Security analysts and journalists continue to digest the Equation Group story. The scope of US-Iranian cyber conflict draws fresh attention.
Reports allege the US State Department has not yet succeeded in cleaning up its compromised unclassified networks.
Gemalto and the telco buyers of the firm's SIM cards work to understand GCHQ's and NSA's alleged intrusion into their systems: keys used in point-to-point encryption keys appear to have been compromised. Ki shared secret keys, widely used in telecom encryption, seem to have been the vulnerable point. Gemalto investigates, large telcos prepare for general SIM card replacement, and Gemalto sustains a significant hit in the stock market (despite its protest that its devices are secure).
Another company, Lenovo, also endures significant reputational damage as the market processes the discovery that the device manufacturer pre-loaded Visual Discovery into its PCs. Microsoft, McAfee and others have pushed out cleanup help, and Lenovo (with some backing and filling) also seems to be belatedly remediating its products. The core issue is said to be the ease with which Visual Discovery's private key can be compromised, exposing users to man-in-the-middle attacks.
The company whose software attracted such odium, Superfish, unrepentantly blames the general outrage on vulnerabilities introduced by third-party Komodia. Journalists give Superfish decidedly mixed reviews as a company — Forbes is in the middle with its "interesting history" verdict. Meanwhile a class-action lawsuit has been filed in California against Lenovo.
Privacy concerns loom large for both the incoming US Congress and the President's cyber-policy outreach to industry.
Today's issue includes events affecting Australia, China, European Union, Germany, Iran, Israel, Netherlands, Pakistan, Russia, South Africa, Syria, United Kingdom, United States.
Gemalto announces investigation of massive SIM heist(Help Net Security) Yesterday's report by The Intercept hit the information security community like a ton of bricks, as a set of documents from Edward Snowden's trove indicate that the US NSA and the UK GHCQ have managed to compromise the networks of Dutch SIM card manufacturer Gemalto and acquire encryption keys that protect the privacy of cellphone communications of millions of users around the globe
Report of hacking of SIM card supplier puts spies in spotlight(Australian) European government officials, telecom executives and investors rushed on Friday to respond to a report US and British intelligence agencies breached security systems at Gemalto, a supplier of encryption technology to wireless carriers
Document Reveals Growth of Cyberwarfare Between the U.S. and Iran(New York Times) A newly disclosed National Security Agency document illustrates the striking acceleration of the use of cyberweapons by the United States and Iran against each other, both for spying and sabotage, even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate in the talks over Iran's disputed nuclear program
How the NSA's Firmware Hacking Works and Why It's So Unsettling(Wired) One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive's firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware — the guts of any computer — "surpasses anything else" they had ever seen
Kaspersky Lab: Israel spared two major cyberattacks(Times of Israel) Software security firm says the Equation Group hacking operation is by far the most sophisticated malware it has uncovered, and the most dangerous; also discovers mega cyber robbery plot
Months Later, Hackers Still Inside State Department's Network(HS Today) Three months after the Department of State acknowledged that hackers breached its unclassified email system, government cybersecurity investigators still haven't been able "to evict them from the department's network, according to three people familiar with the investigation," the Wall Street Journal reported Thursday
Spies Can Track You Just by Watching Your Phone's Power Use(Wired) Smartphone users might balk at letting a random app like Candy Crush or Shazam track their every move via GPS. But researchers have found that Android phones reveal information about your location to every app on your device through a different, unlikely data leak: the phone's power consumption
OpSaudi: Hackers Shutdown Saudi Bank Website(HackRead) On Wednesday 17th Feb, 2015, a group of hacktivists calling themselves "The oppressed defenders" conducted a cyber attack on Saudi Arabian based bank AlJazira in shape of a Distributed denial of service attack (DD0S)
Hackers Cut in Line at the Burning Man Ticket Sale — And Get Caught(Wired) Burning Man has practically gone mainstream. The once-fringe desert camping festival is now cultural fodder for The Simpsons and Taco Bell commercials. Celebrities and CEOs routinely attend. So it's no surprise that 40,000 Burning Man tickets sold out in less than an hour last Wednesday when they went on sale
Over 250,000 home routers sport same SSH keys, warns researcher(Help Net Security) With a simple search, John Matherly, the creator of Shodan, has discovered with it more than 250,000 routers that share the same SSH key, meaning they also share the same private key. An attacker could access and hijack them if the devices are configured to allow remote access and authentication
'Yes, your car wash is on Facebook'(Threatpost) When (or if) people think about the security of the devices they interact with and use on a daily basis, the machines that run their local car wash probably aren't high up on that list. But, like everything else with a computer for a brain these days, those machines are connected to the Internet. And Billy Rios can hack them
Bulletin (SB15-054) Vulnerability Summary for the Week of February 16, 2015(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Pinterest Unveils Its New Spam-Fighting Tool(Wired) Marty Weiner, employee Number Two at Pinterest, needed a better way to fight spam on the popular internet-scrapbooking site. At one point, he asked Mike Krieger, the co-founder of another up-and-coming online social network — Instagram — how he handled the problem
Notorious Malware Improvements and Enhancements of 2014(TrendLabs Security Intelligence Blog) 2014 was a year that was marked with numerous changes in the threat landscape. We saw a lot of improvements in existing malware, either with new evasion techniques or versions. We even saw some old techniques and attacks resurface in the landscape
Hacking hauls grow as security experts rush to catch up(Sarasota Herald-Tribune) This month, the White House held a summit on how to contain such attacks, and one irrefutable conclusion left many in the security industry shaken: Cyber thieves are getting bolder — and smarter
Where's the outrage over data hacks?(Bloomberg News via Arkansas Online) It has been a couple of weeks since health insurer Anthem disclosed that hackers had gotten hold of data on 80 million of its customers. Which just means we're that much closer to the disclosure of the next giant data hack
Using Cyberattacks To Study An Intelligent Adversary(Nasdaq) Organized crime, unfriendly nations and dissidents are using increasingly cheap technology and new platforms such as smartphones and cloud computing to launch cyberattacks on thousands of companies and millions of individuals at a time
Cyber readiness across government and critical infrastructure industries(Help Net Security) While the frequency and severity of cyberattacks against organizations are on the rise, a majority of IT leaders do not feel confident in their leaderships' ability to leverage intelligence that can predict a cyber vulnerability and effectively combat threats, according to Lockheed Martin
The Future of Cybersecurity Hinges on Boardroom Engagement Today(SecurityWeek) Cyber attacks are increasingly sophisticated and discrete. Nation states and cybercriminal organizations frequently bankroll and mastermind these attacks with the aim of financial or political gain. If attackers have high-powered backing behind them, shouldn't defenders as well? Isn't it time that organizations' top leaders are actively engaged in defense? Granted, the vast majority of enterprises have an executive with direct responsibility for security. But for modern businesses, security leadership needs to ascend even higher in the organization: to the boardroom
Disconnect yawns between CISOs, exec leadership, study says(SC Magazine) A recent survey by Ponemon Institute and Raytheon found senior executives don't fully understand the extent of security threats.
Even though CISOs opine that cybercrime and cyberterrorism will be major threats in the next three years, they, by and large, believe that senior executives don't fully understand the extent of those threats, which has proven a real obstacle to meaningful prevention
Who's an insider threat? This one-paragraph definition sums it up for CSOs(IT World Canada) More than half the attendees at a cyber-security event produced by the Conference Board of Canada on Wednesday admitted they are not aware of any common way their organization defines an "insider threat," despite the increased risk they pose to corporate systems and information
Is Superfish an Internet pioneer or a PC user's privacy nightmare?(Tech 2) A little-known Silicon Valley startup was caught in a firestorm of criticism this week for making software that exposed Lenovo laptop users to hackers bent on stealing personal information. But Superfish Inc. has also won praise for producing visual search technology that many see as the next big thing in online shopping
Cybersecurity stocks surge again(Seeking Alpha) With the help of strong earnings reports, government initiatives, and ongoing hacking scandals bolstering broader corporate interest in cybersecurity, security tech plays are refusing to take a breather
CyberArk Software: A Bubble Ready To Burst?(Seeking Alpha) Cybersecurity software has become a red hot space. Stock has soared from $16 IPO. Lockup expiration could tremendously increase float. Valuation needs to be justified by substantial future growth
Juniper Networks spinoff expands to Massachusetts(Boston Business Journal) Less than one year after Juniper Networks (NYSE:JNPR) sold off its Junos Pulse security business to Siris Capital for $250 million, the investors behind the business have since acquired MobileSpaces and have decided to expand the business to the East Coast
ENISA Calls For New ICS/SCADA Cybersecurity Certification Programs(SecurityWeek) The European Union Agency for Network and Information Security (ENISA) has published a new study on the challenges of developing certification schemes for cybersecurity professionals in the field of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA)
5 Steps to Preventing a Data Breach(RIS News) With more and more consumers using cards instead of cash to pay for their purchases, it's no surprise that retailers are adjusting their payment options to give their customers what they want. Brands are enabling e-payment options, both in store and online, where customers can pay for their merchandise with the swipe of a card and then be on their way
Design and Innovation
Next big thing in online advertising spurs criticism for security flaws(Japan Times) A little-known Silicon Valley startup was caught in a firestorm of criticism last week for making software that exposed Lenovo laptop users to hackers bent on stealing personal information. But Superfish Inc. has also won praise for producing visual search technology that many see as the next big thing in online shopping
Can the Senate's new Republicans usher in NSA surveillance reform?(Christian Science Monitor: Passcode) After the Snowden leaks, many wannabe Republican senators made NSA reform a campaign platform. Now that they're in the Senate, privacy advocates hope they'll stay true to their commitment for curbing surveillance and add momentum to a reform bill
Can Obama, GOP reach consensus on cybersecurity?(CBS News) After cyberhacks across America's most lucrative industries — particularly in health (with insurance giant Anthem), finance (JP Morgan Chase) and Hollywood (Sony Pictures) — the Republican Party said that such cyber-assaults are a "crucial challenge" the nation can't afford to ignore
Retailers Pressed to Protect Consumers From Data Breaches (NerdWallet) Data security continues to be a struggle for major retailers. Surprisingly, there are still few federal regulations for them to follow if they're hacked. Without such rules, damage will most likely increase from high-profile breaches such as those that hit Target and Home Depot in the past year or so
It's time for a National Cybersecurity Safety Board (NCSB)(CSO) In his book The Psychological Edge: Strategies For Everyday Living, clinical psychologist Dr. Samuel Shein writes that while we have a National Transportation Safety Board (NTSB), there is no National Psychological Research Board (NPRB). A group like the NPRB could investigate national disasters caused by those with psychological issues
Justice, DHS Quarantine Smartphones Returning from Abroad(NextGov) Officials at the departments of Justice and Homeland Security typically expect employees' smartphones will be bugged when they travel overseas. So, they are experimenting with various ways to neutralize foreign spy gear
SEC Cyber Security Sweep: Good News, Bad News(InformationWeek: Bank Systems & Technology) In the wake of the SEC's cyber security examinations and a subsequent report, three causes for celebration and three serious action items have emerged from the SEC's recent cyber security examinations. These illustrate where the financial services industry focus its information security efforts
TurboTax's Anti-Fraud Efforts Under Scrutiny(KrebsOnSecurity) Two former security employees at Intuit — the makers of the popular tax preparation software and service TurboTax — allege that the company has made millions of dollars knowingly processing state and federal tax refunds filed by cybercriminals. Intuit says it leads the industry in voluntarily reporting suspicious returns, and that ultimately it is up to the Internal Revenue Service to develop industry-wide requirements for tax preparation firms to follow in their fight against the multi-billion dollar problem of tax refund fraud
Drones, cybercrime among topics at annual AG meeting(Legal Newsline) When the National Association of Attorneys General meets next week for its annual winter meeting, much of the discussion will focus on several new challenges they face as the chief legal officers of their states
Will your business be financially responsible for cyber attack losses?(Lexology) Businesses are becoming increasingly concerned with cybersecurity as their reliance on technology and data increases. Recent reports of cyber attack incidents underscore the importance of proactive steps to assess a business's vulnerability…A recent federal court decision highlights the importance of careful contract drafting and review to ensure that even time-tested contract language continues to accomplish the parties' business goals and allocates all the risks as intended, including liability for data breach losses
Pakistan arrests FBI’s most-wanted Cyber criminal(HackRead) Officials from Cybercrime Circle of Federal Investigation Agency (FIA) have revealed that two of the Federal Bureau of Investigation (FBI)'s ten most-wanted cyber criminals have been arrested by their department on FBI's request. The suspects Noor Azizuddin and Farhanul Arshad were arrested from their house in Federal B Area in a pre-dawn raid by FIA
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Houston Secure World(Houston, Texas, USA, May 13, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Atlanta Secure World(Atlanta, Georgia, USA, May 27 - 28, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Cyber Security Summit 2015(Minneapolis, Minnesota, USA, October 21 - 22, 2015) The Summit's mission is to establish a multi-stakeholder consortium that brings together industry, government and academic interests in an effort to improve the state of cyber security on both a domestic...
10th Annual ICS Security Summit(Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...
Cybersecurity for a New America: Big Ideas and New Voices(Washington, DC, USA, February 23, 2015) In addition to featuring keynote remarks by Admiral Mike Rogers, Director of the National Security Agency, this event will convene experts and practitioners from the public and private sector, military,...
Workforce Development Forum — CyberWorks Information Session(Baltimore, Maryland, USA, February 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in...
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
The Future of Cybersecurity Innovation(Washington, DC, USA, February 26, 2015) The US intelligence community has ranked cyberattacks as the No. 1 threat to national security — more than terrorist groups or weapons of mass destruction. But the military's cyberwarriors fight...
2015 Cyber Risk Insights Conference — San Francisco(San Francisco, California, USA, March 3, 2015) Following on the success of the 2014 half-day cyber risk event, Advisen will present a full day of learning and networking for risk managers, CISOs, CROs, insurance brokers, insurance underwriters, reinsurers...
Cybergamut Technical Tuesday: Tor and the Deep Dark Web(Columbia, Maryland, Sioux Falls, March 3, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Boston SecureWorld(Boston, Massachusetts, USA, March 4 - 5, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Mercury Proposers' Day Conference(IARPA1, Washington, DC, March 5, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Mercury Program on March 5, in anticipation of the release of a new solicitation in support of...
OISC: Ohio Information Security Conference(Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference...
RiSK Conference 2015(Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region.
B-Sides Vancouver(Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between
Insider Threat 2015 Summit(Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...
2015 North Dakota Cyber Security Conference(Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...
Philadelphia SecureWorld(Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
BSides Salt Lake City(Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation
CarolinaCon-11(Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
CYBERWEST: the Southwest Cybersecurity Summit(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Women in Cyber Security(Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.
Automotive Cyber Security Summit(Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...
Insider Threat Symposium & Expo(Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.