Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
February 12, 2019.
By the CyberWire staff
Secure email provider VFEmail sustained an attack yesterday that wiped its US infrastructure. It's a business-killer: the company will probably cease operations. "Every VM is lost," the company tweeted. "Every file server is lost, every backup is lost." The attacker's motive is unknown and may be simple malice, or just the lulz, effectively the same thing. ZDNet says a Bulgarian IP address turned up in the attack traffic, but there's no attribution yet. VFEmail advises against reconnecting email clients to their service lest even users' local backups be lost.
The EU deliberates a coordinated response to APT10's recent activity. Unanimity will be tough to achieve, Bloomberg reports: not every member sees the same things.
The AP says Norway has again warned of Russian GPS jamming. The Drive reports US Army Stryker combat vehicles have been hacked. Marine Times says the Corps has a shadow-IT problem with close air support.
President Trump yesterday signed an Executive Order designed to maintain American leadership in artificial intelligence against determined, effective Chinese competition. With that, and with both Microsoft and Google having cautiously warned investors that while they're all-in on AI, AI does pose certain risks to their business, there's a mood of speculation about AI's future as it affects the future of humanity. WIRED offers a cyberpunk version of what amounts to either logical atomism or the myth of the cave. Either early Wittgenstein or mid-career Plato, so squint through your VR goggles and take your pick (but watch out for the whales).
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
Cyber Security Summits: February 13th in Atlanta and on April 2nd in Denver(Atlanta, Georgia, United States, February 13 - April 2, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Darktrace and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Rapid Prototyping Event: The Needles in the Haystack(Columbia, Maryland, United States, February 26 - 28, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which we hope to find a solution that can not only 'map' the network in the traditional sense but provide inferences as to the most important servers, workstations or hardware devices. Once these assets are identified they could be isolated, replicated or studied closely via live forensics.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
Email Provider VFEmail Suffers ‘Catastrophic’ Hack(KrebsOnecurity) Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever.
Windows App Runs on Mac, Downloads Info Stealer and Adware(TrendLabs Security Intelligence Blog) We found an EXE application that specifically runs on Mac to download an adware and info stealer, sidestepping built-in protection systems on the platform such as Gatekeeper. We suspect the cybercriminals developing this routine as an evasion technique for damaging infections and attacks in the future as our telemetry showed the highest numbers to be in the UK, Australia, Armenia, Luxembourg, South Africa and the US.
Top Data Protection Issues Facing HNW Individuals(WealthBriefingAsia) Often referred to as "the oil" of the modern economy, data is strikingly vulnerable to abuse as more personal information goes online and can be cross-referenced. High net worth individuals are among those with the most to lose.
Lenovo Watch X was riddled with security bugs, researcher says(TechCrunch) Lenovo’s Watch X was widely panned as “absolutely terrible.” As it turns out, so was its security. The low-end $50 smartwatch was one of Lenovo’s cheapest smartwatches. Available only for the China market, anyone who wants one has to buy one directly from the mainland. Lucky…
Security Patches, Mitigations, and Software Updates
To Understand IoT Security: Look to the Clouds(Government Technology) The Internet of Things (IoT) is growing exponentially. But security and privacy concerns are piling up at the same time. How can we understand where this trend is heading? Here's what we can learn from the history of the cloud.
Healthcare Email Fraud Report(Proofpoint) Email fraud, also known as business email compromise (BEC), is one of today’s greatest cyber threats and it’s impacting healthcare organizations of all sizes across the globe. Email fraud attacks are socially engineered to target people, rather than technology. Fraudsters prey on human nature to steal money and valuable information from healthcare organizations’ staff,
Amazon buys Eero: What does it mean for your privacy?(TechCrunch) In case you hadn’t seen, Amazon is buying router maker Eero. And in case you hadn’t heard, people are pretty angry. Deluged in a swarm of angry tweets and social media posts, many have taken to reading tea leaves to try to understand what the acquisition means for ordinary privacy-minde…
Mirror Chess Is Not Good Cyber(Forbes) In chess, mirroring your opponents is a terrible strategy because the opponent is intelligent and you become predictable due to asymmetries in the game. This analogy is perfect for security and helps us see where mirroring in cybersecurity is likewise an awful strategy with critical secondary issues
Crash Course in How Cyberattacks Start(IndustryWeek) In order to effectively defend against such attacks, it is critical to understand how an attacker thinks and how the actual attack is conducted.
Security wellness takes more than a fad diet(Help Net Security) Like the dizzying array of diet and exercise options offering a quick fix, the security landscape is made more complex by the volume of available solutions.
Undertaking the crucial task of bringing cryptography to activists(Equal Times) A group of journalists and activists slowly trickle into a room. They take a seat. Some talk amongst each other, others play around with their phones. They think they are there for a workshop, but unbeknownst to them, they are being hacked. Five minutes after their arrival, a security expert has cracked most of their phones, and with it, sensitive information about contacts, co-activists, planned protests and stories. The story is real, yet nobody got hurt. The course was organised by the (...)
Email Impersonation Scams(Hakin9 - IT Security Magazine) What You or Your IT Staff Can Do to Protect Your Business A major cyber threat to Australian businesses is email-based …
Hit big tech hard but don’t crush free speech(Times) The campaign for state regulation of the press was always absurd, not only because it was illiberal but because it was already far too late. “Newspapers, through whichever medium they are delivered .
Trump’s Plan to Keep America First in AI(WIRED) The US joined more than a dozen other countries with national AI strategies when President Trump signed an executive order to create the American AI Initiative.
Tinder lover must repay businessman’s £182,000(Times) A lovestruck businessman who handed £182,000 to a woman 20 years his junior after meeting her on the dating app Tinder has won a court fight to make her pay the money back. Marcel Kooter, 57...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cybersecurity, Privacy & Trust: A Media Perspective(San Francisco, California, United States, February 21, 2019) As cyberattacks escalate and public awareness around data privacy and security risks increases, companies are grappling with how to comply with regulations and restore consumer trust. From rethinking how...
RiskSec 2019(Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...
National Security Technology Forum and Exposition (NSTFX)(San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
BSides Huntsville(Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...
Border Security: Physical Wall vs. Virtual Wall(Arlington, Virginia, USA, February 18, 2019) Marymount University ISACA Student Group (MUISG) has its CyberNight at MU scheduled for 9 March 2019 from 6-8pm. Panelists will discuss Border Security: Physical vs Virtual Wall. This is an educational...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.