How to Build a Security Operations Center (SOC) on a Budget
Get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations. Get all 5 Chapters in 1 eBook. Download your free copy now.
October 3, 2019.
By the CyberWire staff
The US FBI has issued an alert that ransomware represents a "high-impact" threat.
The UK's NCSC warns of pervasive exploitation of widely-used VPNs.
The New York Times reports that the European Court of Justice ruled today that national courts may order Facebook to take down and restrict access to content globally. The case originated with an Austrian Green Party politician who requested removal of unflattering comments an unnamed individual had posted to a personal page. (The plaintiff, Eva Glawischnig-Piesczek, alleged that three bits of content were impermissibly objectionable. Specifically, she objected to "traitor to the people," "corrupt clod," and "fascist.") Columbia Global Freedom of Expression has an overview.
Facebook yesterday received a letter from US Senators Warner (Democrat of Virginia) and Rubio (Republican of Florida) asking for an explanation of its policies and technical capabilities with respect to deep fakes and fabricated news generally.
An Australian National University review of its data breach concludes that the hackers got in by spearphishing a senior member of the university's staff. The Australian Financial Review reports that ANU declined to name a culprit, but called the attackers "sophisticated" and probably interested in fraud. 10Daily says the phishing victim simply previewed the email, and didn't interact with it in any other way.
Business Insider says FireEye has retained Goldman Sachs, as the security company explores putting itself up for sale.
In a year where CrowdStrike finds cybercriminals more active than state-sponsored hackers, Chinese intelligence services have been taken a leading role in industrial espionage.
Today's issue includes events affecting Australia, Austria, Cambodia, Canada, China, European Union, Ireland, Russia, Singapore, Ukraine, United Kingdom, United States, and Uzbekistan.
Bring your own context.
Reports of skepticism about the Libra cryptocurrency have centered on issues of national sovereignty and its role in fiat money. But simple fear may be a bigger factor.
"They always go to the place of fear. This is change. This is something different. What should I be afraid of? And because it's got the Facebook stamp on it, obviously, in our minds, we can think of various events that have taken place in recent months and years where we think, do we really want to trust Facebook with all of this information? The reality is that we call this Facebook Libra. But it's not Facebook. Not directly, anyway. Facebook is one member in an association where the association will manage this network. Yes, Facebook were the conceiving body. They were the organization that put forward the developers that built out the Libra framework. So the fear that we have, which is, do I really want to trust my personal, identifiable information to an organization that has got a track record of not really looking after that well?"
—Simon Rodway from Entersekt, on the CyberWire Daily Podcast, 10.1.19.
Of course, no one worries about Satoshi Nakamoto, whoever, wherever, and whenever Satoshi may be. Everybody's jake with that...
What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
And Hacking Humans is up. In this episode, "The ultimate hacking tool," Joe reviews highlights from a Proofpoint report on the human aspects of cyber attacks. Dave describes the FTC's cases against online dating site Match.com. The catch of the day comes straight from Her Majesty the Queen. Carole Theriault returns with an interview with Corin Imai, Senior Security adviser at DomainTools, about phishing attacks they’ve been tracking in the UK.
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Cyber Security Summits: October 3 in NYC and October 17 in Scottsdale(New York City, New York, United States, October 3, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The U.S. Department of Justice, The FBI, Google, IBM, Darktrace, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com
The 6th Annual Journal of Law and Cyber Warfare Symposium(New York, NY, United States, October 17, 2019) The 6th Annual Cyber Warfare Symposium features discussions around emerging cybersecurity issues, focusing on cyber warfare and how companies can respond to cyber-attacks. Use discount code CyberWire50 for 50% off. Email firstname.lastname@example.org for a chance to receive a complimentary ticket.
NXTWORK 2019(Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.
Cybersecurity giant Comodo can’t even keep its own website secure(TechCrunch) Comodo, which bills itself as a “global leader in cybersecurity solutions,” said its forum was hacked. The admission came in no less than a forum post, which confirmed a hacker exploited a recently disclosed vulnerability in vBulletin, a popular forum software used by Comodo. The flaw, …
UBS sees $22/share for potential FEYE sale(FireEye) UBS analyst Fatima Boolani weighs in after yesterday's Business Insider report that FireEye (NASDAQ:FEYE) is considering a sale. Boolani calculates a sum-of-the-parts valuation of $22 per share, using a 5x CY20 estimate of Enterprise value/sales multiple.
Information security in loss figures(Kaspersky Daily) We surveyed almost 5,000 business decision-makers willing to share their thoughts on cybersecurity and their firms’ attitudes about cyberthreats.
But We Have an Email Gateway...(Akamai) In my previous phishing blogs, I wrote about the evolution of phishing and the industrialization of phishing that's being driven by the availability and low cost of toolkits....
Why Europe Won't Combat Huawei's Trojan Tech(The National Interest) Europe is wary of its U.S. counterpart's intentions. But U.S. tech companies will be the least of Europe’s concerns if Huawei hands over European data to the Chinese government.
Who do I escalate my cyber emergency to?(Professional Security) A business continuity and IT disaster recovery company offers advice, on how to escalate a cyber incident in the UK, after the US Senate passes the DHS Cyber Hunt and Incident Response Teams Act.
Senators press tech firms on 'deepfake' technology(Seeking Alpha) Two senators have sent letters to key online media giants, expressing worry about "deepfake" technology allowing for audiovisual fabrications and their use in disinformation campaigns.
Senate summons supervisors on county courthouse capers(Perry News) The members of the Dallas County Board of Supervisors received an invitation Tuesday to travel to the statehouse in Des Moines Friday for a hearing on the alleged burglary of the Dallas County Courthouse Sept 11.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Kansas City Cybersecurity Conference(Kansas City, Missouri, USA, October 3, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Australian Cyber Conference 2019(Melbourne, Victoria, Australia, October 7 - 9, 2019) The Australian Information Security Association (AISA) is the premier industry body for information security professionals in Australia. As a nationally recognised not-for-profit organisation, AISA champions...
CyberNext Summit(Washington, DC, USA, October 8 - 10, 2019) Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) 8-10 October, 2019 in Washington...
Borderless Cyber(Washington, DC, USA, October 8 - 10, 2019) OASIS Borderless Cyber and The Integrated Adaptive Cyber Defense (IACD)'s Integrated Cyber merge conferences this year to bring you a three-day program addressing advances in automation and autonomous...
SecureWorld Dallas(Dallas, Texas, USA, October 9 - 10, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.