Gain helpful tips from industry experts. Get all 5 chapters of the insider's Guide to Incident Response in 1 eBook! Download your free copy today!
March 4, 2019.
RSA Conference 2019
RSA opens this afternoon, with its welcome reception. Before that, however, comes the annual Innovation Sandbox, in which ten security startups compete in one of the industry's most credible and interesting recognition programs.
The ten companies in this year's Sandbox include:
Arkose Labs uses global telemetry and enforcement technology to prevent online fraud.
Axonius is a cybersecurity asset management platform that provides a unified view of all devices within an organization's environment, including cloud, IoT, and BYOD assets.
Capsule8 provides a real-time, zero-day exploit detection platform for Linux production environments.
CloudKnox Security uses activity-based authorization to provide identity and privilege management for hybrid cloud environments.
DisruptOps provides a cloud-native SaaS-based cloud management platform which automatically detects and fixes security, operational, and economic issues in cloud environments.
Duality Technologies' SecurePlus™ platform uses high-performance homomorphic encryption to allow advanced computations and analytics on encrypted data.
Eclypsium provides hardware and firmware protection that identifies and defends against device-level vulnerabilities.
Salt Security provides real-time, behavior-based protection against logic-based API attacks.
ShiftLeft's Ocular examines software artifacts to identify technical and business logic vulnerabilities, as well as detecting data leaks from source code.
WireWheel is a cloud-based data privacy and protection platform to help organizations comply with privacy regulations like GDPR and CCPA.
In addition to the Innovation Sandbox, RSAC is offering a new program this year, the Launch Pad. Three young companies have been selected to pitch themselves to a panel of three venture capitalists with extensive backgrounds in security sector investment: Enrique Salem, Ted Schlein, and Theresia Gouw. The inaugural Launch Pad companies (we list them here alphabetically) include NuID (which offers a "trustles identification solution based on blockchain technology and zero knowledge cryptography, a contribution to post-password authentication technology), Spherical Defense (which specializes in automated, unsupervised anomaly detection informed by machine learning, offering an alternative to web application firewalls and legacy API security tools), and Styra (next-generation authorization that promises security and compliance in the cloud stack that can simplify and enable faster development). The Launch Pad pitches will be held tomorrow morning.
By the CyberWire staff
McAfee disclosed yesterday that Operation Sharpshooter, a cyber-reconnaissance campaign discovered in December, exhibits "striking similarities" with multiple other attacks attributed to North Korea's Lazarus Group. A government entity gave the researchers code and data from a command-and-control server used to manage the campaign, which gave them a deeper insight into the group's behavior. The researchers had originally declined to link Operation Sharpshooter to the North Korean group based on code overlap, because the technical links were obvious enough to suggest a potential false flag. The new evidence also shows that the ongoing campaign is "more extensive in complexity, scope and duration of operations" than previously thought.
The Canadian government has approved the extradition hearing for Huawei's CFO, Meng Wanzhou, although the process could potentially take years. Reuters says China is "furious" about the decision. Ms. Meng is suing the Canadian government, police force, and border agency, on the grounds that she was searched and interrogated before being told she was under arrest, according to ZDNet.
The New York Times says Huawei will file a lawsuit against the US government later this week for banning its products from use by federal agencies.
Computer Weekly and the Guardian have seen court documents detailing Facebook’s global lobbying efforts against tighter data protection legislation. Among various other revelations, Facebook reportedly threatened to withdraw investments from Europe and Canada if legislators refused to meet the company’s demands. A Facebook spokesperson told the Guardian that the documents were "cherrypicked" to "tell one side of a story."
Today's issue includes events affecting Australia, Canada, China, the European Union, Germany, Ireland, Democratic People's Republic of Korea, Moldova, Russia, Thailand, United Kingdom, United States.
Friday's CyberWire misattributed Huawei's tu quoque to its CEO. It was in fact delivered by the company's Chairman.
What if you could augment your security team by adding zero staff?
Cylance’s industry-leading security experts analyze your cybersecurity requirements and design solutions that meet and often far exceed objectives. Cylance secures our clients quickly using years of hard-won expertise, and world class artificial intelligence. Let Cylance help you achieve a state of ThreatZero, bolster your organization’s security posture, and zero in on what really matters.
XM Cyber is coming to RSA(San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.
OSSEC Con2019(Herndon, Virginia, United States, March 20 - 21, 2019) OSSEC Con2019, “The Future of OSSEC: Security and Compliance for Cloud, On-Premise and Hybrid Environments” will take place March 20-21 in Herndon, VA. Join OSSEC users to share best practices and use cases with plenty of peer-to-peer networking.
Researchers obtain a command server used by North Korean hacker group(TechCrunch) In a rare move, government officials have handed security researchers a seized server believed to be used by North Korean hackers to launch dozens of targeted attacks last year. Known as Operation Sharpshooter, the server was used to deliver a malware campaign targeting governments, telecoms, and d…
China's APT27 Hackers Use Array of Tools in Recent Attacks(SecurityWeek) Over the past two years, a well known China-linked cyber-espionage group has used an array of tools and intrusion methods in attacks on political, technology, manufacturing, and humanitarian organizations, Secureworks reports.
MAR-17-352-01 HatMan - Safety System Targeted Malware (Update B)(ICS-CERT US) This updated malware analysis report, MAR-17-352-01 HatMan - Safety System Targeted Malware (Update B), is a follow-up to the previously updated malware analysis report titled MAR-17-352-01 HatMan - Safety System Targeted Malware (Update A) that was published April 10, 2018, on the ICS-CERT website. This updated report includes an updated YARA signature to identify a custom,
Kissinger Warns of AI Dangers at MIT Conference(Government Technology) The former U.S. Secretary of State delivered a speech as part of Massachusetts Institute of Technology’s 3-day celebration of the opening of the school’s new $1 billion computing facility.
Security Patches, Mitigations, and Software Updates
State of Cybersecurity 2019(ISACA) For five years, ISACA has talked to cybersecurity leaders across the globe to discuss what they’re seeing and experiencing when it comes to hiring, budgets, threat landscape and more.
Identity and Access Management: Who Are We Online?(Government Technology) As cybersecurity risks continue to grow across government agencies, the little-known world of identify and access management still receives scant attention — but services can't move forward without it.
Beyond Data: Function Is the New Cyber Attack Surface(New York Law Journal) The profound changes deriving from IT/OT convergence require us to take a fresh look at legal and regulatory norms that have stood for decades since the Industrial Era. We are in a radical new environment where exponential benefits and risks are now reality.
Apologising is the ultimate social media sin(Times) Whenever someone is attacked on social media I am reminded of the Jurassic Park franchise. In these films, the villains Spielberg wishes to dispatch always suffer from the same terrible handicap...
WALLIX becomes the new European challenger on the North American market for cybersecurity(Actusnews Wire) WALLIX, the European PAM expert, opens their offices in Boston, Massachusetts, taking a new step in the implementation of their international development strategy announced in the “Ambition 21” Plan. The American team will present the "Bastion", WALLIX's flagship access security solution, from March 4th to 8th in San Francisco at the RSA Conference, which brings together international experts in cyber security.
Forcepoint introduces Converged Cybersecurity Solutions, Partner Ecosystem(CRN - India) Forcepoint has launched Forcepoint Converged Security Platform which accelerates enterprise and government agencies’ digital transformation journey by enabling secure migration of data, applications, and business operations to the cloud. Through the new converged security platform, Forcepoint is addressing CISOs business-critical need today for consolidated, cloud-based security solutions in a deployment agnostic delivery model. The first solution …
Four States Work Toward a Single Log-In Credential(Government Technology) As they grapple with security and data access, Utah, Michigan, Pennsylvania and Indiana explain how they are leveraging identity and access management to achieve their single sign-on goals for both staff and citizens.
Rubio, Warner Ask Intelligence Community for Public Report on Chinese Role In Setting 5G Standards(Press Releases - U.S. Senator for Florida, Marco Rubio) U.S. Senators Marco Rubio (R-FL), a member of the Senate Select Committee on Intelligence, and Mark R. Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence, urged Director of National Intelligence Dan Coats to issue a comprehensive and unclassified report on China’s participation in the international standard setting bodies (ISSBs) for fifth-generation wireless telecommunications technologies (5G).
Facebook asked George Osborne to influence EU data protection law(ComputerWeekly.com) Sheryl Sandberg, chief operations officer at Facebook, invited then chancellor of the exchequer George Osborne’s 11-year-old son to Facebook’s offices in 2013, as she sought to influence politicians and policy-makers over European plans to introduce tougher privacy and data protection laws.
Huawei to be arraigned in U.S. fraud case in New York on March 14(Reuters) Huawei Technologies Co Ltd and two affiliates will be arraigned on March 14 in U.S. District Court in Brooklyn, New York, on accusations the company committed bank and wire fraud and violated sanctions against Iran, according to a court filing on Friday.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
OSSEC Open Source Security Conference(Herndon, Virginia, USA, March 20 - 21, 2019) With tens of thousands of global users, OSSEC is the world’s most widely used open source host-based intrusion detection system. Join this exclusive event on March 20-21, 2019 at the Dulles Hilton in Herndon,...
PCI Security Standards 2019 Latin America Forum(São Paulo, Brazil, August 15, 2019) Don’t miss the data security event of the year for the payment card industry. We provide you with the information and tools to help secure payment data. We lead a global, cross industry effort to increase...
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
RSA 2019(San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...
U.S. Commercial Service at RSAC2019(San Francisco, California, USA, March 4 - 8, 2019) In partnership with RSA Conference 2019, we at the U.S. Department of Commerce are excited to offer U.S. exhibitors at RSAC 2019 services to assist in entering or increasing their presence in international...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.