Symantec discovers a new wave of reconnaissance malware targeting the energy sector (specifically, oil, gas, and helium). Affected firms are mainly in the Middle East, but North American and European targets are also hit. The tool used in the Trojan-based campaign is called "Laziok," and the attackers' objectives appear to be data relevant to oil and gas extraction technologies and techniques. (Attribution will probably focus on countries currently experiencing difficulties with extraction.)
Volatile Cedar, whose discovery Check Point disclosed earlier this week, is also largely active in the Middle East. Most of its targets appear to be Lebanese (not, as earlier reported, Israeli, although Israel seems to be running a close second), which suggests to observers that one of the campaign's purposes is "intrastate espionage." Security organizations have been working to sinkhole the attack.
The GitHub denial-of-service campaign looks more like a Chinese government operation. (While such may not be true of this episode, DDoS attacks are increasingly used as misdirection for theft, espionage, or malware distribution.)
A phishing campaign spoofing Virgin Media and PayPal is underway, and may have already yielded pay card information used in retail fraud. (Retailers generally face a tough dilemma. On the one hand they have a positive obligation to fight fraud. On the other, they don't want to treat customers as potential criminals.)
US President Obama declares cyber attacks a "national emergency," and signs an Executive Order imposing sanctions on those (mostly states) found responsible.
Volatile Cedar: Threat Intelligence and Research(Check Point) Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive
Florida Department of State Exposes Voter Information(Softpedia) A total of 15 compact discs storing information about voters in Florida have been sent out by the Division of Elections to entities ordering them, leaving intact contact information that could be detrimental to their owners, if made public
Security Patches, Mitigations, and Software Updates
Verizon Wireless Lets Customers Opt Out of Tracking 'Perma-Cookies'(MacRumors) Last year, Verizon and AT&T made headlines when researchers discovered they had been engaging in some unsavory customer tracking techniques, using unique identifier numbers or "perma-cookies" to track the websites that customers visited on their cellular devices to deliver targeted advertisements, a practice called "Relevant Advertising"
Law Firms: Cyber Criminals' Next Top Target?(Digital Guardian) Without breach notification requirements in place, it can be hard to gauge the popularity of law firms as targets for cyber criminals. But if recent findings are any indication, the legal industry may well be the next lowest hanging fruit for attackers
Top 6 Health Data Breaches for 2015 Involve Hacking(HealthITSecurity) We are just three months into 2015, and two large scale health data breaches have already taken place. The Anthem data breach affected approximately 78 million individuals, while Premera Blue Cross' incident could impact nearly 11 million members and applicants
Surprising Facts and Stats — Online Security(CloudTweaks) It's easy to get lulled into a false sense of security when browsing the web. As more and more devices join the internet of things, the risk of becoming a victim of a criminal cyber gang is increasing — we have more unsecured access points and offer would-be thieves more routes into our home networks
RIP, "APT"(Waters Technology) Perhaps the greatest issue facing cyber security professionals in finance is cutting the wheat from the chaff when it comes to selecting providers and messaging. What happens when cyber — a real menace by all practical accounts — meets the dreaded hype cycle? Tim says it's already not pretty
As Internal Threats Rise, Investors Back New Security Tech(TechCrunch) On February 3, 2011, a little over two years before Edward Snowden would board his plane to Hong Kong and change history, a 37-year-old man named Jason Cornish fired what may have been the first shot in one of the new fronts of the battle for enterprise security
After Snowden, The NSA Faces Recruitment Challenge(NPR) Not many students have the cutting-edge cybersecurity skills the NSA needs, recruiters say. And these days industry is paying top dollar for talent. Daniel Swann is exactly the type of person the National Security Agency would love to have working for it. The 22-year-old is a fourth-year concurrent bachelor's-master's student at Johns Hopkins University with a bright future in cybersecurity
Alibaba Invests in Israeli Cyber-Security(Jewish Voice) Chinese e-commerce company Alibaba Group has announced that it is investing in Jerusalem Venture Partners to work with Israeli cyber-security startups and protect itself from hackers. The news comes as Cybertech 2015, Israel's flagship international cyber-tech conference, kicks off in Tel Aviv
Honeywell opens US cyber security research lab(Hydrocarbon Processing) According to the US Department of Homeland Security's ICS-CERT, reported cyber incidents on industrial targets in 2014 continue to increase and are up more than 25% since 2011
Symantec Signs Multi-Megawatt Lease at Santa Clara Data Center(Data Center Knowledge) Vantage Data Centers has won a multi-megawatt deal with security-software powerhouse Symantec for its Santa Clara data center campus. This is the company's second lab customer in recent months but its first mixed-use infrastructure deal ever. Symantec will deploy both lab space and critical IT infrastructure at the facility
Perspecsys Announces Expansion into Germany(BusinessWire) Perspecsys, the leader in enterprise cloud data protection solutions, today announced it has extended its presence in Europe to Germany. The move will enable it to meet the rapid growth it is experiencing in the region
Napatech Welcomes New SVPs to Meet Global Expansion Goals(PRNewswire) To improve its sales and marketing capabilities by creating a strong commercial focus, Napatech (OSE: NAPA) today announced the hire of two new senior vice presidents. Walther Johannessen has been selected for the role of SVP of Global Marketing, and Andrew Patterson will serve as SVP of Global Sales
SANS Instructor, Ed Skoudis, Awarded the Order of Thor Medal at the Army Cyber Institute(PRNewswire) SANS Institute, the global leader in information security training, today announced SANS Instructor and NetWars CyberCity Director, Ed Skoudis, has been inducted into the Military Cyber Professionals Association's Order of Thor. This prestigious award was presented to Mr. Skoudis by Col. Gregory Conti, Army Cyber Institute director in honor of Mr. Skoudis' contributions in preparing the next generation of military cyber professionals
Products, Services, and Solutions
Resistance to DCGS-A persists(GCN) The Army's main intelligence gathering component, the Distributed Common Ground System, continues to face criticism among lawmakers and members of the military
Verizon, Deloitte Team on CyberSecurity(Light Reading) With data breaches and other cyber incidents becoming more frequent, costly and destructive, Deloitte and Verizon Enterprise Solutions today announced a strategic alliance to deliver a comprehensive set of security and risk-management solutions to help businesses prepare, respond and recover more efficiently, effectively and thoroughly when a cyberattack occurs
Securing Portable Devices and Sensitive Data in Healthcare(Tenable) The high-profile healthcare breaches this year alone, as well as the growth of the lucrative market for healthcare information ("over $500 for a complete dossier"), are a testament that current security processes and solutions require a re-evaluation
Ponemon security survey finds threat intelligence is woefully underused(Silicon Angle) Knowing the enemy has always been important to winning battles, but gaining the right insight at the right time is much easier said than done in the fight against hackers. A new survey of the organizations on the front lines by the Ponemon Institute reveals that there is still a lot of room for improvement
Incident Response: Failure to Plan is a Plan to Fail(Dark Matters) I've been thinking a lot about the last several "panic patch" cycles. You know, Heartbleed, Bash bug and others which became nightmares for security organizations due to the pervasiveness of the issues and the fact that security teams simply didn't know the extend of the potential damage
Cyber-Security Teams: No Rest for the Wary(Baseline) Today's IT security teams face a constant and evolving barrage of threats that force them to assess their security policies and procedures on an ongoing basis
How hard is it to permanently delete data?(GCN via Forensics Magazine) The controversy surrounding former Secretary of State Hillary Clinton's email has brought data destruction to the forefront of the national conversation. Clinton used a server housed at her New York residence for her personal and official emails and online communications while she was at Foggy Bottom Lawmakers investigating the 2012 death of an ambassador in Libya have been concerned that official government emails from Clinton that might assist in the investigation were deleted despite assurances from Clinton that she turned over all emails pertaining to government work to the State Department
Corporate Security Checklist — a CEO's Guide to Cyber Security(Heimdal Blog) Have you ever wondered if you, as a manager, CEO or investor are prepared to deal with a cyber security failure in your organization? Are there all the necessary systems in place? Do you have enough resources and is there enough careful planning to keep any attack from interrupting your company's activity and causing it financial or reputation damage?
Six ways to backup your data(We Live Security) Today is World Backup Day, and it goes without saying that backing up data is a thoroughly sensible thing to routinely get into the habit of doing
Design and Innovation
Deconstruct websites, get hired: hiding recruitment messages in source code(Troy Hunt) The other day I did a security workshop at a firm here in Sydney and one of the things we did was a proxy a bunch of traffic and inspect what was going on behind the scenes. Among the expected hilarity that always ensues from these sorts of exercises (you can find heaps more of this in my Hack Your API First course), one of the guys at the event found this in the response headers of Airbnb
Taiwan: Reinforcement of Cyber Security New Priority(Unrepresented Nations and Peoples Organization) Taiwan has expressed willingness to strengthen its cyber security ties with the United States. On 30 March 2015 Vice Premier Simon Chang mentioned Taiwan's desire to be included in the biennial US Cyber Storm drill, as Taiwanese systems are constantly being targeted by Chinese hackers accused of committing cyber theft
Obama declares cyberattacks a 'national emergency'(The Hill) President Obama declared Wednesday that the rising number of cyberattacks against the United States is a national emergency, and issued an executive order that would sanction those behind the attacks
"We can't address cyber threats in isolation", chief lawyers of top companies agree(Forbes) As the frequency and severity of cyber attacks accelerate, both the government and the business community are increasingly willing to acknowledge that they are not in a position to tackle these threats alone. The need for collaboration between government and industry to enhance cyber resilience was emphasized by President Obama at a recent cybersecurity summit and echoed by leaders in the business and non-profit sectors
Air Force stands up Task Force Cyber Secure(AFNS) Chief of Staff of the Air Force General Mark A. Welsh III signed a memorandum on March 20, establishing Task Force Cyber Secure, to address challenges of the cyberspace domain in synchronization, operations and governance within the Air Force and with those organizations it supports
Rapid-Equipping, Asymmetric Groups To Remain(Defense News) Two organizations built for the wars in Iraq and Afghanistan — the Rapid Equipping Force (REF) and the Asymmetric Warfare Group (AWG) — will not fold, but instead endure as part of the Army's Training and Doctrine Command (TRADOC)
VB2015(Prague, Czech Republic, September 30 - October 2, 2015) The VB2015 programme includes 38 papers on a wide range of security topics. As in previous years, the presentations will run in two parallel streams and the programme includes both technical and less technical...
Automotive Cyber Security Summit(Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...
Kansas City Secure World(Kansas City, Missouri, USA, April 1, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Coast Guard Intelligence Industry Day(Chantilly, Virginia, USA, April 2, 2015) With a blended focus of defense, homeland security, law enforcement, criminal investigations, intelligence and cyber issues, Coast Guard Intelligence is aggressively looking to collaborate with partners...
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Cyber Risk Wednesday: The future of Iranian cyber threat(Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts...
Cyber Threats Masterclass(Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...
InfoSec Southwest 2015(Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Financial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
IIT Cyber Forensics and Security Conference and Expo(Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...
RSA Conference 2015(San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
Security Forum 2015(Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...
CyberTexas / CyberIOT(San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...
INTEROP Las Vegas(Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...
2015 Synergy Forum(Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.