Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
Yesterday's highlights included some perspective on what creates crisis instability from cybersecurity and policy expert Richard Clarke. You get dangerous crisis instability when an aggressor concludes they have a decisive advantage over the defenders. You're at risk when your opposition concludes that your defenses aren't credible.
Several speakers expressed concerns about data integrity, or data provenance. NSA's Rob Joyce warned that, as governments increase their efforts to impose national will in cyberspace, data will come under correspondingly greater attack. If data come to be perceived as untrustworthy, that would erode public trust and confidence in the institutions of both government and civil society. This is a slow-motion problem, and it may be upon us before we realize the severity of the threat.
Amid the usual warnings, however, were some surprising and distinctly encouraging notes. Tenable's Amit Yoran said that they've seen a "tremendous difference" between the cyber haves and the cyber have-nots. It's possible to protect yourself today. Richard Clarke had a similar observation about the possibility of successful defense, taking NotPetya as grounds for optimism. NotPetya was a Russian military action against Ukraine, but many companies around the world were collateral damage, and that damage was severe. But a lot of other companies deflected the attack, and "these are the dogs that didn't bark." Existing technology properly applied can defend the corporate network, he concluded.
We'll have more on the Summit in subsequent issues of the CyberWire.
By the CyberWire staff
US Federal authorities have been "tight-lipped" (as E&E News, which broke the story, puts it) about a cyber incident affecting electrical utilities in three western states. But they have said, according to TechCrunch, that the distributed denial-of-service attack affected neither power generation nor distribution.
Chinese security services are making effective use of online surveillance domestically, particularly against its largely Muslim Uighur population. A New York Times op-ed fears the tools perfected in-country will proliferate internationally.
The exploit blackmarketeer known as Volodya or BuggiCorp continues to hawk malware. ZDNet has a round-up of some of his (her? their?) activities and customers. He seems in part a government contractor, as his clients include (Kaspersky says) SandCat, FruityArmor, and Fancy Bear.
Proofpoint says the Retefe banking Trojan is back, with some enhancements.
Sophos tweeted that they may have discovered a novel ransomware strain, possible being delivered via Emotet. The ransom note alludes to Belshazzar's feast: your defenses "have been weighed, measured, and have been found wanting."
Ad fraud will cost businesses $5.8 billion this year an Association of National Advertisers study predicts, but that's good news: it's down from $6.5 billion over the previous year.
Mixed news (on balance more good than bad) comes from CrowdStrike, which sees a drop in hacktivism's effectiveness even as hacktivism becomes more frequent, WIRED reports. Common hacktivist actions include website defacement and distributed denial-of-service.
Russia's new autarkic Internet, complete with isolation switch, is now officially law, and many, NDTV says, fear censorship. Who could've seen that coming?
Today's issue includes events affecting Austria, Brazil, China, European Union, Germany, India, Indonesia, Libya, Malaysia, Myanmar, Netherlands, Pakistan, Russia, Sri Lanka, Sudan, Turkey, United Kingdom, United States, and Venezuela.
Bring your own context.
Resident everyman Joe Carrigan expresses his frustration with social media:
"When it comes to political discourse, Facebook is little more than a political echo chamber, and Twitter is a spite-filled dumpster fire!" Joe Carrigan, of the Johns Hopkins University Information Security Institute and co-host of Hacking Humans, offering some form criticism in this week's episode.
Sez him. Don't sugar-coat it, Joe. But he's got a point. Out, damned bot!
Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow
When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The tour includes NYC, D.C., and Houston!
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson talks about the Dynamic Connections conference, hosted by General Dynamics. Our guest is Joseph Carson from Thycotic on lessons he’s learned (the hard way) on communications with the board.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th(Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Chinese app tracks every move that Muslims make(Times) Chinese Muslims are unable to use their phone, fill up their car with petrol or even leave the house without being recorded by an unprecedented surveillance operation in the country’s far west...
‘Denial of service condition’ disrupted US energy company operations(TechCrunch) An energy company providing power in several western U.S. states experienced a “denial-of-service condition” serious enough to warrant reporting it to the government’s energy authority. The “cyber event” resulted in “interruptions of electrical system operations&…
2019: The Return of Retefe(Proofpoint) Proofpoint researchers describe recent updates to the Retefe banking Trojan and changes to related actor TTPs.
Sierra Wireless AirLink ALEOS(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.1ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are availableVendor: Sierra WirelessEquipment: AirLink ALEOSVulnerabilities: OS Command Injection, Use of Hard-coded Credentials, Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Cross-site Request Forgery, Information Exposure, Missing Encryption of
Orpak SiteOmat(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploit/public exploits availableVendor: Orpak (acquired by Gilbarco Veeder-Root)Equipment: SiteOmatVulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of Sensitive Data, Code Injection, Stack-based Buffer Overflow2.
GE Communicator(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.1ATTENTION: Exploitable remotely/low skill level to exploitVendor: General ElectricEquipment: CommunicatorVulnerabilities: Uncontrolled Search Path, Use of Hard-coded Credentials, Improper Access Controls2.
New Exploits for Unsecure SAP Systems(US-CERT) The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components.
Why Hidden Malware May Be Potential National Catastrophe (eWEEK) SECURITY ANALYSIS: Command-and-control servers execute commands that could range from stealing personal information to ransomware attacks to pulling email (and getting insider information) to emptying accounts. This is a growing threat, and here's what some companies are doing about it.
Atlantic Council 8th Annual International Conference on Cyber Engagement - Observations(Control Global) I attended the April 23rd Atlantic Council’s 8th Annual International Conference on Cyber Engagement. This was a policy, not technical, conference. As best as I could tell, there were very few “practicing” engineers that attended. The Atlantic Council should consider having more engineers participating to support the policy makers on the technical issues underpinning policy.
10 Hot IoT security startups to watch (Network World) With the internet of things growing unchecked, entrepreneurs are working to build security systems that can protect IoT infrastructure and the data it gathers. Here’s a look at 10 of them.
Hacker-turned-CEO: Too much money is being thrown at Cybersecurity(Yahoo) Dug Song, co-founder of Duo Security which Cisco bought last year for $2.35 billion dollars, joins Yahoo Finance's Akiko Fujita, Dan Roberts, and Ethan Wolff-Mann. Song explains why cybersecurity isn't being fought in the most cost-efficient way. He highlights the biggest threats.
NSS Labs Appoints New Chief Executive Officer(NSS Labs, Inc.) NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today announced that Jason Brvenik has been named Chief Executive Officer (CEO); he had been serving as Chief Technology Officer (CTO) since January 2017
JASK Fortifies Key Executive Positions as it Continues to Scale(Yahoo) JASK, the provider of the industry’s first cloud-native SIEM platform, today announced that it has made several key promotions to its leadership team in support of its rapid growth. Further strengthening its executive leadership, the advancements lay the groundwork for customer enablement and scalability
Lares appoints Andrew Hay as COO(Help Net Security) Lares, a global leader in security assessment, testing, and coaching, announced that veteran technology executive Andrew Hay has joined the company as COO.
CyberaVUE Brings Remote Network Operations into Clear Focus(Cybera | Network Services Platform) Cybera has announced CyberaVUE, a new cloud-based management solution to extend network insights and provide customers with a comprehensive, real-time view of remote site networks. CyberaVUE is part of the company’s multi-tenant platform, CyberaONE...
SAP announces secure, scalable business-to-business solutions for marketers(Marketing Land) Software and technology provider SAP announced the launch of a new B2B software-as-a-service (SaaS) solution that will allow users to securely grant third parties access to first-party data, share sensitive information and manage regulatory compliance without the threat of exposure to security risks. Why we should care The experience economy is rapidly expanding as more …
Avira Password Security Report: Tidy up your digital life(Avira - Antivirus made in Germany) Avira is pleased to release its first Password Security Report, reinforcing our mission to protect people in the connected world. The report details how the increasing number of data breaches are impacting people’s digital lives and online behavior and includes tips on protecting personal data.
The Growing Russian Challenge and What Should Be Done About It(Atlantic Council) All around the world, Russia is increasingly asserting itself, propping up dictators, and, in some instances, posing a direct challenge to US interests. Russian President Vladimir Putin held his first-ever meeting with North Korean leader Kim...
Venezuela thrust to forefront of US-Russia clashes(Military Times) The crisis in Venezuela has been thrust to the top of a list of long-simmering spats between the United States and Russia, with both sides entrenched in diametrically opposed positions from which they are unwilling to retreat.
The Huawei Challenge(Atlantic Council) Despite an effort by the United States to persuade its friends and allies not to use 5G wireless communications technology developed by Huawei, many will find it hard to avoid doing business with the Chinese telecom giant altogether. Robert A....
Does Huawei really pose a security risk? A straightforward guide(The Telegraph) Huawei, a Chinese company once little-known outside of the technology industry, has found itself at the centre of a political firestorm that has already toppled one UK minister and triggered a row over the future of the security of the UK's telecoms networks.
Feds seek to up their cybersecurity game(Security Boulevard) Recent government cybersecurity initiatives assume that the federal government has a role to play in securing the IoT and critical infrastructure. Does it? The post Feds seek to up their cybersecurity game appeared first on Software Integrity Blog.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Infiltrate 2019(Miami Beach, Florida, USA, May 2 - 3, 2019) INFILTRATE is a deeply technical conference that focuses entirely on offensive security issues. Groundbreaking researchers demonstrate techniques that you cannot find elsewhere. Learn computer and network...
SecureWorld Kansas City(Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
RiskSec 2019(Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...
Digital Utilities Europe 2019(London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.