Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
May 16, 2019.
By the CyberWire staff
US President Trump yesterday issued an Executive Order declaring a national emergency with respect to the threat foreign adversaries pose to US technology infrastructure, and banning the use of products and services produced by companies effectively under the control of such adversaries. The Secretary of Commerce will take the lead in determining where such threats to national security lie. The language is properly general, but the adversary of concern is obviously China, and the company most likely to be affected is Huawei. Huawei knows this, and has responded with a mixture of honey and vinegar: it's innocent, the Guardian reports the company saying, and it will sign agreements to convince skeptical governments that its products represent no threat.
Huawei's case isn't helped by reports from Reuters and Volkskrant that the Netherlands' General Intelligence and Security Service is investigating what it believes may be an espionage backdoor the company insinuated into Dutch commercial telecommunications networks.
The Telegraph reports that NSO Group's ownership says it will investigate how Pegasus became the payload in a WhatsApp exploit, and promises transparency and more due diligence with respect to its customers.
Concerns about US exports' potential contribution to spyware proliferation motivate legislation moving through the US House of Representatives. The proposed law would, according to Reuters, require the State Department to report on how it was overseeing and approving exports of cybersecurity goods and services. Lawmakers cite Project Raven, formerly provided to the UAE, as an example of an approved export that might raise concerns.
Today's issue includes events affecting Australia, Canada, China, European Union, France, Iran, Israel, Democratic Peoples Republic of Korea, Netherlands, New Zealand, Russia, United Kingdom, United States.
Bring your own context.
You know your own network (more or less). Or perhaps it would be more accurate to say you have a picture in your mind of what your own network looks like. The attacker doesn't share that picture.
"But for attackers, they incrementally - typically, incrementally - build up a picture over time of the network that you have and the systems that you have. So they start out with much less information. That results in, potentially, attack pathways and ways they attack the network, which seem illogical to the defender but very logical to the attacker because they have incomplete and impartial information."
—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 5.14,19,
Napoleon used to warn his marshals against forming a picture. The enemy will have one too, and the enemy may surprise you.
Automation techniques by Coalfire and AWS enable FedRAMP ATO in half the time
Automation is dramatically changing the times and costs to compliance—in many cases by half compared to traditional methods. Furthermore, these techniques can slash the demands on in-house staff and eliminate much of the redundant work across frameworks. Download the white paper explaining the benefits of new automation techniques pioneered by Coalfire and AWS.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with Emily Wilson from our partners at Terbium Labs. She discusses the surprisingly open nature of online sales of illicit goods and services. Our guest is Kris Beevers from NS1 on DNS security and management technology.
And Hacking Humans is up. In this episode, "Live at KB4CON 2019" (so-called because we recorded it live last week at KnowBe4's conference in Florida), Dave describes a late-night phone call scam, Joe explains a Social Security scheme, Stu shares deadly catch of the day, and Kevin shares stories from his own hacking experience, and takes questions from the audience.
Uniting Women in Cyber(Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.
DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness(Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.
DreamPort Event: RPE- 006: The Defense at Pemberton Mill(Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Intel MDS Vulnerabilities: What You Need to Know(SecurityWeek) New Intel CPU vulnerabilities known as MDS, ZombieLoad, Fallout and RIDL impact millions of devices. Affected vendors published advisories and blog posts with information for users.
Porn Email Scam Nets Scammers Almost $1M In Bitcoin(PYMNTS) There’s an email scam going around that involves scammers claiming to have webcam footage of people watching porn, with threats to release the info if not paid a hefty ransom in bitcoin, according to a report by Fortune. Oren Falkowitz, who heads an anti-phishing company called Area 1, was contacted by a colleague about a […]
Marriott CEO: Cyber Attack Will Cost 'Millions of Dollars'(Bloomberg) Marriott International Inc. President and Chief Executive Officer Arne Sorenson tells David Rubenstein that last year's hack of its Starwood reservation system that exposed the data of up to 500 million guests will end up costing "a number of quarters of millions of dollars," plus still-unknown penalties. His comments come in the latest episode of "The David Rubenstein Show: Peer-to-Peer Conversations."
Security Patches, Mitigations, and Software Updates
Cybersecurity Market Review (Q1 2019)(Momentum Cyber) We are pleased to provide you with Momentum’s Cybersecurity Snapshot for April 2019. Strategic activity in April included 42 transactions completed totaling $1.7B in deal value across M&A (10 transactions, $1.03B) and financing (32 transactions, $627M).
Kaseya acquisition trail continues with ID Agent -- is DR next?(SearchDataBackup) ID Agent becomes the latest Kaseya acquisition following a $500 million funding round. The ID Agent brand and staff will stay, and work has already begun integrating ID Agent with products from other Kaseya acquisitions, like Spanning and Unitrends.
Advanced Onion Enhances Executive Team in Pursuit of Corporate Growth(Odessa American) Advanced Onion, Inc. (AO) has added another layer of strategy to its best-in-class technology delivery and uniquely personalized business development. Romain Nowakowski joined the AO team in April 2019 as Vice President of Strategic Growth and Business Development.
Eastern Communications of the Philippines partners with DOSarrest to deliver cloud based Internet Security solutions(West) Leading Philippine based telecommunications carrier selects Internet Security firm DOSarrest to deliver cyber security solutions to their commercial client base. The partnership allows Eastern to provide a number of cloud based security solutions including DDoS Protection, Web Application Firewall, global load balancing and Content Delivery Network(CDN). The partnership also gives Eastern Communications access to DOSarrest’s traffic Analyzer (DTA) and Data Center Defender, a solution that allows its customer to protect thousands of IP addresses at the same time with one automated cloud based service.
Three ways to prevent exchange hacks—how 3FA can foil cryptocurrency exchange robberies(CryptoSlate) The recent hack of the world’s biggest cryptocurrency exchange, Binance, highlights the need for heightened security in the crypto space. In what Wired reported as “a ‘large-scale security breach,’ hackers stole not only 7,000 bitcoin—equivalent to over $40 million ($56 million at the time of this writing, just one week later)—but also some user two-factor …
Forget endpoints—it’s time to secure people instead(Security Brief) Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
Trump Telecom Ban Takes Aim at China, Huawei(Wall Street Journal) President Trump signed an executive order that allows the U.S. to ban telecommunications network gear and services from foreign adversaries, taking aim at Chinese telecom companies Huawei and ZTE and dialing up security and trade tensions.
Identity crisis: FBI plays catch-up as cyberthreats escalate(Yahoo News) In the United States, digital criminals using everything from weaponized botnets to ransomware are attacking private industry and the government on a daily basis, increasing the demand for experts with skills in cybersecurity, intelligence and law enforcement.
Europol, DOJ announce the takedown of the GozNym banking malware(TechCrunch) Europol and the U.S. Justice Department, with help from six other countries, have disrupted and dismantled the GozNym malware, which they say stole more than $100 million from bank accounts since it first emerged. In a press conference in The Hague, prosecutors said 10 defendants in five countries …
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Gartner Security & Risk Management Summit 2019(National Harbor, Maryland, USA, June 17 - 20, 2019) Make sure you have the latest insights on fast-moving IT trends such as IoT and AI, evolving security technologies and the ever-changing threat landscape. At Gartner Security & Risk Management Summit 2019,...
IT & Cyber Day at Aberdeen Proving Ground(Aberdeen, Maryland, USA, August 1, 2019) Aberdeen Proving Grounds (APG) provides technology life cycle management for the US Army and the various commands involved in the fielding and closeout of their technologies. The Cyber and IT Day expo...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
TechNet Cyber(Baltimore, Maryland, USA, May 14 - 16, 2019) TechNet Cyber 2019, formerly the Defensive Cyber Operations Symposium, will be the staging area for military, industry and academia to discuss and plan how to achieve persistent engagement, persistent...
CYBERSEC Brussels Leaders' Foresight 2019(Brussels, Belgium, May 15 - 16, 2019) The aim of the CYBERSEC Brussels Leaders' Foresight 2019 is to give proactive guidance on how to lead, encourage evidence-based desision-making, and develop cybersecurity policy statecraft in the EU and...
Cyber Investing Summit(New York, New York, USA, May 16, 2019) The Cyber Investing Summit is an all-day conference focused on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products and services over the...
SecureWorld Cincinnati(Cincinnati, Ohio, USA, May 16, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.