Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
June 13, 2019.
By the CyberWire staff
Telegram has "stabilized" its service after sustaining a very large distributed denial-of-service attack, Reuters reports. The DDoS attack traffic originated largely from Chinese IP addresses, and circumstantial evidence points to Chinese government attempts to disrupt the use of the secure messaging service by protestors in Hong Kong. According to Bloomberg, controversial legislation that would facilitate extraditions to China proper from the semi-autonomous city has prompted very widespread street protests in Hong Kong.
Recorded Future describes an influence campaign they're calling "Fishwrap." Fishwrap repackages genuine but old news as fresh ("breaking"). It's therefore not really fake, but rather misleading. The stories themselves don't appear to be altered, and even retain their original dates, but a flurry of tweets distributing a story from, say, 2016 gives the old news current impact. And Fishwrap generally doesn't violate platforms' terms of service, either. So far there's no attribution, but the effort seems to represent the systematic adoption of a relatively obvious but hitherto unusual tactic.
A ransomware infestation at one of its Belgian facilities has disrupted production at aircraft-parts manufacturer ASCO, ZDNet reports. About a thousand workers have been furloughed; plants in Belgium, Germany, Canada, and the US are temporarily closed.
Representative Tom Graves (Republican of Georgia) is reintroducing a hack-back bill to the US Congress, with bipartisan support. Cyberscoop notes that intelligence and law enforcement agencies remain cool to the idea.
Why do enterprises fail to patch known, high-consequence vulnerabilities, like BlueKeep? Avast calls it "update inertia." It's all in your heads, IT.
Today's issue includes events affecting Belgium, Canada, China, European Union, France, Germany, India, Russia, South Africa, Spain, United Arab Emirates, United Kingdom, United States.
Bring your own context.
Social engineering afflicts law firms, too. Sometimes an odd request in the middle of a long exchange arouses suspicion. Especially when money is to be transferred or a check cut in a settlement. Things just didn't look right to one lawyer.
"And so what she did, which is part of our training, is she picked up the phone, and she called the attorney on the other side, rather than respond in the email, and asked him, why are you having us send the settlement in this direction? What's the purpose of that? To which he responded, I have no idea what you're talking about."
—Avi Solomon, director of information technology for Rumberger, Kirk and Caldwell, a litigation defense firm based in Florida, on the CyberWire's Hacking Humans, 6.12.19.
Why did the attorney on the other side have no idea? The request didn't come from them: it was phishing. Sometimes there's no substitute for a phone call. Or a face-to-face meeting.
Get the In-Depth Guide to Operationalizing Threat Intelligence.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
Cyber Security Summits: Seattle on June 25th and in DC on July 16(Seattle, Washington, United States, June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The DOJ, U.S. Secret Service, Verizon, Center for Internet Security, Google and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
RSA Conference 2019 Asia Pacific & Japan(Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.
Telegram Traces Massive Cyber Attack to China During Hong Kong Protests(Yahoo) The encrypted messaging app said it experienced a powerful distributed denial of service attack after “garbage requests” flooded its servers and disrupted legitimate communications. Most of those queries came from Chinese internet protocol addresses, founder Pavel Durov said in a subsequent Twitter
Telegram faces DDoS attack in China… again(TechCrunch) The popular encrypted messaging service Telegram is once again being hit with a distributed denial of service (DDoS) attack in Asia as protestors in Hong Kong take to the streets. For the last several days, Hong Kong has been overrun with demonstrators protesting a new law that would put the munici…
OK Computer: Did Radiohead Get Hacked?(BankInfo Security) Hacking and extortion attempts against organizations have unfortunately become all too commonplace these days. On Tuesday, an unlikely victim went public: the revered British band Radiohead. But was the band really a hacking and extortion victim?
Google opens its Android security-key tech to iPhone and iPad users(TechCrunch) Google will now allow iPhone and iPad owners to use their Android security key to verify sign-ins, the company said Wednesday. Last month, the search and mobile giant said it developed a new Bluetooth-based protocol that will allow modern Android 7.0 devices and later to act as a security key for t…
Modular Malware is the next big cyber threat in 2019: Study(CRN - India) Barracuda researchers have seen a spike in the use of modular malware since the beginning of 2019. A recent analysis of email attacks targeting Barracuda customers identified more than 150,000 unique malicious files in the first five months of the year. Here’s a closer look at modular malware and ways to help detect and block …
The Symbiosis Between Public Cloud and MSSPs(SecurityWeek) As businesses move to the cloud and embrace MSSP, this will make it possible to deliver advanced capabilities that help fill entry level security requirements which account for the majority of security vacancies around the world.
Privacy policies are still too horrible to read in full(TechCrunch) A year on from Europe’s flagship update to the pan-EU data protection framework the Commission has warned that too many privacy policies are still too hard to read and has urged tech companies to declutter and clarify their T&Cs. (So full marks to Twitter for the timing of this announceme…
The Multibillion-Dollar Problem Of Weak Cybersecurity in Real Estate(Forbes) As the real estate industry continues to embrace PropTech, it also needs to grow in its awareness of the ever more sophisticated cybersecurity threats it can fall victim to! In this article, I looked at some of the main threats out there, and how they can be thwarted.
U.S. Cybersecurity Trade Mission to Southeast Asia(UCI Cybersecurity Policy & Research Institute) The rapid development of digital technologies in Southeast Asia is making the region a prime target for cybercriminals. The risk is heightened as ASEAN member countries become more integrated via trade, capital flow and connectivity, providing an opportunity for U.S.-based cybersecurity companies to export their knowledge and expertise to key countries in Southeast Asia.
Secure Code Warrior Establishes Technical Advisory Board(Yahoo) Experienced software security executives provide advice and guidance on technology and product strategy. Global secure coding company, Secure Code Warrior, today announced the establishment of a Technical Advisory Board (TAB) to provide guidance, insights and mentoring to the company regarding the
Akamai Introduces the Edge Cloud Solution(Light Reading) IoT Edge Connect, the newest product in the Edge Cloud solution line, enables real-time messaging and reliability to millions of IoT and application endpoints.
Ixia network packet broker, cybersecurity test introduced(SearchNetworking) The Ixia network packet broker, Vision X, intends to provide visibility to users' data centers, while Ixia BreakingPoint QuickTest is designed to quickly and easily evaluate performance and security of devices and networks, according to Ixia.
Verisk Launches New Underwriting Solution for Cyber Insurance(Yahoo) Verisk (VRSK), a leading data analytics provider, announced today the launch of its Cyber Underwriting Report, a new InsurTech solution that can help insurers underwrite a wide variety of risks in the growing cyber market with increased speed and precision. The report is designed to help insurers underwrite
£2m to boost cyber power behind wind energy production(EurekAlert!) The University of Nottingham is leading a £2m High Performance Computing (HPC) project to optimise the sustainable exploitation of wind power in both the European and Brazilian energy markets. Full story below....
Russia Bans 9 VPNs, But Not Kaspersky(Tech.co) Russian will ban all leading VPN providers except for one: Kaspersky Secure Connection. Here's how it happened and why Kaspersky stayed in their good books.
Battle of cyberspace(Tribuneindia News Service) THE G20 Summit, to be held in Japan on June 28-29, brings together leaders from developed and rising economies. The summit will be an important occasion for PM Modi to meet Presidents Trump, Xi Jinping and Putin after his decisive electoral victory.
Why Huawei and 5G Pose a Cyber Threat to the U.S.(Yahoo) Mark Testoni, SAP National Security Services chief executive officer, and Deborah Golden, Deloitte U.S. cyber practice leader, discuss the cyber threat risks posed by the deployment of 5G technology with Bloomberg's Emily Chang on "Bloomberg Technology."
Why the Huawei ban is bad for security(CSO Online) Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.
Active Cyber Defense Certainty Act(Washington Post) To amend title 18, United States Code, to provide a defense to prosecution for fraud and related activity in connection with computers for persons defending against unauthorized intrusions into their computers, and for other purposes.
Facebook collected device data on 187,000 users using banned snooping app(TechCrunch) Facebook obtained personal and sensitive device data on about 187,000 users of its now-defunct Research app, which Apple banned earlier this year after the app violated its rules. The social media giant said in a letter to Sen. Richard Blumenthal’s office — which TechCrunch obtained — that it…
4,000 banned devices found on government networks(Fifth Domain) The Trump Administration and Commerce Department are weighing another ban on a Chinese technology company, Hikivision. However, a data security firm claims devices from previous bans still exist in the public sector.
Huawei Presses Verizon to Pay for Patents(Wall Street Journal) Huawei Technologies has told Verizon Communications that the carrier should pay licensing fees for more than 200 of its patents, further escalating tensions between the Chinese company and the U.S.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
NetDiligence® Cyber Risk Summit(Philadelphia, Pennsylvania, USA, June 12 - 14, 2019) The NetDiligence® Cyber Risk Summit in Philadelphia is attended by more than 600 cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event,...
SecureWorld Chicago(Chicago, Illinois, USA, June 13, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Baltimore Cybersecurity Conference(Baltimore, Maryland, USA, June 13, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Innovation Summit 2019(New York, New York, USA, June 13, 2019) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.