Anon Ghost, apparently firmly in ISIS's camp, hacks Malaysian police Facebook and Twitter accounts.
As the US Federal CIO warns that the Government's security "sprint" may well uncover more problems, the scope of the OPM breach continues to sink in. (It will sink in farther as general realization of how many people who never applied for clearances nevertheless had their personally identifiable information compromised on someone else's SF-86.) Consensus among observers is that the breach was the culmination of a long-standing Chinese espionage campaign whose long march into OPM began in several little-attended third-party sites.
Congress will soon hold more hearings on the breach, which has lent impetus to pending cyber security legislation (much of which paradoxically focuses on information sharing). Text of three pending bills is linked below. Director Archuleta's exit in the wake of OPM's breach prompts widespread industry reflection on executives' vulnerability to cyber fails.
The Hacking Team breach has turned up more Flash and Java exploits, some of the former now being exploited, FireEye reports, by Chinese criminal gangs. Adobe is working to patch Flash, but Mozilla (which has now blocked Flash by default in its Firefox browser) and Facebook seem to think Flash ultimately unfixable.
Telegram, a "security-enhanced chat app," is in the midst of a days-long denial-of-service attack on its Asia-Pacific service. No attribution yet, but Quartz thinks it significant that the DDoS campaign coincides with a Chinese crackdown on human rights attorneys.
A minor mystery: Rhino Security has withdrawn ProxyHam, for unclear reasons.
Today's issue includes events affecting Australia, Brunei, Canada, China, Ethiopia, Germany, India, Malaysia, Morocco, Nigeria, Pakistan, Qatar, Romania, Sudan, Turkey, Turkmenistan, United Arab Emirates, United Kingdom, United States.
Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems(TrendLabs Security Intelligence Blog) The dissection of the data from the Hacking Team leak has yielded another critical discovery: Hacking Team uses a UEFI BIOS rootkit to keep their Remote Control System (RCS) agent installed in their targets' systems. This means that even if the user formats the hard disk, reinstalls the OS, and even buys a new hard disk, the agents are implanted after Microsoft Windows is up and running
Revisiting The Bunitu Trojan(Malwarebytes Unpacked) This post describes the infection process of the latest version of the Bunitu Proxy Trojan as seen delivered by the Neutrino Exploit Kit via a malvertising campaign
Is Cognitive Biometrics a Retailer's Best Friend?(PYMNTS) The problem with security of all kinds is best typified by an experience anyone reading this can relate to — going through the security lines at the airport. After September 11, there are exactly zero adults in the United States who do not understand the extraordinary importance of properly screening people before we let them board a pressurized, jet-fuel packed, aluminum tube that blasts through the air at ~500 miles per hour — since the consequences of insufficiently doing so are quite catastrophic
14 Security Fails That Cost Executives Their Jobs(Dark Reading) Katherine Archuleta, the director of the Office of Personnel Management, is the latest casualty of a data breach, but she's certainly not the only one. There's no job security when your job is security
TrapX Security raises $9 million in Series B funding(Tech Bulletin) TrapX Security Inc, deception-based cyber security firm has raised $9 million in Series B round of funding led by investors Intel Capital and Liberty Venture Capital along with existing investors BRM Group and Opus Capital
Hacking Team Promises to Rebuild Controversial Surveillance Software(Threatpost) The aftermath of the Hacking Team attack raised legitimate questions about the controversial Italian surveillance software vendor's long-term viability. With reams of sensitive internal data and intellectual property posted online, how could the company survive?
Has FireEye Run Out Of Steam?(Seeking Alpha) With the growth of cloud computing, cyber attacks are expected to increase rapidly. FireEye offers innovative solutions to cyber attacks and is spending heavily on new innovations. I've discussed below the reason why investors shouldn't be worried about the company's inability to report a profit. The company's focus on increasing market share will lead to long-term profits. The risk-reward ratio is in FireEye's favor and I think the stock is still a buy
JPMorgan: Palo Alto can more than triple market share by 2024(Seeking Alpha) Palo Alto Networks (NYSE:PANW) can grow its market share from a current 7% to 24% by 2024 "as companies large and small continue to migrate their network security over to next-generation firewalls — a trend we estimate is only half done," writes JPMorgan's Sterline Auty, launching coverage with an Overweight rating and $216 target
Healthcare needs more IT security pros — stat(CIO) Technology is bringing amazing changes to the healthcare industry, but it's also bringing the need for more IT security professionals. What's causing this lack of talent and if you're a security pro, how can you land a job in this growing field?
Cyber security firm in Clearwater hiring for 30 jobs(83DegreesMedia) A cyber security firm in Clearwater is expanding, recently relocating to a new office space to house the employees they plan to hire this year. ThreatTrack, which provides cyber threat prevention solutions to organizations to avoid and respond to cyber attacks, is experiencing growth due to the need for online security solutions
Splunk Provides Adaptive, Operational Intelligence(Forbes) A Security Operations Center (SOC) typically monitors the internal network data while Security Incident and Event Management (SIEM) provides a dashboard view with bit more control of the alerts generated by the applications and systems hardware. Often these are both reactive activities, notifying system admins only when something has already gone wrong. But what if you could anticipate a problem, and based on the data, create new and better rulesets on the fly? In that way Splunk, a big data company that seeks to provide security intelligence, is like a SIEM on steroids
Bitdefender Box — The Perfect Security Solution for Your Home Network(Social Barrel) We've all seen futuristic movies that feature cool gadgets, interconnected appliances and give you a sneak peek into what the future technology might be capable of. The possibilities are endless, and the benefits go beyond perception. If only all of that was possible!
Searching the Enterprise for Known Indicators of Breach(Tripwire: the State of Security) Given the recent high-profile breaches, a key challenge facing government agencies and other security-minded organizations is rooting out malware that has already become embedded on key assets
Technologies, Techniques, and Standards
Why CTO's should enforce adblocking on their networks(ITsecurity) Recent research from Simon Fraser University in British Columbia has illustrated that blocking advertising on their enterprise network cut bandwidth usage by 25-40%. They used AdblockPlus, the most popular browser plugin in the world, for a period of six weeks and actively recorded how it impacted network traffic and bandwidth consumption
Mobile SSL failures: More common than they should be(Help Net Security) Securing your mobile application traffic is apparently more difficult than it should be, as researchers Anthony Trummer and Tushar Dalvi discovered when looking into SSL/TLS usage on the Android operating system and applications, as well as on iOS and Windows 8 mobile
SSL/TLS certificates beginner's tutorial(talPor Solutions) This is a beginner's tutorial on SSL certificates (which by now should be called TLS certificates, but old habits die hard). I'll cover both how they function, and how to create a SSl/TLS certificate using OpenSSL, either self-signed or signed by a CA
Why webcam indicator lights are lousy privacy safeguards(Christian Science Monitor Passcode) A recent academic study found that few computer users notice indicator lights and even fewer realize that the camera is always recording when the light is on. The lack of awareness, say researchers, makes people more vulnerable to webcam spying
Camp Teaches Teens To Solve Cyber Crimes(WBUR) Teenagers around the country have the opportunity this summer to learn to solve crimes in cyber space. The "gen-cyber" camps are run by the National Security Agency, which is hoping to train the next generation of cybersecurity experts
Thoughts on Encryption and Going Dark, Part II: The Debate on the Merits(Lawfare) On Thursday, I described the surprisingly warm reception FBI Director James Comey got in the Senate this week with his warning that the FBI was "going dark" because of end-to-end encryption. In this post, I want to take on the merits of the renewed encryption debate, which seem to me complicated and multi-faceted and not all pushing in the same direction
Build a cyber plan now(Federal Times) Unfortunately for Office of Personnel Management Director Katherine Archuleta, she was at the switch when one of the biggest hacks to hit the federal government occurred late last year and early this year. It surprised no one when she resigned July 10
Federal Cybersecurity Needs Improvement(Politico) Cybersecurity is a top priority for me, for President Barack Obama and for this administration. It is my personal mission to significantly enhance the Department of Homeland Security's role in the cybersecurity of this nation
Threat Intelligence Sharing Legislation Gains Momentum(Dark Matters) Three pieces of proposed legislation to create platforms for information sharing between the private sector and the federal government are currently making the rounds on Capitol Hill — two in the House and one in the Senate — but it is still unclear what form a final bill will take
H. R. 1560(114th Congress) An act to improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, to amend the Homeland Security Act of 2002 to enhance multi-directional sharing of information related to cybersecurity risks and strengthen privacy and civil liberties protections, and for other purposes
H. R. 1731 [Report No. 114–83](114th Congress) To amend the Homeland Security Act of 2002 to enhance multi-directional sharing of information related to cybersecurity risks and strengthen privacy and civil liberties protections, and for other purposes
S. 754(114th Congress) To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes
Litigation, Investigation, and Law Enforcement
OPM data breach to be subject of hearings(Military Times) Members of the House Armed Services Committee will look into the military and national security impact of the recent data breach at the Office of Personnel Management, calling the reports so far "staggering and unacceptable"
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
SINET 16 Application Deadline(San Francisco, California, USA, July 17, 2015) Innovative solutions frequently come from new and small companies. Our goal is to provide entrepreneurs from all over the world an opportunity to increase their product awareness to a select audience of...
Securing Your Digital Assets(New York, New York, USA, July 14, 2015) Privacy and data security are a growing concern across all industries, and any breach of corporate or personal digital assets threatens financial and reputational harm. With all of the news and educational...
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
The APTs are coming(New York, New York, USA, July 21, 2015) With cyberespionage and Advanced Persistent Threats (APTs) on the rise, it's important to understand today's threat landscape-and the ways you can keep your company safe. Join LIFARS, Kaspersky Lab, Cyphort,...
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.