What if your security solution could provide zero doubt?
A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.
February 6, 2019.
By the CyberWire staff
The cyber incident Airbus disclosed on January 30th is now believed, anonymous sources close to the investigation tell Challenges, to have been the work of Chinese operators. Signs seem to point to APT10, also known as Stone Panda or MenuPass. APT10 is generally associated with the Tianjin Bureau of the Ministry State Security. Airbus made its disclosure within GDPR's prescribed seventy-two hours, since the hackers accessed employee data, "mostly professional contact and IT identification details."
APT10 has been busy elsewhere, too. A report by Recorded Future and Rapid7 concludes, in a cautionary account of third-party risk, that the espionage group has been active against managed service provider Visma, a US law firm with a wide-ranging intellectual property practice, and other companies.
Chinese industrial policy and espionage figured in US President Trump's State of the Union address.
The US Departments of Homeland Security and Justice have issued their Congressionally mandated report on whether there was foreign meddling in the 2018 mid-term elections. The Departments found no evidence of any foreign activity that had any "material impact" on the elections or the infrastructure surrounding them.
Vilnius thinks, according to Reuters, that Russia is preparing information operations to interfere with Lithuanian elections. Russia says the fears are nonsense, because they'd never do that.
The US House Committee on Energy and Commerce wants Apple to explain why it took so long to patch FaceTime.
Worried about speculative execution attacks, like Spectre, Meltdown, and Foreshadow? Take it from NSA: keep your patching up to date.
Vendors, suppliers, and independent subsidiaries are gaining more access to your network and sensitive data because today’s business models include outsourcing of non-mission critical programs and tasks, which brings a new world of risk to your organization. In this webinar, LookingGlass Product Manager, Brandon Dobrec and Security Ledger Editor-in-Chief, Paul Roberts will discuss what you need to assess vendors in the modern cyber environment, providing you with the right map to assess your external risk.
ON THE PODCAST
In today's podcast, up later this afternoon, we speak with Emily Wilson from our partners at Terbium Labs. She describes how biometrics can appear for sale on the dark web. Our guest, Katie Nickels from MITRE, takes us through the ATT&CK knowledge base.
Cyber Job Fair, Feb 13, San Antonio(San Antonio, Texas, United States, February 13, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, February 13 in San Antonio. Meet leading cyber employers including AF Civilian Service, CNF Tech, Lockheed Martin, and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.
Cyber Security Summits: February 13th in Atlanta and on April 2nd in Denver(Atlanta, Georgia, United States, February 13 - April 2, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Darktrace and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Rapid Prototyping Event: The Needles in the Haystack(Columbia, Maryland, United States, February 26 - 28, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which we hope to find a solution that can not only 'map' the network in the traditional sense but provide inferences as to the most important servers, workstations or hardware devices. Once these assets are identified they could be isolated, replicated or studied closely via live forensics.
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Cyberattaque contre Airbus: la piste chinoise avancée(Challenges) Selon des sources concordantes, étatiques et proches du constructeur aéronautique, la cyberattaque dont Airbus a annoncé, le 30 janvier, avoir été victime, a été menée via un mode opératoire utilisé par un groupe de hackers qui opère depuis la Chine et ciblait des documents techniques relatifs à la certification des avions du géant européen.
Chinese hackers behind cyber attack on aircraft manufacturer Airbus(Talk Finance) A group of hackers from China would be responsible for a cyber attack on the European aircraft manufacturer Airbus, reports the French business magazine Challenges on the basis of anonymous initiates. Airbus announced on 30 January that it had become a victim of a cyber attack in which data was stolen. Exactly what the damage is, was still being investigated …
Reverse RDP Attack: Code Execution on RDP Clients(Check Point Research) Used by thousands of IT professionals and security researchers worldwide, the Remote Desktop Protocol (RDP) is usually considered a safe and trustworthy application to connect to remote computers. Whether it is used to help those working remotely or to work in a safe VM environment, RDP clients are an invaluable...
Beware of the App! On the Vulnerability Surface of Smart Devices through their Companion Apps(Arxiv) Internet of Things (IoT) devices are becoming increasingly important. These devices are often resource-limited, hindering rigorous enforcement of security policies. Assessing the vulnerability of IoT devices is an important problem, but analyzing their firmware is difficult for a variety of reasons, including requiring the purchase of devices. This paper finds that analyzing companion apps to these devices for clues to security vulnerabilities can be an effective strategy.
When Real-Time Payments Go Wrong(Rambus) Since the 1980s, momentum behind real-time payments (RTP) – also known as faster or instant payments – has grown at an accelerated pace, because of its benefit to both consumers and businesses. Estimates currently suggest approximately 35 countries, including Switzerland, Taiwan, India, China and the UK, have implemented or …
Mobile Endgeräte als tickende Zeitbomben(IT-Zoom) „Wir sehen bereits heute, dass die Schadcode-Zahlen insbesondere für Android im Jahresvergleich um 40 Prozent gestiegen sind“, warnt Hendrik Flierman, Global Sales Director bei der G Data Software AG.
Avast sells Managed Workplace product to Barracuda Networks(Telecompaper) Avast announced that it has sold its Managed Workplace product, a remote monitoring and management product for managed service providers, to Barracuda Networks. The company said the business is not core to its SMB strategy, which focuses on securing the workplace.
3 ways the Pentagon could improve cyber intelligence(Fifth Domain) Intelligence officials and academics say the United States needs to expand its cyber surveillance authorities and capabilities to meet the Trump administration’s vision to be more aggressive in cyberspace.
How to Submit a Bug Report to Apple, Google, Facebook, Twitter, Microsoft, and More(Lifehacker) Leaky security, hardware exploits, crashes, broken features—every piece of hardware or software is prone to bugs and vulnerabilities, and it’s likely you’ve had the misfortune of dealing with them at some point in your tech life. While most people grin, bear it, and wait for the problem to fix itself, you can also take a more active approach to bugs and other security disasters by reporting your findings.
Bots are cheap and effective. One startup trolls them into going away(TechCrunch) Bots are ruining the internet. When they’re not pummeling a website with usernames and passwords from a long list of stolen credentials, they’re scraping the price of hotels or train tickets and odds from betting sites to get the best data. Or, they’re just trying to knock a websi…
Social media giants put profits before child safety(Times) Social media executives could be arrested and held personally liable if content that is harmful to children or vulnerable people is not taken down from their sites, a minister has suggested. Jackie...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Border Security: Physical Wall vs. Virtual Wall(Arlington, Virginia, USA, February 18, 2019) Marymount University ISACA Student Group (MUISG) has its CyberNight at MU scheduled for 9 March 2019 from 6-8pm. Panelists will discuss Border Security: Physical vs Virtual Wall. This is an educational...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
National Security Technology Forum and Exposition (NSTFX)(San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.