Outmaneuver your most sophisticated cyber enemies—automatically.
Cyber attacks are getting more sophisticated. Cybercrime and data breach costs will reach the billions and even trillions in the next few years. These are things we already know. But what are you doing to help your cybersecurity teams (who are already stretched thin) mitigate the billions of threats? The ScoutShield threat intelligence gateway keeps your overburdened teams from throwing in the towel by blocking threats automatically – making their lives easier and saving you from cyber attacks. Watch our video to learn more.
March 28, 2018.
By The CyberWire Staff
University researchers have found a new vulnerability affecting Intel chips. This one, called "BranchScope," involves a susceptibility to side-channel attacks. Intel has been working on the issue and thinks the bug probably amounts no big deal.
More diplomatic reprisal against Russia for what US Defense Secretary Mattis calls the "attempted murder" in Salisbury bring the number of countries taking action above twenty-five. Russia denounces the moves as "senseless" and "boorish," and promises a response of its own. The US expulsion of sixty Russian diplomats is the Americans' largest such punitive action, ever.
Thales is making a run to acquire Gemalto, and Gemalto's board is commending the deal to shareholders.
Canadian advertising and software development firm AggregateIQ has denied connections with Cambridge Analytica as well as involvement in the ongoing data scandal. But code found by UpGuard in an exposed AggregateIQ database suggests there may be some connection. In the code was a string, "Ripon," and a username "SCL" (the name of Cambridge Analytica's corporate parent). The findings are small and circumstantial, but also interesting in the light of Cambridge Analytica whistleblower Christopher Wylie's testimony in the UK that AggregateIQ was involved in US campaign operations.
Facebook puts its money where its mouth is with respect to its view that the data scandal is essentially an app scandal. It's offering researchers bug bounties for finding and reporting apps that collect and misuse data.
Members of Parliament affect shock at Facebook CEO Zuckerberg's refusal to testify before Westminister's inquiry into fake news.
Struggling with your DLP? It's time to rethink your data loss prevention strategy.
Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.
ON THE PODCAST
In today's podcast, we speak with our partners at Virginia Tech's Hume Center, as Charles Clancy discusses the security of analogue devices in cyber-physical systems. Our guest is Liv Rowley from Flashpoint, who takes us through Dark Web refund fraud.
XM Cyber is coming to RSA(San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.
CSRA hit by job recruiting scam(Baltimore Business Journal) Scammers posing as CSRA Inc. executives and board members have been conducting fake interviews with job candidates in hopes of getting their banking information and other personal credentials.
Facebook Wants Security Researchers to Hunt Down Apps That Misuse User Data(BleepingComputer) In the wake of the Cambridge Analytica data misuse scandal, Facebook has announced important changes to its app platform, along with improvements to its official bug bounty program that will incentivize and reward security researchers for hunting down third-party Facebook apps that misuse user data.
What the Internet of Things means for consumer privacy(Economist Intelligence Unit) What the Internet of Things means for consumer privacy discusses the findings of an Economist Intelligence Unit (EIU) research programme, sponsored by ForgeRock, that explores the privacy concerns and priorities of global consumers stemming from the Internet of Things (IoT) and related technologies.
Analysis of 560 incidents demonstrates need for cyber resilience(Help Net Security) Many entities face the same types of security incidents – some are viewed as handling the incident well, and for some it’s a disruptive and costly lesson. The ones that fare better have prepared for an incident and use lessons-learned from prior incidents.
VirusBay Aims To Make Malware Analysis More Social(BleepingComputer) For those looking to learn about and share malware samples, a site called VirusBay may be what you are looking for. VirusBay's goal is to make malware analysis more social by providing a place for researchers to upload samples, request samples, and discuss them with other researchers.
NATO joins wave of Russian diplomat expulsions(Military Times) NATO on Tuesday joined a wave of countries and groups expelling Russian diplomats over the nerve-agent attack on a former spy in Britain. Russia denounced the actions as “boorish” and pledged to retaliate.
Mattis: Poisoning in Britain is 'attempted murder' by Russia(Military Times) The poisoning in Britain of a former Russian spy and his daughter amounts to “attempted murder” by the Russian government and furthers a pattern of Russian efforts to divide the U.S.-led Western alliance, Defense Secretary Jim Mattis said Tuesday.
Why this round of expulsions may bring US, Russia to breaking point(The Christian Science Monitor) The expulsion of 60 Russian diplomats from the US and the anticipated retaliation in kind from Moscow is expected to fuel hostile narratives and heighten public suspicions, leaving dwindling channels of communication. Allegations of espionage seem likely to lengthen the rupture.
Fewer Russian spies in U.S. but getting harder to track(Reuters) The U.S. decision to expel 60 alleged spies is unlikely to cripple Russian spying in the United States because others have wormed and hacked their way into American companies, schools, and even the government, current and former U.S. officials said.
Trump fundraiser sues Qatar over hacked emails(Reuters) Elliott Broidy, a top Republican fundraiser, sued Qatar on Monday, accusing the Gulf state of pilfering and leaking emails in retribution for his attempts to influence the Trump administration in favor of regional rivals of Qatar.
Ex-Goldman Sachs Coder Asks Appeals Court to Toss Theft Conviction(New York Law Journal) Hearing an appeal by a former Goldman Sachs computer engineer convicted of stealing code from the bank New York Court of Appeals judges Tuesday questioned defendant Sergey Aleynikov’s assertion that he did not make a tangible copy of the code because he had saved it on a hard drive.
Corporate Cybersecurity: What Are Your Legal and Ethical Obligations?(TG Daily) While personal cybersecurity is important, corporate cybersecurity, as we’ve seen over the last two years, is doubly so. With breaches occurring too often, and personal information leaked, it’s now more vital than ever that a company secure its clients’ information and uphold ethical and legal standards of information security.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SecureWorld Philadelphia(Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
National Cyber League Spring Season(Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
4th Middle East Cyber Security Summit(Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...
Cybersecurity: A Shared Responsibility(Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...
Sea-Air-Space: The Navy League’s Global Maritime Exposition(National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.
2018 Mississippi College Cybersecurity Summit(Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...
ISC West 2018(Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...
CYBERTACOS San Francisco(San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...
RSA Conference 2018(San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...
Our Security Advocates(San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.
5th Annual Cybersecurity Summit(McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.
Secutech(Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...
INFILTRATE(Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...
Automotive Cybersecurity Summit 2018(Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...
Global Cyber Security in Healthcare & Pharma Summit(London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...
Secure Summit DC(Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...
HACKNYC(New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...
SecureWorld Kansas CIty(Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.