Our 6th Annual Women in Cybersecurity Reception takes place October 24 at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC. The Women in Cybersecurity Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested in one of those, too.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
ECB's BIRD hacked. Evasive cryptominer. Intimations of trouble at Capital One. Instagram vs. fake news. Electric Fish exposed.
The European Central Bank closed down one of its websites yesterday after sustaining an unspecified cyberattack on the Banks' Integrated Reporting System (BIRD). Reuters reports that ECB says no "market-sensitive data" were compromised, but that email addresses, names, and titles of BIRD newsletter subscribers may have been taken.
The Norman cryptominer, tracked by Varonis, shows some unusual evasiveness. Its DLL arrives with the Agile obfuscator. The malware also injects an obfuscated miner into an appropriate application along its execution path, and it stops mining Monero when the infected user opens Task Manager.
The Wall Street Journal reports that employees at Capital One expressed concern over what they saw as high turnover among the bank's cybersecurity unit. There are reports that a third of the cybersecurity staff left in 2018. The unit was responsible for threat hunting, firewall configuration, and similar security tasks. Even given the turnover, Capital One points out that total cybersecurity headcount actually increased over that period. Nonetheless, insiders complained of a poor organizational climate, lax security oversight, and slow deployment of security tools.
Instagram is introducing a feature that will permit users to flag information they believe to be false. Reuters has an account of the tool, which appears to be an interim gesture in the direction of controlling fake news.
US Cyber Command has posted Electric Fish malware from North Korea's APT38 threat group to VirusTotal. FireEye has reported that APT38 is heavily involved in state-directed financial crime. Its activities overlap those of the Lazarus Group.
Today's issue includes events affecting Canada, China, European Union, India, Democratic Peoples Republic of Korea, Malaysia, United Kingdom, and United States.
Bring your own context.
It's worth considering cyber insurance as part of a risk management strategy.
"Honestly, I think there's a lot of value in looking at cybersecurity insurance for some organizations. And, in fact, there could reasonably be more value than maybe buying that next hundred-thousand-dollar tool that's going to protect your network. And you need to take the time to understand the risk and the benefit. For example, insurance might protect you from a breach that occurred, and you aren't that exposed to a breach, so you don't need to buy that new network monitoring tool. You don't need to buy that solution that is expensive and you have to bring on cybersecurity resources where, because you're not so exposed or not in an industry that has a lot of interest to attackers, an insurance policy could be the better solution for you."
—David Dufour, vice president of engineering and cybersecurity at Webroot, on the CyberWire Daily Podcast, 8.14.19.
There are three things you can do with risk: accept it, mitigate it, or transfer it. Insurance transfers risk.
In today's podcast, out later this afternoon, we hear from our partners at the SANS Technology Institute, as Johannes Ullrich, dean of research and proprietor of the SANS StormCast Podcast, talks through IP fragmentation in operating systems. Our guest, John Smith from ExtraHop, discusses the aftermath of an insurance claim.