What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
May 22, 2019.
By the CyberWire staff
Fancy Bear (Russia's GRU) is actively exploiting malware US Cyber Command reported to Virus Total last week. CyberScoop says many found the warning useful, and welcomed CYBERCOM's heads-up.
An IBM X-Force study of cybersecurity for travelers occasions a flurry of make-your-flesh-creep tales that amount to a cyberspace version of Gahan Wilson's classic Paranoid Abroad. Forbes takes away the lesson that you'd have to be out of your mind to use an airport USB charging station, and also that criminals are in avid pursuit of your travel reward points. Thanks, IBM: we'll take a staycation this year. Oh, and Parallax, in helpfully pointing out how you can tell if your Airbnb or hotel is spying on you with networked cameras, manages to suggest that yeah, it probably is.
Security Scorecard has a review of major US and European political parties' cybersecurity posture. There's room for improvement across the board, but for some reason the US Democrats continue to present hackers with low-hanging fruit.
Huawei has a temporary, ninety-day reprieve from some of the consequences of its placement on the US Entity List, SecurityWeek and others report, but US officials suggest that neither the company nor the Chinese government should misread this as a sign of softening. Commerce Secretary Ross says it's just "breathing space" to give US firms an opportunity to make alternative arrangements. Other Chinese companies may be in line for the Huawei treatment: the Verge suggests drone-maker DJI; the New York Times thinks surveillance vendor Hickvision could be next.
Today's issue includes events affecting Brazil, Canada, China, Czech Republic, European Union, Russia, United Kingdom, United States.
Bring your own context.
Got hit with ransomware? We're looking at you, Baltimore.
"Most of the work in preventing damage from a ransomware attack, unfortunately for Baltimore City, comes before the attack hits. And that's having continuity of operations plans so that you know exactly how you can resume your essential functions. If the absolute worst comes to pass, in that you have a crippling ransomware attack where the network goes down for an extended period of time, you even have a plan to devolve some of your agency's functions to another institution."
—Ben Yelin, of the University of Maryland's Center for Health and Homeland Security, on the CyberWire Daily Podcast, 5.20.19.
It's like one of Kipling's copybook headings: those who fail to plan, plan to fail. Mayors and city managers of the world, for heaven's sake, plan.
According to CyberEdge’s 2019 Cyberthreat Defense Report, 78% of enterprises were victimized by a successful cyberattack last year. Is your organization next? On May 22nd at 2:00 PM ET join LookingGlass’ SVP of Delivery & Support, James Carnall, and CyberEdge’s Co-founder & CEO, Steve Piper, as they review insights from CyberEdge’s sixth-annual research study. They’ll also provide answers to important questions, such as what are the weakest links in current security postures and What the hottest security technologies are in 2019.
National Cyber Summit Job Fair, June 5, Huntsville.(Huntsville, Alabama, United States, June 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free National Cyber Summit Job Fair, June 5 in Huntsville. Meet face-to-face with 22 leading cyber employers. Visit our site for more details.
Cyber Howard Conference(Columbia, Maryland, United States, June 19, 2019) Join us for our 10th annual cyber conference in Howard County. We will tackle the topic of Cyber Sensemaking which is a fluid and continuous approach for establishing better defenses and best practices as a cyber community.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Cyber Warrior Women Summer Social: Sip and Paint(Columbia, Maryland, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Critical Vulnerabilities Discovered in South Korean ActiveX controls(Risk Based Security) Many years ago, ActiveX was a popular technology. Unfortunately, too many ActiveX controls had a very low code maturity and were riddled with basic vulnerabilities like buffer overflows, or exposed unsafe functionality even if marked as “safe for scripting”. These allowed malicious websites to trivially compromise users’ systems.
From Pesky to Dangerous - Image-based Spam(Clearswift) Those of you that can remember back to 2006 may recall that High School Musical was the highest selling album of the year. “We’re all in this together” was one of the most popular songs played at the time and, some would say, a pesky tune that would stick in your head.
Mitsubishi Electric MELSEC-Q Series Ethernet Module(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: Mitsubishi ElectricEquipment: MELSEC-Q series Ethernet moduleVulnerability: Uncontrolled Resource Consumption2. RISK EVALUATIONSuccessful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).
Business Email Compromise Still Reigns(SecurityWeek) Business Email Compromise (BEC) scams are becoming increasingly profitable for threats actors, making it easier for adversaries to gain access to the valuable information that sits within email inboxes.
Car Manufacturers Be Aware - Bluetooth Module Could Lead To Vehicle Shut Down By Hackers(Information Security Buzz) According to new research uncovered by security specialists, Pen Test Partners, who were investigating the systems within Tesla vehicles, found that if hackers could attach an ELM327 Bluetooth module to the interface, they would have the ability to analyse the traffic and read CAN messages. If left in, a hacker could also potentially shut the car down. Experts Comments: Martin Jartelius, …
Security Patches, Mitigations, and Software Updates
Another WannaCry May Be Coming – Are You Ready?(Information Security Buzz) The vulnerability is severe enough that Microsoft took a pretty unusual step in releasing updates for Windows XP and Server 2003 in addition to currently supported versions of Windows that are affected. Unlike WannaCry, this threat is seen as extremely easy to exploit. It took a leaked NSA tool to exploit the WannaCry vulnerability, whereas the fear …
Cloud Security Complexity(Cloud Security Alliance) CSA’s latest survey examines information security concerns in complex cloud environment [Link Here]. The survey of 700 IT and security professionals aims to analyze and better understand the state of adoption and security in current hybrid cloud and multi-cloud security environments, including
DNC's cybersecurity lags behind RNC, new study finds(TheHill) The Democratic National Committee’s (DNC) cybersecurity practices continue to “lag behind” those of its Republican counterpart despite investments the group has made since the 2016 presidential election, according to a new report.
Mumbai at topmost risk of cyber attack(The Times of India) Business News: Cyber criminals usually try to target vulnerabilities on IT systems. Windows systems were attacked the most last year, with 1,985 attempts per minute,
Steve Mann Joins ThetaRay as Chief Marketing Officer(Yahoo) Fintech and Marketing Pro Deepens Leadership Bench of Financial Crime Analytics Leader NEW YORK , May 21, 2019 /PRNewswire/ -- ThetaRay, the leading provider of AI-based Big Data analytics, today announced ...
Tufin Extends Its Leadership in Policy-Based Security Automation(AP NEWS) Tufin ® (NYSE: TUFN), a company pioneering a policy-centric approach to security and IT operations, today announced the release of Tufin Orchestration Suite R19-1, advancing its leadership in network security automation with the industry’s first solution to feature policy-based automation for server policy cloning.
Coalfire adds 2 programs to its cloud security services(SearchCloudSecurity) Coalfire has added Secure Cloud Automation Services and Cloud Security Strategy and Maturity Assessment programs to its suite of cloud security services. They will help enterprises become FedRAMP-compliant and evaluate current security platforms, respectively.
Darktrace AI used to protect military personnel data(Cambridge Network) Darktrace, the world’s leading AI company for cyber defence, has announced that the Royal Air Forces Association (RAFA), the largest charity providing welfare support to members of the Royal Air Forces, has selected Darktrace’s cyber AI to protect its members’ sensitive data from insider threat and sophisticated attacks.
Here’s how to get employees to care about cybersecurity training(CSO) Improving attention and retention rates may have shown that humour is a better training tool than fear, but a security-training pioneer believes the two will come together productively as cyber insurers crack down on training and impending ‘Phishing 2.0’ features allow CISOs to engage with employees the second they click on a malicious link or attachment.
US Delays Huawei Ban for 90 Days(SecurityWeek) US officials delayed a ban on American technology exports to Chinese tech giant Huawei until mid-August, saying the time was needed to allow for software updates and other contractual obligations.
LeakedSource Operator Pleads Guilty in Canada(SecurityWeek) Canadian authorities announce that Defiant Tech, the company that ran LeakedSource, pleaded guilty to trafficking identity information and possession of property obtained through crime.
American Hustle(Foreign Affairs) Donald Trump and the Mueller report are x-rays, revealing much of what has gone awry in American politics and society in recent years.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Gateway Innovation Center: Partners in Cyber(Columbia, Maryland, USA, June 6, 2019) The Howard County Economic Development Authority will host a multifaceted panel event on June 6. Each of our speakers represents leading cyber and technology organizations in the region which provide valuable...
NetDiligence® Cyber Risk Summit(Philadelphia, Pennsylvania, USA, June 12 - 14, 2019) The NetDiligence® Cyber Risk Summit in Philadelphia is attended by more than 600 cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event,...
ICX Insurance Summit with Pindrop and MassMutual(Springfield, Massachusetts, USA, June 19 - 20, 2019) MassMutual, together with Pindrop, is hosting the Identity & Customer Experience (ICX) Summit specifically for insurance organizations to discuss current issues and share strategies and ideas around security...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Kansas City CyberSecurity Conference(Kansas City, Missouri, USA, May 22, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Kansas City will be delivered by John Dickson, Principal, Denim Group Ltd,,...
2019 Georgetown Cybersecurity Law Institute(Washington, DC, USA, May 22 - 23, 2019) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity.Those lawyers who ignore cyber threats are risking millions...
SecureWorld Atlanta(Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...
Louisville Cybersecurity Conference(Louisville, Kentucky, USA, May 30, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.