Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
November 21, 2018.
A CyberWire Daily News Briefing redesign is coming.
After the Thanksgiving holiday, we'll be rolling out a new format for our email. We've redesigned it the better to avoid falling into spam traps, or becoming inadvertently enmeshed in the array of anti-phishing measures increasingly deployed. You've seen some of these changes already with our addition of inline links to our summary. When the redesign is complete, you'll see fewer links to suggested reading in the email itself. That selected reading will remain present in its entirety on our website, posted as always with the appropriate Daily News Briefing. We hope you'll find the new format more user-friendly. We'll announce the date of the rollout as it approaches. And, as always, thanks for subscribing and reading.
By The CyberWire Staff
Amazon has experienced a so-far unspecified breach. The online retailer has emailed many customers (but not all) to say that their name and email address had been exposed “due to a technical error.” The email, genuine despite its phishy appearance, doesn’t say what happened, or where, or why, but reassures recipients that everything’s fine and there’s no need to change passwords (Ars Technica).
Facebook has cleared up yesterday’s outages, which it attributes to server configuration errors (CNET).
Recorded Future says it’s cleared up the mystery of “Tessa88,” the hitherto unidentified cybercriminal who in 2016 sold MySpace, Badoo, LinkedIn, QIP, Rambler, VKontakte, Mobango, and Twitter databases. The security firm has concluded that Tessa88 is one Maksim Vladimirovich Donakov, of Penza, Russia. Tessa88, whose activities were bracketed with “Peace_of_mind’s,” claimed to be a broker or middleman as opposed to a hacker (ZDNet).
Competing gangs are struggling for Magecart supremacy on an infected e-commerce site (Ars Technica).
Espionage in cyberspace continues at its customary tempo and customary actors. Australia, however, is thought to be seeing an increase in the attention being paid to its corporate intellectual property by China’s Ministry of State Security (CNBC). And observers continue mulling Cozy Bear’s virtuoso return to phishing for access (Threatpost, Forbes).
Those of you in the furry community, you know who you are. But a breach in “High Tail Hall” suggests that about half-a-million of you will eventually be known to everyone else as well. The BBC and Mr. Cluley seem au courant on the incident.
Today's issue includes events affecting Afghanistan, Australia, China, European Union, Republic of Korea, NATO/OTAN, Russia, Saudi Arabia, United Kingdom, United Nations, United States.
A quick note: we'll be observing Thanksgiving this week, so there will be no Daily News Briefing, Daily Podcast, or Hacking Humans on Thursday or Friday, and no Research Saturday or Week that Was this Saturday. Everything returns to normal next week. In the meantime, enjoy the holiday, and see you as usual on Monday.
What are the brightest minds are saying about network security?
We're asking knowledgeable security insiders like you to take a short survey. In return, we're offering all qualified respondents a chance to enter a drawing to win one of three gift cards valued at $50 each. Join other cybersecurity leaders and share your viewpoints. Click here to take the survey.
Cyber Security Summit: November 29 in Los Angeles(Los Angeles, California, United States, November 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The CIA, The City of Los Angeles, Verizon, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com
Rapid Prototyping Event: The Turing Test(Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Prototyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.
Mirai: Not Just For IoT Anymore(Arbor Networks Threat Intelligence) Executive Summary Botmasters have taken the lessons from developing Internet of Things (IoT) malware and shifted their focus to targeting commodity Linux servers. Like many IoT devices, unpatched Linux servers linger on the network, and are being abused at scale by attackers sending exploits to every vulnerable
VisionDirect hacked: Hackers infect domains with malicious Google Analytics code(HackRead) Hackers using Google Adwords & Google Sites to spread malwareVisionDirect, one of Europe’s largest online optical retailer that deals with contact lenses and eye care related products has announced that a number of its domains have suffered a data breach in which hackers stole customers’ credit card and banking data.
Beware of Third Party Data Breaches(The National Law Review) A study by Ponemon Institute found the percentage of US and UK companies that faced a data breach because of a vendor or third party is growing. In the US alone, 61% of surveyed respondents
2018 Global DNS Threat Survey Report(EfficientIP) Discover the prominence and business impact of DNS attacks this past year, plus results from the Coleman Parkes global survey covering multiple sectors.
Policy on data protection likely to get tighter worldwide: Fortinet(The Financial Express) Governments and regulators around the world are likely to persist in pushing for greater access to and control over their citizens’ data amid rising incidence of data breach, said Patrice Perche, senior executive vice president for worldwide sales and support, Fortinet.
Just in Time for the Holidays: KnowBe4 Offers “Safe Travels for Road Warriors” Video(AP NEWS) With the stress of holidays around the corner, KnowBe4 , the provider of the world’s largest security awareness training and simulated phishing platform, is offering up tips for staying safe while you travel with a free video module entitled “Safe Travels for Road Warriors.” The video, which is packed with online safety tips, is available now and will continue to be accessible throughout the 2018 holiday season.
ZeroFOX Premium Social Media & Digital Threat Data in ThreatConnect(AP NEWS) ThreatConnect, Inc. ®, provider of the industry's only extensible, intelligence-driven security platform, is proud to announce its integration with ZeroFOX. This premium social media & digital threat data integration is now available to ThreatConnect customers and is one of the more than 350 existing integrations and applications available in the ThreatConnect Platform.
Technologies, Techniques, and Standards
How clean is your software supply chain?(Computing) With malware now pervasive and high-profile organisations being breached every day, Computing invites IT leaders to a networking dinner for sharing best practises
The Country You Save May Be Your Own(Foreign Affairs) The problem of democracy in the United States, Iran teaches us, is neither the forgotten voter nor the handwringing swingvoter; it is the nonvoter, the nearly 103 million Americans who either refused or were unable to cast a ballot in 2016.
The path to improved cybersecurity culture(Information Management) The recent ISACA-CMMI Institute cybersecurity culture research illustrates the accomplishments and gaps that are seen in the cybersecurity culture of many organizations.
Army creates new defensive cyber project office(InsideDefense.com) The Army has reorganized one of its leading technology project management offices to instead focus on defensive cyber operations, responding to a growing need in that domain.
To Stockpile or Not to Stockpile Zero-Days? (Dark Reading) As the debate rages on, there is still no simple answer to the question of whether the government should stockpile or publicly disclose zero-day vulnerabilities.
Blow for Kremlin as ‘ex‑KGB man’ loses Interpol vote(Times) Russia was dealt a blow this morning when its candidate to become the head of Interpol was defeated. Alexander Prokopchuk, a veteran of the Russian interior ministry, had been seen as the favourite...
Russian challenge to chemical weapons watchdog rejected(Military Times) The global chemical weapons watchdog’s initiative to apportion blame for poison gas and nerve agent attacks survived two institutional challenges from Russia on Tuesday and is set to become operational next year.
Facebook appeals UK data watchdog’s £500K Cambridge Analytica fine(TechCrunch) Facebook has said it will appeal a £500,000 penalty issued by the U.K.’s data watchdog this summer following a lengthy investigation into the Cambridge Analytica data misuse scandal. Facebook told the regulator an estimated one million U.K. users were among the 87 million of its users whose p…
Facebook failed to stop a child bride being auctioned on its platform(TechCrunch) Facebook failed to prevent its platform being used to auction a 16-year-old girl off for marriage in South Sudan. Child early and forced marriage (CEFM) is the most commonly reported form of gender-based violence in South Sudan, according to a recent Plan International report on the myriad risks fo…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
3rd Next Generation Cyber Security for Utilities(Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...
Transport Security Congress(Washington, DC, USA, April 2 - 3, 2019) The Transport Security Congress brings together business and security leaders from all sectors of passenger and goods transportation to discuss solutions to the evolving security and safety risk landscape.
Australian Cyber Conference 2019(Melbourne, Victoria, Australia, October 7 - 9, 2019) The Australian Information Security Association (AISA) is the premier industry body for information security professionals in Australia. As a nationally recognised not-for-profit organisation, AISA champions...
Kingdom Cyber Security(Riyadh, Saudi Arabia, November 20 - 21, 2018) Setting a game plan to boost cyber resilience at the national level.
API Security Summit(London, England, UK, November 21, 2018) The API Security Summit, taking place in London on the 21st of November 2018 will bring together the financial services community, regulators, fintechs, TPPs and associations
from across UK and Europe to find solutions to the current lack of standardisation, debate what standards/legislation may emerge in 2019, and how to plan with these in mind.
The Cyber Security Summit: Los Angeles(Los Angeles, California, USA, November 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.
IEEE WIE Forum USA East(White Plains, New York, United States, November 29 - December 1, 2018) IEEE WIE Forum USA East 2018 focuses on developing and improving leadership skills for individuals at all stages of their careers. Attendees will have the opportunity to hear inspirational and empowering...
Securing Digital ID 2018(Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...
First Annual Maryland InfraGard Cybersecurity Conference(College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...
International Cyber Risk Management Conference(Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...
2018 Cloud Security Alliance Congress(Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...
Wall Street Journal Pro CyberSecurity Executive Forum(New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...
National Cyber League Fall Season(Chevy Chase, Maryland, USA, December 15, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.