Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
March 12, 2019.
By the CyberWire staff
ESET has found another supply chain campaign, apparently originating within China, attempting to backdoor Asian gaming companies. ESET thinks the group is the one Kaspersky described in its 2013 report on Winnti. At least one Trojanized game, "Infestation," remains in circulation.
Recorded Future reports on Internet control in Yemen.
If you're interested in concise expositions of the Chavista line on Venezuela's power crisis, Citizen Truth is retailing it like it's 1919, Tasnim like it's 1979. Sputnik adds its own pointing-with-concern to the reportage. The New York Times has a reflective and comprehensive account of the outages, and their reporter's personal Twitter feed is even clearer on how the blackouts appear to be the result of infrastructure collapse, with no need to reach for sabotage or cyberattack as explanations.
Avast and Emsisoft have each released decryptors for BigBobRoss ransomware. Bravo to both companies.
Yesterday was recognized as the thirtieth anniversary of the World Wide Web, and Sir Tim Berners-Lee (generally seen as the Web's inventor—his original sketch of it is here) calls for its users to help the Internet grow up. Quartz reports Sir Tim's counsel.
Senator Elizabeth Warren (Democrat of Massachusetts) took out an ad on Facebook calling for Facebook to be broken up. Facebook took the ad down (misuse of its logo), then put it back up in the interest of "robust debate." Politico summarizes the story. We hope the Senator's people sent Mr. Zuckerberg's people a nice fruit basket, because that kind of publicity you can't buy.
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
OSSEC Con2019(Herndon, Virginia, United States, March 20 - 21, 2019) OSSEC Con2019, “The Future of OSSEC: Security and Compliance for Cloud, On-Premise and Hybrid Environments” will take place March 20-21 in Herndon, VA. Join OSSEC users to share best practices and use cases with plenty of peer-to-peer networking.
Anatoly Kurmanaev on Twitter(Twitter) “I went to the heart of Venezuela’s transmission system in Guarico to try to find out what’s going on with the grid. Here’s why partial blackouts are unfortunately likely to persist for a while. I sincerely hope I’m wrong.”
Venezuela Enters its 5th Day Without Electricity (Accuracy in Media) CARACAS – As most of the country, including Caracas, enter the fifth day without electricity, looting and havoc continue to grow into unmanageable numbers. Opposition leaders has tallied 21 deaths (six babies) so far as a result of the blackout.
Doctor and opposition leader, Jose Manuel Olivares t
Brexit-Twitter(F-Secure Blog) Twitter’s efforts to rein in fake news and disinformation on the site have continued in 2019, but “suspicious activity” remains evident, according to a new research on Brexit Twitter activity on the site conducted by F-Secure. While unusual site activity was observed in favor of both leave and remain, it was far more prominent among …
Brexit-related Twitter mischief supported by global far right(F-Secure Press Room | Global) Facebook, Twitter, and other social media platforms play a big role in shaping popular opinion. But they’ve opened a pandora’s box of potential disinformation and manipulation of the public. After investigating 24 million tweets related to Brexit, cyber security provider F-Secure has identified efforts to amplify pro-leave Brexit views by far-right Twitter users based outside of the United Kingdom.
Analysis Of Brexit-Centric Twitter Activity(News from the Lab) This is a rather long blog post, so we’ve created a PDF for you to download, if you’d like to read it offline. You can download that from here. Executive Summary This report explores Br…
Triton is the world’s most murderous malware, and it’s spreading(MIT Technology Review) The rogue code can disable safety systems designed to prevent catastrophic industrial accidents. It was discovered in the Middle East, but the hackers behind it are now targeting companies in North America and other parts of the world, too.
Bulletin (SB19-070) Vulnerability Summary for the Week of March 4, 2019(CISA) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT).
More than Half of Android apps ask for dangerous permissions. Is yours among?(HackRead) It wasn’t very long ago that I revealed that most free VPN services are provided as a front for the big corporations running them to collect user that. Spurred by the findings of that study, I decided to dig deeper to see how much of a threat, especially when it comes to user data, Android VPN services in general are – The results were shocking.
Applicants data of 3 elite US colleges hacked for ransom(HackRead) Recently it was reported that Chinese hackers are aiming to target around 26 leading research academies to steal research about maritime technology, the majority of which happen to be based in the USA. In the same week, three mainstream private colleges have claimed that their systems were hacked and hackers managed to gain access to sensitive student data and asked for a ransom in exchange for the files.
Fake Bitcoin investment scam delivers malware(My Online Security) This is a weird one and I can’t determine what the final payload does via running the files in an online sandbox. I really don’t know if the bad actor has messed up or whether it is an anti-vm or…
The reality of container escapes(Help Net Security) In this Help Net Security podcast recorded at RSA Conference 2019, Brandon Edwards, Chief Scientist at Capsule8, talks about container escapes. Here’s a
STOP Ransomware Installing Password Stealing Trojans on Victims(BleepingComputer) In addition to encrypting a victim's files, the STOP ransomware family has also started to install the Azorult password-stealing Trojan on victim's computer to steal account credentials, cryptocurrency wallets, desktop files, and more.
Insert Skimmer + Camera Cover PIN Stealer(KrebsOnSecurity) Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs.
Creepy Database Lists 'BreedReady' Status for 1.8 Million Women(BleepingComputer) A database left unprotected online reveals a creepy set of details collected on more than 1.8 million women in China. Apart from the regular info one would expect, like name, age, and date of birth, the data set also includes a "BreedReady" status.
The original proposal of the WWW, HTMLized(w3 Archive) This document was an attempt to persuade CERN management that a global hypertext system was in CERN's interests. Note that the only name I had for it at this time was "Mesh" -- I decided on "World Wide Web" when writing the code in 1990.
Zuckerberg’s view of privacy is self-serving(Times) Mark Zuckerberg runs a company whose users comprise about a quarter of the people on Earth. Any big political campaign anywhere in the world will spend millions on a site that has become the...
Former NSA Cyber Leader Now Leads Security For Fortinet(Forbes) Phil Quade saw the worst of the worst in the cyber crime field as a cyber czar at NSA. In early 2017, he left the agency to join Fortinet as the company's chief information security officer. He believes the combination of public and private sector experience has been a tremendous advantage.
What Is The CyberSec First Responder (CFR) Certification?(Security Boulevard) Phoenix TS adds CertNexus’ CFR Certification to Maryland, Virginia & Online Training Schedule. CyberSec First Responder (CFR) is the “blue team” certification for cybersecurity and validates a professional’s ability to: Assess information security risk in computing and networking environments Analyze the cybersecurity threat landscape Analyze post-attack techniques on computing and network environments Collect cybersecurity intelligence Analyze The post What Is The CyberSec First Responder (CFR) Certification? appeared first on Phoenix TS.
Cybersecurity Governance for Maturing Companies(Cooley) Public and high-growth private companies need internal cyber/data/privacy governance structures that protect the integrity and value of digital assets and customer data and mitigate related risk an…
3 Places Security Teams Are Wasting Time(Dark Reading) Dark Reading caught up with RSA Security president Rohit Ghai at the RSA Conference to discuss critical areas where CISOs and their teams are spinning their wheels.
Could quantum cryptography help secure 5G networks?(NS Tech) Researchers have devised a way to embed quantum cryptography into 5G networks, protecting the next-generation telecoms infrastructure from cyber attacks. A team of scientists at the University of Bris
Quantum Cryptography Demystified: How It Works in Plain Language(ExtremeTech) Once quantum computers become a commercial reality, they will change the ground rules for cryptography. Able to break many current systems, they threaten to allow the pilfering of massive amounts of encrypted data. However, they also hold promise for enabling us to better secure our data using quantum computing technology.
Galois Supporting DARPA's SSITH Program(SIGNAL Magazine) Galois Inc., Portland, Oregon, was awarded a $9,925,508 modification to previously awarded contract HR0011-18-C-0013 for the System Security Integrated Through Hardware and firmware (SSITH) program. The modification brings the total cumulative face value of the contract to $16,553,298 from $6,627,790.
Tufts expelled a student for grade hacking. She claims innocence(TechCrunch) As she sat in the airport with a one-way ticket in her hand, Tiffany Filler wondered how she would pick up the pieces of her life, with tens of thousands of dollars in student debt and nothing to show for it. A day earlier, she was expelled from Tufts University veterinary school. As a Canadian, [&…
A Budget for a Better America(The White House) Budget of the United States Government, Fiscal Year 2020 contains the Budget Message of the President, information on the President’s priorities, and summary tables.
Trump FY2020 Budget Proposal Highlights Tech Priorities(Meritalk) Although the Trump administration’s FY2020 budget proposal details a plan to broadly modernize the government, the fine lines in each department’s proposed funding show that the White House is more specifically geared toward researching and developing artificial intelligence (AI), cybersecurity, IT systems, and technological infrastructure.
Treasury sanctions Moscow bank boosting Venezuela's Maduro(Washington Examiner) President Trump is intensifying pressure on Venezuelan strongman Nicolas Maduro by imposing sanctions on a bank jointly owned by Russian and Venezuelan government-owned enterprises, the Treasury Department announced Monday.
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
PCI Security Standards Council 2019 India Forum(New Delhi, India, March 13, 2019) You’re invited to a day of networking opportunities and educational sessions as the PCI Security Standards Council holds its first ever India Forum in New Delhi, India. You won’t want to miss our engaging...
Annual Cybersecurity Conference for Executives(Baltimore, Maryland, USA, March 13, 2019) Computer breaches seem to be increasing in frequency and severity around the world, causing the leadership of organizations large and small to assess whether they’re doing enough to protect their data.
SecureWorld Charlotte(Charlotte, North Carolina, USA, March 14, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.