Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Are you attending RSA Conference 2020 in San Francisco February 24–28? Don't forget to stop by Booth 743 to meet the Recorded Future team in person and pick up a free copy of their new book, "The Threat Intelligence Handbook."
February 13, 2020.
By the CyberWire staff
Researchers at Cybereason say that hackers associated with Hamas have been phishing rivals in the Palestinian Authority. The lure is an attached pdf that carries a backdoor installer. There are two distinct campaigns in progress. The first deploys the Spark backdoor, a known threat for the past year. The other installs a hitherto unremarked backdoor Cybereason calls “Pierogi.” The campaigns show certain similarities with those run by the MoleRATs since 2012.
With the US and Iran on mutually high alert in cyberspace, FireEye provides an overview of Iranian cyber capabilities.
A US Government Accountability Office warning about indifferent preparation for the 2020 US census and its possible vulnerability to both hacking and disinformation has, Federal News Network reports, the US House concerned that the census will become the Iowa Democratic caucus writ large.
Researchers at MIT conclude that Voatz, a mobile voting application that’s been adopted in some US jurisdictions, is vulnerable to attackers wishing to “alter, stop, or expose a user’s vote.” Voatz strongly objects to the research, saying it used an old version of its product. MIT reserachers, ZDNet says, maintain that the version they used was still available on Google Play.
IBM X-Force researchers looked into sextortion campaigns and found that Emotet spam has eclipsed Necurs in its intake of ransom. There are two reasons for this. Emotet tends to hit victims through their work email (Necurs affected mostly webmail accounts). And Emotet users charge their marks in Bitcoin, not the less valuable Dashcoin Necurs-using hoods favor.
Today's issue includes events affecting China, Czech Republic, Germany, Ireland, Israel, Palestinian Territories, Russia, Switzerland, United Kingdom, United States.
Bring your own context.
Are there technical approaches to mitigating privacy concerns that arise from surveillance systems?
"Yes. So with privacy, what we have done is, we've enabled there to be a fine-grained control of, first of all, what data gets generated. So in configuration of the cameras, we can actually configure the camera such that only notifications get generated - so things like faces or even the actual events themselves can be discarded by the camera - then also enabling the end user to determine which types of data gets generated and which applications can access that data. So we actually enabled some data to be accessible to some applications and other data to be accessible to other applications or not accessible at all."
—Andrew Wajs, CTO and co-founder at Scenera, on the CyberWire Daily Podcast, 2.11.20.
Data can be as toxic as they can be useful.
Coming soon: CyberWire Pro.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
Georgetown University Part-Time Master's in Cybersecurity Risk Management
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.
And Hacking Humans is up. In this episode, "Fake news and misplaced trust," Joe shares a collection of romance scams from the Great Plains, Dave has a report which uncovered a root system of fake news, the catch of the day comes straight from... Warren Buffet? Later in the show Carole Theriault speaks with Lisa Forte from Red Goat on how her experiences being a police officer have informed her perspective on the human factors in cyber security.
CyCon 3.0(Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!
Industrial Control Systems are Everywhere Hands-On Demonstration(Online, February 18, 2020) Join Dragos at their Feb. 18 ICS Range demonstration to see real control systems, learn about ICS adversaries and hear how to protect your networks. Tom VanNorman, Dragos Director of Engineering Services and co-founder of the ICS Village, walks you through this realistic range and shares his inspiration for developing it.
The Human Hacking Conference(Orlando, Florida, USA, February 20 - 22, 2020) The Human Hacking Conference is an all-encompassing event that teaches business, security, technology, and psychology professionals the latest expert techniques in human deception, body language analysis, cognitive agility, intelligence research, and security best practices.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Cyber Conversation Speaker Series with author Andy Greenberg(Columbia, Maryland, United States, March 11, 2020) On March 11, 2020 at 11:00am at the Maryland Innovation and Security Institute's DreamPort cyber capabilities and mission accelerator facility we will be hosting the first cyber conversation speaker series with author Andy Greenberg.
CyberCon 2020(Anaheim, California, USA, March 30 - April 1, 2020) The CyberCon Industrial Cybersecurity CISO Summit & Workforce Development Conference is a solutions-based cybersecurity conference promoting networking, collaboration and sharing of solutions between cybersecurity experts and leaders in power and utility companies. Gain unprecedented access to over 40 innovative speakers covering a range of pressing cybersecurity topics and an expo featuring 100+ cybersecurity technology providers showcasing innovative solutions. A “Workforce Development Forum” will provide strategies companies need to recruit, train and retain top cybersecurity talent.
Cyber Attacks, Threats, and Vulnerabilities
Hamas-linked hackers exploit current events to spy on rival Palestinian officials, researchers say(CyberScoop) Hackers associated with Hamas, the Islamist militant group that rules the Gaza Strip, are combining new malware with a timeless trick in an espionage campaign against Palestinian officials, private-sector researchers said Thursday. Like many attackers before them, they’re sending emails on enticing topics, ranging from the U.S. killing of Iranian general Qassem Soleimani to the Trump administration’s Middle East peace proposal. The messages come with malicious PDF files that contain a new remote access trojan (RAT), code that gives them a foothold onto a computer, according to Boston-based security company Cybereason.
Vulnerability Summary for the Week of February 3, 2020(CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Watchdog Warns 2020 Census Isn’t Ready(Wall Street Journal) The Census Bureau is behind schedule in recruiting workers and testing online systems that underpin the 2020 count that gets fully under way next month, a government watchdog said.
Voatz Response to Researchers’ Flawed Report(Blog @ Voatz) Voatz wishes to acknowledge the enormous effort it must have taken for the team of researchers, until this point anonymous to us, to produce “The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S Federal Elections”. Our review of their report found three fundamental flaws with their method of analysis, their untested claims, and their bad faith recommendations. First, the researchers were analyzing an Android version of the Voatz mobile voting app that was at least 27 versions old at the time of their disclosure and not used in an election. Had the researchers taken the time, like nearly 100 …
New York Times Profiles Voatz(PR Newswire) Voatz is honored to be featured in The New York Times this morning in a story written by Pulitzer Prize winning reporter, Matthew Rosenberg....
How ‘hunt forward’ teams can help defend networks(Fifth Domain) The Department of Defense wants to spend $11.6 million in fiscal year 2021 to buy systems that would help cyber operators perform “hunt forward” missions, where teams deploy to other countries to stop malicious cyber activity.
Can you trust what you see?(Purdue University) A video on social media shows a high-ranking U.S. legislator declaring his support for an overwhelming tax increase. You react accordingly because the video looks like him and sounds like him, so certainly it has to be him.
Agencies ordered to prepare for GPS outage(Federal News Network) The departments of Commerce, Defense, Transportation and Homeland Security are on the clock to secure systems that support global positioning satellites.
Republicans boycott House Intel hearing (POLITICO) “It is concerning that you prioritize publicity events rather than the more productive work that occurs in the committee’s classified spaces,” the Republicans wrote.
DPC statement on Facebook dating feature(Data Protection Commission) Facebook Ireland first contacted the Irish Data Protection Commission (DPC) in relation to its intention to roll-out a new Dating feature in the EU on Monday 3 February. We were very concerned that this was the first that we’d heard from Facebook Ireland about this new feature, considering that it was their intention to roll it out tomorrow, 13 February.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
2020 OurCrowd Global Investor Summit(Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...
CyCon 3.0(Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...
The Human Hacking Conference 2020(Lake Buena VIsta, Florida, USA, February 20 - 22, 2020) Once flagged by the FBI and the US banking industry as a potential national security threat, the Social Engineering Village (SEVillage) presents this unprecedented experience, The Human Hacking Conference,...
RSA Conference 2020(San Francisco, California, USA, February 24 - 28, 2020) Be part of a conversation that has the power to change the world. Join top cybersecurity leaders and a dedicated community of peers as we exchange the biggest, boldest ideas that will help propel the industry...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.