Coyness about attributing ongoing cyber campaigns to the Russian government largely disappears as researchers release more evidence of cyber espionage directed at NATO, the Near Abroad, the United Kingdom, and the United States. The threat actors, called "APT28," are described as displaying unusual patience, stealth, and sophistication. The US White House, for example, has disclosed that an unclassified Executive Office of the President network sustained an intrusion ("activity of concern," the White House calls it) from Russian actors. Reports say "an ally" alerted the US Government to the intrusion within the last two weeks.
China's "Operation SMN" cyber espionage campaign remains under scrutiny. A coalition of security companies (Novetta, Cisco Systems, Microsoft, FireEye, F-Secure, iSight Partners, Symantec, Tenable Network Security, ThreatConnect, ThreatTrack Security and Volexity) collaborated to respond to the attacks. Some indication of success appears in reports of the coalition's having cleaned some 43,000 infections.
Exploitation of Shellshock in mail transport agents appears to pose a greater threat to small than to large enterprises.
Four distinct watering hole attacks are found to be dropping variants of the ScanBox keylogger.
US-CERT issues new warnings that the Dyre banking malware is spreading rapidly.
BlackEnergy crimeware has been found in US industrial control systems.
Observers look at international competition and unsurprisingly conclude, pace Henry Stimson, that reading other gentlemen's mail is a permanent feature of the world system. Leaders of the US Intelligence Community, notably DCI Clapper and NSA Director Rogers, talk about how they see their organizations serving in that world.
Today's issue includes events affecting Australia, China, Georgia, NATO, Russia, Senegal, United Arab Emirates, United Kingdom, United States.
ClearedJobs.Net Announces Cybersecurity Initiatives(PRNewswire) ClearedJobs.Net specializes in bringing together security cleared job seekers with cleared facilities employers. In recognition of demand from both the cleared community and private industry, the company is expanding its menu of offerings to include cybersecurity events for both cleared and non-cleared cybersecurity professionals
Hackers breach some White House computers(Washington Post) Hackers thought to be working for the Russian government breached the unclassified White House computer networks in recent weeks, sources said, resulting in temporary disruptions to some services while cybersecurity teams worked to contain the intrusion
Security vendor coalition cleans 43,000 malware infections used for cyberespionage(CSO) A coalition of security vendors has disrupted the activities of a sophisticated group of attackers tied to China that, over the past six years, infiltrated the computers of many Fortune 500 companies, journalists, environmental groups, software companies, academic institutions, pro-democracy groups and government agencies around the world
US-CERT Warns of Dyre Banking Trojan(Threatpost) The Department of Homeland Security formally sounded the alarm Monday on Dyre, the banking Trojan that's been spotted siphoning banking credentials from both large enterprises and major financial institutions as of late
Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data(Wired) In his career-ending extramarital affair that came to light in 2012, General David Petraeus used a stealthy technique to communicate with his lover Paula Broadwell: the pair left messages for each other in the drafts folder of a shared Gmail account. Now hackers have learned the same trick. Only instead of a mistress, they're sharing their love letters with data-stealing malware buried deep on a victim's computer
BlackEnergy crimeware coursing through US control systems(The Register) Industrial control systems in the United States have been compromised by the BlackEnergy malware toolkit for at least three years in a campaign the US Computer Emergency Response Team has dubbed "ongoing" and sophisticated
Belgacom shares more details about alleged GCHQ breach(Help Net Security) Late last year, documents from Edward Snowden's NSA trove have revealed that Britain's GCHQ has allegedly mounted a successful attack against primarily state-owned Belgacom, the largest telecom in Belgium, and its subsidiary Belgacom International Carrier Services (BICS), a Global Roaming Exchange (GRX) provider
California reports huge jump in data breaches(CSO) The number of personal records compromised by data breaches in California surged to 18.5 million in 2013, up more than six times from the year before, according to a report published on Tuesday by the state's Attorney General
Cyberespionage: 'This Isn't a Problem That Can Be Solved'(Threatpost) Gentlemen may not read each other's mail, as Henry Stimson famously said so long ago, but in today's world they certainly steal it and there's precious little in the way of gentlemanly conduct happening in the realm of cyberespionage. It's every man — or country — for himself in this environment, and that free-for-all is creating unforeseen consequences for governments and their citizens around the world
The Future of Fraud(Wired) When I started 41st Parameter more than a decade ago, I had a sense of what fraud was all about. I'd spent several years dealing with fraud while at VeriSign and American Express. As I considered the problem, I realized that fraud was something that could never be fully prevented. It's a dispiriting thing to accept that committed criminals will always find some way to get through even the toughest defenses. Dispiriting, but not defeating
Banks Demand Better Cybersecurity from their Lawyers(PYMNTS) Given the breadth and depth of the data breach of 2014, it should come as no surprise that the nation's big banks are feelings cautious bordering on paranoid about their security. And they would like it if their lawyers would feel the same way
Engility to acquire TASC for $1.1 billion(Washington Post) Engility, a Chantilly services contractor, is set to acquire rival TASC in an all-stock deal worth $1.1 billion, the two companies announced Tuesday
How I Became a CISO: Janet Levesque, RSA(Dark Reading) RSA's newest chief information security officer says she landed the job because of her ability to build relationships, not a background in crypto or a pile of certs
Amit Yoran Promoted to President at EMC's RSA Arm(GovConWire) Amit Yoran, formerly a senior vice president at EMC's (NYSE: EMC) RSA division, has been promoted to the role of president and succeeded Art Coviello, who will continue to serve as executive chairman of RSA
Products, Services, and Solutions
Bugcrowd Looks to Expand Researcher Community(PRNewswire) Bugcrowd, the innovator in crowdsourced security, today announced its dedication to growing its network of independent security researchers in Latin America. This community of researchers, also known as the Crowd, is comprised of more than 12,500 "good guy" hackers from around the world who have opted to partake in the 125 Bugcrowd bug bounty programs conducted to date
Protegrity Launches Data Security Platform for HortonWorks(Database Trends and Applications) Protegrity, a provider of data security solutions, has announced an expanded partnership with Hadoop platform provider Hortonworks. The companies have focused their efforts on strengthening and expanding the availability of data-centric protection and monitoring in the Hortonworks Data Platform (HDP)
Tufin and McAfee link arms(Channelnomics) Vendors deepen business relationship to help enterprises automate network security policies
Seccuris Partners with GreenEcho to Offer Cloud Security Consulting and Managed Services(Insurancenewsnet) Cybersecurity provider, Seccuris, announced it has formed a partnership with GreenEcho, a leading professional services firm focused on "securing the cloud" through advice, strategy, and customer engagement. GreenEcho will offer Seccuris consulting and managed security services, including the OneStone™ Information Assurance Portal, to its clients within the United States
3 ways to make your Outlook.com account safer(Naked Security) Following on from our detailed guide to securing your webmail, here's a quick breakdown of how to make the most important fixes for users of Microsoft's Outlook.com (formerly known as Hotmail and, for a while, Windows Live Hotmail)
Cyber security model clauses(Lexology) Since 2010 Federal government agencies have been required to implement general security procedures imposed on them under the Protective Security Policy Framework (PSPF) and specific technical measures under the Information Security Manual (ISM) to protect sensitive government information from cyber-attack. In May 2013 the ABC's Four Corners television program reported that classified blueprints of the Australian Security Intelligence Organisation (ASIO) headquarters in Canberra had been stolen in an offshore cyber-attack on Australian government data
UTSA to develop online cybersecurity training for communities(UTSA Today) Municipal governments across the nation use computer systems in almost every facet of their day-to-day operations. Communications to emergency responders are dependent on intact communication channels. Essential service providers such as police, fire, medical and education personnel depend on computers and networks to do their jobs. Utilities are also dependent on cyber platforms
Senegal moves to protect citizens’ personal data(BizTech Africa) In the face of rising identity fraud and other forms of cybercrime, which continue to destroy lives and affect the continent's economy, the West African nation of Senegal has launched a major public consultation exercise to seek practical and operational solutions to protect its citizens' personal information, and promote the development of the digital economy
Our youth need guidance to stave off evil forces(The National) Since I came back to the UAE this year, one of the most recurring questions I have been asked by friends and family is about stability in the region. It's tough to avoid the topic of ISIL
Counterterrorism Messaging Needs To Move From State to CIA(Defense One ) The State Department is trying hard to counter online propaganda from the Islamic State of Iraq and the Levant. The information battleground includes Twitter and video messages, terrain that ISIL knows well. In addition to having too little money and too few people, the department is forced to conform to federal rules requiring that its work be identified as coming from the U.S. government
NSA Chief: 'I Don't Want Privacy Information'(Defense News) The chief of the National Security Agency offered assurances Tuesday that the agency does not want access to companies' private data as he spoke in support of pending cybersecurity legislation
US eyes cyber 'deterrence' to stop hackers(AFP via Yahoo! News) The US military is looking to flex its muscles in cyberspace as a "deterrence" to hackers eying American targets, the nation's top cyber-warrior said Tuesday
Remarks as delivered by The Honorable James R. Clapper Director of National Intelligence(Office of the Director of National Intelligence) Thank you, Tony [Tyler, IATA Director General and CEO] for that kind introduction. I?ve been told I?m the first person to represent the Intelligence Community speaking at AVSEC World, and that?s probably a precedent we should have set a long time ago. Since this is my first time speaking publicly with IATA at all, I really appreciate you extending this invitation
Could Bitcoin Become a Policy Issue for US Congress?(CoinDesk) Notwithstanding funding to combat notorious international terrorist group ISIL, recent US Congresses have been some of the least productive in the country's history, and the 113th Congress has been no different
SD leads charge for cybersecurity collaboration(San Diego Daily Transcript) Imagine flipping open the latest edition of a magazine and instead of seeing a list of the most walkable or dog-friendly cities, finding the most cyber-friendly cities, and then placing importance in the results
Litigation, Investigation, and Law Enforcement
Sharyl Attkisson's computer intrusions: 'Worse than anything Nixon ever did'(Washington Post) The intrusions into former CBS News correspondent Sharyl Attkisson's computers constitute the narrative spine of the reporter's new book "Stonewalled: My Fight for Truth Against the Forces of Obstruction, Intimidation, and Harassment in Obama's Washington." The book starts with not really a word, but a sound: "Reeeeeeeeeee"
Security firm can't comment on Attkisson computer intrusions(Washington Post) Sharyl Attkisson's new book, "Stonewalled," treats readers to a lot of shadowy characters. As the former CBS News reporter narrates the story of the bizarre intrusions into her work and personal computer, she consults with a source that she identified only as "Number One"; she relies on input from a pseudonymous "Jeff"; another pseudonymous person conducts some serious tests on a computer of hers
Tracking the Postal Surveillance System(New York Times) The idea for a story on the Postal Service's century's old mail cover program, in which all the information on the outside of letters and packages are recorded for law enforcement purposes, actually started over a year ago. I was discussing the government's mass surveillance programs with colleagues in the Washington bureau and looking for those beyond the National Security Agency's well-known program, which was in the news at the time
Snapchat not covered by cyberbullying laws(ZDNet) 'Volunteer' companies will not be forced to remove content, and smaller social media companies will not be covered by the Australian government's cyberbullying laws
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
USDA Cyber Security Symposium and Expo 2014(Washington, DC, USA, October 28 - 29, 2014) The Summit will provide participants with information and resources on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build...
Cyber Security and IT Days at Peterson AFB(Colorado Springs, Colorado, USA, October 29, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 5th Annual Cyber Security & Information Technology Days. Government and Industry experts will be on...
Dallas SecureWorld(Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
Cyber Job Fair(Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...
CyberMaryland 2014(Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.
ekoparty Security Conference 10th edition(Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
Senior Executive Cyber Security Conference(Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...
FS-ISAC EU Summit 2014(London, England, UK, November 3 - 5, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
POC2014(Seoul, Republic of Korea, November 4 - 7, 2014) POC (Power of Community) started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates...
Open Source Digital Forensics Conference 2014(Herndon, Virginia, USA, November 5, 2014) This conference focuses on tools and techniques that are open source and (typically) free to use. It is a one day event with short talks packed with information. There are both tool developers and users...
Bay Area SecureWorld(Santa Clara, California, November 5, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...
Managing BYOD & Enterprise Mobility USA 2014(San Francisco, California, USA, November 5 - 6, 2014) The Managing BYOD & Mobility USA 2014 conference will provide a unique networking platform, bringing together top executives from USA and beyond. They come together not only to address mobility challenges...
RiseCON 2014(Rosario, Santa Fe, Argentina, November 6 - 7, 2014) Rosario Information Security Conference: es el primer y mayor evento de seguridad informática y hacking realizado en la ciudad de Rosario, con nivel y trascendencia internacional
Israel HLS 2014(Tel Aviv, Israel, November 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience.
i-Society 2014(London, England, UK, November 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society,...
Seattle SecureWorld(Seattle, Washington, USA, November 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
AVAR 2014(, January 1, 1970) The 17th Association of anti-Virus Asia Researchers International Conference: Security Down Under. Topics will include case studies of targeted attacks, real-life attack demonstrations, web-inject attacks/code...
ZeroNights 2014(Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest...
Cyber Security Awareness Week Conference(New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive...
Ground Zero Summit, India(New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in...
Deepsec 2014(Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research...
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Navy Now Forum: Admiral Rogers(Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...
International Cyber Warfare and Security Conference(Ankara, Turkey, November 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective...
EDSC 2014(Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important...
Cyber Security World Conference 2014(New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused...
Ethiopia Banking and ICT Summit(Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial...
BSidesVienna(Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned
DefCamp5(Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.