Daesh/ISIS issues new instructions to its followers over Telegram, warning of a tougher fight to come and offering nervous advice (sounding almost like a chamber of commerce during October) about how to stay safe online. Daesh online activity is expected to continue to focus on information operations. Spanish police arrest two Daesh recruiters, and US prosecutors proceed against an Ohio man tweeting jihadist death threats.
Citizen Lab reports on "Packrat," a cyber threat actor Citizen Lab says has targeted South American journalists for several years. As its name suggests, the actor makes much use of RATs (remote-access Trojans). Observers speculate that Packrat is state-sponsored.
Trend Micro warns that the Independent's blog has been compromised to serve visitors TeslaCrypt ransomware.
The criminal black market continues growth and maturation.
Yesterday was Patch Tuesday, with security updates from Adobe (for Flash Player), Apple (for iOS, tvOS, OS X, watchOS, Safari, and Xcode), Google (for Android and Chrome), and Microsoft (for Windows, IE, Edge, Silverlight, Skype for Business, Microsoft Lync, .NET Framework, and Office). Microsoft rates eight of its seventy-one (71!) patches "critical." Of Google's nineteen Android fixes (actually pushed out Monday), four address "critical" issues.
As the US encryption debate unfolds, some see Kazakhstan's new law requiring backdoors as an international precedent.
Wired thinks it's found hemi-semi-demi-mythical Bitcoin creator "Satoshi Nakamoto": he is, says Wired, an Australian named Craig Steven Wright. Hours after Wired publishes its profile (much disputed since in Twitter and elsewhere) Australian police raid Wright's home on a tax beef.
Today's issue includes events affecting Argentina, Australia, Brazil, China, Ecuador, France, Germany, Iraq, Kazakhstan, Luxembourg, Morocco, Netherlands, Singapore, Spain, Syria, United Kingdom, United States, and Venezuela.
South America hacker team targets dissidents, journalists(AP via KIII TV) A shadowy cyber-espionage group that sent malware to the prosecutor whose mysterious death transfixed Argentina early this year has been hitting targets in left-leaning nations across South America, the Internet watchdog group Citizen Lab reported Wednesday
Inadvertently Disclosed Digital Certificate Could Allow Spoofing(Microsoft Security TechCenter) Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue
Personal info of 12+ million Dutch mobile phone owners easily accessible to hackers(Help Net Security) Sijmen Ruwhof, a freelance IT security consultant and ethical hacker from Utrecht, recently stumbled across what turned out to be an example of how poor security practices of business partners can result in the compromise of a company's customer data — in this case, the compromise of personal data of basically all Dutch citizens who own a mobile phone
The German Underground: Buying and Selling Goods via Droppers(TrendLabs Security Intelligence Blog) The recent Paris attacks were carried out with both guns and explosives. While the perpetrators probably made the latter themselves, they could not do the same for their guns. So where did they turn to? One option may have been: the Deep Web
Universities suffer cyber-attack(BBC) University students across the UK have been unable to submit work, after the academic computer network known as Janet came under cyber-attack
Blog of News Site "The Independent" Hacked, Leads to TeslaCrypt Ransomware(TrendLabs Security Intelligence Blog) The blog page of one of the leading media sites in the United Kingdom, The Independent has been compromised, which may put its millions of readers at risk of getting infected with ransomware. We have already informed The Independent about this security incident. However, the site is still currently compromised and users are still at risk
Hello Barbie, Can We Talk About Your Security Issues?(TechNewsWorld) New security issues that surfaced last week in connection with Mattel's Hello Barbie doll, which talks back to kids, have heightened fears that hackers could use the toy to steal information about its owners and their families
Child's Play: Hacking the Internet of Things(PD&D) A company called VTech based in Hong Kong makes smart toys for kids. One of their tablet products can connect to a parent's smartphone with a service called KidConnect, allowing children to send photos and text messages to their parents
Facebook hoax alert! No, Mark Zuckerberg is not giving $4.5m to people like YOU and ME(Naked Security) OMG!! Did you hear that new dad Mark Zuckerberg is giving away $45 billion of Facebook stock and that for some reason none of the news articles about it have mentioned the fact that 10% of it is being given to Jane and Joe Schmoes like you and me if we just copy and paste this message about it which has a smiley face that makes me feel all warm and fuzzy and trusting?
100,000 laptops and phones left in UK bars each year(Help Net Security) UK bars guzzle up a staggering 138,000 mobile phones and laptops each year, and alarmingly 64 percent of the devices do not have any security protection installed, which means anyone can gain access to the contents they hold
Security Patches, Mitigations, and Software Updates
Security updates available for Adobe Flash Player(Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system
Apple Releases Multiple Security Updates(US-CERT) Apple has released security updates for iOS 9.2, tvOS 9.1, OS X, watchOS 2.1, Safari 9.0.2, and Xcode 7.2 to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system
Stable Channel Update(Chrome Releases) The stable channel has been updated to 47.0.2526.80 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player (220.127.116.11) and security fixes
Enforcing USB Storage Policy with PowerShell(Internet Storm Center) In a previous diary, I presented the CIRCLean (USB sanitizer) developed by the Luxembourg CERT (circl.lu). This tool is very useful to sanitize suspicious USB sticks but it lacks of control and enforcement. Nevertheless, how to prevent the user to insert the original USB stick in a port of his computer?
IT personnel and executives: Worst at security(TechRepublic) It's not always external attacks that can hinder network performance and put data at risk. Sometimes the problem exists with your users — especially the ones who should know better
UN plans special meeting on technology and counter-terrorism(FierceGovernmentIT) A counter-terrorism committee established by the United Nations Security Council in the wake of the Sept. 11 attacks will hold a special meeting on preventing and combating abuse of Internet and communications technology for terrorist purposes
Lawmakers still at impasse over cyber bill(The Hill) Lawmakers seeking a compromise on the final text of major cybersecurity legislation are still at an impasse, a co-sponsor of one of the bills said Tuesday afternoon
Suspected 'Islamic State' recruiters arrested in Spain(Deutsche Welle) Spanish police have arrested two people on suspicion of forming an 'Islamic State' (IS) group cell and recruiting and indoctrinating Islamic militants. The pair had made specific threats against Spain and France
Bulk Phone Records Collection & San Bernardino(Overt Action) The recent terrorist attack in San Bernardino has kicked up yet another round of debate regarding NSA's bulk phone records collection program, which was officially ended on November 29th, in accordance with requirements of the USA FREEDOM Act
Ohio man accused of making threats against military members(Military Times) An Ohio man who prosecutors say was sympathetic to the Islamic State posted the names and addresses of 100 members of the military on social media and called for them to be killed, according to a federal indictment issued Tuesday
Sophos settles legal claims with US rival(fastFT) Sophos, the recently-listed UK cyber security group, has settled with US competitor Fortinet following a lawsuit that accused it of stealing patents and staff
Find My iPhone Search Ends in Violence(Intego) As we have detailed in the past, there are many examples of cases where "Find my iPhone" has helped save lives or helped law enforcement agencies locate criminals too dumb to disable it
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Billington CyberSecurity INTERNATIONAL Summit(Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
Cyber Risk Wednesday: 2016 Threat Landscape(Washington, DC, USA, December 9, 2015) To discuss how 2016 will likely challenge today's security thinking and what we can learn from the past year's developments and these trends, please join the Atlantic Council's Cyber Statecraft Initiative...
NSA RCTCON(Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure(New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.