Zero trust in one click. Impossibly simple microsegmentation
If we can land rockets on a barge, if we can search 30 trillion web pages in mere seconds, if cars can drive door to door autonomously, why does microsegmentation still take months to implement and cause so many headaches? Edgewise has radically simplified microsegmentation to one click, using machine learning and zero trust security:
Eliminate network attack surface in your hybrid cloud
The New York Times says, in a largely anonymously sourced piece, that the US has staged implants in the Russian electrical grid to enable the US to impose costs on widely expected Russian misbehavior during the 2020 elections. This would be battlespace preparation as opposed to an attack (the article is clearer on this point than is its headline). The reported operation would appear to be a deterrent move intended to dissuade Russia from cyberattacks and influence operations against the US.
Precedent for active cyber operations may be seen in US response to Russian election influence operations in 2018. (See Lawfare's useful summary of presumed Cyber Command action against the troll-farming Internet Research Agency, which President Trump more-or-less confirmed in a Fox interview.) Others see similarities to the allegedly planned but apparently never executed NitroZeus operation designed for use against Iran.
South America has largely recovered from widespread weekend power failures. Argentina and Uruguay were most heavily affected, with outages also felt in Brazil, Chile, and Paraguay. Reuters notes that investigation is still in its earliest stages, but remarks by Argentina's energy secretary suggest that what's unprecedented here is the extent of the failure, not its causes. So speculation about a cyberattack is premature.
A European Commission report Friday accused Russia's government of an extensive social media effort to influence EU election results.
Target has recovered from its weekend point-of-sale disruption. The retailer says the incident was an accident, not a cyberattack.
Bravo Bitdefender. They've released a GandCrab ransomware decryptor.
Today's issue includes events affecting Argentina, Brazil, Bulgaria, Canada, Chile, China, Denmark, European Union, Iran, NATO/OTAN, Norway, Paraguay, Romania, Russia, United States, and Uruguay.
Bring your own context.
People with things to defend often research offense.
"I hesitate to say that people are waking up because if you look at the major companies, they all have a big offensive team. Microsoft, Google, Amazon, Apple - you name it, they have a giant team of offensive researchers. And they compete very carefully for talent in that space."
—Dave Aitel, chief security technology officer for Cyxtera and one of the organizers of the INFILTRATE Conference, on the CyberWire Daily Podcast, 6.13.19.
Want to figure out how to protect a henhouse? Consult a fox.
What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
Cyber Security Summits: Seattle on June 25th and in DC on July 16(Seattle, Washington, United States, June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The DOJ, U.S. Secret Service, Verizon, Center for Internet Security, Google and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
RSA Conference 2019 Asia Pacific & Japan(Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Report on the implementation of the Action Plan Against Disinformation(European Commission) Protecting our democratic processes and institutions from disinformation is a major challenge for our societies. In order to tackle this challenge, the EU has put in place a robust framework for coordinated action which is fully in line with our European values and fundamental rights.
Microsoft Operating Systems BlueKeep Vulnerability(US-CERT) The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:
Hardware Security Keys Keep Getting Recalled; Are They Safe?(How-To Geek) We recommend hardware security keys like Yubico’s YubiKeys and Google’s Titan Security Key. But both manufacturers have recently recalled keys due to hardware flaws, and that sounds a little worrying. What’s the problem? Are these keys still safe?
Millions of Venmo transactions scraped in warning over privacy settings(TechCrunch) A computer science student has scraped seven million Venmo transactions to prove that users’ public activity can still be easily obtained, a year after a privacy researcher downloaded hundreds of millions of Venmo transactions in a similar feat. Dan Salmon said he scraped the transactions dur…
Phishing Scam Asks You to Login to Read Encrypted Message(BleepingComputer) A new phishing campaign is underway that pretends to be an alert from your email server that it has received an encrypted message for you. It then prompts you to login to a fake OneDrive site in order to read the message.
Endpoints and Endpoint Security: A Brief History(Webroot) To many people, the term “endpoint” just means a computer or server connected to some kind of network. But the real definition is much more broad—an endpoint can actually be a desktop, laptop, server, workstation, tablet, or even a smartphone. While computational devices have, in fact, existed for thousands of years, modern endpoints and their security have a very recent history.
Report: Huawei expects international smartphone shipments to plummet(TechCrunch) A month after being placed on a trade blacklist by the Trump administration, Huawei is reportedly steadying itself for international shipments of its smartphones to decline by 40% to 60%. According to a report in Bloomberg, Huawei may end up pulling shipments of the Honor 20, its flagship phone for…
How contractors can guard against cyber intrusions(Fifth Domain) Contractors, facing an increasing barrage of cyber intrusions by foreign entities, should protect themselves using traditional regulatory approaches but also new techniques such as blockchain and artificial intelligence, according to a new report from Deloitte.
Good riddance, GandCrab! We’re still fixing the mess you left behind.(Bitdefender Labs) On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pain to... #decryption #GandCrab #lawenforcement
This neural network detects whether faces have been Photoshopped(TechCrunch) Using Photoshop and other image manipulation software to tweak faces in photos has become common practice, but it's not always made clear when it's been done. Berkeley and Adobe researchers have made a tool that not only can tell when a face has been Photoshopped, but can suggest how to undo it.
US Cyber Challenge Eastern Regional Cyber Camp(Virginia Tech) Weeklong camp for students comprised of cyber security workshops, labs, and a competition held on the last day. The camp will focus on topics such as intrusion detection, penetration testing, and forensics. Workshops will be taught by instructors from the SANS Institute, the largest source for information security training and certification in the world. The overall objective is to attract as many talented and skilled people as possible to this field of study and career path.
Cyber and space threats reshaping defence strategy(ABC Radio) The US army has realised that more than a decade running counter-terror operations in Iraq and Afghanistan has left it lacking in taking on nation states in war. PM speaks to General John "Mike" Murray, the commanding general with the US Army Futures Command.
Hurdles To Certifying A Cyber-Attack Class Action(Mondaq) A recent decision from the Ontario Superior Court of Justice highlights some of the difficulties plaintiffs might face when seeking to certify a class action relating to the disclosure of personal information from a cyber-attack. Canada Litigation, Mediation & Arbitration Goodmans LLP 16 Jun 2019
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Hack in Paris 2019(Paris, France, June 16 - 20, 2019) Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place...
Gartner Security & Risk Management Summit 2019(National Harbor, Maryland, USA, June 17 - 20, 2019) Make sure you have the latest insights on fast-moving IT trends such as IoT and AI, evolving security technologies and the ever-changing threat landscape. At Gartner Security & Risk Management Summit 2019,...
Banking Cyber Security Forum London(London, England, United Kingdom, June 18, 2019) The Banking Cyber Security Forum is an exclusive, top flight event exclusively for senior banking executives, set to address each of these challenges and opportunities and encourages peer-to-peer conversation...
Norwich University CGCS 2019 Cyber Security Summit(Northfielf, Vermont, USA, June 18 - 19, 2019) Mid- and executive-level managers seeking to broaden their organizations’ approaches to prudent cyber security practices will gain insight through a series of workshops and discussions on relevant issues...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.