With so many open source tools available to help with network security, it can be hard to know where to begin, especially if you are an IT generalist who has been tasked with security. Check out this helpful guide to learn more.
January 3, 2019.
By the CyberWire staff
The Dark Overlord has, as the group promised or threatened, released documents it claims it hacked from real estate and insurance companies. The group says the firms engaged in a far-fetched conspiracy to stage the 9/11 attacks. They've offered to sell the documents (for Bitcoin, of course), but so far the teasers they've posted to Pastebin seem for the most part to be old stuff recycled from earlier breaches (Naked Security). Need we add that the files don't remotely add up to evidence of much of anything, still less a 9/11 conspiracy? The Dark Overlord's posts have been fairly quickly removed from Pastebin, and Twitter has also blocked at least one account that was hawking the Overlord's wares.
It's become increasingly clear that the malware involved in the weekend's attack against US newspaper printing plants was a Ryuk variant (SecurityWeek). Ryuk has appeared in a number of extortion campaigns before, and it's said to be well-adapted for tailoring against specific targets and their high-value business processes. Check Point calls Ryuk "artisanal" as opposed to "commodity" malware. In this attack Check Point says it's seen little evidence of automatic propagation capability, which suggests some significant preliminary preparation by the attackers (Government Technology). Attribution remains unclear. Those willing to speculate cite mostly circumstantial code similarities to past attacks.
Australian media are claiming the first big breach of 2019 for Oz: a major, phishing-induced breach has exposed information on tens of thousands of government workers in the state of Victoria (Computer Business Review).
Visualize Your Network Like the Most Infamous Hackers
Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.
Cyber Security Summits: 2019(United States, January 1 - December 31, 2019) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Darktrace and more at the 2019 Cyber Security Summits. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Ryuk Malware: Tailor-Made for Maximum Disruption(Government Technology) The ransomware launched against newspapers nationwide is not your typical malware. Experts say Ryuk is “artisanal” and meant to be used against certain companies for maximum disruption.
PayPal phishing scam posted as a promoted tweet on Twitter(Cyware Hacker News) Twitter allowed a scammer to post a PayPal phishing scam as a promoted tweet on its social networking site. The phishing page asked visitors to login to their accounts and verify their details to win new year gifts.
Don’t Get Caught in a SMiShing Scam(The State of Security) The word SMiShing may sound like gibberish -- we think it’s a weird one -- but some of the world’s largest enterprises are losing millions of dollars to these scams every year.
Security Patches, Mitigations, and Software Updates
Stocks Tumble After Apple Sales Warning(Wall Street Journal) The Dow Jones Industrial Average fell more than 2% Thursday, with technology shares coming under pressure after Apple announced a rare cut to its sales forecast for the crucial holiday quarter.
Apple warning pummels markets worried about growth outlook(Yahoo) Stock markets retreated Thursday as China's slowing economy forced Apple to slash its revenue forecast, wiping more than $70 billion from its value and dragging down share prices in the wider technology sector. Apple late on Wednesday cut its revenue outlook for the latest quarter, citing steeper-than-expected
Top secret Israeli cyberattack firm, revealed(Haaretz) Candiru, named after an Amazon fish known to parasitize the human urethra, recruits heavily from 8200 intelligence unit and sells offensive tools for hacking computer systems.
Government Shutdown Impacts Enterprise Security (Decipher) The government shutdown isn’t impacting just security professionals working for the federal government. Corporate security teams have to pay attention to what public services are available and what aren’t during this time period.
Vietnam's Draconian Cybersecurity Bill Comes Into Effect(SecurityWeek) A law requiring internet companies in Vietnam to remove content communist authorities deem to be against the state came into effect Tuesday, in a move critics called "a totalitarian model of information control".
Equifax Is Back in Washington’s Crosshairs(Wall Street Journal) House Democrats have put legislation responding to the massive Equifax hack at the top of their agenda, indicating possible changes ahead for how the credit-reporting industry handles consumer information.
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.