Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
September 23, 2019.
By the CyberWire staff
YouTube users suffered what appears to have been an extensive and coordinated account hijacking campaign over the weekend, ZDNet warns. The "car community" was particularly targeted, and the attacks seem to have begun with phishing.
Late Friday, Facebook identified data collection and handling issues with "tens of thousands" of applications associated with some four-hundred app developers. The findings came as the social network continues its self-inspection post-Cambridge Analytica.
Iran will take proposals for a Gulf regional security organization to the United Nations General Assembly’s annual summit this week, the Guardian reports. The intent is to assemble a “Coalition of Hope” designed for the most part to exclude the US and UK from a continuing role as protector of Iran’s regional rivals. The move occurs as tensions remain high over the September 14 drone attack against Saudi oil facilities.
There were reports over the weekend that Iranian petrochemical operations had been affected by a cyberattack. Iran took the social media chatter seriously enough to issue an official denial that there had been any successful attacks.
Much Gulf-regional conflict has involved cyber operations, CNBC observes, some in retaliation for kinetic actions like Iran’s shootdown of a US surveillance drone. The US is looking to cyber operations as an approach to deterrence. The New York Times says that US Cyber Command has been considering cyberattacks to disrupt Iranian oil production.
According to Reuters, Huawei CFO Meng Wanzhou returns to court in Vancouver today, where her lawyers will press for details concerning her arrest.
Today's issue includes events affecting Australia, Canada, China, Ecuador, Egypt, France, Germany, India, Iran, Israel, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Philippines, Russia, Saudi Arabia, Spain, Taiwan, United Arab Emirates, United Kingdom, United States.
Bring your own context.
We often think of information operations as placing ideas in front of people, but there are other ways in which they can serve as a force multiplier.
"And the flip side to that is the removal of information. I mean, it's not just about the presence of information, but also what information you can take away from a population so they cannot verify certain facts. But there are other mechanisms in terms of that force multiplier. Not just in terms of political influence and driving certain ideologies, but also, you know, this idea that, actually, physical attacks can be backed up by knocking out digital systems to enable much more effective operations. And so this idea of sabotage is coming into play. And this is a concept that a gentleman named Thomas Rid really put forward around sabotage, that cyberattacks are around sabotage, espionage, and this idea - and subversion. And so they all act as force multipliers for political influence but also in digital warfare. So this idea of cybersecurity and cyberattacks acting as a force multiplier is a multifactor thing that we need to really consider in terms of modern conflict."
—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 9.18.19.
It's not always hackers in hoodies taking out a power grid. (Sometimes, but not always.)
Is your cybersecurity program aligned with your business goals and objectives?
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success. Learn more.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses privacy issues surrounding smart TVs.
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 20% discount: CYBER_WIRE20
Cyber Attacks, Threats, and Vulnerabilities
Returning rogue weather app continues mobile ad fraud(Telemedia Online) A weather app from Chinese company TCL Communications has once again been caught making digital purchases of premium services without the knowledge of the A weather app from Chinese company TCL Communications has once again been caught making digital purchases of premium services without the knowledge of the phone’s owner
Report: Iranian Servers, Websites Come under Cyber-Attack(Asharq AL-awsat) A number of Iranian servers and websites - including those of some petrochemical firms - were under a cyber-attack, said reports on social media. There was no immediate official comment, and the websites of the main state oil company NIOC appeared to
An Update on Our App Developer Investigation(Facebook Newsroom) We're sharing an update on our ongoing App Developer Investigation, which we began in March of 2018 as part of our response to the episode involving Cambridge Analytica.
Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites(TrendLabs Security Intelligence Blog) We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains.
Before He Spammed You, this Sly Prince Stalked Your Mailbox(KrebsOnSecurity) A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything.
10 signs you're being socially engineered(CSO Online) Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.
Very strange Barclays bank Phishing Scam(My Online Security) We see lots of phishing attempts for email credentials. This one is quite strange and weird, It pretends to be a message from Barclays Bank to update card details. I don’t know what is happening but…
Security Patches, Mitigations, and Software Updates
Extending free Windows 7 security updates to voting systems - Microsoft on the Issues(Microsoft on the Issues) Today, as part of Microsoft’s Defending Democracy Program, we are announcing that we will provide free security updates for federally certified voting systems running Windows 7 through the 2020 elections, even after Microsoft ends Windows 7 support. I would like to share more on why we help customers move away from older operating systems and...
CACI opening cyber R&D facility in Texas(Jane's 360) CACI International, which is based in Arlington, Virginia, plans to open an office in Port San Antonio, Texas, on 20 September to conduct research and development (R&D) on cyber security and cyber space.
How Louisiana Responded to Its Recent Ransomware Attacks(Government Technology) Through quick response and an existing cyberthreat response system, the state managed to stave off what could have been a much more disastrous attack that would have affected twice as many communities.
Why is Today’s SOC Ineffective?(Devo.com) Security Operations Centers are the nerve centers of cybersecurity programs. They serve a critical function by helping businesses improve their security posture by monitoring, detecting, and analyzing potential threats. But for a number of reasons, today’s SOCs are not doing this effectively.
How to protect your company’s backups from ransomware(Security Boulevard) Backups are an important part of any ransomware disaster recovery plan - but how do you keep your backups safe? The post How to protect your company’s backups from ransomware appeared first on Emsisoft | Security Blog.
Cameroon: ICT actors upgrade skills on management of cyberspace(Journal du Cameroun) ICT actors drawn from institutions in diverse sectors in Cameroon as well as those from the National Agency for Information and Communication Technologies, ANTIC have received training that would enable them upgrade their skills in the management of the cyberspace in Cameroon. This was at the third edition of a workshop on cyber risks assessment …
Meet Facebook’s latest fake(TechCrunch) Facebook CEO Mark Zuckerberg, a 35-year-old billionaire who keeps refusing to sit in front of international parliamentarians to answer questions about his ad business’ impact on democracy and human rights around the world, has a new piece of accountability theatre to sell you: An “Overs…
Information gerrymandering and undemocratic decisions(Nature) In a voter game, information gerrymandering can sway the outcome of the vote towards one party, even when both parties have equal sizes and each player has the same influence; and this effect can be exaggerated by strategically placed zealots or automated bots.
Southeast Creates Institute for Cybersecurity(Southeast Missouri State University) A new Institute for Cybersecurity is being created at Southeast Missouri State University to further research, education and service activities in this growing high-need field of study.
U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech - CyberScoop(CyberScoop) U.S. Secretary of Defense Mark Esper is calling on allies in the North Atlantic Treaty Organization to bar Chinese companies from developing 5G networks there, reiterating an American argument that largely has failed to convince European countries to blacklist telecommunication firms with ties to Beijing. Esper, in a speech Thursday at the Cybersecurity and Infrastructure Security Agency summit in Maryland, said “every Chinese company has the potential to be an accomplice in Beijing’s state-sponsored campaign to steal technology.”
Huawei Seeks To Minimize Links To China At FCC(Law360) Chinese technology giant Huawei is stepping up efforts to convince U.S. officials it has no direct ties to the Chinese government, telling the Federal Communications Commission this week that many telecom companies have dealings with the superpower without being viewed as national security concerns to the U.S.
Seoul's defense chief vows beefed-up efforts against growing cyberthreats from N. Korea(Korea Herald) Defense Minister Jeong Kyeong-doo said Friday that threats in cyberspace posed by North Korea and other entities have been growing and vowed efforts to bolster the country's cyber operations capabilities.Jeong made the remark during a conference on defense cybersecurity held in Seoul earlier in the day."Even at this moment, cybersecurity threats are increasing from all directions, as North Korea and other uniden...
Taiwan to test cyber defense in first joint exercise with US(Focuse Taiwan) Taipei, Sept. 22 (CNA) Taiwan will soon test its cyberwar defense capabilities in the first-ever Cyber Offensive and Defensive Exercises to be held with the United States in November, Vice Premier Chen Chi-mai (陳其邁) told CNA Sunday.
Sen. Warner Calls Huawei 5G Threat “Unprecedented”(MeriTalk) Sen. Mark Warner, D-Va., ranking member of the Senate Intelligence Committee, said today that the threat posed by Chinese government-supported network equipment makers including Huawei to the global 5G communications ecosystem is unprecedented. One solution to displace Huawei equipment from communications networks, the senator said, may be government-industry cooperation to make cheaper communications gear available to carriers.
CISA stepping into cybersecurity coordinator role as agencies improve cyber hygiene(Federal News Network) Federal Chief Information Security Officer Grant Schneider, speaking Thursday at the Cybersecurity and Infrastructure Security Agency’s summit, said agencies have “come a long way” on cybersecurity, and pointed to overall higher FISMA and FITARA scores as evidence that government has turned a corner on cyber.
A Peek Inside the ‘Puzzle Palace’(Foreign Policy Research Institute) Created by a secret directive of President Harry Truman in 1952, the National Security Agency (NSA) is America’s largest, most expensive, and most secretive intelligence organization. For years, it was an accepted shibboleth within its Fort Meade, MD, headquarters that the acronym “NSA” stood for “No Such Agency”—which happened to…
Air Force Creates 16th Air Force(SIGNAL Magazine) In the next month or so, the U.S. Air Force will be standing up its latest Numbered Air Force, the 16th Air Force, leaders report.
States Try to Stop Political Deepfake Videos(Nextgov.com) State lawmakers are increasingly focused on deceptively edited videos, a pervasive technology that advocates say has the potential to disrupt elections. But are bans constitutional?
The Mounties get their man, and he's one of their own(The Hill Times) We must remind ourselves that all of this is alleged and not proven. Cameron Ortis is, of course, innocent until any of this is demonstrated beyond a reasonable doubt. It does not look good, but we must wait and see. Even if the details are salacious.
Cyber Stalking: What You Need to Know Before Hitting Send(Daily Business Review) While our iPhone and android devices give us virtually unlimited freedom to communicate with anyone at any time, the downside inevitably has been that electronic communications are often sent hastily, emotionally, and, are not always welcome by the recipient.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Industry 4.0 - Industrial Cyber Security and Industrial IoT(Chicago, Illinois, USA, September 23 - 24, 2019) The emergence of new digital industrial technology is a transformation to gather and analyze data across machines enabling faster, more flexible, and more efficient processes to produce higher-quality...
GlobalPlatform Technical Workshop(Shenzhen, China, September 24 - 25, 2019) GlobalPlatform is hosting two free-to-attend workshops in Shenzhen, China on 24th and 25th September. Both workshops will focus on device security and the deployment and use of secure devices. The agendas...
2019 FAIR Conference(National Harbor, Maryland, USA, September 24 - 25, 2019) Hosted by the FAIR Institute and our sponsoring partners, the 2019 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater...
SecureWorld New York(New York, New York, USA, September 25, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Little Rock Cybersecurity Conference(Little Rock, Arkansas, USA, September 26, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.