Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
September 10, 2019.
News from the 10th Annual Billington CyberSecurity Summit
Some additional notes from last week's Billington CyberSecurity Summit, including reflections on inherent government responsibilities with respect to cybersecurity from NCSC's Ciaran Martin. And the US Department of Defense finds it more difficult to retain cyber operators than it does to recruit them in the first place.
By the CyberWire staff
The distributed denial-of-service attack that struck Wikipedia over the weekend remains under investigation, but BleepingComputer reports some speculation that the incident was the result of a botnet testing round. (They also report that the UK's NCSC recommends dusting off DDoS protection advice it's offered for some time.)
ESET says it's associated a hitherto overlooked backdoor with Stealth Falcon. Stealth Falcon itself has been connected by the University of Toronto's Citizen Lab with the distribution of spyware against a range of Middle Eastern targets. It's regarded as being, probably, a United Arab Emirates' operation, linked to Project Raven, which Reuters described earlier this year.
In a disclosure coordinated with manufacturer Telestar Digital, Vulnerability-Lab reports that Dabman and Imperial web radios were vulnerable to exploitation through an "undocumented Telnet service on the standard port 23." Telestar has fixed the vulnerabilities.
Toyota Boshoku, a parts unit of Toyota Group, continues to investigate a business email compromise scam in a European subsidiary that may have cost the company ¥4 billion (approximately $37 million). According to Infosecurity Magazine, the incident occured on August 14th, and if it followed the usual business email compromise template, the theft depended on social engineering.
The Washington Post reports that in 2017 the US exfiltrated an "asset" (a source, an agent) from Russia. The asset had provided the US with information about 2016 Russian election hacking.
Today is Patch Tuesday, and updates will appear throughout the day. Ivanti recently offered a forecast of Microsoft's expected patches in Help Net Security.
Today's issue includes events affecting Australia, Canada, China, Czech Republic, European Union, India, Japan, Republic of Korea, Netherlands, Oman, Philippines, Poland, Russia, Saudi Arabia, Thailand, Ukraine, United Arab Emirates, United Kingdom, United States.
Bring your own context.
What lessons can CISOs learn from venture capitalists?
"VCs are used to working with the financial stakeholders. They're used to building funds and generating specific targeted returns, but, you know, you look at a lot of the folks that move into these roles of CISO and CSO. There is not a lot of training, whether it's how to put cybersecurity into a business context and think of it as a kind of key strategic plank for the business, whether it's defining the risk not as an IT risk but as an enterprise risk. You know, those kinds of strategic skills and that kind of board interaction are not commonplace in terms of their career path development, so gaining those skills and building that capability, I think, is one of the really significant challenges facing most CISOs."
—Doug Grindstaff, senior vice president of cybersecurity solutions for the CMMI Institute, on the CyberWire Daily Podcast, 9.6.19.
Think in terms of enterprise risk, and pay close and continuous attention to the stakeholders.
Conduct secure and anonymous research on the open and dark web.
If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.
Cyber Security Summits: September 17 in Charlotte and October 3 in NYC(Charlotte, North Carolina, United States, September 17, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Recruiting Cyber Workforce Easier Than Retaining Them(U.S. DEPARTMENT OF DEFENSE) The military is doing a great job recruiting cyber talent into military and civilian service, but retention is more difficult, said the deputy assistant secretary of defense for cyber policy said.
Lessons learned, presented by the UK's NCSC.(The CyberWire) If NCSC CEO Ciaran Martin has learned anything during his tenure at the Centre, it's that pieties about public-private partnership can be a recipe for inaction, and that governments need to step up and understand their inherent responsibilities in cyberspace.
Thoughts on preventing a cyber 9/11.(The CyberWire) Public and private sector leaders share thoughts on how to prevent a "cyber 9/11." There are lessons to be learned from preparing for and responding to natural disasters.
Warfighting in the fifth domain.(The CyberWire) A Marine Corps dictum: when good people meet bad process, bad process wins. Major General Crall, Deputy Principal Cyber Advisor and Senior Military Advisor for Cyber Policy in the Department of Defense, reminded the summit that, "This is all about outcomes."
Wikipedia DDoS Attacks Prompt NCSC to Remind of DoS Mitigation(BleepingComputer) UK's National Cyber Security Centre urges organizations worried about Denial-of-Service (DoS) attacks to implement mitigation measures following a worldwide Wikipedia outage caused by Distributed Denial-of-Service (DDoS) attacks.
Vulnerability Summary for the Week of September 2, 2019(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available
Security Patches, Mitigations, and Software Updates
Telegram fixes bug that failed to delete ‘unsent’ photos and videos(TechCrunch) Mobile messaging app Telegram has fixed a bug allowing users to recover photos and videos “unsent” by other people. Telegram, which has more than 100 million users, has an ephemeral messaging feature that allows users to “unsend” sent messages from other people’s inbox…
Symantec’s Consumer Business Said to Draw $16 Billion Bid(Channel Partners) According to the Wall Street Journal, Permira and Advent International have proposed a deal to take over the Symantec's consumer business. The consumer unit includes the Norton antivirus and LifeLock identity protection products.
CyberSN Appoints Cyber Staffing Industry Veteran as President(Yahoo) Cybersecurity Staffing Industry Veteran Mark Aiello bolsters CyberSN's commitment to serve the Cybersecurity community. BOSTON, Sept. 10, 2019 /PRNewswire/ -- CyberSN, the largest technology and cybersecurity talent acquisition firm with a self-service job platform enabling employers and job seekers
Delta College earns federal cyber defense designation(Midland Daily News) Delta College has been designated as a National Center of Academic Excellence in Cyber Defense Education, jointly sponsored by the U.S. National Security Agency and the U.S. Department of Homeland Security..
US Officials Fear Disjointed Battle Against the ‘Global Cyber Pandemic’(Voice of America) Security officials these days are anything but shy when they describe the dangers facing the United States in cyberspace. “We’re in the midst, I think we all know, of a global cyber pandemic,” the National Security Agency’s top lawyer warned at a conference last week.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Global Security Exchange (GSX)(Chicago, Illinois, USA, September 8 - 12, 2019) Global Security Exchange (GSX) is the only event that brings together security professionals from all vertical markets throughout the world to network, learn, and re-invest in the industry. It’s home for...
Insider Threat Symposium & Expo(Laurel, Mayland, USA, September 10, 2019) The National Insider Threat Special Interest Group's event is for anyone involved in Insider Threat Program (ITP) Management / Insider Threat Mitigation. Speakers will come from the White House, Missile...
Atlanta Cybersecurity Conference(Atlanta, Georgia, USA, September 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Canada(Toronto, Ontario, Canada, September 12, 2019) SINET Canada's theme this year is "accelerating innovation clusters." The conference follows SINET's proven approach: a rich yet intimate conference where participants from industry and government can...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.