What if your security solution could provide zero doubt?
A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.
January 9, 2019.
By the CyberWire staff
According to Haaretz and other sources, Israel’s Shin Bet intelligence service has warned that an unnamed “foreign country” intends to interfere with the country’s upcoming elections.
CyberScoop reports that for some months prior to its recent doxing of insurance firms for 9/11 claim information, the Dark Overlord was actively seeking both talent and attention. Nothing in their recruiting pitches gives the lie to the group’s avowed financial motives. The criminal gang’s headcount was reduced in the spring of 2018 when Serbian police devoted some attention to the Dark Overlord's activities.
The Media Trust offers notes on ICEPick-3PC, a malware strain targeting mostly Android devices and of particular concern to publishers and e-commerce sites.
More concerns are being expressed about Facebook’s access to data being overshared by some apps. Privacy International found that more than half of the apps it tested shared usage data with the social network. One might dismiss this as relatively unimportant SDK data, but in the aggregate, as researchers point out, the data can tell interested parties a lot about a user, including some information that shades into what’s protected under GDPR.
The Straits Times says that Vietnam alleges that Facebook is in violation of that country’s new, harsh, and autarkic Internet laws. Facebook denies any wrongdoing.
POLITICO has an exclusive in the increasingly strange story of alleged NSA-leaker and classified data packrat Hal Martin. Kaspersky is said to have fingered him to NSA after the Russian security firm received some odd tweets from the former contractor.
Visualize Your Network Like the Most Infamous Hackers
Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Israel says it can foil foreign election meddling amid scare(AP NEWS) Israel's Shin Bet security service assured the public Wednesday it was well prepared to thwart any foreign intervention in the country's upcoming elections, after its director warned such efforts were being made by a world power, with suspicions immediately falling on Russia. The unusual Shin Bet statement followed a TV report that Shin Bet chief Nadav Argaman recently told a closed audience that a foreign country was trying to intervene in the April elections and that operatives were trying to meddle via hackers and cyber technology.
Facebook is the new crapware(TechCrunch) Welcome to 2019 where we learn Facebook is the new crapware. Sorry #DeleteFacebook, you never stood a chance. Yesterday Bloomberg reported that the scandal-beset social media behemoth has inked an unknown number of agreements with Android smartphone makers, mobile carriers and OSes around the world…
LinkedIn now requires phone number verification for all users in China(TechCrunch) LinkedIn’s China site looks and functions just like LinkedIn everywhere else, except now it asks users in the country to verify their identities through phone numbers. The American company is requiring both new and existing users with a Chinese IP address to link mobile phone numbers to their…
Notice of Data Breach(OXO) We are writing to tell you about an unfortunate data security incident involving sophisticated criminal activity that may have exposed some of your personal information. We take the protection and proper use of your information very seriously. For this reason, we are contacting you directly to explain the circumstances of the incident.
The State of Web Application Vulnerabilities in 2018(Imperva) This blog provides an analysis of all web application vulnerabilities throughout the year, view trends, and notice significant changes in the security landscape. This look back at 2018 helps readers to understand the changes and trends in web application security over the past year.
Cybersecurity Podcasts You Should Be Listening To(TrendinTech) Podcasts are amongst of the easiest and most expedient means to find out the most up-to-date information and news. Cybersecurity podcasts did not have an exacting influence on the flourish of podca…
AttackIQ FireDrill review: Watching the watchers(CSO Online) This penetration testing tool is configured to operate from the inside, with the primary goal of identifying flaws, misconfigurations and outright shortcomings in all other cybersecurity defenses.
How to spot a social media hoax(Naked Security) Stop shaking your head about “WhatsApp Gold” flimflam and start spreading these REAL nuggets of hoax-clobbering advice!
6 Ways to Beat Back BEC Attacks(Dark Reading) Don't assume your employees know how to spot business email compromises - they need some strong training and guidance on how to respond in the event of an attack.
Vietnam says Facebook violated controversial cyber-security law(The Straits Times) Facebook has violated Vietnam's new cybersecurity law by allowing users to post anti-government comments on the platform, state media said on Wednesday (Jan 9), days after the controversial legislation took effect in the communist-ruled country.. Read more at straitstimes.com.
Facebook rebuts Vietnam claims over alleged illegal content(Houston Chronicle) Facebook was defending itself Wednesday against allegations that it allows illegal content in violation of Vietnam's new cybersecurity law. The social media giant said it has restricted illegal content and is in discussions with the government. "We have a clear process for governments to report illegal content to us, and we review all those requests against our terms of service and local law," the company said in a statement. "We are transparent about the content restrictions we make in accordance with local law in our Transparency Report ," it said.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.