As Air France sustains cyber vandalism from Algerian mujahedin and Anonymous continues to out ISIS-sympathizing Twitter handles, Recorded Future outlines indicators that ISIS itself may be going beyond its familiar information operations playbook to develop cyber offensive capabilities. But they conclude the evidence is ambiguous at best, probably more consistent with rioting by sympathizers and wannabes than with any centrally directed campaign. (One tip-off: Cyber Caliphate's co-hacking with Lizard Squad.)
Errata Security points to Great Firewall enabler Unicom China as the fons et origo of the GitHub DDoS attack.
IBM Security warns of "Dyre Wolf," an Eastern European criminal gang with a well-tuned and effective multi-vector toolkit that's robbing large and medium-sized US companies with bogus wire transfers. IBM particularly notes Dyre Wolf's social engineering techniques, "unprecedented" in their sophistication.
ICS security mavens at Control Global seek to play their familiar role of reality principle amid industrial control system FUD and its opposite (which we might call CUD: complacency-unawareness-denial). Other reports, after this week's scare in Turkey, delineate threats to power grids and other infrastructure.
Cisco enhances its software-defined-networking capability by acquiring Embrane. Salesforce picks up mobile security shop Toopher, and Check Point closes its long-anticipated acquisition of Lacoon.
The TrueCrypt audit is complete and finds no backdoors, but many worry about the encryption tool's future.
NIST releases a draft of IR 8050, and invites comment on its recommendations for improving consumer data security and privacy.
The just-enacted US cyber sanctions policy draws skepticism on familiar attribution and due-process grounds.
Today's issue includes events affecting Algeria, Estonia, France, Georgia, Iran, Iraq, Democratic Peoples Republic of Korea, Republic of Korea, Lebanon, Luxembourg, Philippines, Poland, Russia, Syria, Ukraine, United Arab Emirates, United States.
Cyber Attacks, Threats, and Vulnerabilities
Cyber Caliphate: ISIS Plays Offense on the Web(Recorded Future) Cyber Caliphate's attack of US Central Command's Twitter page on January 12, 2015, got the attention of the United States and the world, and brought the cyber threat of ISIS to the forefront. Questions about ISIS's cyber capabilities have been asked since summer 2014
IBM uncovers new, sophisticated bank transfer cyber scam(Reuters) IBM has uncovered a sophisticated fraud scheme run by a well- funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls that the technology company says has netted more than $1 million from large and medium-sized U.S. companies
Multicast DNS Vulnerability Could Lead to DDoS Amplification Attacks(Threatpost) The Department of Homeland Security sponsored CERT at Carnegie Mellon University on Tuesday released an advisory warning infrastructure providers of a vulnerability in Multicast DNS, or mDNS, that could leak device information that could be leveraged in high volume DDoS amplification attacks
The Fine Line Between Ad and Adware: A Closer Look at the MDash SDK(TrendLabs Security Intelligence Blog) Just last month, there were reports that Google removed three apps from its Play Store as they were discovered to be adware in disguise. At the time of the discovery, the apps were said to have been downloaded into millions of devices, based on data from the app stores. However, these were not the only apps with similar behavior. During their investigation in early March, our researchers believe that there were over 2,000 apps with similar behavior on Google Play. However, this number has decreased to the hundreds, if not fewer
More Proof That You Should Never Use Hotel Wifi(Fiscal Times) Do not use hotel WiFi. That is the takeaway of the recent disclosure by security firm Cylance that it had found a devastating vulnerability in an Internet router that it said is in use at eight of the world's top ten hotel chains. Not only can the router be hijacked to cough up a user's details — your details — in some cases, said Cylance, the router is directly interfaced with the hotel's so-called Property Management system (PMS) which tracks everything from billing to room keys and in-room temperature. In a worse case scenario, a hacker could seize control of the vulnerable router, hop into the PMS, copy all available credit cards and their owner's details, and perhaps for mirth change the locks on a few doors — rendering the plastic keycards useless — and dialing the temperature up to 105 degrees in victim rooms
ICS cyber incidents — What relevant information actually exists?(Control Global) March 12, 2015, DHS's ICS-CERT issued the ICS CERT Monitor. The ICS-CERT report identified 245 total incidents in 2014. The report broke out the incidents by sector and by access vector. The report stated that the majority of incidents had an "unknown" access vector which implies lack of appropriate monitoring. The report identified network access vector categorization which made up 62% of the incidents were traditional IT attack vectors which can affect control systems but doesn't address control system-unique vectors such as unauthorized control system logic changes, unauthorized breaker control, etc.
How vulnerable is our critical national infrastructure?(Help Net Security) Considered the backbone of the nation's economy, security and health; critical infrastructure provides power, water, transportation, and communications systems relied on to connect us with our friends and family to our communities
MCS PKI Incident Report(Scribd) This is the MCS PKI incident report that caused the eventual removal of CNNIC root certificate from Chrome and Firefox
NYSE Arca exchange glitch hampers trading in popular ETFs(Reuters) Intercontinental Exchange Inc's NYSE Arca had a technical glitch on Tuesday that resulted in some of the most popular exchange-traded funds being temporarily unavailable for trading and some investors paying more for stocks than they otherwise may have
The Cyber Attack on Frontpage(Frontpage) You may have noticed that our site is still under cyber-attack from computers based in Iran and Iraq causing delays in loading Frontpagemag.com
How Cloud Encryption Has Changed in 2015 — and What the Future Holds(Infosec Institute) When mega-retailer Target was the victim of a data breach during the 2013 holiday season, more than 70 million customers earned that their personal information, including email addresses and credit card numbers, had possibly been compromised. However, there was one small bright spot in the torrent of bad news: Target reported that the PIN numbers for compromised debit cards were encrypted, and therefore useless to the criminals who now had access to them
Midsized Companies, Supersized Network Security Needs(SecurityWeek) Small and midsized businesses (SMBs) are the engine of the recovering economy. According to recent U.S. government numbers, just over 60 percent of the U.S. private sector workforce is now employed by companies with fewer than 1,000 employees. Not only are SMBs significant employers, they are also among the earliest adopters of new technologies
10 Facts About Cybersecurity and How They Impact You(Social Times) Cybersecurity is one of the most pressing concerns for business and consumers, especially when it comes to social media. So much personal identifiable information (PII) exists across the internet that it's practically inevitable that malicious forces would try to take it. An infographic from Heimdal Security outlines 10 cybersecurity facts and how they impact your online security
How secure is your online banking app?(IT Pro Portal) People are becoming increasingly concerned about their security. They use two-step authentication, login alerts, and third-party security services to better protect their email and social media accounts. One would hope for a similar — if not more secure — level of protection from our banks. After all, this the place where we put most of our earnings and savings, However, apparently we are all mistaken. Mobile security firm Appvigil is reporting that as many as 70 per cent of the top 100 mobile banking apps on the Android operating system in the APAC region are vulnerable to security attacks and data leaks. Don't live in the said region? That's no reason to relax. The report further pinpoints vulnerabilities in mobile banking apps found in other regions as well
Taiwan ranks third largest cyber attack target in Asia(Focus Taiwan) Taiwanese enterprises have come under mounting threat of targeted attacks on their computer networks, FireEye, Inc., said Thursday, citing 2014 data placing Taiwan in the third place, behind South Korea and Hong Kong, on the volume of advanced persistent threat (APT) activities in the Asia-Pacific region
Beirut's Bright Future As A Tech Hub For MENA, If Its Politicians Will Allow It(TechCrunch) As my flight out of Beirut reached cruising altitude, and the seat buckle lights flickered off, I leant back in my chair and wondered if I had, in fact left the country just in time. Admittedly, it wasn't quite an 'Argo-esue' escape from another Middle Eastern country, but labelling a controversial government minister on a conference stage as an "idiot" maybe wasn't the wisest of moves. Beirut is not a town known for its placid history, after all. Furthermore, my comment had made the front page of the Beirut Daily Star the next day. Perhaps it was just as well that I left the next day
Cisco to buy SDN startup Embrane(IDG via Network World) Cisco plans to beef up its SDN [software-defined networking] technology by acquiring Embrane, a startup with an architecture for virtualized network appliances
Is FireEye (FEYE) Stock a Solid Choice Right Now?(Zacks Equity Research) One stock that might be an intriguing choice for investors right now is FireEye, Inc. (FEYE - Snapshot Report). This is because this security in the internet software industry space is seeing solid earnings estimate revision activity, and is in great company from a Zacks Industry Rank perspective
Damballa Named to JMP Securities Fast 50 List of Hottest Privately Held Companies(BusinessWire) Damballa, a leader in advanced threat detection and containment, has been named one of the "Fast 50" hottest privately held security and networking companies by JMP Securities, a full-service investment bank. The first annual Fast 50 report identifies the hottest, most strategically positioned private companies in the Internet security and networking spaces. JMP Securities notes that the Fast 50 companies are harnessing innovation and competitive advantage to disrupt technology giants, and that they have the ability to dominate their respective markets
Lunarline and Damballa partner to help the government fight back against advanced cyber attacks(GSN) Lunarline and Damballa have announced a strategic partnership to bring Damballa's advanced threat detection technology to Lunarline's government clients in the Intelligence, DoD and Federal Civilian communities. Globally deployed in some of the largest and most complex private and public networks, Damballa Failsafe is ideally suited to the Federal government's unique security challenges
Turning Hackers into InfoSec Pros(Trend Micro: Simply Security) We recently attended the South by Southwest (SXSW) Conference in Austin, Texas and were pleased to discover cybersecurity and privacy were popular topics this year. One session in particular given by a panel including the Secret Service caught our attention, and focused on why hackers hack and what we, as a society, can do about it
Dance Of The 'Next-Gen' CISO(Dark Reading) Classical ballerina-turned hacker-turned CISO Justine Bone talks old-school hacking, biometric authentication, coding in stilettos, Kristin Wiig — and finishing her kids' leftover mac and cheese
Google Report Lauds Android Security Enhancements(Threatpost) Google has put some hard numbers behind the effectiveness of the security enhancements it has dropped into Android in the past year, and results show that things such as SE Linux (SE Android), Verify Apps and Safety Net have cut down on successful attacks against the Android operating system, significantly lowered the number of potentially harmful apps allowed onto mobile devices, and reduced the opportunity for network-level attacks leveraging Android devices
Best free Android antivirus comparison(Softonic) Our phones house our most personal data like our address, photos, and banking information. Cyber criminals know this and are targeting our phones, especially Android devices since they make up almost 80% of the smartphone market
Tresorit for Business(Help Net Security) In the cloud computing era, companies need to be proactive on secure collaboration and file sharing. Tresorit for Business is a solution that, among other things, helps organizations with managing, protecting and preventing leaks of their corporate data
Real-Time Software solves enterprise application security challenges.(Thomasnet) Leveraging distributed agents, Contrast Enterprise enables vulnerability identification as applications run at enterprise scale. REST API and scriptable zero-configuration installers provide complete automation of application security into any software development life cycle, while 10+ information sources are used to discover vulnerabilities while eliminating false positives. Deployed and operating within 7 min, solution supports Java 8 and legacy versions of Microsoft .NET
Mobile Call Interception is Affecting You(Charon Technologies) If your job involves security or intelligence, trade secrets, or research and development, you are a target for mobile call interception. When you use your mobile phone, either at work or in your personal life, you can't guarantee that you're actually connecting with a legitimate cell tower. While you might think your phone is connected to a secure AT&T or Verizon network, it's possible that your phone is connecting to a "rogue tower" without you knowing it — and that your calls and data are under surveillance
Internet-of-Things solutions enabled by Gemalto win 2015 Connected World Awards(CSO) Gemalto, the world leader in digital security, is enabling two Internet of Things (IoT) solutions that won the prestigious 2015 Connected World Awards. Gemalto contributed its ruggedized M2M connectivity and security technology for these award-winning solutions designed by Airo Wireless, and by SOLARKIOSK. The awards highlight Gemalto's industry leading Cinterion(R) technology, which delivers high-speed, low latency wireless connectivity and security for Airo's first-to-market 4G intrinsically safe industrial PDA as well as SOLARKIOSK's E-HUBB, a solar powered autonomous energy system and business hub that enables sustainable local entrepreneurship and economic development in communities throughout several emerging economies in Africa and Asia
Open Crypto Audit Project: TrueCrypt Cryptographic Review(NCC Group) During the engagement, CS identified four (4) issues, and none led to a complete bypass of confidentiality in common usage scenarios. The standard workflow of creating a volume and making use of it was reviewed, and no significant flaws were found that would impact it
Truecrypt report(A Few Thoughts on Cryptographic Engineering) A few weeks back I wrote an update on the Truecrypt audit promising that we'd have some concrete results to show you soon. Thanks to some hard work by the NCC Crypto Services group, soon is now. We're grateful to Alex, Sean and Tom, and to Kenn White at OCAP for making this all happen
NIST Invites Comments on Challenges in Protecting Consumer Data(NIST Tech Beat) The National Institute of Standards and Technology (NIST) invites the public to comment on a report from the Feb. 12, 2015, Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy. The workshop, a collaboration with Stanford University, brought together chief technology officers, information officers and security executives to discuss the challenges their organizations and industrial sectors face in implementing advanced cybersecurity and privacy technologies
NIST IR 8050: Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy(National Cybersecurity Center of Excellence) Cybersecurity incidents have grown swiftly from conceivable to realized risks that regularly threaten national and economic security of the United States. These risks threaten the financial security of companies and the public, weaken consumer confidence, erode individual privacy protections, and damage the brand value and reputation of businesses. On February 12, 2015 the National Institute of Standards and Technology (NIST) and Stanford University hosted an executive technical workshop, held in coordination with the White House Summit on Cybersecurity and Consumer Protection, to discuss how to increase the use of advanced cybersecurity and privacy technologies in consumer-facing organizations. This document details the discussion and ideas presented at the workshop and serves as a platform to receive broader feedback on the relevance of projects and suggestions discussed at that event
Data for Health: Learning What Works(Robert Wood Johnson Foundation) The Robert Wood Johnson Foundation (RWJF) initiative, Data for Health, explores how data can be collected, shared, protected, and translated in ways that are useful to individuals, organizations and communities. With the opportunity of exponentially increasing amounts of data about almost every aspect of our lives, we face the challenge of how to effectively harness it, share it, and use it to guide public policy, as well as help efforts aimed at improving health
Cyber threat intelligence is crucial for effective defense(CSO) It's impossible to defend against every possible exploit and threat vector. Businesses have to allocate limited resources to provide the best possible defense against the most probable threats. That requires threat intelligence. A new report titled Importance of Cyber Threat Intelligence to a Strong Security Posture illustrates how crucial threat intelligence is for effective security
Red Teams(Medium) When you can't find the bad guys, make some up
Make it stop!: Data breaches(SC Magazine) Sharing lessons learned with managers and staff is key to halting breaches, says Lena Smart, CIO, New York Power Authority
The Normalization of Cyber-International Relations(ISN) Has the gradual transition to cyber-based international relations had unintended consequences? Myriam Dunn Cavelty thinks so. By focusing exclusively on state-to-state relations and defending against cyber-attacks, state actors have given short shrift to other voices and the possibility of large-scale cyber-exploitation
The Problem with Hybrid Warfare(War on the Rocks) Europe is now a petri dish for hybrid war. Events of the past decade, not to mention the last few years, have reaffirmed the value of a concept that sought to explain a range of diverse, coercive instruments across the operational spectrum of war. Hybrid warfare is a term that sought to capture the blurring and blending of previously separate categories of conflict. It uses a blend of military, economic, diplomatic, criminal, and informational means to achieve desired political goals. The Chairman of the Joint Chiefs of Staff, General Martin Dempsey, has referred to these hybrid threats as an "inflection point" in modern war. Indeed, in the disordered post-Cold War world, hybrid warfare remains an excellent framework for understanding the changing character of war
In the cyber domain, US ready to take offense(Defense Systems) Is the U.S. ready to go on offense in the cyber domain? It is certainly taking incremental steps in that direction. Exclusively focusing on defensive measures will not deter malicious behavior such as theft of intellectual property or manipulation of data, Adm. Michael Rogers, commander of U.S. Cyber Command and the director of the National Security Agency, said at the AFCEA Cybersecurity Technology Summit in Washington today. According to Rogers, the United States right now is reacting rather than acting
Don't let America be boxed in by its own computers(Washington Post) As director of the National Security Agency and then the Central Intelligence Agency after the Sept. 11, 2001, attacks, I fought to provide our intelligence officers with every possible advantage in their work to detect and confront threats from our enemies
ABA Statement on White House Executive Order on Cyberattacks(American Bankers Association) "The executive order issued today sends a strong signal to cybercriminals and foreign entities that America is committed to fighting this increasing threat. U.S. businesses are committed to working with the government to help protect our critical infrastructure and the economic security of our country"
Making the world safe for Sony(Al Jazeera America) With the stroke of a pen Wednesday, President Barack Obama christened his country's latest national emergency, issuing an Executive Order he said was necessary to address "an unusual and extraordinary threat" from malicious hackers abroad
Brace Yourselves, The Net Neutrality Legal Challenges Are Coming(TechCrunch) On Wednesday afternoon the Federal Communications Commission filed its net neutrality order to the Federal Register, an FCC official confirmed to TechCrunch. Once published by the Register, the filing opens the gates to an inevitable outpouring of legal challenges from net neutrality opponents
NSA touts role in cyber investigations(FCW) The National Security Agency has helped investigate every major cyber intrusion in the private sector in the last six months, Director Adm. Michael Rogers said, adding that he wants that collaboration to get faster and more anticipatory
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Cyber Risk Wednesday: The future of Iranian cyber threat(Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts...
Cyber Threats Masterclass(Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...
InfoSec Southwest 2015(Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Financial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
IIT Cyber Forensics and Security Conference and Expo(Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...
RSA Conference 2015(San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
Security Forum 2015(Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...
CyberTexas / CyberIOT(San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...
INTEROP Las Vegas(Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...
2015 Synergy Forum(Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.