Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
November 19, 2019.
By the CyberWire staff
India continues to receive the attention of North Korean cyber operators. A phishing campaign is underway that poses as a job opportunity at Hindustan Aerospace (HAL), the Herald Publicist says.
The US State of Louisiana yesterday activated its cybersecurity response team after some of its servers were hit with ransomware. Affected agencies have begun restoring service, which is expected to be complete in about two days. The Office of Motor Vehicles, for example, will be back in business for the most part at noon today, KPLC reports. ZDNet says the state's Office of Technology Services contained the infestation quickly: Louisiana, unlike some other state and local governments, had a sound plan it executed quickly.
Zscaler has discovered two campaigns using compromised WordPress sites to distribute a remote access Trojan. One uses a bogus Flash Player update as the vector, the other an equally phony "font update" (the font it helpfully offers to update is "PT Sans").
Prevailion warns it's found a clever spearphishing campaign conducted by the HydSeven criminal group. The campaign, which Prevailion calls "Operation BlockChain Gang," is distributing Linux and Windows versions of the macOS Trojan HydSeven used against Cambridge University this summer.
US department store giant Macy's is the latest retailer to suffer a data breach. Computing calls the incident a Magecart attack. Macy's mailed affected customers breach disclosures on November 14.
Huawei has received a ninety-day reprieve from the US, and China hawks are concerned that the US Administration has gone wobbly, the Washington Post reports.
Today's issue includes events affecting China, India, Iran, Democratic Peoples Republic of Korea, Pakistan, Russia, United Nations, United States, Venezuela, and Vietnam.
Bring your own context.
"So what we're seeing, you know, across the board is the more mature your security program is, the less of a target that you'll be. So there are some fundamentals that we continue to see not happening in practice, you know, fundamentals that we've all been talking about for years and years."
—Jennifer Ayers, vice president of OverWatch and security response at CrowdStrike, on the CyberWire Daily Podcast, 11.14.19.
Sometimes effort (intelligent effort) really can equal results.
Work with the world’s experts in Dark Web analysis.
Based on years of law enforcement and military experience plus current work with international agencies, ReSecurity’s Hunter Unit pulls and analyzes the best data and delivers it in the most actionable format. We provide human-curated, in-depth analysis layered on top of the most comprehensive, exclusive sets of data from the Deep and Dark Web.
And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. In this episode, "Solving the Business Challenges of Governance, Risk, and Compliance," their guest is Syra Arif, a senior advisory solutions architect in the security and risk practice at ServiceNow, a global cloud computing company. Syra shares her insights on providing customers with solutions to the business challenges of governance, risk, and compliance. She shares her experience coming up through the industry as a woman, and we also get her perspective on threat intelligence and why it’s critical for organizations to embrace diversity.
Cyber Security Summits: November 21 in Houston and December 5 in Los Angeles(Houston, Texas, United States, November 21, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The US Department of Homeland Security, The FBI, US Department of Justice, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CPEs / CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com
NetSupport RAT installed via fake update notices(Zscaler) The Zscaler ThreatLabZ team observed fake Flash Player and font update campaigns, which lead to the download of the NetSupport RAT. The Zscaler cloud security platform blocked 40,000 such attempts during the past three months.
Louisiana Government Suffers Outage Due to Ransomware Attack(BleepingComputer) The state government of Louisiana was hit by a ransomware attack today that impacted numerous state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development.
Ransomware Bites 400 Veterinary Hospitals(KrebsOnSecurity) National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software.
Vulnerability Summary for the Week of November 11, 2019(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Q3 2019 Cyber Threats and Trends Report(Neustar) Download our free report to understand the latest developments in DDoS attacks and how to mitigate them. What steps will you take to defend against these threats?
Security Predictions 2020(Watchguard) In this year’s Cyber Security Predictions, the WatchGuard Threat Lab has imagined the top cyber attacks we’ll see in 2020 and has also provided tips for simplifying your approach to stopping them.
Sonatype takes long view as it sells out to Vista Equity Partners(DEVCLASS) Code hygiene specialist Sonatype has been taken over by Vista Equity Partners, joining the private equity group’s roster of software firms you might, or might not, remember. Vista has acquired a majority interest in the firm, whose Nexus product helps customers keep track of the open source components in their software, and ensure security fixes …
Databases for actual control system cyber incidents exist – and they are important for many reasons(Control Global) Obtaining control system cyber incident case histories is possible (my database has more than 1,200 actual cases) but it needs to be done with trusted individuals working with industry experts. There is also a need for “whistle blower protection” for individuals and companies that report these incidents. It is important because these incidents often are generic and can, or have, affected multiple different organizations.
Download Mapping the Multi-Cloud Enterprise(BPI Studies) The Business Performance Innovation (BPI) Network is dedicated to identifying, exploring and sharing emerging trends and transformational ideas and practices that are reshaping world markets and competitive landscapes.
Are Twitter Spies Part of a Trend?(Tufts Now) The simple act of signing up for a Twitter account or using the WhatsApp messaging service could expose users to international spying and malicious surveillance, according to two current legal cases—and the implications are particularly concerning for journalists and dissidents who criticize the leaders of authoritarian regimes. The threats also go far beyond what most individuals can defend themselves against, according to a Fletcher School professor.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CyberCon 2019(Anaheim, California, USA, November 19 - 20, 2019) CyberCon 2019 targets executives, leaders and decision makers from the power and utilities and cybersecurity industries, including CEOs, CFOs, COOs, CSOs and CISOs, as well as national security advisors,...
CyberCon(Anaheim, California, USA, November 19 - 21, 2019) CyberCon is a solutions-based cybersecurity conference connecting executives and decisions makers in the power and utilities sector to cybersecurity experts and industry specific solutions. By attending,...
Infosecurity and ISACA North America Expo and Conference(New York, New York, USA, November 20 - 21, 2019) In November 2019, Infosecurity North America and ISACA will align in the field of security, cybersecurity and risk management to create an incredible experience for attendees in programming, solutions...
PCI SSC 2019 Asia-Pacific Community Meeting(Melbourne, Australia, November 20 - 21, 2019) The PCI Security Standards Council’s 2019 Asia-Pacific Community Meeting is the place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross-industry...
Cyber Security X Atlanta(Atlanta, Georgia, USA, November 20 - 21, 2019) Cyber Security X Atlanta is part of the fastest growing cyber security event series, providing events that uniquely cover the entire security landscape. The event will offer invaluable security insight...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.