Visit LookingGlass Cyber Solutions at BlackHat USA 2019
There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.
July 11, 2019.
Transcripts of all CyberWire podcasts are now available on our website.
We're pleased to announce that we've completed transcribing our library of podcasts: the Daily Podcast, Research Saturday, Hacking Humans, CyberWire-X, and Special Editions. Over one thousand episodes are now available as transcripts. Researchers, the hearing impaired, and even people who would rather read than listen, are invited to take a look.
By the CyberWire staff
Check Point is tracking “Agent Smith,” Android malware that replaces legitimate apps with simulacra that carry adware. According to ZDNet, researchers have traced the operators behind Agent Smith to a company based in Guangzhou. It appeared originally in the third party app store, 9Apps, but it appears to be working toward establishing a foothold in Google Play as well. Most of its twenty-five-million victims so far have been in India, Bangladesh, and Pakistan.
RiskIQ reports that the online card-skimmers of Magecart are actively looking for unsecured AWS S-3 buckets. The gang has spread its skimmer code to some seventeen-thousand domains over recent months, WIRED notes. They've gone for reach, and not targeting.
Forbes reports that Kaspersky has found new infestations of FinSpy in the wild, suggesting that the spyware continues to find users among governments in many corners of the world.
An unnamed US defense contractor was induced to send sensitive, highly classified communications intercept equipment worth about $3 million dollars to an international criminal gang. A search warrant request the US Department of Homeland Security filed with the United States District Court for the District of Maryland revealed the details. Homeland Security Investigations asked for Apple iCloud information pertaining to four email accounts of interest. The incident appears to have been a phishing scam executed by hoods posing as a fictional US Navy contracting officer, "Daniel Drunz." In addition to the communications intercept gear, the gang also stole $6.3 million in televisions and $1.1 million in iPhones and iPads.
Today's issue includes events affecting Australia, Bangladesh, Canada, China, France, India, Ireland, Israel, Japan, Republic of Korea, Luxembourg, Malaysia, Myanmar, New Zealand, Pakistan, Russia, Singapore, Sweden, United Arab Emirates, United Kingdom, United Nations, United States.
Bring your own context.
Gamers are big targets for criminal hackers, but not because gamers are easy pickings. In many ways gamers comprise one of the more security-conscious online subcommunities. But the stuff they can win, and the in-game purchases they make, can be surprisingly valuable. And where there's meat, there are flies.
"And the whole reason we're seeing that move into gaming is because it's a lucrative market. There is value to all of the skins, all of the devices you can buy for your characters. Those have value. It's easy to go and say to the FBI or to your local law enforcement, hey, somebody cracked into my bank account, and here's how much they stole. Here's how much I lost, and can you go investigate? If you go and say, somebody broke into my Minecraft account and took it over and sold it, it's a lot harder to explain to a police officer or a law enforcement officer that this has value."
—Martin McKeay of Akamai, on the CyberWire Daily Podcast, 7.9.19.
Modernizing security analytics and operations with SOAPA.
Security operations is held back by the compromises of existing security analytics solutions, and throwing more money and time at the problem isn’t helping. Instead, you are left dealing with an army of point tools, exponential data growth, lack of context... the list goes on.
It's time to take a new approach to security analytics - explore how Devo can help evolve your SOC in this report by ESG.
And Hacking Humans is up. In this episode, "Know and spot the patterns," Joe shares the heartbreaking tale of a catphishing case that leads to murder. Dave describes a shoe company using an unusual method to trick engagement with an online ad. The catch of the day engages a Nigerian scammer promising a fortune in precious minerals. Dave interviews Michael Coates, head of Altitude Networks and former CISO at Twitter.
Cyber Security Summits: DC on July 16 and in Chicago on August 27(Washington, DC, United States, July 16, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The U.S. DOJ, Verizon, Center for Internet Security, IBM and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today.
RSA Conference 2019 Asia Pacific & Japan(Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.
XM Cyber is coming to Black Hat(Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Cyber Attacks, Threats, and Vulnerabilities
Flirting With IDA and APT28(Threat Vector) This blog shares a methodology used to develop Hex-Rays' Interactive Disassembler (IDA) signatures created as part of pre-analysis for a recently published APT28 sample. This will allow an analyst to focus on the malicious code while disregarding the statically linked Poco framework functions.
DataVisor Fraud Index Report: Q2 2019(DataVisor) DataVisor’s Q2 2019 Fraud Index Report contains the very latest and most actionable insights about where the fraud risks are, and what you can do about them.
Arlington Investigating Cyber Attack on County Payroll System(ARLnow.com) (Updated at 5:20 p.m.) Arlington County has revealed a cyber attack that penetrated the county's payroll system. In a statement, the county says a number of employees were impacted by the intrusion, but did not specify the exact number or impacts. The intrusion appears to be the result of a “phishing” email targeting county employees and not a hack, the press release suggests.
Security Patches, Mitigations, and Software Updates
Apple has pushed a silent Mac update to remove hidden Zoom web server(TechCrunch) Apple has released a silent update for Mac users removing a vulnerable component in Zoom, the popular video conferencing app, which allowed websites to automatically add a user to a video call without their permission. The Cupertino, Calif.-based tech giant told TechCrunch that the update — now rel…
State of Healthcare Security in 2019(Bugcrowd) As the healthcare industry continues to move into the digital age, each new technology that provides value to patients, organizations, and caregivers also bring
Executives’ Changing Views on Cybersecurity(Radware) What does the shift in how cybersecurity is viewed by senior executives within organizations mean? To find out, Radware surveyed more than 260 executives worldwide and discovered that cybersecurity has moved well beyond the domain of the IT department and is now the direct responsibility of senior executives. Security as a Business Driver The protection The post Executives’ Changing Views on Cybersecurity appeared first on Radware Blog.
IBM closes $34B Red Hat acquisition(Intelligence Community News) IBM of Armonk, NY and Raleigh, NC-based Red Hat announced on July 9 that they have closed the transaction under which IBM acquired all of the issued and outstanding common shares of Red Hat for $19…
Thales' U.S. arm adds three new board members(InsideDefense.com) The U.S. defense and security arm of Thales said today it has appointed three new board members to "enhance the defense and security reach of Thales in the U.S. and abroad."
CERES Forum Marks One-Year Anniversary With 10th Country Addition(Vietnam News) The CERES (CEntral banks, REgulators and Supervisory Entities) Forum, established through the Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry consortium dedicated to reducing cyber-risk in the global financial system, announced today that it has grown its membership to 11 members in 10 countries from Africa, Asia, Europe, North and South America.
The Router's Obstacle-Strewn Route to Home IoT Security(LinuxInsider) It is newly minted conventional wisdom that not a single information security conference goes by without a presentation about the abysmal state of IoT security. While this is a boon for researchers looking to make a name for themselves, this sorry state of affairs is definitely not beneficial for anyone who owns a connected device. IoT device owners aren't the only ones fed up, though.
Put Those Cloud Security Objections to Rest(BankInfo Security) In the wake of digital transformation, there remain some organizations that - for security reasons - resist the temptation to move to the cloud. What are their
Building a threat intelligence framework: Here's how(SearchSecurity) Building a threat intelligence framework isn't easy, but having a robust cyber threat intelligence foundation is critical to companies looking for ways to secure their data. A researcher with AT&T's cybersecurity unit explains what companies should do.
The New Threat Intelligence(BankInfo Security) Threat intelligence programs have evolved greatly over the past decade. But Mario Vuksan, CEO of ReversingLabs, says too many organizations are overlooking the
Wicked6 Cyber Games Finalists Announced(Wicked6 Cyber Games) The Women’s Society of Cyberjutsu announces the finalists in the Wicked6 Cyber Games, a unique cybersecurity exhibition and fundraiser to be held at HyperX Esports Arena Las Vegas at the Luxor Hotel and Casino on August 8, 2019, followed by the 6th Annual Cyberjutsu Awards Reception.
Can a U.N. Report Help Rein in Expansive and Abusive Digital Surveillance?(World Politics Review) The private surveillance industry has skyrocketed, with mainly Western companies selling sophisticated technologies to governments and intelligence services worldwide. In a recent, scathing report, the U.N. special rapporteur on freedom of opinion and expression called for “an immediate moratorium.”
Marketers, leave them kids alone! Why it's time to rein in the prying data mafia(ET Prime) Imagine someone sitting in a remote country, knowing exactly what your child looks like and how he or she will behave under certain circumstances. Scary? But it’s a possibility. Today’s children are a powerful consumer group and are closely monitored by data aggregators. The worst part: there is zero regulation to protect them from this notoriously leaky data bucket.
UK Security Breach Fines Should Be a Wake-Up Call for Big Business(PCMAG) British Airways and Marriott say they are 'disappointed' by fines imposed by UK regulators for massive security breaches. But what else is going to wake them up? Money talks, and in a post-GDPR world, private companies with lackluster security might finally be listening.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Black Hat 2019(Las Vegas, Nevada, USA, August 3 - July 8, 2019) Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days...
Wicked6 Cyber Games(Las Vegas, Nevada, USA, August 8, 2019) On August 8, 2019, six elite collegiate cyber teams go head-to-head in the thrilling environment of a Las Vegas esports arena. They’ll battle it out as they search for and defeat the foe, all while an...
DEF CON 27(Las Vegas, Nevada, USA, August 8 - 11, 2019) DEF CON is a hacker convention which takes place immediately following Black Hat in Las Vegas every year.
Minneapolis Cybersecurity Conference(Minneapolis, Minnesota, USA, July 11, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Insider Threat Program Development - Management Training Course(Mountain View, California, USA, July 15 - 16, 2019) The Insider Threat Defense Group will hold our highly sought after Insider Threat Program (ITP) Development - Management Training Course, in Mountain View, California, on July 15-16, 2019. This comprehensive...
Raleigh Cybersecurity Conference(Raleigh, North Carolina, USA, July 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.