We recently launched Recorded Future Express — a free browser extension for security teams. Use Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now.
For more, see our daily update on COVID-19 and the cybersecurity community.
Ransomware continues to steal data. BleepingComputer reports that Magellan Health, a large US managed care and insurance provider, discovered on April 11th that it had been the victim of a ransomware attack. The incident compromised personal data including names, addresses, employee ID numbers, and various details from US W-2 or 1099 tax forms. A letter to affected stakeholders said that no fraud had so far been detected.
Australia's Toll Group confirmed that it too lost data to ransomware.
Yesterday was Patch Tuesday: Adobe took care of thirty-six bugs, and Microsoft addressed one-hundred-eleven issues. There's a view in circulation that you should take a wait-and-see approach to applying patches, and that in particular you ought to turn off automatic Windows updates. While this might make sense under some circumstances for an enterprise that must test patches to ensure the fixes won't affect their systems' availability, and even granted that some patches come with problems, it's hard to see why individual users should do the same. One security expert tweeted that the advice amounted to "digital anti-vax click bait." Go ahead and patch.
But if you must be selective in your patching, take a look at CISA's list of the ten most exploited vulnerabilities and start with those.
People counted yesterday, May 12th, as marking the third anniversary of WannaCry's peak, and INTERPOL declared it "Anti-Ransomware Day." Infosecurity Magazine quotes the head of INTERPOL's Cybercrime Directorate as saying the agency wants to remind everyone "to keep good cyber hygiene and to #WashYourCyberHands.”
Today's issue includes events affecting Australia, China, Estonia, Iran, Israel, Democratic People's Republic of Korea, Republic of Korea, Mexico, Russia, Singapore, United Kingdom, and United States.
A cultural component to disinformation:
"What you see in the 1960s already, but getting stronger as we move in the '70s and '80s, is that communism as an ideology in a way weakens people, even inside the intelligence establishment, you know, [they] make jokes about communism. Of course, some of them are still ardent communists, but it becomes...sort of this weird cynicism sets in. And people become the two layers to the conversation, what people say in private and what people say at the workplace or in public. And that cynicism, that double standard, ultimately, I think made them, the Eastern Bloc, better at disinformation because they were trained at home to spot contradictions and to tolerate contradictions and to play with contradictions. And that's exactly what you need to do to run active measures. You need to spot the contradictions of your adversary and then play with them and exacerbate them."
—Thomas Rid, professor of strategic studies at the Johns Hopkins University's School of Advanced International Studies, on the CyberWire's Daily Podcast, 5.8.20.
Increasing the adversary's friction. (Or sharpening the contradictions.)
The largest current fine under GDPR is over 200 million euros. With similar laws coming, it’s critical to review your readiness for privacy regulations. Legal experts and cybersecurity professionals at Mazars Cybersecurity can review your processes, ensuring your compliance. Mazars experts have experience with regulatory regimes and local requirements. Mazars understands today, business is interconnected. You can’t afford to be out of compliance when laws a world away can impact your organization. See how Mazars can help.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses Twitter’s response to 5G-related Coronavirus conspiracy theories. Our guest is Chris Cochran from the Hacker Valley podcast, sharing the story of his career path.
And Caveat is up. In this week's episode, "Privacy is a human right," Dave has the story of a facial recognition research project that claims to be able to predict criminality, and Ben takes a look at privacy in the face of contact tracing app and coronavirus. They also speak with Jules Polonetsky, CEO of the Future of Privacy Forum, on how privacy is best understood as a human right, on privacy risks that will grow in prominence during the 2020s, and on the rising technologies that will be used to manage privacy over the next decade.
In this week's episode of CSO Perspectives, "Cybersecurity first principles." the CyberWire's CSO Rick Howard discusses the concept of first principles as an organizing principle and how the technique can be applied to cybersecurity to build a foundational wall of infosec practices that are so fundamental as to be self-evident; so elementary that no expert in the field can argue against them; so crucial to our understanding that without them, the infrastructure that holds our accepted best practice disintegrates like sand castles against the watery tide.
Our weird behavior during the pandemic is messing with AI models (MIT Technology Review) In the week of April 12-18, the top 10 search terms on Amazon.com were: toilet paper, face mask, hand sanitizer, paper towels, Lysol spray, Clorox wipes, mask, Lysol, masks for germ protection, and N95 mask. People weren’t just searching, they were buying too—and in bulk. The majority of people looking for masks ended up buying…
WSJ News Exclusive | Chinese, Iranian Hacking May Be Hampering Search for Coronavirus Vaccine, Officials Say (Wall Street Journal) Chinese and Iranian hackers are aggressively targeting American universities, pharmaceutical and other health-care firms in a way that could be hampering their efforts to find a vaccine to counter the coronavirus pandemic, U.S. officials said.
The cyberthreat that could derail the world's race to develop a coronavirus vaccine (CNBC) Pharmaceutical companies working on a vaccine and on drugs and treatments to fight the coronavirus are facing an increased risk of cyberattack, according to cybersecurity experts.
People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations (FBI) The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this announcement to raise awareness of the threat to COVID-19-related research.
FBI and CISA Warn Against Chinese Targeting of COVID-19 Research Organizations (FBI) The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a public service announcement today warning organizations researching COVID-19 of likely targeting and network compromise by the People’s Republic of China (PRC).
Roundup: COVID-19 pandemic delivers extraordinary array of cybersecurity challenges (ZDNet) As the COVID-19 outbreak threatens to overload the healthcare system and the global economy, it's also having a powerful impact on the security of businesses and individuals.
Why Security Misconfiguration Are Higher During Covid-19 (FireMon) There are good reasons your IT security team may be looking a bit sleep-deprived. In addition to the stress of the COVID-19 pandemic everyone is facing, they’re also facing heightened risks to network firewall security as new external assets (websites, web portals, mobile apps and more) are provisioned to enable customers and an expanding remote Read more...
McAfee, CrowdStrike, Palo Alto Networks Track Evolving COVID-19 Cyberattacks (SDxCentral) As cyberattacks and threats continue to grow and mutate along with the COVID-19 pandemic, three security reports from CrowdStrike, McAfee, and Palo Alto Networks shine a spotlight and how these attacks are evolving — and they indicate that businesses aren’t as prepared to secure their now-remote workforce as they think.
Cyberattacks keep offices on their toes (Livemint) Firms are having to boost spending to secure their networks, pushing up costs even as revenues dry up.As employees work remotely during the coronavirus lockdown, cybercriminals are using the opportunity to prey on those working outside secure office networks to steal confidential data
A Guide to Pandemic Scams, and What Not to Fall For (New York Times) Fraudsters see opportunities to target us in these uncertain times. Here are their most popular schemes and how we can protect ourselves.
Nuspire Report Pinpoints Changes in Adversarial Cyber Activity Capitalizing on Coronavirus Pandemic (Nuspire) Quarterly report examines top botnet, malware and exploit activity throughout Q1 2020
We Can’t Stop the Coronavirus Unless We Stop Corruption (Foreign Policy) The world is pouring trillions of dollars into coronavirus vaccines and economic stimulus efforts. But without strict measures, graft will prevent funds from reaching the…
Former NSA Chief: Values Must Not be Compromised in the Name of Security, Not Even During a Pandemic (CTECH) Mike Rogers, who was named head of the NSA at the height of the Snowden scandal is acutely aware of how fragile the public trust is in the intelligence entities of the democratic nations
Cybersecurity Threats to the Food Supply Chain (SecurityWeek) Cyber brings the opportunity of large-scale adversarial interference in food supplies. In military terms this could be a precursor to kinetic warfare, but the cyber age has introduced a new style of cyberwar.
Scams Exploit COVID-19 Giveaways Via Venmo, PayPal and Cash App (Tenable®) The economic impact of COVID-19, which is causing record unemployment, creates a golden opportunity for scammers looking to target vulnerable people desperate for cash to help pay their bills.
Using AI to detect COVID-19 misinformation and exploitative content (Facebook) We’re sharing details about how Facebook is using AI to help detect COVID-19 misinformation and respond to other integrity challenges related to the...
How Facebook is using AI to combat COVID misinformation and detect "hateful memes" (The Verge) Facebook sheds light on its new AI-powered moderation.
European comms bodies set up standards group, call for vigilance on contact-tracing apps (ComputerWeekly) New ETSI group will develop standardisation framework for secure smartphone-based proximity tracing systems, helping to break Covid-19 transmission chains.
Draft Covid-19 contact tracing legislation proposes formal oversight (ComputerWeekly) Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app.
MPs take part in first live test of remote voting during Covid-19 debate (ComputerWeekly) MPs will use phones and computers to vote from their homes in a House of Commons debate today in the biggest change in parliamentary procedure for 150 years.
Online Voting Has Worked So Far. That Doesn’t Mean It's Safe (Wired) Proponents of mobile and internet voting point to its uneventful track record. That's not good enough.
Putin Is Well on His Way to Stealing the Next Election (The Atlantic) RIP democracy
House Democrats introduce coronavirus rescue bill that would direct more than $3 trillion to states, individuals, health systems (Washington Post) House Democrats unveiled a sprawling coronavirus rescue bill Tuesday that would direct more than $3 trillion to state and local governments, health systems, and a range of other initiatives, setting up a huge clash with Senate Republicans and the White House over how to deal with the sputtering economy.
Analysis | The Cybersecurity 202: Democratic coronavirus bill shows how partisan election security has become (Washington Post) The bill goes a long way to ensure safe elections during the pandemic but will go nowhere with Republicans.
House Democrats' Partisan Wish List Jeopardizes Elections (Committee on House Administration Republicans) Congress has already provided over $1.25 billion since 2018 to help states update their election infrastructure, $400 million alone from the previous CARES Act to help states make COVID-19 preparations, and the Election Assistance Commission is working around the clock to provide coronavirus guidance and resources for states to administer their elections. It's time for House Democrats to stop trying to take advantage of a national emergency to push their own political agenda.
Remote Courtrooms Here To Stay As Judges Tackle Backlogs (Law360) Federal and state court judges say they are likely to rely heavily on remote courtrooms, including virtual trials, as the prospect of fully reopening the justice system to its former capacity remains a distant goal for many, and case backlogs and delays continue to mount.
Coronavirus: Massive Palm Beach County School District Student Password Breach (BocaNewsNow) The Palm Beach County School District is in the midst of a massive computer security crisis that draws into question the authenticity of every assignment completed by every student since “distance learning” began, after BocaNewsNow.com learned that an elementary school student hacked the school district’s password system.
Entrust Datacard Consumer Survey Reveals Poor Password Hygiene Among Remote Workers (BusinessWire) On World Password Day 2020 a new Entrust Datacard work-from-home survey highlights the critical need to address data security challenges.
Security Chiefs Look to Justify Cybersecurity Costs During Business Downturn (Wall Street Journal) The coronavirus pandemic has caused a range of businesses to furlough or layoff employees and freeze technology and cybersecurity projects as they anticipate a financial hit from the health crisis.
Twitter Will Allow Employees To Work At Home Forever (BuzzFeed News) Two months into working from home, Twitter makes it permanent for some.
Apple Plans to Return More Staff to Offices in Break From Rivals (Bloomberg) Company to start letting more workers return to major offices. Google, Facebook will allow remote work through end of 2020.
Michael Dell: Work From Home Will Be 'Permanent Feature' (CRN) Michael Dell said customers have shifted from rapidly implementing work at home setups to ensuring they’re sufficiently hardened and secure for long-term use.
HPE restructures for ‘post COVID-19 world’ (CRN Australia) With a new CTO and GreenLake Cloud Services business group.
The Cloud Powers Fortinet Higher During the Coronavirus Lockdown (The Motley Fool) As remote work increased in relation to COVID-19, cybersecurity’s importance took a quantum leap higher.
Censys Releases Free One-Click Tool To Check Work-From-Home Security (Censys) “Home Network Risk Identifier” Finds Exposed Vulnerabilities in Seconds
LogMeIn Introduces Remote Deployment to Help IT Admins Remotely Install GoToMyPC During Shift to Remote Work (GlobeNewswire) LogMeIn Inc. (NASDAQ: LOGM), a leading provider of solutions for the work-from-anywhere era, has launched Remote Deployment for GoToMyPC enabling IT administrators and business professionals to remotely deploy, install, and configure GoToMyPC remote access software across any number of computers simultaneously.
Dimension Data offers free incident response to hospitals targeted by cyberattacks (htxt.africa) Tony Walt, managing executive for Dimension Data Security, explains why the firm is freely offering this incident response service.
US Exposes New North Korean Malware Tools (Decipher) The U.S. government has published details of three new malware tools it says are in use by North Korean state-sponsored attackers.
Researchers Analyze Entry Points, Vectors for Manufacturing System Attacks (SecurityWeek) Researchers analyzed the possible entry points and attack vectors for targeting smart manufacturing systems and discovered several new vulnerabilities in the process
Phishing attack evades Microsoft 365 security (BetaNews) Researchers at email protection company Armorblox have uncovered a targeted email phishing attack designed to get past Microsoft 365 security.
Vulnerabilities in 'Page Builder' Plugin Expose 1 Million WordPress Websites (SecurityWeek) Two high severity vulnerabilities addressed recently in SiteOrigin’s Page Builder WordPress plugin could allow an attacker to execute code in a website administrator’s browser
Hackers' private chats leaked in stolen WeLeakData database (BleepingComputer) Ironically, the database for the defunct hacker forum and data breach marketplace called WeLeakData.com is being sold on the dark web and exposes the private conversations of hackers who used the site.
Toll Group reveals stolen data may show up on dark web (CRN Australia) Company last week revealed it was hit by ransomware attack.
Shipping Giant Toll Confirms Hackers Stole Data in Recent Attack (SecurityWeek) After initially claiming that it found no evidence of data being stolen as a result of the recent ransomware attack, Australian shipping giant Toll has admitted that some data has been stolen
Toll Group resists ransom demands from hackers after cyber attack (Loadstar) Toll Group is having a tough year, and has confirmed that the “unusual activity” on its servers last week was a cyber attack, which has now led to ransom demands.
Healthcare giant Magellan Health hit by ransomware attack (BleepingComputer) Fortune 500 company Magellan Health Inc announced today that it was the victim of a ransomware attack on April 11, 2020, which led to the theft of personal information from one of its corporate servers.
[Ransomware disclosure by Magellan Health] (Magellan Health) Magellan was recently the victim of a criminal ransomware attack
Thunderspy – why turning your computer off is a cool idea! (Naked Security) Thunderbolt ports can provide direct access to the memory in your laptop… just how hard is it for crooks to do so when you aren’t looking?
Top 10 Routinely Exploited Vulnerabilities (CISA) The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known vulnerabilities exploited by sophisticated foreign cyber actors.
Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update A) | (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens --------- Begin Update A Part 1 of 2 --------- Equipment: IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA --------- End Update A Part 1 of 2 ---------
OSIsoft PI System (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer Dereference, Improper Input Validation, Cross-site Scripting, Insertion of Sensitive Information into Log File 2.
Eaton Intelligent Power Manager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Eaton Equipment: Intelligent Power Manager Vulnerabilities: Improper Input Validation, Incorrect Privilege Assignment 2.
Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: KTK, SIDOOR, SIMATIC, and SINAMICS Vulnerability: Uncontrolled Resource Consumption 2.
Siemens SIPROTEC 5 and DIGSI 5 (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely; low skill level to exploit Vendor: Siemens Equipment: SIPROTEC 5 and DIGSI 5 Vulnerabilities: Improper Input Validation 2 UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-190-05 Siemens SIPROTEC 5 and DIGSI 5 (Update B) that was published December 10, 2019 on the ICS webpage on us-cert.gov.
Siemens SINAMICS (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update ICSA-19-227-04 Siemens SINAMICS (Update B) that was published December 10, 2019, to the ICS webpage on us-cert.gov.
3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Library Manager Vulnerability: Cross-site Scripting 2.
Interpeak IPnet TCP/IP Stack (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection, Null Pointer Dereference
Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS 7, SIMATIC WinCC, SIMATIC NET PC Vulnerability: Incorrect Calculation of Buffer Size 2.
Microsoft patches 111 vulnerabilities in May 2020 Patch Tuesday (Computing) No zero-days patched in the latest release
Adobe Patches 36 Vulnerabilities in Acrobat, DNG SDK (SecurityWeek) Adobe has patched 36 vulnerabilities in Acrobat, Reader and the DNG SDK, and while some flaws have been rated critical the vendor believes they are unlikely to be exploited too soon
Instagram iOS update brings bulk comment deleting, control for who can mention or tag you (9to5Mac) Instagram is rolling out some changes today to keep the platform a more positive place for users. Two features rolling out now include the ability to control who can tag or mention you in comments, captions, or Stories as well as the ability to delete comments in bulk. Instagram noted in a blog post today …
Squid patches security flaws in HTTP digest authentication (The Daily Swig) Vulnerabilities have lain undiscovered since 2001
Huawei denies involvement in buggy Linux kernel patch proposal (ZDNet) Huawei says employee submitted code as part of a personal project, not on behalf of the company.
Digital Fraudsters Increase Attacks Against Multiple Industries During Pandemic; Use COVID-19 Scams to Target Younger Generations (TransUnion) TransUnion quarterly global fraud analysis also examines the types of fraud targeting businesses and where it originates
Stand-alone cyber insurers need more agents and brokers (PropertyCasualty360) Insurers may need to reconsider the product's design, pricing and marketing strategy to get their distribution force more enthusiastically on board.
Semperis Announces $40 Million in Growth Funding After Completing Six Consecutive Profitable Quarters (BusinessWire) Semperis, a pioneer of identity-driven cyber resilience for enterprises, receives $40 Million in Series B Funding Led by Insight Partners
SonarSource Acquires RIPS Technologies and Accelerates in the Application Security Market (PR Newswire) SonarSource, maker of SonarQube and leader for Code Quality and Code Security solutions, today announced the acquisition of RIPS Technologies,...
Verint Closes $200 Million Investment by Funds Advised by Apax Partners (Directors' Club) Verint® announced it has closed the first tranche under the two tranche investment agreement with funds advised by Apax Partners signed in December in
Varonis Systems’ $253 Million Convertible Senior Note Offering (Global Legal Chronicle) White & Case LLP has advised Varonis Systems, Inc. on the offering.
CACI Awarded $465 Million Task Order to Provide Expertise for U.S. Army C5ISR Missions (BusinessWire) CACI International Inc (NYSE: CACI) announced today that it has been awarded a five-year single-award task order, with a ceiling value of more than $4
Facebook is quietly helping to set up a new pro-tech advocacy group to battle Washington (Washington Post) Facebook is working behind the scenes to help launch a new political advocacy group that would combat U.S. lawmakers and regulators trying to rein in the tech industry, escalating Silicon Valley’s war with Washington.
Deloitte lays off 200 consultants and auditors in Toronto (Consulting) Deloitte Canada has laid off approximately 200 people in its Toronto headquarters, according to a report from Business Insider.
Invicti Security Reports Record Growth and Profitability (Invicti) Enterprise driving demand for web application security leaders Netsparker and Acunetix
XM Cyber Named a Gartner 'Cool Vendor' in Security Operations and Threat Intelligence (PR Newswire) XM Cyber, the multi-award-winning breach and attack simulation (BAS) leader, was recognized as a "Cool Vendor" in Gartner's May 2020 "Cool...
Coalfire Named a "Top Workplace" by The Denver Post for Third Consecutive Year (PR Newswire) Coalfire, a trusted provider of cybersecurity advisory and assessment services, announced today that the company was named one of The Denver...
CyberGRX Recognized as Best Workplace by Inc. Magazine (BusinessWire) CyberGRX has been selected as one of the 395 finalists recognized by Inc. Magazine as a Best Workplace for 2020.
Janice Kennedy of Mandiant Security Validation Recognized as One of CRN’s 2020 Women of the Channel by Tracey Moon (Security Boulevard) Each year, CRN, a brand of The Channel Company, recognizes leading female executives for their accomplishments over the past year and the far-reaching impact they are having on the technology industry going forward
Five FireEye Leaders Honored as CRN 2020 Women of the Channel (BusinessWire) Five FireEye employees have been recognized by CRN for their leadership in the channel.
Coalfire Federal's Bill Malone Named Top Cyber Exec (PR Newswire) Coalfire Federal, a pure-play government cybersecurity advisory services and assessment firm, today announced that its newly appointed...
Illusive Networks Hires Nicole Bucala as VP of Business Development (PR Newswire) Illusive Networks®, the leader in deception-based cyber defense solutions, today announced the hiring of Nicole Bucala as vice president of...
Plurilock adds to board of directors (Planet Biometrics News) Plurilock Security Solutions, a leading provider of behavioral-biometric authentication technologies, has announced the addition of seasoned software executive Ed Hammersla, formerly of Trusted Computer Solutions (TCS), to its board of directors.
Arnold & Porter Hires Privacy Pro From Venable (Law360) Arnold & Porter has grown its partnership with a hire from Venable LLP who will join its privacy and data security practice as the global pandemic makes sound legal advice on those subjects ever more critical for clients.
ThreatQuotient Expands Professional Services Offering (BusinessWire) ThreatQuotient, a leading security operations platform innovator, today announced enhancements to their professional services offering.
Bitdefender and SYNNEX Corp. Announce Distribution Agreement (PR Newswire) Bitdefender, a leading global cybersecurity company protecting more than 500 million systems worldwide, today announced that it has entered...
DivvyCloud by Rapid7 Announces New Infrastructure as Code Security Capability (BusinessWire) DivvyCloud by Rapid7 announces new Infrastructure as Code Security capability to empower enterprises to take a preventive approach to cloud security.
New Sudo Features Integrate Popular Privileged Access Application Into Enterprise Security and IT Strategies (GlobeNewswire) Nearly ubiquitous across Linux deployments, Open Source Sudo software allows a user to act as another user. Version 1.9 enhancements drive centralized logging, auditing and command approval. Python language now supported for third-party plugins.
Illumio Evolves Micro-Segmentation by Enabling Self-Service Functionality for Application Teams (GlobeNewswire) New App Owner View feature empowers each application owner to implement their own segmentation security policies, as organizations strive to achieve Zero Trust
Liquid.com Bolsters Security for Cryptocurrency Exchange with Sumo Logic (GlobeNewswire) Company Adopts Sumo Logic’s Cloud SIEM to Secure More than One Billion Platform Transactions Per Day and Support Globally Distributed Team and Multi-cloud Technology Stack
White-Box Encryption: Ending Web App Vulnerability (Infosecurity Magazine) White-box cryptography is a solution that provides software-based key storage.
FIRST aims to update the Traffic Light Protocol standard to increase global adoption (FIRST — Forum of Incident Response and Security Teams) Now inviting participants for next review round
SOCOM chief: Door-kickers are out, cyber operators are in (Task & Purpose) The future of U.S. special operations may no longer involve a gaggle of commandos busting through a door, according to U.S. Special Operations Command's top general, but 'cyber operators' tasked with bringing their unique set of tools to bear on adversaries
Y'all Should Be Using Critical Thinking in the Workplace! (Phoenix TS) Regardless of the situation, we’ve all had the same thought; was there something I could have done differently? How could I have been more prepared? What can I do better next time? The answer is simple; critical thinking.
A Pentester’s Voyage - The First Few Hours (Black Hills Information Security) Jordan Drysdale // Many methodologies have been written, but the first few hours on an internal pentest tell the story of an organization’s security culture. This type of test differs from an assumed compromise or pivot in that the tester walks into the network fully armed. requirements.txt Nmap...
Secure Technology Alliances Announces Website and New Educational Resources to Advance Adoption of Mobile Driver’s Licenses (Secure Technology Alliance) Today the Secure Technology Alliance took another step forward in its efforts to raise awareness and accelerate adoption of mobile driver’s licenses (mDLs) in the U.S. with the launch of an online educational hub, mDLConnection.com. This website will help to
Estonia Passes 'Huawei Law' for Telecom Security Reviews (Reuters via US News and World Report) Estonia's parliament approved on Tuesday a new Electronics Communications Act to ensure security reviews for telecom gear needed in the development of future networks.
Why China’s Technology Theft Poses a Bigger Challenge Than That of the Soviet Union (The Diplomat) China can better incorporate what it takes to “catch up.”
Echidna or Combat Wombat? Preparing for the Defence Strategic Update (Defence Connect) As Australia’s public and strategic policy community wait with bated breath for the release of the new Defence Strategic Update in response to the changing strategic environment the nation finds itself in, Sam Roggeveen of Lowy Institute and Greg Sheridan of The Australian have entered the debate with interesting points for consideration.
Senate braces for fight over renewing lapsed surveillance powers (POLITICO) The Senate’s civil libertarians aim to place even stricter limitations on surveillance powers.
Cyber Command Needs New Acquisition Authorities (Lawfare) A major force program will help solve the problem.
COVID-19 constraints delay needed CMMC rule change (FCW) Social distancing requirements have delayed the public hearing needed for a rule change to enforce new cybersecurity standards for contractors.
Continuing Developments in Cybersecurity (JD Supra) The Government continues to take steps to address its Defense Industrial Base supply chain cybersecurity.
IoT Security: Sen. Warner’s Letter to IoT Manufacturers (Security Boulevard) With more IoT devices being used in homes and businesses in the U.S., is Washington finally ready to address the security of these devices?
INTERPOL Declares “Anti-Ransomware Day” (Infosecurity Magazine) INTERPOL and Kaspersky dub WannaCry’s third anniversary “Anti-Ransomware Day”
Facebook to pay moderators $52m for mental trauma suffered on the job (The Telegraph) Current and former workers will get up to $6,000 each in compensation for PTSD and similar conditions as part of a class action settlement
Facebook will pay $52 million in settlement with moderators who developed PTSD on the job (The Verge) Current and former moderators will all be paid a minimum of $1,000. Selena Scola filed the case in California.
'Cat and mouse game': how Citizen Lab shone a spotlight on Israeli spyware firm (the Guardian) Ron Deibert has helped expose how Israeli spyware firm allegedly facilitated hacking of activists’ phones
Mexican Government Cancels NSO Group Cyber-Surveillance Contract, Launches Corruption Investigation (Tikun Olam) Israeli media watchdog, 7th Eye, reports that the Mexican government officially revealed for the first time that it canceled NSO Group’s contract to provide cyber-hacking tools to the country’s legal, law enforcement and intelligence units.
Tarjeta Informativa (Gobierno de México) Con relación al caso del programa de vigilancia conocido como Pegasus, la Secretaría de Seguridad y Protección Ciudadana precisa lo siguiente...
Iron Mountain Discloses Potential Sanctions Violations (Wall Street Journal) The Boston-based information storage and management company said one of its foreign subsidiaries provided products and services for more than a decade to at least two entities blacklisted by the U.S.
U.S. judge puts Justice Department’s move to drop charges against Michael Flynn on hold (Washington Post) The judge says he expects independent groups and legal experts to argue against the bid to exonerate the former national security adviser. The move could re-air evidence and arguments over whether lies Flynn pleaded guilty to were a crime.
For a complete running list of events, please visit the Event Tracker.
National Cyber League (NCL) Spring Season (Various locations, Mar 19 - May 15, 2020) The National Cyber League (NCL) is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. NCL allows players of all levels to enter. Between easy, medium and hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season closes March 20, 2020.
Practical steps on your zero trust journey. A CyberWire Pro Briefing by Rick Howard. (Online, May 18, 2020) The Zero Trust strategy assumes that your network is already compromised and compels you to design it to reduce the probability of material impact to your organization if you experience either a trusted insider attack or an invading outsider who has bypassed your security controls to attain the same status. In other words, trust nobody and only allow employees enough access to the organization's resources to get their jobs done, but nothing further. You may think that designing and building that type of network is 180 degrees away from what you have right now. You would be wrong. You can get a long way down the Zero Trust path by using the equipment you already own in your current architecture. The thing that has to change is people and process. This CyberWire Pro online briefing will discuss what Zero Trust is, how to think about it in terms of your own environments, and the practical steps you can take right now with equipment you already have that will move you along that journey. This will be a vendor-neutral briefing by the CyberWire's CSO and Chief Analyst, Rick Howard, which will also provide some history and context for those looking to implement Zero Trust solutions.
41st IEEE Symposium on Security and Privacy (SP2020) (San Francisco, California, USA, May 18 - 20, 2020) IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems.
AFCEA/GMU Critical Issues in C4I Symposium (Online, May 19 - 20, 2020) For well over a decade, the AFCEA/GMU Critical Issues in C4I Symposium has connected academia, industry and government annually to address important issues in technology and systems research and development. The audience is typically more than 70% government/military featuring decision makers at all levels looking to advance their understanding of the key C4I challenges being faced now and in the future.
Cyber and Technology Day at Fort Gordon (Fort Gordon, Georgia, USA, May 20, 2020) If your product or service is cyber-related, Fort Gordon is where you want to be. The Fort's 2020 Cyber and Technology Day provides an excellent opportunity for IT, cybersecurity and tactical technology-oriented companies to network face-to-face with the Army's key IT, communications, and cybersecurity personnel.
