FUD raineth on the just and the unjust, as evidence of ISIS's tweeted morbid suspicions that it's been infiltrated by "crusaders" attests.
The Sony hack remains an object of intense interest. The loss and damage are considerable and still being assessed: some 40 gigabytes of sensitive information, Wired reports, has leaked to the Internet. Ars Technica publishes a brief overview of the attack's destructive "wiper" functionality. Attribution has, as is usual in such cases, moved into a slightly controversial phase. Sony denies re/code's report that the company was about to "officially" blame North Korea for the attack: Sony insists the incident remains under investigation. Other security experts cast doubt on the North Korean attribution, but consensus opinion still looks at Pyongyang.
The high-profile attack on Sony has also stoked investor interest in cyber security firms.
Asprox's criminal masters are aggressively recruiting machines into their botnet. They're using phishing emails asking the recipient to "confirm their order;" such appeals are particularly effective during holiday gift-giving.
Concerns about Android vulnerabilities resurface. Some of them involving pre-installed malware revive concerns about Chinese threats to the global IT supply chain.
Wired interviews "Darkside," billed as the world's biggest surviving online drug lord.
The US Department of Homeland Security expands cyber security student internship opportunities.
Foreign policy mavens assess China's cyber policy, and see preservation of the Communist Party as its principal objective.
The prospective US Defense Secretary, Ashton Carter, is expected to devote close attention to cyber security. He'll get help from Senator McCain.
Today's issue includes events affecting Australia, China, European Union, India, Iran, New Zealand, Russia, United Kingdom, United States.
Dateline SINET Showcase
SINET Showcase and Workshops 2014(SINET) Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase's objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation's critical infrastructure and command-and-control systems.
SINET Workshops deliver critical knowledge, targeted perspective and opportunities for direct information sharing between entrepreneurs and security experts. Held in conjunction with IT Security Entrepreneurs Forum and Showcase, each workshop offers expert insight from industry and government officials, venture capitalists, leading researchers and successful entrepreneurs who share thought leadership, experience and "know how." There is no comparable opportunity to learn how to navigate the Federal Government sector, and to obtain the necessary financing, professional services and guidance needed to win
Security Innovation Network (SINET) Announces Its 2014 Top 16 Emerging Cybersecurity Companies(Yahoo! Finance) The Security Innovation Network™ (SINET), an organization focused on advancing Cybersecurity innovation through public-private collaboration, announced today the winners of its annual SINET 16 competition. The companies, which were selected from a pool of 180 applicants from around the world, represent a range of Cybersecurity solution providers who are identifying cutting-edge technologies to address Cybersecurity threats and vulnerabilities. The selected companies will share their work with buyers, builders, investors and researchers during the SINET Showcase on Dec. 3 — 4, 2014 at the National Press Club in Washington, DC
Iran attacking critical infrastructures-Cylance report(Control) December 2nd, the Cylance report on OpCleaver was made public. The report provides details about Iran's program to attack critical infrastructures. I have been concerned about Iran's capabilities and intents for several years and have blogged about it in the past. These include articles I have reviewed by an "Iranian engineer" on Stuxnet and Siemens safety systems, articles by Iranian professors on ICS cyber security methodology, and Iran translating Project Shine into Farsi
ZeroFOX Announces Integration with OpenDNS(ZeroFOX) ZeroFOX is proud to announce its partnership with OpenDNS, integrating social media attack intelligence with OpenDNS's web filters. The integration allows mutual customers to leverage proactive threat intelligence with real-time enforcement. Together, OpenDNS and ZeroFOX give security teams the power to block social malware and phishing everywhere your employees work
Paranoia could be the best weapon against the Islamic State(Washington Post) The worm of paranoia begins to eat into even the hardest adversary. An example is a Twitter post last week displaying an Islamic State leaflet offering a $5,000 reward for information about "crusaders' agents" in the ranks
Sony hacked: Cyber attack affected Microsoft systems only(Indian Express) Eight days after a massive cyber attack on Sony Pictures Entertainment, the Hollywood studio was still struggling to restore some systems on Tuesday evening as investigators combed for evidence to identify the culprit
Sony Got Hacked Hard: What We Know and Don't Know So Far(Wired) Who knew that Sony's top brass, a line-up of mostly white male executives, earn $1 million and more a year? Or that the company spent half a million this year in severance costs to terminate employees? Now we all do, since about 40 gigabytes of sensitive company data from computers belonging to Sony Pictures Entertainment were stolen and posted online
Android Hacking and Security, Part 15: Hacking Android Apps Using Backup Techniques(Infosec Institute) In the previous article, we had an introduction on how to analyze Android application specific data using Android backup techniques. This article builds on the previous article. We are going to see how local data storage or basic checks that are performed on a local device can be exploited on a non rooted device using data backup techniques. This shows the significant risk associated with apps that are not so concerned about security
Escaping the Internet Explorer Sandbox: Analyzing CVE-2014-6349(TrendLabs Security Intelligence Blog) Applications that have been frequently targeted by exploits frequently add sandboxes to their features in order to harden their defenses against these attacks. To carry out a successful exploit, an attacker will have to breach these sandboxes to run malicious code. As a result, researchers will pay particular attention to exploits that are able to escape sandboxes
Planes, Trains & Automobiles — Are You Safe From PoS Malware Anywhere?(TrendLabs Security Intelligence Blog) The celebration of Thanksgiving and Black Friday last week marks the start of the holiday shopping season for majority of the world. For most, this means vacations, family, friends, traveling, and of course, shopping. This is also the time for watching feel-good holiday movie reruns on television
Security Patches, Mitigations, and Software Updates
New TLS/SSL Version Ready In 2015(Dark Reading) One of the first steps in making encryption the norm across the Net is an update to the protocol itself and a set of best-practices for using encryption in applications
New Research Shows Most Vulnerabilities Exploited in About a Week(Recorded Future) Recorded Future research published in "Week to Weak: The Weaponization of Cyber Vulnerabilities" identified the short window of time system administrators have before announced software vulnerabilities become a real threat to their operations. As noted in this research, it takes a little more than a week for an exploit leveraging a new CVE to be detected on the open web
Addressing Corporate Espionage in the 21st Century(Security Magazine) The 21st Century is often referred to as the information age; the developing global marketplace has contributed to the entrance of new cultures and economies into the competitive global economy. Due to globally available infrastructure and the development of global telecommunication/computing capabilities, it has enabled individuals, companies and countries to compete globally on a level playing field with traditional Western powers even from some of the most remote parts of the world. Unfortunately this has also created conditions in which the threat of corporate espionage has been rapidly proliferating due to the ease threat actors can ply their trade both through physical and virtual actions against U.S. corporations
Cyber Security's Big Data Problem(eSecurity Planet) Big Data has rendered older security models largely obsolete. The all-in-one product approach that once served the industry well is now inadequate
Cyber Threats to Increase in Scope and Complexity in the New Year as Black Hat Hackers Become More Sophisticated, According to Fortinet 2015 Threat Predictions(Broadway World) As the 2015 New Year looms, Fortinet® (NASDAQ: FTNT), a global leader in high-performance network security, and its threat research division FortiGuard Labs, have taken a look ahead to determine the most significant cyber security threats of the upcoming New Year both from the perspective of a Black Hat hacker, as well as a Threat Intelligence solutions vendor. As the number of devices connected to the network increases, cyber criminals will continue to hone their prowess when it comes to IoT attacks and advanced evasion techniques, while also continuing to exploit large-scale server side vulnerabilities for financial gains and other nefarious purposes. Businesses and government organizations globally are at risk, as are consumers' important personal information
Making the business case for cybersecurity(Federal Times) Cybersecurity has been one of the fastest growing sectors in the federal government over recent years. It's a 24/7/365 job as threats are constant in an online world. In fact, the Government Accountability Office reported in June that "the number of cyber incidents reported by federal agencies increased in fiscal year 2013 significantly over the prior three years"
ThreatStream Grabs $22M To Help Fight Cybersecurity Threats(TechCrunch) ThreatStream, a cybersecurity firm based in Redwood City, CA, announced $22M in Series B funding today to continue their efforts to help organizations fight cybersecurity threats. Today's funding brings the company's total raised to-date to $26.3M
Trainee cyber-criminals wanted to help solve skills shortage(Phys.org) The world is already short of computer security experts, but by 2017 that shortfall is going to have reached about two million. Criminal hackers cause damage running to billions of pounds every year — just look at the attack on Sony Pictures, leaking unreleased films onto the web and threatening the company's entire system. If we don't do something about this skills gap soon, the costs we bear are going to keep spiralling upwards and we will be increasingly vulnerable to cyber attacks
Nuix Receives Sizable Order to Support Federal Law Enforcement(BusinessWire) Nuix, a technology company that enables people to make fact-based decisions from unstructured data, has signed an agreement to supply one of its federal law enforcement agency customers with Nuix Investigator Lab software. This premier digital forensic investigation and analytics technology will support law enforcement offices around the country
WidePoint Arm Approved to Issue DoD ID Verification Credentials(ExecutiveBiz) A WidePoint Corp. subsidiary has become the first vendor to receive an approval from the Defense Department to issue personal identity verification credentials for more than 40 million users with access to the agency's information systems
SentinelOne Broadens Endpoint Security Capabilities to Provide Continuous Cycle of Protection against Advanced Malware(BusinessWire) SentinelOne, the company that's redefining endpoint security, today announced the latest release of SentinelOne EDR (Endpoint Detection and Response), which expands its core execution inspection technology with cloud intelligence, application whitelisting, and real-time forensics. This broader security coverage enables SentinelOne EDR to provide a continuous cycle of protection against both known and zero-day attacks on Windows, Mac, and Android computing devices, including servers and embedded systems. These new capabilities build upon SentinelOne's existing predictive execution inspection engine which dynamically tracks each newly-created process on a machine to block malware, exploits, and zero-day attacks
Fear of Mobile Device Evidence Collection?(Officer) In agencies that have shifted some digital evidence collection responsibilities from lab-based personnel to those in the field — investigators, patrol officers, or crime scene techs — the response has been mixed
Automating Incident data collection with Python(Internet Storm Center) One of my favorite Python modules is Impacket by the guys at Core Labs. Among other things it allows me to create Python scripts that can speak to Windows computers over SMB. I can use it to map network drives, kill processes on a remote machine and much more. During an incident having the ability to reach out to all the machines in your environment to list or kill processes is very useful. Python and Impacket make this very easy. Check it out
Improving your readiness for OCR audits(Help Net Security) In the wake of healthcare data breaches, OCR audits for HIPAA compliance have become more common — and the consequences have been more highly publicized. But many healthcare providers still don't know how to prepare effectively for an audit
This Guy's Hacked Hearing Aids Let Him Listen to Wi-Fi Networks(Wired) Earlier this year, after a decade of slowly losing his hearing, Frank Swain found himself donning a pair of Starkey Halo hearing aids. The bluetooth-connected buds, which wirelessly stream audio from an iPhone, are some of the most technologically advanced on the market. It got Swain, a writer for New Scientist, thinking: Hearing aids have always been considered a band-aid to hearing loss, but what if they could be used for more than just bolstering the performance of failing ears? What if he could use them to hear things other humans were totally deaf to?
EU Security Strategy to focus on emerging threats(SC Magazine) The new EU Internal Security Strategy for 2015-2019 should be "easily adaptable to evolving situations" by focusing not only on existing but also on emerging security threats, says a resolution approved by the EU Civil Liberties Committee on Wednesday. Cyber-security is listed as one of the key concerns, along with interlinked topics including organised crime, money laundering, trafficking in human beings, foreign fighters, and corruption
China: A cyberwarring state(Washington Times) China's strategy of large-scale cyberattacks is motivated mainly by the goal of keeping the Chinese Communist Party (CCP) in power, in addition to gaining economic secrets and planning cyberattacks in a conflict, according to a new report by the Center for a New American Security
For China, Cybersecurity Is Part of Strategy for Protecting the Communist Party(New York Times) For nearly two years, cyberespionage has been a tense focal point of relations between the United States and China. On Wednesday, the Center for a New American Security, a research group in Washington, released a paper written with the aim of understanding the motivations behind China's cybersecurity strategy. Its conclusion: that the strategy, like China's foreign policy, is driven mainly by the domestic political imperative of needing to "protect the longevity of the Chinese Communist Party"
Experts call for all-inclusive security policy(Tribune) The imperative to address multi-dimensional security challenges India faces in the wake of ever-altering landscape and the need to evolve a national policy to meet the emerging threats was today underlined by eminent speakers at the first Roundtable organised by the Tribune National Security Forum in association with the Indian Council of World Affairs
Obama's pick to lead the Pentagon is big on cybersecurity(Washington Post) President Obama's pick to lead the Pentagon, former deputy secretary of defense Ashton "Ash" Carter, has been a big supporter of increasing the country's cybersecurity capabilities. His nomination signals that the administration is likely to continue to aggressively build out its ability to fight adversaries in the digital world
Push for Formation of a Combined NY and NJ Cyber Protection Team(Hudson Valley Press) U.S. Senators Kirsten Gillibrand (D-NY), Charles Schumer (D-NY), Robert Menendez (D-NJ), and Cory Booker (D-NJ) announced their support for the New York and New Jersey Army National Guards' formation of a combined Cyber Protection Team
Litigation, Investigation, and Law Enforcement
Dozens of Chinese Held in Kenya 'Cyber Bust'(SecurityWeek) Police in Kenya are holding 77 Chinese nationals accused of running a cyber crime network and mysterious ""command center" from upmarket houses in Nairobi, officials and reports said Thursday
IG: DOD has dropped the ball on IPv6 transition(Defense Systems) The Defense Department has fallen behind in its adoption of IPv6 and needs to make it a priority for reasons of cybersecurity and for supporting its plans for future operations, according to a report from the DOD Inspector General
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
B-Sides Vancouver(Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between
Healthcare Cyber Security Summit 2014(San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
SINET Showcase(, January 1, 1970) "Highlighting and Advancing Innovation." Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and...
Tax Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...
ACSAC 30: Annual Computer Security Applications Conference(New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...
Cybersecurity 2015: Beyond the Breach(Washington, DC, USA, December 9, 2014) With each new cybersecurity attack businesses lose millions, governments lose information and citizens lose trust. At the end of a year where these attacks regularly dominated headlines, what's ahead for...
ICFPT 2014(Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.