The annual hacktivist assault on Israeli networks (and on other identifiably Jewish sites) is due to return tomorrow; many intended targets tighten security and raise awareness. (Coincidentally, a University of Haifa study finds that cyber attacks can prompt severe psychological and physical stress.)
Ireland appears to be facing a smaller hacktivist threat, this one prompted by discontentment over water utility management.
Observers note Russian success in information operations, and wonder at the lack of comparable American capability. Those observers think the gap arises in part from relatively low financial support for effective organizations with Cold War roots, in part from mismanagement in the better-resourced precincts of the State Department. Russian success in social media seems particularly marked, and in online Russian news outlets like the (very American-looking) RT.
Trend Micro warns of two current threats: "NewPosThings" point-of-sale malware (found infecting airport shops) and "CRYPVAULT" (an evolved ransomware attack kit).
GitHub seems to have largely recovered from the denial-of-service attacks it suffered over the last two weeks.
VMWare has patched a Java information disclosure vulnerability. Payment service Venmo upgrades to two-factor authentication. Microsoft reminds users that support for Windows Server 2003 will soon expire.
Retailers struggle to implement lessons learned from last year's data breaches. Start-ups, app developers, healthcare institutions, and universities continue to appear security laggards: enterprises in the first two categories are resource-strapped, in the second two surprisingly unaware of their risks.
Reactions to last week's US Executive Order on sanctions for cyber attacks range from celebratory to cautionary.
Today's issue includes events affecting Canada, China, Ireland, Israel, Republic of Korea, Russia, Spain, United States.
CRYPVAULT: New Crypto-ransomware Encrypts and "Quarantines" Files(TrendLabs Security Intelligence Blog) We uncovered a new crypto-ransomware variant with new routines that include making encrypted files appear as if they were quarantined files. These "quarantined" files are appended by a *.VAULT file extension, an antivirus software service that keeps any deleted files for a certain period of time. Antivirus software typically quarantines files that may potentially cause further damage to an infected system
It's safe to use Venmo again(Techno Buffalo) Venmo's credibility took a hit last month when a vulnerability was brought to light by Slate. Basically, the lack of two-factor authentication made it really easy for accounts to be hijacked, leading many users, including one of our own, to unlink their banking information from the service
Data breaches drive big changes for U.S. merchants(Examiner) Under the best of circumstances, business owners have a constant struggle to deal with fickle consumer tastes, increasing competition, and burdensome government regulation. But with the "data breach of the week" dominating today's headlines, the process of just getting paid is about to get even more complicated for U.S. merchants over the next three to six months
Poor Security Measures Make Startups Easy Hacking Targets(Social Times) Social media startups are full of energy and desperate to push their product to market. In this haste, basic security protocols are often overlooked. Snapchat has had many security flaws, and several Tor router projects were sunk by poor security. Because of this poor security, startups may have made themselves targets, according to The New York Times' Bits blog
Are you safe in the Internet of Things?(USA TODAY) The Internet of Things, the popular name for the technology by which devices are connected and controlled over the Internet, is big, and it is only getting bigger. The presently estimated number of Internet of Things devices of 4.9 billion devices is expected to rise to 25 billion by 2020. IBM has recognized the opportunities present in the Internet of Things and earlier this week announced it is investing $3 billion in a new business unit that will focus entirely on developing products and services for the Internet of Things
Hudson's Corero opens Scotland R&D office(Worcester Business Journal) Internet security provider Corero Network Security of Hudson will open a research and development center in Scotland, the company announced Thursday
Barracuda Mobile Companion(ZDNet) The Barracuda Mobile Companion works with the Barracuda Mobile Device Manager and allows organizations to centrally manage Android devices. The agent is used to enroll devices with the cloud-based Barracuda Mobile Device Manager
Technologies, Techniques, and Standards
Guidelines on the auditing framework for Trust Service Providers(Help Net Security) A new ENISA report provides guidelines on the auditing framework for Trust Service Providers (TSPs). These guidelines can be used by TSPs (preparing for audits) and Conformity Assessment Bodies (auditors) having to undergo regular auditing — as set by the eIDAS regulation — and offer a set of good practices which can be used at an organizational level
Putting IT In Perspective: Threat Intelligence(Business2Community) "Threat Intelligence" is one of those terms that high-tech marketers have recently grabbed on to, and are currently riding hard — you can check this out for yourself, with a quick look on Google Trends
The Unfolding Role of Risk Managers — New Demands, New Talent(Forbes) Melissa Sexton, CFA is the head of Product and Investment Risk for Morgan Stanley MS +0.25% Wealth Management. Prior to this, she spent nearly a decade serving as Chief Risk Officer at two different hedge funds in New York. Most of Melissa's 25 years of experience has been in a variety of risk management roles, though she has also traded derivatives and worked in operations, and has continuously worked on projects which integrate risk management with information technology. Ms. Sexton is a member of PRMIA New York's steering committee, received a BA in Mathematics and Economics from Boston University, and was awarded her CFA charter in 2001
How to Build a Successful IT Security Awareness Program(Tripwire: the State of Security) The first step towards creating a successful security awareness program is to recognize that this is not a project with a defined timeline and an expected completion date, but is instead a development of organizational culture
Chris Thomas of RSA shares his views on hacking incidents in the corporate world(DNA India) The number of hacking incidents are constantly rising and companies are struggling to keep up with the attackers. In an exclusive interview at Black Hat Asia 2015, Chris Thomas, Security Analytics and Advanced Security Operations Specialist, Asia Pacific & Japan, RSA speaks to Krishna Bahirwani and shares his thoughts on where organizations are going wrong
The Cloud Could Be Your Best Security Bet(TechCrunch) Conventional IT wisdom says that you're safer and more secure when you control your own on-premises datacenter. Yet if you think about every major data breach over the last two years, whether Anthem, Sony, JPMorgan or Target, all involved on-premises datacenters, not the cloud
Security Is More than a Password — It's a Signature(CoinTelegraph) The technology behind Bitcoin and the blockchain is secure; we know this because it leverages mathematically proven cryptographic protocols. Known as the Elliptic Curve Digital Signature Algorithm (ECDSA), they "ensure that [Bitcoin] funds can only be spent by their rightful owners." However, this level of security doesn't always transfer to the businesses and applications offering services in the Bitcoin industry today
Defense-in-Policy begets Defense-in-Depth(SANS Infosec Reading Room) The majority of companies today focus solely on technical requirements for an information security program. When addressing the legendary AIC triad, companies focus on pulling controls from three categories: Administrative, Technical/Logical, and Physical/Environmental. Often, the Administrative category is overlooked, disregarded, and not given enough focus and attention from the business which can spell disaster for the security process as it provides the foundation and framework for the entire security program
DoD breaks mobile security roadblock(Federal News Radio) Securing smartphones and tablets is a lot easier said than done for most agencies. Federal security experts still are trying to find the right balance between mobile access and security of data and applications
The Shrinks Who Only See CIA Officers(Daily Beast) Some U.S. intelligence analysts spend days scouring ISIS beheading videos and jihadists' porn. When it gets to be too much, there's a cadre of therapists on call
Turkey blocks Twitter, YouTube over hostage photo(Hurriyet Daily News) Turkish authorities have blocked access to Twitter and YouTube over their refusal to remove photos of a prosecutor who was taken hostage by militants in Istanbul. The ban on Facebook, on the other hand, has been lifted after the website complied with the court ruling
Park, Obama Both Move to Strengthen Cyber Security(Business Korea) President Park Geun-hye appointed a new cyber security secretary, a newly-created post, presidential spokesman Min Kyung-wook said on Friday. Shin In-seop, a brigadier general who served as deputy commander of the military cyber command, will be integral to the latest government effort to strengthen the top office's role in cyber security. The move came three days after the Cabinet's approval of the new post
Lawmakers in cybersecurity rush(The Hill) Lawmakers are rushing to pass a major cybersecurity bill this month before a divisive debate over reauthorizing the National Security Agency's surveillance programs bogs them down
Strengthen privacy rights(Post and Courier) A major piece of business that Congress failed to complete last year was to strengthen the privacy rights of Americans by curtailing government spying on them. It should be at the top of the agenda this year
On John Oliver, Edward Snowden Says Keep Taking Dick Pics(Wired) John Oliver is worried that you don't care about government surveillance because you have no idea what it is. After doing an informal poll of passersby in Times Square, who for the most part had no idea who whistle-blower Edward Snowden was or what it was he leaked, Oliver said Sunday, "It seems like we've kind of forgotten to have a debate over what Snowden leaked"
Can a Company Remotely Wipe an Ex-Employee's Device?(Dark Matters) One of my favorite sayings about cyber risk is "an ounce of prevention is cheaper than the very first day of litigation." A recent case provides a nice example of exactly what I mean. In this case, an effective BYOD policy could have saved this company tens of thousands of dollars, at least
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Fleming Gulf's Information & Cyber Security Summit(Moscow, Russia, October 6 - 7, 2015) The "Information & Cyber Security Summit 2015" aims to provide a platform, to discuss with top dignitaries and decision makers from different industries & government officials, the important aspects of...
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Cyber Risk Wednesday: The future of Iranian cyber threat(Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts...
Cyber Threats Masterclass(Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...
InfoSec Southwest 2015(Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Fnancial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
IIT Cyber Forensics and Security Conference and Expo(Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...
RSA Conference 2015(San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
Security Forum 2015(Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...
CyberTexas / CyberIOT(San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...
INTEROP Las Vegas(Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...
2015 Synergy Forum(Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.