The CyberWire was at the Johns Hopkins University yesterday, attending the Cybersecurity Conference for Executives. The conference, organized by the Johns Hopkins Whiting School of Engineering and Ankura, concentrated on regulatory frameworks and trends, and sometimes surprising impact of national, international, and state regulations on businesses of all sizes. You may not think you're interested in GDPR (or for that matter HIPAA, or CCPA), but as several experts explained, they're interested in you. We'll have a longer report available later.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
Indonesian election. Malware in Pakistan. RAT hunt. Breaching clouds. 0-day exploits. Operation Sheep. DGAs vs. points-of-sale.
Indonesian authorities say, according to Reuters, that voting will go on as planned, that the government can handle any disruptions, and that, while there have been "probes" from a range of foreign IP addresses (including Russia and China, but not limited to these two) domestic finagling is probably more prevalent than any foreign influence attempts.
Trustwave warns of compromised Pakistani government sites serving keyloggers.
A significant number of attacks against corporate data are traceable to remote-access Trojans (RATs), many of which represent commodity malware traded in the criminal underground. Recorded Future today published an overview of RAT activity.
Proofpoint outlines how threat actors breach cloud accounts.
Kaspersky reports that a zero-day Microsoft patched this week, CVE 2019-0797, is being actively exploited by two espionage APTs, SandCat and FruityArmor. SandCat also uses CHAINSHOT malware and FinFisher/FinSpy.
Researchers at Check Point describe "Operation Sheep," in which Chinese IT and services firm Hangzhou Shunwang Technology is apparently scraping data (contact lists, geolocation, and QQ messenger login information) from Android phones via some twelve Android apps infected through a data analytics software development kit. The applications are available through third-party stores and seem mostly to affect users in China. Check Point thinks the app developers and the stores have been unaware of the data collection campaign.
Flashpoint researchers note an unusual point-of-sale campaign that's targeted mainly small and medium-sized businesses: DMSniff creates command-and-control domains using a domain generation algorithm. This makes the malware more resistant to domain takedowns by police or tech service providers.
Today's issue includes events affecting Algeria, Argentina, Australia, Bolivia, Chile, China, Colombia, Ecuador, India, Indonesia, Iran, Japan, Republic of Korea, Mexico, Pakistan, Russia, Saudi Arabia, Singapore, Sweden, Switzerland, Thailand, Turkey, United Kingdom, United States, Venezuela, and and Yemen.
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
In today's podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee shares some thoughts on the Venezuelan power outages. Our guest, Jeremy Tillman from Ghostery, discusses the California Consumer Privacy Act.
And Hacking Humans is up. In this week's episode, "When we rush to make bad decisions," Joe tracks the surprising number of malicious links hosted on legit websites and why it's dangerous. Dave describes an extortion scheme targeting podcasters. Our catch of the day involves a lonely Russian woman promoting a dating site. Dave interviews Gary Noesner, author of Stalling for Time: My Life as an FBI Hostage Negotiator.