Beginner’s Guide: Open Source Network Security Tools
With so many open source tools out there, it's hard to know where to start. Get your copy of “Beginner’s Guide: Open Source Network Security Tools” today to learn how you can use open source tools for: network discovery, network IDS, vulnerability scanning & penetration testing.
July 30, 2019.
By the CyberWire staff
Data associated with about 106 million credit card users and applicants, mostly in the United States and Canada, were exposed in a breach said to have been committed by a Seattle-area woman, Paige A. Thompson, Capital One has disclosed. Ms Thompson was arrested yesterday on a charge of computer fraud and abuse. It's thought she obtained access to the data (held in a cloud) through a misconfigured firewall.
Wind River addressed eleven zero-day flaws in its VxWorks product. A detailed account of the patches and mitigations may be found here. VxWorks is used in over two-billion industrial, medical and enterprise devices. Armis Labs, which discovered and disclosed the flaws to Wind River, calls VxWorks "the most widely used operating system you may never have heard of." Six of the zero-days were critical remote code execution flaws, according to Armis Labs' report.
Synology has warned users to protect themselves against a ransomware campaign that's brute-forcing credentials in its Network Attached Storage product. Naked Security reports that Synology isn't the only NAS vendor whose products are affected.
Last week Facebook clapped a stopper over some "coordinated inauthentic activity" in Russia, Ukraine, Thailand, and Honduras.
A self-proclaimed hacker has told the Los Angeles Police Department he's got data on some 2500 police officers and about 17 thousand recruits, according to Information Security Magazine. NBC4 Los Angeles says the police union is very unhappy. The incident remains under investigation.
A High Court ruling in the UK rejects a challenge to the Investigatory Powers Act.
Today's issue includes events affecting Canada, China, Honduras, Iran, Syria, Russia, Thailand, Ukraine, United States.
Bring your own context.
If you're studying industrial control systems in a laboratory test bed, it's important to model those systems correctly.
"That's the credibility aspect, and that's one of the things that, in some of the papers that the folks here have written about, is one of the key things that we always try to establish with the apparatus, for example. So whenever we implement, say, an industrial control system for something like a water treatment plant, we always then try and check that with a range of field engineers or other sort of technical roles. So is this actually what would happen in it? And that establishes the credibility of the test bed, and that's an essential part. But what we're really interested in now is making sure that we are doing rigorous experimentation."
—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 7.26.19.
Construct your material models with care. In this case, credibility can mean reliability, availability, and safety.
What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. The latest episode, "Inside malware markets: current trends and competitive forces," takes a look at the way black markets operate like markets. "Regardless of location, legitimacy, or legality, markets of all kinds act in accordance with a prevailing set of forces. Made famous by business management guru Michael Porter, his eponymous Five Forces generally dictate how markets will operate — that includes markets for malware."
XM Cyber is coming to Black Hat(Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.
Codenomicon August 6 Skyfall Lounge Las Vegas(Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!
Courageous Women CISO Brunch with Synack and CyberWire at Black Hat(Las Vegas, Nevada, United States, August 7, 2019) Connect and Collaborate with Fellow CISO Security Leaders at Black Hat. As always, you can expect an intimate environment with delicious food, refreshing drinks, and great company. Join us Wednesday, August 7, 10:00 AM at Delano Las Vegas, Suite TBD.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Capital One’s breach was inevitable, because we did nothing after Equifax(TechCrunch) Another day, another massive data breach. This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the com…
Urgent/11 Further Boosts VxWorks Security(Wind River) Att Wind River, security is embedded in our DNA. It is part of our rich heritage of nearly 40 years in mission-critical systems. It is built into all the technologies we provide to help our customers develop trusted and reliable solutions. We take security extremely seriously, which is why the recent vulnerabilities discovered within the TCP/IP (IPnet) networking stack, dubbed "Urgent/11," has resulted in the most secure VxWorks to date.
Your phone is the new political battlefront(Times) According to Dominic Cummings, the new senior adviser to the prime minister, almost nobody in media or politics understands anything about anything. Also according to Cummings there is one great...
Vulnerability Summary for the Week of July 22, 2019(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
SECURITY VULNERABILITY RESPONSE INFORMATION - TCP/IP Network Stack (IPnet, Urgent/11)(Wind River) Wind River® is committed to delivering secure, reliable products that keep your devices protected. As part of this commitment, our Security Response Team is constantly monitoring and assessing thousands of notifications from CERT-accepted authorities and agencies, Linux security communities such as oss-security, and our customers. Wind River prioritizes these notifications, responds, and proactively contacts customers for timely alerts, enabling them to secure their devices.
Capital One discloses massive data breach; shares down 3%(Seeking Alpha) Roughly 100M U.S. customers and 6M Canadian customers were affected, says the company, but no credit card numbers or login credentials were taken, nor were the vast majority of Social Security numbers. What was breached: About 140K Social Security numbers, 80K linked bank account numbers, and personal information from credit card applications from 2005 until early this year.
GitHub confirms it has blocked developers in Iran, Syria and Crimea(TechCrunch) The impact of U.S. trade restrictions is trickling down to the developer community. GitHub, the world’s largest host of source code, is preventing users in Iran, Syria, Crimea and potentially other sanctioned nations from accessing portions of the service, chief executive of the Microsoft-own…
The State of Cybersecurity Hiring(Burning Glass Technologies) The number of cybersecurity job postings has grown 94% since 2013, three times faster than IT jobs overall. But a talent gap persists.
Facebook warns over Libra plans(Seeking Alpha) A number of factors could prevent Facebook's (NASDAQ:FB) cryptocurrency from seeing the light of day, the tech giant reminded investors in its latest quarterly report.
Fugue and New Light Technologies Partner to Better Secure the Public Cloud(Fugue) New Light Technologies Inc. (NLT) announces a strategic partnership with Fugue to deliver public cloud configuration, drift detection, active drift enforcement (e.g., self-healing infrastructure), and security control gap analysis for NLT’s Amazon Web Services (AWS) and Microsoft Azure clientele.
Google teams up with VMware to bring more enterprises to its cloud(TechCrunch) Google today announced a new partnership with VMware that will make it easier for enterprises to run their VMware workloads on Google Cloud. Specifically, Google Cloud will now support VMware Cloud Foundation, the company’s system for deploying and running hybrid clouds. The solution was deve…
Blockchain (the company) launches an exchange (The Pit)(TechCrunch) The company called Blockchain is mostly known for its cryptocurrency wallet. Today, the company is also launching an exchange so that you can buy and sell cryptocurrencies without going through a third-party exchange. The company’s exchange is called The Pit and is focused on mainstream adoption an…
Justice Department Fills Fraud Section Post Long in Limbo (Wall Street Journal) Robert Zink was one of two prosecutors to occupy the position on an interim basis after the section’s former chief, Andrew Weissmann, joined special counsel Robert Mueller’s team in 2017 to investigate Russian interference in the 2016 presidential election.
UK High Court rejects human rights challenge to bulk snooping powers(TechCrunch) Civil liberties campaign group Liberty has lost its latest challenge to controversial U.K. surveillance powers that allow state agencies to intercept and retain data in bulk. The challenge fixed on the presence of so-called “bulk” powers in the 2016 Investigatory Powers Act (IPA): A con…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber:Secured Forum 2019(Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...
Community College Cyber Summit (3CS)(Bossier City, Louisiana, USA, July 30 - August 1, 2019) The 2019 Community College Cyber Summit (3CS) at Bossier Parish Community College in Louisiana marks the sixth annual edition of 3CS. 3CS is the only national academic conference focused on cybersecurity...
New York City Cybersecurity Conference(New York, New York, USA, August 1, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
IT & Cyber Day at Aberdeen Proving Ground(Aberdeen, Maryland, USA, August 1, 2019) Aberdeen Proving Grounds (APG) provides technology life cycle management for the US Army and the various commands involved in the fielding and closeout of their technologies. The Cyber and IT Day expo...
Sacramento Cybersecurity Conference(Sacramento, California, USA, August 8, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.