We'd like to improve the quality, relevance and overall value of the CyberWire’s content, and so we’ve put together a short audience survey that should take five minutes or less to complete. This survey is (obviously, we needn't add, but will) completely voluntary, anonymous and confidential. Click here to take our survey and look for your chance to win some official CyberWire swag at the end.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
Frankenstein walks. "I'm in!" Baltimore ransomware update. Huawei offers no-spy agreement. US Data Strategy. Patch for BlueKeep.
Cisco's Talos group describes a threat campaign they're calling "Frankenstein," because the hoods behind it stitched their effort together from a bunch of disparate open-source tools. Active between January and April of this year, Frankenstein's operators gained entrance into their targets by phishing with Trojanized documents.
ZDNet says Hollywood's lying to us. In the movies, the hacker scowls, taps vigorously at the keyboard, and says "I'm in!" Bitdefender's look at the Carbanak gang reveals, instead, months of preparation before the crooks hit the bank.
CyberScoop reports that a second member of Congress, Maryland Senator Van Hollen, has joined his House colleague, Representative Ruppersberger, to announce that the Government is confident EternalBlue wasn't involved in the Baltimore ransomware attack.
Huawei's chairman Liang Hua accused the US of "acting inappropriately" toward his company, NPR reports, but then proffered dove with an olive branch: the same kind of no-spy deal Shenzhen has dangled before Germany and the UK. This dove seems unlikely to fly in Washington, given Huawei's reputation with respect to non-disclosure agreements and partners' IP.
The US Government has released its Data Strategy.
Don't believe Microsoft about the importance of patching legacy versions of Windows against the BlueKeep RDP vulnerability? Maybe you'll believe NSA's Central Security Service? They think you should patch, too.
Crescat noticia, vita non excolatur: University of Chicago Medicine has apparently left data of almost 1.7 million donors and prospective donors exposed online, Security Discovery says. The University secured the database and thanked the discoverer for the tip.
Today's issue includes events affecting Australia, Iran, and United States.
Bring your own context.
We like it, but is it art?
"Mr. Guo first achieved some éclat in the art world though a performance piece in 2017 in which he rode a Segway around Brooklyn while leading or being led by a hipster on a leash. We looked up images of the work, called "Hipster on a Leash," and we're sorry to report that, for one, the hipster hardly seems to qualify as a hipster because his shorts, sunglasses and short-sleeved shirt look a lot more like routine New York tourist apparel. So we're reluctantly calling BS on the whole hipster thing, which is dragsville if hipsters actually even exist."
The work that followed "Hipster on a Leash" is, of course, "The Persistence of Chaos," a steal a $1.3 million. You lookin' for chaos? We got some persisting right downtown in Baltimore, hon, but it's not for cheap.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
In today's podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses those secret tracking pixels the Navy Times found in an email from a Navy JAG. Tamika Smith speaks with Ariana Mirian from the University of California San Diego on their research into the Hacker for Hire market.