Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
May 9, 2019.
Global Cyber Innovation Summit
We continue our coverage of last week’s Global Cyber Innovation Summit with two pieces, linked below. One describes the symposiasts’ views on two families of emerging technologies: quantum computing and artificial intelligence. And we also have an account of seven of the companies selected as the Disrupt 8. (The eighth one was equally interesting, but their presentation was off the record.)
By the CyberWire staff
There's been another exposure of Iranian hacking operations. Last month an unknown actor going by "Lab Dookhtegam" dumped code and other information belonging to the OilRig APT. This week another actor, perhaps independently, but more probably acting in coordination with the earlier leakers, dropped information via Telegram and various websites that describe other Iranian cyber operations.
This new group calls itself, ZDNet says, the "Green Leakers." The material released includes information on other Iranian cyber operators, specifically the MuddyWater APT and the Rana Institute. The latter has not hitherto been connected to Iranian hacking operations. This material doesn't, as the earlier leaks did, include source code, but it does contain screen shots and some information about the threat actors and their victims.
According to TechCrunch, Samsung engineers inadvertently exposed code from sensitive internal projects on GitLab.
Bloomberg reports that Amazon has filed a suit in a British court seeking redress for hacking that compromised about a hundred seller accounts, diverting funds from loans and sales to the hackers' accounts.
The US Justice Department has indicted two Israeli nationals on charges connected with operating the DeepDotWeb, a general directory that linked prospective buyers with dark web sites dealing in contraband, some of it lethal.
Clippy, the irritating anthropomorphic paperclip that cumbered Microsoft products in the 1990s, is back in an undead form. But it's proof-of-concept from Dutch cybersecurity consultancy Outflank, so no harm, no foul. Evil Clippy uses VBA stomping to prevent most antivirus tools from detecting the macros it's compromised.
Today's issue includes events affecting Canada, China, European Union, India, Iran, Ireland, Israel, Macedonia, Montenegro, Russia, Singapore, Ukraine, United Kingdom, United States.
Bring your own context.
"Coordinated inauthenticity," Facebook calls it. It's how information operators use bots in social media to go after human opinion. If you wanted to tell the bots from the authentic people, what might you do?
"It requires that, if you see something clickbaity and exciting, that you actually check other sources to see if it's true. Look at the account itself. Look at when it was created. Look out for signs that it looks a bit suspicious, like having published tens of thousands of tweets. Or scroll down its timeline. See if it's all just retweets. There are lots of ways of just eyeballing an account and sort of getting an idea of how valid it is, how real it is. And the problem is that a vast majority of the accounts you'll find on the platform are a little bit dodgy looking." Andy Patel, from F-Secure, on Hacking Humans, 5.2.19.
Dodgy is as dodgy does. And practiced eyes get good at recognizing bots.
The CISO's ultimate guide to AppSec: 11 essential best practices you should know
By now, we are all too aware of the consequences of a data breach: brand damage, loss of customer confidence, potentially costly litigation, regulatory fines, and more. But most organizations aren’t as familiar with how to prevent these attacks. This guide highlights 11 data security best practices to minimize risk and protect your data.
Hacking Humans is also up. In this episode, Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Finally, Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust.
And some of our correspondents are down in Florida this week for KB4-Con. Stand by for notes in our social media channels (Twitter, Instagram, or Facebook), and for special editions of Hacking Humans.
Cybersecurity Impact Awards(Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!
Cyber Investing Summit(New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.
Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th(Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Uniting Women in Cyber(Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.
DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness(Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.
DreamPort Event: RPE- 006: The Defense at Pemberton Mill(Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.
Samsung spilled SmartThings app source code and secret keys(TechCrunch) A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found. The electronics giant left dozens of internal coding projects on a GitLab instance hoste…
How to Exploit EternalBlue on Windows Server with Metasploit(WonderHowTo) Particular vulnerabilities and exploits come along and make headlines with their catchy names and impressive potential for damage. EternalBlue is one of those exploits. Originally tied to the NSA, this zero-day exploited a flaw in the SMB protocol, affecting many Windows machines and wreaking havoc everywhere. Here, we will use EternalBlue to exploit SMB via Metasploit.
Database With Millions of Indian Personal Records Exposed and Hijacked(Security Discovery) On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens, including the following fields: Name Email Gender Education level and area...
The Future of Cybersecurity Budgeting(Inside Out Security) How has spending on cybersecuirty changed over the years? See what companies are prioritizing in their budgets and our tips for managing your own budget.
Information Security Professionals – Today’s Unsung Heroes(Lastline) Our 2019 RSA Conference survey highlights what information security professionals – today’s unsung heroes – must deal with. But as a group, they soldier on, against stiff odds, driven by some very compelling and admirable goals.
Is curiosity killing patient privacy?(Help Net Security) With the growth of electronic health records and online patient portals, a wealth of sensitive medical information can negatively impact patient privacy.
Cybersecurity Jobs Abound. No Experience Required.(Wall Street Journal) Companies like IBM and Palo Alto Networks are scrambling to hire hundreds of thousands of corporate hackers to defend their networks and data, pursuing workers without traditional four-year degrees or formal experience.
Google Fights Back(Stratechery by Ben Thompson) At Google I/O, Google was the opposite of defensive: the company set out to make the case that its approach made for better products that makes people’s lives better
Facebook's EU elections operation centre based in Dublin(TechCentral.ie) In the run up to this month’s local and European elections and divorce referendum, Facebook’s Dublin centre will attempt to tackle misinformation, foreign interference and coordinated inauthentic behavior. Similar centres have previously been set up in the United States, Brazil and India in an effort to prevent wide-scale election influencing campaigns. With specialists from all [&hellip
Zix Acquires the Assets of Email Security Provider DeliverySlip(Yahoo) Zix Corporation (Zix) (ZIXI), a leader in email security, has acquired the assets of Cirius Messaging Inc. and wholly owned subsidiary, DeliverySlip Inc. related to the DeliverySlip product. DeliverySlip is a provider of email encryption, e-signatures and secure file sharing solutions. The asset
F-Secure Security Engineering Awarded IEC 62243 Certifications(Financial IT) Cyber security provider F-Secure has earned two new International Electrotechnical Commission (IEC) certifications that recognize the company’s expertise in developing secure components for industrial control systems (ICSs). The certifications, IEC-62243-4-1 and IEC-62243-4-2, define the cyber security requirements for the development lifecycles and products used in industrial control and automation systems.
Introducing the Bromium Threat Insights Report(Security Boulevard) This report is made possible by customers who opted to share their Bromium-isolated threat data with Bromium, which our experts compiled into a Threat Insights Report Bromium Threat Insights Report is designed to share intelligence about the most notable malware that our experts have analyzed, and highlight new techniques used by attackers Learn practical and The post Introducing the Bromium Threat Insights Report appeared first on Bromium.
When "Customers" Attack DNS(Security Boulevard) Be real. A Communications Service Provider's (CSP's) customer will not use their home to attack the Domain Name System (DNS). They might as well unplug from the Internet. Yet, customers get infected, CPEs get violated, and miscreants all over the...
Bipartisan Bill Introduced Would Give Tools to Fight Foreign Interference in Elections(Campaign Legal Center) Today, U.S. Senators Amy Klobuchar (D-MN), Lindsey Graham (R-SC) and Mark Warner (D-VA) introduced the Honest Ads Act, a bill that addresses some of the most pressing vulnerabilities in campaign finance law that Russia exploited in the 2016 election. Campaign Legal Center (CLC) advised on the bill when it was introduced in the last Congress and co-sponsored by the late Senator John McCain (R-AZ). Representatives Derek Kilmer (D-WA) and Elise Stefanik (R-NY) lead companion legislation in the House of Representatives, which has 26 co-sponsors.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
NAWC Cybersecurity Symposium(Washington, DC, USA, May 21, 2019) The National Association of Water Companies (NAWC) will hold its inaugural 2019 NAWC Cybersecurity Symposium on Tuesday, May 21, 2019 at the Army-Navy Club in Washington, D.C. The day-long event will bring...
SINET Innovation Summit 2019(New York, New York, USA, June 13, 2019) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.
Security in our Connected World Seminar(Shenzhen, China, September 25, 2019) This year, GlobalPlatform’s seminar will examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), and delve into their associated business and technical...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Digital Utilities Europe 2019(London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...
Secutech 2019(Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...
Chicago Cybersecurity Conference(Chicago, Illinois, USA, May 9, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Cyber Security Transatlantic Policy Forum(Killarney, Ireland, May 10, 2019) The mission of the conference is to bring politicians, law enforcement, policy makers and cyber industry leaders together to create an annual dialogue. Our goal is to ensure that we expand and improve...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.