MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 24, 2020.
By the CyberWire staff
Recorded Future reports a PupyRAT infestation in an unnamed European energy sector organization. PupyRAT's command-and-control was communicating with the infected organization’s mail server from late November through January 5th of this year. The RAT is an open-source tool available on GitHub. It’s been used by Iranian threat groups APT33 (also known as Elfin, Magic Hound, or HOLMIUM) and COBALT GYPSY (which Recorded Future says overlaps with APT34, that is, OilRig). The researchers stress that the current activity predates recent escalation of US-Iranian tension
Reuters writes that the Saudi Foreign Ministry has again dismissed claims of Crown Prince Mohammed bin Salman’s involvement in hacking Amazon founder Jeff Bezos’s phone as “absurd.” Investigations are in progress, and it certainly seems that something was done to Mr. Bezos’s device. Is it possible the Crown Prince may himself have been hacked, as some have suggested? Well, sure, maybe. In any case, as BuzzFeed notes, Saudi-aligned Twitter accounts have been doing a lot of anti-Bezos woofing.
Ukraine is considering a comprehensive law designed to suppress disinformation. RadioFreeEurope|RadioLiberty says that critics are concerned the measure will also effectively suppress journalism.
The EU is also deliberating adoption of measures that would counter disinformation. Facebook doesn’t like them, New Europe says, and characterizes the proposed regulations as a threat to free speech.
Canada’s government is prepared to “impose costs” on those responsible for cyberattacks on the Dominion, according to 660 News.
The Economist looks at Huawei, concludes it’s a threat, but says the risks can be managed.
Today's issue includes events affecting Canada, China, European Union, Germany, Democratic Peoples Republic of Korea, Russia, Ukraine, United Kingdom, United States.
Bring your own context.
What's going on these days with authentication?
"So I think the biggest things are there's an uptick in awareness and usage of multifactor. And I think that that's kind of due to a few different reasons. One is I think a lot of users in their personal lives are being required to use multifactor authentication. Now if you log in to a bank account or you log in to Facebook or eBay or pretty much everything - anything you use online, you're almost either required or strongly encouraged to use multifactor. So I think that's helping create more awareness, and certainly more awareness in the enterprise. And I think the enterprise side is kind of coming at it from that perspective as well. They're kind of saying, OK, for enterprise applications, we're going to require you to use multifactor for these things and not just allow you to use username and password. So we see the both of these things, from awareness to usage, trending up. So they're not quite doubled from last year, but they're pretty close."
There's still more SMS multifactor than one would like to see, but on the whole the trend is positive.
—Sean Frazier, advisory CISO for Federal at Cisco Duo, on the CyberWire Daily Podcast, 1.22.10.
Coming soon: CyberWire Pro.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
Cyber influence campaigns have plagued countries across the globe in the past few years, with foreign policy objectives, economic goals, and public opinion caught in the crossfire. LookingGlass researchers have tracked over 2000 People’s Republic of China-related influence operators on Twitter to better understand the current landscape. In our next webinar, Tom Creedon will explore these findings to gain an understanding of operator account patterns and targets. Save your seat for February 6 at 1pm ET.
CyberTech Tel Aviv(Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/
Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa(Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Suits & Spooks(Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
GE CARESCAPE, ApexPro, and Clinical Information Center systems(CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit
Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 Monitors
Vulnerabilities: Unprotected Storage of Credentials, Improper Input Validation, Use of Hard-coded Credentials, Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Inadequate Encryption Strength
Security Advisory for Signed TLS Certificate Private Key Disclosure on Some Routers, PSV-2020-0105(NETGEAR) NETGEAR is aware of a Transport Layer Security (TLS) certificate private key disclosure vulnerability on the following product models:
These products use Certificate Authority-signed certificates to provide secure HTTPS access to the router web interface. You might see a security certificate error or warning when you try to access your router’s web interface using HTTPS.
NETGEAR plans to release firmware hotfixes for all affected products as soon as possible.
Von Spaß-Hackern zur organisierten Kriminalität(IT-BUSINESS) Die Hacking-Versuche von früher waren der unschuldige Anfang der kriminellen Untergrundszene von heute. Laut Kai Figge von G Data spielt Künstliche Intelligenz sowohl auf der hellen wie auch auf der dunklen Seite des Internets eine immer wichtigere Rolle.
The State of Vulnerabilities in 2019 | Imperva(Imperva) As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrating it into a single repository, and assessing each vulnerability’s priority. …
Voice of the Channel and 2020 Predictions(Untangle) The latest Untangle survey explored the current state and trends of Channel Partners. Untangle surveyed a segment of these international security professionals to understand current cybersecurity trends the channel is seeing, as well as their predictions
Cybersecurity SPAC SCVX Corp. files for a $200 million IPO(Nasdaq) SCVX Corp., a blank check company led by industry veterans targeting the cybersecurity sector, filed on Monday with the SEC to raise up to $200 million in an initial public offering. The Washington, DC-based company plans to raise $200 million by offering 20 million units at $10
LocatorX Launches Product Certificate Authority™ to Fight Product Counterfeiting(Globe Newswire) LocatorX, which provides accurate, inexpensive and flexible tracking technology to companies across a variety of industries, today announced the launch of its Product Certificate Authority™ (PCA) solution to further help manufacturers, retailers and consumers fight product counterfeiting at every level.
Mitigating Cloud Vulnerabilities(National Security Agency) While careful cloud adoption can enhance an organization’s security posture, cloud services can introduce risks that organizations should understand and address both during the procurement process and while operating in the cloud.
CSU offering new cybersecurity degree(https://www.wtvm.com) CSU’s nexus cybersecurity degree will give students hands-on experience in efforts to fill positions with qualified candidates.
IU Maurer cybersecurity programs keep pace with technology(The Indiana Lawyer) In his practice at Mallor Grodner in Bloomington, attorney D. Michael Allen is seeing more and more cases that have a digital component. While he learned on the job, he also enrolled in the IU Maurer School of Law cybersecurity master’s program.
Enhancing a law enforcement career with a Penn State cybersecurity education(Penn State University) With a law enforcement career spanning more than 20 years and an established private investigations firm of his own, Ron Long could be considered an expert in the field of investigative work. Now, he’s pursuing a degree in security and risk analysis through Penn State World Campus to better understand how the internet is changing the dynamic of police and investigative work in the country.
Legislation, Policy, and Regulation
Why the Saudi Crown Prince Needs Cyberweapons(Yahoo) It’s hard to underestimate just how much damage Crown Prince Mohammed bin Salman of Saudi Arabia has done to his country in the last 15 months. Yet it’s also difficult to see how the U.S. can defend its interests in the region without his cooperation.
Canada ready to 'impose costs' on malicious cyberactors, advisers tell Trudeau - 660 NEWS(660 NEWS) Canada will work with allies to strike back at foreign cyberattackers and “impose costs” that make them understand the price of their wrongdoing, advisers have told Prime Minister Justin Trudeau. “Malicious state-sponsored cyber acts affect national security and economic prosperity interests,” says a newly released briefing note to Trudeau on the dangers to Canada from the …
Brussels steps up disinformation fight, Facebook warns of free expression(New Europe) Facebook has warned over freedom of expression as the European Union considers measures to stop disinformation campaigns across online platforms.
Nick Clegg, Facebook’s VP for Global Affairs warned that in the online world, “the scope of what we deem to be acceptable speech has narrowed over rece
Pentagon Blocks Clampdown on Huawei Sales (Wall Street Journal) The Commerce Department has withdrawn proposed regulations making it harder for U.S. companies to sell to Huawei from their overseas facilities following objections from the Pentagon and the Treasury Department.
Warren calls for Brazil to drop charges against Glenn Greenwald(TheHill) Sen. Elizabeth Warren (D-Mass.) called on Brazil to drop cyber crime charges against an American journalist who reported on leaked cell phone messages from Brazilian officials in a story raising concerns about corruption inside the government.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
CPX 360 Vienna(Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...
5th Annual Atlanta Cyber Security Summit(Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.