We're pleased to announce that our library of podcasts is now transcribed. More than one-thousand episodes of the Daily Podcast, Research Saturday, Hacking Humans, CyberWire-X, and Special Editions are now available as transcripts. Researchers, the hearing impaired, and even people who would rather read than listen, are invited to take a look.
There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.
Buhtrap, the threat group hitherto known for criminal raids on Russia's financial sector, has moved on to cyber espionage, targeting organizations in Eastern Europe and Central Asia. ESET says Buhtrap has recently been exploiting a local Windows privilege-escalation vulnerability, CVE-2019-1132, against its victims. BleepingComputer reads the move from theft to espionage (which may have been in progress for some time) as an instance of the interpenetration of criminal gangs and intelligence services in many parts of the world.
Lawfare takes a look at US cyber operations mounted as a response to Iranian attacks on shipping in the Gulf region and, of course, Iran's shootdown of a US Global Hawk drone. They conclude that perhaps three distinct cyberattacks took place, and that US Cyber Command has issued no statements on the matter, "content to wait out the news cycle without correcting the record." The operation displays the sort of strategic ambiguity that can be valuable in deterring an adversary.
Warnings about a recurrence of WannaCry continue to surface, as they do in this TechRepublic piece. The malware would affect unpatched systems, and unfortunately there are still a lot of unpatched systems out there.
US Intelligence Community officials briefed Congress on potential threats to the 2020 elections.
Among the effects of Baltimore's ransomware incident, the Baltimore Sun reports, will be very large water bills as the city slowly brings its billing systems back online. Residents are told they'll receive a bill covering "three or more months" (the smart money is on "more").
Today's issue includes events affecting Australia, Belgium, China, European Union, Democratic Peoples Republic of Korea, Netherlands, United Kingdom, and United States.
Bring your own context.
Regulatory risk surrounding data protection looms increasingly large in terms of risk management.
"There's a lot of additional regulations coming state by state, country by country. So organizations are going to need to figure out how they can quickly adopt these standards - many of these new regulations will be based on GDPR - but look at ways that they're different and look at ways that they can adopt them and really start to think about a privacy platform - more of a data governance platform - rather than single one-off technologies."
—Myke Lyons, CISO at Collibra, on the CyberWire Daily Podcast, 7.10.18.
Risk represents opportunity for those who can manage data governance effectively, affordably, and as simply as possible.
Security operations is held back by the compromises of existing security analytics solutions, and throwing more money and time at the problem isn’t helping. Instead, you are left dealing with an army of point tools, exponential data growth, lack of context... the list goes on.
It's time to take a new approach to security analytics - explore how Devo can help evolve your SOC in this report by ESG.
In today's podcast, out later this afternoon, we speak with our partners at CenturyLink, as Mike Benjamin talks us through some RDP scanning they’re tracking. Our guest is Martha Saunders, President of the University of West Florida, on how her institution is adapting to meet the workforce needs for cyber security professionals.