Hacktivists resume attacks on Canadian government targets to protest both anti-terrorist legislation (Bill C-51) and a teenager's criminal trial on swatting charges. Anonymous had claimed earlier attacks; these (whose targets include CSIS and the Conservative Party) are claimed by "Aerith."
Researchers believe they're discerned the spoor of French intelligence services in "Dino," a file-stealing tool they assign to the Animal Farm exploit family (with "Babar" et al.).
AnonGhost is back, and hacking Jordanian government sites in the purported Palestinian interest.
Cross-purposes in Yemen and Syria increase cyber tensions between Iran and Saudi Arabia.
The US FBI releases information that appears to tie the OPM and Anthem hacks to a common actor (and the "Sakula" malware family). The Daily Beast reports that the US Intelligence Community had been very much aware of the risk OPM databases presented them, and resisted integration of their personnel information into them, but ultimately to little avail. US-CERT warns against OPM-themed phishing scams. Observers call for clear (the more extreme say criminal) accountability.
Tor users are warned that exit nodes may be sniffing their traffic. They're also warned of the alleged existence of cloned and booby-trapped dark web sites.
Fire phone and iPhone users are urged to update OSs — their devices may contain troubling vulnerabilities.
Apple patches QuickTime, Safari, Mac Extensible Firmware Interface (EFI), OS X Yosemite, and iOS.
Amazon Web Services releases an open-source cryptographic module.
Corporate CISOs and the US Army Signal Corps face a common problem: translating cyber risk for their internal customers.
Today's issue includes events affecting Austria, Brazil, Canada, China, European Union, France, Greece, Iran, Jordan, Malaysia, Morocco, Norway, Palestine, Saudi Arabia, Spain, Syria, United Arab Emirates, United Kingdom, United Nations, United States.
Iran and Saudi Arabia Heading Toward A Cyber War?(International Business Times) Iran and Saudi Arabia, regional rivals in the Middle East, may be engaged in cyber warfare, according to a new report by threat intelligence firm Recorded Future. As the two powers vie for influence over the civil wars in Yemen and Syria and regional dominance, Tehran and Riyadh have begun using cyber attacks to release critical intelligence
Spies Warned Feds About OPM Mega-Hack Danger(Daily Beast) U.S. intelligence agencies initially refused to share data with OPM, the now-infamously insecure arm of the government. Then the spies apparently handed over their files anyway
OPM Identity-Protection Phishing Campaigns(US-CERT) US-CERT is aware of phishing campaigns masquerading as emails from the Office of Personnel Management (OPM) or the identity protection firm CSID. For those affected by the recent data breach, the legitimate domain used for accessing identity protection services is
Trusting, lazy humans a common theme in recent security vulnerabilities(CSO) The persistence of a new iOS vulnerability, affecting the estimated one-third of iOS devices that haven't been updated in the past five months, is the latest in a string of vulnerabilities whose discovery by various vendors highlights the ongoing role of careless and unquestioning humans opening the door to potentially damaging vulnerabilities
Reversing Prince Harming's kiss of death(Reverse Engineering Mac OS X) The suspend/resume vulnerability disclosed a few weeks ago (named Prince Harming by Katie Moussouris) turned out to be a zero day. While (I believe) its real world impact is small, it is nonetheless a critical vulnerability and (another) spectacular failure from Apple. It must be noticed that firmware issues are not Apple exclusive. For example, Gigabyte ships their UEFI with the flash always unlocked and other vendors also suffer from all kinds of firmware vulnerabilities
Lordfenix: 20-year-old Brazilian Makes Profit Off Banking Malware(TrendLabs Security Intelligence Blog) A 20-year-old college student whose underground username is Lordfenix has become one of Brazil's top banking malware creators. Lordfenix developed his underground reputation by creating more than a hundred online banking Trojans, each valued at over US$300. Lordfenix is the latest in a string of young and notorious solo cybercriminals we're seeing today
Amazon releases open source cryptographic module(CSO) Potentially saving the world from another online security disaster like last year's Heartbleed, Amazon Web Services has released as open source a cryptographic module for securing sensitive data passing over the Internet
Destructive Cyber Attacks Increase in Frequency, Sophistication(SIGNAL) A more diverse group of players is generating a growing threat toward all elements of the critical infrastructure through cyberspace. New capabilities have stocked the arsenals of cybermarauders, who now are displaying a greater variety of motives and desired effects as they target governments, power plants, financial services and other vulnerable sites
US still lags on chip and pin for card security(SC Magazine) More than a decade after Europe and much of the rest of the world moved to Chip and Pin credit card authentication, Jerome Powell, speaking at a US Federal Reserve Bank of Kansas City conference, called EMV card deployment a step forward but questioned the security of cards that still use signatures, not PINs, for authentication
Why vulnerability disclosure shouldn't be a marketing tool(Help Net Security) There have been many arguments within the security community on how researchers should disclose the existence of a security vulnerability. Some argue that full disclosure is the best approach as it makes defenders aware of the security issue and they can take steps to reduce their exposure to it. Full disclosure advocates also say that this approach embarrasses large corporates and motivates them into taking action to address the security vulnerability
IT Pros Believe Cyberattacks Are Under-reported(Infosecurity Magazine) Despite devastating cyber-attacks being reported daily in today's media, most IT professionals believe that the true state of affairs is being significantly underreported
5 Ways Lax Security Makes Small Businesses Cyber-Morsels for Computer Criminals(Entrepreneur) Most small businesses don't have the budget, expertise, staff or time to manage security programs on their own. It's a longstanding problem, as pointed out in a survey of small businesses conducted by the Ponemon Institute, which found that 55 percent of respondents experienced a data breach in 2013 and 53 percent of those experienced more than one breach in the same year
Bromium Survey Finds Increased Concern About Legacy Solutions and Users Among InfoSec Pros(Virtual Strategy Magazine) Bromium®, Inc., the pioneer of threat isolation to prevent data breaches, today announced the results of a new survey, "Enterprise Security Confidence Report." For the survey, more than 125 information security professionals were asked about the greatest risks facing organizations today and the effectiveness of different solutions and architectures. The results show that while concern for end-user risk persists, confidence is waning in traditional detection-based security solutions, such as antivirus and firewalls. Instead, interest is shifting toward prevention-based security solutions, such as endpoint threat isolation
What We Call Security Isn't Really Security(Dark Matters) You put in your login and your password. Then you do it again but a different way. Maybe this time it sends you an unencrypted SMS. Or maybe you need to look up some numbers on a card you have
Security concerns continue to dog the cloud industry(Help Net Security) Executives at major North American companies believe conventional network security solutions aren't enough to protect their cloud computing environments, especially when it comes to visibility into impending cyber attacks
Worldwide IT spending to decline 5.5 percent in 2015(Help Net Security) Worldwide IT spending is on pace to total $3.5 trillion in 2015, a 5.5 percent decline from 2014, according to the latest forecast by Gartner, Inc. Analysts attribute the decline to the rising U.S. dollar. In constant-currency terms, the market is projected to grow 2.5 percent
Cisco buys cloud security firm OpenDNS for $635 million(F.Business) Cisco Systems Inc said on Tuesday it would buy OpenDNS, a privately held cloud-based security firm, for $635 million, the latest move to boost its security business as cyber attacks increase in number and sophistication
Synopsys Buys Elliptic to Expand Security Product Portfolio(Zacks Equity Research) Synopsys Inc. (SNPS - Analyst Report) recently announced the buyout of Elliptic Technologies, in keeping with its strategy of growing through acquisitions. Elliptic is a leading provider of security IP cores and software solutions that address a wide range of security requirements for applications including mobile, automotive, digital home, Internet of Things and cloud computing. However, the financial terms of the deal have not been disclosed
Distil Networks' $21M Round Signals a 'Meteoric Rise' in Cybersecurity(DCInno) Arlington, Va.-based cybersecurity firm Distil Networks has raised a $21 million Series B led by a new investor, Bessemer Venture Partners. The funding round represents yet another milestone for Distil Networks, which has experienced "a meteoric rise" in growth since being founded in 2011, Distil Networks CEO and co-founder Rami Essaid told DC Inno. Distil has raised $38 million to date from investors including local firm Militello Capital
AXON Ghost Sentinel to invest $1.5 million to expand cybersecurity operation in Harrisonburg(Axon Ghost Sentinel) Governor Terry McAuliffe announced today that AXON Ghost Sentinel, Inc. (AGS), a portfolio company of AXON Connected, LLC that provides swarm-based cybersecurity products, will invest $1.5 million to expand its operation in the City of Harrisonburg. Virginia successfully competed against Michigan and New Jersey for the project, which will create 29 new jobs paying well above the average prevailing wage in the region
Will Red Hat Enter the Security Market?(eSecurity Planet) Red Hat CEO Jim Whitehurst discusses the role that security plays at the Linux vendor and whether it's a business he plans on entering with a new product
GlobalFoundries gets go-ahead for IBM acquisition(WCAX) Big Blue's big deal is almost a done deal. IBM is paying GlobalFoundries $1.5 billion to take its chipmaking division off its hands. GlobalFoundries is financially backed by the government of Abu Dhabi and needed government clearance
Hexis Cyber Solutions' Strategic Executive Changes Prepare Company for Increased Market Opportunity and Corporate Growth(The Wall Street Transcript) Hexis Cyber Solutions, Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, today welcomes Jan Manning as the company's Vice President of IT Operations. The company is also pleased to appoint Chris Carlson as its new Vice President of Product Management, HawkEye G. These organizational changes, coupled with strong industry demand for innovative cybersecurity solutions, help to position Hexis for growth and demonstrate the company's commitment to innovation and customer success in combating sophisticated threats
Leidos Named Managed Security Services Provider for RSA Security(IT Business Net) Leidos (NYSE: LDOS), a national security, health and engineering solutions company, and RSA, The Security Division of EMC (NYSE: EMC), have joined forces to deliver security solutions through managed security service offerings for their joint customers
This Online Anonymity Box Puts You a Mile Away from Your IP Address(Wired) In the game of anonymity-versus-surveillance online, the discovery of the user's IP address usually means game over. But if Ben Caudill has his way, a network snoop who successfully hunts a user through layers of proxy connections to a final IP address would be met with a dead end — while the anonymous user remains safe at home more than a mile away
NIST revises security publication on random number generation(Help Net Security) In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for generating random numbers, a crucial element in protecting private messages and other types of electronic data. The action implements changes to the methods that were proposed by NIST last year in a draft document issued for public comment
Cyber UL Could Become Reality Under Leadership of Hacker Mudge(Threatpost) One of the longstanding problems in security — and the software industry in general — is the lack of any universally acknowledged authority on quality and reliability. But the industry moved one step closer to making such a clearinghouse a reality this week when Peiter Zatko, a longtime researcher and hacker better known as Mudge in security circles, announced he's leaving Google to start an initiative designed to be a cyber version of Underwriters' Laboratory
Enhancing Resilience Through Cyber Incident Data Sharing and Analysis: The Value Proposition for a Cyber Incident Data Repository(Department of Homeland Security) This paper outlines the potential benefits of a trusted cyber incident data repository that enterprise risk owners and insurers could use to anonymously share, store, aggregate, and analyze sensitive cyber incident data. Optimally, such a repository could enable a novel information sharing capability among the Federal government, enterprise risk owners, and insurers that increases shared awareness about current and historical cyber risk conditions and helps identify longer-term cyber risk trends
The Future of Mobile Forensics(Belkasoft Reasearch via Forensic Focus) Most would agree that the golden age of mobile forensics is over. There is no longer an easy way to get through the passcode in new iOS devices running the latest version of iOS. Chip-off acquisition is dead for iOS devices due to full-disk encryption, while physical acquisition of Apple hardware is dead since the introduction of 64-bit devices and versions of iOS 8 that cannot be jailbroken. Blackberries were highly resistant to chip-off acquisition from the beginning, and Android is getting there quickly. In this whitepaper, we will look into the current state of mobile forensics for the different platforms and devices, analyze current trends and attempt to predict how mobile forensics will look in the years ahead
Considerations in Drafting Limitations of Liability for Data Breaches(JDSupra) Until very recently, it was considered matter of course in a services agreement for any data disclosure or loss, regardless of cause, to be excluded from any and all limitations of the vendor's liability. However, as data breaches continue to change the risk landscape of the business world, third-party vendors increasingly insist on limiting their liability for damages related to data breaches. In light of this, many transactions now include a "super cap" — a separate, higher limitation of liability specifically setting forth the circumstances, types of damages, and amount of damages for which a vendor may be liable in the event of a data breach
Design and Innovation
Cybersecurity's future will require humans and machines to work symbiotically(VentureBeat) In yesterday's world of enterprise security, there were a few well-known points of weakness for the bad guys to target in their attacks, which made defending against threats, well, much simpler. But today's mobile and cloud-enabled world offers thousands, if not millions, of touch points for attacks
Why security must be top focus of mHealth wearable data exchange strategy(FierceMobileHealthcare) The explosive growth of mHealth wearables, illustrated by Fitbit's recent IPO and the debut of Apple's Watch earlier this year, isn't happening without serious worries about user security. To that end, providers and payers must put security front-and-center before allowing data exchange from patient and consumer devices, according to a security expert
Arbor Networks Secures Three New Patents for DDoS Detection & Mitigation(Press Release Point) Arbor Networks, Inc., a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, today announced three additional patents for different aspects of DDoS attack detection and mitigation. Arbor has now secured 25 patents focused on DDoS defense
It's Time to Shutter The President's Intelligence Advisory Board(Overt Action) The latest on the Office of Personnel Management's data breach is staggering, with some 18 million federal employees affected by the attack. Director of National Intelligence James Clapper minced no words: he called China as the "leading suspect" in the massive digital assault on U.S. government computers. But absent from the public discussion is what exactly the President thinks on this issue — and what the assessment was of his dedicated intelligence advisory board
America's cyber sentinel asleep on guard duty(CNN) During the past few weeks, much of the nation was mesmerized by the daring escape of two convicted murderers from a maximum-security prison in upstate New York. The saga ended with one of the fugitives dead from gunshot wounds while the other convict is in custody recovering from wounds of his own. Two prison employees have been charged with aiding and abetting in the escape
District Attorney’s Office to hold press conference on child cyber crimes sting(Courier of Montgomery County) The Montgomery County Internet Crime Against Children Task Force (ICAC) is completing an extended period of sting operations where more than 25 individuals were arrested for alleged felony offenses of soliciting minors online, child pornography possession and other related charges, officials said
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cyber Security Europe(London, England, UK, October 7 - 8, 2015) Cyber Security Europe will host the latest cyber security experts to speak on the topics risking the future of our businesses, and provide access to the latest technology innovators who provide the leading...
DevSecCon(London, England, UK, October 22, 2015) DevSecCon is a newly formed, non-profit conference for DevOps and SecOps practitioners, run by practitioners. By creating a neutral platform, we will exchange and create new ideas on how to leverage the...
NSA Information Assurance Symposium (IAS) 2015(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
US News STEM Solutions: the National Leadership Conference(San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...
Information Assurance Symposium(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Cyber Security for Healthcare Summit(Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.