How to Build a Security Operations Center (SOC) on a Budget
Get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations. Get all 5 Chapters in 1 eBook. Download your free copy now.
February 25, 2019.
By the CyberWire staff
The Internet Corporation for Assigned Names and Numbers (ICANN) warned Friday that the Domain Name System (DNS) is dangerously vulnerable, and urges swift and widespread adoption of DNSSEC. Some of the DNS hijacking of the last few months appears to be state-directed: SecurityWeek quotes FireEye as attributing a significant fraction of such activity to Iran.
BleepingComputer's forum is discussing an outbreak of B0r0nt0K ransomware. Details are sparse, and analysts are as of this writing still looking for samples, but the infestation is known to have appeared in Linux-based servers. Windows users may also be susceptible. The ransom demands are running at about $75 thousand, payable in Bitcoin.
University researchers disclose a proof-of-concept they say could expose 4G and 5G networks to interception of phone calls and geotracking of users, TechCrunch reports.
The Wall Street Journal reports that heath and fitness app vendors have begun to stop sharing sensitive personal data with Facebook. Facebook itself said that it works to avoid this kind of sharing in the first place. New York State has opened investigations into the matter.
As governments continue to decide how to address the security concerns that surround Huawei equipment, WIRED describes how GCHQ vets the Chinese manufacturers products at its Huawei Cyber Security Evaluation Centre.
TASS is authorized to disclose that Russia's embassy in Vienna has sustained cyberattacks evidently aimed at disrupting consular services. Bots booked appointments, inevitably became no-shows, and thereby prevented actual people from getting consular sessions. The embassy says it's restored services to normal.
Today's edition of the CyberWire reports events affecting Australia, Austria, China, Croatia, Estonia, European Union, India, Indonesia, Iran, Iraq, Israel, New Zealand, Russia, Thailand, Turkey, United Kingdom, United States.
What if you could augment your security team by adding zero staff?
Cylance’s industry-leading security experts analyze your cybersecurity requirements and design solutions that meet and often far exceed objectives. Cylance secures our clients quickly using years of hard-won expertise, and world class artificial intelligence. Let Cylance help you achieve a state of ThreatZero, bolster your organization’s security posture, and zero in on what really matters.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Experience Deep Learning for Network Threat Protection at RSA 2019(San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
XM Cyber is coming to RSA(San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
Popular Apps Cease Sharing Data With Facebook (Wall Street Journal) Popular health and fitness apps scrambled to stop sending sensitive personal information to Facebook after The Wall Street Journal reported Friday many were transmitting detailed information about topics including their users’ weight and menstrual cycles.
Bank of Valletta: €13M Cyberattack Highlights Bitcoin's Strength(Bitcoinist.com) Yet another financial institution, Malta's Bank of Valletta, has fallen victim to a cyber attack, rendering many clients, both individuals, and Malta's Bank of Valletta, has fallen victim to a cyber attack, rendering many clients, both individuals, and businesses, unable to access their funds.
YouTube hijacked by anti‑vaxxers(Times) YouTube has become such a hotbed for medical conspiracy theories that it can take only three clicks for an innocuous search to lead users to a stream of anti-vaccination propaganda. A Sunday Times...
Cyber-Mercenary Groups Shouldn't be Trusted in Your Browser or Anywhere Else(Electronic Frontier Foundation) DarkMatter, the notorious cyber-mercenary firm based in the United Arab Emirates, is seeking to become approved as a top-level certificate authority in Mozilla’s root certificate program. Giving such a trusted position to this company would be a very bad idea. DarkMatter has a business interest in...
Sensitive personal and business data makes law firms attractive to hackers(Daily Record) Whether they are large or small, law firms tend to be targets for hackers for many reasons. They have personal identifiable information and possibly confidential medical records, business, trade secret or proprietary information and classified government documents. “All of which is really valuable especially in the wrong hands,” said Matthew Esworthy, partner at Bowie and Jensen ...
Payroll Provider Gives Extortionists a Payday(KrebsOnSecurity) Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days.
Don't Take the Bait! How to Steer Clear of Tax Time Scams(McAfee Blogs) For cybercriminals tax time is the most wonderful time of the year. They are in the shadows giddy, eager, and methodically setting a variety of digital Phishing emails, malicious links, and phone calls demanding payment — all of these scams are designed to gain access to your tax refund or your data. Here's some insight on how to safeguard your family agains tax time scams.
International Cyber Benchmarks IndexTM(Neustar) The International Cyber Benchmarks Index is an initiative of the Neustar International Security Council which assesses the international cybersecurity landscape from the vantage point of security professionals across the EMEA and US regions
Deepfakes and the New Disinformation War(Foreign Affairs) Thanks to the rise of “deepfakes”—highly realistic and difficult-to-detect digital manipulations of audio or video—it is becoming easier than ever to portray someone saying or doing something he or she never said or did, with potentially disastrous consequences for politics.
ZTE aims to regain lost glory with 5G technologies at MWC 2019(TelecomLead) ZTE announced it will showcase its 5G technologies at the Mobile World Congress (MWC 2019). ZTE is trying to expand its 5G network solutions to global telecom markets at a time when US is trying to block Huawei from 5G network deals. US President Donald Trump said on Friday that he doesn’t seek to artificially …
Imperva Makes Major Expansion in Application Security(Imperva) When Imperva announced in 2018 it would acquire the application security solution provider Prevoty, a company I co-founded with Julien Bellanger, I knew it would be a win-win for our industry. Prevoty’s flagship product, Autonomous Application Protection, is the most mature, market-tested runtime application self-protection (RASP) solution (as proof, Prevoty was just named a Silver …
American firms need to be aware of GDPR guidelines(Daily Record) A recent $57 million fine of Google for alleged violations of personalized data is the best reason yet for U.S. organizations to finally pay attention to the EU’s new General Data Protection Regulation (GDPR), according to Rick Arthur, chief information technology and security officer at Hartman Executive Advisors in Timonium.
Security Analysts Are Only Human(Dark Reading) SOC security analysts shoulder the largest cybersecurity burden. Automation is the way to circumvent the unavoidable human factor. Third in a six-part series.
Digital gangsters threaten to kill democracy(Times) The main news of the past week was not the splintering of our calcified political system. It concerned attacks on it from outside. A devastating report from a Commons committee looking at...
Summit cautions against misuse of cyber space by anti-state elements(Daily Times) Speakers at a summit on cyber security Friday said that internet is a popular part of daily life and an amazing resource of information, connectivity and entertainment, but at the same time it is also a breeding ground for criminal and terrorist activities where one’s every move can be monitored and information compromised. The summit …
Russian Hacker Who Used Neverquest Malware To Steal Money From Victims’ Bank Accounts Pleads Guilty In Manhattan Federal Court(US Department of Justice) Geoffrey S. Berman, the United States Attorney for the Southern District of New York, and William F. Sweeney Jr., Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced that STANISLAV VITALIYEVICH LISOV, a/k/a “Black,” a/k/a “Blackf” (“LISOV”), pled guilty today to conspiring to deploy and use a type of malicious software known as NeverQuest to infect the computers of unwitting victims, steal their login information for online banking accounts, and use that information to steal money out of the victims’ accounts.
One in Four Children Victim of Cyber Bullying(Total Croatia) An expert conference was held in Zagreb earlier this week on the unacceptable behaviour of young people on social media and the Internet, hearing the challenges experts face in everyday work with children and youth as a result of their use of digital technologies, because of which one in three children in Croatia is exposed to inappropriate content and abuse, while many are exposed to cyber bullying.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
QuBit Cybersecurity Conference(Sofia, Bulgaria, November 14, 2019) QuBit is a Cybersecurity Community Event connecting the East and West and it is already the 6th year on the cybersecurity market in CEE region. Based on the success in Prague, QuBit expanded further and...
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
BSides Columbus 2019(Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.