Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
March 19, 2019.
By the CyberWire staff
Norway's Norsk Hydro, one of the world’s largest aluminum producers, suffered an "extensive cyber-attack" against its facilities around the world last night. The company said in a message to investors that "IT-systems in most business areas are impacted and Hydro is switching to manual operations as far as possible." According to Reuters, the Norwegian National Security Authority (NNSA) said the attack used a fairly new strain of ransomware called "LockerGoga." A spokesman for Hydro told the BBC that the company was able to continue production by reverting to manual methods, and that it has data backups to restore from as soon as the attack is neutralized. Currently, however, Hydro is still working with the NNSA to contain the attack and identify the extent of the damage. The company will hold a press conference shortly to share more information.
Palo Alto Networks' Unit 42 published a report yesterday on a new variant of the Mirai botnet malware. This version is using a total of 27 exploits, 11 of which are new. It's also targeting a wider range of devices, including WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. Since these devices are meant for use in business environments, the researchers believe this new strain indicates "a potential shift to using Mirai to target enterprises." Enterprises provide "a large attack surface" and "access to greater bandwidth," allowing for more powerful DDoS attacks.
Homeland Security Secretary Kirstjen Nielsen said yesterday that emerging cyber threats are her top concern for the coming year.
"Cloud computing” is fast becoming simply “computing.” Enterprises need cloud-style quality of service across their hybrid information and technology environments. Visit Coalfire and download the latest Gartner Report, “Predicts 2019: Increasing Reliance on Cloud Computing Transforms IT and Business Practices,” for insight into how cloud computing has grown from a delivery option to an all-encompassing strategy. Learn how businesses leverage the cloud for efficiency and innovation. Visit www.coalfire.com and download your copy today.
OSSEC Con2019(Herndon, Virginia, United States, March 20 - 21, 2019) OSSEC Con2019, “The Future of OSSEC: Security and Compliance for Cloud, On-Premise and Hybrid Environments” will take place March 20-21 in Herndon, VA. Join OSSEC users to share best practices and use cases with plenty of peer-to-peer networking.
Cyber Security Summits: April 2nd in Denver and in Philadelphia on April 25th(Denver, Colorado, United States, April 2 - 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Dell, Oracle, Darktrace, Verizon and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
Sprint customers say a glitch exposed other people’s account information(TechCrunch) Several Sprint customers have said they are seeing other customers’ personal information in their online accounts. One reader emailed TechCrunch with several screenshots describing the issue, warning that they could see other Sprint customers’ names and phone numbers. The reader said th…
JNEC.a Ransomware Spread by WinRAR Ace Exploit(BleepingComputer) A new ransomware called JNEC.a spreads through an exploit for the recently reported code execution ACE vulnerability in WinRAR. After encrypting a computer, it will generate a Gmail address that victims need to create in order to receive the file decryption key once they pay the ransom.
Vulnerability Summary for the Week of March 11, 2019(US-CERT) The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
EU gov’t and public health sites are lousy with adtech, study finds(TechCrunch) A study of tracking cookies running on government and public sector health websites in the European Union has found commercial adtech to be operating pervasively even in what should be core not-for-profit corners of the Internet. The researchers used searches including queries related to HIV, menta…
Mauritius Cyber Security Firm Opens Rwanda Subsidiary(KT PRESS) A Mauritius cyber security company has launched operations in Rwanda with intent to help cut down on cyber security threats across Insurance Companies and Financial Institutions.
The tech company - Secure Services Mauritius will initially invest $500,000 (about Rwf450million) - following its ent
Explainer: Germany, at last, launches 5G spectrum auction(Reuters) Germany begins an auction of spectrum for next-generation 5G mobile networks on Tuesday, the outcome of which will play a decisive role in determining whether Europe’s largest economy remains competitive in the digital age.
Talent Gap: Self-Inflicted Wound?(Forbes) Is the massive talent gap in security actually self-inflicted? Can we close it by changing what and how we design tools and organizations to enable us to recruit, hire and retain differently? It's time to participate in our own rescue and stop whining that there aren't enough people to fill the SOC.
SK Telecom to apply quantum cryptographic technology to 5G network(Pulse News) South Korea’s leading mobile carrier SK Telecom Co. will apply quantum cryptography technology, considered as the most complex and safe data security technology, to its 5G network system to ensure dominance in Korea’s wireless market which makes generational shift to 5G for the first time in the world in the first half.
CyberSec First Responder (CFR) Free Training(Phoenix TS) See if the CyberSec First Responder training course and certification are the right fit for you by enrolling in our free 4-hour sample course. This course is available for one day only (Thursday March 21, 2019) in person in Columbia, MD or Live Online
New HTTPS Interception Tools Available from Cloudflare(BleepingComputer) Cloudfare announced the release of two new tools designed to make it simpler to check if TLS connections to a website have been intercepted, to detect vulnerable clients and potentially notify them when their security is compromised or degraded.
Code Dx Selected as Success Story at the Department of Homeland Security’s Cybersecurity and Innovation Showcase(Globe Newswire) Code Dx, Inc., provider of an award-winning application security solution that automates and accelerates the discovery, prioritization, and management of software vulnerabilities, today announced it will be spotlighted as a top success story at the 2019 S&T Cybersecurity and Innovation Showcase hosted by the Department of Homeland Security (DHS) Science and Technology (S&T) Directorate. Code Dx Enterprise, the company’s flagship product, grew out of the research funded by the DHS S&T to help secure the nation’s software supply chain from attack.
Why Phone Numbers Stink As Identity Proof(KrebsOnSecurity) Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities.
DHS pushes new cyber hiring authorities(FCW) The department's budget requests $11.4 million to complete a new Cyber Talent Management System to hire and pay security workers based on their ability, not qualifications.
Cybersecurity Funding(The White House) The President’s Budget includes an estimated $17.4 Billion which supports the protection of Federal information systems and our nation’s most valuable information including the personal information of the American public.
Law enforcement agencies across the EU prepare for major cross-border cyber-attacks(Europol) The possibility of a large-scale cyber-attack having serious repercussions in the physical world and crippling an entire sector or society, is no longer unthinkable. To prepare for major cross-border cyber-attacks, an EU Law Enforcement Emergency Response Protocol has been adopted by the Council of the European Union. The Protocol gives a central role to Europol’s European Cybercrime Centre (EC3) and is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises1.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
2019 S&T Cybersecurity and Innovation Showcase(Washington, DC, USA, March 18 - 20, 2019) The 2019 S&T Cybersecurity and Innovation Showcase is a unique event for the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to introduce its funded research projects to...
OSSEC Open Source Security Conference(Herndon, Virginia, USA, March 20 - 21, 2019) With tens of thousands of global users, OSSEC is the world’s most widely used open source host-based intrusion detection system. Join this exclusive event on March 20-21, 2019 at the Dulles Hilton in Herndon,...
KNOW 2019(Las Vegas, Nevada, USA, March 24 - 27, 2019) The Future of Trust starts at KNOW 2019, the definitive event focused on the data economy. From Facebook and Equifax to GDPR, identity data is at the forefront of cybersecurity and regulation. KNOW is...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.