Help us improve the quality, relevance and value of the CyberWire by taking a short survey (five minutes or less to complete). It's of course completely voluntary, anonymous and confidential. Click here to take our survey and look for your chance to win some official CyberWire swag when you're done.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
More MuddyWater. Russian fake news skates through YouTube. Back-and-forth on Huawei. United Technologies will acquire Raytheon.
Trend Micro reports a resurgence in Iran's MuddyWater espionage campaign.
Reuters notes that Russian-operated YouTube channels are freely spreading tabloidesque disinformation that successfully evades YouTube's content moderation.
Some backing and filling over Huawei blacklisting occurred late last week and over the weekend: France 24 reports that the GSM Association industry group estimates the cost of that ban to EU mobile carriers as reaching, perhaps, as much as €52 billion, with accompanying delays of 18 months in fielding 5G service. In the US, the Washington Post says tech companies, especially semiconductor manufacturers, have expressed concern over the ban's hit on exports.
And according to the Wall Street Journal, the acting director of the US Office of Management and Budget has urged that US companies be given more time to adjust to the effect such blacklisting might have on their business.
China's government is warning tech companies (specifically Microsoft, Dell, and Huawei) of the consequences of cooperating with Washington as opposed to Beijing in the Huawei Affair, the New York Times reports. Not all get the memo: WIRED points out that Facebook won't be offering its products preinstalled in new Huawei phones.
Raytheon has agreed to be acquired by United Technologies, the Washington Business Journal reports. The merged company will be the world's second-largest defense and aerospace integrator, behind only Boeing. Raytheon will bring significant cybersecurity capabilities to its new corporate parent, assuming they're retained once the acquisition settles.
A HackRead op-ed sends a hemi-demi-semi-mash note to government content moderation and censorship.
Today's issue includes events affecting Angola, Canada, China, Estonia, European Union, France, Gibraltar, India, Iran, Kenya, Republic of Korea, NATO/OTAN, Netherlands, Pakistan, Russia, Switzerland, Taiwan, United Kingdom, United States, and and Vietnam.
Bring your own context.
If it's a new threat, it must be after new vulnerabilities, right? Not necessarily.
"There's not a whole lot about this that is extremely zero-day groundbreaking or anything like that. You know, if you stay with the standard practices, you can avoid a lot of stuff like this. And this is a brand-new piece of malware. It's not something that's been around for ten years or anything like that. It's still looking for those weaknesses out there that a lot of servers are still operating with."
—Tom Hegel, security researcher with AT&T Alien Labs, talking about a new malware strain, Xwo, on the CyberWire's Research Saturday, 6.8.19.
You don't always need a novel defense to parry a novel attack.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses Apple’s newly announced secure sign-in service (and its announced focus on privacy).