Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
February 13, 2019.
By the CyberWire staff
Yesterday was Patch Tuesday. Microsoft released fixes for seventy-six vulnerabilities, twenty of which Redmond classified as "critical." Adobe also patched, as is its custom, offering security updates for Flash Player, Acrobat/Reader, the ColdFusion programming language, and the Creative Cloud desktop app.
Carbon Black has found a new strain of Shlayer, macOS malware first observed last year by Indego. This version of Shlayer, notable for both its obfuscation and its privilege escalation capabilities, has been downloaded from multiple sites. Its most common guise is that of a bogus Adobe Flash software update.
Nozomi has published its research into GreyEnergy, malware ESET discovered in 2018. A successor to BlackEnergy, GreyEnergy has been used against infrastructure targets in Ukraine and elsewhere. Nozomi points out a feature that tends to make the malware resistant to reverse engineering: it's surrounded by a lot of junk code.
China has got around to officially denying it had anything to do with an attempted hack of Parliament in Canberra, the Australian reports. Beijing's Foreign Ministry says it's another move in a smear campaign.
Tomorrow is St. Valentine's Day. (And you're welcome for that reminder.) As you thrash around online in last-minute searches for gifts, tokens of esteem, or indeed for love itself, beware. The cybercriminals read the same calendar you do, and they're primed to take advantage of any eleventh-hour desperation. Be especially wary of online offers of chocolate, cards, flowers, and so forth. Hackers speak the language of love, but they do so with a serpent's tongue.
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
Cyber Security Summits: February 13th in Atlanta and on April 2nd in Denver(Atlanta, Georgia, United States, February 13 - April 2, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Darktrace and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Rapid Prototyping Event: The Needles in the Haystack(Columbia, Maryland, United States, February 26 - 28, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which we hope to find a solution that can not only 'map' the network in the traditional sense but provide inferences as to the most important servers, workstations or hardware devices. Once these assets are identified they could be isolated, replicated or studied closely via live forensics.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
Cyber Attacks, Threats, and Vulnerabilities
TAU Threat Intelligence Notification: New macOS Malware Variant of Shlayer (OSX) Discovered(Carbon Black) Carbon Black’s Threat Analysis Unit (TAU) recently discovered a new variant of a family of macOS malware which was first discovered in February of 2018 by researchers from Intego. TAU has obtained new samples of this malware and observed downloads of the malware from multiple sites, primarily disguised as an Adobe Flash software update. Many of the …
Manipulating an Indian politician’s tweets is worryingly easy to do(TechCrunch) Here’s a concerning story from India, where the upcoming election is putting the use of social media in the spotlight. While the Indian government is putting Facebook, Google and other companies under pressure to prevent their digital platforms from being used for election manipulation, a jou…
IBM Warns Retailers of Trojan Threat(Security Boulevard) IBM has issued a cybersecurity advisory warning about an attack method originally developed for defraud banks that now is being applied to the retail
Instagram confirms that a bug is causing follower counts to change(TechCrunch) Instagram confirmed today that an issue has been causing some accounts’ follower numbers to change. Users began noticing the bug about 10 hours ago and the drastic drop in followers caused some to wonder if Instagram was culling inactive and fake accounts, as part of its fight against spam. We’re a…
Security Patches, Mitigations, and Software Updates
Patch Tuesday, February 2019 Edition(KrebsOnSecurity) Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system.
The State of the Federal IT Landscape(OneLogin) For the State of the Federal IT Landscape report, OneLogin commissioned CITE Research to conduct an online, in-depth survey of 150 federal IT professionals in the United States. The goal of the survey was to understand: The current federal IT landscape; Security concerns and challenges facing federal agencies; IT plans with regard to the cloud; Technologies in use or being considered to address concerns
What Cybersecurity Pros Wish Businesses Would Understand(Bricata) Cybersecurity professionals want business leaders to know they exist to protect the business, they need budget and resources to do that effectively, and that security world is highly dynamic so things can and do change.
2019 Healthcare Report(SecurityScorecard) SecurityScorecard looked at over 26,000 healthcare companies in 2018. Some struggles continue within the healthcare industry as companies fail to protect patient and organizational data, creating vulnerabilities that need to be patched to improve their security posture.
Virtual Assistants and Consumer AI(Clutch) People use virtual assistants such as an Amazon Echo or Google Home for simple tasks such as playing music and benefit from access to information. The value of virtual assistants will increase, however, when the technology becomes more in-tune to the context of voice commands and when connected to other devices. Read More
No need for trenches in cyber-warfare, when all you need is a computer(Arab News) Cyber-warfare allows anyone to hack and take over billboards, television stations and even speeches far from where the conflict is and from the comfort of their own homes, warned information security researcher and analyst Rodrigo Bijou on Tuesday. “Cyberfare goes beyond just hacking a few computers and systems, it is the manipulation of the very fabric of society, online and offline,” Bijou told audience members at a packed hall Dubai’s World Government Summit.
Elevate Security announces $8M Series A to alter employee security behavior(TechCrunch) It’s well understood that many network breaches begin with phishing emails designed to trick users into giving hackers their credentials. They don’t even have to work to find a vulnerability, they can just waltz in the front door. Elevate Security, a San Francisco startup, wants to chan…
Qualys Buys Software Assets Of Cloud Security Startup Adya(CRN) Qualys says its acquisition of cloud security startup Adya will help with managing license costs across SaaS applications, setting and enforcing security policies in a single place, and auditing all activity using a single tool.
Trust Automation Launches New Cyber Defense Division(Trust Automation) Trust Automation Inc., a supplier of automation systems for defense and industrial applications, has created a new operating division that will develop and deliver the next generation of cyber defense technologies.
INSA Elects New Board Members(Washington Executive) Six new members have joined the Intelligence and National Security Alliance 2019 board of directors, the organization announced.
Products, Services, and Solutions
Trustworthy Accountability Group Launches New Anti-Piracy Initiative to Protect European Brands(Business Journals) The Trustworthy Accountability Group (TAG), an advertising industry organization that fights criminal activity in the digital advertising supply chain, today launched Project Brand Integrity, a new initiative to protect European brands from association with illegal stolen content by alerting advertisers or their agencies to ads running on pirate sites in Europe.
IDEMIA and Kudelski Group Launch Global Partnership to Simplify IoT Connectivity and Security(Kudelski IoT Security Suite) The companies will integrate Kudelski’s IoT Security Platform into IDEMIA’s DAKOTA IoT (eUICC) and TSM (Trusted Service Management) solutions. The joint solution provides combined network connectivity management and IoT security in a single eUICC (embedded Universal Integrated Circuit Card) for IoT devices. This will allow IoT device manufacturers to simplify the integration process and speed …
Kaspersky Lab automates training platform(IT-Online) In 2017, 59% of South African companies attributed weaknesses in their IT security strategy to the careless actions of employees. With staff training seen as an important way to reduce cybersecurity incidents, finding the most efficient approach remains a pain point for many IT departments. To help companies address the issue, Kaspersky Lab has developed …
Some Equifax credit file locks have expired. Did yours?(KOMO) A heads-up for anyone who signed up for the free credit lock offered by Equifax following their massive data breach in 2017. Your complimentary subscription to TrustedID Premier expired on Jan. 31. That means your account is now unlocked, unless you took steps to re-secure it. Equifax sent subscribers of TrustedID Premier a series of emails about the change and gave them the option to extend for a year, using a different program.
Lawmakers back bill to isolate Russian internet(The Times of India) Rest of World News: MOSCOW: Lawmakers on Tuesday backed a bill that could cut off Russia's internet traffic from foreign servers, a move critics say is a step towards cen.
FAIR Institute Breakfast Meeting during the 2019 RSA Conference(San Francisco, California, USA, March 6, 2019) Join us and fellow cyber risk executives to learn from other industry leaders about their experiences: Marta Palanques, Director, Enterprise Risk Management and Steve Reznik, Director, Operational Risk...
Maryland Cyber Day(Hanover, Maryland, United States, April 11, 2019) Maryland Cyber Day is a combination of two events, MD Cyber Day Marketplace followed by MD Cybersecurity Awards Celebration. Marketplace features cybersecurity innovation, an expo, technology demos, “Ask...
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
BSides Huntsville(Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...
Border Security: Physical Wall vs. Virtual Wall(Arlington, Virginia, USA, February 18, 2019) Marymount University ISACA Student Group (MUISG) has its CyberNight at MU scheduled for 9 March 2019 from 6-8pm. Panelists will discuss Border Security: Physical vs Virtual Wall. This is an educational...
Insider Threat Program Development-Management Training Course(Herndon, Virginia, USA, February 18 - 19, 2019) Insider Threat Defense announced it will hold its highly sought after 2 day Insider Threat Program Development-Management Training Course, in Herndon, VA, on February 19-208, 2019. This 2 day training...
CPX Europe 360 2019(Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.