The cyber intrusion into Australia's Bureau of Meteorology looks more like an attempt to reach that country's defense networks. Most interested parties have now clammed up, but China remains the leading and obvious suspect.
China and the US have reached some agreement on cooperation in cyberspace, specifically more information sharing and establishment of a hotline over which cyber tensions might be discussed and eased. Chinese authorities issue fresh denials that the OPM hack was the work of their government, but they also say it was the work of Chinese criminals, some of whom they've arrested. No one's really buying the denials, at least yet — the data stolen from OPM seem not to have turned up for sale in any criminal market — but the two countries seem to share a mutual interest in rapprochement.
Iran, which observers flag as a growing cyber threat to Western targets, tenders the international community its good offices as an honest broker of IoT security.
ISIS continues its ghastly online propaganda-of-the-deed, with new execution videos and opportunistic praise of yesterday's mass shooting in San Bernardino, California.
The Armada Collective gives three Greek banks a taste of what they'll receive if they don't pay their ransom.
Trend Micro describes "Operation Black Atlas," a complex point-of-sale campaign that conducts extensive pre-attack reconnaissance, then selects the most effective tool to compromise its retail targets.
Conficker's resurgence shows that criminals need not innovate to succeed.
The US Department of Homeland Security has some new and interesting notes on cyber insurance.
Today's issue includes events affecting Australia, Austria, Barbados, Belgium, Chile, China, Dominican Republic, European Union, Germany, Grenada, India, Iran, Iraq, Ireland, Jamaica, Russia, St. Kitts and Nevis, St. Vincent and the Grenadines, Syria, Taiwan, Trinidad and Tobago, United States.
The Inaugural IoT Security Foundation Conference(IoT Security Foundation) The inaugural IoT Security Foundation Conference is a one-day event and follows on from the popular IoT Security Summit held earlier in the year at Bletchley Park. Whilst the Summit looked at the problems with IoT security, this conference will look closer at the need for security, applications and what organisations should be doing to ensure a security first, fit for purpose and resilient approach
Panel casts doubt on U.S. propaganda efforts against ISIS(Washington Post) The State Department is considering scaling back its direct involvement in online campaigns to discredit the Islamic State after a review by outside experts cast new doubt on the U.S. government's ability to serve as a credible voice against the terrorist group's propaganda, current and former U.S. officials said
Armada Collective demands ransom from Greek banks(SC Magazine) A hacking group dubbing itself the Armada Collective has claimed responsibility for striking three Greek banks with distributed denial of service (DDoS) attacks and has threatened to continue to do so unless paid a ransom
New variant of CryptoWall — Is it right to call it 4.0?(Internet Storm Center) Earlier this week, I saw the most recent variant of CryptoWall as a payload delivered by the Angler exploit kit (EK). Many people, including me, have been calling this new variant "CryptoWall 4.0." However, version 4.0 is not the most accurate term for this ransomware. So why are we calling it that?
[Conficker] Infection Tracking(Conficker Working Group) As security professionals we always are asked how large is the population of an infection. Conficker is no different from any other, and it seems that everyone wants to have some value to use for many different purposes. The press for impact, some vendors for FUD, and others to have a number to compare to other infections. The bottom line is that no one can give an exact number on any infection ever. If anyone ever states exact numbers, they either are controlling it, or are not being completely honest to themselves or others on the means of data collection
Hospital hacking 'time bomb'(West Australian) Hospitals are potential targets for terrorists to hack into computer systems and take control of medical equipment to harm patients, a Perth conference had heard
IoT Botnets From China Will Be Major Problem By 2017: IID(ValueWalk) According to cybersecurity firm IID, Chinese and Eastern European hackers are likely to take control of millions of new devices connected to the Internet of Things, and create a botnet army out them for various nefarious purposes
12/2/2015 Study: Hackers Will Exploit Upcoming U.S. Election(National Defense) Hackers and cyber criminals will use the upcoming U.S. presidential election to attempt to trick unsuspecting citizens into giving away personal data as well as breach online accounts of candidates, election staffers and media outlets, a study released Dec. 2 said
Security Patches, Mitigations, and Software Updates
Security Challenges in the Internet of Things (IoT)(Infosec Institute) The Global State of Information Security® Survey 2015 issued by PricewaterhouseCoopers comes to the conclusion that about 70% of connected IoT devices lack fundamental security safeguards
Research reveals failure of PKIs to follow best practices(SecurityInfoWatchj) In a recent study entitled the 2015 PKI Global Trends Study conducted by Thales, a leader in critical information systems and cybersecurity, which was based on independent research by the Ponemon Institute and sponsored by Thales, spotlights an increased reliance on public key infrastructures (PKIs) in today's enterprise environment that is supporting a growing number of application
Small Islands, Big Problems: Cybersecurity in the Caribbean Realm(Small Wars Journal) According to the Organization of American States (OAS) in its latest report on "Latin American + Caribbean Cyber Security Trends" released in June 2014, Latin America and the Caribbean have the fastest growing Internet population in the world with 147 million users in 2013 and growing each year
Cybersecurity Insurance(US Department of Homeland Security) Cybersecurity insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage
Venture capitalists flock to cybersecurity information-sharing platforms(Washington Post) Arlington cybersecurity start-up ThreatConnect said Tuesday that it has raised $16 million from investors, led by the corporate venture capital arm of SAP's North American subsidiary in Rockville. The next morning just down the road in Sterling, Va., a similarly-named start-up called ThreatQuotient said it raised $10.2 million, led by prolific technology investor New Enterprise Associates. A few weeks ago Arlington-based Trustar announced a $2 million in seed funding
Threat Intelligence Advancements Evolve To Deliver Cyberattack Early Warnings(CIO Today) BrightPoint Security™, a leading Threat Intelligence Platform provider for automation, curation and sharing of threat intelligence Relevant Products/Services to fight cyber attacks, today introduced a new release of its Sentinel™ platform that provides immediate evidence-based predictive insight with risk-prioritized threat scoring
Fending off cyber extortion can be difficult(CSO) A basic computer setup connected to the internet grants a malicious hacker the power to steal sensitive information, affect a company's stock value, and hold corporations to a ransom with the click of a mouse
Securing the smart home environment(Help Net Security) Currently, smart home environments complement traditional home appliances with connected devices that collect, exchange and process data to create added-value services and enhance the quality of life of inhabitants
OPM Breach: Credit Monitoring vs. Freeze(KrebsOnSecurity) Many readers wrote in this past week to say they'd finally been officially notified that their fingerprints, background checks, Social Security numbers, and other sensitive information was jeopardized in the massive data breach discovered this year at the Office of Personnel Management (OPM)
Cyber warfare an integral part of modern politics(SC Magazine) Cyber-operations are being used for a wide range of information warfare and intelligence gathering purposes, including in the war between Russia and Ukraine, according to a new book published today by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCE)
New Cybersecurity Resource Launches(OPM Director's Blog) I'm pleased to report that we have established a verification center to help individuals who have had their information stolen in the malicious cyber intrusion carried out against the Federal Government
Air Force CIO: We're taking lead on cyber, enterprise IT(C4ISR & Networks) The Air Force is in the middle of implementing a host of technology-focused efforts that are moving the service forward in cybersecurity and joint information operations, according to CIO Lt Gen William Bender
Chinese government has arrested hackers it says breached OPM database(Washington Post) The Chinese government recently arrested a handful of hackers it says were connected to the breach of Office of Personnel Management's database this year, a mammoth break-in that exposed the records of more than 22 million current and former federal employees
China Says Hack of U.S. Government Was Not State Sponsored(Entrepreneur) China's official Xinhua news agency said on Wednesday that an investigation into a massive U.S. computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored
China Calls Hacking of U.S. Workers' Data a Crime, Not a State Act(New York Times) China has acknowledged for the first time that the breach of the United States Office of Personnel Management's computer systems, which the Obama administration said exposed the personal information of more than 21.5 million people, was the work of Chinese hackers
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
BSides San Francisco(San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Cyber Security Breakdown: Washington DC(Washington, DC, USA, December 3, 2015) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Cloud Security Alliance Summit Los Angeles 2015(Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...
2015 Cyber Security Exchange(Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
Disrupt London 2015(London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
Cyber Risk Wednesday: 2016 Threat Landscape(Washington, DC, USA, December 9, 2015) To discuss how 2016 will likely challenge today's security thinking and what we can learn from the past year's developments and these trends, please join the Atlantic Council's Cyber Statecraft Initiative...
NSA RCTCON(Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure(New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.