Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
June 10, 2019.
Help the CyberWire by taking a short survey (with a chance for prizes).
Help us improve the quality, relevance and value of the CyberWire by taking a short survey (five minutes or less to complete). It's of course completely voluntary, anonymous and confidential. Click here to take our survey and look for your chance to win some official CyberWire swag when you're done.
By the CyberWire staff
Trend Micro reports a resurgence in Iran's MuddyWater espionage campaign.
Reuters notes that Russian-operated YouTube channels are freely spreading tabloidesque disinformation that successfully evades YouTube's content moderation.
Some backing and filling over Huawei blacklisting occurred late last week and over the weekend: France 24 reports that the GSM Association industry group estimates the cost of that ban to EU mobile carriers as reaching, perhaps, as much as €52 billion, with accompanying delays of 18 months in fielding 5G service. In the US, the Washington Post says tech companies, especially semiconductor manufacturers, have expressed concern over the ban's hit on exports.
And according to the Wall Street Journal, the acting director of the US Office of Management and Budget has urged that US companies be given more time to adjust to the effect such blacklisting might have on their business.
China's government is warning tech companies (specifically Microsoft, Dell, and Huawei) of the consequences of cooperating with Washington as opposed to Beijing in the Huawei Affair, the New York Times reports. Not all get the memo: WIRED points out that Facebook won't be offering its products preinstalled in new Huawei phones.
Raytheon has agreed to be acquired by United Technologies, the Washington Business Journal reports. The merged company will be the world's second-largest defense and aerospace integrator, behind only Boeing. Raytheon will bring significant cybersecurity capabilities to its new corporate parent, assuming they're retained once the acquisition settles.
A HackRead op-ed sends a hemi-demi-semi-mash note to government content moderation and censorship.
Today's issue includes events affecting Angola, Canada, China, Estonia, European Union, France, Gibraltar, India, Iran, Kenya, Republic of Korea, NATO/OTAN, Netherlands, Pakistan, Russia, Switzerland, Taiwan, United Kingdom, United States, and Vietnam.
Bring your own context.
If it's a new threat, it must be after new vulnerabilities, right? Not necessarily.
"There's not a whole lot about this that is extremely zero-day groundbreaking or anything like that. You know, if you stay with the standard practices, you can avoid a lot of stuff like this. And this is a brand-new piece of malware. It's not something that's been around for ten years or anything like that. It's still looking for those weaknesses out there that a lot of servers are still operating with."
—Tom Hegel, security researcher with AT&T Alien Labs, talking about a new malware strain, Xwo, on the CyberWire's Research Saturday, 6.8.19.
You don't always need a novel defense to parry a novel attack.
Get the In-Depth Guide to Operationalizing Threat Intelligence.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
Cyber Security Summits: Seattle on June 25th and in DC on July 16(Seattle, Washington, United States, June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The DOJ, U.S. Secret Service, Verizon, Center for Internet Security, Google and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
RSA Conference 2019 Asia Pacific & Japan(Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.
Cyber Attacks, Threats, and Vulnerabilities
MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools(TrendLabs Security Intelligence Blog) We found new campaigns that appear to wear the badge of MuddyWater. Analysis of these campaigns revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes. We also unearthed and detailed our other findings on MuddyWater, such as its connection to four Android malware families and its use of false flag techniques, among others, in our report “New MuddyWater Findings Uncovered: Threat Actors Used Multi-Stage Backdoor, False Flags, Android Malware, and More.”
Is Vietnam Becoming the Next Big Cybercriminal Hub?(IntSights) As a result of the Vietnamese government’s crackdown on internet usage, many are being drawn to the dark web to access the content and information they seek, leading to an increase in cybercriminal activity.
New Windows 10 Zero-Day Bug Emerges From Bypassing Patched Flaw(BleepingComputer) Demo exploit code and details are now available about a new zero-day vulnerability in Windows 10 that allows elevating the privileges of a normal user to those of an administrator. An attacker can use it to install programs, view, change or delete data.
Some county computers remain down(Citizens' Voice) Computer systems in several Luzerne County offices remained offline Friday two weeks after a cyber attack struck the county’s network. Luzerne County Manager Dave Pedri said computers in the assessor’s office and the mapping office remained
The New Revolution in Military Affairs(Foreign Affairs) For the U.S. military to succeed on the battlefields of the future, it will need a force built around large numbers of small, inexpensive, expendable, and highly autonomous systems.
Vectra lands $100M Series E investment for AI-driven network security(TechCrunch) Vectra, a seven-year old company that helps customers detect intrusions at the network level, whether in the cloud or on premises, announced a $100 million Series E funding round today led by TCV. Existing investors including Khosla Ventures and Accel also participated in the round, which brings th…
Small Businesses Value MSPs Most for Threat Prevention Support(Channel Futures) Geoff Bibby at Zix says SMBs fear they aren’t well-protected against cyberthreats, so MSPs need to step up their game. Cyberattacks are the fastest-growing crime in the U.S. and the greatest threat to businesses around the world, according to a recent AppRiver survey.
Lane Bess, Security Industry Veteran, Joins Panorays as Advisor and Investor(Yahoo) Panorays, a rapidly growing provider of automated third-party security management, has announced that Lane Bess, former COO of ZScaler and former CEO of Palo Alto Networks, has joined as a Panorays advisor and investor to help with the company’s go-to-market strategy and expansion. Bess is a well-known
Industrial cybersecurity strategies need a radical rethink(Control Engineering Europe) While Industry 4.0 and the Industrial Internet of Things (IIoT) is enhancing the digital and connectivity capabilities of Industrial Control Systems (ICS) it has also opened the floodgates to serious cybersecurity risks, threatening to cause billions of dollars in damage to industrial operations worldwide.
4 ways to check if a link is safe before you click it(The Kim Komando Show) Criminals can make it difficult to navigate the internet at times. Clicking on a malicious link sent to you in a phishing email or on a dubious website can lead to all kinds of problems. Malware, ransomware and other viruses to name a few. Thankfu…
Security Basics for the Novice Online Traders(HackRead) The popularity of online trading is growing and there is a need to always use the best security measures in order to protect your online wallets and investment portfolios.
10 Questions to Ask a Bot-Mitigation Vendor(Shape Security Blog) You figured out that you have a bot problem. Maybe you have a high account takeover (ATO) rate, or someone’s cracking all your gift cards, or scraping your site. You tried to handle it yourself wit…
How A.I. Could Be Weaponized to Spread Disinformation(New York Times) The world’s top artificial intelligence labs are honing technology that can mimic how humans write, which could one day help disinformation campaigns go undetected by generating huge amounts of subtly different messages.
Top defence executive praises Gibraltar cyber students(Gibraltar Chronicle) The chief executive of one of the world’s largest defence and security companies this praised Gibraltarian students who participated in the UK-wide CyberCenturion challenge. Teams of youngsters from Gibraltar have participated and excelled for several years running in the highly-competitive event, which in its latest edition attracted 575 teams in the initial round. Of those,
Surveillance State(The Nation) The government’s new plans to monitor online traffic – both content and communications – has already rung alarm bells for rights groups and
Estonia, US, NATO provide for common defense in cyberspace(WTOP) Military, intelligence and diplomatic leaders from 47 countries and five continents gathered in Tallinn, Estonia, for the 11th International Conference on Cyber Conflict. The main take-away was simple — cyberspace is an unwieldy, relatively uncharted domain. WTOP National Security Correspondent J.J. Green talked with some of the participants.
Nine Major VPNs Could Get Blocked by Russia in 30 Days(BleepingComputer) Nine VPN providers could get banned in Russia within 30 days if they fail to enforce the country's list of banned websites by connecting their systems to the Russian State Information System (FGIS) to automatically block their users' access to blacklisted websites.
Putin Stands by China, Criticizes US, in Trade, Huawei Disputes(IJR) Aggressive U.S. tactics such as a campaign against Chinese telecoms firm Huawei will lead to trade wars - and possibly real wars - Russian President Vladimir Putin said on Friday, in a show of solidarity with China alongside its leader Xi Jinping.
Harris repeats concerns over 5G network security amid anti-Huawei campaign(Korea Herald) US Ambassador to South Korea Harry Harris on Friday renewed concerns over the security of the fifth-generation (5G) wireless network amid Washington's apparent campaign against Chinese telecom titan Huawei.The United States has recently been prodding its allies and other partner countries to stop using Huawei products on security grounds amid growing trade tensions between Washington and Beijing. "We are natural...
Acting U.S. Budget Chief Seeks Reprieve on Huawei Ban(Wall Street Journal) The White House’s Russell Vought is pushing for a delay in implementing key provisions of a law that restricts U.S. government’s business with Huawei Technologies, citing the burdens on U.S. companies that use Huawei technology.
Quest, LabCorp, AMCA Sued For Breach Impacting Over 19 Million(BleepingComputer) Multiple class action lawsuits have been filed against Quest Diagnostics Incorporated and Laboratory Corporation of America Holdings (LabCorp) since they disclosed that personal information of over 19 million of their customers was exposed in a data breach.
Protect yourself from holiday and ticket fraud(Europol) Sounds too good an offer to be true? That is because it probably is. You’ve just fallen victim to holiday fraud. From fraudulent flights to non-existing accommodation, holiday fraud is a big business for scammers and is most frequent during peak holiday times, such as summer and December. Holiday makers need to be aware of this. Here are some guidelines if you want to avoid being a victim of holiday fraud.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
NetDiligence® Cyber Risk Summit(Philadelphia, Pennsylvania, USA, June 12 - 14, 2019) The NetDiligence® Cyber Risk Summit in Philadelphia is attended by more than 600 cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event,...
SecureWorld Chicago(Chicago, Illinois, USA, June 13, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Baltimore Cybersecurity Conference(Baltimore, Maryland, USA, June 13, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Innovation Summit 2019(New York, New York, USA, June 13, 2019) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.