Beginner’s Guide: Open Source Network Security Tools
With so many open source tools out there, it's hard to know where to start. Get your copy of “Beginner’s Guide: Open Source Network Security Tools” today to learn how you can use open source tools for: network discovery, network IDS, vulnerability scanning & penetration testing.
July 31, 2019.
By the CyberWire staff
Capital One's reputation and stock price have taken a hit from the data breach the financial services company disclosed this week, the Wall Street Journal reports. Another Journal headline calls the incident an example of the "insider threat," but it seems instead to be a familiar case of misconfiguration allowing unauthorized access to data in the cloud. The accused hacker, Paige Thompson, seems to have had the technical wherewithal to pull the caper off, but in other respects seems to struggle with problems with living (again, as reported by the Wall Street Journal). And as WIRED notes she didn't cover her tracks particularly effectively. Forbes says that Thompson may be under investigation in connection with other incidents.
Capital One is now the subject of at least one class-action suit, Reuters reports. New York's attorney general has opened an investigation.
SecurityWeek has an account of Google's discovery of five iOS vulnerabilities.
CISA has distributed a warning about vulnerabilities in small aircraft CAN buses. "An attacker with physical access to the aircraft could attach a device to an avionics CAN bus that could be used to inject false data, resulting in incorrect readings in avionic equipment." It would be possible to deliver false instrument readings to the pilot, and that could cause the pilot to lose control of the aircraft. The immediate recommendation for mitigation is to restrict physical access to aircraft. The warning is based on research by Rapid7; their report includes a lucid overview of what the CAN bus is.
Today's issue includes events affecting Australia, Bulgaria, China, Estonia, European Union, France, Germany, India, Israel, Italy, Japan, Republic of Korea, NATO/OTAN, Netherlands, Russia, Singapore, United Kingdom, United States.
Bring your own context.
An observation on the range wars between free-wheeling innovation and efforts to control fraudulent apps.
"A lot of apps that we've come across don't have a known website... It could be, you know, "Marcelle at Marcelle dot com" has created some app. So basically, they just join the Google Developer network, and most of the exchange between the developer and the Google Play Store is done via API access. But the barrier to entry is pretty low. And Google, of course, does monitor for bad activity, but like everything else in this field, it's whack-a-mole. It's almost impossible to keep up with everything that's being placed in the Play Store."
—Marcelle Lee, principal threat intel researcher at White Ops, on the CyberWire's Research Saturday for 7.27.19.
Some walled gardens are walled with chain link. And sure, there's a gate, but the latch isn't that hard to operate. Still, Google Play is a better bet than some dodgy third-party store..."Mad John's House of Apps and Smoke-damaged Furniture"....
What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
XM Cyber is coming to Black Hat(Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.
Codenomicon August 6 Skyfall Lounge Las Vegas(Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!
Courageous Women CISO Brunch with Synack and CyberWire at Black Hat(Las Vegas, Nevada, United States, August 7, 2019) Connect and Collaborate with Fellow CISO Security Leaders at Black Hat. As always, you can expect an intimate environment with delicious food, refreshing drinks, and great company. Join us Wednesday, August 7, 10:00 AM at Delano Las Vegas, Suite TBD.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Capital One Hacking Suspect Showed Strange Online Behavior(Wall Street Journal) The 33-year-old woman accused of executing one of the largest-ever data thefts at a bank showed strange behavior online in recent months, at times bragging about her exploits and discussing deep struggles in her personal life.
U.S. Issues Hacking Security Alert for Small Planes(SecurityWeek) The Department of Homeland Security issued a security alert for small planes, warning that modern flight systems are vulnerable to hacking if someone manages to gain physical access to the aircraft.
CAN Bus Network Implementation in Avionics(CISA) 1 EXECUTIVE SUMMARY
CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft. CISA is issuing this alert to provide early notice of the report.
Finance sector: A one-stop shop for attackers(Fintech Finance) Thieves have been stealing money from banks since the 18th century. And while today’s thieves use cyber attacks to steal money from financial institutions, a new report from cyber security provider…
Prima Systems FlexAir(CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Prima Systems
Vulnerabilities: OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, Use of Hard-coded Credentials
The State of Digital Lifestyles 2019(Limelight) Consumers in France, Germany, India, Italy, Japan, Singapore, South Korea, the United Kingdom, and the United States age 18 and older who had downloaded software or streamed online video
or music during the last month were asked questions about how digital technology has impacted their lives, how they
interact with digital media, and the adoption rate of digital assistants and internet-connected devices. Key findings of
this report include:
Ponemon Study: 53% of IT Leaders Don’t Know if Cybersecurity is Working(AttackIQ) Read this new report sponsored by AttackIQ, Inc. which is based on Ponemon Institute research evaluating the efficacy of enterprise security strategies. Ponemon surveyed 577 IT and IT security practitioners in the United States who are knowledgeable about their organization's IT security strategy, tactics and technology investments.
Boxcryptor Customer Survey 2019 - Results(Boxcryptor) We learned: Recommendation plays an increasing role when it comes to encryption and Dropbox still is the most popular cloud drive. Read the full evaluation now.
N.J. cyber firm dials up online security study(ROI-NJ) How many phishing attacks were attempted in 2018? Try 482.5 million. Over twice as many attempts as the prior year. Roseland-based computer security company, Sectigo — formerly Comodo CA — sponsored a study conducted by the Georgia Institute of Technology Cyber Forensics Innovation Laboratory to determine correlation between online crime and sites with extended validation. …
More Tech Improvements Ahead, Equifax Says(Wall Street Journal) The credit-reporting firm says it has made substantial improvements in technology under new leadership since revealing its data breach in 2017, and it plans to continue upgrading its cybersecurity defenses.
How the Army is strengthening cyber cities(Fifth Domain) An upcoming exercise will test how cities in South Carolina and Georgia respond to cyber incidents, as well as how those local incidents can affect overseas military deployments.
Identity Threat and Assessment Prediction (ITAP) (University of Texas at Austin Center for Identity) Identity Threat Assessment and Prediction (ITAP) is a risk assessment tool that increases fundamental understanding of identity theft processes and patterns of criminal behavior. ITAP aggregates data on identity theft to analyze and describe identity vulnerabilities, the value of identity attributes, and their risk of exposure.
The next cybersecurity concern for NATO? Space(Fifth Domain) A new report warns that the cybersecurity vulnerabilities related to military space systems, specifically terminals and command-and-control systems, deserves renewed attention from NATO countries.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber:Secured Forum 2019(Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...
Community College Cyber Summit (3CS)(Bossier City, Louisiana, USA, July 30 - August 1, 2019) The 2019 Community College Cyber Summit (3CS) at Bossier Parish Community College in Louisiana marks the sixth annual edition of 3CS. 3CS is the only national academic conference focused on cybersecurity...
New York City Cybersecurity Conference(New York, New York, USA, August 1, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
IT & Cyber Day at Aberdeen Proving Ground(Aberdeen, Maryland, USA, August 1, 2019) Aberdeen Proving Grounds (APG) provides technology life cycle management for the US Army and the various commands involved in the fielding and closeout of their technologies. The Cyber and IT Day expo...
Sacramento Cybersecurity Conference(Sacramento, California, USA, August 8, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.