What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
September 19, 2019.
2nd Annual National Cybersecurity Summit
US Federal agencies are taking election security seriously, as we heard yesterday at the second annual National Cybersecurity Summit, organized by the Cybersecurity and Infrastructure Security Agency (CISA). CISA and its partners are concerned with direct hacking of voting systems, but also with countering influence operations mounted by hostile foreign governments. Discussions were particularly aware of the ways in which social media lend themselves to confirmation bias, and the ways in which such bias can be used to create or exploit fissures in civil society.
The Summit, being held this week just outside Washington, DC, continues today and tomorrow. Livestreaming is available here.
By the CyberWire staff
Akamai reports that a new distributed denial-of-service vector, WS Discovery (a UDP amplification technique), is being exploited in the wild. The approach is a good one, from the attackers' point-of-view, since it's enabled them to achieve amplification rates of 15,300%. This, Akamai points out, gives the attack technique the fourth highest reflected amplification factor.
Greenbone Networks has found a very large number of medical images, radiological images, for the most part, exposed to the Internet. Greenbone looked at 2300 Picture Archiving and Communication Systems (PACS) servers based on the DICOM (Digital Imaging and Communications in Medicine) protocol, and found that some 400 million images belonging to 24.5 million patients were easily accessible.
The Wall Street Journal reports that Huawei's membership in FIRST, the Forum of Incident Response and Security Teams, has been suspended. FIRST says the suspension is temporary, and was undertaken in response to US trade sanctions against Huawei. The Washington Post reminds readers that Huawei is defending itself against the sanctions in oral arguments today before the US District Court for the Eastern District of Texas.
US Cyber Command is ramping up operations against ISIS. The sometime Caliphate is not generally reckoned to show a high level of technical sophistication, but it's been able to operate effectively, particularly in its use of the Internet for communication and inspiration. Its resilience lies in part in its use of commercial infrastructure, which makes ISIS's online operations difficult to disrupt without doing unacceptably high and sometimes collateral damage, Fifth Domain observes.
Today's issue includes events affecting Canada, China, India, Iran, Ireland, Malaysia, Russia, Saudi Arabia, Slovakia, United Kingdom, United States.
Bring your own context.
Backing up files involves more than just synchronizing.
"But that synchronization process and because you can buy a new computer and get your data onto that machine quickly, that process has people thinking, oh, my data is backed up. The problem with that is one instance of your data exists, and you're able to get to it from many devices. And my point in this, a proper backup is - whether it's online or offline - is something that is iterative. You can roll back to different versions. You are able to pull it down or pull it out of a drawer because you did it on a disk and put it in a machine and get your information back. Again, a lot of the services today are doing a really good job of protecting your information, etc. But what happens if you get corrupted data and that corrupted data then syncs to all your machines? Guess what? You don't have a backup; you have a bunch of synced-up corrupted data."
—David Dufour, Vice President of Engineering and Cybersecurity at Webroot, on the CyberWire Daily Podcast, 9.17.19.
Cybersecurity Fabric: The Future of Advanced Threat Response
Cyber Attacks continue to increase in size and speed, requiring greater flexibility to defend and respond to emerging security threats. Organizations need inline detection and mitigation to be successful against threats to the evolving network. The solution is one that weaves security throughout your network into a seamless fabric providing coordinated detection and response. Join LookingGlass for our upcoming webinar October 2, 2pm EST to learn how a Cybersecurity Fabric will strengthen your security strategy, simplify your stack, and advance your defenses.
And Hacking Humans is up. In this episode, "Algorithms controlling truth in our society," special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI's reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of multifactor authentication. The catch of the day involves a generous soccer star. Our guest is Matt Price from ZeroFOX with insights on Deep Fake technology.
Cyber Security Summits: September 17 in Charlotte and October 3 in NYC(Charlotte, North Carolina, United States, September 17, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 20% discount: CYBER_WIRE20
New DDoS Vector Observed in the Wild: WSD attacks hitting 35/Gbps(Akamai) Additional research and support provided by Chad Seaman. Introduction Members of Akamai's Security Intelligence Response Team have been investigating a new DDoS vector that leverages a UDP Amplification technique known as WS-Discovery (WSD). The situation surrounding WSD was recently made...
Misconfigured Google Calendars Share Events With the World(BleepingComputer) Thousands of Google users are exposing the contents of their calendars to the public. The information is indexed by search engines and can include email addresses as well as private events from individuals and businesses.
Cyber firms Owl, Tresys merging(Jane's 360) Two US cybersecurity companies – Owl Cyber Defense and Tresys Technology – are in the process of merging, according to Owl officials.
The merger is occurring because DC Capital Partners, the Alexandria, Virginia-based private equity investment firm that already owned Owl, recently
Ping Identity Announces Pricing of Initial Public Offering(Yahoo) Ping Identity Holding Corp. ("Ping Identity") today announced the pricing of its initial public offering of 12,500,000 shares of its common stock at a price to the public of $15.00 per share. The shares are expected to begin trading on the New York Stock Exchange on September
IBM will soon launch a 53-qubit quantum computer(TechCrunch) IBM continues to push its quantum computing efforts forward and today announced that it will soon make a 53-qubit quantum computer available to clients of its IBM Q Network. The new system, which is scheduled to go online in the middle of next month, will be the largest universal quantum computer a…
Documents reveal how Russia wiretaps phone companies(TechCrunch) In cities across Russia, large boxes in locked rooms are directly connected to the networks of some of the country’s largest phone and internet companies. These boxes, some the size of a washing machine, house equipment that gives the Russian security services access to the calls and messages…
Discovery of Document Led to Arrest of Canadian Intelligence Official (Wall Street Journal) The investigation that led to the arrest last week of a senior Canadian intelligence official was triggered by the discovery in 2018 of a document held by a Vancouver businessman who was suspected of operating a mobile-phone network used to distribute narcotics and payments, a person familiar with the matter said.
The first casualty of the US culture war is truth(Times) There’s an old trick in the less reputable corners of journalism. Publish a smear story on the flimsiest of evidence. Then, when it’s exposed as bunk, issue a correction or even a retraction.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
ENISA Maritime Cybersecurity Workshop(Lisbon, Portugal, November 26, 2019) The ENISA Maritime Cybersecurity Workshop will be a full-day event and will take place at EMSA's Headquarters in Lisbon, Portugal. The workshop will include presentations and discussions around the topic...
PCI SSC 2019 North America Community Meeting(Vancouver, British Columbia, Canada, September 17 - 19, 2019) The PCI Security Standards Council’s 2019 North America Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry...
SecureWorld St. Louis(St. Louis, Missouri, USA, September 18 - 19, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Fraud Force Summit(Portland, Oregon, USA, September 18 - 20, 2019) The Fraud Force Summit is iovation's annual conference bringing customers, prospective customers, partners and industry experts together to connect, collaborate and share. The landscape for fraud prevention...
2nd Annual National Cybersecurity Summit(National Harbor, Maryland, USA, September 18 - 20, 2019) The Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) will bring together critical infrastructure stakeholders from around the world to a forum with presentations...
Phoenix Cybersecurity Conference(Phoenix, Arizona, USA, September 19, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.