Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
September 24, 2019.
By the CyberWire staff
Proofpoint has released a report concluding that APT10, associated with China’s government, was responsible for a series of phishing attacks conducted against “at least seventeen entities in the US utilities sector” between April 5th an August 29th of this year. The malware used, called “LookBack,” was embedded in malicious Microsoft Word files attached to the emails. LookBack was discovered in July. The activity appears to involve reconnaissance and battlespace preparation.
The European Union's Court of Justice has found that Google is not liable for enforcing the EU’s right to be forgotten worldwide. The Wall Street Journal thinks other decisions expected soon will introduce more uncertainty into transatlantic data transfers.
As the United Nations General Assembly’s annual summit meets, some twenty-seven countries (including all the Five Eyes) have issued a brief “Joint Statement on Advancing Responsible State Behavior in Cyberspace.” It calls for bringing cyberspace into the framework of international law (particularly by applying the principles of proportionality and discrimination that inform the law of armed conflict). CNN and others see it as directed implicitly against Russia and China: the Statement condemns attempts to "undermine democracies" and "undercut fair competition."
Edward Snowden’s new book, “Permanent Record,” is being used as phishbait, Bloomberg reports. Criminals unconnected with Mr. Snowden are emailing a pdf that purports to be the book, and asks the recipients to open and share the pdf. The email says the book has been “banned,” which isn’t true in any case, so refuse the chain letter: the pdf holds malware.
Today's issue includes events affecting Australia, Belgium, Canada, China, Colombia, Czech Republic, Denmark, Estonia, European Union, Finland, France, Germany, Hungary, Iceland, Italy, Japan, Republic of Korea, Latvia, Lithuania, Netherlands, New Zealand, Norway, Poland, Romania, Russia, Slovakia, Spain, Sweden, the United Kingdom, United States.
Bring your own context.
Facial recognition is a challenge for artificial intelligence.
"I think that technology will continue to improve. For instance, we know that, up to this point, these systems have had difficulty distinguishing twins. But they can be complemented with certain techniques so that they're able to distinguish the faces of twins, for instance, by looking at, you know, pores within the twins' faces, and, you know, computing the distances between (laughter) those pores, they may be able to get additional information or additional - build additional discriminative power between the faces of twins. Other things that can be leveraged is how the people walk. If we're not just looking at the face of the person, but at the, you know, entire video of a person walking or moving, then we're able to improve the accuracy of these algorithms and these systems that way."
—Malek Ben Salem, senior R&D manager for security at Accenture Labs, on the CyberWire Daily Podcast, 9.20.19.
Note that the projected improvements involve introduction of more biometric modalities. It won't just be facial recognition: they'll want to teach the AI voice and gait, too.
Is your cybersecurity program aligned with your business goals and objectives?
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success. Learn more.
ON THE PODCAST
In today's podcast, we speak with our partners at the SANS Institute, as Dean of Research Johannes Ullrich discusses the security issues associated with local host web servers. Our guest is Fleming Shi from Barracuda Networks, describing their research into ransomware attacks against cities and states.
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Zero Day Con(Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 20% discount: CYBER_WIRE20
Vulnerability Summary for the Week of September 16, 2019(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Woodstock city, police targeted by 'cyber attack'(Woodstock Sentinel Review) The City of Woodstock and the Woodstock Police Service are both currently suffering cyber attacks.Woodstock’s top administrator, David Creery, confirmed the city had a network breach early Sa…
Security Patches, Mitigations, and Software Updates
Out-of-Band Fixes from Microsoft(ISSSource) In a somewhat rare move, Microsoft released out-of-band security updates to address vulnerabilities in Microsoft software where a remote attacker could exploit of them to take control of an affected system.
The Wild West Of Cyberspace(Forbes) Do we have the necessary technological, investigative, and prosecutorial capabilities and partnerships to effectively chase outlaws in cyberspace?
Hook, Line, and Sinker: Why Phishing Attacks Work(Webroot) In partnership with Wakefield Research, we surveyed 4,000 professionals across the U.S., U.K., Australia, and Japan on their phishing know-how and clicking habits. Looking at the data, we discovered some interesting (and worrisome) trends.
Jask, Carbonite Vet to Lead Vectra’s Americas Channel(Channel Partners) As Vectra's vice president of channel for the Americas, Jessica Couto will be responsible for devising a go-to-market strategy while providing a complete program to global partners of all types.
NIST Issues Preliminary Draft of Privacy Framework(Cooley) Earlier this month, the National Institute of Standards and Technology (NIST) issued a Preliminary Draft of the Privacy Framework, which aligns with the NIST Cybersecurity Framework and is intended…
Finnish Govt. Releases Guide on Securing Microsoft Office 365(BleepingComputer) The National Cyber Security Centre Finland (NCSC-FI) which acts as Finland's National Communications Security Authority published today a detailed guide on how to secure Microsoft Office 365 against data breaches and credential phishing.
Design and Innovation
Cloudflare has a new plan to fight bots — and climate change(TechCrunch) Cloudflare is ratcheting up its fight against bots with a new “fight mode,” which it says will frustrate and disincentivize bot operators from their malicious activity. Bots are notorious for scraping websites and abusing developer access to download gobs of user data. All too often bot…
The NSA General Counsel's Proposal for a Moonshot(Lawfare) Glenn Gerstell presented an interesting and surprising challenge last week, writing in the New York Times that the United States must be ready to face the “profound and enduring implications of the digital revolution.”
IBM hits back at Google's claim of 'quantum supremacy'(The Telegraph) IBM has hit back at Google’s claim of being close 'quantum supremacy' - the point at which a quantum computer could do calculations that would be impossible to complete by the world’s most powerful supercomputers.
Joint Statement on Advancing Responsible State Behavior in Cyberspace - United States Department of State(United States Department of State) The following text is a joint statement affirmed by these countries: Australia, Belgium, Canada, Colombia, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Hungary, Iceland, Italy, Japan, Latvia, Lithuania, the Netherlands, New Zealand, Norway, Poland, the Republic of Korea, Romania, Slovakia, Spain, Sweden, the United Kingdom, and the United States. Begin Text: Joint Statement on …
Top Democrat calls for new strategy to address China threats(TheHill) Sen. Mark Warner (D-Va.) on Monday called for a "comprehensive strategy" in dealing with China, saying the Trump administration should be less "erratic and incoherent" in its approach to Chinese threats in cyberspace and other areas.
Companies Face Uncertainty Over Challenges to Trans-Atlantic Data Transfers (Wall Street Journal) Companies that move personal data from the EU to the U.S. must prove they handle the information securely and can choose from a handful of legal mechanisms to support such transfers. But court decisions expected in the coming months could force businesses to find other legal cover.
JP Morgan Hacker Pleads Guilty(Dark Reading) Andrei Tyurin, a Russian national, pleaded guilty to hacking charges related to a massive cyberattack campaign targeting US financial institutions and other companies.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Industry 4.0 - Industrial Cyber Security and Industrial IoT(Chicago, Illinois, USA, September 23 - 24, 2019) The emergence of new digital industrial technology is a transformation to gather and analyze data across machines enabling faster, more flexible, and more efficient processes to produce higher-quality...
GlobalPlatform Technical Workshop(Shenzhen, China, September 24 - 25, 2019) GlobalPlatform is hosting two free-to-attend workshops in Shenzhen, China on 24th and 25th September. Both workshops will focus on device security and the deployment and use of secure devices. The agendas...
2019 FAIR Conference(National Harbor, Maryland, USA, September 24 - 25, 2019) Hosted by the FAIR Institute and our sponsoring partners, the 2019 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater...
SecureWorld New York(New York, New York, USA, September 25, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Little Rock Cybersecurity Conference(Little Rock, Arkansas, USA, September 26, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.