We're in Atlanta for SecurityWeek's 2018 ICS Cyber Security Conference, organized by SecurityWeek. We'll have updates on the proceedings throughout the week.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
Hacktivism for Davos-in-the-Desert. Brazil's election and WhatsApp. Kraken Cryptor upgraded. RCE flaws. ICS security.
The murder of Jamal Khashoggi in Saudi Arabia's Istanbul consulate continues to arouse international outrage. Turkey's President Erdogan addressed the death early today in an address to his Development and Justice Party, calling for Saudi Arabia to be more forthcoming about its role in the death and suggesting that any trial be held in Turkey. Hackers have defaced the Davos-in-the-Desert site with a picture showing both Khashoggi and, behind him, a sword-wielding Saudi Crown Prince Mohammed bin Salman. The site has been taken down; the attack looks like hacktivist work.
As Brazil's elections enter their final phase, WhatsApp messaging in that country is seeing a surge in politically-oriented questionable stories.
Bleeping Computer says it's receiving attention from the masters of the Kraken Cryptor Ransomware, who released version 2.0.6 of their tool over the weekend.
Zimperium reports finding remote-code-execution vulnerabilities in FreeRTOS, the open-source OS widely used in embedded systems. The bug's effects are seen across the IoT spectrum, from smart homes to critical infrastructure.
Cisco Talos has discovered remote-code-execution flaws in Live Networks LIVE555’s streaming media RTSPServer. Exploitation could trigger a stack-based buffer overflow.
US authorities continue to investigate a breach in Healthcare.gov that affects about seventy-five-thousand people. Hackers got in through the Federally Facilitated Exchanges (FFE).
Amazon and Supermicro have joined Apple in demanding that Bloomberg retract its story about Chinese supply-chain poisoning of motherboards with spy chips.
Russia's FSB intelligence service recommends that the Internet be brought under "proper governance." Few will receive this as unproblematic good-government advice.
Today's issue includes events affecting Brazil, China, France, Germany, Russia, Saudi Arabia, Turkey, United Kingdom, and United States.
Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.
In today's podcast we hear from our partners at Bristol University, as Awais Rashid from the University of Bristol shares thoughts on supply chain security. Our guest is IJay Palansky from Armstrong Teasdale, who reviews legal liability concerns arising from the Internet-of-things.
Our special edition podcast is out as well. The topic is "Making the business case for privacy." Our guest is Cisco’s Chief Privacy Officer Michelle Dennedy, who joins us to discuss what exactly a chief privacy officer does at a global organization like Cisco, why she thinks we’re in the early stages of a privacy revolution, why we all tend to shake our heads cynically when a company claims, “Your privacy is important to us” and how, maybe, respecting the privacy of your users and customers could be a competitive advantage.
And Recorded Future's podcast, produced in cooperation with the CyberWire, is also up. In this episode, Nicolas Cairns, director of Aegis 9 Security Intelligence, joins us to talk about his part in building Australia’s first intelligence collection system.