Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
January 16, 2019.
By the CyberWire staff
The US Securities and Exchange Commission has entered a civil complaint against nine defendants in connection with the 2016 hack of the SEC's EDGAR reporting system. The alleged hackers are a global lot, hailing from Ukraine, Russia, and California. The SEC says the defendants made about $4.1 million through illicit trading in non-public information. In a parallel action the US Justice Department indicted two gentlemen from Kiev, both also named in the SEC's action, on sixteen counts of "securities fraud conspiracy, wire fraud conspiracy, computer fraud conspiracy, wire fraud, and computer fraud."
Flashpoint has found the Lazarus Group's spoor in last month's attack on Chile's Redbanc. It was a social engineering attack with job-offering phishbait.
Website Planet outlines the client-side vulnerabilities it found in major web-hosting platforms.
WhiteHat has released its study of last year's top-ten application vulnerabilities. Number one on the list is a jQuery File Upload exploit.
Coveware outlines an unusually cruel and repellent Cryptomix ransomware campaign: this one spreads by emails representing themselves as coming from a charity devoted to helping children who suffer from cancer. The charity is bogus, but the children used as phishbait, alas, are all too real.
If you really must play Fortnite, Check Point recommends enabling two-factor authentication on your account. There's account hijacking afoot, much of it enabled by dodgy sites promising ways of accumulating V-bucks in-game currency at a discount. European Union Anti-Corruption warns that Fortnite (with its V-bucks) is growing increasingly popular with organized crime as a money-laundering medium.
Today's issue includes events affecting Afghanistan, Chile, European Union, Germany, Iran, Israel, Democratic Peoples Republic of Korea, Poland, Qatar, Russia, Singapore, Uganda, Ukraine, United States.
Bridge the Gap Between Policy & Technology at Georgetown
The Georgetown University Master's in Cybersecurity Risk Management prepares you to navigate today’s increasingly complex cyber threats. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. Join us for a webinar on Tuesday, January 29, at noon ET to explore our program.
Proactive Cybersecurity: Modeling Adversarial Behavior(Online, January 23, 2019) Join LookingGlass Product Manager, Dan Martin, and Security Ledger Editor-in-Chief, Paul Roberts for an introduction to ScoutThreat™, a threat management platform that helps security analysts streamline threat analysis work and extract the maximum value from threat intelligence.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
Another huge database exposed millions of call logs and SMS text messages(TechCrunch) An unprotected server storing millions of call logs and text messages was left open for months before they were found by a security researcher. If you thought you’d heard this story before, you’re not wrong. Back in November, another telecoms company, Voxox, exposed a database containin…
To raise security awareness, researchers spent months hacking mock building systems(CyberScoop) Security experts have in recent months warned that building-automation lags behind other critical infrastructure sectors when it comes to awareness of cyberthreats and appreciation of their potential impact. Now an 18-month research project, which tested malware and exploits on gear made by top vendors, is trying to change that.
Hacking Fortnite(Check Point Research) Research by: Alon Boxiner, Eran Vaknin and Oded Vanunu, January 16th, 2018 Played in a virtual world, players of ‘Fortnite’, the massively popular game from game developer Epic Games, are tasked with testing their endurance as they battle for tools and weapons that will keep them secure and the ‘last man standing’. In the last... Click to Read More
Fortnite's Vulnerability: Only the Secure Survive(Check Point Software Blog) Check Point discovered security vulnerabilities in Fortnite's login process that could have allowed a threat actor to take over the account of any user, view their personal account information, purchase virtual in-game currency and eavesdrop on in-game chatter as well as home conversations.
Kids playing Fortnite are boosting organised crime(European Union Anti Corruption ) The virtual currency of Fortnite, a massively popular video game, is being used to launder money, according to the Independent. Though the game is free, additional items can be bought, such as outfits and weapons. It is now a firm favourite with the underworld. Criminals use stolen credits cards to purchase the in-game currency, and...
Report: We Tested 5 Popular Web Hosting Companies & All Were Easily Hacked(Website Planet) The goal of this research was to try and see if websites hosted on Bluehost, Dreamhost, HostGator, OVH, or iPage could be compromised with one click client-side vulnerabilities. Unfortunately, we found at least one client-side vulnerability in all the platforms we tested, allowing account takeover when the victim clicks a link or visits a malicious …
Israel company admits spying on Emir of Qatar(Middle East Monitor) The CEO of Israeli spyware company NSO Group has admitted that its software was used to spy on the Emir of Qatar. In an interview with Yedioth Ahronoth this weekend, Shalev Hulio admitted that his...
Top five emerging trends in cyber security(Computing) Dr Adrian Nish, Head of Threat Intelligence at BAE Systems, reveals his cyber predictions for 2019. Adrian regularly advises both businesses and governments on cyber breaches...
WhiteHat Security: Top 10 Application Security Vulnerabilities of 2018 - WhiteHat Security(WhiteHat Security) Today’s applications touch millions if not billions of people on a daily basis. With virtually every business using applications to grow, they are critical to companies’ success—yet the vulnerabilities and risks associated with them continue to increase exponentially. And the proof is in the breach. British Airways, Ticketmaster, the United States Postal Service (USPS), Air …
The Telecom Wars Put Huawei In The Hot Seat(Forbes) Chinese IT giant Huawei’s integral role in building China’s hegemony over the future of 5G, and hence of the future of telecommunications, is finally getting the global scrutiny it deserves.
Check Point to Beef Up Cybersecurity Architecture with ForceNock Buy(Channel Partners) Founded in 2017, ForceNock developed a web application and API protection (WAAP) technology that utilizes machine learning, behavioral and reputation-based security engines, and Check Point plans to integrate the startup's technology into its Infinity total protection architecture.
On Bounties and Boffins - Security Boulevard(Security Boulevard) Trying to make a living as a programmer participating in bug bounties is the same as convincing yourself that you’re good enough at Texas Hold ‘Em to quit your job. There’s data to back this up in Fixing a Hole: The Labor Market for Bugs, a chapter in New Solutions for Cybersecurity by MIT Press.
CyberArk: An Ideal Candidate For Acquisition(Seeking Alpha) CyberArk is one of the few IT security companies that is growing at a fast pace while generating profits. The company is an ideal candidate for an acquisition f
OpinionWay chooses Darktrace AI to fend off novel threats(Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has today announced that OpinionWay, a leading market research company, has chosen its cyber AI to protect proprietary research from phishing attacks, novel malware and insider threat.
ACSC shutters 2019 conference(InnovationsAus.com) The federal government’s Australian Cyber Security Centre has quietly shuttered the 2019 iteration of its annual conference leaving the security sector scrambling.
InSecurity Podcast: Dave Bittner on Why the CyberWire is the Security Paper of Record(Security Boulevard) In this week’s episode of InSecurity, Matt Stephenson chats with the CyberWire’s Dave Bittner about cybersecurity in the year that was and the year to come. We also quote Albert Brooks, discuss octopus eyeballs, and debate the merits of vinyl LPs and cassettes compared to digital music and streaming. You’re not going to want to miss this one.
3 Reasons Why the Integration of Cybersecurity Tools is a Growing...(Bricata) In cybersecurity, the whole of security data is greater than the sum of its parts. Unfortunately, the way many security products are engineered, analysts are relegated to using individual tools – just the ‘parts’ – and struggle to see the ‘whole’ picture... #ciso #cloudsecurity #cybersecuritytrends
Don’t Overlook the Business Risk in BRI(SecurityWeek) A business risk intelligence (BRI) program needs to understand and account for the different categories of risk faced by all business functions across an enterprise.
Improve cyber defenses to protect grid(Post and Courier) An insidious and highly threatening Russian campaign has laid the groundwork for taking down major portions of the U.S. electrical grid whenever the order is given. We must do everything
Facebook, Twitter Turn to Right-Leaning Groups to Help Referee Political Speech(Wall Street Journal) Advisers on touchy issues include Tony Perkins’ Family Research Council, Grover Norquist’s Americans for Tax Reform and, on the left, the Southern Poverty Law Center. Their involvement behind the scenes, designed to tamp down a furor over social media’s policing of content, has instead kicked up a new range of disputes.
Roku now deleting Infowars from its platform after customer outcry(TechCrunch) Roku is deleting the Infowars channel from its platform, a couple days after adding it as a supported channel. In a tweet, Roku said after the channel became available, “we heard from concerned parties and have determined that the channel should be removed from our platform. Deletion from the chann…
India Wants Access to Encrypted WhatsApp Messages(Wall Street Journal) Facebook’s WhatsApp is facing pressure in India to let authorities trace and read the encrypted messages of its more than 200 million Indian users in a new attempt at constraining global tech giants.
Singapore says it won't name hackers who targeted PM(AP NEWS) Singapore officials say it isn't in the country's interest to nab — or even name — the perpetrators behind a cyberattack that breached 1.5 million health records, including those of Prime Minister Lee Hsien Loong. An inquiry into the July 4 breach, believed to be the largest in Singapore's history, concluded that it was likely state-linked. The inquiry called for hearings and considered factors like the attacker's persistence, resources and advanced tactics. Lee, a two-time cancer survivor, had his personal and outpatient medication data repeatedly targeted.
The Myth of the Cyber Offense: The Case for Restraint(Cato Institute) Great-power competition in the 21st century increasingly involves the use of cyber operations between rival states. But do cyber operations achieve their stated objectives? What are the escalation risks? Under what conditions could increasingly frequent and sophisticated cyber operations result in inadvertent escalation and the use of military force? The answers to these questions should inform U.S. cybersecurity p...
Hurd & Kelly Bipartisan Cybersecurity Bill Passes House Unanimously(Congressman Will Hurd) One of the first pieces of legislation to pass this year is a bill to help make sure that Americans’ online identities safe from hackers. Today the House unanimously voted to strengthen national cybersecurity by passing U.S. Reps. Will Hurd (TX-23) and Robin Kelly (IL-02)’s Federal CIO Authorization Act of 2018.
Litigation, Investigation, and Law Enforcement
Singapore imposes $740,000 fines over major cyber attack(New Straits Times) Singapore’s privacy watchdog Tuesday imposed fines of Sg$1 million ($740,000) on a healthcare provider and an IT agency over a cyber-attack that saw health records of about quarter of the population stolen.
SEC Brings Charges in Edgar Hacking Case(US Securities and Exchange Commission) The Securities and Exchange Commission today announced charges against nine defendants for participating in a previously disclosed scheme to hack into the SEC’s EDGAR system and extract nonpublic information to use for illegal trading.
U.S. Charges 8 in Securities Hacking Scheme(SecurityWeek) US authorities on charged eight people in a scheme to trade on and profit from stolen corporate information hacked from a government database, court papers showed.
SEC Brings Charges In EDGAR 'Hacking' Case Against Traders Who Made $4M(Forbes) The U.S. SEC has brought charges in a hacking case against a group international traders who gained insider information into the EDGAR database that listed companies use to file corporate and financial documents. The traders are estimated to have made at least $4.1 million in illegal profits.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Zero Day Con(Dublin, Ireland, March 7, 2019) On March 7 2019, Zero Day Con will bring together leading technology firms, industry experts and government officials that will share insights for cybersecurity professionals grappling with the rise of...
(ISC)² Secure Summit DC(Washington, DC, USA, April 23 - 24, 2019) (ISC)² Secure Summit DC evolved to assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of our event is to equip security leaders...
National Cyber Summit(Huntsville, Alabama, USA, June 4 - 6, 2019) National Cyber Summit is the nation’s most innovative cyber security-technology event, offering unique educational, collaborative and workforce development opportunities for industry visionaries and rising...
Hack in Paris 2019(Paris, France, June 16 - 20, 2019) Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place...
Industrial Control Systems (ICS) Cyber Security Conference(Atlanta, Georgia, USA, October 21 - 24, 2019) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.