Baltimore: the latest from the Global Cyber Innovation Summit
The state of the market and a “perfect cyber storm.” (The CyberWire) Dave DeWalt explains the offense-defense seesaw in cyberspace, and why innovation breeds threats.
Cyberwar: lessons from the Estonian experience. (The CyberWire) Estonia's Ambassador-at-large for Cyber Security shares lessons in resilience and deterrence, and stresses that they require domestically a whole-of-nation approach, internationally an effective coalition of the like-minded, and that they start with cooperative attribution.
Why Baltimore, and why the US East Coast? (The CyberWire) Bringing Davos to Dundalk (or just up the harbor from Dundalk). Why the cybersecurity industry convened a summit in Baltimore.
Crisis stability in the fifth domain. (The CyberWire) What should the goal of cyber defense be? Maybe a big part of it is convincing the opposition that it will be harder to win than they think.
Cyber Attacks, Threats, and Vulnerabilities
Hamas cyber-attack thwarted by Israel security forces (The Jerusalem Post) In a joined operation of Shin Beit and the IDF a planned Hamas cyber-attack was thwarted over the weekend, Israeli media reported.
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree (WIRED) A group of likely Chinese hackers has poisoned the software of at least six companies in just the last three years.
SECURITY: Experts assess damage after first cyberattack on U.S. grid (E&E News) The U.S. power sector marked a sober milestone last week as an anonymous Western utility became the first to report a malicious "cyber event" disrupting grid operations. As details of the attack emerge, experts are divided about the long-term threat to electricity networks.
Analysis | The Cybersecurity 202: A cyberattack just disrupted grid operations in the U.S. But it could have been far worse. (Washington Post) It raised concerns about the potential for a far more powerful attack.
'Cyber Disruption' Affected Parts Of U.S. Energy Grid (NPR) NPR's Scott Simon asks journalist Blake Sobczak of E&E News about his reporting on a "cyber event" that impacted grid networks in California, Utah and Wyoming.
Warnings that 5G mobile tech could threaten 'entire societies' (ABC Radio) A major international cyber security conference, which drew together spies, diplomats and global cyber officials — but notably excluded China and Russia — has concluded that the functioning of entire societies could be put at risk from penetrations of the world's future 5G mobile phone network.
MegaCortex ransomware rears its head on May Day (Enterprise Innovation) Over the Labor Day (1 May) holiday last week, Sophos reported a sudden spike in volume on a new ransomware known as MegaCortex across several Asian countries.
New MegaCortex Ransomware Found Targeting Business Networks (BleepingComputer) A new ransomware has been discovered called MegaCortex that is targeting corporate networks and the workstations on them. Once a network is penetrated, the attackers infect the entire network by distributing the ransomware using Windows domain controllers.
“MegaCortex” ransomware wants to be The One (Sophos News) The sudden appearance of a new ransomware on a large number of enterprise networks was not the May Day gift anyone wanted
Developers at Microsoft's GitHub are being held to ransom (MSPoweruser) Microsoft’s opens source development platform was last night targeted by hackers, who are demanding payment before they’ll return the hundreds of code sources they stole. The hackers wiped 392 code repositories, downloading and storing the source codes on their own server. “What is known is that the hacker removes all source code and recent commits …
Attackers Wiping GitHub and GitLab Repos, Leave Ransom Notes (BleepingComputer) Attackers are targeting GitHub, GitLab, and Bitbucket users, wiping code and commits from multiple repositories according to reports and leaving behind only a ransom note and a lot of questions.
Scranos Rootkit Operation Turns Global; Enterprises to Improve Security Posture (Security Boulevard) Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.
This password-stealing malware just evolved a new tactic to remain hidden (ZDNet) Windows malware campaign re-emerges with new techniques for attempting to stay under the radar.
Charles River Labs says its biotech, pharma clients' data was hacked (Boston Business Journal) An unidentified group of hackers recently broke into Charles River Laboratories’ information system and copied some drug developers’ data, the company disclosed Tuesday.
Over 200 College Campus Stores Infected with Card Stealing Scripts (BleepingComputer) The checkout pages of hundreds of U.S. and Canadian online campus stores powered by the PrismWeb e-commerce platform were injected by a hacking group with a JavaScript-based payment card skimming script.
What is Phishing? Find Out with Gary Davis on the Latest Episode of Tech Nation (McAfee Blogs) Gary Davis is now a regular contributor on the Tech Nation podcast! In this episode, Gary Davis educates that phishing is more than just an
Kaspersky expert on the enemy in your pocket: large-scale SIM swap fraud (Intelligent CIO) With mobile phone payments now hugely popular, cybercriminals have been targeting the market in a wave of attacks. With SIM swap fraud nowadays conducted on a large scale, Fabio Assolini, Senior Security Researcher, Global Research and Analysis Team, Kaspersky Lab, tells Intelligent CIO how cybercriminals complete the fraud and the best ways to avoid being the next victim.
How ‘deepfake’ videos are manipulating people online (TODAY.com) The so-called “deepfakes,” or fake videos altered to look incredibly real, are surfacing online by people determined to spread fake news, influence elections and create tensions. NBC’s Tom Costello investigates the terrifying technology for the 3rd hour of TODAY.
Cybercrime organizations work just like any other business: Here's what they do each day (CNBC) Researchers from IBM and Google described how cybercriminal groups operate, and often mimic the behavior of companies, including the one you might work for.
New Extortion Email Scam Threatens to Release Your Sex Tape (BleepingComputer) Scammers are now sending extortion emails stating that they have a tape of you and them having intercourse and are threatening to release it if you do not send them a $1,500 in bitcoins.
Teenager hacks drone to prove cyber attack risk (Reuters) A 13-year-old boy successfully hacked a drone in a stunt aimed at showing how vulnerable web-connected devices are to attacks. Lauren Anthony reports.
ConnectWise outage takes down partners across Europe (CRN Australia) And there’s a hint of data loss too.
Middletown schools thwart malware attack (GreenwichTime) An end-of-year ransomware attack, which disabled access to critical business systems and applications for Middletown Public Schools , underscored the need to upgrade both perimeter and endpoint security recently.
Anwar's office hit by 'cyber attack' (Malaysiakini) He says relevant parties are being engaged to resolve the cyber intrusion.
Security Patches, Mitigations, and Software Updates
Fix for Tor Browser NoScript Addon Being Disabled (BleepingComputer) When Mozilla let their intermediate signing certificate expire, it not only affected addons in the normal Firefox browser, but also for ones bundled with Tor. This caused the NoScript and HTTPS-Everywhere addons to no longer work in the Tor browser.
Cyber Trends
What differentiates the strongest cybersecurity programs from the rest (Help Net Security) Just how much are financial institutions spending on cybersecurity? An average of about $2,300 per employee, Deloitte survey finds.
Marketplace
Facebook Bans Alex Jones, Other Extremists—but Not as Planned (WIRED) Alex Jones, Infowars, Laura Loomer and Milo Yiannopoulos are expelled from Facebook and Instagram, but the ban's rollout went awry.
Trump tweets support for far-right figures banned by Facebook (CNN) Facebook barred seven users from its services earlier this week, citing its policies against "dangerous individuals and organizations." Now President Donald Trump is siding with the people who were banned and railing against social media "censorship" -- all while using one of his favorite social sites.
Here’s How Facebook Should Really Handle Alex Jones (POLITICO Magazine) There are ways to limit extreme ideas on the platform while still protecting free speech.
Norsk Hydro urges caution as it counts cost of cyber attack (ComputerWeekly.com) Norwegian aluminium giant is urging partners to be cautious in the wake of a damaging ransomware attack in March as financial impact estimates come in above initial estimates
BlackBerry: Why Bears Avoid Cylance With 'Thin Air' Arguments (Seeking Alpha) BB’s 2019 fourth-quarter beat reignited false speculations of its loyal short sellers. The IP & Licensing division was under deep scrutiny as it grew by 71% YoY
CGI joins with Thales on Galileo security software (GPS World) CGI has signed an agreement with Thales Alenia Space France to enhance and maintain security software for the Galileo satellite navigation system.
Growing demand for cyberdefenders in Iowa, Nebraska (San Francisco Chronicle) The demand for cybersecurity experts has grown as crooks with computers hack their way into business, government and other networks. CyberSeek, a project funded by the U.S. Commerce Department, says nearly 4,600 people are working on cybersecurity in Nebraska and that there are openings for more than 2,000 workers.
U.S. Tech Needs Hard Lines on China (Foreign Policy) Researchers must stay aware of how easily AI work can be turned to repressive ends.
Facebook is trying to make the word “private” meaningless (The Outline) The company doesn't need to read your messages to keep collecting data about you.
Palantir and Doosan form partnership for data analysis (Equipment Journal) Doosan has partnered with Palantir, a Silicon Valley-based company that provides big data analysis platform to organizations in various fields
Exclusive: Zscaler snaps up 172K square feet in North San Jose (Silicon Valley Business Journal) The lease in a prime North San Jose office campus will more than double's Zscaler's San Jose footprint.
Products, Services, and Solutions
New infosec products of the week: May 3, 2019 (Help Net Security) New infosec products for the first week of May 2019 include releases from the following vendors: Anonos, BigID, Immuta, NS1 and Trustwave.
GrammaTech releases Binary Analysis and Rewriting Interface into Open Source (New Electronics) GrammaTech is making its Intermediate Representation for Binaries (GTIRB), a data structure representing binaries for analysis and rewriting, available as free and open source software.
Mimecast Aims To Thwart Cyber Attacks With Hearty E-Mail Monitoring (Investors Business Daily) Mimecast was founded on the belief...
.CLUB Launches Innovative Trademark Sentry Unlimited Name Blocking Brand Protection Service (Morningstar) .CLUB Launches Innovative Trademark Sentry Unlimited Name Blocking Brand Protection Service, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar
Technologies, Techniques, and Standards
Taking further steps to support electoral integrity in Europe (EU Policy Blog) As the European Parliament elections approach, protecting democratic processes from nation state-led cyberattacks and disinformation is on everyone’s mind.
Do We Need RFID-blocking Products? We Asked An Expert (Digital Trends) From smart wallets to smart clothing, RFID-blocking products are big business, but are you really at risk from identity theft or fraud via RFID skimming? And if you are, do these products really keep you safe? We investigated RFID-related crime and spoke to an expert to find out.
Design and Innovation
Japan is developing a "good" computer virus for the sake of security (2spyware) Japan has decided to create a computer virus which should improve the cybers space . The news that Japan is seeking to develop a 'good' computer
Facebook Is Finding Problems With Artificial Intelligence Too (WIRED) Facebook is using artificial intelligence to police offensive speech and other tasks. But the technology brings its own unintended consequences.
Xbox Community Standards | Xbox (Xbox.com) The gamertags, gamerpics, screenshots, game clips, and other posts you make on Xbox can be a great way to show off what’s meaningful to you. We encourage all players to be themselves and show off what they like, what makes them laugh, or what makes them amazing. But this sharing can’t come at the expense of other players’ positive experiences.
IBM’s Hyperledger isn’t a real blockchain — here’s why (Podium | The Next Web) It really isn't
Research and Development
How to hide from the AI surveillance state with a color printout (MIT Technology Review) AI-powered video technology is becoming ubiquitous, tracking our faces and bodies through stores, offices, and public spaces.
Legislation, Policy, and Regulation
New report explains how China thinks about information warfare (C4ISRNET) The Chinese military has established a Network Systems Department, which is responsible for information warfare.
It's too late for authoritarian regimes to construct Beijing-style firewalls, but that doesn't mean they're giving up control (The Telegraph) Vladimir Putin signed a law to create a “sovereign Internet” last week which the Kremlin hopes to use to isolate Russia from the rest of the web.
Israel Retaliates To A Cyber-Attack With Immediate Physical Action In A World First (Forbes) It could mark a change in modern cyber warfare tactics, given that it is the first time a cyber-attack has been met with immediate physical retaliation
In a first, Israel responds to Hamas hackers with an air-strike (ZDNet) Israel military said it bombed building housing Hamas cyber forces.
Baghdadi’s defiant message could cut both ways (Rudaw) The release of a video by the propaganda arm of the Islamic State (ISIS) group purportedly featuring its self-declared caliph has understandably fueled speculation over possible motives. A tacit acknowledgment of the group’s defeat in Syria in March by the man said to be Abu Bakr al-Baghdadi was offset, so to say, by his claim that the April 21 Easter bloodbath in Sri Lanka was “vengeance for their brothers in Baghouz”.
Cyber officials call for coordinated 5G security approach (Fifth Domain) The meeting comes amid a simmering global battle between the U.S. and China's Huawei, the world's biggest maker of network infrastructure equipment.
Prague Summit Calls For Tighter 5G Security Rules (Silicon UK) The summit does not single out Huawei, but calls for restrictions that take state influence into account
32 countries work to harmonize 5G security plans at Prague conference (VentureBeat) As 5G technology rolls out across the globe, Western and Asian governments are developing network security plans; China and Russia were not invited.
Prague 5G Security Conference (Government of the Czech Republic) An international expert conference on the security of 5G networks is going be held at the Ministry of Foreign Affairs in Prague on May 2 and 3, 2019 under the auspices of Prime Minister Andrej Babiš. Dozens of experts on 5G networks and cyber security from the EU, NATO states and other countries will attend the conference.
Huawei says 5G security is a technical, not a country issue (South China Morning Post) Representatives from around 30 western nations agreed to broad, non-binding Prague Proposals, which outline a coordinated approach to 5G security and policy measures
Who dares to use Huawei? (South China Morning Post) The US has threatened to rethink connectivity and information sharing with any nation using Huawei equipment in any part of their 5G infrastructure. Washington first declared the company a…
The Huawei incident points to a deeper lesson for Great Britain | Larry Elliott (the Guardian) Beyond the leaks and even the data security lies a message about our attitude toward manufacturing
Could Penny Mordaunt become Theresa May’s emotionally intelligent successor? (the Guardian) If she can make a splash as defence secretary, this ardent Brexiteer could become prime minister, says the Spectator’s deputy political editor
The Strategist Six: Mike Rogers (The Strategist) Welcome to ‘The Strategist Six’, a feature that provides a glimpse into the thinking of prominent academics, government officials, military officers, reporters and interesting individuals from around the world. 1. It appears that the United ...
Australia's cybersecurity chief Alastair MacGibbon resigns (ZDNet) MacGibbon's decision to resign at the "end of the electoral cycle" makes sense both organisationally and personally, especially given the potential for uncertainty ahead.
Trump says he talked to Putin about ‘Russian Hoax’ but not about ongoing election interference (Washington Post) After the one-hour call Friday covering North Korea, nuclear weapons and more, Trump contradicted his aides by saying Russia is “not looking at all to get involved in Venezuela.
Mike Pompeo vs. Chris Wallace: Why Doesn't Trump Bring Up Election Meddling With Vladimir Putin? (FOX News Sunday) "Fox News Sunday" host Chris Wallace grills Secretary of State Mike Pompeo about the president's statement that during an hour-long phone call Friday morning with Russian President Vladimir Putin, President Trump did not tell his Russian counterpart not to meddle in future U.S. elections...
New documents provide details on NSA relationship with Cyber Command (Fifth Domain) Documents obtained via FOIA provide some details on the degree to which NSA was involved with the expansion of Cyber Command's cyber force.
Heritage Argues to Retain Dual-Hat NSA/CyberCom Leadership (Meritalk) A new research piece from the Heritage Foundation argues in favor of retaining the current dual-hat command structure for the National Security Agency and U.S. Cyber Command, currently headed by Gen. Paul Nakasone.
Senators introduce bill to prevent border agency from selling personal data (TheHill) A group of senators on Friday will introduce a bipartisan bill aimed at preventing Customs and Border Protection (CBP) from selling citizens' personal data, in an effort to reduce identity theft and credit card fraud.
Is the DHS budget too stagnant for cyber growth? (Fifth Domain) The White House proposed cutting budgets for the Department of Homeland Security's Science and Technology Directorate and the Cybersecurity and Infrastructure Security Agency.
Public Private Partnerships And The Cybersecurity Challenge Of Protecting Critical Infrastructure (Forbes) Strong public/private partnerships are required in operating/protecting the U.S. critical infrastructure. Most defense, oil/gas, electric power grids, health care, utilities, communications, transportation, education, banking/finance is owned by the private sector yet regulated by the public sector.
Litigation, Investigation, and Law Enforcement
Sri Lanka expels 600 foreigners after Easter bombings (Deutsche Welle) Around 200 Islamic clerics were among the 600 foreigners expelled from Sri Lanka after deadly bombings on Easter Sunday. Extensive security measures have been taken as schools reopen. Tourism has effectively collapsed.
Israel's Iron Dome Headache (As In China Might Have Stolen the Specs On It) (The National Interest) Really?
Huawei leak not criminal offence, police say (BBC News) The Met says the Official Secrets Act was not breached, after Gavin Williamson was sacked over the leak.
Huawei leak scandal: Theresa May sacking of ex defense secretary backfires (MercoPress) British Prime Minister Theresa May hoped firing her defense secretary over a leak would put her latest government scandal to rest. But it seems only to have unleashed yet another political storm for the PM, with members of her own party questioning her judgment and opponents demanding the police be called in.
Why May put Huawei before security (The Conservative Woman) Why May put Huawei before security
Opinion: Governments are deploying spyware on killers, drug lords – and journalists (The Globe and Mail) Sophisticated digital spyware such as Pegasus can turn cellphones into secret agents to take aim at advocates, lawyers, scientists, and the media – and these programs know no borders
Israeli tech used to imprison journalists in Myanmar — report (Times of Israel) Company that breaches cellphones says it stopped service to country's military rulers, but not before two Reuters reporters jailed
International cops shutter two dark web sites, arrest three accused of running Wall Street Market - CyberScoop (CyberScoop) International law enforcement agencies have announced the shutdown of the Wall Street Market and the Valhalla Marketplace, two dark web marketplaces known for the sale of drugs, stolen data and other illicit materials.
Feds Bust Up Dark Web Hub Wall Street Market (KrebsOnSecurity) Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware.
Facebook Faces a Big Penalty, but Regulators Are Split Over How Big (New York Times) The F.T.C. chairman seems to have the votes to approve a settlement. One of the biggest issues has been whether to hold Mark Zuckerberg liable for future violations.
Brussels poised to probe Apple over Spotify’s fees complaint (Financial Times) EU to launch formal competition inquiry as music streaming battle escalates
The Hezbollah Sleeper Agent Busted for Black Ops in America (The Daily Beast) Ali Kourani allegedly helped a global terrorist network plot revenge against the U.S. from a home in the Bronx. He was undone after running a stop sign with 190 pairs of Uggs.
Alleged Ukrainian Malvertiser Extradited, Faces Hacking Charges (BleepingComputer) A 31-year old Ukrainian national named Oleksii Petrovich Ivanov who allegedly ran multiple malvertising campaigns between October 2013 through May 2018 was extradited to the U.S. from the Netherlands and is facing hacking charges.
Navy officer charged with secretly recording his shipmates (Navy Times) The junior officer is accused of recording several sailors from 2013 to 2017.