ISIS continues its information operations campaign with online threats of violence.
The Local reports that TV5Monde was exposed to hacking during a months-long phishing campaign.
Pope Francis calls the Armenian genocide "genocide" and Turkish hacktivists respond by taking down a Vatican Website. (The hacktivists' motivations are probably more Kemalist than Islamist.)
CrowdStrike claims to have deterred Hurricane Panda: the Chinese hackers bugged out of a CrowdStrike-protected network after detecting CrowdStrike's presence. The deterrence in this case involved the simple economic strategy of raising the cost of a successful attack beyond what the attackers were willing to pay.
A forthcoming study of hacking economics appears to offer defenders hope: they may be more favorably positioned to buy (then fix) vulnerabilities in the zero-day market than are cyber criminals.
Cylance's Spear research team reports that new attack vectors are open to an 18-year-old Microsoft Windows Server Message Block (SMB) vulnerability. "Redirect to SMB" attacks can compromise Windows credentials. Microsoft harumphs that, well, the vulnerability's not really as bad as all that, but enterprises should consider the Cylance findings seriously.
Internet-of-Things and industrial control system security issues continue to trouble consumers and plant managers. Schneier sees the IoT as "really bad," and Weiss reminds us of how issues posed by accidents and attacks tend to converge in risk management.
Investors continue to give close attention to the security sector: stock-picks, M&A activity, and VC funding all figure in today's news.
The US blocks sale of Intel Xeon chips to China for supercomputer upgrades.
Today's issue includes events affecting Bangladesh, China, Colombia, Ecuador, Holy See (Vatican City), India, Iraq, Israel, Malaysia, Philippines, Palestinian Territories, Russia, Syria, Turkey, United Arab Emirates, United Kingdom, United States.
The CyberWire will be covering RSA 2015 in San Francisco next week. Look for special issues devoted to the event beginning Friday.
Cyber Attacks, Threats, and Vulnerabilities
Terrifying New ISIS Video Threatens Attack On American Soil(Refinery 29) Up to this point, the atrocities of the so-called Islamic State (or ISIS) have been restricted to the territories they control in Iraq and Syria. But, a terrifying new video released this weekend by the terror group calls for supporters to carry out a 9/11 style attack on American soil — warning of "lone wolf" terrorists who may be hiding out in Western countries.
'Phishing email' the key to hacking of TV5Monde(The Local (French Edition)) The jihadist cyber-attack against French television channel TV5Monde last week was set in motion in as far back as January, several sources with knowledge of the investigation said on Tuesday
The Economics of Persistent Cyber Attacks(Forbes) There's an arms race in information security — that much isn't news. As security companies develop better tools at detection and stopping attacks, adversaries develop better attacks. Or do they? "Just like in the physical world, you're not going to bring in Seal Team Six on every SWAT engagement you have," said Dmitri Alperovitch, co-Founder and CTO of CrowdStrike, an information security company. "You're going to bring them in to capture Osama Bin Laden because that's a target that makes more sense." The same is true with criminal hackers — they're going to start out an attack with the B-team. Or maybe even the C-team
Second-hand devices — cheaper but risky(CSO) The market for used smartphones and tablets offer opportunities for both buyers and sellers. But there are risks as well, both to individuals and the enterprise
As Ransomware Attacks Evolve, More Potential Victims Are At Risk(Threatpost) In early December, as most people were dealing with the stress of looking for the perfect holiday gifts and planning out their upcoming celebrations, police officers in a small New England town were under a different sort of pressure. The vital files and data the Tewksbury Police Department needed to go about its daily business had been encrypted and held for ransom, a scenario that is becoming increasingly common in enterprises and municipal agencies
Bulletin (SB15-103) Vulnerability Summary for the Week of April 6, 2015(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
The cost of a non-malicious control system cyber incident — more than $1Billion(Control) There is a tendency by many in the cyber security community to only care about malicious cyber attacks as opposed to unintentional cyber incidents. April 9th, 2015, the California Public Utilities Commission fined Pacific Gas & Electric (PG&E) $1.6 BILLION for the September 2010 San Bruno natural gas pipeline rupture that killed 8 and destroyed a neighborhood (there are also 28 federal criminal charges and numerous other fines and penalties). This was not a malicious cyber attack but an unintentional control system cyber incident
Gangs of hackers cause cyber breaches to spike 23%(USA TODAY) Organized criminal gangs of hackers got smarter, faster and more ubiquitous last year, pulling off 312 major breaches against companies. That's up 23% from the year before, Symantec's 2014 Internet threat report found
Takeaways From the 2015 Verizon Data Breach Investigations Report(Tripwire: the State of Security) Verizon's annual Data Breach Investigations Report (DBIR), now in its eleventh year, has become one of the most anticipated information security industry reports. Think of it as the Data Breach Bible, as it dissects thousands of confirmed data breaches and security incidents from around the globe into emergent and shifting trends, providing us with insightful guidance to apply to our own security practices
Are privileged users the most dangerous insider?(Help Net Security) 92 percent of healthcare IT decision makers reported that their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable
Phishers increasingly target banks and ISP accounts(Help Net Security) Phishing against banks and ISPs rose markedly compared to other sectors in the third quarter of 2014, according to the APWG. The number of brands being attacked remains high, and malware variants continue to proliferate at record rate of increase
Enterprise Security Threat Level Directly Linked to User Demographics, Industry and Geography(BusinessWire) Aruba Networks, Inc. (NASDAQ:ARUN) is calling for businesses worldwide to take action as a new mobile security risk report reveals that businesses are ill prepared for the high-risk, high-growth mindset of the #GenMobile workforce, creating alarming disparity around security practices in the corporate world. The chasm that is exposed between age, gender, income level, industry and geographic location has a direct effect on the security of corporate data
FireEye down 3.1% in wake of 60 Minutes broadcast(Seeking Alpha) After rising 5.3% on Friday on news COO Kevin Mandia would be appearing on a Sunday 60 Minutes segment about state-sponsored cyberattacks, FireEye (NASDAQ:FEYE) is returning a chunk of its gains today
Verint Systems: Tremendous Upside Possible(Seeking Alpha) Favorable industry tailwinds include the growth outlooks for big data analytics, cybersecurity and fraud markets. Large and diverse customer base minimizes the company's exposure to any one sector, country or region. Margins will continue expanding due to a highly scalable and capital-light business model. FX headwinds will persist going forward. DCF indicates significant undervaluation
Encryption, Innovation, and the Cyber Gold Rush(SoundCloud) New America's Peter Singer and Passcode's Sara Sorcher chat with Alex Stamos, Yahoo's chief information security officer and world renowned cybersecurity expert, about his company's new end-to-end e-mail encryption rollout, what it?s like to lead a team of "Paranoids" and why people who have his job are so stressed out
Security Startups Might Thank Snowden For Funding(Investor's Business Daily) The cybersecurity startup ecosystem has an unlikely benefactor: Edward Snowden. When Snowden famously exposed post-9/11 National Security Agency mass-surveillance practices in 2013, the whistleblower changed the face of the cybersecurity threat and ignited record levels of venture capital into security
IBM (IBM) Announces Acquisition of Intelligence Cloud Company, Explorys(Street Insider) IBM (NYSE: IBM) announced plans to acquire Explorys, a healthcare intelligence cloud company that has built one of the largest clinical data sets in the world, representing more than 50 million lives. The acquisition strengthens IBM's leadership position in healthcare analytics and cloud computing, and will help bolster its ability to extract and share deep insights to improve wellness and benefit patients
EMC turns to Azlan to reach more MSPs(MicroScope) It took a while for the answer to the question around the role of distribution in a cloud world to emerge but the importance of using that tier of the channel to help vendors support resellers is now being underlined on a regular basis
AlienVault Announces More Social Threat Exchange(TechCrunch) AlienVault, a cybersecurity firm aimed at SMBs, announced the Beta of Open Threat Exchange (OTX) 2.0. The company bills it as a threat intelligence sharing platform, and the social component it has added in the latest version enables members to discuss security threats on a social network
New security requirements for payment card vendors(Help Net Security) The PCI Security Standards Council (PCI SSC) has published version 1.1. of its PCI Card Production Security Requirements. The updated standard helps payment card vendors secure the components and sensitive data involved in the production of payment cards, protecting against fraud via the compromise of card materials
Hacker Lexicon: What Are Chip and PIN Cards?(Wired) Banks across the US are in the middle of rolling out a new type of secure credit and debit card to customers, while retailers are installing new card readers to process them. By October, all credit and debit card purchases must use a technology called chip and PIN or the card issuer or retailer would face fines if card data is stolen and used by thieves. The dictum comes from Visa and MasterCard in the wake of high-profile bank card breaches at Target and other businesses over the years. The new EMV, or so-called chip and PIN cards, have an embedded microchip that authenticates the card as a legitimate bank card
How to Recover When Hackers Invade Your Email(TechZone360) Hacking is everywhere in the news these days, and for good reason: it is more prevalent and damaging than ever before. Just ask Anthem, the United States' second-largest health insurer who announced in February that it had suffered a major breach. While no electronic medical records were compromised, thieving hackers stole sensitive user information: names, addresses, and Social Security numbers. In fact, 79 million individuals' data — current and former customers, employees, and even non-customers — was stolen. The hackers believed to be responsible for the attack had been inside the Anthem system for months. Anthem left all of its user account information unencrypted, reportedly because encryption is inconvenient
What is Email Encryption?(Digital Guardian) Email encryption defined in Data Protection 101, our series on the fundamentals of data security
Design and Innovation
Is DARPA's Memex search engine a Google-killer?(Naked Security) The history of computing features a succession of organisations that looked, for a while at least, as if they were so deeply embedded in our lives that we'd never do without them
U.S. Blacklisting of China's Supercomputers May Backfire(IEEE Spectrum) When China wanted to upgrade Tianhe-2, currently the world's fastest supercomputer, it turned to U.S. chipmaker Intel. But the U.S. government has blocked Intel from helping with the tech upgrade and blacklisted several Chinese supercomputing centers over concerns for their involvement in nuclear weapons development. Experts warn that in the long run such a move may hurt the business of U.S. chipmakers and encourage China to speed up its homegrown chip development
Frenemies US and China join forces to fight cyber crime(Engadget) The US and China are going to try to work together to take on cyber criminals. The Department of Homeland Security says that the US and China "intend to establish cyber discussions" on the path to reestablishing full government-to-government cyber security discussions. The DHS and China's Ministry of Public Sector agreed to focus on cross border cyber-enabled crimes like money laundering and online child sexual exploitation. The renewed interest in cooperation is the result of DHS Secretary Jeh Johnson's visit to Beijing
An ambitious Russian court has banned 136 internet porn sites(Quartz) Vladimir Putin once said that half the internet is nothing but "porno materials." While a major academic study in 2010 found that, in reality, just 4% of websites were pornographic, it's an undisputed fact that there is indeed a lot of adult-rated material on the web
Eugene Kaspersky: Standing up to bullies and why we'll never capitulate(International Business Times) Q: Why won't sharks attack lawyers? A: Professional courtesy. I overheard that joke once when I was on a flight. For some reason, it stuck with me. While it's obviously a tad harsh to tar all lawyers with the same brush, my recent encounters with legal practitioners have done little to disprove the accuracy of this joke
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
INFWARCON(Nashville, Tennessee, USA, April 28 - 30, 2015) INFWARCON takes a look at how the balance has flipped in the past 20 years in the cyber security industry. Back then, governments had the upper hand, and could not imagine that cyber criminals could ever...
Southern Africa Banking and ICT Summit(Lusaka, Zambia, April 30, 2015) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SOURCE Conference(Boston, Massachusetts, USA, May 25 - 28, 2015) SOURCE is a computer security conference happening in Boston, Seattle, and Dublin that is focused on offering education in both the business and technical aspects of the security industry. The event's...
ASIA (Annual Symposium on Information Assurance)(Albany, New York, USA, June 2 - 3, 2015) ASIA is an event held jointly with the 18th Annual New York State Cyber Security Conference (NYSCSC), aiming to attract researchers and practitioners alike for engaging talks about information security...
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Fnancial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
Cyber Security Summit: Financial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
INFILTRATE Security Conference(Miami Beach, Florida, USA, April 16 - 17, 2015) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.