MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 3, 2020.
By the CyberWire staff
Iran promised retaliation after a US airstrike in the outskirts of Baghdad early today killed Iranian Major General Qassem Soleimani, commander of the Islamic Revolutionary Guard's Quds Force. One of Soleimani's principal collaborators, Iraqi militia commander Abu Mahdi al-Muhandis, was also killed. Reuters cites US sources as saying the strike was intended to disrupt further plans by militia aligned with Iran to attack US targets, including the US embassy in Iraq. Iranian operations against US assets and interests have long been asymmetric and, despite recent rocket and mob attacks, are likely to remain so. Observers expect an increase in cyber conflict, and the Telegraph takes a look at the current state of Tehran’s capabilities.
Taiwan’s government has adopted a rumor-control program that appears to be enjoying some success, the Wall Street Journal reports, against Chinese disinformation campaigns mounted against the island republic’s elections.
Travelex, a major London-based international currency exchange, is still working to restore online services after finding what it called a “software virus” in its systems on New Year’s Eve. The exchange is still able to conduct in-person transactions manually, and it has reassured customers that no personal data were compromised.
Little new is known about the attack on RavnAir, but apparently maintenance software specific to the airline group's Dash 8 twin-turboprop aircraft was affected. It's publicly unknown how or why the incident occurred, but the Register quotes speculation that this may have been a ransomware attack.
British businesses feel the effects of California's CCPA, SC Magazine reports.
Today's issue includes events affecting Canada, China, India, Iran, Israel, Liberia, Pakistan, Taiwan, United Arab Emirates, United Kingdom, United States.
Bring your own context.
Why do people swallow phishbait, hook line and sinker?
"Fear of missing out, anger, frustration - all of these triggers that are essential to an effective phishing email are the things that we see today. And so my focus has always been on cutting through the fog in the minds of the average employee to enable them to see a little bit more clearly the threats that surround them. But at the end of the day, it's about the emotional trigger and the sophistication of the data capture that happens after the trigger has been tripped.
"I'm generalizing here, right? So there are obviously a couple of different buckets that employees fall into. So I'm talking about, you know, the average person who's not intimately engaged with security as a profession. Those employees largely are completely unconcerned with security. And that's not a criticism. That's just the fact of life of an adult learner is that they're focused on a hierarchy of needs that relate to their personal situation, their immediate professional obligations. And everything after that, they struggle to find time for. And a lot of people see security as a field handled by others who are responsible for keeping them safe. And so their day-to-day view of the world is not focused on good security habits."
—Dennis Dillman, VP of security awareness at Barracuda Networks, on Hacking Humans, 1.2.20.
People take the bait not because they're dumb or lazy. They take it because they have responsibilities other than security, and those responsibilities tend to be at the forefront of their mind. And they take the phishbait because, like the rest of us, they're human, all too human.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
We incorrectly identified the North Korean threat group Microsoft callsThallium as APT31 yesterday. It should have been APT37. (APT31 is the Chinese threat group also known to Redmond as Zirconium.)
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Leveraging Disk Imaging Tools to Deliver RATs(Trustwave) This year we observed a notable uptick in disc imaging software (like .ISO) being used as a container for serving malware via email, with .ISO archives attributing to 6% of all malware attachment archives seen this year.
Travelex suspends services after malware attack(TechCrunch) Travelex, a major international foreign currency exchange, has confirmed it has suspended some services after it was hit by malware on December 31. The London-based company, which operates more than 1,500 stores globally, said it took systems offline “as a precautionary measure in order to pr…
Cable Bahamas warns users of phishing scams(EyeWitness News) Cable Bahamas has warned of ongoing attempts by cyber criminals to obtain information from its customers in the form of “phishing”, a common online scam that tricks unsuspecting v…
Ransomware may have cost the US more than $7.5 billion in 2019(MIT Technology Review) It was another big year for ransomware, the extremely profitable style of cyberattack in which computer systems and data are taken over by hackers and held hostage until the victim hands over a payoff.In 2019, these attacks wreaked havoc around the globe, earned criminals vast sums, and even occasionally provided a weapon for government hackers.
Dell puts RSA on the block(Blocks and Files) Dell Technologies has hired Morgan Stanley to sell its RSA security business, according to PE Hub. RSA supplies software to detect cyber-security risks such as fraud and malware. The business has more than 30,000 customers across the globe, generates $170m – $200m EBITDA and could fetch as much as $3bn, according to some estimates. Bloomberg …
AI Offers an Edge as Cybersecurity Sector Consolidates(Wall Street Journal) The cybersecurity-vendor sector is set to trim some of its fat in 2020, venture-capital executives say, and companies that weave sophisticated technologies such as AI into their products are the ones likely to succeed.
Insuring against cyber crime damage(Lancashire Business View) While you can certainly reduce your chances of falling victim to cyber crime by following the advice contained within this feature, no system is entirely secure.
The Paper Password Manager(Black Hills Information Security) Michael Allen // Every year around the holidays I end up having a conversation with at least one friend or family member about the importance of choosing unique passwords for each web site or service they use. Usually, it’s after they’ve received a phone or a camera or some other “smart” device for Christmas and …
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Women in Cybersecurity 2020 Conference(Denver, Colorado, USA, March 12 - 14, 2020) Each year, WiCyS holds an annual conference with local host college partners. The WiCyS Conference is an excellent opportunity for companies to connect with women students and candidates to recruit them...
CPX 360 Bangkok(Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
SANS Cyber Threat Intelligence Summit(Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.