Get a Backstage Pass to LookingGlass’ Digital Business Risk Roadshow
When it comes to digital business risk, you don’t want a general admission perspective. Get a backstage pass for the LookingGlass Digital Business Risk Roadshow to learn the industry-latest on effective third party risk management, taking a proactive security approach, and get a cybercriminal mastermind's insights on manipulating your organization’s cyber strengths and weaknesses. Come see us in a city near you. The next stop is Houston, TX!
May 31, 2019.
By the CyberWire staff
Intezer is describing the operations of "HiddenWasp," a campaign installing a backdoor on Linux systems. HiddenWasp borrows freely: components of Mirai, the ChinZ Elkinot implant, the Azazel rootkit, and the Linux version of Winnti have all been seen in its code. Most Linux-focused malware has tended to concentrate on coinmining or distributed denial-of-service, and it's also tended to be heavy-footed and noisy. HiddenWasp, in contrast, is not only relatively stealthy, but also has as its aim the control of infected devices by the attacker, and observers see this as a new and disturbing development.
Forescout tells Nextgov that some four thousand Huawei and ZTE devices remain on US Federal networks: "You can't just rip them out." TechCrunch reports that Huawei is, on an interim basis at least, trying to limit the damage of US measures by limiting contact between its US and Chinese workers.
In an undated risk-assessment memorandum that appears, on internal evidence, to have been prepared between August 2016 and September 2017, Baltimore's IT office warned that servers running unsupported versions of Windows posed a clear risk. The memo, according to the Baltimore Sun, specifically called out the likelihood of ransomware attacks. Nextgov reports that NSA's Rob Joyce said yesterday that, while everyone feels for Baltimore, the city did after all have two years to patch.
ISIS, now in its diaspora phase, was, the Long War Journal reports, quick to go online to claim responsibility for a suicide bombing at Afghanistan's Marshal Fahim National Defense University in Kabul.
Today's issue includes events affecting China, Ethiopia, European Union, Germany, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Russia, Sauid Arabia, Sri Lanka, Switzerland, United Arab Emirates, United Kingdom, United States.
Bring your own context.
Communication with decision-makers requires a common language. Maturity levels might be a contribution to developing that language.
"Financial planners look at efficiency ratios and leverage ratios as they evaluate companies. Is there an equivalent in the cyber marketplace for measuring the effectiveness or efficiency of a cyber program?"
—Julie Bernard, of Deloitte's Cyber Risk Services Team, on the CyberWire Daily Podcast, 05.29.19.
Deloitte and FS-ISAC sought to derive those sorts of measures for cybersecurity. They based them on the NIST Framework, and they proposed fleshing out four levels of maturity. From least to most mature, those would be Partial, Informed, Repetitive, and Adaptive.
Get the In-Depth Guide to Operationalizing Threat Intelligence.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
National Cyber Summit Job Fair, June 5, Huntsville.(Huntsville, Alabama, United States, June 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free National Cyber Summit Job Fair, June 5 in Huntsville. Meet face-to-face with 22 leading cyber employers. Visit our site for more details.
Cyber Howard Conference(Columbia, Maryland, United States, June 19, 2019) Join us for our 10th annual cyber conference in Howard County. We will tackle the topic of Cyber Sensemaking which is a fluid and continuous approach for establishing better defenses and best practices as a cyber community.
Cyber Warrior Women Summer Social: Sip and Paint(Columbia, Maryland, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Cyber Attacks, Threats, and Vulnerabilities
Suicide bomber strikes military academy in Kabul(FDD's Long War Journal) An Islamic State suicide bomber struck outside the Marshal Fahim National Defense University in Kabul earlier today. It is the second time the so-called Khorasan province has attacked the academy. According to UNAMA, the jihadists launch more "suicide and complex attacks" in the Afghan capital than in any other area of the country.
HiddenWasp Malware Stings Targeted Linux Systems(Intezer) Intezer has discovered a new, sophisticated malware named HiddenWasp, targeting Linux systems. Unlike common Linux malware, HiddenWasp is not focused on crypto-mining or DDoS activity, but rather it is a trojan purely used for targeted remote control.
AVEVA Vijeo Citect and CitectSCADA(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.5ATTENTION: Low skill level to exploitVendor: AVEVAEquipment: Vijeo Citect and CitectSCADAVulnerability: Insufficiently Protected Credentials2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow a locally authenticated user to obtain Citect user credentials.
How secure is the intelligence community’s IT supply chain?(Fifth Domain) Concerned over threats to the acquisition supply chain from foreign actors, the Senate Select Committee on Intelligence included the establishment of a supply chain risk management task force in the latest Intelligence Authorization Act, approved May 14.
Kaspersky Lab reports 61% jump in mobile banking malware(ATM Marketplace) Mobile banking Trojans are among the most rapidly developing, flexible and dangerous types of malware, according to Kaspersky Lab, which found a 61% increase in the number of files (from 18,501 to 2,841) of this type of malware between Q4...
Nation-State Security: Private Sector Necessity(SecurityWeek) While threats facing private industry and government may once have looked distinctly different, the line separating attackers pursuing these two arenas is now so blurred that it’s often hard to distinguish one from another.
Number of exposed health files 'alarming' says data security firm - Digital Health Age(Digital Health Age) The number of sensitive data files in healthcare, pharma and biotech accessible to every employee should leave us alarmed according to data security company Varonis, after a report highlighted the data risk in several industries a year after the implementation of GDPR. The Global Data Risk Report from the Varonis Data Lab suggested that in...
Huawei bars staff from having technical meetings with US contacts(TechCrunch) Reeling from the ongoing U.S.-China trade war, Chinese technology giant Huawei has found itself in yet another dilemma: How to pursue internal communications with its own U.S. employees? For now, the company has ordered its Chinese employees to bar technical meetings with their U.S. contacts and se…
SafeBreach Joins Microsoft Intelligent Security Association(AP NEWS) SafeBreach, a leader in breach and attack simulation, today announced that it has joined the Microsoft Intelligent Security Association, a collaborative initiative to help organizations defend against increasingly sophisticated, fast moving threats worldwide.
Capsule8 Names Scott Kenerly as Chief Financial Officer(Capsule8) Capsule8, the only company providing high-performance attack protection for Linux production environments, today announced the appointment of Scott Kenerly as Chief Financial Officer … Read of "Capsule8 Names Scott Kenerly as Chief Financial Officer"
Phunware Announces Dual Token Structure(Yahoo) Phunware, Inc. (PHUN), a fully-integrated enterprise cloud platform for mobile that provides products, solutions, data and services for brands worldwide, today announced the introduction of the Phun utility token (“Phun”) for its Multiscreen as a Service (MaaS) platform.
The Army wants C5ISR systems on demand(C4ISRNET) The Army is focusing on global hot spots where it thinks it might have to respond with soldiers by sending the proper technicians ahead first. Army staffers are also making sure they configure systems as much as possible in advance of competition, however, but forward technicians can assist if systems break or need to be tweaked.
AI, the Mandatory Element of 5G Mobile Security(Threatpost) The complexity and scale of the 5G ecosystem, combined with a lack of skills and training in software-centric security, will be important drivers for AI deployment in the carrier space.
Following US Huawei ban, China threatens own blacklist for foreign firms(TechCrunch) Odds of the U.S. and China cooling off their trade war further diminished on Friday after the world’s most populous nation said it would create a list of “unreliable” foreign firms of its own. Gao Feng, a spokesman of China’s commerce ministry, said today that the nation will create an “entity list…
Rep. Sherrill Introduces Bipartisan Bill to Safeguard Federal Research from Foreign Espionage(TAP into Sparta) Today, Representative Mikie Sherrill (D-NJ) joined with Representatives Anthony Gonzalez (R-OK), Jim Langevin (D-RI), Elise Stefanik (R-NY), Eddie Bernice Johnson (D-TX), and Frank Lucas (R-OK) to announce the introduction of the bipartisan Securing American Science and Technology Act of 2019 (SASTA) to address academic espionage at our institutions of higher education.
Cyber Command names Navy admiral as new deputy(Fifth Domain) Following the retirement of Deputy Commander Lt. Gen. Vincent Stewart, Cyber Command has been operating without a deputy commander. Now, a new deputy commander has been appointed to help Cyber Command further define its new role as a unified combatant command.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Time Machine 2019(Austin, Texas, USA, November 13 - 14, 2019) At Time Machine, you will actively engage with real-world AI applications. Hear from leaders on the cutting edge of technology, government, industry, academia, and the arts, and uncover the roadmap for...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
National Cyber Summit(Huntsville, Alabama, USA, June 4 - 6, 2019) National Cyber Summit is the nation’s most innovative cyber security-technology event, offering unique educational, collaborative and workforce development opportunities for industry visionaries and rising...
Infosecurity Europe(London, England, USA, June 4 - 6, 2019) Europe’s Leading Event for Information and Cyber Security Bringing business, tech and cyber communities together to discuss and discover how best to protect companies and individuals. Join in to find ‘everyone...
San Diego Cyber Security Conference(San Diego, California, USA, June 5, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. In San Diego the keynote will be delivered by Darin Andersen, CEO/ Founder NXT Robotics,...
Seattle Cybersecurity Conference(Seattle, Washington, USA, June 6, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.