A defensive security posture is no match against today’s sophisticated adversaries—your organization needs to take a proactive approach to address these threats. To be successful, analysts need to understand the tactics, techniques, and procedures used against your organization. The key to understanding the adversary’s motives and patterns? Threat modeling, risk scoring, and gap analysis. Read more about the importance of threat modeling in our newest whitepaper, The Power of a Tailored Threat Model.
February 22, 2019.
By the CyberWire staff
The Sydney Morning Herald reports that investigators are closer to singling out Chinese intelligence services as responsible for attempts to gain access to Australian Parliamentary and political party systems. The attempts are thought consistent with Beijing's long-term goal of gaining insight into the Five Eyes' intelligence products and operations.
A wave of other attacks disclosed in Australia seem more straightforwardly criminal in their motivation. Ransomware, as the Age notes, has afflicted a number of targets over the past few months, including a hospital, the large corporate superannuation fund TelstraSuper, and the Roman Catholic Archdiocese of Melbourne.
Reuters says Kiev's SBU security service has charged Russia with organizing a large influence campaign to secure election of its preferred candidate in Ukraine's upcoming presidential election. Which candidate Moscow favors isn't specified, but the methods used cover everything from state-of-the-art troll farming to the kind of ground-game bribing of voters an early-20th-century Chicago ward heeler would immediately recognize.
Huawei's lower-cost, generally reliable, and good-enough devices may be too attractive for the telecom sector to forego, the Wall Street Journal says. The tide seems now to have set against US efforts to convince other countries to exclude Huawei from their 5G networks. Forbes notes that 5G security touches control systems as well as IT devices.
If your phone seems to be losing its charge much faster than it ought to, Oracle may have a diagnosis. Its researchers have discovered an ad-fraud scheme they're calling DrainerBot that sucks prodigious amounts of both power and data.
Headed to San Francisco in March? Skip the rush of the show floor and book your threat hunting session in advance. ExtraHop puts you in the cockpit with network traffic analysis so you can be the blue team as an attack unfolds, reconstruct a database exfiltration, and more. Schedule your demo now to explore security at enterprise scale at RSA!
Experience Deep Learning for Network Threat Protection at RSA 2019(San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
Visit LookingGlass at RSA 2019 to Handle Your Risky Business(San Francisco, California, United States, March 4 - 8, 2019) Join LookingGlass at RSA 2019 to learn more about how we can help you manage your organization’s risky business. Get a free expo pass when you reserve a personal, in-depth demo tailored to your security needs!
XM Cyber is coming to RSA(San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
Huawei And Facing Up To 5G-Related Cyber Risks(Forbes) Does it matter, that in spite of efforts by the U.S. government, and a history of cyber intrusion from China, Germany and the U.K. are poised to allow Huawei equipment to be part of their 5G networks? Yes, so we need to pay more attention to securing our physical infrastructure, not just networks.
Toyota Aust still affected by cyber attack(Cowra Guardian) Toyota Australia's corporate IT systems remain offline days after an attempted cyber attack on the company. The company's dealer network remains up and runnin...
Catholic Church, major super fund and Toyota hit by cyber attacks(The Age) A day after The Age revealed that a cyber crime syndicate hacked and scrambled the files of Melbourne Heart Group, a cardiology unit based at Cabrini Hospital, it can also be revealed that the entire Melbourne Archdiocese was also recently the subject of a brazen attack.
Shifting in the Wind: WINDSHIFT Attacks Target Middle Eastern Governments(Unit42) Executive Summary In August of 2018, DarkMatter released a report entitled “In the Trails of WINDSHIFT APT”, which unveiled a threat actor with TTPs very similar to those of Bahamut. Subsequently, two additional articles (here and here) were released by Objective-See which provide an analysis of some validated WINDSHIFT samples targeting OSX systems. Pivoting on
US Stryker Vehicles in Europe Have Deep Cyberwar Weaknesses - Pentagon Report(Sputnik) The two newest versions of the US Army’s Stryker combat vehicle in Europe have “cybersecurity vulnerabilities that can be exploited,” a US Department of Defense report reveals. It’s a growing problem for the US’ high-tech vehicles and weapons systems ‒ and one that reflects the priorities of the military-industrial complex, an expert tells Sputnik.
Google removes 28 fake apps from Play Store: Quick Heal(The Indian Express) Google has removed 28 fake apps from its Play Store with the most downloaded being Virtual Data with over 10,000 downloads, followed by Bike insurance Advisor, Health Cover and Chit Funds with more than 5,000 downloads each.
Dark Web Market Price Index - 2019 (UK Edition)(Top10VPN) We’ve been monitoring the thriving illicit trade in stolen personal info to create this annual update to the Price Index. Hacked data is cheap on the dark web: most individual accounts continue to sell for less than £10, even big names like Apple, Fortnite, Netflix and Airbnb. Notable exceptions to the rule include Amazon and British Airways accounts, which have soared in value since last year.
Are zero-day exploits the new norm?(CSO Online) Research from Microsoft's Matt Miller shows that every actively exploited Windows vulnerability in 2017 was first done using a zero-day attack. Other research shows this trend extends across the IT landscape.
Understanding the mobile threat landscape in 2019(Wandera) It should be another momentous year for mobile security, with cyber attacks growing rapidly in sophistication and distribution. This report will cover the key mobile security trends that emerged last year as well as summarize thoughts for the mobile threat landscape for the year ahead.
BlackBerry Completes Acquisition of Cylance(Cylance) BlackBerry Limited (NYSE: BB; TSX: BB) today completed its previously-announced acquisition of Cylance, a privately-held artificial intelligence and cybersecurity company based in Irvine, California.
Bkav releases free tool to check server security(SGGP English Edition) Bkav Corporation has just introduced a free tool to help network administrators to check the security status of their servers against bruteforce attacks on password of remote desktop services. This tool can be accessed at http://tools.whitehat.vn/online/84.
Creating Civic Collaboration on Cyber for Cities(Meritalk) A paper released by think tank New America on Thursday recommends that local governments build partnerships with Federal, state, and other local partners to prepare for major cyberattacks. At the Federal level, strategies for doing helping cities include providing grants targeted specifically to cybersecurity help, the report suggests.
Why Social Network Analysis Is Important(News from the Lab) I got into social network analysis purely for nerdy reasons – I wanted to write some code in my free time, and python modules that wrap Twitter’s API (such as tweepy) allowed me to do s…
There is more to cyber risk than security, says thryve expert(Intelligent CIO Middle East) Riaan Bekker, Force Solutions Manager at thryve, which provides risk and governance management technologies, says cyber risk isn’t just about security; it has become a serious issue of business continuity and is the core responsibility of executives of businesses of any size to protect shareholder value. Risk experts hold no doubts. The changes technology is […]
Lawmakers probe for Stingray info in funding bill(FCW) Congress wants to know more about how the Department of Homeland Security and state and local partners use cell-site simulators and whether they are complying with existing departmental regulations.
California to close data breach notification loopholes under new law(TechCrunch) California, which has some of the strongest data breach notification laws in the U.S., thinks it can do even better. The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the req…
Canada Helping Australia Determine 'Full Extent' of Hack(SecurityWeek) Canada's Communications Security Establishment (CSE ) said it is working with Australia to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election.
Consumer groups accuse Facebook of duping children(Silicon Valley Business Journal) The Federal Trade Commission has been asked to investigate whether Facebook violated consumer protection and child privacy laws by duping children into making in-app purchases in Angry Birds and other games
Lawyers call for judges to learn emojis(Times) To a typical High Court judge, a text message containing an aubergine or a maple leaf might seem fairly innocuous. Senior lawyers, however, are urging the judiciary to learn to interpret the use of...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
U.S. Commercial Service at RSAC2019(San Francisco, California, USA, March 4 - 8, 2019) In partnership with RSA Conference 2019, we at the U.S. Department of Commerce are excited to offer U.S. exhibitors at RSAC 2019 services to assist in entering or increasing their presence in international...
2019 Air Force Intelligence Community Security Review Board (SRB)(San Antonio, Texas, USA, March 16 - February 19, 2019) The 2019 Air Force (AF) Intelligence Community (IC) Security Review Board (SRB) is set to convene on 16 & 17 April 2019 at the Omni San Antonio Hotel at the Colonnade, San Antonio, TX. This two-day event...
ACSC 2019: Collaborate(Boston, Massachusetts, USA, November 7, 2019) The 2019 Annual Conference is a chance for ACSC members and people from the New England cybersecurity community to come together and share information, network, and learn about the latest information in...
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
BSides Columbus 2019(Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.