The recurring phenomenon of Middle Eastern hacktivism striking poorly protected targets continues: yesterday Alabama, today Sri Lanka. (Different hacktivists, same questionable aim.)
Ransomware piggybacks on widespread interest in Windows 10: CTB-Locker is being distributed through socially engineered attacks on those curious about the new version's features. Android mediaserver bugs also show some potential for ransom attacks.
Denial-of-service extortion (which IBM calls "ransomware's older cousin") revives as a threat: the US FBI warns financial institutions that they're targets.
Hackers exploit the well-known BIND vulnerability against DNS servers.
Black Hat is on, and with it the customary wave of product launches and vulnerability demonstrations. Among the latter is an account of the relative ease of attacking SDN switches.
Car hacking continues to capture the general media imagination. Consider it a special case of Internet-of-things vulnerability (and less-than-secure design).
WordPress is patched, and users are advised to update.
TruSTAR and Bugcrowd independently offer perspectives on information sharing and vulnerability disclosure.
Board members and other corporate leaders, strongly aware of cyber risk, are regarded as out-of-touch with respect to their businesses' security posture. More companies use crisis communication for reputation management (as stonewalling loses popularity). Interest in retaining counsel to handle cyber issues intensifies.
Working toward a bigger presence in the cyber security market, Accenture acquired FusionX. Forbes describes how big defense corporations position themselves in that market (often by exiting it).
China tightens Internet controls by embedding police in online firms.
The Council on Foreign Relations offers a Panglossian view of cyber deterrence.
Today's issue includes events affecting Australia, Canada, China, Germany, India, Israel, Japan, Singapore, Sri Lanka, Syria, United Kingdom, United States.
The CTB-Locker Ransomware is Back with a Vengeance: Windows 10 Social Engineering(Security Affairs) A false sense of hope that the presence, or rather the active spread, of crypto-ransomware in-the-wild has begun to slowly die out has been quickly diminished thanks to the group behind the CTB-Locker ransomware. While ransomware is of course still a huge issue today, the lack of new variants that have been discovered within the past few months may have given analysts and management alike a glimmer of hope
Android MediaServer Bug Traps Phones in Endless Reboots(TrendLabs Security Intelligence Blog) We have discovered a new vulnerability that allows attackers to perform denial of service (DoS) attacks on Android's mediaserver program. This causes a device's system to reboot and drain all its battery life. In more a severe case, where a related malicious app is set to auto-start, the device can be trapped in an endless reboot and rendered unusable
DDoS Extortion: Ransomware's Older Cousin(IBM Security Intelligence) Ransomware has received a lot of attention recently, but an older threat — extortion by threat of distributed denial-of-service (DDoS) attacks — also demands our focus. By making servers or services unavailable, DDoS attacks can be crippling to both an organization's finances and its brand reputation. DDoS attacks can be simple or sophisticated, but they're calculated nonetheless and are usually profit-driven. They can also be used to cover up something more sinister, as seen with the Dyre Wolf campaign. Adding the element of extortion to this type of attack only magnifies the gravity of the situation and the potential financial loss to the targeted organization
Nuclear EK traffic patterns in August 2015(Internet Storm Center) About two weeks ago, Nuclear exploit kit (EK) changed its URL patterns. Now it looks a bit like Angler EK. Kafeine originally announced the change on 2015-07-2, and we collected examples the next day
Reward Companies for Sharing Security Information with Greater Insight(Tenable) "The good guys are reluctant to share for market reputational risk, or for legal reasons, or they don't want to be seen too close to government, so the bad guys are winning the battle," said Paul Kurtz (@TruSTARtech), CEO of TruSTAR, in our conversation at the Black Hat Conference in Las Vegas. "The good guys continue to operate by themselves, or enterprise by enterprise. It's not working. It's not scaling nor will it scale until they start working together"
Why we should all care about cyber crime: the risk to you and me(Conversation) In today's world, the reality is that all individuals and organisations connected to the internet are vulnerable to cyber attack. The number, type and sophistication of attacks continues to grow, as the threat report published last month by the Australian Cyber Security Centre (ACSC) points out
Cyberthreats Take Aim at Individuals and Roles Inside Organizations(Wall Street Journal) Individuals with access to privileged information — such as chief financial officers, heads of HR and other senior leadership and boards of directors across enterprises — are increasingly the target of cyberattacks, not just their organizations, according to Mike Denning, vice president of global security at Verizon Enterprise Solutions
Stolen Consumer Data Is a Smaller Problem Than It Seems(New York Times) At Target, 40 million customers had their credit card information exposed to hackers. At JPMorgan Chase, personal details associated with 80 million accounts were leaked. Last month, a hacker gained access to 4.5 million records from the University of California, Los Angeles, health system
Why every CIO needs a cybersecurity attorney(CIO) Distinguishing the technical experts from those responsible for legal obligations and risks will help companies develop better breach response plans. Understanding the role of an external cybersecurity firm will only help
Exodus: Big Defense Companies Are Exiting Federal Services(Forbes) When Lockheed Martin disclosed last month that it would divest information and technical service lines with annual revenues of $6 billion while acquiring Sikorsky helicopters, many observers assumed that CEO Marillyn Hewson was trying to limit any increase in corporate revenues to ease regulatory approval of the Sikorsky transaction. Sikorsky's projected sales of $6.5 billion in 2015 are similar in scale to the services businesses destined to be sold or spun off, so it was a logical conclusion that Hewson was moving to preempt any concern on the part of regulators that the Pentagon's biggest supplier might become too big. However, that interpretation of her actions is essentially wrong
ESET File Security now available for Microsoft Azure(Zawya) ESET®, a global pioneer in IT security for more than two decades, today announced that its next-generation business product ESET File Security will become part of the security offering as a VM extension in Microsoft Azure. Business customers can now benefit from this proven and trusted IT security solution on Microsoft's cloud computing platform
New data breach requirements in Canada: how to best manage your risks(Lexology) Though recent amendments to Canada's Personal Information and Electronic Documents Act (PIPEDA) are now in force, the federal government has yet to release regulations addressing data breach notification. Still, given the growing number of well-publicized data breaches, it's critical for organizations to understand that their privacy policies and security safeguards are coming under greater scrutiny on all fronts. Below is a summary overview of some of the issues they need to keep in mind, as they prepare to face evolving cyber threats
Can FITARA Prevent Future Cyberattacks?(Nextgov) The Federal Information Technology Acquisition Reform Act — which aims to give agency chief information officers more authority over their IT budgets — could help CIOs eliminate outdated technology vulnerable to cyberattack, according to a group of federal IT leaders
New "Do Not Track" standard released(Help Net Security) The Electronic Frontier Foundation (EFF), privacy company Disconnect and a coalition of Internet companies have announced a stronger "Do Not Track" (DNT) setting for Web browsing — a new policy standard that, coupled with privacy software, will better protect users from sites that try to secretly follow and record their Internet activity, and incentivize advertisers and data collection companies to respect a user's choice not to be tracked online
Wireless Firewalls Needed to Protect Vulnerable Federal Branch Offices(SIGNAL) As if cyber breaches of key federal networks haven't been problematic enough for experts, hackers increasingly target smaller branch offices that present a weak link in cybersecurity. Wireless connectivity at remote locations leave networks vulnerable because they are not hardened with the latest firewall protections and traditionally do not have a lot of tech support, one expert says
Breaking Honeypots For Fun And Profit(Dark Reading) As a concept, honeypots can be a powerful tool for detecting malware. But in the emerging field of cyber deception, they're not up to the task of fooling attackers and getting our hands on their resources
Best practice application security: Does it exist?(Help Net Security) Unfortunately and unsurprisingly, website breaches have become an everyday occurrence. In fact, hacked websites have become so common that typically only the biggest data breaches capture enough attention to make headlines. Experts have known this eventuality was coming and honestly, the prediction was easy
How to kill Remote Access Trojans(CSO) Detecting Remote Access Trojans can be very challenging because they mimic legitimate commercial remote administration tools, open legitimate network ports, and perform very surgical operations that don't resemble typical malware techniques, says Udi Shamir, CSO and head of SecurityLabs, SentinelOne
7 Ways You're Being Tracked Online (and How to Stop It)(Wall Street Journal) Computer scientists from the BarcelonaTech university in Spain have shed light on some lesser known ways Internet companies track us online. The researchers also provided workarounds for the privacy-conscious
Alan Turing Institute gets down to work(ComputerWeekly) The Alan Turing Institute, named after the Second World War Bletchley Park cryptanalyst, is getting down to work with the announcement of its first new director and a raft of partnerships
Air Force researches insider threat protections(C4ISR & Networks) A special programs team at Hanscom Air Force Base in Massachusetts is working to rapidly research and identify technologies to help the Air Force and the Defense Department combat insider threats
Free K-6 Kit Teaches Cyber Security(T|H|E Journal) The same organization that challenges students to compete in cyber-security competitions now wants to help younger students learn cyber-security. The Air Force Association's CyberPatriot program office has put together a free kit to teach K-6 students how to stay safe online
USF leads Florida charge to stop cyber crimes(83 Degrees) Superman doesn't need a cape or superhuman abilities to save the world these days. Instead, he (or she) needs an ability to analyze data, spot potential breaches and plug Internet holes to keep the world safe from 21st century's thieves known as computer hackers
Wassenaar's web: a threat to technology transfer(The Hindu) When in July Wikileaks published official records and internal correspondence belonging to Hacking Team — an Italian company that sells surveillance technology to governments and businesses — New Delhi too was caught in the crosshairs of the controversy that followed. Why did the Indian government talk shop with a little-known entity and its equally dodgy marketing agents, critics wondered, especially when Hacking Team had a history of selling spyware to autocracies in West Asia and North Africa? If lawful interception and espionage were indeed the stated objectives behind purchasing such technologies, why didn't a government that spends trillions of rupees every year on defence spending simply go to a better manufacturer?
Internet 'was not designed for safety': Cyber Security Agency chief(Channel NewsAsia) It is a matter of time before Singapore sees a major cyberattack, and the onus is on the Government to make sure the networks are resilient and ensure information on the attack is disseminated as quickly as possible, says CSA chief executive David Koh
Senate takes up cyber security bill this week(Reuters via Business Insurance) The U.S. Senate will consider a cyber security bill this week that would make it easier for corporations to share Americans' personal information with each other or the government, Senate Majority Leader Mitch McConnell, R-Ky., said Tuesday
DISA fortifies cybersecurity through cloud access points(C4ISR & Networks) As the military community increasingly turns to commercial cloud capabilities, the question looms large as to how they will maintain the security of Defense Department networks and data. One answer: the cloud access points that will serve as reinforced gateways between internal networks and the web
US Cybersecurity 'Still Catching Up With The Past,' Says Former US Army Cyber Commander Rhett Hernandez(International Business Times) The United States is facing so many foreign cyberthreats that the military has no choice but to prioritize critical infrastructure that's most important to Americans — protecting things like the electrical grid, power plants and national security networks. The U.S. government and private companies also need to consider a range of problems that can heighten their vulnerability to hackers and data breaches, from a lack of education to the inability to retain top security experts. In fact, the only thing Americans can know for sure is that the recent, devastating hacks on Anthem health insurance and the U.S. Office of Personnel Management represent a sign of things to come
Top military cyber leaders convene for conference(Marine Corps Times) Just weeks after millions of Americans were affected by the largest data breach in U.S. history, the top military leaders in cyber defense are meeting to discuss how best to protect the country's networks
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Borderless Cyber 2015(Washington, DC, USA, September 15 - 16, 2015) OASIS, in collaboration with The World Bank, will bring together public and private sector security professionals from around the world to evaluate, debate, and collaborate on cyber security best practices...
Black Hat USA(Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...
BSides Las Vegas(Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...
Defcon 23(Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
3rd Annual Psyber Behavioral Analysis Symposium(Fort Meade, Maryland, USA, August 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium...
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
5th Annual Cyber Security Training & Technology Forum (CSTTF)(Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...
Decepticon 2015(Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...
AFCEA OKC Technology & Cyber Security Day(Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...
Power Grid Cyber Security Exchange 2015(San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.