Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
February 14, 2019.
By the CyberWire staff
The US Department of Justice has unsealed an indictment against Monica E. Witt, also known as Fatemah Zahra, a former US Air Force technical sergeant who served as a counterintelligence specialist and Farsi linguist. She left the Air Force in 2008 but continued to work as a Government contractor through 2010. Before she defected to Iran in 2013, the Washington Post reports, the FBI warned her she was probably the target of recruitment by Iranian intelligence, and she promised to be careful.
Her turn in sympathies may have been marked by her attendance of a New Horizons Organization conference in Iran on "Hollywoodism," or the depravity of American popular culture. The indictment alleges that after her defection Ms Witt created dossiers ("target packages") for Iranian intelligence services on her former colleagues in counter-intelligence, thereby contributing to the social engineering of US security and intelligence personnel. Four Iranians were also indicted.
In a coordinated action, the US Treasury Department announced sanctions against the four Iranians and the New Horizons Organization.
Stolen PII usually turns up for sale in some dark web souk, but that hasn't happened with data lost in 2017's big Equifax breach: the information's nowhere to be found. CNBC speaks with sources who are convinced that a foreign intelligence service has the data. It's possible that a common criminal stole the information and then decided it was too hot to fence, but that's looking increasingly unlikely. PII are of course useful in social engineering, that is, in recruiting agents.
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with Malek Ben Salem from our partners at Accenture Labs. She talks about ways of reducing containers' attack surface. Our guest is Kevin McNamee from Nokia, with results from their recent threat intelligence report.
And Hacking Humans is up, with a special St. Valentine's Day edition, "The trauma is multifactored." Joe and Dave, those well-known experts in matters of the heart, examine romance scams, including the sad tale of a woman bilked out of hundreds of thousands of dollars. There's a silly, non-murdering catch of the day, and Dave interviews Max Kilger from UTSA on the six motivations of bad actors.
Cyber Security Summits: February 13th in Atlanta and on April 2nd in Denver(Atlanta, Georgia, United States, February 13 - April 2, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Darktrace and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Rapid Prototyping Event: The Needles in the Haystack(Columbia, Maryland, United States, February 26 - 28, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which we hope to find a solution that can not only 'map' the network in the traditional sense but provide inferences as to the most important servers, workstations or hardware devices. Once these assets are identified they could be isolated, replicated or studied closely via live forensics.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
Extensive 'Living Off the Land' Hides Stealthy Malware Campaign(TechBizWeb) Researchers have detected a new, stealthy Astaroth trojan campaign emanating from and centered in Brazil, but spreading to parts of Europe. Named after ‘the Great Duke of Hell’ because of its use of satanic variable names, Astaroth has been around since late 2017. The latest campaign, discovered by the Cybereason Nocturnus Research team, uses an …
Phishing for love in all the wrong places(Avira Blog) With the arrival of Valentine’s Day, cybercriminals are shifting over to sending out bogus e-cards full of passion, moving away from their previous emails about parcels and invoices.
The Scarlet Widow Gang Entraps Victims Using Romance Scams(BleepingComputer) We often hear about sextortion, business email compromise (BEC), and inheritance scams, but the often overlooked "Romance Scams" could be the most insidious of them all. Not only do victims lose money, but the emotional entanglement ultimately leads to heartbreak.
Dragos Releases Industrial Control Systems 2018 Year in Review Reports(AP NEWS) Dragos, Inc. , provider of the industry’s most trusted industrial threat detection and response platform and services, released its annual industrial controls system (ICS) 2018 Year in Review reports today. These annual Year in Review reports provide important metrics and findings from the Dragos team’s first-hand experience tracking ICS adversaries, identifying vulnerabilities and threats, and performing assessments, threat hunts, and incident response in industrial environments.
Real-Time Payments and The Growing Obsolescence of Cash(Rambus) David Worthington, VP, Payments at Rambus According to this year’s World Payments Report, compiled by Capgemini and BNP Paribas, the global volumes of non-cash transaction volumes grew by 10.1%, reaching 482.6 billion between 2015 and 2016. In addition, McKinsey’s recent Global Payments 2018report highlighted an 11% growth generated by payments, which topped $1.9 trillion in …
Acunetix Web Application Vulnerability Report 2019 | Acunetix(Acunetix) Acunetix compiles an annual web application vulnerability report in order to provide security experts and interested parties with an analysis of data on vulnerabilities gathered over the previous year. The 2019 report contains the results and analysis of vulnerabilities, detected from the automated web and network perimeter scans run on the Acunetix Online platform, over …Read More →
The infosec reckoning has arrived(TechCrunch) 2018 represented a record year for venture capital investment into information security, but this isn’t a positive trend – and it definitely doesn’t mean we’re more secure. An unwarranted percentage of solutions being funded are not solving the problems defenders face the most. And with high number…
Photon Research Team Shines Light On Digital Risks(Digital Shadows) I'm very excited to announce the launch of the Digital Shadows' Photon Research Team. We have decided to bolster our existing analyst capabilities with a dedicated team that is 100% focused on researching external digital risks and how threat actors leverage them to exploit organizations.
Menlo’s Vision to Revolutionize Web Security(Menlo Security) In the technology industry, the word “visionary” refers not just to the ability to see the future, but to actually change it. Quite a few companies achieve the first part of this definition. Very few pull off the second part.
UK web security firm expands to Mideast(Trade Arabia) Sectigo (formerly Comodo CA), a UK-based leader in web security solutions, announced expansion to the Middle East through market-leading partners, including BroadBITS, Checksum Consultancy Co., and Hayyan Horizons.
More resources needed to improve connected car security(Security Boulevard) Connected car security is a priority of the automotive industry, according to a recent report. But the shortage of resources and skills is a challenge. This is Part 2 of a three-part interview about cyber security practices in the automotive industry. Part 1 introduced automotive cyber security challenges. Part 3 is coming soon. Synopsys and SAE The post More resources needed to improve connected car security appeared first on Software Integrity Blog.
Recommendations on 5G and National Security(Scowcroft Center for Strategy and Security) China’s aggressive attempt to subsidize the development of global 5G networks as a tool of Beijing’s geopolitical and economic power requires an urgent and robust, public- and private-sector response from the United States government, its allies, and partners to bring secure 5G technology to our allies.
Intel: How an Air Force vet’s indictment reveals US vulnerability to Iranian cyber-espionage(Al-Monitor) The Justice Department handed down a 27-page indictment today charging a former Air Force intelligence officer with passing classified information to the Islamic Revolutionary Guard Corps (IRGC). The indictment also charges four hackers allegedly linked with the Tehran-based military command. Why it matters: Today’s indictment shows increased Iranian interest in cyberespionage....
Reddit says government data requests more than doubled in 2018(TechCrunch) Reddit has said the number of government requests for user data more than doubled in 2018 than on the previous year. The news and content sharing site said in its latest transparency report, posted Wednesday, it received 752 requests from governments during the year, up from 310 requests a year ear…
FAIR Institute Breakfast Meeting during the 2019 RSA Conference(San Francisco, California, USA, March 6, 2019) Join us and fellow cyber risk executives to learn from other industry leaders about their experiences: Marta Palanques, Director, Enterprise Risk Management and Steve Reznik, Director, Operational Risk...
Annual Cybersecurity Conference for Executives(Baltimore, Maryland, USA, March 13, 2019) Computer breaches seem to be increasing in frequency and severity around the world, causing the leadership of organizations large and small to assess whether they’re doing enough to protect their data.
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
BSides Huntsville(Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...
Border Security: Physical Wall vs. Virtual Wall(Arlington, Virginia, USA, February 18, 2019) Marymount University ISACA Student Group (MUISG) has its CyberNight at MU scheduled for 9 March 2019 from 6-8pm. Panelists will discuss Border Security: Physical vs Virtual Wall. This is an educational...
Insider Threat Program Development-Management Training Course(Herndon, Virginia, USA, February 18 - 19, 2019) Insider Threat Defense announced it will hold its highly sought after 2 day Insider Threat Program Development-Management Training Course, in Herndon, VA, on February 19-208, 2019. This 2 day training...
CPX Europe 360 2019(Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.