Creating Connections looks at cyberspace in outer space.
The latest issue of Creating Connections features an essay, "Cybersecurity in space: not as far out as you’d think." Check it out, and follow Creating Connections here.
Most security breaches can be linked to an email, from phishing and impersonation to BEC and zero-day threats. As one of the most used apps in business, email deserves better protection. Mimecast helps 40,000+ organizations work fearlessly. Get the best layer of protection with Mimecast and the most dangerous threats can be the least of your worries.
The latest issue of Creating Connections features an essay, "Cybersecurity in space: not as far out as you’d think." Check it out, and follow Creating Connections here.
The US Food and Drug Administration (FDA) is warning healthcare providers of a vulnerability affecting the Universal Copy Service (UCS) software in a multitude of Illumina devices. The vulnerability impacts a range of devices and instruments used primarily in sequencing DNA for diagnosing potential genetic medical conditions, as well as research. The FDA lists affected devices, which include “Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000 sequencing instruments.” The vulnerability allows for an unauthorized user to remotely control, alter settings, configuration, software, or data, and can alter genomic data outcomes to show no results at all, or an incorrect or altered version of the results. The FDA reports that on April 5 of this year, Illumina notified affected parties of the vulnerability, and advised checking the relevant devices for signs of exploitation. No exploitations have so far been reported. Illumina’s chief technology officer, Alex Aravanis, wrote in a LinkedIn post that the company has developed a software update for the vulnerability, which he says will be free and require “little to no downtime for most.” For more on this vulnerability and its mitigation, see CyberWire Pro.
Take lead in a global community of security pros. Be a speaker at mWISE.
A ransomware attack against a US Marshals Service computer network is still causing the organization to experience an outage on one of its services. As the Washington Post reports, “A key law enforcement computer network has been down for 10 weeks, the victim of a ransomware attack that has frustrated efforts by senior officials to get the system back up and running — raising concerns about how to secure critical crime-fighting operations.” The US Marshall’s Technical Operations Group (TOG), which uses highly technical methods to track fugitives by cellphones and email accounts, has been crippled since its computer systems were compromised in a ransomware attack.
The US Marshal refused to pay the ransom and decided to wipe all devices that could have been used to facilitate the breach. This has caused some frustration among agents. “In the case of the TOG system, the network has existed outside regular Justice Department computer systems for years, unnoticed in the open, crowded internet,” according to the Post. Many agents had their work phones wiped, which resulted in the loss of text conversations and contact information, which is inconvenient but not crippling. The service is working to rebuild its systems and re-evaluating its network architecture.
Broaden the reach of your ads, fill your funnel, and build partnerships with valuable leads. Having the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, means companies trust us to get their messages out. Feature your brand with the source that top security leaders choose. Learn more.
PCMag reported Thursday that the US Department of Justice (DOJ) has shifted focus away from arrest and toward disruption and prevention of cyberattacks. US Deputy Attorney General Lisa Monaco explained at the RSA conference that the goal is now to minimize harm. "We're not measuring our success only with courtroom actions and courtroom victories," she said. Monaco used the Colonial Pipeline attack as an example of how to protect victims. For context, the DOJ was able to seize approximately $2.3 million in bitcoin Colonial Pipeline had paid the criminals to recover its files. Monaco attributes this success to Colonial Pipeline’s willingness to work with the DOJ. This approach is not centered on prosecution. “The direction we’ve given to our prosecutors and investigators is ‘you gotta have a bias towards action to disrupt and prevent, to minimize that harm if it is ongoing, to disrupt it and take that action to protect the next victim. And doing so will not always yield a prosecution.” The DOJ’s CyclopsBlink operation, in which the DOJ worked with Microsoft and other private companies to discover and disrupt a botnet operated by Russia’s GRU, is another example of this approach. The botnet hadn’t yet been activated, and its disruption amonted to proactive mitigation.
A LockBit affiliate has fallen out of the ransomware gang’s good graces after using LockBit’s ransomware-as-a-service (RaaS) tool against a school district in Illinois in February, Bitdefender reports. Olympia Community Unit School District 16 discovered that it was victimized on February 26 of this year, and LockBit’s leak site began counting down to April 12 as the date on which all the district’s stolen data would be released. The LockBit administrator, however, updated the leak site with an apology for the attack against “small innocent children” and offered the decryptor, saying, “Please forgive me for allowing the attack on small innocent children, the stolen data has been deleted, to get the decryptor please give me the decryption id. I am very ashamed, but I can not control all partners, anyone can join my affiliate program as well as break the rules, I have blocked this partner.” The admin also banned the affiliate responsible from using the LockBit tool again. (There may be some small honor among thieves–or in this case, RaaS operators–but they remain thieves nonetheless.)
On Friday, April 28th, 2023, CERT-UA, Ukraine’s Computer Emergency Response Team, reported that Russian operators were sending phishing emails that misrepresent themselves as sending instructions on installing a Windows security update. “ The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks,” BleepingComputer writes. “CERT-UA believes that the Russian state-sponsored hacking group APT28 (aka Fancy Bear) sent these emails and impersonated system administrators of the targeted government entities to make it easier to trick their targets.”
APT28 of course is associated with Russia’s military intelligence service, the GRU, and CERT-UA is both certain of, and unambiguous with respect to, that attribution. CERT-UA describes the attack process as follows: "During April 2023, the government computer emergency response team of Ukraine CERT-UA recorded cases of the distribution of e-mails with the subject 'Windows Update' among government bodies of Ukraine, sent, apparently, on behalf of system administrators of departments. At the same time, e-mail addresses of senders created on the public service '@outlook.com' can be formed using the employee's real surname and initials." The warning adds, "The sample letter contains 'instructions' in Ukrainian for 'updates to protect against hacker attacks', as well as graphical images of the process of launching a command line and executing a PowerShell command."
Should the victims follow the instructions in the email, they’ll find themselves installing a PowerShell script that simulates a Windows update while it in fact downloads a second malicious PowerShell payload in the background. That payload deploys information-harvesting malware that abuses the legitimate Mocky tool. CERT-UA concludes, "We recommend restricting the ability of users to launch PowerShell and monitor network connections to the Mocky service API."
KillNet held an Ask Me Anything session on their telegram page on Saturday to answer questions about their new self-designation as a Private Military Hacking Company. The questions raised were mostly regarding how the PMHC will operate. When asked about the structure of their organizations, KillNet responded, “We created four sub-detachments consisting of former cybercriminals and former members of special services (not only from Russia). At the current time we are ready to not only defend the motherland, but also conduct computer network attacks and destruction of intruders of different levels throughout the world.”
The CyberWire's continuing coverage of Russia's war against Ukraine, with special attention to the cyber phases of that war, may be found here.
Last week at the RSA Conference in San Francisco a community of private-sector companies announced the formation of ETHOS, an acronym for, “Emerging Threat Open Sharing.” ETHOS is intended to be “an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries with peers and governments.” It’s intended to function as a hotline across which early indications of threat activity can be shared.
Today's issue includes events affecting Bangladesh, Canada, China, Denmark, the European Union, France, India, Indonesia, Iran, Moldova, NATO/OTAN, Pakistan, Russia, Tajikistan, Ukraine, the United Kingdom, and the United States.
Ukraine at D+431: Drone strikes and phishing expeditions. (CyberWire) Russia and Ukraine exchange drone strikes as Russia prepares to receive a Ukrainian offensive. CERT-UA warns of a GRU phishing expedition against Ukrainian government targets.
NY Army National Guard soldiers returning from mission to train Ukrainian troops (Stars and Stripes) New York Army National Guard soldiers from the Syracuse-based 27th Infantry Brigade Combat team are on their way home after overseeing the training of 9,600 Ukrainian troops.
Russia-Ukraine war at a glance: what we know on day 432 of the invasion (the Guardian) Russian missiles have struck warehouses reportedly storing ammunition at a railway depot in the Ukrainian city of Pavlohrad injuring at least 34 people; Ukraine claims to have shot down 15 of 18 missiles fired overnight
Russia Fires 18 Missiles Across Ukraine In Predawn Attack; Kyiv Claims Most Shot Down (RadioFreeEurope/RadioLiberty) Russia hit Ukraine with a nighttime barrage of 18 missiles, and Ukrainian air defense claimed it shot down nearly all of them.
Russia-Ukraine war live: air raid sirens in Kyiv and across Ukraine as officials warn of missile threat (the Guardian) Regional administration officials in Ukrainian capital have advised all civilians to head for shelters; reports of air defences at work in Kyiv
Ukraine ammunition depot reportedly hit in wave of Russian missile attacks (the Guardian) Ukraine intercepts 15 out of 18 missiles as Moscow launches strikes apparently designed to hamper Kyiv’s plans for a counteroffensive
When Russia targets ordinary homes: the attacks that mean no one is safe in Ukraine (the Guardian) A strike that killed 23 people far from any frontlines has forced residents to understand that one could come anywhere
Russia-Ukraine war at a glance: what we know on day 431 of the invasion (the Guardian) Crimea navy oil depot fire extinguished after reported Ukrainian drone strike on fuel tanks; Nancy Pelosi speaks about her ‘dangerous’ Kyiv visit
Explosions Near Ukraine’s Giant Nuclear Plant Prompt Diplomatic Push (Wall Street Journal) The United Nations atomic energy agency is racing to prevent the war in Ukraine from endangering the Zaporizhzhia facility as fighting nearby intensifies.
Wagner Chief Threatens To Pull Out Of Bakhmut As Zelenskiy Calls For Modern Air Defenses (RadioFreeEurope/RadioLiberty) Wagner chief Yevgeny Prigozhin has threatened to withdraw his mercenaries from the embattled Ukrainian city of Bakhmut if supply problems are not resolved, as President Volodymyr Zelenskiy appealed for modern air-defense systems following deadly Russian strikes on civilian targets.
Wagner Group could soon cease to exist, chief says (The Telegraph) Founder of mercenary unit Yevgeny Prigozhin accuses Russian military of hampering his supply of ammunition and manpower
Putin’s gangster state is bleeding his forces dry (The Telegraph) The corruption endemic in Russia and its military is unsustainable - over time, it will inevitably lead to the regime’s collapse
Russia-Ukraine war live: Crimea navy oil depot fire ‘contained’ after burning for hours (the Guardian) Moscow-installed governor in Sevastopol says blaze, attributed to Ukrainian drone strike, now under control
Vladimir Putin’s once feared and almighty navy is sinking into a sorry state (The Telegraph) Host of problems including a flagship earmarked for the scrap show the decline of Russia’s sea battle force
Russian Army Numbers Growing Inside Ukraine, Says Top NATO Commander (USNI News) The Russian army operating in Ukraine today is larger than when the Kremlin launched its invasion in February 2022, but remains vulnerable to a Kyiv counteroffensive expected in the coming weeks, NATO’s top commander told the House and Senate armed services committees this week. “This war is far from over,” Army Gen. Christopher Cavoli told …
Ukraine needs equipment to mount its offensive (The Telegraph) Ukrainian forces do not have the luxury of waiting while protracted decisions are made about procurement sourcing
Russia says its overnight strikes on Ukraine hit army reserve units (Reuters) The Russian Defence Ministry said on Friday that its strategic bombers had carried out what it called high-precision missile strikes on Ukrainian army reserve units overnight to prevent them from getting to the frontline.
Top NATO commander drops hints that Ukraine offensive could come sooner than later (Washington Examiner) RUSSIA IS WEAK: In his second day of testimony on Capitol Hill, this time before the Senate Armed Services Committee, Gen. Christopher Cavoli, NATO’s supreme commander, gave several indications that Ukraine’s much-ballyhooed coming counteroffensive needs to launch before Russia is able to rebuild…
Pope Reveals He’s Working on Secret ‘Mission’ of Peace in Ukraine (New York Times) Francis said he was doing “all that is humanly possible” to help return Ukrainian children taken to Russia and urged Hungary not to slam doors on migrants.
Russia's Wagner Group Plotted To Spark Violence In Moldova, U.S. Document Leak Shows (RadioFreeEurope/RadioLiberty) Moldova, Europe's poorest country, witnessed anti-government protests earlier this year -- and now the leak of classified U.S. military documents indicate the Russian mercenary group Wagner may have played a role.
EU nations quarrel over where to buy fresh ammo for Ukraine (Defense News) Officials in Brussels debate how far a mandate for local purchases of weapons and ammunition should go.
NY Army National Guard soldiers returning from mission to train Ukrainian troops (Stars and Stripes) New York Army National Guard soldiers from the Syracuse-based 27th Infantry Brigade Combat team are on their way home after overseeing the training of 9,600 Ukrainian troops.
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562) (CERT-UA) During April 2023, the government computer emergency response team of Ukraine CERT-UA recorded cases of the distribution of e-mails with the subject "Windows Update" among government bodies of Ukraine, sent, apparently, on behalf of system administrators of departments. At the same time, e-mail addresses of senders created on the public service "@outlook.com" can be formed using the employee's real surname and initials.
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt (BleepingComputer) The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks.
Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies (Security Affairs) CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) has been active since at least 2007 and it has targeted governments, […]
Russian Bitcoin Wallets Allegedly Exposed by Apparent Hacker (CoinDesk) A mysterious bitcoiner used the OP_RETURN field to call out wallets controlled by FSB and GRU.
‘Robin Hood’ hacker steals rich Russian crypto funds, gives to poor Ukraine (New Voice of Ukraine) A hacker has gained access to hundreds of cryptocurrency wallets belonging to Russia’s FSB, GRU, and Foreign Intelligence Service, news site CoinDesk reported on April 27, citing Chainalysis, a cryptocurrency monitoring company that works with the U.S. government.
Russian navy ship photographed near Nord Stream pipelines before blasts (the Guardian) Submarine rescue vessel SS-750 was photographed in Baltic four days before still-unexplained explosions, says Danish newspaper
Russia’s economy can withstand a long war, but not a more intense one (The Economist) Its defences against Western sanctions can only stretch so far
Why China Hasn’t Come to Russia’s Rescue (Foreign Affairs) Their “no limits” partnership has been an economic one-way street.
Whisper it, but Ukraine may no longer be winning (The Telegraph) Bad faith actors, such as Xi Jinping and Emmanuel Macron, are waiting for the first opportunity to force an unbalanced peace plan upon Kyiv
The Milley Doctrine (Puck) Onboard a flight to Ramstein Air Base, the Chairman of the Joint Chiefs shares his “realist” view of war in Ukraine, Russia’s military failures, and the challenges still to come.
What Russia Got Wrong (Foreign Affairs) Can Moscow learn from its failures in Ukraine?
Ukraine’s counter-offensive is drawing near (The Economist) Its Western allies want success—but not too much
Ukraine’s top guns need new jets to win the war (The Economist) There is a dogfight between Swedish Gripens and American F-16s
Why so many Russian tanks fall prey to Ukrainian mines (The Economist) With the right help, tanks should be able to cross minefields
How Ukraine is using fake tanks and guns to confuse the Russians (The Economist) Inflatables are the way forward
Russia's Oldest Rights Group Loses Appeal Against Liquidation (RadioFreeEurope/RadioLiberty) A court of appeals in the Russian capital has rejected the Moscow Helsinki Group's appeal against its liquidation, amid a relentless Kremlin campaign to muzzle criticism of its war against Ukraine.
The rise and violent demise of pro-Russian war blogger Vladlen Tatarsky (Washington Post) Vladlen Tatarsky, a convicted criminal turned popular pro-Russian blogger who published warmongering diatribes, was promoting his upcoming book to a gathering of his fans at a hip burger joint in St. Petersburg. A portrait of Tatarsky surrounded by firearms in the shape of angel wings lit up the room.
Russia's crackdown on Ukraine war opponents (Deutsche Welle) The Kremlin has stepped up efforts to stifle ciriticism of the Ukraine war. DW met a Russian university student who was put under house arrest for antiwar posts on social media.
They Refused to Fight for Russia. The Law Did Not Treat Them Kindly. (New York Times) Since Moscow’s invasion of Ukraine, hundreds of Russian men have faced criminal charges for becoming war refuseniks. That has not stopped others from going to unusual lengths to avoid battle.
The Japanese Cafe Owner Feeding Kharkiv (RadioFreeEurope/RadioLiberty) Fuminori Tsuchiko uses donations from Japan to run a free cafe for residents of Ukraine's war-hit city of Kharkiv.
The Dark Battle Royale: India, Nepal VS Pakistan, Bangladesh, Indonesia | A CyberWar That You Don't Know About (TimesNow) Unraveling the Chaos in a Cyberwar Fueled by Religious Tensions and Hatred, Technology & Science News, Times Now
Iran’s State-Backed Cyber-Threat Groups: Upgraded Arsenals and Aggressive Approaches (Iran News Update) Iranian regime state-sponsored cyber-threat groups have been operating for several years and have continually upgraded their tools and techniques to launch more sophisticated attacks on their targets.
Iran APT using ‘BellaCiao’ malware against targets in US, Europe and Asia (Record) An Iranian state-sponsored APT group has been accused of deploying a new strain of malware named BellaCiao against several victims in the U.S., Europe, India, Turkey and more.
Russian APT Hacked Tajikistani Carrier to Spy on Government, Public Services (SecurityWeek) Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on government and public services
Illumina cyber vulnerability may present risks for patient results (U.S. Food and Drug Administration) Illumina cybersecurity vulnerability affecting the Universal Copy Service software may impact patient health results.
CISA, FDA warn of new Illumina DNA device vulnerability (Record) The FDA and the manufacturer — Illumina — said they have not received any reports indicating the software bug has been exploited.
HiddenAds Spread via Android Gaming Apps on Google Play (McAfee Blog) Authored by Dexter Shin Minecraft is a popular video game that can be played on a desktop or mobile. This is a sandbox game developed by Mojang Studios.
Troubling malware threat spreading on Facebook and Twitter (Fox News) A newly developed malware attack has become more prevalent due to its disguise as advertisement for products on social media sites such as Facebook and Twitter.
Daam Android malware can hold your phone hostage — what you need to know (Tom's Guide) Sneaky new Android malware can also steal your data and hide from antivirus apps
Cold storage giant Americold outage caused by network breach (BleepingComputer) Americold, a leading cold storage and logistics company, has been facing IT issues since its network was breached on Tuesday night.
Cyber-attack sparks fears that criminals could target UK gun owners for firearms (Guardian) National Crime Agency assessing risk after data of some National Smallbore Rifle Association members ‘compromised’
Diocese of Las Vegas impacted by data breach (KSNV) The Diocese of Las Vegas was the recent victim of a data breach.
Cyberattack might have breached personal data from Maryland UnitedHealthcare accounts, company says (Baltimore Sun) A cyberattack could have accessed personal information from UnitedHealthcare accounts in Maryland, the health insurance company said.
UnitedHealthcare data breach in Arizona (KOLD) UnitedHealthcare determined on April 10, 2023 that some personal information may have been impacted by this incident.
CA Health Plan Reports Data Breach Tied to Fortra GoAnywhere Hack (Health IT Security) Santa Clara Family Health Plan is the latest healthcare organization to report a data breach stemming from the exploitation of a vulnerability in Fortra’s GoAnywhere managed file transfer solution.
United HealthCare data breach may have revealed personal information of customers (CBS News) A breach, which happened between Feb 19 and Feb 25, may have disclosed personal information of healthcare plan members that included first and last names, addresses, date of birth and provider names.
Ransomware attack impacting offices in Spartanburg County (Fox Carolina) County offices are being impacted by a computer systems problem in Spartanburg on Thursday.
Ransomware Attack Disrupts IT Network at Hardenhuish School (Infosecurity Magazine) At the time of writing, it is unclear whether the school paid the ransom
"Ashamed" LockBit ransomware gang apologises to hacked school, offers free decryption tool (Hot for Security) Is it possible ransomware gangs actually do have a heart? Last month, a school district in Illinois was reported...
Gateway begins reopening casinos following cyber attack (Sudbury.com) Officials announced in a media release that it's reopening locations incrementally, starting with Innisfill on April 29
Ontario casino ransomware attack 'as bad as it gets,' expert says (Barrie) Technology analyst Carmi Levy said the ransomware attack that knocked the servers out to Gateway Casinos facilities in Ontario is the digital equivalent of recovering from a major fire or similar disaster.
Bluefield University receives cybersecurity attack (Lootpress) Bluefield University systems have been shut down for an unknown period of time due to a recent cybersecurity attack. This decis
Crooks show they don't need ChatGPT to scam victims (Register) Not today, AI
Nashua schools to open Monday 'as scheduled' after 'sophisticated cyber attack' (UnionLeader.com) Nashua officials say schools will hold classes as scheduled Monday, after the school district was hit by what’s being called a “sophisticated cyber attack.”
AG: New Hampshire restaurants subject to cyber attack (Boston 25 News) New Hampshire restaurants have been subject to cyber attacks making customers unable to redeem gift cards at certain restaurants.
Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws (WIRED) Firefox gets a needed tune-up, SolarWinds squashes two high-severity bugs, Oracle patches 433 vulnerabilities, and more updates you should make now.
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now (The Hacker News) Zyxel releases critical security patches for firewall devices. Flaw could allow remote code execution on affected systems.
Verizon releases April 2023 Update for Pixel 6a, Pixel 6, and Pixel 6 Pro (GoAndroid) Verizon-based Pixel 6a, Pixel 6, and Pixel 6 Pro receiving April 2023 update in the US. You can download the OTA file and Factory Image for the Google Pixel 6 Series and install it manually.
No more upgrades for Windows 10 – current version is final (Register) Shift off to Win 11 now, go on... better hope your biz is giving out fresh hardware
Microsoft's Security Announcements Made During RSA Conference (My TechDecisions) Microsoft's security announcements during RSA Conference include new tools in Entra and Sentinel tools, new Defender features, app security.
Cybercriminals use proxies to legitimize fraudulent requests (Help Net Security) It’s clear that bots are a pervasive threat and it is easy for bad actors to conduct malicious bot attacks and fraud with minimal risk.
Mandiant Report: Dwell Time Decreases While Ransomware, Extortion Flourish (Dark Reading) Mandiant's Charles Charmakal joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the company's latest annual M-trends report.
RSA Conference or Black Mirror? Either way, we're doomed (Register) Luckily CrowdStrike's CSO has a brighter outlook than we vultures
Firmware Looms as the Next Frontier for Cybersecurity (Dark Reading) Software bugs are ubiquitous, and we're familiar with hardware threats. But what about the gap in the middle? Two researchers at Black Hat Asia will attempt to focus our attention there.
Darktrace Takes A Closer Look At the Shifting Email Security Conversation (Dark Reading) Dan Fein of Darktrace joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss email security.
Significant drop in cybersecurity VC funding reported (SC Media) Only 21 cybersecurity venture capital deals were recorded during the first three months of 2023, which was 50% lower than the previous quarter, 56% lower than the same period last year, and the lowest since the first quarter of 2015, according to SiliconAngle.
Shield Raises $2.1 Million To Protect Organizations And Consumers From Crypto Exploits (Pulse 2.0) Shield is a security company that is focused on protecting users from online scams. The company recently announced it has raised $2.1 million in pre-seed funding from Kraken Ventures, Eterna Capital, Alchemy, Moonpay, and several leading security investors.
Facebook Made BuzzFeed, Then Killed It (WIRED) The digital publisher grew fat off the back of Facebook’s fickle algorithm. Battered and bruised, it’s now going back to where it all began.
RSA Conference Concludes 32nd Annual Event by Convening Strong Cyber Community and Experts Together (Business Wire) RSA Conference™, the world’s leading cybersecurity conferences and expositions, today concluded its 32nd annual event at the Moscone Center in San Francisco. The year’s event attracted over 40,000 attendees, including 650+ speakers, 500+ exhibitors and 500+ members of the media. Throughout the week, attendees networked on the expo floor and participated in keynote presentations, track sessions, tutorials, seminars and special networking events.
RSAC 2023: 10 Coolest Cybersecurity Startup Companies (CRN) RSA Conference 2023 included startups HiddenLayer, Concentric AI, Endor Labs and Mondoo.
NGA Posts Solicitation for Project Maven Supply Chain Risk Management Platform (Executive Gov) Looking for the latest Government Contracting News? Read about NGA Posts Solicitation for Project Maven Supply Chain Risk Management Platform.
Microsoft to skill 100K young women in cybersecurity by 2025 (ETCIO.com) Microsoft on Friday said that it is initiating new partnerships under its Ready4Cybersecurity programme in Asia to skill and certify 1,00,000 young women and underrepresented youths in cybersecurity by 2025.
How Will The Cyber Attack Impact Dish’s Q1 Results? (Forbes) We expect that earnings will stand at about $0.38 per share, ahead of the consensus estimates of about $0.36.
GM nominates retired U.S. Navy Vice Admiral Jan Tighe to board (Automotive News) Tighe, who served for more than 34 years with the Navy and the National Security Agency, is a former deputy chief of naval operations for information warfare and director of naval intelligence.
From school dropout to cybersecurity start-up founder: Meet Benjamin Harris (The Peak Magazine) The founder & CEO of Singapore-based start-up watchTowr aims to make cybersecurity more effective and accessible.
Infosec products of the month: April 2023 (Help Net Security) The featured infosec products this month are from: Abnormal Security, Arista Networks, Armorblox, BigID, Binarly, Cofense, Cyera, and more.
Zerify’s Cyber Security Solutions Featured in Aite-Novarica Group’s Quarterly Fintech Spotlight (GlobeNewswire News Room) Aite-Novarica analyst selects Zerify Defender as a product to watchReport underscores Zerify’s unique approach to protect data amidst increased cyber...
Cisco Unveils New XDR Solution to Rapidly Detect Advanced Cyber Threats (Fast Mode) Cisco Unveils New XDR Solution to Rapidly Detect Advanced Cyber Threats
Veracode Secures StateRAMP Authorization to Protect State and Local Cybersecurity (Veracode) Cloud-based Platform Exposes Vulnerabilities to Help Improve Reliability of Public Sector Software
Enhancing Cyber Risk Management with the New Resilience Solution (GlobeNewswire News Room) Resilience reinvents the cyber risk market, again...
Securing the API Attack Surface by Enterprise Strategy Group (ESG) (Data Theorem) Securing the API Attack Surface research report and customer survey by Enterprise Strategy Group (ESG) analyst firm
OT Cybersecurity Leaders to Deliver First Open-Source Information Sharing for Collective Early Warning in Critical Infrastructure (GlobeNewswire News Room) Collaborative information sharing developed by ETHOS to help entire Operational Technology (OT) community rapidly identify, assess and respond to potential...
Critical infrastructure launches open source ETHOS project (Register) OT firms construct handy early-warning info-sharing system
VPNs Are Going Mainstream, and So Are Their Trust Issues (Bloomberg) Virtual private networks have become a cornerstone of personal security online. What are their makers really selling?
What Are the NSA's Top Security Concerns? (PCMAG) We think of the NSA as secretive to a fault, but the agency and the security industry benefit from collaboration. At RSAC, the agency’s director details the NSA’s latest thinking on security.
How to Spy on China (Foreign Affairs) Beijing is a hard target—but better tech could make It easier.
Google Blocks 1.43 Million Malicious Apps, Bans 73,000 Bad Accounts in 2022 (The Hacker News) Google blocked 1.43 Million bad apps in 2022! Security improvements are making a huge difference, but cybercriminals are still finding ways in.
Mandiant CEO’s 7 tips for cyber defense (Cybersecurity Dive) Organizations’ institutional knowledge is an advantage that no adversary can match, Kevin Mandia told RSA Conference attendees.
The true numbers behind deepfake fraud (Help Net Security) Advanced identity fraud is not only about a deepfake. 46% of global organizations experienced synthetic identity fraud in the past year.
You don't have to wait for quantum to prepare for it (Register) Rapid7 CSO Jaya Baloo on how to tackle this potential looming tech
RSAC 2023: Generative AI Takes the Cybersecurity Industry by Storm (GovTech) Yes, generative AI stole the show at RSA Conference 2023 in San Francisco last week. Here’s a roundup of the top news from the biggest cybersecurity conference in the world.
Microsoft’s Chief Scientific Officer weighs in on the dangers of A.I. and the open letter for a 6-month pause (Fortune) In an interview with Fortune, Eric Horvitz lays out what comes next for A.I., and what exactly it is that distinguishes people from machines.
How to Know If a Software Solution Is Actually AI-Driven or If It’s Just Hype (Acceleration Economy) Shopping for AI? Short of getting into the guts of the training models, datasets, and software development, how do you know what you’re looking at is the real deal?
The chatbot whisperers (Virginia Tech) Virginia Tech computer scientists are working to tame the violent, racist, sexist language that has been reported from chatbots.
IARPA opens research into ‘cognitive vulnerabilities’ of cyber hackers (Federal News Network) IARPA’s program manager explains how she hopes the research agency can make “human factors” a weakness of cyber attackers, too.
Internet Safety Labs Awarded $500K Grant to Continue Research on K-12 EdTech Safety in US Schools (GlobeNewswire News Room) Internet Society Foundation grant strengthens Internet Safety Lab’s efforts to uncover potentially harmful data collection/sharing practices of apps used...
Cyber attack at Bluefield University leads to postponed finals (WVVA) Bluefield University experienced a cybersecurity attack early Sunday morning and are investigating the impact.
Free cybersecurity camps can lead high schoolers on career path (KTBS) High school students could potentially start on their future career path this summer by participating in one of three cybersecurity camps at LSUS.
EU proposes new copyright rules for generative AI (Reuters) Companies deploying generative AI tools, such as ChatGPT, will have to disclose any copyrighted material used to develop their systems, according to an early EU agreement that could pave the way for the world's first comprehensive laws governing the technology.
Intelligence watchdog questions cyber agency's approach to international law, CSE insists it was above board (CBC News) One of Canada's intelligence watchdogs has scolded the country's cyber security agency over its approach to international law.
Defence on notice to beef-up its cybersecurity efforts (The Mandarin) Australia will have to build more digital muscle to resist cyber attacks or even potentially use offensive tactics against foreign targets.
RSA: State Dept. Cyber Chief Notes ‘Seismic Shift’ in Collaboration (Meritalk) The head of the State Department’s Bureau of Cyberspace and Digital Policy said on April 26 that he has seen a “seismic shift” in public-private collaboration since Russia invaded Ukraine nearly 15 months ago.
US cyber ambassador: NATO must extend ‘deterrence into the digital world’ (Record) The U.S. State Department’s top cybersecurity official said Thursday that countries are taking advantage of the differing views among NATO members on whether cyberattacks could trigger a collective military response.
U.S. Cyber Command Will Hold Malicious Cyber Actors Accountable (ClearanceJobs) Experts say that by partnering with nations around the world, the U.S. can help stop the threats before they reach our shores.
Feds Prioritizing Disruptions Over Arrests in Cyberattack Cases (PCMAG) Breaking up a hacking operation without making any arrests 'might have been heresy' in years past, but DOJ is now focused more on disruption and prevention, says US Deputy AG Lisa Monaco.
FBI Warrantless Searches of Americans’ Communications Declined Sharply, Spy Agency Says (Wall Street Journal) A senior FBI official attributed the drop in part to better compliance with restrictions on searches of the data after adoption of internal reforms.
Surveillance numbers drop, but critics aren’t satisfied (Washington Post) Warrantless searches of Americans’ communication take a big dip — but interpretations of results vary
Biden officials present a united front at top cyber conference (Axios) The Biden administration's cyber team arrived at the RSA Conference with — for the first time — a clear message about how each agency approaches the government's vast cyber mission.
Biden to private sector: Cybersecurity is your responsibility—not the user’s (Bulletin of the Atomic Scientists) Biden's National Cyber Strategy places the responsibility of protecting the nation’s cybersecurity on the private sector, not users.
A deep look at how the government can promote resilience down to the local level (Federal News Network) No one can predict when disaster will occur. But organizations, whether government or private, can control how well they respond. It is all about risk mitigation and resilience.
Opinion To stop intelligence leaks, assume there will be bad actors (Washington Post) Reading about the massive dump of secrets in what has become known as the Discord leaks, people might reasonably ask: Why do these hemorrhages of classified information keep happening?
No, The Security Clearance Process Isn't Broken. Yes, It Could Be Better (ClearanceJobs) Your source for Security Clearance news and security-cleared job opportunities. Read "No, The Security Clearance Process Isn't Broken. Yes, It Could Be Better ".
Air Force Streamlines Cyber Commissioning (FEDweek) The Air Force is taking steps to attract, train and commission cyber professionals. The newly established Cyber Direct Commissioning Program would reduce
Key law enforcement computers still down 10 weeks after breach (Washington Post) A secretive technology arm that the U.S. Marshals Service uses to hunt suspects has struggled to get back up and running
Family of alleged Pentagon leaker say they’re supporting him (NBC News) Jack Teixeira, an airman first class, has been accused of accessing classified information and posting government information to a social media platform.
Accused Pentagon leaker's violent rhetoric raises fresh questions about top secret vetting process (CNN Politics) New details about the 21-year-old Air National Guardsman accused of leaking a trove of classified documents online reveal how multiple red flags went unheeded and weren't enough to prevent the Pentagon from granting him a top-secret security clearance.
DOJ Detected SolarWinds Breach Months Before Public Disclosure (WIRED) In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.
Chinese hackers outnumber FBI cyber staff 50 to 1, bureau director says (CNBC) Wray said the country has "stolen more of our personal and corporate data than all other nations—big or small—combined."
China’s hackers outnumber FBI cyber staff ‘at least 50 to 1,’ Wray tells Congress (Record) FBI Director Christopher Wray asked lawmakers Thursday for additional money for fighting cyberthreats in next year’s budget, noting that the bureau faces a stark imbalance against China in particular.
Special legislative panel to probe Suffolk County cyberattack to meet Monday (Newsday) The Cyber Intrusion Investigation Committee will meet at 10:30 a.m. at the William H. Rogers Legislative Building in Hauppauge, according to a notice sent to the media.
Fed Reserve issues scathing report on Silicon Valley Bank collapse (Silicon Valley Busiess Journal) The Fed blamed SVB's management and board as well as its own supervisors and even Congress for the bank's collapse.
Feds Urge 15-Month Sentence for Ex-Uber CISO Joe Sullivan (Bank Info Security) Prosecutors are urging a U.S. federal judge to sentence former Uber CISO Joe Sullivan to 15 months in prison for his role in impeding an investigation into the
Wikipedia will not perform Online Safety Bill age checks (BBC News) It says age verification would contravene its commitment to collect minimal data from readers.
Brazil court lifts Telegram suspension for not complying with order on neo-Nazi groups (Reuters) Brazil's second instance appeals court lifted on Saturday the suspension of the encrypted messaging app Telegram, imposed earlier this week for its noncompliance in sharing information about extremist and neo-Nazi groups using the platform.
Brother of man who ran Helix cryptocurrency mixer jailed for stealing 712 bitcoin (Record) Gary Harmon has been sentenced to more than four years in prison for recreating his brother's offline cryptocurrency wallet and stealing digital coins while the original was in the possession of the FBI.
Ex-Methodist Staff Plead Guilty to Illegal PHI Exposure in HIPAA Violation Case (Health IT Security) Several ex-Methodist Hospital workers admitted to violating HIPAA regulations by unlawfully exposing PHI of motor vehicle accident victims to third parties, such as injury lawyers and chiropractors.
For a complete running list of events, please visit the Event Tracker.
Public Sector Ignite (Tysons, Virginia, USA, May 16, 2023) Public Sector Ignite 2023 will bring together leading cybersecurity experts and government luminaries from the U.S. Air Force, FEMA, the Department of Education, and more to explore what’s next in cybersecurity. This unique one-day experience will uncover both next-gen technology and real-world best practices. Public Sector Ignite is open to all cybersecurity professionals – from CIOs/CISOs to VPs of IT, network engineers/architects, SOC engineers, DevOps and cloud architects as well as IT directors/managers.
Future Compute (Cambridge, and virtual, Massachussetts, USA, Apr 30 - May 1, 2023) Embrace emerging technologies to compete with compute. Future Compute offers CTOs and IT Leadership the emerging technology and strategy insight required to outpace change and ensure their digital infrastructure aligns to and exceeds business goals.
TechNetCyber (Baltimore, Maryland, USA, May 2 - 4, 2023) The harnessing of the right cyber power is more important than ever in a domain deluged by persistent attacks and simultaneous sophisticated campaigns that threaten global political, economic and security interests. A flagship event, AFCEA’s TechNet Cyber serves as a center of gravity for a whole-of-government effort to bring together the policy, strategic architecture, operations and C2— along with the joint capabilities—needed to meet the global security challenges and successfully operate in a digital environment. Join us in Baltimore and be a part of the conversation led by U.S. Cyber Command, DISA, the DoD CIO, and numerous industry and academia partners to deliver solutions for this enduring, no-fail mission.
SecureWorld Kansas City (Kansas City, Kansas, USA, May 3, 2023) Join your regional cybersecurity community for high-quality, affordable training and collaboration. Earn 6-12 CPE credits through 15+ educational elements learning from local and nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with peers in InfoSec.
Friends Summit on the Water (Annapolis, Maryland, USA, May 4, 2023) Suits & Spooks / Safe House Global presents a Friends Summit on Intelligence and Future Threats at the Annapolis Maritime Museum. We'll feature 10 20-minute talks by our speakers and five 5-minute lightning rounds that our attendees may nominate and vote for. Topics to include ChatGPT as a force multiplier for offensive cyber operations, counter-drone technology, cognitive warfare from Russia and China, and more. Attendance is free for full-time government and military employees.
Third-Party and Supply Chain Cyber Security Summit (Barcelona, Spain, May 4 - 5, 2023) Learn the latest case studies on the end to end cyber security implementation practices when working with third parties to ensure a truly resilient and secure supply chain network at the Third Party & Supply Chain Cyber Security Summit. How much of your data security is really under your control? What is your risk management approach towards your suppliers? How to secure your network and protect your sensitive data? Led by the TOP Information Security professionals from leading companies the discussion will give you an opportunity to see the issue from the perspective of different industries & angles and identify the complex solution to be implemented.