MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 8, 2020.
CyberWire Pro: available soon.
We're pleased to announce that our new subscription program, CyberWire Pro, will launch soon. For cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
By the CyberWire staff
Iran fired a number of missiles at two US bases in Iraq last night--the Washington Post puts the total at “more than a dozen”--but the attack and the US reaction were sufficiently limited that, according to Foreign Policy, observers think both sides are signalling a desire for deescalation.
In any case no massive Iranian cyberattacks have so far materialized. There were some more low-level defacements of state government sites in Texas and Alabama, Vice reports, but these, like the weekend incident involving a Government Printing Office site, are generally regarded as low-grade operations by sympathizers as opposed to attacks organized and controlled from Tehran.
Most serious concerns about Iranian cyber operations center on possible threats to industrial control systems. Ars Technica has a story about how Tehran sought to recruit a US expert who worked to help Saudi Aramco remediate Iran’s Shamoon attacks on that oil company. And the Telegraph quotes a Carbon Black executive who worked as a cyber commissioner under the previous US Administration warns that a “cyber holy war” could see Iran reverse-engineering US attack tools used earlier against the Islamic Republic.
But website defacements? As CNBC puts it, they’re “meaningless.”
The Cyber Solarium commission that’s been working for the past year to develop recommendations for US cyber strategy offered a preview of their final report (expected in March or April) at the Council on Foreign Relations yesterday. CyberScoop has a summary. The Solarium will call for both enhanced US capabilities, and a White House cyber czar.
Today's issue includes events affecting Austria, China, Indonesia, Iran, Israel, Pakistan, Papua, Russia, Taiwan, United Kingdom, United States.
Bring your own context.
Often, in the US, the Government doesn't need a warrant to get information you've submitted to a third party. Like, say, your car.
"This is the idea that a person does not have Fourth Amendment rights - rights against unreasonable searches and seizures - if they have voluntarily conveyed information to a third party. And that's, on its face, what's happening here. I mean, you probably signed some sort of policy when you purchased the car. Certainly, if you use, like, an OnStar system, you've agreed to their terms and conditions. And you are voluntarily conveying a lot of information to them. And what the third-party doctrine says is the government can obtain that information without getting a warrant. So, you know, if they even have an inkling, just some sort of reasonable suspicion that you've been going around on a crime spree, they can go to GM with a subpoena and say give us data on all of the locations Dave has been in the last year. And you wouldn't need any sort of traditional warrant to obtain that information. This, to me, is why the third-party doctrine seems outdated and limited. For one, it's not really voluntary because, as I said, eventually we're all going to have connected cars. Exactly. And in terms of the specific information we share, the most recent case dealing with this, which was Carpenter v. United States, in that case, the Supreme Court said that historical cell site data did have Fourth Amendment protection because of the broad nature of the data collected and the fact that it wasn't really collected voluntarily because a person is not actively pressing a button sharing their location data. It's collecting that information from you whether you know it or not as soon as you connect to this car. So this is just another instance where I think that entire legal doctrine needs reconsidering in an age where we submit so much to third parties that could reveal every intimate detail about our lives."
—Ben Yelin, from the University of Maryland's Center for Health and Homeland Security, on the CyberWire's Caveat podcast, 1.8.19.
Perhaps Four Amendment jurisprudence or relevant legislation need a re-look? In the meantime, do read those EULAs.
Each year, the cybersecurity industry is bombarded with threats to be concerned about. In the beginning of 2019, we heard about threats like artificial intelligence, machine learning, and ransomware attacks that would plague cyber professionals all year long. LookingGlass threat researchers want to look back at the trends that stood out to them, and which type of threats we can expect to see in 2020. Join us January 16 at 2pm ET for our webinar.
And Caveat is up. In this episode, Dave shares a Washington Post story about the data your car may be collecting about you. Ben digs in to recentrevelations about government surveillance, and later in the show we interview Jason G. Weiss, former forensic expert with the FBI and current Counsel at Drinker Biddle and Reath, where he focuses on cyber security and privacy law.
Free Dragos Webinar: Introducing MITRE ATT&CK™ for ICS and Why it Matters(Online, January 14, 2020) Register today for the Jan. 14 webinar introducing the MITRE ATT&CK for ICS, a new framework that organizes and codifies the malicious threat behaviors affecting industrial control systems. Led by security experts from Dragos and MITRE, who worked together on the framework, you’ll find out how it works, why it was developed and when to apply it.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Deepfakes and the New Disinformation War(Foreign Affairs) Thanks to the rise of “deepfakes”—highly realistic and difficult-to-detect digital manipulations of audio or video—it is becoming easier than ever to portray someone saying or doing something he or she never said or did, with potentially disastrous consequences for politics.
Secretary of State warns of possible cyber threats(Albany Herald) Secretary of State Brad Raffensperger announced Monday that he is instructing elections officials for the state and individual counties to be on heightened diligence against possible cybersecurity attacks
Tik or Tok? Is TikTok secure enough? - Check Point Research(Check Point Research) Available in over 150 markets, used in 75 languages globally, and with over 1 billion users, TikTok has definitely cracked the code to the term “popularity” across the globe. As of October 2019, TikTok is one of the world’s most downloaded apps....
Tricky Phish Angles for Persistence, Not Passwords(KrebsOnSecurity) Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password.
New Tactics Punch Holes in Big Tech’s Ad-Fraud Defenses(Wall Street Journal) Tech giants such as Google and Amazon.com are deploying artificial intelligence to ferret out fraud on their platforms, but some cybercriminals are outfoxing Silicon Valley with software that is getting better at mimicking human behavior.
Interpeak IPnet TCP/IP Stack (Update D)(CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available
Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River
Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River
Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection, Null Pointer Dereference
Proofpoint's 2020 predictions for the Middle East(Intelligent CIO Middle East) Proofpoint has gathered its top predictions for CIOs to watch out for in 2020. Emile Abou Saleh, Regional Director, Middle East and Africa at Proofpoint, tells us downloaders and botnets abound while supply chains and account compromises will drive phishing.
KnowBe4 wraps up 2019 in a big way(St Pete Catalyst) KnowBe4 doesn’t want to keep its 27 consecutive quarters of sales growth under wraps. On Monday, the cybersecurity training company displayed its sales gains on a massive banner that wrapped around the outside of its downtown Clearwater headquarters. CEO Stu Sjouwerman was depicted perched on top of a chart, with bars that each represented double-digit [...]
IBM’s Quantum-Computing Service Tops 100 Customers(Wall Street Journal) The company said more than 100 organizations are using its quantum-computing services, including businesses, universities and government research facilities. That’s up from 40 a year ago.
WidePoint Partners with KoolSpan to Offer End-to-End Encryption for Phone Calls and Text Messages(West) WidePoint Corporation (NYSE American: WYY), the leading provider of Trusted Mobility Management (TM2) specializing in Telecommunications Lifecycle Management, Identity Management and Digital Billing & Analytics solutions and KoolSpan, the provider of TrustCall, have entered into a partnership through which WidePoint delivers KoolSpan’s cross-platform, end-to-end communication solution to WidePoint customers so that they can make phone calls and send text messages securely.
Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD - Black Hills Information Security(Black Hills Information Security) BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.” Download slides: https://www.activecountermeasures.com/presentations/ …
MITRE Releases Framework for Cyber Attacks on Industrial Control Systems(The MITRE Corporation) McLean, VA, and Bedford, MA, January 7, 2020—MITRE released an ATT&CK™ knowledge base of the tactics and techniques that cyber adversaries use when attacking the industrial control systems (ICS) that operate some of the nation’s most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more. The impacts from these attacks range from disruption to operational productivity to serious harm to human life and the surrounding environment.
Tech Giants Defend Privacy Efforts, Promise Improvements(Wall Street Journal) Privacy experts from Facebook and Apple defended the security and use of consumer data on their platforms, though they said greater protections and public education are needed as technology and regulations evolve.
Facebook's deepfake ban evokes mixed reactions(SC Magazine) Facebook's announcement to add deepfakes to the categories of banned content is hardly a patch on the growing misinformation campaigns on the platform say privacy and security experts
Pakistan will not take sides in US-Iran row(Pakistan observer) Mirza Aslam Beg QASEM Soleimani was the top military leader of Iran, playing active role in the Middle East region, as well as Afghanistan. In fact, he was described as the “single most powerful operative in the Middle East today.” According to American intelligence, Soleimani was planning large scale assaults on American troops and interests …
Senators set for briefing on cyber threats from Iran(TheHill) Senators on the Homeland Security and Governmental Affairs Committee were set to receive a classified briefing Tuesday on threats from Iran, including the possibility of a retaliatory cyberattack in response to the killing of I
Congressional commission mulls new private sector reporting requirements(CyberScoop) The Cyberspace Solarium Commission, a bipartisan group tasked last year with devising a strategy for defending the U.S. against cyberattacks, is almost ready to reveal its proposals to the world. The commission’s final report, expected to be issued in March or April, may include new reporting requirements for the private sector that would incentivize better security practices, the commission’s co-chairs, Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., said during a Council on Foreign Relations summit in Washington, D.C. Tuesday. While the final language is unclear, the report is expected to include a sweeping set of proposal ranging from an overhaul of Congressional oversight on cybersecurity issues to an assessment of the Pentagon’s offensive and defensive readiness. Whether there’s broader appetite outside of the 14-member commission to implement the recommendations, however, remains to be seen. One idea the commission has entertained is convincing insurance companies to offer better rates to clients who follow specific guidelines meant …
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX 360 Bangkok(Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
SANS Cyber Threat Intelligence Summit(Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.