We recently launched Recorded Future Express — a free browser extension for security teams. Use Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now.
For more, see our daily update on COVID-19 and the cybersecurity community.
Ransomware continues to steal data. BleepingComputer reports that Magellan Health, a large US managed care and insurance provider, discovered on April 11th that it had been the victim of a ransomware attack. The incident compromised personal data including names, addresses, employee ID numbers, and various details from US W-2 or 1099 tax forms. A letter to affected stakeholders said that no fraud had so far been detected.
Australia's Toll Group confirmed that it too lost data to ransomware.
Yesterday was Patch Tuesday: Adobe took care of thirty-six bugs, and Microsoft addressed one-hundred-eleven issues. There's a view in circulation that you should take a wait-and-see approach to applying patches, and that in particular you ought to turn off automatic Windows updates. While this might make sense under some circumstances for an enterprise that must test patches to ensure the fixes won't affect their systems' availability, and even granted that some patches come with problems, it's hard to see why individual users should do the same. One security expert tweeted that the advice amounted to "digital anti-vax click bait." Go ahead and patch.
But if you must be selective in your patching, take a look at CISA's list of the ten most exploited vulnerabilities and start with those.
People counted yesterday, May 12th, as marking the third anniversary of WannaCry's peak, and INTERPOL declared it "Anti-Ransomware Day." Infosecurity Magazine quotes the head of INTERPOL's Cybercrime Directorate as saying the agency wants to remind everyone "to keep good cyber hygiene and to #WashYourCyberHands.”
Today's issue includes events affecting Australia, China, Estonia, Iran, Israel, Democratic People's Republic of Korea, Republic of Korea, Mexico, Russia, Singapore, United Kingdom, and United States.
A cultural component to disinformation:
"What you see in the 1960s already, but getting stronger as we move in the '70s and '80s, is that communism as an ideology in a way weakens people, even inside the intelligence establishment, you know, [they] make jokes about communism. Of course, some of them are still ardent communists, but it becomes...sort of this weird cynicism sets in. And people become the two layers to the conversation, what people say in private and what people say at the workplace or in public. And that cynicism, that double standard, ultimately, I think made them, the Eastern Bloc, better at disinformation because they were trained at home to spot contradictions and to tolerate contradictions and to play with contradictions. And that's exactly what you need to do to run active measures. You need to spot the contradictions of your adversary and then play with them and exacerbate them."
—Thomas Rid, professor of strategic studies at the Johns Hopkins University's School of Advanced International Studies, on the CyberWire's Daily Podcast, 5.8.20.
Increasing the adversary's friction. (Or sharpening the contradictions.)
The largest current fine under GDPR is over 200 million euros. With similar laws coming, it’s critical to review your readiness for privacy regulations. Legal experts and cybersecurity professionals at Mazars Cybersecurity can review your processes, ensuring your compliance. Mazars experts have experience with regulatory regimes and local requirements. Mazars understands today, business is interconnected. You can’t afford to be out of compliance when laws a world away can impact your organization. See how Mazars can help.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses Twitter’s response to 5G-related Coronavirus conspiracy theories. Our guest is Chris Cochran from the Hacker Valley podcast, sharing the story of his career path.
And Caveat is up. In this week's episode, "Privacy is a human right," Dave has the story of a facial recognition research project that claims to be able to predict criminality, and Ben takes a look at privacy in the face of contact tracing app and coronavirus. They also speak with Jules Polonetsky, CEO of the Future of Privacy Forum, on how privacy is best understood as a human right, on privacy risks that will grow in prominence during the 2020s, and on the rising technologies that will be used to manage privacy over the next decade.
In this week's episode of CSO Perspectives, "Cybersecurity first principles." the CyberWire's CSO Rick Howard discusses the concept of first principles as an organizing principle and how the technique can be applied to cybersecurity to build a foundational wall of infosec practices that are so fundamental as to be self-evident; so elementary that no expert in the field can argue against them; so crucial to our understanding that without them, the infrastructure that holds our accepted best practice disintegrates like sand castles against the watery tide.
