Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
January 31, 2019.
By the CyberWire staff
You will recall Collection #1, the big aggregation of old breaches. Collections #2 through #5 are now in circulation, and WIRED reports that the five datasets now include some 2.2 billion records. It's big, to be sure, but how consequential this sort of information will prove remains to be seen.
Google has joined Facebook in acknowledging that it paid users to allow access to their phones, TechCrunch says. Mountain View said yesterday that it was stopping the practice.
Both Google's and Facebook's pay-for-access plans are attracting a great deal of hostile scrutiny, NPR reports. As Fortune notes, Apple may be Facebook's toughest regulator). The Washington Post, the Telegraph, and WIRED all observe that, public expressions of contrition aside, Facebook seems to be shrugging off its string of bad news, at least in terms of the results it reports, but Big Tech as a whole is increasingly looking like the steel industry near the end of the Gilded Age.
With information operations, lies usually receive a bodyguard of truth. Witness the story, as reported by the Washington Post, of Russian claims that Special Counsel Mueller's office has been hacked. That's the lie. The truth that guards it is a set of documents involving the Special Counsel's case against a Russian firm: genuine documents that were obtained through regular legal disclosure, not by hacking.
Experiencing poor performance with your legacy antivirus? Try CB Defense.
Does your legacy antivirus slow down end user endpoints? Try Carbon Black's lightweight, next-generation antivirus + endpoint detection and response solution in your environment for free!
Compare CB Defense to your current solution using real-world scenarios, and see how operations transform across your security and IT teams. After you've finished your 15-day trial, you'll have everything you need to build a business case and make the switch. Gain superior protection, simplified operations, and actionable visibility today.
ON THE PODCAST
In today's podcast, up later this afternoon, we speak with our partners at CenturyLink, as Mike Benjamin shares information on TheMoon botnet and how it targets websites. Our guest is Lewie Dunsworth, CISO & Executive Vice President of Technical Operations at the Herjavec Group on projected increases in ransomware aimed at hospitals.
DreamPort Event: The Red Hat Ansible Tower Workshop(Columbia, Maryland, United States, February 7, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting the Red Hat Ansible Tower Workshop. This workshop will enable you to create playbooks, while building in security. Automation features will save time, empower junior staff, offload senior staff and automate your most tedious tasks!
Cyber Job Fair, Feb 13, San Antonio(San Antonio, Texas, United States, February 13, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, February 13 in San Antonio. Meet leading cyber employers including AF Civilian Service, CNF Tech, Lockheed Martin, and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.
CYBERTACOS RSA(San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Iran’s Basij in cyberspace(AEI) The Islamic Republic of Iran remains of two minds about the internet. In 1993, Iran became only the second country in the Middle East (after Israel) to connect to the world-wide network and while Iranians culturally embraced it, the connection it afforded ordinary Iranians to outside cultures and ideas has become an increasing concern to Iran’s revolutionary authorities.
India’s largest bank SBI leaked account data on millions of customers(TechCrunch) India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions. The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text mess…
Google will stop peddling a data collector through Apple’s back door(TechCrunch) It looks like Facebook was not the only one abusing Apple’s system for distributing employee-only apps to sidestep the App Store and collect extensive data on users. Google has been running an app called Screenwise Meter, which bears a strong resemblance to the app distributed by Facebook Res…
New LockerGoga Ransomware Allegedly Used in Altran Attack(BleepingComputer) Hackers have infected the systems of Altran Technologies with malware that spread through the company network, affecting operations in some European countries. To protect client data and its assets, Altran decided to shut down its network and applications.
CACI buying LGS Innovations in $1B pair of deals(Washington Technology) CACI International has made a pair of deals worth nearly $1 billion, including $750 million for LGS Innovations, to add more capabilities around intelligence products and solutions.
Ice Miller Nabs Former Brown Rudnick, CIA Cyber Pro(Law360) Ice Miller LLP has lured Brown Rudnick LLP’s former cybersecurity chair, a onetime U.S. Central Intelligence Agency officer and U.S. Department of State diplomat who told Law360 on Wednesday that his experience handling cybersecurity issues stems from years working in environments that are “behind a door behind a curtain that nobody really knows about.”
Radware Secures Cyber Defense Deal With Major Online Gaming Company(GlobeNewswire News Room) Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application delivery solutions, today announced it has secured a multi-million dollar contract with a leading global online gaming company to provide protection from next generation attacks and specifically encrypted attacks.
Amsterdam toughens up cyber response(Port Strategy) The Port of Amsterdam has launched a cyber security programme to help protect itself from cyber-attacks and increase its ability to deal with digital threats.
Inside a key Hawaii intelligence outpost listening in on the Pacific(Yahoo News - Latest News & Headlines) The National Security Agency's Hawaii outpost, whose most notorious employee was the whistle-blower Edward Snowden, is focused on uncertainty in the Pacific region, from nuclear development in North Korea to China’s increasing aggression in the South China Sea.
New degree program will help address predicted global shortfall of cybersecurity professionals (The University of Alabama in Huntsville) The Department of Electrical and Computer Engineering at UAH and UAH’s Center for Cybersecurity Research and Education (CCRE) are pleased to jointly announce the launch of a brand-new Bachelor of Science in Cybersecurity program. This highly technical cybersecurity undergraduate degree is intended to prepare graduates for a career in cybersecurity engineering, secure software development, cybersecurity test and evaluation, offensive security, systems architecture, reverse engineering, and/or emerging cybersecurity problem-solving.
Czech Tax Office Bars China’s Huawei as Europe Debates Espionage(Wall Street Journal) The ban is seen as the first in a succession of similar restrictions on the Chinese telecom giant and its rival ZTE likely to land in the Czech Republic as the U.S. pushes its European allies to restrict Huawei and ZTE from building internet infrastructure on the continent.
DHS’ CISA on Deck for Voice in Counterterrorism Prevention(Meritalk) The House on Tuesday passed H.R. 769, the Counterterrorism Advisory Board Act of 2019, which would establish a board at the Department of Homeland Security (DHS) to coordinate and integrate departmental intelligence, activities, and policy related to counterterrorism.
Justice Department Announces Court-Authorized Efforts to Map and Disrupt Botnet Used by North Korean Hackers(US Department of Justice) The Justice Department today announced an extensive effort to map and further disrupt, through victim notifications, the Joanap botnet – a global network of numerous infected computers under the control of North Korean hackers that was used to facilitate other malicious cyber activities. This effort targeting the Joanap botnet follows charges unsealed last year in which the United States charged a North Korean citizen, Park Jin Hyok, a member of a conspiracy backed by the North Korean government that carried out numerous computer intrusions. Those charges alleged that the conspiracy utilized a strain of malware, “Brambul,” which was also used to propagate the Joanap botnet.
New York Opens Investigation Into Apple FaceTime Bug (Wall Street Journal) New York state launched a probe into Apple’s response to a bug in its FaceTime video-chat system that allowed callers to eavesdrop on others using the technology giant’s devices, deepening the scrutiny of a security setback that has undermined the company’s privacy position.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
National Security Technology Forum and Exposition (NSTFX)(San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.