What if your security solution could provide zero doubt?
A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.
January 8, 2019.
By the CyberWire staff
German Federal criminal police have arrested a 20-year-old man in the #hackerangriff case. The suspect is a Hessian student; he says his motivation was "anger" and disaffection (ORF). An acquaintance in Heilbronn is being questioned as a witness (Frankfurter Allgemeine).
The US Government, with the NCSC in the lead, warns companies of all sizes about the threat of cyber espionage and recommends best practices for self-protection. Chinese espionage is the principal concern (Reuters).
The Czech Republic considers banning Huawei and ZTE devices on security grounds (Prague Monitor). Huawei meets with Japanese authorities to seek relaxation of that country's ban (RCR Wireless News). Some think Lenovo may be the next Chinese company to receive hostile international scrutiny (Bloomberg). A cyber cold war, complete with spheres of influence, is widely predicted (Defense One).
WikiLeaks circulated a "confidential" legal memo to several news outlets outlining one-hundred-forty "false and defamatory" things they should stop saying about WikiLeaks and Julian Assange. The communiqué was probably prompted by reporting in the Guardian (Reuters). The memo, foreseeably leaked as soon as received, may be read full and unredacted at Ars Technica and elsewhere. Among the misapprehensions WikiLeaks' lawyers are particularly concerned to correct are: that Mr. Assange is a paid Russian agent, that WikiLeaks has "members" like al Qaeda (as opposed to employees, like any media outlet), and that Mr. Assange not only hates the United States, but also bleaches his hair and neglects his cat.
Visualize Your Network Like the Most Infamous Hackers
Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
GandCrab Operators Use Vidar Infostealer as a Forerunner(BleepingComputer) Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files.
Thousands of Internet connected hot tubs vulnerable to remote attacks(HackRead) Weak security practices have rendered IoT devices vulnerable to hacking and all sorts of cyber-attacks. According to the research from a Buckinghamshire-based security group Pen Test Partners, hot tubs can also be hacked using an app simply because there isn’t any authentication process in place.
Lokibot via Fake DHL quotation using .ace attachments(My Online Security) With Christmas over we are starting to see an increase in malware campaigns. It is not up to the usual level yet because the Russian Gangs are still on their Xmas breaks, but the rest of the scumbags…
Emergency System Network Hacked to Send Spam(Threatpost) Just as ex-tropical Cyclone Penny moved toward the coast of Queensland, Australia, users of Early Warning Network reported receiving strange messages from the emergency system.
Coinbase freezes Ethereum Classic trading following attack(TechCrunch) Coinbase is preparing to list a lot of new coins this year, but its first major piece of action in 2019 is to temporarily pause one of its existing portfolio. The exchange said it has stopped all trading on Ethereum Classic — a cryptocurrency it added back in August — after it detected …
The Latest Threats to ATM Security(SecurityWeek) The current state of automated teller machine (ATM) security is far from optimal, but the unique security challenges around ATMs make improvements difficult.
Cyber-attack on Luas transport system may affect 3,226 users(CISO MAG) Personal information of 3,226 people who used Luas tram services may have been compromised in a potential cyber-attack. The Dublin-based tram service operator stated that unknown intruders defaced its website and demanded a ransom of one Bitcoin. In a social media post, Transdev, the company that operates the Luas, declared that its website got compromised …
Operational Technology (OT) network monitoring can’t detect “subtle” process sensor issues(Control Global) There is a common misperception that an OT network monitoring solution from any OT network monitoring vendor can find subtle process sensor issues (e.g., sensor drift when the sensor is still in normal operating range, clogged sensing lines when the sensor is still in operating range, etc.). This misperception is why there is a need for the engineering community to be involved.
Extreme Cybersecurity Predictions for 2019(Security Boulevard) Prediction blogs are fun but also kind of dangerous because we’re putting in writing educated guesses that may never come true and then we look, um, wrong. Also dangerous because if we’re going to get any airtime at all, we have to really push the boundary of incredulity. So here at Shape, we’ve decided to … Continue reading "Extreme Cybersecurity Predictions for 2019"
Naval Dome Introduces New Dashboard for Optimum Cyber Monitoring(Maritime Executive) Maritime security specialist Naval Dome has come up with an innovative approach to managing the cyber security status of all protected systems onboard ships, allowing shipboard and shoreside staff to monitor and evaluate fleet-wide system data, even when they are offline. Until now, only crew members have been able to access a ship’s offline data sets.
AppGuard releases server protection(Help Net Security) AppGuard Server addresses the significant gap in adequate server protection enterprises and organizations currently face.
Ledger unveils new Nano X hardware wallet(Help Net Security) The Ledger Nano X has a Bluetooth feature which allows users to connect the device to their smartphone, providing mobility without sacrificing security.
Microsoft Leads The AI Patent Race Going Into 2019(Forbes) There have been over 154,000 AI patents filed worldwide since 2010 with the majority being in health fields (29.5%), Industry-specific solutions (25.3%) and AI-based digital security (15.7%). Machine learning dominates the AI patent landscape today.
NCSC Starts Campaign to Help Industry Fight Foreign State Threats(BleepingComputer) The U.S. National Counterintelligence and Security Center (NCSC) started distributing informative materials ranging from brochures to videos to privately held companies around the country advertising increased awareness of rising cybersecurity threats from nation-state actors.
Datendiebstahl: 20-Jähriger nennt „Ärger“ als Motiv(ORF) „Verärgerung über öffentliche Äußerungen“ der betroffenen deutschen Politiker und Politikerinnen und anderer Personen des öffentlichen Lebens hat ein tatverdächtiger 20-Jährige als Motiv für seinen umfassenden Datendiebs...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
G’Day USA US-Australia Dialogue on Cyber Security(San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
QuBit Conference Belgrade 2019(Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.