Join us as we step inside the diverse and fascinating worlds of cybersecurity professionals around the globe and hear their personal stories in their own words. We're pleased to announce Career Notes, each episode of which features a look into one professional's journey, where it began, what influenced its course, and where it's going today.
We recently launched Recorded Future Express — a free browser extension for security teams. Use Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now.
Twitter has identified a large number of state-run accounts pushing disinformation. The largest network was Chinese-controlled: 23,750 "core accounts" that were highly active in distributing Beijing's line to a Chinese-speaking audience, with special attention to Hong Kong. Many "amplifier accounts," about 150,000, repeated the core accounts' traffic. Despite the accounts' high level of activity, Twitter says they'd achieved little traction. Twitter also identified 1152 Russian accounts associated with the state-run media site Current Policy; these were engaged in distributing messages favoring the Russia United Party in an influence campaign directed at domestic audiences. Also interested in domestic influence were 7,340 accounts in Turkey whose line favored President Erdogan and the AK Party.
Zoom, having (as the Telegraph and others report) locked out account holders after they held online discussions commemorating the thirty-first anniversary of the Tiananmen Square massacre, is drawing criticism for aligning itself with Chinese policy. The Wall Street Journal notes that the activist group affected, San Francisco-based Humanitarian China, had its access quietly restored after the suspension was reported by Axios. Zoom has expressed its regrets and said it “will not allow requests from the Chinese government to impact anyone outside of mainland China” as it complies with Chinese law. But many critics remain unmollified, asking with Security Boulevard, "Is Zoom the next Huawei?"
Bloomberg Law reports that Honda is resuming production. But according to BleepingComputer another firm, European power company Enel Group, has disclosed that it's been hit by Snake (Ekans), the same ransomware that disrupted Honda.
Today's issue includes events affecting Canada, China, Ethiopia, and the United States.
Feedback Friday: DevSecOps
By Rick Howard, CSO, Chief Analyst, and Senior Fellow, The CyberWire
Where are you on your DevSecOps journey? (If you take our survey, feel free to choose all that apply.)
- What is DevSecOps?
- I can spell DevSecOps correctly 3 out of 5 times.
- The organization has a DevOps team but we don’t have a DevSecOps team. And we don’t talk to those people.
- We have a DevOps team and we are thinking about building a DevSecOps team.
- We have started a small pilot project of DevSecOps work.
- We are using SOAR tools (Security Orchestration, Automation and Response) in the SOC as DevSecOps project.
- Our organization has a fully formed DevSecOps team.
Take the CyberWire's Feedback Friday survey here.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at CynergisTek as Caleb Barlow talks about how hospital CISOs are dealing with the COVID-19 situation. Our guest is Ronald Eddings of Palo Alto Networks and the Hacker Valley Studio Podcast, discussing strategies for finding and managing security architects.