CyberWire Pro, our new subscription program designed for security professionals and all others who want to stay abreast of cybersecurity news, has a new offering, launching today: CSO Perspectives. This new service—available as both a weekly column and a podcast—features Rick Howard, the CyberWire's CSO, Chief Analyst and Senior Fellow, who offers an informed, nuanced perspective on the ideas, strategies and technologies that senior cybersecurity executives grapple with daily. Reevaluating the network defender's core tenets in the face of technological change and threat actors' evolving strategies and sorting through the deluge of marketing claims and buzzwords, CSO Perspectives will inform and challenge readers and listeners to think critically about cybersecurity. CSO Perspectives will also be available in the CyberWire Daily Podcast feed for its inaugural three weeks.
More Signal. Less Noise.
BGP hijacking? DarkHotel sighting. Google Play issues. Sim-swapping vulnerabilities. COVID-19 and cybersecurity.
Announcements
CSO Perspectives, now available to CyberWire Pro subscribers.
Special Section
News for the cybersecurity community during the COVID-19 emergency
The coronavirus pandemic continues to provide an occasion for criminal hacking, state-directed disinformation, and popular delusions.
Criminal opportunity during the state of emergency.
There's been a general spike in coronavirus-themed attacks as criminals move toward the soft (or at least novel) targets public fear and widespread remote work afford. Both Europol and the US FBI are reporting a significant increase in cybercrime, and other regions are seeing much the same. Cointelegraph reports that the dark web souk Monopoly Market says it will "permanently ban" hoods running COVID-19 scams, but such statements should be received with reservations. Other promises of good behavior by criminals have proven to be largely moonshine, or as SecurityWeek puts it, they've "gained little traction."
On disinformation.
Beijing continues to be the prime suspect in various disinformation campaigns that surround the pandemic, as the Express reports, but Russian organs have also been active. Canada's Foreign Minister is the latest to complain, not in so many words, but by clear implication, of Moscow's involvement in pushing bogus information. Digital Journal says that Foreign Minister Francois-Philippe Champagne said, after a NATO meeting, "Certainly this is not the time for a state actor or non-state actor to spread disinformation, at a time when basically humanity is facing one common challenge which is the virus." Researchers at the University of Calgary weren't reluctant to make an attribution, and they're attributing to Russia the campaign NATO discussed.
On popular delusions.
The completely unfounded attribution of COVID-19 to 5G infrastructure continues to gain surprising traction, with the UK for some reason seeming particularly susceptible. The Guardian reports that broadband engineers have received threats, and the vandalism of a Birmingham cell tower seems linked to the meme. The British Government has, Computing says, asked social media platforms to take stronger measures against such misinformation about coronavirus conspiracies.
Some popular delusions may be undergoing amplification by botnets, TechRadar reports, and that suggests some state operators may be using the memes for disruptive purposes.
Zooming through China.
Zoom has acknowledged that it allowed certain calls to be routed through China, and that this was a mistake, according to Yahoo. Zoom's China connections have drawn fresh suspicion and scrutiny, including a US Congressional request for an explanation.
Update: more events move online.
SINET, the Security Innovation Network, hopes to resume its well-known and influential series of conferences with the July 20th Innovation Summit in New York, should the pandemic state of emergency have subsided by then. But SINET has also announced plans for six "virtual Town Hall meetings on what is happening to real people with real pain in their respective industries." The Town Halls will address current challenges and opportunities from the perspectives of CEOs, CISOs, venture capitalists, investment banks, and boards of directors.
The Diana Initiative, which seeks to encourage and support women pursuing careers in information security has also gone virtual. Full details about how this event will be conducted during the pandemic emergency may be found on the organization's site.
And Amazon Web Services has decided to take its 2020 NAB Show online as well.
Summary
ZDNet says traffic from more than two-hundred of the world’s biggest cloud hosting providers and content delivery networks was “suspiciously” redirected through Russia's state-owned telecommunications provider Rostelecom. It looks like Border Gateway Protocol (BGP) hijacking, and ZDNet calls Rostelcom “a repeat offender.”
Qihoo 360 reports an operation by DarkHotel that exploits a zero-day in Sangfor SSL VPN servers, widely used by the Chinese government. The targets have for the most part been government agencies in Beijing and Shanghai, and Chinese diplomatic missions in (by ZDNet’s count) some nineteen countries. The researchers call DarkHotel a “[Korean] Peninsula APT gang.”
Researchers at the University of L’Aquila in Italy, Vrije University in Amsterdam, and ETH in Zurich have published research into apps on Google Play, where more than four-thousand apps collect information about other installed applications, and do so without user permission. A follow-on study by the same team showed that such information can be reliably used to develop profiles of the affected users: gender, for example, seems relatively easy to infer.
Other popular Android apps present direct security risks. VPNpro reports that SuperVPN, an application with over a hundred-million downloads, is vulnerable to exploitation for man-in-the-middle attacks. And a study by CyberNews suggests the existence of a group of Android developers who share code in producing risky or fraudulent apps.
Following up a study into SIM-swapping, researchers at Princeton University found that some affected services had corrected the vulnerabilities, but that an alarming number haven’t yet done so. Motherboard summarizes the findings.
Notes.
Today's issue includes events affecting Afghanistan, Armenia, Australia, Canada, China, Ethiopia, India, Indonesia, Iran, Israel, Italy, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Kyrgyzstan, Malaysia, New Zealand, Norway, Pakistan, Russia, Saudi Arabia, Sweden, Taiwan, Tajikistan, Thailand, Turkey, United Arab Emirates, United Kingdom, United States, Vietnam
Bring your own context.
Observations on "the digital authoritarian playbook" for control of cyberspace.
"So we have these two trends going on, and what it really is showing is just the spread and diffusion of authoritarian digital control of the environment and what the digital authoritarian playbook is. And we have that pretty well-understood, I think, at this point. So if you look at it - and it's not just China, not just Russia. And I think that that's the core message we really want to send. Although China and Russia really are the innovators in this area, their models are spreading. And so the way we look at it, or at least the way I look at it, is focused on the use of cyberattacks for, say, data access, data theft, data manipulation, data dumps, those kind of things that I think this audience is very well familiar with. You've got the hardware and software that they're using as well that can provide either backdoors or other kinds of access and control. You've got the disinformation for controlling the narrative. And, again, you're talking about the coronavirus. We're seeing that very much so right now being an authoritarian tool of choice for controlling the narrative - and, again, not just in China. Iran and others are doing the same."
—Andrea Little Limbago, Chief Social Scientist at Virtru, on the CyberWire Daily Podcast, 4.2.20.
It's a playbook defenders would do well to study.
Tips for Healthcare Providers to Achieve Cyber Resilience in a COVID-19 World
Healthcare organizations are on the frontline of COVID-19 pandemic. With a huge surge in demand and a massive increase in the volume of communications, the potential for fraud, phishing, and other threats is more severe than ever. Join our webinar on April 29, to hear from Olga Polishchuck, LookingGlass’ Senior Director of Threat Analysis and Investigations on:
- COVID-19 exploitation threats, schemes, and campaigns
- Emerging and ongoing trends that could impact healthcare organizations
- How to remain cyber resilient
On the Podcast
Today's CyberWire Daily Podcast, out as always later this afternoon, features a conversation with our partners at Accenture, as Malek Ben Salem discusses CISO health concerns. Our guest is Dr. Celeste Paul from NSA on cognitive capacity and burnout.
Sponsored Events
Data-Driven Analysis of Real-World Vulnerabilities Observed in 1,800+ Production ICS Networks (Online, April 9, 2020) CyberX analyzed over 1800 IoT/OT networks in the past 12 months. In this presentation you'll learn about the degree to which IoT/OT networks and unmanaged devices are soft targets for adversaries, and what steps you can take to mitigate the risk that those soft targets pose. Register today!
Cybersecurity Impact Awards (Online, May 29, 2020) The Cybersecurity Impact Awards are now open for nominations until May 29 and are dedicated to recognizing companies that have corporate or Federal headquarters in the DMV area for their leadership and innovation within the cybersecurity industry. Award winners will be honored during an awards ceremony during DC Cyber Week on October 20.
Selected Reading
Dateline
The Virus of Disinformation: Echoes of Past Bioweapons Accusations in Today’s COVID-19 Conspiracy Theories (War on the Rocks) Despite its moniker, the 1918 “Spanish flu” pandemic almost certainly did not originate in Spain. The belligerents of World War I suppressed reporting on
Canada FM slams state-sponsored coronavirus disinformation (Digital Journal) Canadian Foreign Minister Francois-Philippe Champagne after a NATO meeting on Thursday slammed coronavirus disinformation campaigns spread by state actors, of which Russia has been accused.
China sparks fury over coronavirus disinformation - ‘How can we trust them?’ (Express) CHINA has systematically spread disinformation about COVID-19 to shift blame for the pandemic, a think tank has claimed.
China cover-up: Chilling purge of hundreds who spoke out against Xi - terrifying report (Express) HUNDREDS of people in China are being targeted for criticising president Xi Jinping's handling of the coronavirus outbreak, which was described as "perfect" by the state.
Broadband engineers threatened due to 5G coronavirus conspiracies (the Guardian) EE suspects telephone mast engulfed by fire in Birmingham was an arson attack as celebrities claim Covid-19 caused by new network
Social media platforms asked to take much swifter action against fake 5G coronavirus conspiracy theory (Computing) The spread of such fake theories has resulted in destruction of mobile phone masts in many cities in Britain
Bot traffic fueling rise of fake news and cybercrime (TechRadar) Bad bots have created an 'infodemic' of coronavirus misinformation
TikTok To Shut Accounts Spreading Misinformation On Coronavirus; Provocative Videos Originating From Pakistan & Middle East (ABP Live) The provocative videos, originating from Pakistan and middle-east, are being used to spread false information and influence the people against following safe practices to contain the spread of COVID-19.
YouTube moves to limit spread of false coronavirus 5G theory (the Guardian) Decision comes as four more phone masts are attacked
Don't Fall For It: The Department of Homeland Security is not enforcing a national quarantine (KWCH) The National Guard has created the hashtags #KSRumorWatch, #SpreadFactsNotFear, and #StoptheRumors to help stop the spread of misinformation.
SBA: Small business owners applying for COVID-19 relief may have had PII exposed (CyberScoop) Some of the Small Business Administration's loan applicants may have had their personally identifiable information exposed, a spokeswoman tells CyberScoop.
Europol: Cybercrime is Growing Amidst Pandemic (OCCRP) Since the start of the COVID-19 pandemic, cybercrime has grown more than any other criminal activity, a Europol report revealed on Friday.
Cyberattacks in Korea spike on virus crisis (Investor) The number of cyberattacks in South Korea spiked in the first quarter this year, due to the number of people working remotely amid the novel coronavirus outbreak, according to SK Infosec on April 6. The nation‘s biggest data security solution provider detected 1.74 million cyberattacks in the first quarter, up 21 percent on-year -- the monthly average reached 0.58 million, up from 0.48 million last year.&n...
The remote-working rush is creating a playground for spies and cybercrooks (ZDNet) Gaps in security and new ways of working will lead to data breaches and security problems over the coming weeks and months.
FBI Warns of Attacks on Remote Work, Distance Learning Platforms (BleepingComputer) FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning.
How Enforcers Curtailed a Coronavirus Robocall Scam (Wall Street Journal) A telecom-industry task force has said it recently identified and cut off a barrage of coronavirus-related calls it suspected were bogus.
Hacker 'Ceasefire' Gets Little Traction as Pandemic Fuels Attacks (SecurityWeek) There has been a surge in COVID-related cyberattacks and fraud schemes, even as some hackers have called for dialing back their criminal efforts.
Darknet Market to Permanently Ban Vendors Preying on COVID-19 Fears (Cointelegraph) Monopoly Market has announced it will ban vendors who use the COVID-19 pandemic as a marketing tool.
Privacy Experts Say Responsible Coronavirus Surveillance Is Possible (The Intercept) Data collected to fight the pandemic should not be used for other purposes and should only be requested by health officials.
Rights groups appeal to governments over COVID-19 surveillance (Naked Security) Digital and human rights groups have joined in a rare worldwide appeal to governments to respect privacy when handling the COVID-19 crisis.
Coronavirus and the Future of Surveillance (Foreign Affairs) Democracies Must Offer an Alternative to Authoritarian Solutions
In coronavirus fight, oft-criticized Facebook data aids U.S. cities, states (Reuters) Infectious disease researchers are using Facebook Inc mobile location data to provide daily updates to U.S. cities and states evaluating the effectiveness of social distancing orders aimed at slowing the novel coronavirus.
Zoom Admits Some Calls Were ‘Mistakenly’ Routed Through China (Yahoo) Popular video-conferencing company Zoom Video Communications (ZM) admitted that it had “mistakenly” allowed calls to flow through China, adding to a number of mis-steps raising doubt on the security of the platform.Zoom said in a statement on Friday that certain meetings held by its non-Chinese users
Rep. McNerney and Colleagues Push Zoom for Answers About the Company’s Privacy Practices (Congressman Jerry McNerney) Today, Rep. Jerry McNerney sent a letter to Zoom’s CEO, Eric Yuan, raising concerns and questions regarding the company’s privacy practices. He was joined by 18 of his Democratic colleagues from the House Committee on Energy and Commerce. Zoom has experienced a surge in users during COVID-19, and in March of this year, hit a record 200 million daily users.
Zoom's Sudden Rise Presents Test For New Calif. Privacy Law (Law360) The privacy backlash that has accompanied Zoom's meteoric rise since the onset of the COVID-19 pandemic has sparked challenges that are poised to test the strength of California's new privacy law and fuel calls for other states to embrace robust data safeguards.
School districts, including New York City’s, start banning Zoom because of online security issues (Washington Post) Online security issues are growing with the mass rush to virtual education during the coronavirus crisis.
Zoom will enable waiting rooms by default to stop Zoombombing (TechCrunch) Zoom is making some drastic changes to prevent rampant abuse as trolls attack publicly shared video calls. Starting April 5th, it will require passwords to enter calls via Meeting ID, as these may be guessed or reused. Meanwhile, it will change virtual waiting rooms to be on by default so hosts hav…
Zoom vows to spend next 90 days thinking hard about its security and privacy after rough week, meeting ID war-dialing tool emerges (Register) Passwords-by-default feature may be faulty. But hey, who else just went from 10 to 200 million daily users?
5 things you can do today to make Zooming safer (Naked Security) 5 things you can do to make your Zooming safer, more private and more secure…
Coronavirus Pandemic Reminds Us That Security Is Important During the Zoom Boom (Cointelegraph) Under the guise of the COVID-19 pandemic, governments may target our civil liberties, and cryptography could become the technological protector of our rights.
Beyond Zoom: How Safe Are Slack and Other Collaboration Apps? (Threatpost) COVID-19’s effect on work footprints has created an unprecedented challenge for IT and security staff. Many departments are scrambling to enable collaboration apps for all — but without proper security they can be a big risk.
Australian government advice on how to avoid coronavirus-related scams and cyber threats (ZDNet) The Australian Cyber Security Centre and the Australian Competition and Consumer Commission have both issued advice on how to avoid falling victim as Aussies deal with a new way of living and working.
Spies are already in your phone. A highly controversial private firm may be next (Times of Israel) Fighting the coronavirus contagion, the government has introduced extremely intrusive tracking. Now it wants to bring in the NSO Group, a company accused of human rights violations
We Saw NSO's Covid-19 Software in Action, and Privacy Experts Are Worried (Vice) We got a demo of the infamous Israeli spyware company's Coronavirus surveillance software.
NHS-Big Tech axis a sign of what's to come (The Telegraph) The NHS has turned to technology companies for support in the fight on coronavirus amid concerns around patient privacy
Inside Palantir's work with the CDC, HHS to synthesize COVID-19 data (FedScoop) Palantir is working with the CDC and HHS, according to the company. It's work centers on synthesizing the disparate data sources that report COVID-19 cases.
Yes, Even MSSPs Will Experience Layoffs, Job Cuts and Furloughs (MSSP Alert) Coronavirus pandemic triggers some layoffs at MSSPs, MDR (managed detection & response), and SOC as a Service (SOCaaS) cybersecurity companies.
New guidance on SBA loans means most startups are still excluded from $349 billion stimulus (TechCrunch) Under new guidance issued by the Small Business Administration it seems non-profits and faith-based groups can apply for the Paycheck Protection Program loans designed to keep small business afloat during the COVID-19 epidemic, but most venture-backed companies are still not covered. Late Friday ni…
Tape the webcam, enable firewall: 11 rules to ensure cyber security when you work from home (The Economic Times) From keeping devices updated to securing video calls, here are some handy tips on keeping digital activities secure.
Digital Privacy Risks Increase As Americans Stay-At-Home (Security.org) With most Americans under some form of stay-at-home restrictions due to the COVID-19 pandemic. As a result, Americans are purchasing more products and groceries online, downloading new apps and telecommuting. At the same time, there are new phishing and identity theft scams aiming to take advantage of … Continued
Scammers are creating Netflix lookalikes to target people staying at home, study finds (USA TODAY) More than 30,103 new coronavirus-related domains were registered in the past two weeks. The number posing as Netflix doubled. Zoom is also a favorite.
Telework forces unexpected cybersecurity changes at TSA (Fifth Domain) The Transportation Security Administration has taken security measures to accommodate telework.
How Cisco mobilised staff, partners and customers to work from home (CRN Australia) Vendor details journey to maintain business continuity.
IBM Security BrandVoice: Agile Lemonade: How An IBM Security R&D Team Navigated A Radical Shift To Work From Home (Forbes) I’m the director of an Agile software development team at IBM Security and for my organization, business continuity means releasing high quality software on a regular basis so our clients can securely manage their mobile endpoints and remote workers.
Secureworks Provides Relief to Organizations Most in Need of Cybersecurity Protection (BusinessWire) Secureworks announces cybersecurity solutions with flexible payment and deployment options to help organizations protect remote work expansion.
New BitSight Innovation Addresses Security Challenges Created by Massive Global Shift to Work From Home (BitSight) BitSight introduces the BitSight Work From Home - Remote Office solution to help organizations discover cybersecurity risks evident in more remote offices.
Bugcrowd Announces Free COVID-19 Response Package to Help Care Provider Organizations Reduce Risk with Crowdsourced Cybersecurity Solutions (Yahoo) Bugcrowd, the 1 crowdsourced security company, today announced that it is offering a COVID-19 Response Package that will provide free Bugcrowd fully-managed Vulnerability Disclosure Programs and Attack Surface Analysis for emergency response teams, hospitals, or other care provider organizations helping
ESET launches resource to protect remote workers during COVID-19 (IT Brief) If adequate security measures aren’t implemented on every device or network that connects to the corporate network, bad actors can go undetected.
In COVID-19 Response, Silent Breach Expands Cloud Security Offerings (IT News Online) In COVID-19 Response, Silent Breach Expands Cloud Security Offerings
Emergency remote teleworking setup (JS Technology Group) We can help you access your data, collaborate with colleagues, and facilitate client meetings. For the last decade, JS Tech …
HOME | Cybersecurity Cares (Cybersecurity Cares) A resource site for cybersecurity professionals adapting to a remote workforce during the coronavirus pandemic.
Meet The Volunteer COVID-19 Heroes Helping Healthcare Fight Hackers (In Homeland Security) COVID-19: As hackers and cybercriminals dial up the vile attacks against healthcare, these are the volunteer cyber-protectors out to thwart them.
Cyber Attacks, Threats, and Vulnerabilities
DarkHotel hackers use VPN zero-day to breach Chinese government agencies (ZDNet) Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.
The DarkHotel (APT-C-06) Attacks Chinese Institutions at Abroad via Exploiting SangFor VPN Vulnerability (Qihoo 360) Recently, Qihoo 360 detected an APT attack that deliver malicious files through hijacked security services of a domestic VPN provider.
Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others (ZDNet) Rostelecom involved in BGP hijacking incident this week impacting more than 200 CDNs and cloud providers.
Docker servers targeted by new Kinsing malware campaign (ZDNet) Hackers breach Docker clusters via administrative API ports left exposed online without a password.
Docker Users Targeted with Crypto Malware Via Misconfigured APIs (Infosecurity Magazine) Password-free installations allow hackers to profit
PayPal and Venmo Are Letting SIM Swappers Hijack Accounts (Vice) Even after being warned by researchers, some companies still haven’t fixed systems that make it easy for hackers to take over accounts.
Cyber security agency cautions against fake PM-CARES UPI IDs (The Pioneer) The national cyber security agency has alerted donors against fake ‘UPI IDs’ for a special fund launched by Prime Minister Narendra Modi to combat the COVID-19 pandemic. In an advisory issued on Saturday, the Indian Computer Emergency Response Team (CERT-In) said it has “tracked several fake
Thousands of Android Apps Are Silently Accessing Your Data (Wired) More than 4,000 Google Play apps let developers and advertisers collect a list of the user's other installed apps, no permission needed.
We uncovered a secret network of 27 app developers in the Google Play store (CyberNews) Our new research discovered that there’s a secret group of at least 27 app developers, with 101 apps in total for a combined 69 million installs, that seem to be connected, copying each others’ apps, stealing apps from popular developers, and committing other fraud.
Google Keeps SuperVPN on Play Store Despite Vulnerability (VPNpro) Google has confirmed that SuperVPN has a vulnerability that allows for a critical MITM attack, however, the app is still available on the Play store.
A researcher found zero-days in one city's software. Then he realized the problem could be bigger. (CyberScoop) One penetration test involving CIPPlanner software shows just how hard it is to track down every possible bug on a city-wide enterprise IT systems.
How to Find & Fix the Japanese Keyword Hack (Sucuri) If you’re wondering how to find and fix the Japanese keyword hack, get started by identifying a real-life example.
Phishers Try 'Text Direction Deception' Technique to Bypass Email Filters (Dark Reading) With COVID-19 concerns running high, attackers are trying new tactics to get to users.
US Secret Service warns that coronavirus email scams are on the rise (CNBC) The U.S. Secret Service this week warned law enforcement and banks about malicious emails related to COVID-19 and said corporations should be on alert.
Criminal Hackers Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords (Gizmodo UK) Cyber criminals are working to take advantage of the shocking changes to daily life thrust onto entire populations.
Cyber attack disrupts firm's IT systems in Sweden, Norway - Business Insurance (Business Insurance) Sweden-base automotive spare-parts provider Mekonomen AB said that a cyber attack on its MECA/Mekonomen business has caused extensive disruptions to the information technology systems in Sweden and Norway.
Zoom call with Utah elementary students hacked with pornography (KATU) The Alpine School District is reassessing how it uses the video conferencing service Zoom after pornography was shown during a call with elementary school students.
Emotet Malware Shut Down Microsoft's Entire Network By Overheating PCs (Fossbytes) According to a report by Microsoft Detection and Response Team (DART), Emotet tricked one Microsoft employee into opening a malicious email attachment. A series of events that followed led to a week-long shut down of the organization's core services by maxing out CPUs.
Windows PCs Exposed to Attacks by Critical HP Support Assistant Bugs (BleepingComputer) Several critical HP Support Assistant vulnerabilities expose Windows computers to remote code execution attacks and could allow attackers to elevate their privileges or to delete arbitrary files following successful exploitation.
Security Patches, Mitigations, and Software Updates
Firefox zero day in the wild: patch now! (Naked Security) Mozilla just pushed out an update for its Firefox browser to patch a security hole that was already being exploited in the wild.
New Software Fix Offers Bitcoin Miners Increased Security (CoinDesk) Startup Braiins has released the first functioning code for a new protocol designed to fix longstanding security problems with bitcoin mining pools.
Cyber Trends
Head in the Cloud? Time to Face Cyber Security Reality (Security Boulevard) Many users believe that the cloud is the safest bet when saving and backing up important files. However, security issues arise when organizations fail to add their own security strategies in addition to that of the cloud provider The post Head in the Cloud? Time to Face Cyber Security Reality appeared first on Phoenix TS.
Internet of Evil Things Survey (New Electronics) An Internet of Evil Things survey has found that over half of organisations have no visibility into the number of devices on their wireless network.
Marketplace
The Intelligence Community is hiring during this time of crisis (Federal News Network) As we have seen our economy change we have heard of some employers like Amazon, Walmart, InstaCart and others hiring a massive amount of people to fulfill demand. These are all critical jobs during…
Bug bounty platforms buy researcher silence, violate labor laws, critics say (CSO Online) The promise of crowdsourced cybersecurity, fueled by "millions of hackers," turns out to be a pipe dream, despite high-octane marketing from the bug bounty platforms.
Privitar Closes $80 Million Series C Funding Round Led by Warburg Pincus (Yahoo) Privitar, the leading data privacy platform provider, closes $80 Million series C funding round led by Warburg Pincus
Accenture Acquires Context Information Security, a UK-Based Cybersecurity Consultancy (MarTech Series) Acquisition accelerates growth of Accenture Security in the U.K. and internationally Accenture (NYSE: ACN) has acquired Context Information Security, a leading cyber defense consultancy, previously owned by parent company Babcock International Group. Financial terms were not disclosed.
Huawei joins major US-based open-source patent protection consortium OIN (ZDNet) In a move many will find surprising, Huawei is joining the Linux and Open Invention Network, the leading US-based open-source patent non-aggression group.
KnowBe4, a Clearwater cybersecurity firm, saw its revenues grow by 40% in the first quarter of 2020, compared to Q1 2019. (Business Observer) Cybersecurity firm KnowBe4 says its first-quarter sales are up by 40% despite switching its 884-person staff to remote work due to the coronavirus pandemic.
CrowdStrike Gets A Booster Shot (Seeking Alpha) Guidance for fiscal year 2021 is for 50% to 52% revenue growth. CrowdStrike is ideally positioned to benefit from the seismic shift to work-at-home given frictionless deployment and fully managed endpoint protection.
Cybersecurity Firm Zscaler Gains As Companies Shift To Work From Home (Investor's Business Daily) Relative strength line trending upward; RS Rating at 94 out of 99. Shares now above both the 50-day and 200-day moving averages. After deep consolidation, stock may form flat base if it stays steady
Plurilock expands US team (Planet Biometrics News) Plurilock Security Solutions, a leading provider of advanced authentication products with behavioral biometrics technology, has announced the addition of key team members to its sales operations division.
Sounil Yu of Bank of America joins YL Ventures as CISO-in-Residence (BusinessWire) YL Ventures, the prominent seed-stage Silicon Valley venture capital firm investing in Israeli cybersecurity startups, today announced that Sounil Yu,
Products, Services, and Solutions
CyberWire launches "CSO Perspectives" podcast and new weekly column with Chief Analyst, Rick Howard (MarketWatch) The CyberWire announced today the launch of "CSO Perspectives," a new podcast and weekly column by Rick Howard, the CyberWire's CSO, Chief Analyst and Senior Fellow. Available to CyberWire Pro subscribers, the new programming focuses on the ideas, strategies and technologies that senior cybersecurity executives wrestle with daily.
SonicWall Empowers MSSPs, Launches Enhanced Managed Security Services Program (PR Newswire) SonicWall today unveiled an enhanced version of its SecureFirst Managed Security Service Provider (MSSPs) Program to provide the licensing...
Blue Ridge Networks Provides Industry-Leading Cybersecurity in Qatar (Yahoo) Blue Ridge Networks today announced that it will provide proven endpoint and critical infrastructure cyber security solutions for Qatar's private and public sectors through its partners Clearspan Strategic LLC and Al Mana Computer Services (ACS).
Okta Signs Partnership With VMware, CrowdStrike, And Tanium (Pulse 2.0) Okta, a leading independent provider of identity for the enterprise, announced that it signed partnerships with VMware, CrowdStrike, and Tanium.
IBM integrates Okta identity solutions to cloud offerings (Security Brief) “We’re excited to formalise the partnership to provide our joint customers with the technology to help secure their organisations.
Rethinking Zoom? How WebEx, Teams and Google Compare on Security (Inc.com) After a burst of rapid growth, Zoom has lost some luster amid well-publicized zoombombing episodes.
Spire Technology to distribute ESET’s security software (PCR) Cyber security and anti-virus company ESET has extended its reach into the premium consumer market b
LIFARS Releases Open-Source Cyber Incident Response Tool Voltaire (New Kerala) LIFARS, the global leader in Incident Response, Digital Forensics, Ransomware Mitigation and Cyber Resiliency Services, has released a new open-source tool for incident response IR triage.
NordLocker Invites Ethical Hackers to Crack Encrypted Locker Worth $10,000 (Irish Tech News) Following its promise to guarantee the ultimate security for your files, the file encryption tool NordLocker has launched a bounty campaign. It invites hacking enthusiasts to crack an encrypted locker and win $10,000.
Technologies, Techniques, and Standards
Power station brought down by cyber-attack - simulation lessons (SC Magazine) Siemens: The most important action you can take to make operations resilient is to develop and implement an IR playbook. Resiliency is based on 3 key concepts: visibility, relationships, & speed.
How Relevance Scoring Can Make Your Threat Intelligence More Actionable (Security Intelligence) Relevance scoring is a technique that correlates the properties of security analysts' threat intelligence and those of their organization, such as the industry and region.
Five tips for a cyber secure home office experience (ITWeb) The increased number of employees working from home and outside of the usual protections of corporate networks is a golden opportunity for cyber criminals.
How to avoid scams online: Protect your gadgets when working from home (Trusted Reviews) Trusted Reviews reached out to a range of security experts to determine how to avoid scams online and keep your personal data safe.
VMware: What to Do When Cybercriminals Hunt Your Company in Your Home (SDx Central) The worst-case cyberattack scenario for a corporation is no longer that a cybercriminal hacks into your network and steals your data, says Tom Kellermann, head cybersecurity strategist at VMware Carbon Black.
Battling cloud breaches requires a new type of 'privilege' (PaymentsSource) The most effective way to avoid cloud payment breaches is by dramatically reducing access, says CloudKnox Security's Balaji Parimi.
Design and Innovation
Fraud prevention startup working on anonymous peer-to-peer verification network (TechRepublic) Identiq uses cryptographic algorithms and preserves customer privacy while enabling companies to to identify new customers through a network of trust.
Research and Development
Meet the Xenobots, Virtual Creatures Brought to Life (New York Times) Computer scientists and biologists have teamed up to make a new class of living robotics that challenge the boundary between digital and biological.
Legislation, Policy and Regulation
Shut the door on the North’s cyberarmy (The Japan Times) The world needs to wake up to North Korea's ability to launch cyberattacks on nuclear facilities.
China Will Do Anything to Deflect Coronavirus Blame (Foreign Policy) Don’t mistake different messages for division within the party.
For the Chinese, Political Warfare Is War by Other Means (The Heritage Foundation) Even amid the ongoing coronavirus pandemic, China’s efforts at political warfare remain in full swing. China assiduously tries to shape the world’s view of COVID-19, and China’s role in it, by denying any responsibility for the rise and spread of the new coronavirus as well as attempting to shift the blame toward the United States.
The UN is partnering with China’s biggest surveillance software company (Quartz) Its collaboration with Tencent, whose flagship product WeChat has a near monopoly over the Chinese internet, raises security and privacy concerns.
MPs urge government to intervene in possible Chinese takeover of Imagination Technologies (Computing) Chinese investor is planning to appoint its four representatives as directors in Imagination's board
The US vs a Chinese giant: Huawei and the tech war (South China Morning Post) Over the past two years the relationship between Chinese tech champion Huawei and the US has only worsened but why did the relationship sour in the first place?
Huawei's founder on US sanctions, 5G leadership and building trust in Europe (Yahoo) In a recent interview with the South China Morning Post, the founder Chinese telecoms giant Huawei said he was inspired by the political system and business governance he saw in the United States when he started the company. Ren Zhengfei also spoke about how the world’s largest telecommunications equipment supplier, and China’s biggest smartphone maker, is dealing with US sanctions.
Close the backdoors: U.S. cybersecurity needs improvement (Pittsburgh Post-Gazette) Current weaknesses in the U.S. telecommunications system are easily exploited.
How Taiwan is tracking 55,000 people under home quarantine in real time (Quartz) The country, which acted early and has kept Covid-19 cases low, set up an electronic fence system that uses cellular signals on mobile phones to keep people inside.
Japan to Invest US$237.12 Million in AI Tools to Counter Cyberattacks (CISO MAG) Japan’s Ministry of Defense (MoD) confirmed that it’s going to invest nearly ¥25.6 billion to develop AI-based security tools to defend cyberattacks.
Russia postpones smartphone software law until January 2021:TASS (Reuters) Russia on Tuesday pushed back legislation that would require all smartphones, computers and smart TV sets sold in Russia to come pre-installed with Russian software, by six months until January 1, 2021, the TASS news agency reported.
Disrupt, Don’t Indict: Why the United States Should Stop Indicting Foreign State Actor Hackers (Just Security) Peter Machtiger argues that the U.S. should abandon it's policy of indiciting foreign hackers acting on the behalf of States in favor of a sustained campaign of disruption.
NDIA Perspective: Protecting the Fruits of our Labor from China (National Defense Magazine) For decades, the National Defense Industrial Association and its members have worked hard to ensure U.S. and allied warfighters enjoy decisive advantage across the spectrum of conflict. American innovation is at the heart of delivering this advantage.
New Cyberspace Solarium Commission Report Offers Words of Warning for AppSec (Veracode) A recent report from the Cyberspace Solarium Commission (CSC) includes detailed plans for guiding cybersecurity policies in the United States, which the commission feels is necessary to prevent catastrophic fallout from breaches and attacks for corporations and citizens alike.
New DHS guidance to address long-standing network issues as telework exacerbates the problems (Federal News Network) The Cybersecurity and Infrastructure Security Agency will release a telework-focused temporary Trusted Internet Connections 3.0 directive to give agency networks some relief as more employees are…
5 questions with the Marine Corps’ deputy commandant for information (C4ISRNET) Lt. Gen. Loretta Reynolds, the Corps’ deputy commandant for information, explains why she shies away from the term
31st MEU cyber operations section attaches, deploys for first time, increasing active defense in cyberspace (DVIDS) In the same way that the ships of the USS America Expeditionary Strike Group (ESG) patrol the seas to provide safety and maritime security against any threat, so too do the Marines of Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM) in the cyber realm, according to 2nd Lt. Adam Kosianowski, 31st Marine Expeditionary Unit DCO-IDM officer in charge.
New York’s New Data Breach Notification Law: What Businesses Should Know (The National Law Review) As the COVID-19 pandemic continues to demand the attention of corporate leaders and the public at large, businesses have likely had little time to get up to speed on New York's new data breach...
Trump Removes Intel Watchdog Who Revealed Whistleblower Complaint That Led to Impeachment (Voice of America) U.S. President Donald Trump has removed the U.S. intelligence community watchdog from office.
Intelligence Community Inspector General Michael Atkinson informed Congress about the whistleblower complaint that led to Trump’s impeachment earlier this year.
Trump officially notified the intelligence committees of both houses of Congress on Friday that Atkinson’s firing would go into effect in 30 days.
He said in a letter that he “no longer” had “the fullest confidence” in Atkinson.
Trump fires Michael Atkinson, intel watchdog who handled Ukraine complaint (The Washington Times) President Trump on Friday night fired Michael Atkinson, the inspector general for the intelligence community who had deemed “urgent” a whistleblower’s complaint about the president’s actions on aid to Ukraine.
Outgoing U.S. intel watchdog fired by Trump says he acted appropriately (Reuters) Michael Atkinson, the outgoing top watchdog of the U.S. Intelligence Community, on Sunday said he was fired by President Donald Trump for acting impartially in his handling of the whistleblower complaint that triggered an impeachment probe of the president last year.
Litigation, Investigation, and Enforcement
British Airways and Marriott UK data protection fines deferred again as coronavirus shutdown hits business (Register) May and June are new due dates and neither firm is going down quietly
‘Zoombombing’ Becomes a Dangerous Organized Effort (New York Times) Zoom, the videoconferencing app, has become a target for harassment and abuse coordinated in private off-platform chats.
"Zoombombing" is a federal offense that could result in imprisonment, prosecutors warn (The Verge) You could get arrested for "Zoombombing."
Judge demands FBI provide new details about its surveillance (KLEW) The chief judge of a secretive national security court demanded Friday that the FBI provide him with details about its investigations after a Justice Department inspector general identified problems with more than two dozen wiretap applications. The order from Judge James Boasberg signals growing concerns from the court that authorizes FBI surveillance about whether the bureau is providing inaccurate information when it applies to eavesdrop on suspected spies and terrorists.
Hong Kong police are using coronavirus restrictions to clamp down on protesters (Quartz) There are fears that public health regulations will be to target the ongoing protest movement.
Facebook Wanted NSO Spyware to Monitor Users, NSO CEO Claims (Vice) In a court-filed declaration, NSO Group’s CEO says Facebook tried to buy an Apple spying tool in 2017.
Before suing NSO Group, Facebook allegedly sought their software to better spy on users (TechCrunch) Facebook's WhatsApp is in the midst of a lawsuit against Israeli mobile surveillance outfit NSO Group. But before complaining about the company's methods, Facebook seems to have wanted to use them for its own purposes, according to testimony from NSO founder Shalev Hulio.
How the CLOUD Act is Likely to Trigger Legal Challenges (Cooley) New York Law Journal “The CLOUD Act is about to stir up a legal storm. The act was originally passed in March 2018 to ensure US law enforcement officials could obtain information from US-base…
Industry Events
upcoming Events
National Cyber League (NCL) Spring Season (Various locations, March 19 - May 15, 2020) The National Cyber League (NCL) is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. NCL allows players of all levels to enter. Between easy, medium and hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season closes March 20, 2020.
CyberTechLive (Online, April 7, 2020) CybertechLive - Virtually connect with top speakers, generate business leads and tap into the Cybertech network.
SecureWorld Houston (Houston, Texas, USA, April 15, 2020) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and collaboration. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with local peers.
OFFZONE 2020 (Moscow, Russia, April 16 - 17, 2020) This year, cybersecurity specialists, researchers and enthusiasts will meet at the Loft Hall #2. As usual, the focus will be not on business, but on practical issues, fresh research results, and the most relevant cyberthreat experience. As in previous years, the conference will have an additional dimension — an enthralling story-line lived out by the participants in the course of 2 days. The first OFFZONE located visitors in a disaster survival bunker. The second conference brought participants together to revive lost computing power, knowledge and technology. And this year, visitors to OFFZONE 2020 will be connected to unique artificial intelligence that accumulates all their skills and experience. Does the program really selflessly help people or pursue its own goals? Find out at OFFZONE 2020!
SecureWorld Cincinnati (Cincinnati, Ohio, USA, April 21, 2020) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and collaboration. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with local peers.
Sponsor & Support
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.