ISIS information operations worry governments as evidence of online recruiting and command-and-control success continues to accumulate. Afghanistan's president warns against underestimating ISIS, and a piece in Foreign Policy speculates about how the US might counter the Caliphate's messaging (by emulating aspects of Russian and Chinese operations).
Fingerprints lost in the OPM breach (and no one's yet sure whose, or how many were taken) are called a "counterintelligence disaster" and "battle[space] preparation." OPM has a new Director: she faces both an enormous cleanup challenge and a Congress in a do-something-now mood.
A smaller, different breach (data lost through mishandling in transit) affects current and former soldiers of the US Army Reserve National Guard.
Chinese hackers of uncertain provenance phish US Government personnel and reel them in with a Flash zero-day.
A new version of the Dyre banking Trojan infests Spanish networks.
TeslaCrypt evolves into a more dangerous form even as researchers tell BlackHat that most ransomware remains, truth be told, pretty dumb. Dumb, but dangerous.
SSL redirects show up in malvertising.
Malwarebytes says that affinity marketing has become a leading distributor of PUPs (potentially unwanted programs).
Acunetix looks at business websites and doesn't at all like what it finds: half of them would flunk a PCI standards check.
Systems administrators are dealing with patches from Oracle, Abode, and Microsoft, some of which close vulnerabilities disclosed in the Hacking Team breach. SAP has also patched. BT Security gives Land Rover high marks for its handling of a recall for automotive software bugs.
Today's issue includes events affecting Afghanistan, Australia, Bosnia, Brazil, China, Colombia, Denmark, European Union, Germany, India, Iran, Iraq, Italy, Japan, Democratic Peoples Republic of Korea, Netherlands, New Zealand, Romania, Russia, Saudi Arabia, Serbia, Spain, Sweden, Syria, United Kingdom, United States, and Vietnam.
FBI agent weighs in on threat of terrorism in heartland(KETV) As the airstrikes continue against ISIS targets, there is a growing trend the FBI in Omaha finds troubling. "One of the reasons is that Isis is taking the utilization of the Internet to a new level as far as recruitment of people across the world," FBI Special Agent in Charge Thomas Metz said
A Few Good Twitter Trolls(Foreign Policy) Why the United States needs to take a page from the Chinese and Russian playbooks when it comes to combating the Islamic State online
New Version of Teslacrypt Changes Encryption Scheme(Threatpost) A new version of the nasty TeslaCrypt ransomware is making the rounds, and the creators have added several new features, including an improved encryption scheme and some details designed to mimic CryptoWall
Most Ransomware's Not So Bad(Dark Reading) Although some ransomware is getting smarter and scarier, most of it is pretty dumb, as one researcher will show at Black Hat
PUP makers, Digital Snake Oil Part 3(Malwarebytes Unpacked) But wait, there's more! We have explained our recent changes to our PUP classification, where we have decided to include Registry Cleaners and Driver Updaters behaving aggressively
Current, former Guard members warned of data breach(Army Times) A recent security breach that may have involved Social Security numbers, home addresses and other personal information belonging to more than 850,000 current and former Army National Guard members was caused by an improperly handled data transfer, not hackers, a spokesman said Tuesday
Customers of Anthem say ID theft proliferating(Indianapolis Business Journal) Anthem Inc.'s massive data breach reported early this year is now generating real cases of identity theft, according to allegations in a small but growing number of lawsuits filed across the country
Security Patches, Mitigations, and Software Updates
Oracle Critical Patch Update Advisory — July 2015(Oracle) A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes
Security update available for Adobe Shockwave Player(Adobe Security Bulletin) CVE number: CVE-2015-5120, CVE-2015-5121. Platform: Windows and Macintosh. Adobe has released a security update for Adobe Shockwave Player for Windows and Macintosh. This update addresses critical vulnerabilities that could potentially allow an attacker to take control of the affected system
Security updates available for Adobe Flash Player(Adobe Security Bulletin) Vulnerability identifier: APSB15-18. CVE number: CVE-2015-5122, CVE-2015-5123. Platform: Windows, Macintosh and Linux. Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly
SAP Security Notes July 2015(ERPScan) SAP has released the monthly critical patch update for July 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong in the SAP HANA security area. The most popular vulnerability is Missing Authorization Check
Why Cybersecurity Leadership Must Start At The Top(Forbes) If the past year has shown us anything, it's that companies should no longer ask if they are going to be hacked and instead when. With every company becoming digital, the pace of change is only accelerating and our ability to make the right decisions on cybersecurity needs to move even faster. Some estimate that between $9 and $21 trillion of global economic value creation could be at risk if companies and governments are unable to successfully combat cyber threats
The soaring cost of malware containment(Help Net Security) Organizations are dealing with nearly 10,000 malware alerts per week, however, only 22% of these are considered reliable, according to a new report from The Ponemon Institute, which surveyed 551 IT and IT security practitioners across EMEA
The most damaging ramifications of DDoS attacks(Help Net Security) More than half of IT security professionals (52 percent) said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, according to a survey conducted at RSA Conference 2015 and Infosecurity Europe 2015 by Corero Network Security
Sixty Percent of Enterprise Application Vulnerabilities Go Unmitigated(Dark Matters) A survey conducted at the recent Gartner Security and Risk Management Summit revealed that two-thirds of the more than 100 senior security professionals queried admit that sixty percent or more of the security vulnerabilities discovered in applications deployed on enterprise networks go unmitigated
NYSE trading halt an insurance coverage wake-up call(Business Insurance) Last week's disruption of the New York Stock Exchange because of an apparent computer glitch may not have had a dramatic impact on the markets, but it should serve as a reminder to companies to examine their insurance coverage should they face similar problems
China's Tsinghua Unigroup Plans $23 Billion Offer for Micron(BloombergBusiness) The investment arm of one of China?s top universities is planning to offer $23 billion for chipmaker Micron Technology Inc., a person familiar with the matter said, in a deal that would be the largest takeover of a foreign firm by a Chinese company. Micron surged in Frankfurt trading
Hacking Team CEO insists tools were not compromised(CSO) The founder of the Italian surveillance software company that suffered a disastrous data breach last week sought to reassure clients on Tuesday about the gravity of the intrusion, insisting that Hacking Team's anti-terrorism work has not been jeopardized
This REIT Is Backed By Cyber Security Properties(Seeking Alpha) Last week, three events made headlines as unintended access shut down critical functions for the New York Stock Exchange, The Wall Street Journal, and United Airlines. There's someone racing around New York City right now on a brand new bicycle thanks to a hack on my by bank account a few months ago. Although COPT is a niche REIT, its unique capabilities enable the company to exploit market knowledge as a local sharpshooter in strategic markets
Products, Services, and Solutions
Who killed Proxyham?(Naked Security) Earlier this month, security researcher Benjamin Caudill unveiled a new, cheap anonymizing device called Proxyham that set the security press a-buzz
New Research Finds Cyber Exploits Can Be Anticipated With an Accuracy of 83%(Recorded Future) Security teams have the daunting task of trying to keep abreast of unpatched and zero-day vulnerabilities inside their organization. With so many threats and exploits in the wild, it?s difficult to know which vulnerabilities will result in an actual exploit and cause harm. Making early assessments can help security managers discover possible threats in advance and prioritize vulnerability management
NSA Releases Systems Integrity Management Tool (SIMP) on GitHub(Softpedia) NSA releases free tools for boosting security protocols. The NSA has released a batch of tools codenamed SIMP (Systems Integrity Management Tool) on a special GitHub account set up just for this, and following their Technology Transfer Program (TTP)
The difficult task of meeting compliance needs(Help Net Security) Compliance is a complex issue in many industries and organizations know all too well that there are major fines and potential punishments for not meeting the laws and regulations. Some major compliance regulations in the United States, including the Health Insurance Portability and Accountability Act (HIPPA), the Control Objectives for Information and Related Technology (COBIT) and Sarbanes Oxley Act (SOX), require businesses to ensure certain standards within their organizations, including protection of data and full disclosure
Researchers build a transistor from a molecule and a few atoms(Phys.org) n international team of physicists has used a scanning tunneling microscope to create a minute transistor consisting of a single molecule and a small number of atoms. The observed transistor action is markedly different from the conventionally expected behavior and could be important for future device technologies as well as for fundamental studies of electron transport in molecular nanostructures
Illinois' Elite Cybersecurity Talent to Participate in U.S. Cyber Challenge Competition This Friday(CSSIA) This Friday, the state's top cybersecurity talent will compete in a cyber-attack and defense competition at the annual US Cyber Challenge (USCC) Cyber Camp hosted at Moraine Valley Community College in Palos Hills, Illinois. This "Capture the Flag" competition is the final skills assessment activity after a week of classes covering such subjects as packet crafting and pen testing. The winners of the competition will win an (ISC)2 scholarship voucher
Should Some Secrets Be Exposed?(CNN via Schneier on Security) Recently, WikiLeaks began publishing over half a million previously secret cables and other documents from the Foreign Ministry of Saudi Arabia. It's a huge trove, and already reporters are writing stories about the highly secretive government
Adopting a Cooperative Global Cyber Security Framework to Mitigate Cyber Threat (Before it's too Late)(Voodoo Technology) The recent OPM cyber breach at the U.S. Government's Office of Personnel Management (OPM) provided a wakeup call to the seriousness and sophistication of the cyber security threat aimed at both the public and private sectors. The fact is that over 43% of companies had breaches last year (including mega companies such as Home Depot, JPMorgan, and Target. Moreover, the intrusion threats are not diminishing. For example, British Petroleum (BP) faces 50,000 attempts at cyber intrusion every day
Lawmakers take aim at accountability in U.S. cybersecurity(C4ISR & Networks) In the wake of the cybersecurity breach at the Office of Personnel Management that exposed sensitive data of more than 22 million people, Congress is looking to shore up federal cybersecurity while also making sure the government is held accountable when things go wrong
What Cobert brings to OPM(FCW) Beth Cobert is leaving her relatively sleepy perch as deputy director for management at the Office of Management and Budget to take over the scandal-wracked Office of Personnel Management
Transcom Nominee Pledges to Address Cyber Concerns(DoD News) President Barack Obama's nominee to be the next commander of U.S. Transportation Command told the Senate Armed Services Committee today that problems in the cyber domain worry him, and that he will emphasize operations to make that domain safer if he's confirmed
Photojournalist Convicted in Data Theft(NL Times) A 22 year old freelance 112 photo journalist from Drunen has been found guilty of computer intrusion after he found login details of a secure system online, used it to log in to the system and then spread the information. The court in Oost-Brabant sentenced him to 80 hours of community service, 40 of which are conditionally suspended
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
SINET 16 Application Deadline(San Francisco, California, USA, July 17, 2015) Innovative solutions frequently come from new and small companies. Our goal is to provide entrepreneurs from all over the world an opportunity to increase their product awareness to a select audience of...
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
The APTs are coming(New York, New York, USA, July 21, 2015) With cyberespionage and Advanced Persistent Threats (APTs) on the rise, it's important to understand today's threat landscape-and the ways you can keep your company safe. Join LIFARS, Kaspersky Lab, Cyphort,...
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.