The CyberWire Daily Briefing, 2.25.20

Dateline

RSA Conference 2020 Kicks Off in San Francisco (Yahoo) RSA® Conference, the world’s leading information security conferences and expositions, opens its annual event today in San Francisco. Taking place Monday, February 24 through Friday, February 28 at the Moscone Center, RSA Conference 2020 brings together the world’s top cybersecurity professionals and

#RSAC Innovation Sandbox Crowns Latest and Greatest New Vendors (Infosecurity Magazine) The annual winner of the Most Innovative Startup is named

Hottest new cybersecurity products at RSA Conference 2020 (CSO Online) The annual RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out.

Netwrix survey: 91% of organizations are sure their sensitive data is stored securely (Netwrix) Data storage had the highest incident rate and the slowest detection time of all the data lifecycle stages.

NSS Labs Announces Not-For-Profit (NSS Labs, Inc.) Independent organization will take up the mantle to advocate for consumers’ security needs. AUSTIN, Texas – February 25, 2020 – NSS Labs, Inc., the global leader in independent cybersecurity product testing, today announced it is creating a not-for-profit organization focused on improving the state of cybersecurity for the benefit of public safety. Its mission will …

AT&T, Raytheon, Armis Join Open Cybersecurity Alliance (SDXCentral) AT&T and several other companies joined the Open Cybersecurity Alliance, which, less than five months after IBM and McAfee launched the group, now has nearly 30 members. The group also today made available OpenDXL Ontology, which it says is the first open source language for connecting security tools.

CompTIA Focuses on the Human Element in Cybersecurity at RSA (AiThority) CompTIA, the leading trade association for the global IT industry, will stress the critical importance of the human element

Keyfactor Announces IoT Security Integrations Supporting Crypto-Agility at Scale (PRWeb) Keyfactor, the leader in securing digital identities, today announced at the RSA Conference its partnership and technology integration with S

F5 Empowers Customers with End-to-End App Security (Yahoo) F5 (NASDAQ: FFIV) today introduced its customer-focused approach to Application Protection, bolstered by new offerings and the company’s recent acquisition of Shape Security. Informed by customer use cases, prominent industry attack practices, and threat intelligence from F5 Labs, F5’s extensive portfolio

Bringing the best of Google Cloud security to the enterprise (Google Cloud Blog) New capabilities in Chronicle and Demisto offer security wherever your system runs.

FireMon Delivers New Microsoft Azure and Amazon Web Services Integrations to Improve Public Cloud Visibility, Control and Security Management (BusinessWire) FireMon today announced new integrations with Microsoft Azure and Amazon Web Services (AWS).

NEW RESEARCH: Nearly 60% of Security Professionals Believe Cloud Deployments Surpass Security Capabilities According to FireMon’s 2020 State of Hybrid Cloud Security (BusinessWire) FireMon today released its 2020 State of Hybrid Cloud Security Report, the annual benchmark of the cloud security landscape.

Rapid7 and Snyk Announce Strategic Partnership to Deliver End-to-end Application Security to DevOps-driven Organizations (PR Newswire) Rapid7 (NASDAQ: RPD), a leading provider of security analytics and automation, and developer-first company, Snyk, today...

Revolutionary Mellanox ConnectX-6 Dx SmartNICs and BlueField-2 I/O Processing Units Transform Cloud and Data Center Security (BusinessWire) RSA Conference 2020 – Mellanox Technologies, Ltd. (NASDAQ: MLNX), a leading supplier of high-performance, end-to-end smart interconnect solutions for

Digital Defense, Inc. Names Bob Layton as Chief Revenue Officer (Digital Defense) Layton Available for Channel and Client Meetings at RSA

1touch.io Launches Advanced Data Discovery and Classification Platform at RSA Conference (PR Web) Inventa Gives Companies Control Over Customer Data Usage, Enabling True Security and Compliance

CyberArk Releases First-of-Its-Kind Privilege Deception Capabilities (Yahoo) CyberArk released industry first privilege-based deception capabilities designed to defend against credential theft on workstations and servers.

Clearswift and GoAnywhere demonstrate award-winning file transfer technology at RSA - Security Boulevard (Security Boulevard) The RSA Conference (RSAC) has long been regarded as one of the information security industry’s biggest and most high-profile gatherings and this year’s event in San Francisco’s Moscone Center from 24 to 28 February 2020, promises to be no different.

Elastic Debuts Integrated Security Offering at RSA 2020 (Yahoo) Elastic N.V. (NYSE: ESTC) ("Elastic"), the company behind Elasticsearch and the Elastic Stack, today announced it will showcase its integrated threat prevention, collection, detection, and response solution at the 2020 RSA conference in San Francisco, February 24-28, 2020.

Securonix Enables Use Case Testing at Full SOC Scale with New Analytics Sandbox Capability (Dark Reading) Securonix Unveils Capability to Improve SOC Efficiency and Make SIEM Tuning Better and Faster at Spark 2020 Conference and RSAC 2020

Juniper queues up security in Mist and across encrypted traffic (FierceTelecom) Juniper Networks has boosted its threat detection capabilities across its Mist platform for wireless users and ATP Cloud and SRX Series firewalls.

Menlo Security Announces the World’s First Data Loss Prevention (DLP) Solution Powered by an Isolation Core™ (BusinessWire) Menlo Security, a leader in cloud security, today announced the world’s first Data Loss Prevention (DLP) solution powered by an Isolation Core. The so

Cyber Attacks, Threats, and Vulnerabilities

‘Cloud Snooper’ Attack Bypasses Firewall Security Measures (Sophos) In the course of investigating a malware infection of cloud infrastructure servers hosted in the Amazon Web Services (AWS) cloud, SophosLabs discovered a sophisticated attack that employed a unique combination of techniques to evade detection and that permits the malware to communicate freely with its command and control (C2) servers through a firewall that should, under normal circumstances, prevent precisely that kind of communication from reaching the infected server.

Australia spy chief warns of "unprecedented" foreign espionage threat (Reuters) Australia is under an "unprecedented" threat of foreign espionage and ...

Mexico's economy ministry hit by cyber attack (Register) Mexico's economy ministry detected a cyber attack on some of its servers on...

Report Warns of Tech Threats From ‘Other’ Chinese Companies (Nextgov.com) “The one area that China has been keen to exploit is at the state level because state governments largely are not aware of the threat it poses to them,” Sen. Marco Rubio said at the report’s release.

FBI official: Russia wants to see US ‘tear ourselves apart’ (Washington Post) An FBI official is warning that Russia wants to watch Americans “tear ourselves apart” through disruptive and brazen foreign influence operations

WSJ News Exclusive | Facebook Investigated Suspicious Pro-Sanders Content (Wall Street Journal) The social-media giant recently probed activity supporting Sen. Bernie Sanders, people familiar with the matter said. The company was unable to substantiate claims that Trump supporters or Russian actors were involved.

Bernie Sanders Was Warned Russia Is Trying to Boost His Presidential Campaign (Wall Street Journal) U.S. officials have informed Sen. Bernie Sanders that Russia is actively trying to support his campaign for the Democratic nomination as part of Moscow’s broader efforts to interfere in the 2020 election, according to two people familiar with the matter.

Peter Cochrane: Fake news, ignorance, and technology wars (Computing) State-backed cyber warfare is intended to sow confusion and disillusion people across the democratic world, writes Professor Peter Cochrane

Election Security a 2020 Myth? (Security Boulevard) Election Security may be as elusive as the Holy Grail, as states and local jurisdications do their best to secure elections across the nation

Post-intrusion ransomware threat to increase (SME Advisor) Secureworks’ Counter Threat Unit research team identify profitability as main contributor to growth

Racoon Malware Steals Your Data From Nearly 60 Apps (BleepingComputer) An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer.

PayPal accounts abused en-masse for unauthorized payments (ZDNet) All signs point to an attack exploiting PayPal's Google Pay integration.

Google Docs Forms Abused by Phishers to Harvest Microsoft Credentials (The State of Security) Security researchers detected several phishing campaigns that leveraged a Google Docs Form to target users' Microsoft credentials.

Google is indexing invite links to private WhatsApp groups (Computing) WhatsApp's private links aren't so private any more

iPhone And iPad Users Beware: ‘Malicious’ Apps Can Secretly ‘Steal’ What You Copy And Paste (Forbes) A new report warns that the iOS copy/paste function has this risky "exploit" built-in.

Magecart Group 12 named as actor behind Olympic ticket POS attack | SC Media (SC Media) The ticket reselling sites olympictickets2020.com and eurotickets2020.com reportedly have been compromised with Magecart POS skimming malware.

Samsung cops to data breach after unsolicited '1/1' Find my Mobile push notification (Register) Tight-lipped chaebol still won't talk about the dodgy app, though

Cyberattack on NRC Health sparks privacy concerns about private patient records stored by US hospitals (CNBC) NRC Health confirmed in a statement to CNBC that it shut down its "entire environment," including client-facing reporting portals, to contain a cyberattack that raised concerns about private patient records.

Vulnerability Summary for the Week of February 17, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Security Patches, Mitigations, and Software Updates

Firefox to enable DNS-over-HTTPS by default to US users (TechCrunch) Mozilla will bring its new DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks, the browser maker has confirmed. It follows a year-long effort to test the new security feature, which aims to make browsing the web more secure and private. Whenever you visi…

Cyber Trends

Global Cloud Tipping Point: the 2020 Thales Data Threat Report-global Edition Shows Organizations Struggle With Security Post Digital Transformation (BusinessWire) According to the 2020 Thales Data Threat Report – Global Edition with research and analysis by IDC, organizations reached a global cloud tipping point

2020 State of Hybrid Cloud Security Infographic | Network Firewall Security (FireMon) State of Hybrid Cloud Security. Gain key insights on how the lack of automation & visibility, and network security complexity are impacting digital transformation initiatives.

IT Complexity, Insider Threats, and an Abundance of Privileged Users Plague Public Sector Cyber Readiness (SolarWinds) Survey points to lack of cyber confidence and organizational maturity across public sector

Report: Cyber criminals are increasingly turning to ransomware as a secondary source of income (AME Info) FireEye, Inc., the intelligence-led security company, this week released the FireEye® Mandiant® M-Trends® 2020 report. The report shares statistics and insights gleaned from FireEye Mandiant investigations around the globe in 2019.

M-Trends Cyber Security Trends (FireEye) The annual report was compiled by mandiant consultants at FireEye based on hundreds of incident response investigations in many industry sectors. It offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks.

The good, the bad, and the scary from Experian's data breach report (TechRepublic) Many security teams don't update response plans on a regular basis but complying with GDPR is getting easier.

Hacking as a Career Soars in Popularity According to HackerOne’s 2020 Hacker Report (Yahoo) HackerOne, the 1 hacker-powered pentest & bug bounty platform, today announced findings from the 2020 Hacker Report, which reveals that the concept of hacking as a viable career has become a reality, with 18% describing themselves as full-time hackers, searching for vulnerabilities and making the internet

Kenyans most prepared about cybercrime (East African Business Week) 53% of Africans surveyed think that trusting emails from people they know is good enough; 28% have fallen for a phishing email and 50% have had a malware infection; 64% don’t know what ransomware is and yet believe they can easily identify a security threat; 52% don’t know what multi-factor authentication is.

Cyber warfare may be imminent, but defender power is on the rise - (Enterprise Times) 2020 started off ominously with geopolitical tension between the US and Iran. This set in motion, again, the prospect that Iran would respond to this tension with a series of cyber strikes. Iran has developed destructive malware over the years and now has the capacity to destroy the integrity of data and systems. It also …

Marketplace

McAfee to Acquire Light Point Security to Extend MVISION Unified Cloud Edge (UCE) Capabilities for Secure Access Service Edge (SASE) (BusinessWire) McAfee, the device-to-cloud cybersecurity company, today announced it has entered into a definitive agreement to acquire Light Point Security, LLC, an

South Baltimore's ZeroFox Raises $74 Million, Plans to Grow to 500 Employees (South Baltimore) South Baltimore’s ZeroFox, a social media and public platform cybersecurity company that was founded in 2013, announced on Friday it had raised $74 million in a financing round led by Intel Capital. ZeroFox will use the funding to expand globally and double its workforce.

Etisalat Completes Acquisition of Cyber Security Specialist Firm Help AG (Albawaba) Etisalat announced that it has completed the acquisition of Help AG, a privately held regional company specialising in the delivery of cyber security solutions and services.

Palo Alto Networks turns $560M Demisto buy into new XSOAR security platform (SiliconANGLE) Palo Alto Networks Inc. is making its presence felt at the RSA Conference in San Francisco today with the introduction of Cortex XSOAR, a new security automation platform that builds on its $560 million acquisition of Demisto Inc. last year.

Palo Alto Networks Aims To Derail Fortinet Stock In Hot SD-WAN Market (Investor's Business Daily) Whether Palo Alto Networks (PANW) will be able to slow down Fortinet and its lead in the emerging software-defined wide area networks — or SD-WAN — market is a key question for both cybersecurity stocks, says one analyst.

HackerOne’s bug bounties skyrocketed to $40 million in 2019 (VentureBeat) Bug bounty platform HackerOne paid out $40 million in bounties in 2019, roughly doubling the total for all previous years combined.

HackerOne Punished Researchers Who Disclosed PayPal Bugs (The Mac Observer) The HackerOne bug bounty platform punished researchers when they disclosed six vulnerabilities they found in PayPal.

PayPal rejects report that exposed critical account takeover vulnerabilities (HackRead) In a shocking decision, PayPal has rejected vulnerabilities reported by researchers as part of the payment giant’s bug bounty program.

Talent in high demand for cyber companies (Maryland Daily Record) When Amazon held a job fair in November, the compensation packages for cleared software developers were so high that one Maryland executive said it will be a big issue in a field that’s already highly competitive.

Radware Joins Microsoft Intelligent Security Association (Radware) Radware Contributes to Organization Focused on Reducing Complexity of Integrating Disparate Security Tools

Cybersecurity Marketer of the Year Winners Announced (Yahoo) A sell-out crowd of over 300 leaders in the global Cybersecurity marketing community gathered to recognize and honor their best before the opening of the 2020 RSA Conference in San Francisco. Taking home the honors as 2020 Cybersecurity Marketers of the Year were Megan Berry, Senior Director of Demand

Products, Services, and Solutions

wolfSSL Announces the New and Improved OpenSSL Compatibility Layer Share Article (PR Web) wolfSSL, a leading provider of TLS, cryptography and the world’s first commercial TLS 1.3 release, announces the availability of our New and Improved OpenSSL Compatibility Layer.

Sonatype Streamlines Deployment for Millions of Developers Using Kubernetes, Adds Native Helm Support to Nexus Repository (Globe Newswire) Sonatype, the company that scales DevOps through open source governance and software supply chain automation, now includes native support for Helm in its Nexus Repository (NXRM). Additional support for developers using Helm Chart Repositories, and by extension Kubernetes, is part of the company’s commitment to strengthening container-based development and ensuring NXRM always enables users to universally manage software libraries and build artifacts.

Secure IoT Linux Platform FoundriesFactory Sees Adoption from Startups to Enterprise (Yahoo) Foundries.io, a leading open OS platform provider for lifetime deployment of secure IoT and Edge devices, today announced the adoption of its flagship product, FoundriesFactory, by a number of customers ranging from large global enterprises to emerging startups. FoundriesFactory is a secure, customizable

With new release, CrowdStrike targets Google Cloud, Azure and container adopters (SiliconANGLE) After bringing its flagship Falcon endpoint protection platform to Amazon Web Services last year, CrowdStrike Inc. is adding better support for Microsoft Corp.’s Azure and Google Cloud to court enterprises with heterogeneous cloud environments.

Palo Alto Networks Introduces Cortex XSOAR, Redefines Security Orchestration and Automation with Integrated Threat Intel Management (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today introduced Cortex™ XSOAR, an extended security orchestration,...

AWS beefs up its Security Hub with more partner integrations (ARN) Amazon Web Services has added seven external partner integrations, including solutions from FireEye and Forcepoint, to its Security Hub offering.

Bishop Fox Introduces First-of-its-Kind Continuous Attack Surface Testing Managed Security Service (Yahoo) Bishop Fox, the largest private professional services firm focused on offensive security testing, today announced the launch of its Continuous Attack Surface Testing (CAST) managed security service. CAST is a game-changing subscription service that combines a next-generation attack platform with expert-driven

Clevernet Launches Simultaneous Multi-Path Platform to Accelerate WANs Up to 25X (Globe Newswire) AI-Based Software Platform Makes Internet Better by Boosting Speed, Reliability and Security of Data in Motion

Technologies, Techniques, and Standards

The top-ten tenets of software quality assurance, part one: the contract review (Computing) Each week, QA specialist Mark Wilson will spell out his top-ten tenets for Quality Assurance - the fundamental things you need to do to build better IT systems

EU commission is stepping up its privacy game (Decrypt) The European Commission is boosting its cybersecurity by telling staff to replace WhatsApp with private messaging app Signal.

Design and Innovation

Securing the 5G world (C4ISRNET) As software-centric, virtualized networks change the communications landscape, delivering on the promise of 5G will require diligence and comprehensive security testing.

The Pentagon now has 5 principles for artificial intelligence (C4ISRNET) The five principles governing the ethical use of artificial intelligence by the Department of Defense will apply to the combat and non-combat uses of AI-enabled technologies.

Research and Development

Pentagon Briefs Industry On 5G Experiments (Breaking Defense) Four bases around the country will pioneer military use of the new high-speed communications network technology.

Academia

How the Energy Department wants to boost cybersecurity education (Fifth Domain) An official outlined where the Department of Energy sees opportunities to boost the cybersecurity workforce in both the private and public sector.

UMD program teaches cybersecurity law to non-lawyers (Maryland Daily Record) With cybersecurity scandals becoming increasingly prevalent -- the 2017 Equifax data breach is just one example -- the University of Maryland Francis King Carey School of Law is providing non-lawyers with the legal knowledge they need to prevent and handle any future fiascos.

Legislation, Policy and Regulation

After WhatsApp spyware allegations, Indian journalists demand government transparency (Committee to Protect Journalists) In the summer of 2019, Saroj Giri was preparing a lecture on the panopticon—an 18th century system to surveil an entire prison from a single viewpoint—when a message lit up his phone. It was from WhatsApp, warning Giri that someone had tried to hack the popular messaging app to...

House panel to debate bill that would prevent NSA from reviving dormant surveillance program (Washington Post) The legislation does not go far enough to strengthen protections for targets of intelligence wiretaps, privacy advocates say

Bill Would Require an Anti-Government Critic in More Surveillance Cases (New York Times) A draft bill to reauthorize expiring counterintelligence powers would make several broader changes, after a damning inspector general report about a wiretap in the Trump-Russia inquiry.

The Cybersecurity 202: The Justice Department is giving up on an encryption truce with Big Tech (Washington Post) The Justice Department has essentially given up hope that tech companies will voluntarily build into their products a special way for law enforcement to access encrypted communications to help track terrorists and criminals, a top official says.

Litigation, Investigation, and Enforcement

Assange fight draws in Trump's new intel chief (POLITICO) Lawyers for the WikiLeaks founder plan to use newly obtained recordings and screenshots to argue that Assange's prosecution is political in nature.

The Dodgy Framework and the Middlemen: how NSO Sold its First Pegasus License (CTECH) A legal dispute regarding brokerage fees sheds light on the way the malware was first sold to a foreign country. American businessman Elliott Broidy, currently under investigation by the U.S. Department of Justice for possible violations of lobbying laws, was originally tapped as one of the architects of the deal despite admitting to illegal gifts worth $1 million shortly before

Another GTTF detective writes from prison, claims evidence on his iPhone would show his police work was solid (Baltimore Sun) A former Baltimore Police detective incarcerated for his work with the corrupt Gun Trace Task Force has claimed in a letter to state officials that there is evidence on an iPhone, confiscated from him by federal authorities, that his past police work was legitimate and not part of the corrupt scheme to rob residents and steal from the city for which he was convicted.

Bring your own context.

Coming soon: CyberWire Pro.