MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 27, 2020.
By the CyberWire staff
Reuters, citing unnamed British and US officials, reports that a major cyber espionage campaign in Europe and the Middle East is probably the work of Turkish services. The effort, which featured large-scale DNS hijacking, targeted some thirty organizations, including government agencies in Albania, Greece, Iraq, and Cyprus, as well as domestic Turkish groups (including a Freemasons' lodge) thought sympathetic to the failed 2016 coup.
Observers would like to know more about what actually was found on Jeff Bezos’s phone, the device FTI Consulting said (with “medium to high confidence”) was compromised by Saudi Arabia’s government. It seems something was going on in the phone, but also that, as several experts told SecurityWeek, investigation didn’t proceed beyond the circumstantial. The Wall Street Journal hears from other experts to the effect that the inquiry, as described in the FTI report that became public last week, “appeared to forgo important investigatory steps that could have yielded a fuller picture of what occurred on Mr. Bezos’ iPhone X.”
Saudi officials maintain they had nothing to do with Mr. Bezos’s iPhone X, and that if there’s any evidence to the contrary, they’d very much like to see it. On the other hand, a Tweet-storm (significantly bot-driven) is standing up for the Kingdom by, Forbes reports, busily slanging Mr. Bezos and calling for a boycott of Amazon.
Interpol’s Operation Night Fury, with major assistance from Group-IB, has taken down a cyber gang that operated from six ASEAN countries to hit online shoppers with the GetBilling sniffer.
Today's issue includes events affecting Albania, Australia, Belgium, Brazil, Brunei, Cambodia, Canada, China, Cyprus, Germany, Greece, Indonesia, Iran, Iraq, Israel, Italy, Japan, Democratic Peoples Republic of Korea, Laos, Malaysia, Myanmar, Philippines, Russia, Saudi Arabia, Singapore, Thailand, Turkey, United Kingdom, United States, and Vietnam.
Bring your own context.
On the value of having been there before.
"Muscle memory is a concept that we talk to clients about consistently in terms of being able to test, over and over, an organization's ability to respond to a cyber incident should one occur in their environment. It's really important to validate or test out things like your incident response guide or playbook, making sure that you understand which key stakeholders in the organization need to be engaged during an incident, what type of legal support you'll need, what type of communications and PR support you might need should notifications and reporting be required and understanding, really, how to optimize and improve all the elements of cyber response."
—Tom Etheridge, VP of services at CrowdStrike, on the CyberWire Daily Podcast, 1.23.20.
Don't want to believe him? Believe Flavius Josephus, who two thousand years ago explained why Rome's legions were as good as they were: "Their drills are bloodless battles, and their battles bloody drills." Or Aleksander Suvurov: hard training, easy battle.
Coming soon: CyberWire Pro.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
ON THE PODCAST
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee reluctantly offers predictions for 2020. (Reluctantly, because as Mr. Berra said, prediction is hard, especially about the future.)
CyberTech Tel Aviv(Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/
Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa(Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Suits & Spooks(Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.
Cyber or Cleared Job Fair, February 13, San Antonio.(San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Watch out for Shlayer malware targeting Mac devices(HackRead) Generally, macOS is considered one of the safest OS but cybercriminals are skilled enough to find loopholes and security lapses in macOS as well. As per the latest research report from Kaspersky Lab, the most widespread macOS threat in the year 2019 was the Shlayer malware.
Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia(ComputerWeekly) Cyber criminals have threatened to raid the bank accounts of customers and employees of the German automotive group, Gedia, following a major cyber attack on the company’s headquarters last week. Gedia Automotive Group, based in Attendorn, has been forced to shut down its IT systems and send more than 300 employees from its head office home, following the cyber-attack on 21 January.
City announces work-arounds after cyber attack(Southeast Missourian) In light of Cape Girardeau municipal government's ongoing information systems problems, city officials announced a work-around for some city services Friday evening. A text message sent on behalf of the city said residents may pay utility bills in person at City Hall and those involved with development issues before the city may do so as well...
Maastricht University thought to have paid up to €300,000 to cyber-hackers(DutchNews.nl) Maastricht University is thought to have paid between €200,000 and €300,000 as a ransom to cyber hackers, reports the Volkskrant. It is thought the university felt forced to make a payment because its back-up system was hijacked with Clop ransomware alongside the main system, the paper claims. Before the Christmas break, hackers broke into the computer system and only gave staff the key to get back in after being paid, according to university news website Observant. The Volkskrant now claims...
Willebroek commune hit by cyber-attack(The Brussels Times) The commune of Willebroek to the north of Brussels has become the latest victim of hackers, who are demanding a ransom paid in bitcoin to liberate the municipal computer system, the commune announced
Open Source Licenses in 2020: Trends and Predictions(White Source) The GPL was a trailblazer at the start of the open source revolution and is a prime example of the copyleft or viral license. This means that when users incorporate a component licensed under one of t
Four Keys to Growing a Cybersecurity Company Through Acquisition and Beyond(CEOWORLD magazine) There’s no doubt that the cybersecurity M&A marketplace is a healthy one. In 2019, the cybersecurity market saw more than 150 deals worth more than $23 billion, according to Momentum Cyber. On top of that, private equity firms are beginning 2020 with more cash on record than ever, according to data from Preqin. If you’re …
Jesusalem-based Vicarius gets $5 million to help companies detect cyber threats and prevent attacks(Tech.eu) Israeli startup Vicarius has raised $5 million in seed funding to grow its predictive cyberthreat technology, which helps companies proactively manage software vulnerabilities in real time. The round was led by Jerusalem Venture Partners (JVP), with innogy Innovation Hub and Goldbell. Founded in 2016, cybersecurity experts Michael Assraf, Roi Cohen, and yossi Ze’evi built Vicarius, …
U.S. Strategic Command Conducts Exercise Global Lightning(DVIDS) U.S. Strategic Command (USSTRATCOM) commenced Exercise Global Lightning 2020 today, an annual command post and battle staff exercise designed to train Department of Defense forces and assess joint operational readiness across all of USSTRATCOM's mission areas.
‘Compliant’ Doesn’t Mean Secure, Navy CIO Says(Seapower) The Department of the Navy has a security problem, and it’s embedded in the institutional culture, according to the Navy’s top informational technology executive. “We are losing the Department of Navy’s information every day. And we’re...
Lessons Learned From 2016, but US Faces New Election Threats(New York Times) It’s been more than three years since Russia's sweeping and systematic effort to interfere in U.S. elections through disinformation on social media, stolen campaign emails and attacks on voting systems. U.S. officials have made advances in trying to prevent similar attacks from undermining the 2020 vote, but the potential threats have increased and some old problems have not been addressed. A look at what has changed since 2016 and what has not.
Tech CEOs in Davos dodge issues by warning audiences about AI(South China Morning Post) The chief executives of Alphabet, Microsoft and IBM called for standardised global rules on artificial intelligence development at the annual meeting, ahead of the EU’s announcement of a plan to legislate the technology.
NSA chief information officer role remains ‘ambiguous’(FedScoop) The National Security Agency still hasn’t clearly defined its chief information officer’s authorities and responsibilities, according to an Office of the Inspector General report released Thursday. While the OIG decided the issue didn’t warrant immediate reporting to the NSA director and Congress, the office did include an audit of CIO authorities in a list of significant …
Israel court verdict could shed light on those who used Pegasus spyware(The Sunday Guardian Live) The proceedings at a district court in Tel Aviv, Israel, headed by Judge Rachel Barkai are being keenly watched by individuals part of the policy apparatus in India, as the court will decide whether the export licence given to the NSO Group, which developed the Pegasus spyware, should be revoked or not.
Bezos Hack Report Puzzles Cyberexperts(Wall Street Journal) A report concluding Saudi Arabia likely hacked into Jeff Bezos’ phone has spurred questions among cybersecurity experts, who say the audit left several major technical questions unexplained and in need of more examination.
The Bezos Hack and the Dangers of Spyware in the Hands of Autocrats(World Politics Review) The stunning allegation that Saudi Crown Prince Mohammed bin Salman hacked the phone of Amazon’s Jeff Bezos may come as a shock to some. But for most people tracking the rise of Saudi Arabia's de facto ruler, it's business as usual—and another sign of how autocrats are using spyware against their critics.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CyCon 3.0(Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
CPX 360 Vienna(Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...
5th Annual Atlanta Cyber Security Summit(Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.