How to Build a Security Operations Center (SOC) on a Budget
Get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations. Get all 5 Chapters in 1 eBook. Download your free copy now.
February 28, 2019.
By the CyberWire staff
Intel has ditched its 5G deal with Unisoc, China's second-largest mobile chip developer, due in part to worries that the partnership would complicate matters in Washington, Nikkei reports. Intel says the decision was mutual, and that there was no political pressure from the US.
Research from Secureworks on a suspected Chinese threat actor known as Bronze Union (or APT27) highlights the group's flexibility and persistence. The hackers use updated versions of tools that have been publicly available for over a decade, as well as custom-made malware, to conduct espionage and theft, including stealing secrets about "cutting-edge weapons technologies."
Security researcher Bob Diachenko discovered the Dow Jones risk screening database residing on a publicly-accessible Elasticsearch cluster, TechCrunch says. The watchlist contains open-source data on 2.4 million potentially risky individuals and business entities. A Dow Jones spokesperson said the leak was due to an "authorized third party’s misconfiguration of an AWS server."
Facebook will finally release its "Clear History" feature later this year, the Telegraph notes. The tool, which was first announced last May, will allow users to delete data collected by Facebook from third-party apps and websites. According to The Verge, Mark Zuckerberg said the tool will be similar to clearing one's browser history.
ZDNet reports that the Coinhive cryptomining service, infamous for its widespread use in cryptojacking campaigns, will shut down in March. The company said in a blog post that the project is no longer "economically viable" due to a recent hard fork and the gradual devaluation of Monero.
What if you could augment your security team by adding zero staff?
Cylance’s industry-leading security experts analyze your cybersecurity requirements and design solutions that meet and often far exceed objectives. Cylance secures our clients quickly using years of hard-won expertise, and world class artificial intelligence. Let Cylance help you achieve a state of ThreatZero, bolster your organization’s security posture, and zero in on what really matters.
And Hacking Humans is up. In this episode, "Delivering yourself to a kidnapper," Joe describes fraudsters taking advantage of top-level domain name confusion. Dave explains how a Google Nest security system shipped with an undocumented microphones. Our catch of the day involves a postcard missed package campaign. Our guest is Matt Devost from OODA LLC describing their work protecting high-net-worth individuals.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Experience Deep Learning for Network Threat Protection at RSA 2019(San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”
Register for the RSA Conference 2019 today!(San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.
XM Cyber is coming to RSA(San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
Cybersecurity czar warns of looming threats (Salem News) The state faces myriad threats from hackers and rogue nations trying to get into the computer systems of governments, businesses and individuals to steal confidential information and financial data, according to Massachusetts’ new cybersecurity czar.
Cybercriminals spend like rockstars(SC Media) A recent study found cybercriminals living like the upper echelon of society by converting their money into assets, flashy jewelry, and expensive cars
Industry Looks Towards ICAM Policy Updates(MeriTalk) With growing interest in cloud, mobility, and zero-trust technology, industry leaders in the identity credential access and management (ICAM) space are seeing a divergence between the existing policy of Common Access Card (CAC) and personal identity verification (PIV) cards, and new technology.
Secureworks CEO Joins the ExtraHop Board of Directors(Business Wire) ExtraHop, provider of enterprise cyber analytics from the inside out, today announced Michael Cote, President and CEO of Secureworks and a member of its Board of Directors, has joined the board of directors of ExtraHop.
Symantec Advances Integrated Cyber Defense Platform(eWEEK) Symantec is expanding its Integrated Cyber Defense (ICD) platform with new management and data exchange capabilities that enables organizations to gain better visibility and control over threat mitigation.
Capsule8 Protect Achieves PCI DSS Certification(Capsule8) Capsule8’s comprehensive protection platform for Linux production systems exceeds standards for intrusion detection and prevention systems, file integrity monitoring and anti-virus requirements.
Ohio Elections Chief Backs Cyberdefense Legislation(Government Technology) A proposal to create a civilian reserve force to fight back against cyberattacks got the support of Secretary of State Frank LaRose, who testified before a Senate oversight committee Tuesday.
Kaspersky Lab Really Can't Catch a Break(Gizmodo) Russian cybersecurity firm Kaspersky Lab has struggled to regain its reputation after it was accused of aiding Russian intelligence operations and its software was banned from use by the U.S. government. But on Tuesday, another layer of mystery was added to the story when a Russian court convicted a senior researcher at Kaspersky Lab of state treason in the interest of the United States.
TikTok fined $5.7m for violating children's privacy(The Telegraph) A video sharing app popular with children has said that it will remove content uploaded by users under 13 years old and instead guide them to age-appropriate content as part of a settlement with US regulators.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
BSides Columbus 2019(Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.