Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
May 8, 2019.
By the CyberWire staff
Microsoft Exchange has received a good bit of hacking attention recently, and ESET has a partial explanation. Turla, also known as Snake or Uroburos, a Trojan long used by Russian intelligence services, is back, and using what ZDNet calls "one hell of a clever backdoor." The backdoor is called "LightNeuron," and it functions as a mail transfer service, which is thought to be a first. It's been active since 2014, and it's hit targets in Brazil, Eastern Europe, and the Middle East. It's an espionage tool, not a conventionally criminal one.
SafeGuard Cyber says the bad actors never left the European elections' fields of influence. They've been tracking bots, trolls, and hybrids, all of which have been active against the electorates of Germany, Italy, France, Spain, Poland, and the United Kingdom.
In the US, outlines of Cyber Command's preparations to help secure the 2020 elections grow clearer. The Command seems likely to take a more active approach, hunting for cyber operators and influence campaigns in foreign networks, the Washington Post reports. Bot herders and troll masters can at the very least expect some stern talking-tos by direct message.
Another large cryptocurrency exchange has been looted. Binance, the world's leading alt-coin trading system by volume, lost some $41 million to hackers, Reuters reports. Binance, founded in China but now operating out of Japan and Taiwan, has suspended trading until it gets a handle on security.
Closer to home, Baltimore's city government was hit yesterday by ransomware, Fifth Domain and others report.
Today's issue includes events affecting Canada, China, European Union, France, Germany, Israel, Italy, Japan, Pakistan, Poland, Russia, Spain, Taiwan, United Kingdom, United States.
Bring your own context.
There are any number of reasons, some good, some not so good, others downright bad, to put off patching. But delayed or disregarded patches may have been at the root of the recently disclosed cyber incident affecting the power grid in three western US states.
"And in fact, the Department of Energy disclosure that this utility in question didn't patch this vulnerability that was available for apparently quite a long time, that's the sort of thing that could invite regulatory scrutiny from the North American Electric Reliability Corporation. So I expect perhaps we haven't heard the last from them. And, you know, it wouldn't be hard to imagine regulators there pursuing some sort of fine or enforcement action against this utility if they - if it did emerge that, you know, this vulnerability in some presumably pretty critical grid software just went unpatched for a long time." Blake Sobczak, E&E News, on the CyberWire Daily Podcast, 5.6.19.
Manage risk in haste, repent at leisure. (And remediate with a whole lot more haste.)
The CISO's ultimate guide to AppSec: 11 essential best practices you should know
By now, we are all too aware of the consequences of a data breach: brand damage, loss of customer confidence, potentially costly litigation, regulatory fines, and more. But most organizations aren’t as familiar with how to prevent these attacks. This guide highlights 11 data security best practices to minimize risk and protect your data.
And some of our correspondents are down in Florida this week for KB4-Con. Stand by for notes in our social media channels (Twitter, Instagram, or Facebook), and for special editions of Hacking Humans.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th(Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Uniting Women in Cyber(Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.
DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness(Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.
DreamPort Event: RPE- 006: The Defense at Pemberton Mill(Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.
Mayor Young’s Statement on Baltimore City IT Issue(Baltimore City Hall) Baltimore City core essential services (police, fire, EMS and 311) are still operational but it has been determined that the city’s network has been infected with a ransomware virus.
Synack Veterans Referral Program(Synack) Every year, 250,000 servicemen and women leave the armed forces. Of those who leave, 65% struggle to find jobs, despite their highly specialized skill sets in fields like cybersecurity. In my view, active duty military, veterans, and spouses comprise a largely untapped market for technology companies and startups. Their hands-on training in cybersecurity, particularly in […]
VinaPhone Selects KoolSpan to Power ProCall Secure Communications Solution(AP NEWS) VinaPhone ( http://vinaphone.com.vn ), the leading provider of advanced telecommunications technologies and services to government, enterprise, small & medium-sized business, and consumers in Vietnam announces its partnership with KoolSpan..., to power VinaPhone ProCallTM,..., the secure mobile communications solution for Vietnam.
DISA Seeks Info on Quantum-Resistance Cryptography(ExecutiveBiz) The Defense Information Systems Agency is in need of industry-based information regarding the use of quantum-safe algorithms for cybersecurity. DISA said Monday in a FedBizOpps notice that it intends to evaluate the use of these algorithms and cryptographic approaches to protect the Department of De
Chelsea Manning says she’ll never testify, seeks release(Army Times) Former Army intelligence analyst Chelsea Manning said in a new legal motion that she will never testify to a grand jury in Virginia investigating the website Wikileaks, and it therefore makes no sense to continue to keep her in jail for refusing to do so.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
SINET Innovation Summit 2019(New York, New York, USA, June 13, 2019) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
SecureWorld Kansas City(Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
RiskSec 2019(Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...
Digital Utilities Europe 2019(London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...
Secutech 2019(Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.