Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
September 12, 2019.
By the CyberWire staff
POLITICO says that "three former senior officials with knowledge of the matter" have told the publication that the US Government has concluded that Stingray cell monitoring devices found in Washington, DC, were probably emplaced by Israeli operators.
North Korean hackers are turning to more obscure file formats (like Kodak Flash Pix) in the hope that these will slide unremarked past anti-virus screens, Prevailion researchers have disclosed to CyberScoop.
Ransomware may be acquiring information-stealing functionality. BleepingComputer reports that MalwareHunter Team has found that a strain of the widely used Ryuk ransomware appears to be exfiltrating files of interest to an FTP site. The malware is particularly interested in military, intelligence, and law enforcement data.
Google has now purged twenty-four apps infected with the Joker Trojan from the Play store, Information Age reports.
In the wake of the arrests made internationally in Operation reWired, the US FBI reiterates warnings that business email compromise attacks remain a persistent danger.
US Federal agencies are working out roles and responsibilities in cyberspace during the course of wargames. Breaking Defense describes the exercises as bringing together organizations from the Departments of Defense and Homeland Security. The US Defense Department has also offered Congress a look at some of its current thinking on cyber deterrence. Deterrence is commonly thought of as involving the credible threat of retaliation, but the Department calls its approach to deterrence "multifaceted," with denial playing a significant part. An adversary can be deterred if they became convinced that their attacks would be futile.
Today's issue includes events affecting Bulgaria, Canada, China, Iran, Israel, Democratic Peoples Republic of Korea, Russia, Saudi Arabia, Turkey, United Kingdom, United States.
Bring your own context.
Considerations for crowd-sourcing vulnerability testing.
"It used to be the case where folks would be worried about, quote, unquote, "a hacker" because they defined a hacker the same, whether it was a black hat hacker or a white hat hacker. We have seen that misconception go away, increasingly, not that it's completely gone. The second misconception I would say is how do you focus in on the right way of launching a program? And what do you want to get out of the program? And we've done a lot to help customers understand that it's pretty important to pay that assurance debt down, you know, get all the low-hanging fruit addressed before you go out and build a public program."
—Ashish Gupta, CEO of Bugcrowd, on the CyberWire Daily Podcast, 9.10.19.
Conduct secure and anonymous research on the open and dark web.
If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.
And Hacking Humans is up. In this episode, "An ethical hacker can be a teacher," a listener updates us on "notice of arrest" policies. Dave notes increased instances of Google Calendar spam. Joe shares a claim that AI voice mimicry was used to dupe a company out of nearly a quarter million dollars. (Dave is skeptical.) The catch of the day accuses the target of naughty behavior. Carole Theriault interviews ethical hacker Zoë Rose.
Cyber Security Summits: September 17 in Charlotte and October 3 in NYC(Charlotte, North Carolina, United States, September 17, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Threats to macOS users(SecureList) An extremely dangerous threat is a targeted attack on macOS and iOS users, mainly business users. Several well-known cybercriminal groups are currently working to develop malware for these operating systems.
Multiple Vulnerabilities in Comba and D-Link Routers(Trustwave) There are five new credential leaking vulnerabilities discovered and disclosed by Simon Kenin. Two are in a D-Link DSL modem typically installed to connect a home network to an ISP. The other three are in multiple Comba Telecom WiFi devices. All the vulnerabilities involve insecure storage of credentials including three where cleartext credentials available to any user with network access to the device.
Groton schools suffer data breach(Ithaca Times ) Groton Central School District announced on Aug. 29 that it was one of over 13,000 school districts across the nation victimized in a security data breach that exposed student information.
Local courts effected by cyber attack on Administrative Office of the Courts(Claxton Enterprise) Evans County Magistrate and Probate Courts were effected by a cyber attack of the Administrative Office of the Courts (AOC) located in Atlanta. The attacked occurred on June 29, 2019 but local officials only disclosed the information publically during a Evans County Commissioner’s meeting last week. The AOC provides support to state, probate, magistrate, and municipal court councils.
2019 Verizon Incident Preparedness and Response Report(Verizon Enterprise) Read the new 2019 Verizon Incident Preparedness and Response Report (VIPR). Leverage insights from hundreds of data breach simulations to improve your incident response reporting and mitigation efforts.
VMware COO: We Have a Bigger Plan For Security(WebProNews) Fundamentally, we have a bigger plan for security, says VMware COO Sanjay Poonen. We felt it was the perfect time for us to come up with a disruptive play that was based on big data, was AI, and was cloud-based. There were only two companies doing it, CrowdStrike and Carbon Black.
C2A Security and NXP collaborate on cybersecurity solution
(New Electronics) C2A Security, a specialist in automotive cybersecurity, has announced a comprehensive automotive security solution, developed in collaboration with NXP that uses the company's secure CAN (Controller Area Network) transceivers.
Cyber: DHS, DoD Thrash Out Command Details In Wargames(Breaking Defense) "If it’s a hurricane, [at the Defense Department], they’ve got the mission assignments. They know, 'OK, we’ve got to send people to fill sandbags,'" DHS's Jeanette Manfra explained. For cyber responses, she said, "that part is not mature enough."
Scrambling to become PSD2 compliant? You might have time.(iovation) In their recent opinion the EBA has also provided more clarity on whether specific authentication factors will satisfy SCA requirements for the elements categorized as: inherence, possession and knowledge. The EBA has confirmed that biometric authentication factors such as fingerprint, hand and…
NIST seeks comment on privacy framework(FCW) The latest version comes with a number of notable additions, such as increased flexibility for organizations and a concerted effort to align the agency's privacy and cybersecurity efforts.
Dark Web Forensics - EC-Council Official Blog(EC-Council Official Blog) You have, no doubt, seen the term ‘dark web’ in various news stories. However, many people in cybersecurity don’t know much about it, nor how to investigate it. The dark web is a web of sites that are available only via the TOR network. Now certainly not all of these are criminal sites. Many are... Read More
Web feature developers told to dial up attention on privacy and security(TechCrunch) Web feature developers are being warned to step up attention to privacy and security as they design contributions. Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy…
Moving the Encryption Policy Conversation Forward(Carnegie Endowment for International Peace) The encryption of data and communications has long been understood as essential. Strong encryption thwarts criminals and preserves privacy for myriad beneficiaries, from vulnerable populations to businesses to governments. At the same time, encryption has complicated law enforcement investigations, leading to law enforcement calls for lawful access capabilities to be required of encryption technologies.
CIA Rebuke Wasn't Enough...GOP Rep Wants Investigation Into Shoddy CNN Spy Story(Townhall ) The CIA rarely rebukes a media report, but the agency made an exception for CNN this week. The network recently claimed that two years ago the U.S. pulled an American spy out of Russia. The sources they chose to rely on were "multiple Trump administration officials with direct knowledge told CNN" and "a person."
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Global Security Exchange (GSX)(Chicago, Illinois, USA, September 8 - 12, 2019) Global Security Exchange (GSX) is the only event that brings together security professionals from all vertical markets throughout the world to network, learn, and re-invest in the industry. It’s home for...
Atlanta Cybersecurity Conference(Atlanta, Georgia, USA, September 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Canada(Toronto, Ontario, Canada, September 12, 2019) SINET Canada's theme this year is "accelerating innovation clusters." The conference follows SINET's proven approach: a rich yet intimate conference where participants from industry and government can...
Security Leaders Summit New York Fall(New York, New York, USA, September 12, 2019) If there is anything that unifies CISOs, change is the one constant. For 2019, the focus is on the rapid evolution of the security industry, the rising tide of visibility on security organizations, and...
PCI SSC 2019 North America Community Meeting(Vancouver, British Columbia, Canada, September 17 - 19, 2019) The PCI Security Standards Council’s 2019 North America Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.