Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
January 16, 2020.
CyberWire Pro coming soon.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
By the CyberWire staff
CRN offers a rundown of opinion to the effect that reaction to CVE-2020-0601 has been “overblown,” and to be sure the NSA-disclosed Windows crypto flaw is not apocalyptic, but it’s nonetheless one that should be patched without delay. ZDNet reports that two proof-of-concept exploits of the CryptoAPI (Crypt32.dll) bug have already appeared. (And they add that the vulnerability is now being called “Curveball.”)
As the US and Iran continue their confrontation, no significant attacks from either side have come to public attention. But the US Cybersecurity and Infrastructure Security Agency (CISA) has cautioned the chemical industry that it could be subject to cyberattack, and offers advice on hardening itself against the threat.
Families of deployed US paratroopers are being harassed in social media. The source is unclear, the Military Times reports.
According to Threatpost and BleepingComputer, Cofense researchers determined that the United Nations sustained a phishing campaign designed to deliver Emotet and the TrickBot Trojan. The campaign, which apparently was less than fully successful, used emails spoofing the Norwegian Mission to deliver a malicious Word document.
Sophos finds more fleeceware apps in Google’s Play Store. Fleeceware automatically charges subscription fees if the user neglects to cancel when a “trial period” expires. Users often find that breaking up is harder to do than they expected, and the subscriptions can be pricey.
Moscow delivers its usual informational counterbattery fire in the Burisma hacking case, with Sputnik pooh-poohing the whole episode as a self-serving conspiracy theory launched by Hillary Clinton. So sez Sputnik.
Today's issue includes events affecting Australia, China, European Union, Iran, Norway, Russia, Ukraine, United Kingdom, United Nations, United States.
Bring your own context.
What's all this about bloatware, and why are people saying bad things about it?
"They have legitimate concerns that there are some privacy issues with these apps. First off - and security issues as well. They're not updatable. They don't get updates unless it's an update pushed out through the cellphone provider many times. The apps are not installed through the Google Play store, so they're not subject to the scrutiny that those apps go through. Now, you can argue about how good that scrutiny is. But these apps don't get any scrutiny. They're just installed by default. And they, a lot of times, will leak information about the user."
—Joe Carrigan of the Johns Hopkins University Information Security Institute, on the CyberWire Daily Podcast, 1.14.20.
And a quick note to our readers...
Monday is Martin Luther King Day, and we'll take a break from publication and podcasting while we observe the Federal holiday. We'll be back to our usual schedule on Tuesday.
Georgetown University Part-Time Master's in Cybersecurity Risk Management
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.
And Hacking Humans is up. In this episode, "Life in the (second) age of pirates," Dave has an account from a man who was almost scammed by an impersonation of his own close friend. Joe has the story of a sophisticated phishing scheme involving Microsoft Office 365. The catch of the day goes all the way back to the age of pirates. Carole Theriault interviews Andrew Brandt from Sophos regarding their 2020 threat report.
CyberTech Tel Aviv(Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Enhancing Chemical Security During Heightened Geopolitical Tensions(CISA Insights) In light of recent international events with the potential for retaliatory aggression against the U.S. and our critical infrastructure, CISA urges facilities with chemicals of interest (COI)—whether tiered or untiered under the Chemical Facility Anti-Terrorism Standards (CFATS) program—to consider enhanced security measures to decrease the likelihood of a successful attack.
Windows 7 end of support: Separating the bull from the horns(Computerworld) There’s a lot of misinformation about Win7 end-of-life bouncing around the blogosphere. While the last free official Win7/Server 2008 R2 patch appeared yesterday, there’s more to the story. No need to go running to the nearest soothsayer with your wallet open, in spite of what you may have read.
Could Elastic Be a Millionaire Maker Stock?(The Motley Fool) Given its modest revenue base in expanding markets, the search company still has plenty of room to grow. But its stock price may follow a different trajectory.
CMO interview: How this marketing leader approached an IPO(CMO) Becoming the Salesforce or Workday of security is firmly in the sights of cybersecurity company, CrowdStrike. And judging by its successful initial public offering (IPO) last June, valuing the business at nearly US$7 billion, the market agrees the cloud native provider has the goods to achieve its mission.
Vislink Technologies Inc. Names Carleton M. Miller as Chief Executive Officer(Yahoo) The Board of Directors of Vislink Technologies Inc (VISL) announced today that it has named Carleton M. Miller as the company’s chief executive officer and a member of the Board of Directors, effective January 15, 2020. Carleton is a proven leader and an experienced CEO who has built global technology
Pete Buttigieg’s Campaign Cybersecurity Chief Resigns (Wall Street Journal) The cybersecurity chief for Pete Buttigieg’s campaign has resigned, amid warnings from intelligence officials and cybersecurity experts that presidential campaigns face challenges in thwarting cyberattacks and disinformation campaigns.
Versasec vSEC:CMS Added to Envoy Data Corporation's GSA Schedule(Versasec) Versasec announced today it has been added to Envoy Data Corporation's General Services Administration (GSA) schedule, facilitating access to vSEC:CMS solutions for hundreds of federal, state, local and higher education customers within the U.S. The $40+ billion GSA schedule's program offers government and higher education organizations pre-negotiated, fair and reasonable prices and expedites the procurement cycle of technology and other goods for these organizations.
Kaspersky pens a partnership deal to secure digital identities(CIO East Africa) Kaspersky has partnered with jewellery designer to protect unique human biometrics in the digital world. How can people continue to use biometric based authentication on their favourite devices without worrying about their unique data being stolen and misused? To answer this question, Kaspersky has teamed up with a 3D accessory designer from Stockholm and together …
Google finally brings its security key feature to iPhones(TechCrunch) More than half a year after Google said Android phones could be used as a security key, the feature is coming to iPhones. Google said it’ll bring the feature to iPhones in an effort to give at-risk users, like journalists and politicians, access to additional account and security safeguards, …
The Impact of Security Alert Overload(CRITICALSTART) CRITICALSTART conducted a survey of more than 50 Security Operations Center (SOC) professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs. The survey was fielded Q2 2019.
How Can You Protect What You Can't See?(Radware Blog) Radware’s 2019–2020 Global Application & Network Security Report combines statistical research and front-line experience to identify cybersecurity trends.
It’s time to take network defense to a new level(Fifth Domain) Maj. Gen. Scott L. Pleus argues that if the Department of Defense can implement modern tools, it can field the networks war fighters need with cybersecurity that actually works.
Could we ever great an AI as smart as the human brain?(The Telegraph) In 1990 a paper curiously-titled “Elephants don’t play chess”, published by Australian roboticist Rodney Brooks, ushered in the idea that artificial intelligence could become smarter by learning as the human brain does.
Putin Calls For Systemic Change. The 'System' Quickly Responds.(RadioFreeEurope/RadioLiberty) Russian President Vladimir Putin proposed a raft of constitutional changes interpreted as strengthening the role of Russia's parliament and circumscribing the powers of his eventual successor. It didn't take long to get things moving.
Huawei not part of trade deal(The Washington Times) China’s efforts to persuade the U.S. government to drop its criminal prosecution of a senior executive of Huawei Technologies, the global telecommunications giant, as part of a partial trade deal were not successful.
UK Culture Secretary: Security Is Paramount On Huawei Decision(Bloomberg) 5G is vital to the UK’s tech industry, says Nicky Morgan, Secretary of State for Digital, Culture and sport, but whatever decision is made on involving Huawei will depend on security - and it will not be part of the U.K.’s critical national infrastructure.
U.K. Vows to Keep Huawei Out of Key Security Infrastructure(Bloomberg) The U.K. will keep Huawei Technologies Co. out of “critical national infrastructure,” Culture Secretary Nicky Morgan said, as the government weighs up whether the Chinese company can play a role in developing the country’s 5G telecommunications networks. A final decision will come later his month, according to two officials familiar with the matter, who asked not to be named discussing the sensitive issue.
Michael Flynn withdraws guilty plea(The Washington Times) President Trump’s former National Security Adviser Michael Flynn late Tuesday asked a court to let him withdraw his guilty plea for lying to the FBI in the Russia probe.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX 360 Bangkok(Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
SANS Cyber Threat Intelligence Summit(Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.