Alleviate the stress with an open-source security suite that protects your online services, with no false positives and no extra effort from you. With CrowdSec, you gain the most comprehensive community-sourced threat intelligence to accelerate your security response. And, you can filter out all background noise to focus only on what really matters. Don’t fight alone, let the crowd support you. Get started with CrowdSec for free!
Happy New Year, CyberWire readers! As a special thank you, we would like to offer you a free practice test from CyberVista, as well as three free months of CyberWire Pro. Visit thecyberwire.com/promo and use the code PROLEARN to redeem the offer.
Bitdefender has reported that Trojanized versions of VPN installers are staging SecondEye, a monitoring application, on victims' devices. SecondEye is sold legitimately, but this is a surreptitious use of the product to gain insight into user activity. Many Iranians have sought out consumer VPN products as a way of shielding themselves from monitoring by their government. Bitdefender calls the campaign "EyeSpy," and says that the software it installs "has the ability to fully compromise online privacy via keylogging and stealing of sensitive information, such as documents, images, crypto-wallets, and passwords." While the researchers don't offer attribution, the victimology suggests an Iranian threat group.
Leaders, decision-makers and influencers across cyber read the CyberWire Daily Briefing as well as our other popular newsletters and podcasts every day. Why not put your company's message where the decision-makers are? Contact us to find out how (hint, it's really easy!).
Avanan, a Check Point Software Company, released a blog this morning detailing a new variation of an attack leveraging Dynamics 365 Customer Voice to bypass security scanners in a technique known as the Static Expressway. This is a new variation of an attack Avanan reported in November 2022, with the same core structure. Hackers use Microsoft Customer Voice to send a notification to the end user appearing to be from the service, when in actuality a malicious phishing link is on the site. This variation does not send a notification of a voicemail like the November version did, rather, an email is sent appearing to be a fax shared on SharePoint said to contain “particularly sensitive or confidential information.” If the end user clicks on the link in the email, they’ll land on a page with a link to preview or print the document, which leads to a legitimate Customer Voice URL. Linked in the “CLICK HERE TO PRINT” button is what appears to be a OneDrive login screen, but in reality is a credential harvesting page. For more on the static expressway, see CyberWire Pro.
SentinelOne describes a Russian hacktivist auxiliary campaign against NATO organizations. The group bears the paradoxical name "NoName057(16)," and it's known to have been active since March of 2022. The threat group specializes in DDoS (distributed denial-of-service), and it deploys such attacks against websites it regards as important to countries that have been friendly to Kyiv and critical of Russia's war against Ukraine. Its operations are similar to those of Killnet (indeed, some of the two groups' targeting has overlapped). SentinelOne says that NoName057(16) has been responsible for action against the Danish financial sector that Reuters reported early this week. The threat group has also this week been active against campaign websites associated with the upcoming Czech presidential election.
NoName057(16) appears to be a genuine hacktivist auxiliary, and not merely a front group for a Russian intelligence service. "SentinelLabs has identified how the group operates over public Telegram channels, a volunteer-fuelled DDoS payment programme, a multi-OS supported toolkit, and GitHub." There's an admixture of profit with the patriotism. "This group represents an increased interest in volunteer-fuelled attacks, while now adding in payments to its most impactful contributors." SentinelOne advises everyone to expect more of the same: hacktivism for profit probably represents a trend.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.
The US Federal Aviation Administration (FAA) grounded all domestic flights early yesterday morning after an outage of the Notice to Air Missions system (NOTAM). A technical failure appears to be behind the approximately 90-minute outage, rather than the work of nefarious actors. The FAA initially reported the outage at 7:15 AM ET Wednesday, saying they were “working to fully restore” the NOTAM system, with the order of a pause to all domestic departures until 9:00 AM ET. An update an hour later resumed departures at the Newark Liberty (EWR) airport in New Jersey, as well as the Atlanta Hartsfield-Jackson (ATL) airport in Georgia, due to “air traffic congestion in those areas.” In the update released at 8:50 AM ET, Bloomberg explains, the ground stop was officially lifted, with normal air traffic operations “gradually” returning.
The New York Times reports that a later update from the FAA revealed that the preliminary investigation linked the outage to a database file that was damaged. The Wall Street Journal writes that Canadian provider, NAV Canada, saw an outage of their NOTAM system as well just after 10:00 AM ET, which was restored at roughly 1:15 PM ET. While the cause for the Canadian outage has not yet been identified, According to the New York Times, a spokeswoman for NAV Canada, Vanessa Adams, said that she did not believe there was a connection to the FAA outage, despite the coincidence. For more on this week's disruption to civil aviation, see CyberWire Pro.
Mail service in the UK has been disrupted by what the Royal Mail is calling a "cyber incident." Computing explains that it's being called an "incident" as opposed to an "attack" because the Royal Mail is still investigating, and is unsure of the cause behind this week's problems with its IT systems.
It's the time of year when many companies inform their employees of raises or other changes to their compensation. Criminals are using this to shape their phishbait. Proofpoint describes the form the phishing is assuming: "With bonus and #salary reviews coming up, threat actors know it and are using these lures for #socialengineering. On January 10th 2023, @proofpoint observed emails with #phishing links purporting to be from #HumanResources and utilizing bonus and #payraise lures."
SAP also issued patches this week. Thomas Fritsch, SAP security researcher at Onapsis, offered some perspective on the fixes provided for the widely used family of business software:
Today's issue includes events affecting Australia, Canada, China, the European Union, Iran, Italy, Japan, Russia, Ukraine, the United Kingdom, and the United States.
Ukraine at D+322: Patriotism and profit. (CyberWire) Hacktivist auxiliaries mix patriotism with profit. And the biggest Russian general of them all is now in direct command of the forces fighting in Ukraine.
Russia-Ukraine war at a glance: what we know on day 323 of the invasion (the Guardian) Russian mercenaries make claim about missing Britons; Ukrainian military claims forces killed more than 100 Russian soldiers in single strike
Russia-Ukraine war: List of key events, day 323 (Al Jazeera) As the Russia-Ukraine war enters its 323rd day, we take a look at the main developments.
Russia-Ukraine war live: Ukraine ‘holding on’ to Soledar as Russia builds up forces, says minister (the Guardian) Ukraine’s deputy defence minister says fighting continues as Kyiv denies claims the city had fallen to Russian troops
Battle rages in Ukraine town; Russia shakes up its military (AP NEWS) The fate of a devastated salt-mining town in eastern Ukraine hung in the balance Wednesday in one of the bloodiest battles of Russia's invasion, while Ukraine's unflagging resistance and other challenges prompted Moscow to shake up its military leadership again.
Russia replaces military commander in Ukraine again — after just 3 months (CBS News) Sergei Surovikin, the commander of Russia's forces in Ukraine for the past three months, will become Valery Gerasimov's deputy, the ministry said.
Russia Replaces Commander for Ukraine War, as Signs of Dissension Grow (New York Times) Allies of President Vladimir V. Putin contradicted each other about battlefield progress, as a war command shake-up put another Kremlin loyalist in charge.
Kremlin clashes with top mercenary leader over Soledar claims (The Telegraph) The Kremlin has denied reports it has captured Soledar, rejecting claims from the man leading the assault on the town, who said his mercenaries had taken control.
Putin now faces his own 1917-style catastrophe (The Telegraph) Incompetence and Russia’s complete disregard for its soldiers’ lives will come back to haunt the Kremlin
Former U.S. Ambassador to Moscow on the Moment He Realized Russia Would Launch a Full-Scale Invasion (Foreign Policy) John Sullivan on the road to war, diplomatic tensions with Moscow, and volunteering to scrub the embassy toilets.
Russia’s ‘Merchant of Death’ Chickens Out of Fighting War (The Daily Beast) Viktor Bout has appeared across various Russian propaganda networks since his prisoner swap with the U.S. – but recently, he’s started to change his tune.
Ukraine gets its tanks: Poland sending Leopard 2, and other nations may follow (Breaking Defense) “A company of Leopard tanks for Ukraine will be transferred as part of building an international coalition,” Polish President Andrzej Duda said in a Jan 11 social media post. “Such a decision [has] already [been taken] in Poland."
The tank’s critics are about to be humiliated in Ukraine (The Telegraph) Russia has shown the world how not to do armoured warfare, but Challenger 2 will help Ukraine triumph
A Mercenary Air Force for Ukraine? It’s not as Far-fetched as it Sounds (KyivPost) The idea of leasing an air force to Ukraine could solve several current challenges on the issue of military support. And some discussions have reporte...
Russia's cyberattacks aim to 'terrorize' Ukrainians (POLITICO) “The longer Russia wages this war, the harder it is going to be on those Ukrainian people,” an NSA official said.
Life during wartime: Ukraine ‘has to be ready for new more powerful and complex’ cyberattacks (The Record from Recorded Future News) Ukrainians caught up in the war with Russia are learning to live with blackouts — some scheduled, and others caused by cyberattacks and military strikes.
NoName057(16) - The Pro-Russian Hacktivist Group Targeting NATO (SentinelOne) In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.
Banksy Auction for Ukraine Attacked by Russian Ips (TheCollector) Banksy Auction for Raising Funds for Ukrainian Civilians Has Been Cyber-Attacked by Russian IP Addresses, the Organisers Claim.
How the new sanctions on Russia will affect what you pay at the pump (Quartz) It's probably not going to do too much—as long as the price of oil remains depressed
EyeSpy - Iranian Spyware Delivered in VPN Installers (Bitdefender Labs) Consumer VPN solutions have witnessed explosive growth in the past few years.
Scattered Spider hackers use old Intel driver to bypass security (BleepingComputer) A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD (Bring Your Own Vulnerable Driver) attack to evade detection from EDR (Endpoint Detection and Response) security products.
Gootkit malware abuses VLC to infect healthcare orgs with Cobalt Strike (BleepingComputer) The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian healthcare entities with Cobalt Strike beacons.
Unpatchable Hardware Vulnerability Allows Hacking of Siemens PLCs (SecurityWeek) Details disclosed for an unpatchable vulnerability affecting Siemens S7-1500 PLCs that can be exploited to replace a device’s boot image and execute arbitrary code.
Unpatchable cyber-flaws found on over 120 Siemens PLCs (Drives and Controls Magazine) US cyber-security researchers have discovered flaws affecting dedicated crypto-authentication chips at the heart of Siemens’ S7-1500 family of industrial...
Malicious JARs and Polyglot files: “Who do you think you JAR? (Deep Instinct) Throughout 2022, Deep Instinct observed various combinations of polyglot files with malicious JARs. The initial technique dates to around 2018 when it used signed MSI files to bypass Microsoft code signing verification. A year later, in 2019, Virus Total wrote about the MSI+JAR polyglot technique. Microsoft decided not to fix the issue at that time. Then in 2020, this technique was again abused in malicious campaigns and Microsoft assigned CVE-2020-1464 to address the issue.
Log4Shell remains a big threat and a common cause for security breaches (ARN) Log4Shell is likely to remain a favored vulnerability to exploit as organisations lack visibility into their software supply chains.
Laid-Off Workers Are Flooded With Fake Job Offers (Wall Street Journal) The rise of virtual hiring and remote work have made it easier to swindle job seekers, and fraudsters see new opportunity in recent job cuts, authorities say.
A Police App Exposed Secret Details About Raids and Suspects (WIRED) SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible.
Twitter Says ‘No Evidence’ User Data Being Sold Online Came From Hack (Variety) Twitter said that after investigating reports that data on upwards of 400 million users was being sold online, it found “no evidence” that was obtained by exploiting vulnerabilities in …
Royal Mail suffers ‘severe service disruption’ after cyber incident (Glasgow Times) A statement said it was temporarily unable to despatch export items.
Royal Mail issues major disruption warning after 'cyber incident' (Computing) Royal Mail's computerised systems for sending mail and packages internationally have been severely affected as a result of the incident
Parcels and letters stuck in limbo as Royal Mail is hit by a suspected hack (The Telegraph) More than 500,000 items thought to be stranded in warehouses following 'cyber incident'
Cyber Incident Hits UK Postal Service, Halts Overseas Mail (SecurityWeek) Britain’s postal service said it was hit Wednesday, Jan. 11, 2023 by a “cyber incident” that's temporarily preventing it from sending letters or parcels to other countries.
Guardian confirms it was hit by ransomware attack (the Guardian) Media firm says personal data of UK staff members was accessed in ‘highly sophisticated’ cyber-attack last month
Post-ransomware attack, The Guardian warns staff their personal data was accessed (Graham Cluley) Three weeks after The Guardian newspaper was hit by a ransomware attack, it warns staff members that their personal data was accessed.
Hackers leak firefighter data on dark web (The West Australian) Hackers who accessed IT systems belonging to Fire Rescue Victoria have leaked the information on to the dark web.
Vice Society ransomware gang claims responsibility for Fire Rescue Victoria hack (CyberSecurity Connect) Vice Society, a ransomware group operating since at least mid-2021, has claimed responsibility for disrupting the communications infrastructure of Fire Rescue Victoria, and breaching employee data.
Des Moines cyberattack brings school district cybersecurity to the forefront (The Daily Nonpareil - Council Bluffs, Iowa) Cybersecurity is a growing concern for Iowa’s public school districts after cyberattacks hit computer networks at Glenwood, Cedar Rapids, Davenport and, most recently, Des Moines Public Schools.
TikTok’s 2FA feature was briefly vulnerable to brute force attacks (Android Police) The loophole could have allowed hackers to access your account while bypassing 2FA
FAA NOTAM Statement (FAA) The FAA is continuing a thorough review to determine the root cause of the Notice to Air Missions (NOTAM) system outage. Our preliminary work has traced the outage to a damaged database file. At this time, there is no evidence of a cyber attack. The FAA is working diligently to further pinpoint the causes of this issue and take all needed steps to prevent this kind of disruption from happening again.
Canadian Pilot-Alert System Reports Outage Hours After U.S. Grounding Order (Wall Street Journal) Canadian aviation officials said an alert system that provides airlines with important safety information went down less than two hours after a similar system in the U.S. was restored on Wednesday. The system outage lasted for nearly three hours. NAV Canada's Notam entry system went down at about 1
US air travel resumes but thousands of flights delayed after planes grounded - live updates (The Telegraph) An IT meltdown grounded every flight from the US this afternoon in a blow to thousands of travellers.
US Flights Latest: Departures Resume After FAA Lifts Ground Stop (Bloomberg) FAA had paused takeoffs due to outage of key flight system. Carriers say delays, cancellations likely despite resumption.
US air travel resumes but thousands of flights delayed after planes grounded (The Telegraph) The White House says there is no evidence of a cyber attack being behind the outage
Airlines hope for return to normal Thursday after FAA outage snarls U.S. travel (Reuters) The U.S. aviation sector was struggling to return to normal on Wednesday following a nationwide ground stop imposed by the Federal Aviation Administration (FAA) over a computer issue that forced a 90-minute halt to all U.S. departing flights.
U.S. investigating FAA outage, cause not clear, Biden says (Reuters) President Joe Biden has ordered an investigation into an FAA system outage that grounded flights across the country Wednesday morning and said the cause of the failure was unknown.
The F.A.A. Said It Traced the Problem to a Damaged Database File (New York Times) The agency said that there was no evidence it was caused by a cyberattack.
'No Evidence' of Cyberattack Related to FAA Outage, White House Says (SecurityWeek) There is no sign "at this point" that a cyberattack caused an FAA systems outage that triggered authorities to halt all domestic air travel departures Wednesday, the White House said.
The reason behind the first US nationwide grounding since 9/11 remains unclear (Cybernews) The US Department of Transportation has been tasked with investigating the root cause of a glitch in a Federal Aviation Administration (FAA) alert system that quickly halted all domestic flights in the US – the first time a nationwide grounding has occurred since the 9/11 terror attacks.
No Evidence of Cyberattack, Officials and Experts Say (Wall Street Journal) Biden administration officials and cybersecurity experts said the Federal Aviation Administration's system outage on Wednesday didn't appear the result of a cyberattack. The White House said an investigation would take place. "There is no evidence of a cyberattack at this point,” White House Press
Flights Grounded Across the U.S. Following System Outage (Hstoday) The FAA is working to fully restore the Notice to Air Missions (NOTAM) hazard alert system following an outage. The FAA is working to fully restore the Notice to Air Missions (NOTAM) hazard alert system following an outage.
Outage Offers Second Case for Modernization of Air Travel Systems (Wall Street Journal) For the second time in less than a month, an air travel system failed, disrupting airports and triggering delays and cancellations. Just like Southwest Airlines Co.'s holiday meltdown, Wed
Don’t panic. It might not be a cyberattack. (Washington Post) Every time there’s a major technological outage, like the disruption of Federal Aviation Administration systems Tuesday night that caused thousands of flights to be delayed, speculation quickly erupts blaming a possible cyberattack.
Top 8 Cyber Security Vulnerabilities (Check Point Software) Learn what the top 8 cybersecurity vulnerabilities are, and what steps your organization can take in order to protect against them.
A government watchdog spent $15,000 to crack a federal agency’s passwords in minutes (Databreaches.net) A government watchdog has published a scathing rebuke of the Department of the Interior’s cybersecurity posture, finding it was able to crack thousands of employee user accounts because the department’s security policies allow easily guessable passwords like 'Password1234'.
SAP Security Patch Day – January 2023 (SAP) SAP Security Patch Day Why your organization should take care: Maintaining the security of installed SAP software is of critical strategic importance for the continuous protection of SAP business
SAP Patch Day: January 2023 (Onapsis) SAP patch day for January 2023 addresses critical vulnerabilities patched for SAP AS ABAP and Java. Read more in our blog.
Microsoft fixes Windows database connection problem (Register) January Patch Tuesday update resolves issue caused by Patch Tuesday update late in '22
Microsoft Confirms Windows Zero-Day Exploit Among 98 January Security Issues (Forbes) Microsoft has confirmed that a new Windows zero-day exploit is being used in the wild.
Cofense Intelligence™ Strategic Analysis (Cofense) Among phishing emails reaching inboxes over the course of 2022, the utilization of Telegram bots as exfiltration destinations for phished information increased gradually but significantly, resulting in a year-over-year increase of more than 800% between 2021 and 2022.
Investors Bet Big on Subscription-Based Security Skills Training (SecurityWeek) British startup Hack The Box scores a $55 million Series B funding round and plans ambitious global expansion.
Carlyle leads $55m Series B investment round in Hack The Box (Carlyle) Global investment firm Carlyle (NASDAQ: CG) announced today that it has led a $55m Series B investment round in Hack The Box, a rapidly growing continuous cybersecurity upskilling and talent assessment platform.
Retraites Populaires Invests in Datadobi to Move 18 Years of Production and Archive Data into New IT Environment (Business Wire) Datadobi, the global leader in unstructured data management, today announced that financial and insurance service leader, Retraites Populaires, invest
Microsoft + OpenAI: Inside Tech’s Hottest Romance (The Information) Three years ago, as Microsoft sought to overtake Amazon and Google in cloud computing and artificial intelligence, the company made a major move. It invested $1 billion into a project originally co-founded by Elon Musk, former Y Combinator president Sam Altman and other tech leaders to create ...
How upskilling and training providers help close the cybersecurity skills gap (VentureBeat) Hack the Box raises $55 million in funding, highlighting that cybersecurity training and upskilling holds the key to filling the skills gap.
Darktrace cyber-security customer base surges 24% in first half (InfotechLead) Darktrace, a cyber-security company in Britain, has ended H1 fiscal 2023 with a customer base of 8,178 customers, registering growth of 24.4
US Air Force Awards Parsons Subsidiary Digital Security System Contract (The Defense Post) The US Air Force has selected Xator for multiple subcontracting positions to support its Integrated Base Defense Security System.
Fortinet Recognized by Glassdoor as One of the 2023 Best Places to Work in the United States (GlobeNewswire News Room) Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity...
CrowdStrike Named to Glassdoor’s Best Places to Work in 2023 List (CrowdStrike) CrowdStrike today announced it has been honored with a Glassdoor Employees’ Choice Award, which recognizes the Best Places to Work in 2023.
Viktoria Ruubel joins Veriff as Managing Director of Digital Identity (PR Newswire) Veriff, a global identity verification provider, today announced that Viktoria Ruubel has joined the company as Managing Director of Digital...
Infoblox Appoints Scott Harrell to CEO (PR Newswire) Infoblox Inc., the leader in cloud-first DNS management and security, today announced that Jesper Andersen has decided to retire as Chief...
Sift Appoints Former Ping Identity COO Kris Nagel as CEO (GlobeNewswire News Room) Software Industry Veteran Joins Digital Trust & Safety Leader to Scale Business...
Bugcrowd Expands Leadership Team With Strategic Hires Focused On Growth and Customer Success (PR Newswire) Bugcrowd, the leader in crowdsourced cybersecurity, today announced the appointment of three senior executives to drive sales growth, product...
SANS Institute Appoints NCSC Founder Ciaran Martin To Lead CISO Network (Security Informed) The SANS Institute announces the appointment of the UK’s National Cyber Security Centre’s (NCSC) founder and former head Ciaran Martin, CB, as Director of SANS CISO Network and Summits EMEA.
Tufin appoints Raymond Brancato as CEO (Help Net Security) As Tufin's CEO, Raymond Brancato will be focused on driving company-wide growth, acceleration and scale through investments.
Red Hat Announces General Availability of Malware Detection Service (SecurityWeek) Red Hat Insights malware detection service, which can detect over 180 known Linux malware, is now generally available.
Ordr and GE HealthCare Collaborate to Help Enhance Clinical Network Performance, Efficiency, and Security for Healthcare Providers (PR Newswire) Ordr, the leader in connected device security, today announced that it is collaborating with GE HealthCare to offer customers a solution...
Catchpoint Announces the World’s First Complete Solution to Monitor and Protect the Internet’s Leading Companies from BGP Incidents in Seconds (Catchpoint) Catchpoint’s Internet Performance Monitoring Platform helps IT teams identify and mitigate BGP incidents, including hijack attempts and routing issues.
Cowbell Defines Approach to Catastrophic Modeling for Cyberattacks on SMEs (PR Newswire) Cowbell, the leading provider of cyber insurance for small and medium-sized enterprises (SMEs), has released a new whitepaper, "Modeling...
Onapsis Announces Collaboration with Wipro to Remove Security as a Digital Transformation Roadblock (Onapsis) Through this new collaboration, enterprises no longer need to sacrifice speed and security in their digital transformation journey
Veracode Research Reveals Steps to Reduce Introduction and Accumulation of Security Flaws as Apps Grow and Age (Business Wire) Veracode reveals data to save organizations time and money by helping minimize the introduction and accumulation of security flaws in software.
The Trade Desk Becomes One of the First Media-Buying Platforms to Achieve SOC 1 and SOC 2 Compliance (The Trade Desk) The Trade Desk is one of the first demand-side platforms (DSP) to attain SOC 1 and SOC 2 security compliance, reinforcing its commitment to ensure secure management of data within its platform.
Hughes Network Systems Launches New Managed Cybersecurity Service (Via Satellite) Hughes Network Systems is rolling out new managed cybersecurity services geared toward small to mid-sized businesses. The company said these offerings
Divilo selects ThetaRay AI solution to monitor global payments for financial crime (Israel Defense) Spain-based fintech upgrades to advanced AI-based system to gain sophisticated detection capabilities for money-laundering and sanctions list violations
ReversingLabs Elastic Threat Infrastructure Update: Integration, Automation for SOC Teams (ReversingLabs) The update improves file and report storage options for Microsoft and AWS platforms, as well as appliance management for SOC admins and other users.
Cloudflare Announces Email Security & Data Protection Tools (Dark Reading) Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced several new Zero Trust email security solutions, compatible with any email provider, to protect employees from multichannel phishing attacks, prevent sensitive data being exfiltrated via email, and help businesses speed up and simplify deployments.
Beyond Identity Receives FIDO2 Certification (Beyond Identity) Enterprises now have a standards-based path to accelerate passwordless phishing-resistant authentication
Federal Government Looks to Aware as Trusted Security Enabler (GlobeNewswire News Room) Global Biometric Authentication Leader Expands and Strengthens Foothold in Strategic Federal Market...
Jscrambler’s Web Page Integrity Solution Wins 2023 BIG Innovation Award (GlobeNewswire News Room) Jscrambler, a leader in client-side web security, has been named a winner in the 2023 BIG Innovation...
authID® Integrates Verified™ CloudConnect™ with Okta Workforce Identity Cloud, Expands Offerings across Workforce and Customer Identity (GlobeNewswire News Room) Combining Verified with Okta’s Workforce and Customer Identity Clouds delivers authID’s phishing-resistant Human Factor Authentication™ that eliminates the...
Cloudflare Takes Aim at a Top Security Threat: Your Inbox (Wall Street Journal) Chief Executive Matthew Prince said new security functions come in response to continued rise of email-borne threats.
Using MSPs to administer your cloud services (NCSC) Andrew A explains what you must check before giving Managed Service Providers (MSPs) the keys to your kingdom.
NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services (CISA) The United Kingdom’s National Cyber Security Centre (NCSC-UK) has released a blog post, Using MSPs to administer your cloud services, that provides organizations security considerations for using a third party, such as a managed service provider (MSP), to administer cloud services. Contracting with an MSP for cloud service management has become an increasingly appealing option for organizations.
NRF forms cyberthreat intelligence partnership with RH-ISAC (Cybersecurity Dive) The world’s largest retail association plans to collaborate on intelligence and advocacy in a heightened environment for ransomware and vulnerabilities.
Italy’s National Cybersecurity Agency joins Microsoft security programme (Technology Record) Italy’s National Cybersecurity Agency (ACN) has joined Microsoft’s Government Security Program as part of a wider collaboration to explore cybersecurity and resilience strategies for the country’s digital development.
What CISOs don’t know about their SOCs (SC Media) Here’s some insight into how continuous improvement can help arm the SOC to more effective manage today’s growing threat landscape.
Investing in Layered Cybersecurity Is a Strategic Choice (CPO Magazine) With the rise of digital transformation and the prevalence of mobile, cloud, and other technologies, the cybersecurity threat has never been higher
Why Analyzing Past Incidents Helps Teams More Than Usual Security Metrics (Dark Reading) Traditional metrics don't reflect real-world severity. Instead, analyzing previously reported incidents can help teams decide how to react, a new report says.
Is ChatGPT a cybersecurity threat? (TechCrunch) Security professionals express unease — and optimism — at ChatGPT's ability to write phishing emails and malicious code.
The Broken Promise of Conversational AI (Opus Research) Five9's Justin Guerra explores the very human reasons “conversational” bots fail to engage customers and offers strategies you can employ today to keep the CX promise.
IBM CEO Arvind Krishna: We “Help Future-Proof the World” (Acceleration Economy) Bob Evans details his one-on-one interview with IBM's CEO Arvind Krishna, who offers insights into IBM's focus on AI and hybrid cloud and his optimism towards the impact of enterprise technology.
What’s happening with quantum-safe cryptography? (ComputerWeekly.com) Chinese researchers claim quantum technology is reaching a point where a quantum device will soon be able to crack RSA 2048 public key encryption.
Retired Air Force Lt. Gen. Charlie Moore to elevate Vanderbilt’s expertise on national security, emerging threats (Vanderbilt University) Retired Air Force Lt. Gen. Charlie “Tuna” Moore, a highly decorated pilot who led the day-to-day operations of U.S. Cyber Command, has joined Vanderbilt University’s initiative on the future of conflict.
Ottawa willing to find ways to ‘improve’ maligned cybersecurity bill, minister says - National | Globalnews.ca (Global News) Public Safety Minister Marco Mendicino said the bill introduced last year will ensure Canada has the defences needed to address the many online threats to national security.
Japan and Italy upgrade ties to level of ‘strategic partnership’ | The Asahi Shimbun: Breaking News, Japan News and Analysis (The Asahi Shimbun) Japan upgraded its relationship with Italy to the level of “strategic partnership” after the two countries agreed to strengthen cooperation, primarily in the areas of national security and economics.
Joint Statement of the 2023 U.S.-Japan Security Consultative Committee ("2+2") (U.S. Department of Defense) Secretary of State Blinken, Secretary of Defense Lloyd J. Austin III, Japanese Minister for Foreign Affairs Hayashi and Minister of Defense Hamada convened the U.S.-Japan Security Consultative
UK and Japan sign landmark defense pact in bid to counter China (Breaking Defense) The Reciprocal Access Agreement (RAA) means London and Tokyo are in a position to “plan and deliver larger scale, more complex military exercises and deployments,” focused on the Indo-Pacific, according to the UK government.
US, Japan agree to boost security cooperation amid China worries: Report (Business Standard) The United States and Japan plan to boost military and security cooperation as their top national security officials hold talks on Wednesday.
Biden Calls for Limiting Tech Companies’ Use of Personal Data, Targeted Ads (Wall Street Journal) Both parties have criticized social-media companies but differ on some issues.
Opinion | Republicans and Democrats, Unite Against Big Tech Abuses (Wall Street Journal) Congress can find common ground on the protection of privacy, competition and American children.
How Congress Can Get Crypto Legislation Right (The Information) The near-overnight collapse of FTX International sent shockwaves through the crypto industry that are now reverberating in Washington. As the dust settles and details of what went on behind closed doors emerge, it’s clear that FTX’s leadership displayed a complete disregard for corporate ...
House Reps introduce bill to fund research into cybersecurity and energy infrastructure (The Record from Recorded Future News) A bill funding research into the cybersecurity needs of the country’s energy infrastructure was reintroduced to Congress on Wednesday.
Uncle Sam Re: Improving Cyber Hygiene and Increasing Confidence in the Cyber Insurance Ecosystem via Government Backstopping (Connecticut Insurance Law Journal) The year 2020 was a wake-up call, for the world and specifically for the cyber insurance ecosystem. The COVID-19 global pandemic reminded insurers, observers, and policymakers that actual or newly plausible attacks—including catastrophic cyberattacks—could pose existential threats to the cyber insurance ecosystem
Now you can legally repair your tech – sort of (WeLiveSecurity) A new law portends a future where we hope it will be easier for us all to repair, fix, upgrade, and just tinker with things we already own.
Seattle public schools’ lawsuit against media giants like TikTok, Instagram and Facebook faces uncertain legal road (Fortune) Even if the high court were to clear the way for lawsuits like Seattle's, the district has a daunting challenge in proving the industry's liability.
FTX Says It Has Located More Than $5 Billion in Cash, Liquid Assets (Wall Street Journal) The bankrupt cryptocurrency exchange said it has located more than $5 billion in cash and other liquid assets and is hoping to sell additional assets with a book value of more than $4 billion.
FTX Has Recovered 'Over $5B' in Assets, Bankruptcy Attorney Says (CoinDesk) The announcement substantially raises the total FTX has recovered since filing for bankruptcy last year but it's still short of what customers are owed in total.
The Only Living Boy in Palo Alto (Puck) Scenes from a surreal, often sad, otherworldly visit at home with Sam Bankman-Fried.
Source: Biden team finds more docs with classified markings (AP NEWS) President Joe Biden’s legal team has discovered additional documents containing classification markings in a second location, a person familiar with the matter told The Associated Press on Wednesday.
What we know about the classified documents found in Biden's think tank (Georgia Public Broadcasting) Classified documents from President Joe Biden's term as vice president were discovered at the Penn Biden Center for Diplomacy and Global Engagement last fall, according to Biden's personal attorneys.
In Washington, 'classified' is synonymous with 'controversy' (AP NEWS) Hillary Clinton’s presidential dreams were undermined by her use of a private email server that included classified information. Donald Trump has risked criminal charges by refusing to return top-secret records to the government after leaving the White House.
For a complete running list of events, please visit the Event Tracker.
7th Annual Insider Threat Summit (ITS7) (Monterey, California, USA, Mar 22 - 23, 2023) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Jan 9 - 13, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Insider Threat Program Development - Management Training Course (Laurel, Maryland, USA, Jan 30 - 31, 2023) The training course will be taught at the Johns Hopkins University Applied Physics Laboratory, in Laurel, Maryland. This highly sought after and very comprehensive 2 day training course will ensure the Insider Threat Program (ITP) Manager/ Senior Official (Insider Threat Analyst, FSO, CSO, CISO, Etc.), and others who support the ITP (Human Resources, IT, Network Security, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / ITP Working Group. Our student satisfaction levels are in the exceptional range. Over 900+ individuals have attended this training course and received ITP Manager Certificates.
CybertechGlobal Tel Aviv (Tel Aviv, Israel, Jan 30 - Feb 1, 2023) Cyber is all around us—it is one of the most trending topics in the tech and business arenas. It is a whole-encompassing industry that is not only about threats, but also covers the scope of digitalization and opportunities in the realm of innovation. From Tel Aviv and Rome, to Tokyo, Singapore, Panama, and more, Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe. Our conferences and exhibitions serve as the go-to place to make business happen and learn all about the latest technological innovations, challenges, and solutions to combating threats within the global cyber arena. Cybertech events feature top executives, government officials, leading decision-makers from a wide range of sectors including critical infrastructure, insurance, retail, health and government, defense, R&D, manufacturing, automotive, and more! Multinational corporations, startups, private and corporate investors, venture capital firms, experts, and clients—come and meet all the key players from the cyber industry and be immersed in everything there is to offer. Cyber. We live it. Breathe it. All at the forefront of global innovation.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Feb 6 - 10, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Tech Days (Barcleona (and virtual), Spain, Feb 13 - 15, 2023) The PKI and cryptography landscape is in a state of constant evolution. Emergence of post-quantum cryptography, new PKI and IoT use cases, and rapid growth of machine identities are all serious challenges. At Tech Days 2023, we say “Game On.”
