Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
November 21, 2019.
By the CyberWire staff
Microsoft describes how Iran's APT33 ("Elfin" or "Refined Kitten") is engaged in attacks against industrial control systems, WIRED says.
Microsoft has also rebutted claims that Microsoft Teams served as the vector for the Doppelpaymer ransomware infestation suffered earlier this month by some Spanish companies, ZDNet reports. Redmond has also quashed rumors that the ransomware is being spread via the BlueKeep vulnerability.
CNN has obtained a warning the FBI has quietly circulated within the auto industry, warning that the US automobile sector is at heightened risk of cyberattack.
Nyotron today published the results of research into ransomware that exposes an attack technique that escapes detection by most anti-ransomware products. They call the technique “RIPlace;” they’ve also released a free tool that allows users to check their Windows systems for susceptibility to the attack.
Bugcrowd's CTO makes a glum prediction about Phineas Fisher's $100 thousand offer for anti-corporate hacktivist work: it will, he thinks, have some takers--it's certainly large enough.
End-to-end encryption seems likely, according to the New York Times, to be the next "bullseye" on the back of Big Tech, who may find themselves playing an unfamiliar role as paladins of civil liberties.
Some US Senators are arguing that 5G is a matter of such vital national importance that there ought to be a Federal 5G czar, the Washington Post reports.
Concerned about potential exploitation by foreign intelligence services, five US Senators have written Amazon to request an explanation of the data-handling and security practices of its smart doorbell subsidiary Ring.
Today's issue includes events affecting Australia, European Union, India, Iran, Democratic Peoples Republic of Korea, NATO/OTAN, Russia, United Kingdom, United States.
Bring your own context.
Personnel security involves, among other things, identifying insider threats as they develop, catching them before they do their damage. It's not easy, and there's obviously a human dimension to the ways an organization handles and helps the troubled and the "disengaged."
"It really is identifying this disengaged individual. And what we find time and again is, when somebody becomes disengaged, whether it's from their job or quite frankly in the community, if you become disengaged and nobody notices, then bad things tend to happen. And so from an employer's perspective, you have to find these early indicators that that employee that you brought into the organization - a trusted, productive part of the corporate organization - all of a sudden has issues. They have stress. They have problems either inside or outside of work that have created this situation. And so, you know, oftentimes, that can range from arguments or problems that they're having with their colleagues, so let's say internal incidents. Perhaps it's with customers, perhaps it's with co-workers, but having an efficient and effective way of having those incidents communicated into leadership becomes really important."
—Tom Miller, CEO at employee risk management firm ClearForce, on the CyberWire Daily Podcast, 11.19.19.
You want to help them, and also protect the business, but that's got to be done with clear respect for their rights and privacy.
Work with the world’s experts in Dark Web analysis.
Based on years of law enforcement and military experience plus current work with international agencies, ReSecurity’s Hunter Unit pulls and analyzes the best data and delivers it in the most actionable format. We provide human-curated, in-depth analysis layered on top of the most comprehensive, exclusive sets of data from the Deep and Dark Web.
And Hacking Humans is up. In this episode, "Security has to be friendly," Dave wonders about Juice Jacking warnings. Joe shares findings from Agari's latest email fraud and identity deception report. The catch of the day promises romance in exchange for airline tickets. Our guests are David Spark and Allan Allford, cohosts of the Defense in Depth podcast.
Cyber Security Summits: November 21 in Houston and December 5 in Los Angeles(Houston, Texas, United States, November 21, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The US Department of Homeland Security, The FBI, US Department of Justice, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CPEs / CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com
RIPlace Evasion Technique(Nyotron) In Spring 2019, Nyotron’s Research team discovered an evasion technique that could allow malicious actors to alter files (including encryption) in a way that enables them to bypass most antivirus, anti-ransomware and Endpoint Detection and Response (EDR) solutions’ detection capabilities.
Customer Guidance for the Dopplepaymer Ransomware(Microsoft Security Response Center) There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which the Dopplepaymer malware spreads. Our security research teams have investigated and have found no evidence to support these claims. In our investigations we have found that the malware relies on remote human operators using existing Domain Admin credentials to spread across an enterprise network.
Forcepoint Presents Cybersecurity Predictions for 2020(ExecutiveBiz) Forcepoint called on its strategists, researchers and engineers to identify and discuss cybersecurity trends they forecast for the coming year and one of those predictions concerns with the Cloud Smart strategy. Eric Trexler, vice president of global government at Forcepoint, shared that more organi
Illumio Updates ServiceNow App with Support for New York Release(Yahoo) Illumio, the leader in segmentation for workload security, today announced an enhancement to its application for ServiceNow, available now in the ServiceNow Store with support for ServiceNow’s New York release, in addition to the London and Madrid releases. Certification by ServiceNow is only granted
What is Password Recovery and How It Is Different from Password Cracking(ElcomSoft blog) Why wasting time recovering passwords instead of just breaking in? Why can we crack some passwords but still have to recover the others? Not all types of protection are equal. There are multiple types of password protection, all having their legitimate use cases. In this article, we’ll explain the d
Privacy Engineering Challenge Winner: Geofencing to Prevent Unauthorized Access(Virtru) To inspire innovative, privacy-preserving data protection solutions, Virtru hosted a privacy engineering challenge during the fall of 2019. Today, we are pleased to announce the winner of this challenge: Krish Suchak’s Audit Map submission introduced geolocation features to help prevent unauthorized data access.
Why AI will be Inhuman(APN) Cyber security provider F-Secure has launched a new research project to further develop the decentralized artificial intelligence (AI) mechanisms currently used in its detection and response technologies. The initiative, dubbed Project Blackfin, aims to leverage collective intelligence techniques, such as swarm intelligence, to create adaptive, autonomous AI agents that collaborate with each other […]
To tackle 5G, the key will be collaboration(C4ISRNET) New 5G technology offer capabilities to our warfighters, such as more data, more speed, reduced latency, and the ability to “operate through” untrusted networks that will likely be the next discriminator on the battlefield.
Attorney General Barr rehashes failed arguments in the encryption debate(American Enterprise Institute - AEI) The Department of Justice’s renewed push for tech companies to grant law enforcement access to encrypted communications ignores the historical record and expert opinions: Weakening strong encryption would compromise Americans’ cybersecurity and national security.
Does the federal government need a 5G coordinator?(C4ISRNET) A bipartisan group of senators called on the White House to name a 5G coordinator to tackle what lawmakers described as an “unprecedented security challenge” presented by the new technology.
GDPR Decision on WhatsApp Delayed Over Company’s Concerns(Wall Street Journal) A decision in Ireland’s privacy investigation into Facebook’s WhatsApp has been delayed because the company’s lawyers raised concerns about how the regulator will share potentially sensitive commercial data with authorities in other European countries.
Bank Accused of Breaching Money Laundering Laws—23 Million Times(Wall Street Journal) Westpac, Australia’s second-largest bank, has been accused of the biggest breach of the country’s money laundering and terrorism financing laws in history, including failing to detect transfers that may have been used to facilitate child exploitation.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
InfoSec Connect 2020(San Diego, California, USA, March 15 - 17, 2020) InfoSec Connect is a high profile, interactive meeting of senior-level cybersecurity leaders from top credit unions, US banks, insurances, and financial services companies. It’s a forum built to share...
CyberCon 2020(Bismarck, North Dakota, USA, October 6 - 7, 2020) Our vision for this annual event is “to bring awareness of Cyber Security through collaboration and education” and for 2020, we will again focus on the critically important roles that both cyber security...
CyberCon(Anaheim, California, USA, November 19 - 21, 2019) CyberCon is a solutions-based cybersecurity conference connecting executives and decisions makers in the power and utilities sector to cybersecurity experts and industry specific solutions. By attending,...
Infosecurity and ISACA North America Expo and Conference(New York, New York, USA, November 20 - 21, 2019) In November 2019, Infosecurity North America and ISACA will align in the field of security, cybersecurity and risk management to create an incredible experience for attendees in programming, solutions...
PCI SSC 2019 Asia-Pacific Community Meeting(Melbourne, Australia, November 20 - 21, 2019) The PCI Security Standards Council’s 2019 Asia-Pacific Community Meeting is the place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross-industry...
Cyber Security X Atlanta(Atlanta, Georgia, USA, November 20 - 21, 2019) Cyber Security X Atlanta is part of the fastest growing cyber security event series, providing events that uniquely cover the entire security landscape. The event will offer invaluable security insight...
Nashville Cybersecurity Conference(Nashville, Tennessee, USA, November 21, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.