The CyberWire will continue to publish during the COVID-19 emergency
The CyberWire intends to keep publishing on schedule during the coronavirus emergency. Stay healthy and, as always, please stay in touch.
Time changes everything –so does the cloud. Yet, even as the cloud unlocks potential it opens the door to threats. McAfee designs security natively in the cloud, for the cloud. To protect the latest, like containers. To empower your change-makers, like developers. And to enable business accelerators, like your teams. Cloud security that accelerates business, it’s about time. Visit McAfee.com/time.
The CyberWire intends to keep publishing on schedule during the coronavirus emergency. Stay healthy and, as always, please stay in touch.
Exabeam's Chris Tillett, one of the cybersecurity industry's early COVID-19 sufferers, seems to be on the road to recovery, Good Morning Wilton reports. We congratulate him, and hope his prognosis stays positive.
We'll run periodic cybersecurity community news as it relates to the pandemic in this space for the duration of the emergency.
APT41, the hacking group generally thought to work on behalf of the Chinese government’s intelligence services while it moonlights with financially motivated cybercrime on the side, renewed activity this month after a February lull that corresponded to China’s Lunar New Year holidays. In what FireEye calls "a global intrusion campaign using multiple exploits," the group is targeting vulnerabilities in Cisco routers, Citrix NetScaler/ADC, and Zoho ManageEngine Desktop Central products.
CYFIRMA researchers report that the commodification of attack tools has enabled less capable intelligence services in developing nations to conduct effective cyber operations. And established cyber powers aren’t above using the commodity tools, either. CYFIRMA sees evidence of collaboration between the big operators and both clients and allies-of-convenience.
The Wall Street Journal, noting the patience of both intelligence services and the larger criminal gangs, points out that the “fallout” from coronavirus can be expected to affect cybersecurity for weeks or months after the pandemic abates. Some bad actors won’t wait, and Business World reports that the Philippines’ Department of Information and Communications Technology sees a heightened risk of attacks on hospitals and other healthcare facilities.
In an attempt to inhibit the flow of misinformation about COVID-19, Facebook Messenger may soon limit its users’ ability to mass-forward messages, Naked Security reports.
Here’s something a bit different. In what CyberScoop calls “a rare enforcement action,” Russia’s FSB has arrested twenty-five individuals on charges of running the BuyBest (a.k.a. GoldenShop) carding and PII dark web souk. The FSB has also shuttered BuyBest’s online operations.
Today's issue includes events affecting Australia, Brazil, Canada, Chile, China, Denmark, Finland, France, India, Israel, Italy, Japan, Mexico, Malaysia, NATO/OTAN, Peru, Philippines, Poland, Qatar, Russia, Saudi Arabia, Singapore, Sweden, Switzerland, United Arab Emirates, United Kingdom, United States, and Vietnam.
Bad actors have been using third-party file hosting. What's up with that?
"Realistically, what we're seeing is that many of us have learned to trust these third-party central services. So for instance, as you and I are talking here today, I had to include a third-party JavaScript library in my browser that's hosted on one of these well-known public cloud services.
"My computer now trusts it. And when we're looking at links in our browsers, we're looking at files we download, we've learned over time that some of those big names in the industry are trustworthy. In fact, quite frankly, they have amazing security teams. They do a really good job at removing things. But all the better for now the actors to put files there for a very short time period, deliver it to a small number of people and abuse that trust.
"And so the simple act of looking in a browser URL bar to see that, hey, that's a major brand I know, and that really is their domain is something that we've taught people. Now we've allowed actors to put their own malicious files on those very domains. And so it's not just an act to make sure the domain is trustworthy. But even just making sure that the person who sent it is really who it should be, making sure it's something you actually expected."
—Mike Benjamin, head of Black Lotus Labs at CenturyLink, on the CyberWire Daily Podcast, 3.23.20.
It doesn't have to last forever. Just long enough to make it worth their while.
Take a look at CyberWire Pro, our new subscription program designed for security professionals and all others who want to stay abreast of cybersecurity news. CyberWire Pro is a premium service that will save you time and keep you informed.
LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.
Sure, you're probably teleworking. But whether you're telecommuting or doing the usual morning drive, there's no need to miss a good podcast.
Like, for example, today's CyberWire Daily Podcast, out later this afternoon. We speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan talks about stimulus check scams. Our guest is Rachael Stockton from LogMeIn (LastPass), discussing the future of business network access security.
Or here's another one: Caveat is up. In this episode, "Can smart surveillance keep us safe?" Ben and Dave discuss the policy and privacy issues surrounding the global coronavirus pandemic, the Listener on the Line has a question about ZTE bribery and later in the show our interview with Nancy Kim. She is the ProFlowers Distinguished Professor of Internet Studies and Professor of Law at California Western School of Law, and author of several books including Consentability - Consent and Its Limits. Be sure to stick around for that.
VPN Usage Soars as Coronavirus Spreads (VPNpro) The popularity of VPNs has increased up to four times. In the wake of coronavirus pandemic, VPN industry offers solutions for both B2C and B2B clients.
COVID-19 Pushes Supply Chain to the Breaking Point (Heficed) The COVID-19 pandemic forced significant hardware manufacturers to close up shop, which interrupted the server supply chain and severely complicated operation scaling for tech companies.
3 Cybersecurity Bets to Ride Coronavirus-Led Work-From-Home Wave (Yahoo) Opt for these three cybersecurity stocks that are well-poised to benefit from security-risk management related to work-from-home routine amid the prevalent coronavirus crisis.
Romanian cybersecurity leader Bidefender offers enterprise grade security for all healthcare organizations worldwide (Business Review) Romanian cybersecurity leader Bidefender announced recently that they will offer enterprise-grade security solutions free of charge to all healthcare Romanian cybersecurity leader Bidefender announced that they will offer enterprise-grade security solutions free of charge to all healthcare organizations worldwide.
Dataguise Offers Fast, Simple and Now Free Way to Protect Privacy as Healthcare Organizations Collect Personal Information to Combat Coronavirus (Yahoo) Dataguise, the leader in Personal Data Provisioning™, today announced that it will offer its technology platform for automating data privacy and protection free of charge for 90 days to any organization that wants to protect individual privacy while improving the availability of data for research and
ImmuniWeb Enables Secure Digital Transformation for Coronavirus-Affected Business (Immuniweb) The Covid-19 salvage plan includes provision of ImmuniWeb solutions totaling $500,000 for eligible entities and an extended version of free Community Edition for everyone.
HighSide Launches Free CyberSecurity Relief Initiative for Companies Rapidly Transitioning to Remote Work (PR Newswire) High-integrity security and collaboration leader HighSide, is committed to helping organizations make a secure transition to remote work as a...
COVID-19 Sensemaking (OODA Loop) This page will serve as a dynamic resource for OODA Network members looking for Coronavirus/COVID-19 information to drive their decision-making process. If you would like to recommend a resource, please email us at info@ooda.com OODA Loop
Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign (CyberScoop) The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector.
APT41 Exploited Cisco, Citrix and Zoho Bugs in Wide-Ranging Campaign (Infosecurity Magazine) APT41 Exploited Cisco, Citrix and Zoho Bugs in Wide-Ranging Campaign. FireEye research highlights agility of Chinese threat group
This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits (FireEye) Chinese actor APT41 carried out one of the broadest campaigns by a Chinese cyber espionage actor that we have observed in recent years.
Developing nations get in on cyber-espionage using commodity malware (SC Magazine) The limited experience of developing nations in cyber-attacks force them to leverage commodity malware to advance their agendas
Russia’s FSB wanted its own IoT botnet (Naked Security) If you thought the Mirai botnet was bad, what about a version under the control of Russia’s military that it could point like an electronic cannon at people it didn’t like?
Security pros help HHS fix a website flaw that exposed visitors to malware (CyberScoop) As if the Department of Health and Human Services didn’t have enough to deal with during the coronavirus pandemic, hackers were trying to redirect people from a department website to a malicious domain designed to steal their data.
DICT issues cyber-attack advisory, warns hospitals being targetedThink long-term for your financial security (Business World) The Department of Information and Communications Technology (DICT) warned Tuesday of potential cyber-attacks against hospitals and health care facilities.
Hackers Are Taking Over Twitter Accounts to Advertise Face Masks (Vice) Accounts pushed hundreds of tweets advertising a sketchy mask website on Tuesday.
On Google Search, Scammy Unemployment Ads Are Targeting Some of the Most Vulnerable People (Gizmodo) Pandemics don’t just stress test the physical and mental health for potentially millions of folks across the country, but their livelihoods as well. Close to one-fifth of Americans have reported either being laid off or having their hours slashed in the wake of the covid-19 outbreak, with the newly jobless in every state from Colorado to Utah, to Iowa flooding their respective unemployment offices with no sign of stopping anytime soon.
Coronavirus Cybersecurity Fallout Might Not Be Felt for Weeks or Longer (Wall Street Journal) As millions of U.S. workers pivoted to remote work last week, putting new strains on their computer networks, federal officials warned that hackers smelled blood. But the fallout from coronavirus-related breaches may not become clear for some time.
Google Bans Coronavirus Infection Trackers... But Not Before They Get 400,000 Downloads (Forbes) Google is culling its Play store of unofficial coronavirus apps, but they’d already scored at least 400,000 downloads.
Android Coronavirus Ransomware Comes Bundled with Decryption Code (Sonicwall Security News) With the sudden spike in CoronaVirus related threats it is no surprise that recent ransomware uses the same name. SonicWall Capture Labs Threats Research team observed an Android ransomware that uses scare tactics to make a quick buck.
Obstacles avoided: Windows Defender scan found to be skipping files (Sc Magazine) Concerns have been raised over recent warnings from Windows Defender that scans are not completing as expected
Google's security measures failed to find Android malware in Play Store (Engadget) Google may have introduced a number of security measures to prevent malicious apps from appearing in the Play Store, but they're not watertight. New analysis from Check Point shows that earlier this year, malware was lurking within 56 apps that had been downloaded almost one million times worldwide – its objective, to commit mobile ad fraud.
Google Play Protect failed to catch 56 malicious apps committing mobile ad fraud (MobileSyrup) The 56 apps were downloaded almost one million times worldwide and included utility apps like cooking guides and calculators as well as kids' games.
Report: Cloud Storage Data Breach Exposes Users’ Private Information (vpnMentor) Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team recently found a serious breach in an open Amazon S3 bucket owned by
Fortinet Security Researcher Discovers Multiple Critical Vulnerabilities in Adobe Photoshop (Fortinet Blog) Learn more about the security patches for multiple critical zero-day vulnerabilities in Adobe Photoshop CC 2020 that were recently released by Adobe.…
Schneider Electric IGSS SCADA Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: IGSS (Interactive Graphical SCADA System) Vulnerabilities: Path Traversal, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized access to sensitive data and functions.
VISAM Automation Base (VBASE) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: VISAM Equipment: VBASE Vulnerabilities: Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, Stack-based Buffer Overflow 2.
Ransomware Attack ‘Will Make Us Better,’ NHS Security Head Says (Wall Street Journal) Britain’s National Health Service was one of the first and most severely affected victims of the WannaCry ransomware, which effectively shut down several hospitals across the United Kingdom two weeks ago.
Coronavirus work-at-home puts unprecedented pressure on DOD networks, raising worries about cyber attack (Military & Aerospace Electronics) Increased telework provides a larger cyber attack surface for adversaries, though, Secret and Top Secret information is not available in telework.
Faith-Based ISAO Raises Cyber Threat Level to ‘ELEVATED’ (Homeland Security Today) The increase of threats from coronavirus-based cyber attacks and scams were expected and are akin to spikes in seasonal scams, such as those waged during holiday and tax filing seasons, etc.
U.S. Presidential Campaign Lacks Security (The Media Trust) Candidate Websites Filled with Unmanaged Third-Party Code
Remote working risks: 6 security-threats facing companies during this difficult transition (Techerati) Andrew Tsonchev, director of technology at Darktrace, outlines 6 serious cyber threats security teams need to be prepared during the COVID-19 outbreak.
Apple updates Safari’s anti-tracking tech with full third-party cookie blocking (The Verge) Safari’s Intelligent Tracking Prevention is even better now
VMware Again Fails to Patch Privilege Escalation Vulnerability in Fusion (SecurityWeek) VMware has made a second attempt at fixing a privilege escalation vulnerability in Fusion for Mac, but this patch is incomplete as well
Internet Security Report - Q4 2019 (WatchGuard Technologies) The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Their smart, practical security advice contained in the Internet Security Report will enable you to better protect your organization in the ever-changing threat landscape.
New KnowBe4 Benchmarking Report Finds 37.9% of Untrained End Users Will Fail a Phishing Test (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has released a new...
Report: Phishing by Industry Benchmarking Report (KnowBe4) New research from KnowBe4 highlights Phish-prone™ percentages by industry, revealing users that are more susceptible to phishing attacks.
Critical Infrastructure Cyberattacks a Greater Concern than Enterprise Data Breaches for Three in Four IT Security Professionals (PR Newswire) Claroty, the global leader in industrial cybersecurity, today released research into the state of industrial cybersecurity worldwide, which...
New Research Illuminates Global Perspective on Industrial Cybersecurity (Claroty) CISOs tasked with safeguarding industrial networks, understanding IT security professionals’ attitudes, perceptions, and concerns regarding OT
New Cyber Hygiene Report Uncovers a Patching Dilemma in America (BusinessWire) New research released today from Automox, the cloud-native cyber hygiene platform provider, in partnership with AimPoint Group has uncovered that less
Cyber Hygiene Report Uncovers Patching Dilemma in America (Automox) 2020 Cyber Hygiene Report uncovers a patching dilemma in the US: less than half of organizations can patch fast enough to defend against zero-day attacks.
Global E-Commerce in 2020: Redefining the Retail Experience as Shopping Patterns Change (TransUnion) The 2020 e-commerce report also offers insights into preventing fraud and meeting consumer expectations, as mobile commerce continues to scale on a global level. The four top fraud trends that retailers are facing in 2020How to deliver a mobile commerce experience that is both seamless and…
TransUnion Research Quantifies How Social Distancing is Changing Shopping Patterns (TransUnion) As more consumers turn online for purchases, TransUnion survey also finds 22% of Americans say they have been targeted by digital fraud related to Covid-19
It’s time for firms' cybersecurity credentials to take centre stage (Security Brief) Over the past decade, corporate responsibility initiatives have made their way on to the websites of nearly every company in the Fortune 500.
Cyber security startup Horangi snags US$20m led by Provident Growth (Business Times) CYBER security startup Horangi has raised US$20 million in a Series B round led by Provident Growth, a South-east Asia-focused private equity firm that has backed ride-hailing firm Gojek and travel e-commerce firm Traveloka. Read more at The Business Times.
Microsoft, PayPal Invest in Anti-Fraud Startup Arkose Labs (SecurityWeek) San Francisco, Calif-based Arkose Labs has raised $22 million in a Series B funding round led by the Microsoft venture fund, M12.
KBR Fortifies Cybersecurity of U.S. Air Force Weapons Systems (Yahoo) KBR (NYSE: KBR) announced today that it has been awarded a $26.8 million task order to provide additional cybersecurity engineering support to the U.S. Air Force Life Cycle Management Center (AFLCMC) Engineering Directorate Cyber Systems Engineering Division.
Chicago Startups That Are Hiring Right Now (Chicago Inno) An updated list of tech companies adding jobs in the city
Fort Ross Ventures Closes Oversubscribed Second Fund (Yahoo) Fort Ross Ventures, a venture-capital firm focused on startups in the U.S., Israel, and Eastern.
Mastercard, Thales act to dominate the digital ID space in Australia (Paypers) Mastercard and Thales have announced they are each taking steps to become more prominent digital ID players in Australia.
John Doyon Named EVP at National Security Nonprofit (ExecutiveBiz) John Doyon, a former officer of the National Counterterrorism Center, has joined the Intelligence and National Security Alliance to serve as executive vice president.
Coalfire Security Pros Named To HITRUST Assessor Council #48869 (New Kerala) Business World: Coalfire Security Pros Named To HITRUST Assessor Council - WESTMINSTER, Colo: Coalfire, a provider of cybersecurity advisory and assessment services, announced today that two of its healthcare security specialists, Zach Shales and Arthur Staff, were appointed to the Health Information Trust Alliance HITRUST CSF Assessor Council.
RangeForce Offers Special Browser-Based, Hands-on Simulated Cybersecurity Learning as a Service to Any College (Globe Newswire) Special pricing delivers immediate, affordable and high-quality cybersecurity training to students pivoting to an online learning model
ZenKey: How Major Mobile Carriers Are Teaming Up to Eliminate Passwords (SecurityWeek) Four major U.S. carriers have developer a new single sign-on called ZenKey they believe will do away with the need for passwords.
IT Resilience Everywhere; Zerto 8.0 Expands Data Protection and Recovery Capabilities Across On-Premises and Cloud (Zerto) Zerto Announces Partnership with Google Cloud and Deeper Integration with Azure, AWS and VMware
Sixgill joins the ThreatConnect Developer Partner Program (BusinessWire) Sixgill, a leading threat intelligence company, is pleased to announce its acceptance into the ThreatConnect Developer Partner Program. Cyber intellig
Darktrace’s co-CEO on trusting AI to fight cyberattacks on our behalf (Growth Quarters | The Next Web) Darktrace had to take customers on a journey to help them trust algorithms in the fight against cyber attacks, the company's co-CEO tells Growth Quarters.
Think Tank partners with Fortinet to fill the cybersecurity skill gap (Intelligent CIO Africa) Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, has announced its first Fortinet Network Security Academy (FNSA) in South Africa, with Think Tank, a private higher learning organisation providing Information Technology solutions, training, recruitment and professional services.
East-West Traffic Visibility (Bricata) Getting comprehensive visibility into internal east-west traffic isn't as complicated or burdensome as you think. Read more in our blog.
Smartphone location data could be used to track social distancing (The Telegraph) This morning, millions of Britons woke up to an unprecedented text message from the Government.
How facial recognition could be used by supermarkets to ration food (The Telegraph) Three years ago, Beijing installed camera-equipped machines in the Temple of Heaven lavatories to dispense exactly 28-inches of toilet roll per person.
Telecoms are sneaking ‘stay home’ messages onto customers’ smartphones (The Verge) A sneaky but smart way to encourage social distancing
Digital bullying and exclusion: How to keep our kids emotionally safe while they're home (Verizon) Parents: Plant the seeds of a movement that replaces cyber-bullying with cyber-compassion.
COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale (CSO Online) A zero-trust model addresses many of the security concerns around supporting large numbers of remote workers, and new vendor free trials make fast deployment possible.
Opinion | The Right Way to Fight Fake News (New York Times) Social media platforms need to make sure their anti-misinformation strategies are empirically grounded.
Facebook Messenger may ban mass-forwarding of messages (Naked Security) Facebook has done this before: it did it with WhatsApp, following an outbreak of lynchings sparked by viral social media hoaxes.
The Coronavirus Revives Facebook as a News Powerhouse (New York Times) More than half of all news consumption on Facebook in America is about the virus, according to an internal report.
COVID-19 Announcement (Instagram) During this time of COVID-19, also known as the coronavirus, read our announcement on how Instagram is keeping people informed, safe and supported. Learn...
YouTube to Limit Video Quality Around the World for a Month (Bloomberg) Videos will default to standard definition worldwide. YouTube, Netflix already reduced video quality in Europe.
Oxford University campaigns for pan-European Covid-tracking mobile app (SC Magazine) Oxford researchers are working with European governments on the feasibility of a mobile app for instant contact tracing of possible Covid-19 patients
Adding up the real cost of password management for school districts (Education Dive) IT support for lost or forgotten passwords can add up to a significant amount of money, but how much is it really costing?
NATO staying strong in cyberspace (NATO) Antonio Missiroli, NATO’s Assistant Secretary General for Emerging Security Challenges, gave the keynote address at the CyberSec European Cyber Security Forum on Tuesday (24 March).
Banks, regulators move to protect customers from wave of coronavirus scams in UK, U.S. (Reuters) UK banks are stepping up fraud prevention measures to protect customers from sca...
Lawmakers urge EU to sanction Putin associate for election interference (TheHill) The bipartisan leaders of the House Foreign Affairs Committee on Tuesday strongly urged the European Union to sanction a close associate of Russian President Vladimir Putin over what they say are ongoing effort
White House urges agencies to implement new authentication methods amid telework (Fifth Domain) Extended telework could mean agencies can't hand out new identity verification cards.
Trump, Congress agree on $2 trillion virus rescue bill (AP NEWS) The White House and Senate leaders of both parties announced agreement early Wednesday on unprecedented emergency legislation to rush sweeping aid to businesses, workers and a...
Trump administration must produce 5G security strategy under new law (Fifth Domain) The law requires the president to send a report to Congress on how the administration will address several 5G security challenges.
Trump Inks Pair Of Network Security, Broadband Bills (Law360) President Donald Trump has signed a pair of bills aimed at ramping up security of next-generation wireless networks and more accurately mapping U.S. broadband availability to fill out gaps in high-speed service.
Trade group calls for Trump administration policy to help protect intelligence contractors (Washington Business Journal) The Pentagon designated which contractor roles are most critical to its operations. Now a trade association wants the Trump administration to draft new policies to offer financial safeguards to those intelligence contractors.
Robocalls A Weapon For Good And Evil In Coronavirus Fight (Law360) As people scramble for information about the global coronavirus pandemic, lawmakers and regulators are trying to make sure automated phone calls and texts are used to help, not hurt.
First Responders Can Get COVID-19 Patient Data: HHS (Law360) Law enforcement, paramedics and other first responders may access protected health information about an individual who has been infected by or exposed to the coronavirus if the information is needed to provide treatment, the U.S. Department of Health and Human Services said Tuesday.
The Cybersecurity 202: States surge mail-in voting for delayed primaries as coronavirus pandemic intensifies (Washington Post) States including Georgia, West Virginia and Ohio are rushing to dramatically ramp up mail-in voting for primary contests during the coronavirus pandemic — even with no guarantee Congress will help foot the bill.
Consumer Group Urges Calif. AG Not To Delay CCPA Start (Law360) Advocacy group Consumer Reports is pushing back at industry calls for the California attorney general to delay enforcement of the state's landmark consumer privacy law in light of the coronavirus pandemic, arguing such a move would deprive consumers of vital data privacy protections at a time when they're sorely needed.
Rare cybercrime enforcement in Russia yields 25 arrests, shutters 'BuyBest' marketplace (CyberScoop) Russian authorities arrested more than two dozen people who allegedly ran websites where users bought and sold stolen payment cards and personal data.
NGO accused of collecting classified IDF intel given 2 months to respond (Israel Hayom) Ad Kan, which monitors left-wing NGOs in Israel, is urging an investigation into IDF "watchdog" group Breaking the Silence, arguing that it is in illegal possession of material that could put national security at risk.
Twitter Can't Nix NM Kids' Data Suit Based On Jurisdiction (Law360) A New Mexico federal judge on Tuesday denied a dismissal bid by Twitter and a collection of advertising services used in Tiny Lab apps, ruling the court has jurisdiction to handle the state's claims that the companies surreptitiously collected kids' location data and personal information.
Mass. AG Fights Facebook's Bid To Keep App Probe Internal (Law360) Massachusetts Attorney General Maura Healey has urged a state appeals court to deny Facebook's bid to delay releasing a list of app developers that may have mishandled user data, saying the tech giant's request is against the public interest.
LabMD Loses Defamation Suit Against Pa. Cybersecurity Firm (Law360) Defunct cancer-testing company LabMD Inc. on Tuesday lost its defamation suit against former cybersecurity firm Tiversa Holding Corp. when a Pittsburgh federal magistrate ruled the laboratory had already closed by the time the allegedly defamatory statements were made and therefore could not have been harmed by them.
IN BRIEF: FBI shuts down Russia-based online platform after alleged admin's arrest (Reuters) The U.S. Federal Bureau of Investigation has shut down a Russia-based online pla...
For a complete running list of events, please visit the Event Tracker.
National Cyber League (NCL) Spring Season (Various locations, Mar 19 - May 15, 2020) The National Cyber League (NCL) is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. NCL allows players of all levels to enter. Between easy, medium and hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season closes March 20, 2020.
SecureWorld Boston (Boston, Massachusetts, USA, Mar 25 - 26, 2020) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and collaboration. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with local peers.
Kernelcon (Omaha, Nebraska, USA, Mar 27 - 28, 2020) Kernelcon is the result of many motivated information security professionals who recognized the opportunity to create an awesome security conference in Omaha. The idea for Kernelcon started within the local DEF CON Group, DC402, with lots of help from other members of other local security groups such as NebraskaCERT and OWASP. We are inspired by many other conferences including DEF CON, DerbyCon, ShmooCon, etc., and wanted to bring those same experiences to the Mid-West here in Omaha.
InfoSec World (Lake Buena Vista, Florida, USA, Mar 30 - Apr 3, 2020) Join your peers and our experts at InfoSec World 2020 Conference & Expo on March 30 – April 1 to not only address the disruptive technologies and threats on the horizon, but to create a plan for managing the people, processes and tools for how your organizations react and cope with these intrusive circumstances.
4th Annual Denver Cyber Security Summit (Denver, Colorado, USA, Apr 2, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from the U.S. Dept. of Homeland Security, U.S. Dept. of Justice, Cisco, Darktrace, ExtraHop, and more about the latest threats facing your company.