Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
October 30, 2019.
By the CyberWire staff
Facebook subsidiary WhatsApp has filed suit against NSO Group in the US District Court for the Northern District of California. The suit alleges that NSO Group exploited WhatsApp servers to distribute malware designed to enable surveillance of specific WhatsApp users. WhatsApp says it detected the incident in May, and that it enlisted the aid of the University of Toronto's Citizen Lab in the subsequent investigation.
The defacement attack against websites in Georgia may have affected as many as fifteen-thousand sites, Forbes reports. One of the targets was the ProService web-hosting company, which has now, it says, restored normal operations. The company cooperated with the Ministry of Internal Affairs during the recovery. There's still no firm attribution: suspicion of Russian involvement is based on a priori probability. (And not everything that looks like Fancy Bear is in fact Fancy Bear.)
Johannesburg continues its recovery from the Shadow Kill Hackers incident. The city has held firm in its refusal to pay the hackers; there's no word yet that the extortionists have made good on any of their threats.
In-game purchases are being used to launder money, and the popular online game Counter-Strike is trying to tamp this down by preventing keys bought in-game from leaving the purchasing account.
Norsk Hydro's insurance has paid about 6% of the costs the company incurred as result of the LockerGoga ransomware attack it sustained in March.
Coalfire continues, with some success, to fight criminal charges two pentesters face for work they performed at an Iowa courthouse.
Today's issue includes events affecting Canada, China, European Union, Georgia, India, Israel, Nigeria, Norway, Russia, Rwanda, South Africa, Syria, Turkey, United Kingdom, United States.
Bring your own context.
Why are people calling Metasploit a menace?
"They're talking about a particular technique that Metasploit presents called 'shikata ga nai,' which is Japanese for 'nothing can be done.' And what it does is it makes your exploit polymorphic, so it's very difficult to see it when it's coming in through your network. So detection systems are less likely to find it, and the exploit is more likely to be successful."
—Joe Carrigan, of the Johns Hopkins University's Information Security Institute, on the CyberWire Daily Podcast, 10.28.19.
It's a tool, and so has both benign and malign uses. People worry about the commodification of malware and its proliferation to the skids and script kiddies, to the raconteurs and roustabouts...
According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.
The CyberWire's weekly Caveat podcast is also up. In this edition, "Privacy and biometric data," Ben wonders if NSA's authority to collect metadata will be renewed. Dave describes an expensive case of mobile device snooping. Our listener on the line wonders if the feds can monitor his laptop. Our guest is Elizabeth Wharton from Prevailion on biometric data security.
IMAGINE, A MISI salon-style bespoke dinner event(Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.
Cyber Security Summits: November 6 in Boston and November 21 in Houston(Boston, Massachusetts, United States, November 6, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com
NXTWORK 2019(Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.
Notice of Potential Payment Card Incident(Krystal) The Krystal Company would like to advise guests that our company is actively investigating a security incident that involves one of the payment processing systems that services some of our restaurants.
Kurdish spy played key role in locating Baghdadi(Times) President Trump said that Abu Bakr al-Baghdadi’s likely replacement as Islamic State’s leader was “terminated by American troops” as further details emerged of the role played by Kurdish...
Is your security opening up a bag of worms?(TechNative) Despite the headlines, cryptocurrency is still very much on the scene, especially as big names like Facebook try to crack the industry However, while there are many companies trying to do good things with bitcoin, there are also people looking to exploit it. Unsurprisingly, over the last few years, there has been an increase in crimes related to cryptocurrency. While some cyber criminals hold people’s digital assets ransom in return for cryptocurrency, others take a somewhat less upfront approach. In fact, a popular form of crime surrounding the new currency is cryptojacking. Mining for bitcoin takes a serious amount of
Security Patches, Mitigations, and Software Updates
2019 EnergyTech/Information Security Summit Conference – the gap between IT/OT networking and domain experts(Control Global) There has effectively been an exclusion of domain experts (in industry and manufacturing – the engineers/Operations; and in finance - the economists) in control system cyber security. This exclusion of domain experts has also led to the exclusion of control system devices from adequate cyber security considerations. The disconnect between domain experts and networking is very much alive and needs to be addressed.
Are utilities keeping up with cyber threats?(Smart Energy International) Caught in the Crosshairs: Are Utilities Keeping Up with the Industrial Cyber Threats? – details the industry’s vulnerability to cyber risk and its readiness to address them
Nastiest Malware 2019(Webroot Community) It’s that time of year again. The leaves have changed, ghouls and goblins are about to take to the streets demanding tricks or treats, and Webroot is shining the light on the nastiest malware threats lurking online in 2019. It’s not names like Jason or Freddy that should curdle your blood this Octob...
The future of cybersecurity VC investing with Lightspeed’s Arif Janmohamed(TechCrunch) There are two types of enterprise startups: those that create value and those that protect value. Cybersecurity is most definitely part of the latter group, and as a vertical, it has sprawled the past few years as the scale of attacks on companies, organizations, and governments has continuously ex…
Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline(The Aspen Institute) Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline Date: 10/30/2019 By: John Carlin Chair, Cyber & Technology Program, The Aspen Institute For the past four years, the Director of National Intelligence has named cyber threats to critical infrastructure as the top national security concern. Attacks on Atlanta, Baltimore, Louisiana, Florida, Texas show how, …
New cyber coordination center aims to make Louisiana a cybersecurity leader(Baton Rouge Business Report) When Gov. John Bel Edwards announced in August that a new Louisiana Cyber Coordination Center would be established at the Water Campus, near downtown Baton Rouge, he said it was a step towards establishing the state as a global leader in cybersecurity. But what kind of work will the center—to be shared by the Louisiana …
Eversheds Sutherland Adds Cybersecurity & Privacy Counsel Paul McCulloch-Otero(Eversheds Sutherland) Eversheds Sutherland is pleased to announce that Paul D. McCulloch-Otero has joined Eversheds Sutherland’s Cybersecurity & Privacy Practice Group as counsel in the New York office. With his extensive background in cybersecurity, privacy, information technology, risk and compliance, he will counsel clients across industries, particularly bolstering Eversheds Sutherland’s FinTech, RegTech and InsurTech teams.“Cybersecurity and privacy remain top concerns for our clients,...
HITRUST Compliance with Tripwire(Tripwire) The HITRUST CSF helps healthcare organizations comply with various standards like NIST, CIS, HIPAA by providing a single overarching framework. Now, with Tripwire Enterprise, organizations can automate the HITRUST CSF and reduce the burden of compliance.
NSA Certifies General Dynamics Battlefield Encryptor(New Kerala) Business World: FAIRFAX, Va: General Dynamics Mission Systems announced today that the National Security Agency NSA has certified its new TACLANE- Nano KG-175N network encryptor to secure voice, video and data information classified Top Secret/SCI and below traversing public and private IP networks.
This man is running for governor of California so he can run false Facebook ads (CNN) A San Francisco man is going to extreme lengths to call out Facebook's controversial policy of allowing politicians to run false ads on its platform. On Monday morning, he registered as a candidate in California's 2022 gubernatorial election -- not with the primary goal of becoming governor, but so he can run false Facebook ads of his own.
German Spy Chief Says Huawei Can’t Be ‘Fully Trusted’ in 5G(Bloomberg Law) Germany’s spy chief said Huawei Technologies Co. “can’t fully be trusted,” signaling security hardliners in Chancellor Angela Merkel’s government want to keep the Chinese technology giant out of the country’s fifth-generation networks.
FCC proposal targeting Huawei garners early praise(TheHill) The Federal Communications Commission (FCC) is moving aggressively to ban companies from using federal subsidies for equipment from Chinese telecommunications groups Huawei and ZTE, and earning initial praise from lawmakers and industry groups.
16th Air Force to streamline cyber weapon systems(U.S. Air Force) Launched on July 1, 12N12 aims to replace, reduce and consolidate the tools, systems and applications operators and analysts employ within the cyberspace security and defense mission area by July 1,
Significant Pennsylvania election law changes headed to governor’s desk(Mcall.com) Election reform legislation headed toward the governor's desk in Pennsylvania on Tuesday would deliver the biggest changes to state election laws in decades and provide aid to counties for much of the cost of new voting machines as a bulwark against hacking in next year's presidential election.
WhatsApp: Scores of activists targeted with NSO spyware(Amnesty) Responding to a statement by WhatsApp on Tuesday that spyware produced by the Israeli firm NSO Group was used to target more than 100 human rights activists, Danna Ingleton, Deputy Director of Amnesty Tech, said:
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
WSJ Pro Cybersecurity Executive Forum(New York, New York, USA, December 3, 2019) Cybersecurity risks are rapidly changing, so this year’s forum and masterclasses have been redesigned to focus on timely topics including: lessons from the most recent major hacks, what and how to report...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
IS2C Security Conference(Orlando, Florida, USA, October 28 - 30, 2019) (ISC)² Security Congress brings together a global community of cybersecurity professionals. The event offers 175+ educational and thought-leadership sessions, and fosters collaboration with other forward-thinking...
SecureWorld Denver(Denver, Colorado, USA, October 29 - 30, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
CYBERSEC EXPO 2019(Katowice, Poland, October 29 - 30, 2019) CYBERSEC EXPO 2019 is a first of its kind two-day trade fair focused exclusively on the cybersecurity technology. It brings global expertise on the emerging cybersecurity threats and gives access to the...
2019 Securing New Ground(New York, New York, USA, October 29 - 30, 2019) The Security Industry Association (SIA) carefully curates topics and speakers for this two-day conference with the goal of inspiring our fellow leaders in the security about the potential of the global...
5th European Cybersecurity Forum – CYBERSEC 2019(Krakow, Poland, October 29 - 30, 2019) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.