MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.
Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.
January 30, 2020.
By the CyberWire staff
Leaked documents reveal that three United Nations agencies were hacked last year by exploitation of a Microsoft SharePoint vulnerability. The attack began in July and was detected in early August, at which point a confidential memo on remediation was circulated internally. According to the AP and Computing forty servers in Vienna and Geneva were compromised, and the UN Office at Vienna, the UN Office at Geneva, and the UN Office of the High Commissioner for Human Rights (also in Geneva) were hit. The New Humanitarian, which obtained the leaked documents, calls the UN’s response a “cover-up.”
Avast was roughed up this week by reputational damage when the anti-virus company’s sale of anonymized data through its Jumpshot subsidiary came to light. Avast announced late yesterday that it would immediately shutter Jumpshot.
More companies suffer data exposure incidents. Indian airline SpiceJet had data on 2.1 million passengers in a database secured by what TechCrunch’s report characterizes as an easily guessed password that was brute-forced by unnamed, self-described white hats. KrebsOnSecurity found that Sprint’s Social Care forum, a place for customers to address issues with the telco, was inadvertently left exposed. Both SpiceJet and Sprint have secured their sites.
CNET reports that LiveRamp, a major marketing company and Facebook partner, was compromised when hackers obtained an employee’s personal account and used it to gain access to a Business Manager account, which they exploited to run fraudulent advertising.
Russia has blocked ProtonMail and StartMail, Computing reports, as Moscow clamps down on encrypted communications.
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Japan, New Zealand, Russia, Saudi Arabia, United Kingdom, United States.
Bring your own context.
So what's up with Mr. Bezos' phone?
"I think we're at a point in time where we still don't know enough information, quite honestly. There's some indication that they may have been passed on from one person to one person to media outlets and inappropriately shared or leaked. And there are other indications of huge amounts of data being exfiltrated from a device from the most recent forensic report that we've all looked at. Probably both of them are true to some extent. But, you know, there are a lot of questions there. I don't know that the forensic report has answered everything... didn't have full and complete unfettered access to the device and the encryption key and all the materials on there. So it's really, unfortunately, incomplete. And I think there is a lot more that needs to be uncovered in terms of things that were forwarded and may have been shared inappropriately. But I think all of those are still in play before we can have a full and complete picture of what actually, really happened and led to the leaks."
—Dr. Christopher Pierson, CEO of BlackCloak, on the CyberWire Daily Podcast, 1.28.20.
So really, we don't know what's up with that phone.
Coming soon: CyberWire Pro.
Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.
Simple, secure identity and access management for your business.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
And Hacking Humans is up. In this episode, "They had no idea," Dave shares a particularly exposing sextortion scam. Joe has a story of a million-dollar scam that targeted college students in Miami just trying to pay their tuition. The catch of the day comes straight from The U.S. President. Later in the show, part two of Carole Theriault's interview with Jamie Bartlett, the brains and host behind The Missing Cryptoqueen, an amazing BBC podcast about trying to get to the bottom of the OneCoin scam.
Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa(Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Suits & Spooks(Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.
Cyber or Cleared Job Fair, February 13, San Antonio.(San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.
RSAC 2020(San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!
Sprint Exposed Customer Support Site to Web(KrebsOnSecurity) Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web.
Indian airline SpiceJet confirms breach of 1.2 million passenger details(TechCrunch) SpiceJet, one of India’s largest privately owned airlines, has confirmed a data breach involving the details of over a million of its passengers. The security researcher, who described their actions as “ethical hacking” but whom we are not naming as they likely ran afoul of U.S. compute…
LabCorp Exposes Thousands Of Medical Documents - Commentary(Information Security Buzz) A vulnerability in LabCorp’s website that hosts the company’s internal customer relationship management system, exposed thousands (at least 10,000) of medical documents that contained names, dates of birth, Social Security numbers of patients, lab test results and diagnostic data. While the system was password-protected, the part of the website that pulls patient files from the …
Amazon Engineer: 'Ring should be shut down immediately and not brought back'(The Next Web) An Amazon software engineer named Max Eliaser is calling for the shutdown of Ring, the doorbell camera company Amazon paid $2 billion for in 2018. Hundreds of Amazon employees recently banded together to form Amazon Employees for Climate Justice, an organization dedicated to holding the company’s feet to the fire when it comes to taking …
Security Patches, Mitigations, and Software Updates
Cost of Insider Threats: Global study 2020(IBM) Ponemon Institute is pleased to present the findings of the 2020 Cost of Insider Threats: Global study. Sponsored by ObserveIT and IBM, this is the third benchmark study conducted to understand the direct and indirect costs that result from insider threats.
Is It Time to Stop Using Avast Antivirus Software? (Consumer Reports) Avast, maker of Avast antivirus software, has been sharing personal info with a subsidiary that sells its analysis to other companies. Consumer Reports tells you how to limit the impact of the company's data collection practices.
Facebook Reports Revenue Growth, Rising Expenses(Wall Street Journal) The social-media giant reported a growing base of users and increasing quarterly revenue, capping a year of reliable strength in its core advertising business even as expenses climbed.
ManTech adds former NSA exec(Washington Technology) ManTech International brings on board a just-retired executive from the National Security Agency to the company's leadership team.
Caldwell Places Chief Marketing Officer at Recorded Future(Hunt Scanlon Media) As business becomes more global and complex, and power shifts from producers of goods and services to consumers, the chief marketing officer’s job of planning and coordinating marketing activities has become more challenging — and much more influential. Mercedes Chatfield-Taylor, managing partner of the private equity and venture capital practice at Caldwell, recently placed former Acquia executive Tom
FIME boosts biometrics services with FIDO Alliance accreditation(FIME) FIME has been accredited to test biometric components in line with FIDO Alliance’s Biometric Component Certification Program. The accreditation enables device manufacturers and solution providers to ensure the quality and performance of biometric authentication solutions including fingerprint, facial, voice, and iris recognition.
Protect Your Company from Phishing Scams(Computer Services Unlimited, Inc.) According to the FTC Consumer Information division, phishing is when a scammer or hacker attempts to steal personal or sensitive information through an email, text, or phone call. For many business owners, phishing emails present a worrisome problem that is...
Dumping Firmware With the CH341a Programmer(Black Hills Information Security) Rick Wisser // Note: This blog will also be a lab for any of the upcoming Wild West Hackin’ Fest Conferences. During a recent engagement, I came across an issue. The issue I encountered was that the SPI chip I was trying to dump the firmware off of was a 1.8v chip. This would not …
SEC, NSA issue new cyber-security guidance(Compliance Week) Two new guidance documents, one from the SEC's Office of Compliance Inspections and Examinations and another from the National Security Agency, aim to help companies improve their cyber-security efforts, including managing vulnerabilities in the cloud.
Life during cyber wartime: Exelon IT experts detail live exercises(Power Engineering International) Most war exercises are starkly visual, intimidatingly loud experiences. Weapons, hardware, maybe even smoke and booms are involved. The cyberwar is a different animal altogether, with an invisible enemy probing for weakness along the wall separating information and operations. Most are fended off, but Ukrainian power generators learned the hard way after malware shut down...
DoD to drop second piece of supply chain cyber puzzle(Federal News Network) With the Cybersecurity Maturity Model Certification accreditation board set up, the Pentagon expects to release version 1 of the cyber standards on Friday that will kick off the effort in earnest.
Dept. of Interior grounds its drones amid cybersecurity concerns(TechCrunch) The U.S. Department of the Interior has confirmed it has grounded its fleet of non-emergency drones amid concerns over cybersecurity. In a brief statement, the department said the move will help to ensure that “the technology used for these operations is such that it will not compromise our n…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
LBC2(Towson, Maryland, USA, January 7, 2020) The third annual Loyola Blakefield Cyber Challenge is an exciting event for all participants. It will take place on March 7, 2020 at Loyola Blakefield High School. The challenge is created by students...
IFSEC 2020(London, England, UK, May 19 - 21, 2020) IFSEC presents up-to-date information on the newest products, emerging trends and best practices in the safety and security industry, and access control. You will see established and emerging companies...
SINET: Global Cybersecurity Innovation Summit(London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...
CPX 360 Vienna(Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...
5th Annual Atlanta Cyber Security Summit(Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.