What if your security solution could provide zero doubt?
A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.
January 7, 2019.
By the CyberWire staff
Investigation into the doxing campaign ("#hackerangriff") against German political figures continues. Bild reports that the BSI intelligence service asked US counterparts (in NSA especially) to lean on Twitter to isolate and take down accounts involved in distributing the leaked material. The BSI is said to have argued to NSA that some US citizens were also victims of the incident; thus assistance would be in order (Bloomberg). Interior Minister Seehofer has promised transparency in the investigation, with an interim report due out by midweek (Süddeutsche Zeitung).
On Friday Marriott released more results of investigation into its Starwood reservation systems breach. The good news is that fewer customers than feared were affected. The bad news is that the compromised data include a lot of unencrypted passport information. Marriott had initially believed the number of guests affected was around 500 million; the hospitality company now regards 383 million as the upper limit, and believes with "a fair degree of certainty" that the actual number is lower still. But the hackers accessed 5.25 million unencrypted (and more than 20 million encrypted) passport numbers. Roughly 8.6 million encrypted paycards were also exposed in the incident. Marriott doesn't believe the attackers got the master encryption keys (Washington Business Journal).
The breach at Town of Salem (the role-playing game, not the Massachusetts city) affected around 7.6 million players (HackRead). There's reason to think security-proud gamers may present hackers surprisingly easy targets of opportunity: McAfee thinks the average PC gamer has been hacked five times (Help Net Security).
Visualize Your Network Like the Most Infamous Hackers
Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Russia Or The Far-Right: Who Hacked German Politics?(Forbes) As German society gets to grips with the sheer size of a data leak that encompasses public figures from Chancellor Angela Merkel to TV presenter Christian Ehring, speculation starts over who was behind the hack with both Russia and the far-right of German politics under the spotlight.
Cyberattaque de politiciens en Allemagne : Proofpoint commente(Global Security Mag Online) Un peu plus tôt dans la journée, le gouvernement allemand a révélé que des centaines de politiciens, incluant la chancelière Angela Merkel ont été victimes d’un vol de données. Selon les premières indications, il semble que Turla, un groupe organisé de hackers russes (APT) soit l’auteur de cette cyberattaque. Chris Dawson, Responsable Threat Intelligence au sein de Proofpoint commente :
Serious DoS Flaw Impacts Several Yokogawa Products(SecurityWeek) High severity DoS vulnerability impacts several Yokogawa ICS products, including control and safety instrumented systems, a SCADA tool, a plant resource manager, and an OPC interface package.
Biometric Security Can Be Hacked, but It's Really Hard to Do(eWEEK) Last month, a pair of security researchers demonstrated how it’s possible to fool a vein recognition system, but they also showed just how hard that actually is to do. New-gen scanners work a lot better now than they did previously, but like any biometric reader, they can be fooled.
Town of Salem data breach: Personal data of 7.6M gamers stolen(HackRead) Over 7.6 million players have been impacted by a massive data breach suffered by the well-known browser-based role-playing game “Town of Salem.” BlankMediaGames, the owner of the game, has confirmed on its online forum that the breach did occur.
27% of Passwords From Town of Salem Breach Already Cracked(BleepingComputer) Over the holiday, the popular browser-based game Town of Salem had a data breach that exposed the hashed passwords for approximately 7.6 million unique accounts. At the time of this writing, over 27% of the passwords have already been cracked.
Major Avast and AVG update adds 64-bit support, drops XP/Vista(BetaNews) When an existing user purchases a new activation code, they often have problems installing the 'latest' version of their security suite because they often overlook that as part of their subscription they will always have the latest version.
Federal Government Shutdown Could Hit These Tech Stocks But Spare Security(Investor's Business Daily) The partial federal government shutdown could impact the revenue of technology companies such as Pure Storage (PSTG), NetApp (NTAP) and Nutanix (NTNX), analysts said. Cybersecurity companies like Palo Alto Networks (PANW), CyberArk Software (CYBR), and Fortinet (FTNT) seem better positioned to weather any spending cuts, however.
KnowBe4 hits sales record(St Pete Catalyst) Increased business demand for cybersecurity training is driving double-digit sales gains at KnowBe4. The Clearwater security awareness training firm said sales were up 61 percent in the fourth quarter of 2018, compared to Q4 2017, and the three months that ended Dec. 31 were the most successful quarter to date for the company. KnowBe4 did […]
How to Decrypt the Aurora Ransomware with AuroraDecrypter(BleepingComputer) If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom.
How To Remove Cadillac.email@example.com Phobos Ransomware(MalwareTips Guides) If your documents are encrypted with a [Cadillac.firstname.lastname@example.org].phobos extension, then your PC is infected with the Phobos ransomware. Phobos is a file-encrypting ransomware, which encrypts the personal documents found on victim’s computer, then displays a message which offers to decrypt the data if a payment in Bitcoin is made. The instructions are placed on the …
10 Reasons Why Computer Running Slow?(PUPUWEB) There's a huge amount of information that flows into an enterprise every day, but only some of that information is used while the rest is left as stale data
10 Alexa Skills for CIOs(GovernmentCIO Media & Research) Since smart assistants are proliferating, agency CIOs should take note of these skills for everyday tasks.
Modern IT underlines need for zero-trust security(ComputerWeekly.com) The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist.
Outsmart the Scammers: How You Can Avoid Fraud(Wall Street Journal) More Americans are falling victim to financial fraud, as scammers excel at identifying victims’ weaknesses and insecurities; learn to identify the signs of a scam to protect yourself.
Design and Innovation
Quantum Cryptography: Supporting or Breaking Cyber Security?(Analytics Insight) Quantum computers are based on the values of quantum mechanics and are amazingly ground-breaking machines. Quantum computing can process complex algorithms effortlessly and rapidly. Quantum Cryptography supporting present-day Internet communications and business could some time or another surrender to a quantum attack.
Bitcoin And Democracy Tech(Seeking Alpha) Threats to democracy and human rights must be faced together. As investors we can play a critical role when we allocate our capital. Democracy tech is a form of
Demystifying the India Data Protection Bill, 2018: Part 1 of 3(Security Boulevard) The ‘Personal Data Protection Bill, 2018’ was built on the edifice that ‘Right To Privacy’ is a fundamental right of Indian citizens, the Personal Data Protection Bill, 2018 is expected to completely transform the way organisations collect, store, share and process the personal data of Indian citizens. Learn more about the nine stated objectives of the bill, how the bill defines sensitive personal data, applicability, compliance, penalties, and more.
Give Up the Ghost: A Backdoor by Another Name(Just Security) We must reject GCHQ’s newest “ghost” proposal for what it is: a mandated encryption backdoor that weakens the security properties of encrypted messaging systems and fundamentally compromises user trust. By EFF's Nate Cardozo
CISA Feeling the Effects of the Shutdown(Meritalk) Cybersecurity experts are growing concerned that the Department of Homeland Security (DHS) hasn’t indicated which critical cybersecurity capabilities the Cybersecurity and Infrastructure Security Agency (CISA) has ceased during the on-going partial government shutdown.
China is hacking America’s secrets. Can legislation stop it?(Fifth Domain) Proposed legislation would create a new office in the White House that tackles the theft of state-sponsored technology and secure the American supply chain through a new national strategy and promotion of better cyber hygiene.
Brother questions why Marine vet being held by Russia(Marine Corps Times) The brother of an American man being held in Moscow on suspicion of spying is raising the possibility that his sibling is being used as a pawn in a potential exchange for a Russian woman behind bars in the U.S.
The confounding case of alleged spy Paul Whelan(Washington Post) Shane Harris tells the story about a former Marine being detained in Russia on suspicion of spying. Annie Linskey on how the “likability” question will affect female 2020 candidates. Plus, voices from the government shutdown.
Tesco Bank fined £16.4m over cyber attack(Hermann Herald) The Financial Conduct Authority (FCA) said deficiencies at the bank had left account holders vulnerable to an incident that netted cyber criminals £2.26m.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
SecureWorld Charlotte(Charlotte, North Carolina, USA, March 14, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Boston(Boston, Massachussetts, USA, March 27 - 28, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, April 10 - 11, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...
SecureWorld Houston(Houston, Texas, USA, April 18, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Toronto(Toronto, Ontario, Canada, April 24, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Kansas City(Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Cincinnati(Cincinnati, Ohio, USA, May 16, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SecureWorld Atlanta(Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...
SecureWorld Chicago(Chicago, Illinois, USA, June 13, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.