ISIS-sympathizing hackers take down another target-of-opportunity, French television network TV5Monde. Libya's Ansar al-Sharia takes a step toward aligning itself with the aspiring Caliphate (and the Libyan group's social media activity increasingly resembles that of ISIS).
Most observers finger Russian intelligence services in the long-running, long-investigated hacks of the US State Department and White House, but the White House itself declines any attribution as "not in our interest." (Diplomatic observers nonetheless see the US Administration dog-whistling an "I-know-what-you're-doing-online" warning in the direction of Moscow.) Russia officially denies any involvement, loyally seconded by the hardly disinterested journalists of Sputnik, who cite Kaspersky researchers on the virtual impossibility of attributing hacks to nations. (In fairness to Kaspersky, the company has long been very reticent with respect to attribution.) The White House says that, while no classified information was stolen, "sensitive" material was compromised.
Fox IT warns of a large-scale malvertising campaign that appears to be passing through a Google ad reseller. Heimdal warns of malice in Webpage Screenshot, a once popular app now removed from the Chrome store. ESET cautions against unexpected ZIP files that may contain the Waski malware downloader.
US-CERT alerts the public against the polymorphic downloaders of the AAEH family, and passes on the Network Time Foundation's NTP Project finding of vulnerabilities in the network time protocol daemon.
The White House hack raises investors' interest in cyber security stocks.
An Atlantic Council panel discusses the future of Iranian-US cyber conflict post-preliminary-nuclear-deal. (Watch the whole thing: cyberpeace isn't about to dawn.)
Today's issue includes events affecting Australia, Austria, Bulgaria, China, France, India, Iran, Iraq, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Libya, Netherlands, Russia, Singapore, Syria, Ukraine, United States.
Spiritual Leader of Libya's Biggest Jihadi Group Pledges Allegiance to ISIS(Newsweek) Ansar al-Sharia's propaganda is also beginning to resemble that of ISIS. Ansar al-Sharia, the top jihadi group in the civil war-torn country of Libya, has edged closer to pledging allegiance to ISIS after its spiritual leader and top judge, Abu Abdullah al-Libi, defected to the radical group, according to an audio message released by the terror group
Cyberattack on Israel fails to push country's buttons(Israel Hayom) Anonymous hacker group's attempt to electronically cripple Israeli cyber infrastructure fails. Major servers exercise recommended protection protocols, escape disruptions. Dozens of minor websites hacked, none reporting significant damage
Russian Paper Removes Article About Soldier Wounded In Ukraine(Radio Free Europe/Radio Liberty) Journalists at a Siberian newspaper say they spent three days using scissors to cut an article about a Russian soldier who was wounded fighting alongside pro-Russian rebels in Ukraine out of 50,000 copies of the publication
Identifying Hackers' Country of Origin is Impossible(Sputnik) The chief malware expert at Kaspersky Lab said that it is almost impossible to guess hackers' nationality. The hardest problem about finding the source of cyberattacks is attribution since a hacker's country of origin can only be guessed by clues in the malware code, the chief malware expert at Kaspersky Lab said Wednesday
White House hackers accessed schedule of President Obama's whereabouts(Naked Security) Since the cyber intrusion into the White House was first discovered in October, the US government has said that ongoing cyber breaches into the president's executive office network — suspected to come via the US State Department's system — have only affected an unclassified system
A flawed ransomware encryptor(SecureList) In the middle of last year, my colleagues published a blogpost about a new generation of ransomware programs based on encryptor Trojans, and used the example of the Onion family (also known as CTB-Locker) to analyze how these programs work
Alert (TA15-098A) AAEH(US-CERT) AAEH is a family of polymorphic downloaders created with the primary purpose of downloading other malware, including password stealers, rootkits, fake antivirus, and ransomware. The United States Department of Homeland Security (DHS), in collaboration with Europol, the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), released this Technical Alert to provide further information about the AAEH botnet, along with prevention and mitigation recommendations
The 10 Most Common Application Attacks in Action(IBM Security Intelligence) Nowadays, application development is moving more and more onto the Web. The Web hosts entire productivity suites such as Google Docs, calculators, email, storage, maps, weather and news — everything we need in our daily lives. Our mobile phones are useless without the Internet since nearly all mobile applications connect to the cloud, storing our pictures, usernames and passwords and private information. Even our home devices are now connecting to the Web, with Internet of Things platforms such as Wink that allow users to dim their house lights right from their mobile phone
Drug Pump's Security Flaw Lets Hackers Raise Dose Limits(Wired) When Billy Rios needed emergency surgery last summer after cerebral spinal fluid began leaking through his nose, he was only partly focused on his life-threatening condition. That's because Rios was distracted by the computerized drug-infusion pumps Stanford Medical Center used to administer medication to him and other patients. As a security researcher, Rios realized he'd purchased the same models of pumps months earlier on eBay in order to examine them for security flaws. As he watched the pump dose him with meds, all he could think about were the holes he'd found in one of the brands that made it susceptible to hacking
A Hacker's-Eye View of the Internet of Things(Re/code) Ever wonder what hackers think about the Internet of Things? Consider for a moment what someone with criminal intent might do with secret access to your Internet-connected garage door opener and it doesn't take long to imagine something bad
Don't Miss These Top Hacker-Beating Tech Stocks(Investor's Business Daily) It doesn't matter what industry you're in when it comes to cybertheft. Health insurer Anthem (NYSE:ANTM) earlier this year became the latest data breach victim, joining JPMorgan Chase (NYSE:JPM), Target (NYSE:TGT) and other high-profile targets
Should FireEye Inc. Be Worried About Palo Alto Networks?(Motley Fool) Cyber security is big business — and it's expected to get even bigger. Research company Markets and Markets expects the demand for cyber security products to swell to around $156 billion in 2019, up from about $95 billion last year
Cyber security and the importance of investing and innovating(South Coast Today) As digital threats against the United States from criminals, terrorists and state actors continue to loom large, our ability to fight back is not measuring up. This grim assessment was delivered by Adm. Michael Rogers, who heads both the U.S. military's Cyber Command and the National Security Agency (NSA), before the U.S. Senate Armed Services Committee late last month
Singtel acquisition of Trustwave shows its managed security ambitions(Networks Asia) In a move to improve its portfolio of security services, Singtel has signed an agreement to acquire a 98% equity interest in US- based managed security services provider (mssp) Trustwave. This US$810 million (S$1.1 billion) deal will see Trustwave Chairman and CEO, Robert J McCullen, holding the balance 2% equity interest
SIGINT engineering and signal processing company bought by CACI(Military Embedded Systems) CACI International Inc. officials announced that the company has acquired LTC Engineering Associates, Inc., in Sarasota, Fla., which provides digital signals processing, cybersecurity, software engineering, signals intelligence (SIGINT), and communications intelligence (COMINT) to the intelligence and Department of Defense (DoD) communities
Damballa opens office in Japan(Atlanta Business Chronicle) Damballa Inc. expanded into Japan with a new office in Tokyo that houses a manager, sales support and partners
CSA to hold hackathon featuring $10,000 prize(Help Net Security) The Cloud Security Alliance (CSA) will hold its third Hackathon at the RSA Conference 2015 in San Francisco, to continue to test the CSA Software Defined Perimeter Specification V.1. A top prize of $10,000 is available to the first participant to gain access to a password provided account
Welsh: Future hot jobs for airmen in cyber, drones(Air Force Times) Want to be a part of the Air Force of the future? Be ready to fly drones, or learn to hack. The hottest future jobs for the Air Force will follow the increasing need for cyber forces and the insatiable need for surveillance, Chief of Staff Gen. Mark Welsh said Wednesday
HardSploit: Dedicated hardware pentesting tool(Help Net Security) As Internet of Things adoption is gaining momentum, and we hear time and time again that making it secure will be the biggest challenge, French IT security consultancy Opale Security has come out with a plan for a tool that will allow auditors to audit IoT and industrial device, SCADA systems and basic electronic products used in everyday life
ThreatStream Joins Forces with HITRUST to Speed Detection of Cyber Threats Targeting Healthcare Industry(InsuranceNewsNet) ThreatStream®, the leading provider of an enterprise-class threat intelligence platform, today announced a groundbreaking partnership with Health Information Trust Alliance (HITRUST), the leader in information risk management supporting the healthcare industry. Through this partnership, HITRUST is offering the HITRUST Cyber Threat XChange (CTX), powered by ThreatStream, a service that streamlines cyber threat information sharing and significantly accelerates detection of and response to cyber threats targeted at the healthcare industry
Splunk to be backbone for critical F-35 system(Washington Technology) Splunk is lending a big hand to Lockheed Martin's F-35 Lightning II program thanks to a subcontract that the company won to watch over some of the fighter's most critical systems
Five Steps for Managing Cyberthreats in the Health Care Industry(Wall Street Journal) New information technologies and innovative business models are transforming the health care industry in several ways. The industry is beginning to focus on creating seamless interoperability among organizations, greater efficiencies in the delivery of care and increased consumer engagement through access to electronic health records and use of mobile health devices and apps
What’s next for your awareness program?(CSO) When I talk to CISOs or security awareness professionals, I frequently hear the same frustration about the results of their awareness programs. The supposed awareness programs have been a place for a year or more, and they have not yielded noticeable results, and in many cases seem almost useless, as user created incidents seem to continue to increase. When I ask them to describe their programs, what I get are descriptions of components of an awareness program and not a program itself. They describe computer-based training (CBT), and sometimes phishing simulations
Design and Innovation
Chip Fingerprinting Scheme Could Secure IoT Devices Against Malware(IEEE Spectrum) With the coming Internet of Things (IoT) in mind, Mitsubishi Electric, Ritsumeikan University, and the Japan Science and Technology Agency have developed a security scheme that can be used to identify individual logic chips by their "fingerprints." The scheme provides a means of preventing device spoofing, as well as a way to authenticate embedded software running on networked devices and so prevent malicious programs from being introduced
The future of the Iranian cyberthreat(Christian Science Monitor Passcode) Iran's interim nuclear deal with the P5+1 negotiators has been hailed at the White House and greeted with ambivalence in the halls of Congress. But how it impacts Iran in cyberspace remains to be seen. Iranian cyberconfrontations have been among the world's most explosive in recent years, including both attacks from Iran, such as disruption of the US banking sector and against Gulf energy companies, and against Iran, such as Stuxnet and the Wiper worm
Cyberattack Shows That China Isn't Content to Censor Its Own Internet(Slate) The Chinese government has increased its Internet censorship and propaganda recently, cracking down on wife-swapping and one-night-stand stories and releasing a digital collection of the president's collected sayings, dubbed "Xi's Little Red App." Around the same time, San Francisco-based GitHub was hit with a five-day denial-of-service attack that slowed computer programmers' work across the world. The timing doesn't seem to be a coincidence
Obama to Putin: Stop Hacking Me(Daily Beast) The U.S. is calling out Russia for a "dramatic rise" in cyber espionage against America. It's part of a veiled threat to the Kremlin: We know what you're doing online
Rand Paul's Ties to the Surveillance State(Bloomberg View) Few national politicians have the credibility of Senator Rand Paul when it comes to the issue of privacy. In his stemwinder Tuesday to kick off his presidential campaign against what he called the "Washington Machine," the Kentucky ophthalmologist promised to end the government's dragnet collection of telephone metadata from U.S. citizens
U.S. secretly tracked billions of calls for decades(USA TODAY) A USA TODAY investigation revealed that a secret program collecting phone call data for international calls started in 1992. The U.S. government started keeping secret records of Americans' international telephone calls nearly a decade before the Sept. 11 terrorist attacks, harvesting billions of calls in a program that provided a blueprint for the far broader National Security Agency surveillance that followed
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Cyber Threats Masterclass(Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...
InfoSec Southwest 2015(Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Fnancial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
IIT Cyber Forensics and Security Conference and Expo(Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...
RSA Conference 2015(San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
Security Forum 2015(Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...
CyberTexas / CyberIOT(San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...
INTEROP Las Vegas(Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...
2015 Synergy Forum(Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.