Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow
When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The next stop is Houston, TX!
May 30, 2019.
By the CyberWire staff
Zscaler reports finding a campaign of malicious redirection from WordPress sites in the wild. Those responsible are exploiting a cross-site-scripting vulnerability in the platform's widely used WP Live Chat Support plugin.
As another database is found exposed online (this one a Chinese set of 45.2 million records culled from online dating sites, as CyberScoop and others report), Digital Shadows shares some glum perspective: the company thinks some 2.3 billion files are similarly exposed. Some are chickenfeed, others are "gold."
ESET is taking a close look at the Turla threat actor's latest capers, many involving Powershell exploits.
The International Committee of the Red Cross has released a study of the potential humanitarian costs of cyber operations. The report cites, as part of its motivation, the need to address the effect such incidents as WannaCry, NotPetya, and attacks on the Ukrainian grid have on delivery of essential goods and services to civilian populations. It also cites the increased willingness to conduct offensive cyber operations by countries other than Russia and North Korea. The ICRC's study is intended to inform the laws of armed conflict of how new cyber technologies might be constrained to ameliorate suffering from operations in this newly contested domain.
Baltimore thinks the ransomware attack on the city's systems will cost it around $18.2 million, when all is said and done, according to the Baltimore Sun. We're just spitballing here, but we guess it would have cost less to patch those systems two years ago (and even back them up).
Today's issue includes events affecting Canada, China, Germany, Iran, Israel, Russia, Saudi Arabia, United Kingdom, United States.
Bring your own context.
NIST is thinking ahead about quantum computing and what it means for encryption standards.
"The main change with respect to the previous version is the recommended security strength for crypto algorithms. It used to be 80 bits. Now NIST recommends a security strength of at least 112 bits for applying crypto protection to data, whether it's for encrypting data or for signing data.... You know, the way we encrypt data, which relies on public key infrastructure, is based on the intractability of the integer factorization and the discrete log problems, and that intractability may no longer be valid when we have quantum computers. So NIST is prepping for that, as well as for the advancements of classical computing technology, by asking businesses and, you know, federal agencies to increase the key lengths of the algorithms they use today so that a security strength of at least 112 bits is used.... There may be more computational power used to encrypt data. Obviously, the data that has been encrypted already will continue to be decrypted with the existing algorithms with the existing keys. That presents some risk that organizations need to be aware of, but that's part of going through this transition."
—Malek Ben Salem, of Accenture Labs, on the CyberWire Daily Podcast, 5.28.19.
Read all about it in NIST SP 800-131A Rev. 2, "Transitioning the Use of Cryptographic Algorithms and Key Lengths." Be prepared to enter the quantum realm. (And no, it's not like what you saw in Ant Man.)
Get the In-Depth Guide to Operationalizing Threat Intelligence.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Cisco Talos, as Craig Williams offers his take on a critical Microsoft vulnerability, CVE-2019-0708, the vulnerability known as BlueKeep. Our guest is Matt Aldridge from Webroot; he talks us through the implications of San Francisco's ban on facial recognition.
And Hacking Humans is up. In this week's episode, "Be willing to admit you don't know everything," Dave reviews Google's recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault speaks with the head of a group that call themselves Scam Survivors.
National Cyber Summit Job Fair, June 5, Huntsville.(Huntsville, Alabama, United States, June 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free National Cyber Summit Job Fair, June 5 in Huntsville. Meet face-to-face with 22 leading cyber employers. Visit our site for more details.
Cyber Howard Conference(Columbia, Maryland, United States, June 19, 2019) Join us for our 10th annual cyber conference in Howard County. We will tackle the topic of Cyber Sensemaking which is a fluid and continuous approach for establishing better defenses and best practices as a cyber community.
Cyber Warrior Women Summer Social: Sip and Paint(Columbia, Maryland, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Turla APT group beefs up cyber attack tool(ComputerWeekly.com) An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block
A dive into Turla PowerShell usage(WeLiveSecurity) ESET researchers show how, in a bid to evade detection, the Turla group leverages PowerShell scripts to inject malware directly into memory.
Predator the Thief(EnigmaSoft Ltd) A new info stealer by the name Predator the Thief has been detected in several large-scale attacks recently. It appears that its author is a user called 'Alexuiop1337' who is currently selling Predator, the Thief on several Russian forums. The initial price was $35, but after several updates and perhaps seeing the interest it has garnered, the author of the Predator the Thief raised the price to $80.
Flipboard hacks prompt password resets for millions of users(TechCrunch) Social sharing site and news aggregator Flipboard has reset millions of user passwords after hackers gained access to its systems several times over a nine-month period. The company confirmed in a notice Tuesday that the hacks took place between June 2, 2018 and March 23, 2019 and a second time on …
Cyber-attack forces shutdown of computers at county courthouse(Citizen's Voice) A cyber-attack has forced Luzerne County officials to shut down some of the computers at the county courthouse. Information technology workers are examining all servers and computer stations at the courthouse, according to David Parsnik, co
[Report] Legit Remote Access Tools Turn Into Threat Actors' Tools(Cyberint) Whilst TA505 are almost certainly responsible for several of these recent campaigns, broader analysis of the TTP employed indicates that multiple threat actors are conducting similar operations against a variety of victims, especially with the use of RMS.
New 2019 Global Survey: IoT-Focused Cyberattacks are the New Normal(IoT Business News) Irdeto finds that in sectors such as transport, manufacturing and healthcare, while a majority of organizations have suffered an IoT attack, the mindset of security as a cost is changing. Eight in ten organizations have experienced a cyberattack on their IoT devices in the past 12 months, according to new research by Irdeto. Of those ...
IoT Technology and Smart Devices in the Home(Clutch) Most people are most familiar with IoT technology in the home, partially as a result of "forced adoption." People value the access and control their smart home devices offer, which helps explain why smart home security systems are the most popular smart home device. As the price of IoT technology falls, people plan to invest more in smart home devices in the future. Read
Salesforce Rolls Out Blockchain Builder for Noncoders(Wall Street Journal) Salesforce, joining its cloud-services peers, is getting into the blockchain business. The company said some of its customers are using an early version of a platform that allows them to build blockchain applications without needing much expertise in the technology.
Attila Security's GoSilent Data Security Platform Fulfills NIAP Requirements(ExecutiveBiz) The National Information Assurance Partnership has listed Attila Security’s GoSilent data security platform, verifying the product’s compliance with NIAP requirements. The company said May 14 its GoSilent platform, which was first developed at the National Security Agency, is also pending for NIAP’s
RapidFire Tools Debuts Cyber Insurance Compliance Software(CRN) RapidFire Tools – known for its security and regulatory software -- has has created what it says is a unique watchdog for cyber insurance customers that ensures they are in compliance with their policy before the worst happens.
Should Failing Phish Tests Be a Fireable Offense?(KrebsOnSecurity) Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this particular teaching approach).
The potential human cost of cyber operations(International Committee of the Red Cross) This report provides an account of the discussions that took place during a meeting of experts organised by the ICRC in November 2018 on the potential human cost of cyber operations.
Why attribution is a means to an end(FCW) Law enforcement officials insist that accurately placing the blame on countries or groups who engage in destructive cyberattacks is a critical prelude to imposing more meaningful consequences.
Federal cybersecurity agency on the way?(CSO Online) As human activity migrates into the online space, keeping the bad guys from mucking it all up becomes paramount. Does that mean it’s time for a federal cybersecurity agency?
Stop demonizing encryption(CyberScoop) The current negativity toward encryption perpetuates misinformation and provides fodder for governments seeking to undermine security and privacy across the globe.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Time Machine 2019(Austin, Texas, USA, November 13 - 14, 2019) At Time Machine, you will actively engage with real-world AI applications. Hear from leaders on the cutting edge of technology, government, industry, academia, and the arts, and uncover the roadmap for...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
SecureWorld Atlanta(Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...
Louisville Cybersecurity Conference(Louisville, Kentucky, USA, May 30, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
National Cyber Summit(Huntsville, Alabama, USA, June 4 - 6, 2019) National Cyber Summit is the nation’s most innovative cyber security-technology event, offering unique educational, collaborative and workforce development opportunities for industry visionaries and rising...
Infosecurity Europe(London, England, USA, June 4 - 6, 2019) Europe’s Leading Event for Information and Cyber Security Bringing business, tech and cyber communities together to discuss and discover how best to protect companies and individuals. Join in to find ‘everyone...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.