 13, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, February 13 in San Antonio. Meet leading cyber employers including AF Civilian Service, CNF Tech, Lockheed Martin, and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
CoAP Attack in the Wild(NETSCOUT Threat Intelligence) Attackers have recently begun launching CoAP reflection/amplification DDoS attacks, a protocol primarily used today by mobile phones in China, but expected to grow with the explosion of Internet of Things (IoT) devices.
Apple punishes Google for data collection app(The Telegraph) Apple pulled important app-development tools from Google after the iPhone maker decided the internet giant broke its rules, according to people familiar with the matter.
We dismantle Facebook’s memo defending its “Research”(TechCrunch) Facebook published an internal memo today trying to minimize the morale damage of TechCrunch’s investigation that revealed it’d been paying people to suck in all their phone data. Attained by Business Insider’s Rob Price, the memo from Facebook’s VP of production engineering…
Facebook removes hundreds of accounts linked to fake news group in Indonesia(TechCrunch) Facebook said today it has removed hundreds of Facebook and Instagram counts with links to an organization that peddled fake news. The world’s fourth largest country with a population of over 260 million, Indonesia is in election year alongside Southeast Asia neighbors Thailand and the Philip…
2018 U.S. midterm elections review(Twitter) Today, we’re sharing a comprehensive review of our efforts to protect the integrity of the public conversation on Twitter regarding the 2018 U.S. midterm elections.
Twitter follow bots cut off from API, as accounts disabled for spreading misinformation from Iran and elsewhere(Graham Cluley) ManageFlitter, Statusbrew, and Crowdfire have had their access to the Twitter API revoked for allegedly helping users abuse the service, aggressively and repeatedly following and unfollowing large numbers of other accounts - a tactic frequently employed by Twitter spammers.
Meanwhile, Twitter and Facebook share details of the accounts they have shut down after finding they were spreading misinformation in the run-up to the US midterm elections.
Twitter cuts off API access to follow/unfollow spam dealers(TechCrunch) Notification spam ruins social networks, diluting the real human interaction. Desperate to gain an audience, users pay services to rapidly follow and unfollow tons of people in hopes that some will follow them back. The services can either automate this process or provide tools for users to generat…
Indian state government leaks thousands of Aadhaar numbers(TechCrunch) A lapse in security has led to the leaking of over a hundred thousand Aadhaar numbers, TechCrunch can reveal. One of the web systems used to record attendance of government workers for the Indian state of Jharkhand was left exposed and without a password as far back as 2014, allowing anyone access …
14k HIV+ records leaked, Singapore says sorry(Naked Security) Singapore’s Ministry of Health said the HIV status of 14,200 people, plus confidential data of 2,400 of their contacts, is in the possession of somebody who’s not authorized to have it …
Tripwire Patch Priority Index for January 2019(The State of Security) Tripwire's January 2019 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe, and Oracle. First, on the patch priority list this month are patches for Microsoft's Browser and Scripting Engine.
Fortify Your Human Firewall Against Tax Fraud(Revolutionary Security) Are you training your organization to recognize phishing activity? Tax time is prime time for increased criminal activities and your employees could be a target. Review some quick tips and share this @Habitu8 video with your team to impress the importance of positive cyber behaviors this tax season.
8 Cybersecurity Myths Debunked(Dark Reading) The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.
EU GDPR Data Breach Notification Resource Map(BakerHostetler) Baker & Hostetler LLP publications are intended to inform our clients and other friends of the firm about current legal developments of general interest. They should not be construed as legal advice, and readers should not act upon the information contained in these publications without professional counsel.
Program continues operational development of Army information warfare capabilities(DVIDS) Since 2015 U.S. Army Cyber Command (ARCYBER) has been defining and developing cyberspace operations capabilities to support Army maneuver elements through the Cyberspace Electromagnetic Activities (CEMA) Support to Corps and Below (CSCB) program created in response to a directive by the Chief of Staff of the Army to build unit cyber capacity and help the Army to operationalize cyber.
European Parliament recognizes Venezuela's Juan Guaido(Deutsche Welle) The European Parliament has urged EU member states to recognize opposition leader Juan Guaido as acting president. The EU has so far said it will take "further actions" if Venezuela does not hold fresh elections.
Phone cloner gets 65 months in jail(Naked Security) A US court has sentenced a man to over five years for his part in a massive telecommunications fraud involving stolen cellphone accounts and reprogrammed phones.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
National Security Technology Forum and Exposition (NSTFX)(San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.