MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 29, 2020.
By the CyberWire staff
Otorio says that a strain of ransomware called “Snake” (not to be confused with the many other polyglot malware Snakes slithering around in the wild) is both linked to Iran and probably implicated in the recent attack on Bahrain Petroleum Company. Bloomberg reports that Snake prospects many kinds of files, but it’s notably interested in process controls. Otorio thinks the attackers’ motive is economic warfare, in particular an attempt to influence oil prices.
While the matter of Mr. Bezos’ phone and the Crown Prince’s texts is increasingly regarded as inconclusive and at best circumstantial (see, for example, Errata’s blog on the topic), Citizen Lab’s account of Saudi Pegasus use against journalists is holding up. Ben Hubbard, the New York Times reporter who brought a suspicious text to Citizen Lab’s attention, offers an account of his experience.
Reaction within the US Government to Britain’s decision to allow Huawei to play in its 5G infrastructure, but only in “non-core” sections, has been decidedly sour. Fifth Domain offers a representative sample of Congressional opinion, and the judgments are harsh: “[They’ve] chosen the surveillance state over the special relationship,” or, “Allowing Huawei to build the UK’s 5G networks today is like allowing the KGB to build its telephone network during the Cold War.” The nicest comment was “disappointed.”
And after having waited to see which way the cat would jump, the European Union enunciated essentially the same policy with respect to Huawei participation in member states' infrastructure that Britain adopted yesterday, SC Magazine reports.
Today's issue includes events affecting China, European Union, Iran, Israel, Democratic Peoples Republic of Korea, Poland, Russia, Saudi Arabia, United Kingdom, United States.
Bring your own context.
Robert M. Lee of Dragos hates making predictions, but we got him to offer a few, including some thoughts on general versus particular expertise.
"As I think about them, actually, what made really good security analysts anywhere else in the world was a deep understanding of how the system, or system of systems, worked in the first place. And we're starting to see more and more operations and engineering, especially on the operations side, get abstracted from the environment, where maybe the vendor or the integrator themselves built the ICS or integrated it in the way they thought. And really, we're just operating it, and we're leaning more and more in calling for helpdesk, and it's harder to hire people and train people and layers of expertise and more common operating platforms and et cetera, et cetera, et cetera, where the level of knowledge and operations - you know, these are amazing operators.
"I'm not trying to say they're lesser than they've ever been; they're actually better than they've ever been, but they're more generalists now than specialists. They're moving in that direction. And actually, it's the exact opposite of what we're seeing in the need of security of more specialization, especially with the level of automation that - in digital transformation that's happening in the industrial world. And I actually think that - not in 2020 - but as we go about our journey, industrial control systems security folks will have to appreciate that they will at some point, or should know more about that plant, inside and out, as a whole than any other one person in that facility. And that's scary and amazing and crazy all at the same time."
—Robert M. Lee, CEO at Dragos, on the CyberWIre Daily Podcast, 1.27.20.
Do you miss the big picture because you can't see the forest for the trees, or do you get the big picture wrong because you wouldn't know a tree if you walked into it?
Coming soon: CyberWire Pro.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa(Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Suits & Spooks(Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.
Cyber or Cleared Job Fair, February 13, San Antonio.(San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Revive of Crimson RAT(Dinesh's Perspective) Crimson RAT was previously used by Pakistani Threat Actors Transparent Tribe Crowdstrike has been tracking the Threat Actor by name MYTHIC LEOPARD since 2016. According to the blog, …
Security Patches, Mitigations, and Software Updates
State of Cybersecurity at Top 100 Global Airports(Immuniweb) 97 out of 100 of the world's largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.
Securiti.ai scores $50M Series B to modernize data governance(TechCrunch) Securiti.ai, a San Jose startup, is working to bring a modern twist to data governance and security. Today the company announced a $50 million Series B led by General Catalyst, with participation from Mayfield. The company, which only launched in 2019, reports it has already raised $81 million. Wha…
Netsurion Announces Significant Channel Partner Expansion(Globe Newswire) Netsurion, a leading provider of managed network connectivity, security and compliance solutions in the SMB cybersecurity market announced rapid growth in its base of partners, with plans to continue emphasis of enabling partners to sell cybersecurity solutions in 2020.
Facebook's First Human Rights Chief Confronts Its Past Sins(Yahoo) In July, Facebook Inc. quietly hired Miranda Sissons, a 49-year old human rights activist whose previous work has included stints at the Australian diplomatic service and the International Center for Transitional Justice. The hiring, which was never formally announced, is part of a broader
Jay Parikh(Facebook) I have some bittersweet news to share. It’s time for me to step out of Facebook to explore what’s next. The past 10 years has undoubtedly redefined my expectations on what it means to scale and...
Data Privacy Day: Protect Your People(Tessian) Businesses need to consider whether their company's most sensative data is properly protected from incidents of human error and Data Privacy Day (28 January) acts as a timely reminder to do this.
Meraki’s Air Marshal Gets Help from a New WIPS Sheriff(Secplicity - Security Simplified) Wi-Fi hacking is a hot topic, but one that’s plagued by ambiguous and often contradictory technical terminology. Luckily, the lack of common definitions for Wi-Fi threat vectors has actually produced a solution to the problem: the Trusted Wireless Environment. The Trusted Wireless Environment framework succinctly defines the six Layer 2 Wi-Fi hacks that affect nearly …
Use These Antivirus and Anti-Malware Apps Instead of Avast(Lifehacker) If something is free—especially if it’s a complicated something, or something you’d probably have to pay for otherwise—the familiar saying is often true: You’re the product. It’s one of the reasons you’re always being advertised to across the web. Search engines, email services, messaging platforms, or other apps and services you fancy cost money, and companies have to recoup that somehow (and profit).
What 'Have I been Pwned?' taught DHS’s internal cyber chief about passwords - CyberScoop(CyberScoop) A website that informs users if their email address has been swept up in a data breach isn’t just popular with vigilant business owners or private security sleuths. The man charged with protecting the Department of Homeland Security’s systems from hackers also maintains an account on the “Have I been Pwned?” website, and it regularly reminds him of the risks passwords pose.
Design and Innovation
RiskSense working on AI to predict if vulnerabilities will turn into ransomware(ZDNet) RiskSense, a firm long at the forefront of warning about new threats, unveiled a dashboard on Tuesday to tell CSOs their level of risk of exploit from vulnerabilities. Next stop, says CEO Srinivas Mukkamala, are machine learning analyses that may be able to accurately predict when an exploit will be developed for any given vulnerability.
Why the U.S. objects to Huawei's involvement in building 5G networks(PBS NewsHour) The United Kingdom says it will allow Chinese telecommunications firm Huawei to build part of its new 5G cellular network. The U.S. government had warned against the move, arguing Huawei poses a national security threat, but British officials said the company’s role will be limited to lower-risk parts of the process. William Brangham talks to Wired Magazine’s Garrett Graff about the details.
Is it time for a national Digital Bill of Rights?(FCW) A Commission on Privacy and Data should be created to develop legislation, taking the EU's General Data Protection Regulation and the California Consumer Privacy Act as a starting point to extend protections to individuals regarding data and privacy.
Russian Cybercrime Boss Burkov Pleads Guilty(KrebsOnSecurity) Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CPX 360 New Orleans(New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
CPX 360 Vienna(Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...
5th Annual Atlanta Cyber Security Summit(Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.