Baltimore: final observations from the Global Cyber Innovation Summit
A look at the threat landscape. (The CyberWire) Sometimes the gradual threats are the worst ones.
Risk management: responsibilities and perspectives (The CyberWire) One of the challenges boards face in managing risk is that they're required to make decisions in matters on which they themselves lack deep expertise, which renders education, drill, and well-presented and relevant metrics all the more important.
Cyber Attacks, Threats, and Vulnerabilities
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies (Advanced Intel) "Fxmsp" is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to access private corporate and government information.
Hackers breached 3 US antivirus companies, researchers reveal (Ars Technica) Source code, network access being sold online by "Fxmsp" collective.
Task Force Update: Russian Interference Continues Post-Election (Ukraine Elects) Just days following the April 21 second round of the pivotal presidential election in Ukraine, Russian President Vladimir Putin offered expedited passports and citizenship to Ukrainians in the Russian-occupied territories of Donetsk and Luhansk. He subsequently extended the offer to Ukrainians who m
North Korean Hackers Use ELECTRICFISH Malware to Steal Data (BleepingComputer) The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims.
MAR-10135536-21 – North Korean Tunneling Tool: ELECTRICFISH (US-CERT) This Malware Analysis Report (MAR) is the result of analytic efforts between DHS and the Federal Bureau of Investigation (FBI). Working with U.S. Government partners, DHS and FBI identified a malware variant used by the North Korean government. This malware has been identified as ELECTRICFISH. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
HIDDEN COBRA - North Korean Malicious Cyber Activity (CISA) The information contained on this page is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) to provide technical details on the tools and infrastructure used by cyber actors of the North Korean government. The intent of sharing this information is to enable network defenders to identify and reduce
This ransomware sneakily infects victims by disguising itself with anti-virus software (ZDNet) This file-locking malware family has evolved a new tactic which abuses trust to create new ransomware victims.
A Pony Hidden in Your Secret Garden (Security Boulevard) Pony is the most widespread type of malware, representing around 39% of the active credential theft malware around the world according to BlueLiv’s report on Credential Theft Malware. Since its first appearance in...
New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials (Proofpoint) Proofpoint researchers detail the latest iteration of KPOT Stealer
FIN7 Attackers Still in the Water (Decipher) The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers and law enforcement.
CSS tracking trick can monitor your mouse without JavaScript (Naked Security) A security researcher has demonstrated a new way to track mouse movements even if users block JavaScript.
Ongoing Credit Card Data Leak (360 Netlab Blog) Our DNSMon flagged an abnormal domain name magento-analytics[.]com, been used to inject malicious JS script to various online shopping sites to steal the credit card owner/card number/expiration time/ CVV information.
Cyber Trends
Securing satellites: The new space race (Help Net Security) Security can no longer be an afterthought. Like IoT devices, a standard or guidelines need to be established for securing satellites.
Garry Kasparov on Geopolitical Cybersecurity Coming Home (Security Boulevard) The need for greater oversight and accountability in our rapidly expanding digital world has acquired a relatively new angle thanks to globalization and geopolitics.
Fastest Growing Companies Keep Pace Managing Cyber Risk, but Blind Spots Remain According to NormShield Cyber Risk Scorecard Research (NormShield Cyber Risk Scorecard) Small Business Week Survey Finds 50% of Top Growing Businesses Expose Users to Risk of Phishing Attacks
Healthcare IT pros now confident in their cyber attack response ability (Help Net Security) Almost two years since the NHS ransomware attack, healthcare IT professionals feel more confident in their cyberattack response ability.
24% of health IT experts would refuse to pay ransom (Beckers Hospital Review) As healthcare information technology professionals become more confident in their ability to respond to a cyberattack, 24 percent remain steadfast in the decision to not pay a ransom, according to an Infoblox survey.
Phishing, device insecurity biggest vulnerabilities for healthcare organizations (Healthcare Dive) Sending data to the wrong recipient is the most common security threat within the industry, according to Verizon.
Whose (usage) data is it, anyway? (Help Net Security) Around the world, business customers now demand business-to-business (B2B) SaaS companies safeguard their usage data. More importantly, they want to know
Marketplace
LockerGoga cyber attack was a wake-up call: Johansmeyer, PCS (ReinsuranceNe.ws) The LockerGoga ransomware attack was a wake-up call for the insurance and reinsurance industry and underlines the complex, emerging, and fast-moving
Navy awards big-ticket cyber space support contracts (Washington Technology) The Navy makes awards for a set of major contracts north of $500 million each to support operations in cyber space.
CACI Wins $415 Million Contract to Develop and Deploy Intelligence Systems for U.S. Army (BusinessWire) CACI International Inc (NYSE: CACI) announced today it has been awarded a $415 million prime contract to design and deploy new technologies for the U.
SAIC Wins Potential $106M IDIQ for DIA Document, Media Mgmt Support (GovCon Wire) Science Applications International Corp. (NYSE: SAIC) has won a potential 10-year, $106M contract to
Perspecta to Support Army Cyber-EW Missions Under $982M IDIQ; Mac Curtis Quoted (GovCon Wire) Perspecta (NYSE: PRSP) has secured a position on a 10-year, $982M contract to help the U.S. Army bui
Evident Raises $20 Million for Secure, AI-Powered Identity Verification (Yahoo) The financing will enable Evident to broaden its existing, robust technical infrastructure including deepening its investment in AI and machine learning, computer vision, and facial recognition technologies. Evident will also expand its team to meet the explosive demand for identity verification
Sectigo Acquires Icon Labs, Delivering Industry-First End-to-End IoT Security Platform (BusinessWire) Sectigo has acquired Icon Labs, a provider of cross-platform security solutions for embedded OEMs and Internet of Things (IoT) device manufacturers.
ManTech Launches Cyber Innovation Center to Serve U.S. Department of Defense Cyber Mission (West) Orlando Open House Showcases New Facility That Will Advance Cyber Training Capabilities for America’s Cyber Warriors
Symantec stock plummets as CEO steps down amid earnings miss (MarketWatch) Symantec Corp. shares were slammed in after-hours trading Thursday, after the company reported an earnings miss and disappointing guidance and Chief...
Symantec CEO Greg Clark Resigns, Ex-Novellus CEO Tapped As Interim Leader (CRN) Symantec President, CEO and board member Greg Clark has stepped down from all roles effective immediately following an internal accounting probe, activist investor unrest and enterprise sales struggles.
Symantec CEO resignation sends stock down sharply (Silicon Valley Business Journal) In the three years since Greg Clark took the helm, Symantec stock has only risen by about 8 percent. The S&P 500 index is up by about 32 percent in that same time.
MacKeeper Accelerates Its Ambitious Transformation With an All-new, International Senior Team (Yahoo) Kromtech, developer of MacKeeper, security, optimization, and protection software for Macs and technical support service provider -- with 1.4 million active users -- officially announces a new strategy and direction, powered by its new international senior team: CEO
WEBGAP Appoints Senior VP Of Engineering (PR Newswire) Remote browser isolation startup WEBGAP today announced the appointment of Jie Song as their Senior VP (of...
Products, Services, and Solutions
Hysolate Launches Cybersecurity Isolation Platform 2.0 with Extended Scalability (Hysolate) Hysolate 2.0 Helps Enterprises Speed and Improve Protection for Hundreds of Thousands of Endpoints
ExpressVPN Launches an Industry-First TrustedServer Technology (PRWeb) ExpressVPN, a top-ranked VPN provider, today announced their industry-first TrustedServer technology, which completely re-imagines server admi
Swimlane Integrates with Recorded Future for Intelligence-Driven Incident Response (Yahoo) Swimlane, a leader in security orchestration, automation and response (SOAR), today announced a new partnership with Recorded Future—a leading threat intelligence company—to empower security teams with the information they need to collaborate on analysis, helping customers quickly and efficiently identify
Enosys Solutions Joins CrowdStrike’s Elevate Partner Program (AiThority) CrowdStrike Inc., a leader in cloud-delivered endpoint protection, announced Enosys has joined CrowdStrike’s Elevate Partner Program
Technologies, Techniques, and Standards
Education first defense vs. cyber fraud, security expert says (News-Graphic.com ) A national security expert touts education and awareness as the best defense against cyber fraud attacks.
Academia
Study to use cryptography to boost pupils' language skills (Gainesville Sun) Cryptography, or concealing secret messages with codes, has been used for thousands of years. UF researchers hope to use the practice to pique kids'
Legislation, Policy, and Regulation
Venezuela: Fears for Juan Guaidó as deputy seized (Times) The Venezuelan regime has begun a purge of suspected defectors and opposition politicians after last week’s failed uprising against President Maduro. Intelligence agents used a tow truck to drag...
We must learn what to do if the lights go out (Times) Late last month, as troops at Fort Bragg, the United States’ largest military base, were conducting a deployment exercise, the power went out. For hours, the 50,000-odd soldiers and officers at the...
Inside China's Massive Surveillance Operation (WIRED) In Xinjiang, northwest China, the government is cracking down on the minority Muslim Uyghur population, keeping them under constant surveillance and throwing more than a million people into concentration camps. But in Istanbul, 3,000 miles away, a community of women who have escaped a life of repression are fighting a digital resistance.
Wary of China, Macron urges Europe to set tech regulation standards (Reuters) Europe should set global standards for tougher regulation of digital technology,...
Vietnam Doesn’t Trust Huawei An Inch (Foreign Policy) China's closest ideological neighbor wants its own 5G network.
Huawei case puts strain on Canada-China business confidence (South China Morning Post) Survey finds Canadian companies hardest hit but Chinese firms operating in Canada also report negative impact since arrest of Huawei executive Sabrina Meng Wanzhou.
Trump is losing the fight to ban Huawei from global networks (Stamford Advocate) President Donald Trump's worldwide campaign to blackball Huawei Technologies is looking like a failure.
France Steps Up Global Tech Scrutiny With Social-Media Policing (Wall Street Journal) France plans to give regulators sweeping power to audit and fine large social-media companies like Facebook if they don’t adequately remove hateful content—ratcheting up global oversight of Silicon Valley.
Facebook chief to meet Macron as regulatory pressure mounts (France 24) Facebook chief to meet Macron as regulatory pressure mounts
Opinion | It’s Time to Break Up Facebook (New York Times) Mark Zuckerberg is a good guy. But the company I helped him build is a threat to our economy and democracy.
Facebook’s co-founder: ‘It’s time to break up Facebook’ (Washington Post) Chris Hughes, a co-founder of Facebook, is calling for the breakup of the social media juggernaut, citing the threat of the platform’s unchecked power and that of founder Mark Zuckerberg.
'Fake News Victims' Meet With Twitter and Facebook (WIRED) They've experienced firsthand how dangerous online disinformation and harassment can be. And they say tech executives aren't doing enough to stop it.
The Mueller Report Shows Politicians Must Unite to Fight Election Interference (Foreign Affairs) It's time to put partisanship aside.
Apocalypse now? Cyber threats and nuclear weapons systems (European Leadership Network) Cyber threats for national nuclear weapons systems are still below the radar yet they constitute a growing and real risk that needs to be addressed.
Trump picks former Boeing executive Patrick Shanahan for defense secretary (Washington Post) Shanahan would take the position permanently at a time when the military is preparing for intensified competition with China and Russia.
Cyberspace Solarium Commission Gets to Work (MeriTalk) Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., announced the formal launch of the Cyberspace Solarium Commission (CSC) on May 8. The two lawmakers will lead the 14-person Commission.
Sen King, Rep Gallagher to chair bipartisan commission to defend US in cyberspace (TheHill) Sen. Angus King (I-Maine) and Rep.
Litigation, Investigation, and Law Enforcement
When countries use ‘security’ to restrict trade (The Financial Express) Although the WTO has expressed its right to adjudicate security exceptions invoked by members under Article XXI of GATT, it remains to be seen whether WTO members, particularly major powers, accept this point of view.
Ex-intelligence analyst charged with leaks to reporter (Federal News Network) A former government intelligence analyst has been charged with leaking classified documents about military campaigns against terrorist group al-Qaeda to a reporter…
Former NSA analyst charged in leak of classified documents to reporter (CyberScoop) A former National Security Agency analyst has been charged and arrested for illegally obtaining classified national defense information, including files on drone warfare, and disclosing it to a reporter.
DOJ Charges Another Leaker for Allegedly Spilling Secrets (The Daily Beast) Feds reach back to 2013 and charge intelligence contractor for allegedly turning over information about the U.S. fight against Al Qaeda.
Chinese National Indicted on Hacking Charges Related to Anthem Breach (Wall Street Journal) A Chinese national and an unnamed co-defendant were indicted on hacking charges related to a campaign to breach large U.S. businesses, including the 2015 theft of data from insurer Anthem.
Chinese nationals charged for Anthem hack, 'one of the worst data breaches in history' (POLITICO) Prosecutors said the hackers waited patiently for months at a time before stealing data.
United States of America, Plaintiff, v. Fujie Wang a/k/a "Dennis Wang," John Doe, a/k/a "Deniel Jack," a/k/a "Kim Young," a/k/a "Zhou Zhihong," Defendants (US Department of Justice) The Grand Jury charges that...
Chelsea Manning is released from jail (BBC News) But the ex-US intelligence analyst may be held again over her refusal to testify in a Wikileaks probe.
Manning ordered to appear before new U.S. grand jury as she is... (Reuters) Former U.S. Army intelligence analyst Chelsea Manning, who was being detained fo...
FCC blocks China Mobile from operating in U.S. over national security concerns (Axios) The move represents a significant escalation in the slow-building conflict between the U.S. and China over telecom trade.
Feds Dismantled the Dark-Web Drug Trade—but It's Already Rebuilding (WIRED) After recent high-profile dark-web drug market takedowns, new vendors are already filling the void.
Metal keys beat smart locks in NYC legal battle (Naked Security) A group of tenants in New York City have prevailed in a lawsuit against their landlord’s use of smart locks.
