In the first issue of Creating Connections, Sylvia Acevedo, CEO of The Girl Scouts of the USA, gives us a prequel to her article, "The Cyberwar Needs More Women on the Front Lines." Creating Connections also features pieces written by our very own ladies of the CyberWire, podcast interviews, events for women, and additional reading. Check it out and subscribe here.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
IP losses at Intel, IP theft from Taiwan's chip industry. Russians, Iranians, invited to snitch to Uncle Sam. Coordinated inauthenticity. Homoglyph attacks.
Intel has suffered a breach that cost it twenty gigabytes of sensitive corporate intellectual property from “Intel exconfidential Lake.” CyberScoop says Intel is investigating, but that a corporate representative said, “We believe an individual with access downloaded and shared this data.”
At Black Hat yesterday, CyCraft researchers described a Chinese government threat group, Chimera, that's successfully targeted Taiwan's semiconductor industry. (Or "pillaged" the industry, as WIRED puts it: their goal was source code, chip designs, software development kits, and similar intellectual property.) CyCraft calls the action against chip manufacturers "Operation Skeleton Key" after its use of SkeletonKeyInjector, which implanted a skeleton key into domain controller servers for continuous lateral movement. Its ability to make direct syscalls enabled it to bypass security systems. Additionally, by making direct syscalls, the malware could bypass security systems dependent on API hooking. The operators' principal remote access Trojan was Cobalt Strike.
The US State Department reward being offered for information concerning attempts to hack US elections has been communicated in some surprising places. Reuters reports that text messages communicating the offer and a link to Rewards for Justice have been turning up in Iranian and Russian devices.
According to the Washington Post, Facebook has disabled a Romanian network that was sending inauthentic messages expressing implausible support for President Trump. The motivation is as likely to be financial fraud as it is influence.
Malwarebytes reports an ongoing series of homoglyph attacks, which substitute similar characters into familiar domain names. The activity appears linked to Magecart.
Today's issue includes events affecting Australia, Canada, China, Iran, Russia, Singapore, Taiwan, and the United States.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at the latest issue of Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
Leaders from the Navy, Government Accountability Office and Mandiant Security Validation took the virtual stage to discuss "Adopting a Proactive, Intelligence-Led Cyber Mission". Watch the on-demand webcast to join the discussion on how automated security validation, integrated with the latest threat intelligence and frontline expertise can validate the health of your infrastructure by testing against actual threats.