Worried About Your Data? Research From Forrester Says You’re Not Alone.
Data is the lifeblood of digital businesses; protecting it from theft, misuse, and abuse is the top responsibility of every security and privacy leader. Download this free Forrester report on ‘The Future of Data Security and Privacy’ to understand why security executives see privacy as a source of growth and differentiation in 2019. Click here to get your copy.
January 25, 2019.
By the CyberWire staff
Microsoft's Bing search engine was blocked in China yesterday, which prompted speculation in the Telegraph and elsewhere that this was another brick in the Great Firewall. But Bloomberg reports that service has been restored, and that the outage was due to a technical mistake. Redmond itself has been quiet about the incident.
The Intercept argues that concerns about supply chain meddling are real, and that more than one nation-state is involved in such activity.
Kaspersky reports that Russian threat actors Grey Energy and Zebrocy (one of the GRU group Fancy Bear's paws) share tools and techniques.
Military cyber operational capabilities develop into tactical realities: the US Army is establishing two organizations built around the 17th and 41st Field Artillery Brigades to, as Breaking Defense puts it, "hack, jam, sense, and shoot."
Since information campaigns can be expected to follow great power and regional tensions, watch Venezuela. Russia has warned the US against military intervention in the failed Chavista state, NBC News reports. Venezuela is Russia's "strategic partner," Deputy Foreign Minister Ryabkov said, and deposition of President Maduro "would shake the foundations of the development model which we see in Latin America." The US (joined, as Reuters notes, by the UK) supports opposition leader Juan Guaido's constitutional claim to an acting presidency.
Bellingcat seems to have had success in countering Moscow's (and others') information operations. Foreign Policy interviews the citizen journalists.
The Washington Post reports that Microsoft urges adherence to the Paris Call for norms with respect to conduct in cyberspace.
It usually takes a year to get FedRAMP assessment-ready. But this can be cut in half--just six months to confident readiness. Learn how cybersecurity leader Coalfire helped Innovest prepare for its FedRAMP assessment through Security Automation and Orchestration (SAO). Innovest's CSO, Erick Lindley, said, “Coalfire helped us fast-track our path to FedRAMP compliance and save between six and twelve months of work we would have had to do ourselves.” Find out how.
Tomorrow's Research Saturday will feature the latest episode, "Twitter amplification bots and how to detect them." We speak with Duo Security, whose researchers have been analyzing the behavior of Twitter bots in a series of posts on their web site. Their most recent dive into the subject explores amplification bots, which boost the impact of tweets through likes and retweets. Jordan Wright is a principal R&D engineer at Duo Security, and he joins us to share their findings.
State of the Phish Webinar(Online, January 30, 2019) Phishing is the number one attack vector. Wombat's State of the Phish Report provides the data-driven intelligence your team needs to manage end-user risk effectively within your organization. In this report, the focus mirrors that of cyber attackers: people. Register for their webinar and learn more.
DreamPort Event: The Red Hat Ansible Tower Workshop(Columbia, Maryland, United States, February 7, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting the Red Hat Ansible Tower Workshop. This workshop will enable you to create playbooks, while building in security. Automation features will save time, empower junior staff, offload senior staff and automate your most tedious tasks!
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
5th Annual Cyber Security Conference for Executives(Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!
GreyEnergy’s overlap with Zebrocy(Securelist) We have identified an overlap between GreyEnergy, which is believed to be a successor to BlackEnergy group, and a Sofacy subset called “Zebrocy”. Both used the same servers at the same time and targeted the same organization.
Check Point ZoneAlarm Anti-Virus Exploit(illumant llc) Local Exploitation of WCF Services within ZoneAlarm Anti-Virus Software to Escalate Privileges General Overview Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate to SYSTEM-level privileges. A service endpoint within ZoneAlarm exposes powerful functionality, including the ability to start new processes as SYSTEM. Efforts...
UK courts IT meltdown 'not caused by cyber attack'(Evening Standard) The Ministry of Justice said a massive IT meltdown which lawyers claim has brought the courts system “to its knees” was not caused by a cyber attack. Thousands of cases across England and Wales have been affected by a breakdown of the central computer system, which stopped working last week. The secure email system for lawyers and judges was also affected, prompting many to complain that they have been unable to prepare for hearings and trials.
Voicemail Phishing Campaign Tricks You Into Verifying Password(BleepingComputer) A new phishing campaign is underway that utilizes EML attachments that pretend to be a received voicemail and prompts you to login to retrieve it. This campaign also uses a clever tactic of tricking you into entering your password twice in order to confirm that you are providing the correct account credentials.
Hacker demonstrates how to remotely Jailbreak iPhone X(HackRead) A China-based security researcher associated with the Qihoo 360 Vulcan Team has published a proof-of-concept exploit for a kernel vulnerability, which he claims to be the second stage of an exploit chain that he was successfully able to jailbreak iPhone X remotely.
'Worst' ransomware attack hits Maryland police department(AP NEWS) A Maryland police department says it experienced its "worst computer network attack" in its history, after the attacker accessed its network through a longtime software vendor. Salisbury police Capt. Rich Kaiser tells The Daily Times of Salisbury the department's entire internal computer network was compromised Jan. 9 in a ransomware attack. He said negotiations with the attacker who asked for an undisclosed sum "quickly disintegrated."
New report urges action against Huawei, ZTE(TheHill) A new report is urging the Trump administration to take action against a pair of Chinese telecommunication giants over the firms’ alleged misconduct, including claims that they work on behalf of the Chinese sta
Data Privacy Innovator Virtru Appoints Neville Letzerich as Chief Marketing Officer(AP NEWS) Virtru , a leading innovator in enterprise data protection and data privacy solutions , has named Neville Letzerich as its new chief marketing officer (CMO). Letzerich brings more than 20 years of enterprise software marketing, sales and product experience to the role. He will support Virtru’s next phase of global expansion in the enterprise data privacy sector, scaling the reach and impact of the company’s brand and delivering world-class go-to-market execution.
Researchers Create Algorithm to Protect Kids from Disturbing YouTube Videos(BleepingComputer) A team of researchers has developed a high accuracy deep learning-based classifier designed to detect YouTube videos with disturbing content for kids. This was done after finding that the current recommendation algorithm used by the platform to suggest related content is quite lacking.
Analysis | How Huawei Became a Target for the U.S. Government: QuickTake(Washington Post) Huawei Technologies Co., one of China’s most-global companies, is increasingly in the cross-hairs of the U.S. government and its Western allies, just as it’s pushing for a leadership role in the new wireless standard known as 5G. After years of tension, the telecommunications giant is facing multiple battles, including the arrest in Canada of its chief financial officer, possible criminal charges in the U.S. and the prospect of being shut out of new infrastructure projects around the world. The
McCaul & Engel Introduce Cyber Diplomacy Act of 2019(Committee on Foreign Affairs) Today, House Foreign Affairs lead Republican Michael McCaul (R-TX) and Chairman Eliot Engel (D-NY) introduced H.R. 739, the Cyber Diplomacy Act of 2019, to ensure American leadership on the world stage in keeping the Internet open, reliable and secure. Ranking Member McCaul: “The threats to America’s security, economy, and the Internet itself …
Cyber Diplomacy Act of 2019(US House of Representatives) A bill to support United States international cyber diplomacy, and for other purposes.
Letter from 15 Senators to the FCC and FTC(US Senate) We write to urge the Federal Trade Commission and the Federal Communications Commission to broadly investigate the sale of Americans' location data by wireless carriers, location aggregators, and other third parties.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2019 Innovator's Showcase(McLean, Virginia, USA, May 2, 2019) The Intelligence and National Security Alliance (INSA) will showcase IR&D projects with national security applications at its 2019 Innovators’ Showcase. Held in partnership with the Office of the Director
social media for protecting or removing anonymity utilizing social media, internet-connected data stores, and other assets associated with life in a fully digital world, and ephemeris identity telemetry. including identifying characteristics such as biometrics, geolocation, digital signatures, and geo-environmental association..
Zero Trust Technology Showcase(Columbia, Maryland, USA, January 28, 2019) Register for the Zero Trust Technology Showcase. The working group, mainly consisting of US Government employees, will be organized into four teams to include teams exploring data, networking, analytics...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
National Security Technology Forum and Exposition (NSTFX)(San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.