As a finalist for this year's Maryland Cybersecurity Industry Resource Award, we're also up for the People's Choice Award, and we'd appreciate your support. You can vote here through March 22 (you don't need to be in Maryland, or even in the US, to do so). Thanks to all who've voted for us so far.
Nation state competition in cyberspace: Cold War Two? Fileless malware infestation traced to common actor. Wishbone breached; teens hit hardest. Cloud-based keylogger.
An increasing operational tempo in international cyber conflict induces some observers to see the beginning of a new Cold War. Poland sees an uptick in attacks on that country's sites that have some connection with US-Polish combined operations. Nor are smaller countries immune: Luxembourg reports seeing more attacks by state-sponsored actors.
If this is indeed a new Cold War, cyber operations' low barriers to entry and the disparate national interests in play make Cold War Two much more multipolar than the original was. (See the US indictment of FSB officers in the Yahoo! hack, but see also recent Turkish operations against sites in the Netherlands and Germany.) One similarity a new Cold War seems to bear to the old one: much of the chill is manifest in propaganda (now called "information operations"). One difference may be the convergence of information operations with covert and clandestine work.
A Washington Post op-ed looks at WikiLeaks' Vault 7 and believes it discerns the root cause of the US Intelligence Community's security problems—too many contractors—but exactly how this amounts to a weakness in practice isn't really specified.
Turning to cyber crime, the popular quiz app Wishbone has sustained a breach. 2.2 million email addresses and 287 thousand mobile numbers, many if not most of them belonging to teenagers, have turned up for sale in dark web souks.
Morphisec believes it's traced recent infestations of flieless malware to a common threat actor.
Palo Alto researchers see NexusLogger, a cloud-based criminal keylogger, taking growing black marketshare.
Today's issue includes events affecting Brazil, Canada, China, Luxembourg, Poland, Russia, United Kingdom, and United States.
In today's podcast, we talk to Rick Howard, from our partners at Palo Alto Networks. He discusses a recent capture-the-flag event Palo Alto held with the University of Alabama at Birmingham. Our guest is Brian David Johnson on the threatcasting report from the Army Cyber Institute at West Point and Arizona State University: "A Widening Attack Plain.”
Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of artificial intelligence as it's applied to security. And see also Cylance's video interview with our Producer.