How to Build a Security Operations Center (SOC) on a Budget
Get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations. Get all 5 Chapters in 1 eBook. Download your free copy now.
February 26, 2019.
By the CyberWire staff
Eclypsium this morning released a study of potential security issues that arise with bare-metal cloud services. IBM, among the vendors affected, responded yesterday by requiring that all Baseboard Management Controllers "be reflashed with factory firmware before they are re-provisioned to other customers." Eclypsium says it's pleased to learn of this mitigation, but that they disagree with IBM's assessment of the vulnerability as "low severity"—Eclypsium thinks it more serious than that.
New research from the University of Cambridge and Rice University shows that computers with USB-C ports are more vulnerable to direct memory access attacks than previously thought. Current protection provided by input-output memory management units, or IOMMUs, was found to be insufficient. As a result, Cambridge says, many computers running Windows, macOS, and Linux can be compromised by peripheral devices like chargers. Complete remediation will require "changes in system design" on the part of the technology companies, which the researchers say is in progress. Until then, users are advised to avoid connecting untrusted devices to their platforms.
A hacker hijacked the Twitter account for the mayor of Tampa, Florida, and used it to post a series of vile and threatening tweets, including a fake ballistic missile warning. Naked Security notes that the "egregious nature" of the other tweets led most people to conclude that the account had been hacked, so the inbound missile alert was widely dismissed.
TurboTax didn't suffer a data breach, contrary to some reports. Rather, credential stuffing attacks hit an undisclosed number of accounts, Newsweek reports.
Today's issue includes events affecting Antigua and Barbuda, Argentina, Australia, Bahamas, Barbados, Belize, Bolivia, Brazil, Canada, Chile, China, Colombia, Costa Rica, Cuba, Dominica, Dominican Republic, Ecuador, El Salvador, European Union, Grenada, Guatemala, Guyana, Haiti, Honduras, Jamaica, Mexico, Nicaragua, Panama, Paraguay, Peru, Russia, Saint Lucia, Saint Vincent and the Grenadines, St. Kitts and Nevis, Singapore, Suriname, Trinidad and Tobago, United Arab Emirates, United Kingdom, United States, Uruguay, and Venezuela.
What if you could augment your security team by adding zero staff?
Cylance’s industry-leading security experts analyze your cybersecurity requirements and design solutions that meet and often far exceed objectives. Cylance secures our clients quickly using years of hard-won expertise, and world class artificial intelligence. Let Cylance help you achieve a state of ThreatZero, bolster your organization’s security posture, and zero in on what really matters.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Experience Deep Learning for Network Threat Protection at RSA 2019(San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
XM Cyber is coming to RSA(San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
Cyber criminals cash in on millions with formjacking: ISTR(CISOMAG) Formjacking attacks are simple – essentially virtual ATM skimming – where cyber criminals inject malicious code into retailers’ websites to steal shoppers’ payment card details. On average, more than 4,800 unique websites are compromised with formjacking code every month globally.
Eclypsium Bare Metal Cloud Research(Eclypsium) What are bare-metal cloud services? Organizations increasingly deploy their most sensitive and critical applications on bare-metal cloud offerings. These services let organizations easily scale their applications up or down without the cost and challenges of buying and maintaining their own hardware. Using bare-metal ensures they have complete control over the hardware for performance needs of critical applications and that sensitive data is not stored on a machine shared by another cloud customer. It is a high-end cloud option for the most sensitive applications.
The Gap Between Mobile Apps and Privacy(BankInfoSecurity) Why are we surprised about the amount and sensitivity of data that mobile apps collect? The online industry has never been forthright about it. That's why we're faced with a yawning gap between user expectations and true privacy. And it's why Facebook, Google, Apple and others have many questions to answer.
12 of the hottest startups at the RSA Conference 2019(CSO Online) These RSAC Early Stage Expo startups bring fresh cybersecurity solutions to fight phishing, improve application security, provide better cloud protections, enforce security policy, more accurately authenticate and more.
A Traveler's Guide to OPSEC(Decipher) Traveling can be a lot of fun, but it can also present myriad challenges when it comes to keeping your information and devices secure. A few simple steps and a little advance planning can go a long way to increasing your operational security.
More password-less logins are coming to Android(TechCrunch) The FIDO Alliance and Google today announced that Android (from version 7.0 up) with the latest version of the Google Play Services is now FIDO2 certified. At first glance, that sounds rather boring, but it will enable developers to write apps that use a phone’s fingerprint scanner or a FIDO …
The Truth about Business Risk Intelligence(SecurityWeek) Starting a business risk intelligence (BRI) program often requires overcoming challenges that involve resource allocation, operational bandwidth, or stakeholder support, to name a few.
Why Many Organizations Still Don't Get Security(Government Technology) Despite a growing number of security incidents and headline data breaches, many security and technology professionals express the view that their government or company or nonprofit organization doesn't make cybersecurity a priority. Here's how you can help.
Congress considers a national standard for data privacy(OODA Loop) This week, the US Congress will consider the establishment of nationwide data privacy rules. A Tuesday hearing of the Consumer Protection and Commerce Subcommittee, which is part of the House Energy and Commerce Committee, will be devoted to the issue, and on Wednesday it will be debated by the Senate Commerce, Science and Transportation Committee.
Europe is prepared to rule over 5G cybersecurity(TechCrunch) The European Commission’s digital commissioner has warned the mobile industry to expect it to act over security concerns attached to Chinese network equipment makers. The Commission is considering a defacto ban on kit made by Chinese companies including Huawei in the face of security and espi…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
5th Annual Cyber Security For Defense(Washington, DC, USA, June 26 - 28, 2019) Three days of engaging topics, workshops, case studies, and peer-to-peer networking from across the DoD and greater Intelligence Community. Featured topics include cloud security, blockchain, C4I security,...
QuBit Cybersecurity Conference(Sofia, Bulgaria, November 14, 2019) QuBit is a Cybersecurity Community Event connecting the East and West and it is already the 6th year on the cybersecurity market in CEE region. Based on the success in Prague, QuBit expanded further and...
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
BSides Columbus 2019(Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.