A new Jihadist online presence caters to foreign fighters coming to Syria. Reviews call it very slick, but the perceived need for a social media reboot may suggest some shaky ISIS messaging (and failure to meet expectations). The UK's PM Cameron announces a major anti-radicalization initiative: it too will operate to a significant extent online. US police get advice on developing threat intelligence from online sources.
A contractor processing visa services for the UK's Home Office inadvertently releases applicants' personal data.
Anonymous goes after Canada's RCMP and succeeds in crashing one of the Mounties' sites.
Elsewhere in Canada, the adultery impresarios at AshleyMadison's parent company work to secure their clients' data. Legal observers expect lots of action: in addition to "the standard class action suits" (as Legaltech News calls them), they're on the qui vive for a spike in divorce filings.
Zero-days exposed in the HackingTeam incident surface in attacks against targets in Japan. Italian police continue to investigate former employees of the lawful-intercept shop, and observers speculate that both the HackingTeam and AshleyMadison affairs offer lessons on insider threats.
Microsoft pushes out a critical Windows patch to close a vulnerability exposed by the HackingTeam breach.
Chatham House offers a contrarian take on cyber threats: cyberspace, their study says, is less dangerous than the FUD would have you believe.
Insurance, accounting, and cyber security companies offer perspective on how boards should manage cyber risk.
Comments on US Wassenaar implementation closed yesterday, with many stakeholders serving up a lot of skepticism.
Today's issue includes events affecting Canada, China, Colombia, European Union, Iraq, Israel, Japan, Mexico, Russia, Sudan, Syria, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
Jihadist front established to represent foreign fighters in Syria(Long War Journal) In mid-June, a new jihadist brand appeared online. "Al Muhajirun," which claims to represent fighters who have emigrated to Syria to wage jihad, posted its first statement in several languages on Twitter. The message makes it clear that Al Muhajirun is not a new organization, but instead represents "a community" of foreign fighters "from different groups and with different interests united in order to show the ummah [community of worldwide Muslims] the true face of the muhajirun [emigrant helpers], the mujahideen and jihad"
Global Cyberspace Is Safer than You Think: Real Trends in Cybercrime(Chatham House) What are the real trends in cybercrime? Recent media coverage has been rife with stories of large-scale data breaches, hacks and online financial crime. Information technology (IT) security firms such as Norton Symantec and Kaspersky Labs publish yearly reports that generally show the security of cyberspace to be poor and often getting worse. This paper argues that the level of security in cyberspace is actually far better than the picture described by media accounts and IT security reports
Are IT pros overconfident in their ability to deflect attacks?(Help Net Security) IT executives within critical infrastructure organizations see a need for public-private threat intelligence sharing partnerships (86% of respondents) to keep pace with escalating cybersecurity threats, according to a survey by The Aspen Institute and Intel Security
CISO Role Still in Flux: Despite Small Gains, CISOs Face an Uphill Battle in the C-Suite(ThreatTrack Security) Compared to a year ago, CISOs have gained some respect in terms of perceived leadership qualities, but C-level executives still can't shake the temptation to use the role primarily as a scapegoat for data breaches. And though cybersecurity expertise is welcome on corporate boards, CISOs still have work to do in asserting themselves within the corporate structure
CISOs Caught In A Catch-22(Dark Reading) Chief information security officers are considered 'accountable' for breaches while not always in charge of all infosec strategy and purchases, new report shows
IT Security — An Escalation of Commitment(Tripwire: the State of Security) Recently, I was talking to one of our customers about how IT Security has evolved in the last 20 years. The conversation reminded me of 'Escalation of Commitment,' a topic studied both in Economics and Psychology
Escalation of Commitment Part 2: Three Possible Scenarios(Tripwire: the State of Security) Following from a recent post on 'Escalation of Commitment', a topic studied by both Economists and Psychologist, I could not resist writing a follow-up to explore the consequences for third parties that do not have the preparation and/or resources of the parties involved in scenarios of escalation of commitment in the IT security field
So You Want To Play The Cybersecurity Sector Right Now…(Benzinga) Yet another cybersecurity company entered the public sector on Friday. Rapid7 — which boasts more than 3,900 customers across 90 countries — provides IT security data and analytics software and services to help organization reduce the risk of a breach, detect and respond to attacks and building effective IT security programs
Palo Alto Grows To New Heights(Seeking Alpha) Palo Alto's 2014 results showcased continued success. The firm added 5,300 customers, revenue grew 51%, and the company closed its first acquisitions in its history during the period
FireMon Taps New CEO as Jody Brazil Steps Down(The VAR Guy) Security intelligence solution provider FireMon announced that company co-founder Jody Brazil has stepped down from his role as CEO, and has been replaced by newly minted president and COO Jim Lewandowski
Products, Services, and Solutions
Cylance Announces FedRAMP Accreditation(Marketwired) Latest certification makes Cylance a partner-of-choice to help organizations comply with Federal third party guidelines and assess security risks associated with cloud computing
The Post-Breach Challenge: The Scarcity of Proactive Hunters(Cybereason) Over the last two decades, most of the security industry has focused on deploying layers of technology that try to prevent hackers from getting in. But the last two years have shown that even the most secured organizations can be hacked, and firms have begun to realize that network penetration by a hacker is inevitable
4 Ways to Engage Executives in Cyber Risk(Wall Street Journal) A survey of retail executives shows many retailers making progress toward strengthening their cyber risk management programs, though they (along with their peers in other industries) could still benefit from improved governance and engagement with business leaders
You're online. What's your risk?(CyberPoint Risk Analytics Blog) What's your risk? If cyber attacks are inevitable, how do you predict (and mitigate) your potential loss? By consensus, the conventional wisdom is that effectively surviving and prospering in cyberspace depends on sound risk management. That, of course, in turn depends upon some credible method of estimating, and quantifying risk
Remember to Lock the Front Door With Identity Governance(IBM Security Intelligence) Make no mistake: In virtually every environment around the world, someone has access to data or applications that they should not have access to. And without the proper identity governance in place, this inappropriate access poses a security risk
Dark Web(Congressional Research Service) Beyond the Internet content that many can easily access online lies another layer — indeed a much larger layer — of material that is not accessed through a traditional online search. As experts have noted, "[s]earching on the Internet today can be compared to dragging a net across the surface of the ocean. While a great deal may be caught in the net, there is still a wealth of information that is deep, and therefore, missed." This deep area of the Internet, or the Deep Web, is characterized by the unknown — unknown breadth, depth, content, and users
Opinion: The value of unmasking Tor's dark side(Christian Science Monitor Passcode) The identity shrouding Tor browser is a godsend for many people — including criminals — trying to avoid detection online. But using it doesn't erase everyone's digital footprints, giving researchers many clues for hunting down Tor's more nefarious users
Breaking Up, Breaking In? Sensitive Data and the Ex-Employee(IBM Security Intelligence) Relationships end. In some cases, it's a mutual decision; in others, one party decides things simply aren't working and decides it's time to part ways. Companies go through this time and time again with employees. But as noted by SecurityWeek, reporting on recent Centrify survey data, more than half of IT leaders believe it's easy for ex-employees to access sensitive data with old usernames and passwords. Breaking up is hard enough — how do companies ensure total separation?
The NYSE system crash was an infosec incident(Help Net Security) On Wednesday, July 8, a number of information systems suffered "glitches," causing speculation that the US may be under a coordinated cyber attack. In the morning, United Airline grounded more than a thousand flights due to computer issues; around noon, the New York Stock Exchange (NYSE) suspended trading due to a "technical issue;" shortly after, the Wall Street Journal's (WSJ) website went down; and during all this, the New York subway had train issues, and thousands of customers in D.C. lost power. It must be the Cyber Armageddon, right?
About LongTail(LongTail) LongTail is a program that analyzes ssh brute force attacks and statistically quantifies them based on IP addresses used, Accounts, passwords, AND account/password pairs, and (what nobody else is doing at the moment) analyzing attack patterns for commonality and number of times used
Searching Through the VirusTotal Database(Internet Storm Center) Now that my overview of Sysinternals tools with VirusTotal support is complete (Process Explorer, Autoruns and Sigcheck), let's address a couple of remarks I received (BTW, if I missed a Sysinternals tools, let me know with a comment)
Intelligence-Driven IAM: The Perfect Recipe(RSA Speaking of Security) Another day, another breach, right? It's almost like we've started to become desensitized to them. But, as a security professional, I want to implore upon you the importance of every single breach — no matter how large or small. They all can cause negative consequences — on the corporation whose share price plummets, or on the guy who sits in the cube next to you whose records were compromised
Do Not Track 2.0(Privacy Perspectives) Earlier this week, the World Wide Web Consortium (W3C) announced another major milestone in the standardization of Do Not Track. Most notably, the technical mechanism will soon be certified for widespread implementation
Research and Development
IARPA funds program to predict next wave of cyberattacks(Federal Times) To-date, cybersecurity has largely been reactionary — stopping infiltrators before they can do too much damage to a system. A new initiative from the Intelligence Advanced Research Projects Agency is trying to get ahead of the next attack by combining traditional security techniques with information culled from unconventional sources to block currently unknown threats
Concerns about the Department of Commerce's Proposed Export Rule under the Wassenaar Arrangement(Cisco Blogs) Today, Cisco filed comments on a Proposed Rule published by the Department of Commerce's Bureau of Industry and Security (BIS) in an effort to comply with an international agreement called the Wassenaar Arrangement. The proposal would regulate a wide array of technologies used in security research as controlled exports, in the same manner as if they were munitions. Cisco, along with many other stakeholders in the cybersecurity research field, has identified a number of significant concerns that we believe require BIS to revisit the text of the Proposed Rule
Langevin Letter Addresses Export Controls on Cybersecurity Software(Congressman Jim Langevin) Congressman Jim Langevin (D-RI), a senior member of the House Committee on Homeland Security and its Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, submitted public comments to the Bureau of Industry and Security (BIS) at the Department of Commerce in regard to the Wassenaar Arrangement on international export controls. The proposed rule, issued on May 20, would govern the export of "intrusion software," which was added to the list of controlled technologies by the Wassenaar Arrangement Plenary in 2013
U.S. vs. Hackers: Still Lopsided Despite Years of Warnings and a Recent Push(New York Times) In the month since a devastating computer systems breach at the Office of Personnel Management, digital Swat teams have been racing to plug the most glaring security holes in government computer networks and prevent another embarrassing theft of personal information, financial data and national security secrets
The OPM Cyber Blunder is America's Fault, not China's(War on the Rocks) America has been abuzz about the new revelations about OPM's incredible loss of personal data — it's being called a "hack," the "biggest cyberattack in U.S. history." Though the number of personnel compromised is said to reach 21.5 million, that total will increase exponentially due to the information about friends, family, and associates contained in each of those investigations. It is an incredible defeat for America
Shared services: A key part of a 21st century federal cyber strategy(Federal News Radio) The headlines have said it all: "OPM's archaic IT infrastructure opened door for massive data breach" and invited "the ultimate wake-up call." While Pearl Harbor and 9/11 analogies are strained, it cannot be denied that this stealth attack caught the government completely off-guard and flat-footed
The Challenges Facing Computer Security Incident Response Teams(Council on Foreign Relations) In mid-June, the German parliament scrambled to repel the worst cyberattack in its history. Meanwhile, 800 IT security experts and members of Computer Security Incident Response Teams (CSIRTs) from around the world met just a few blocks away at the annual meeting of the Forum for Incident Response and Security Teams (FIRST). Responding to attacks like the one against the Bundestag is at the core of a CSIRTs' daily tasks. As cybersecurity has become a core strategic interest for companies and governments alike, there is a growing need to safeguard CSIRTs' operational independence from other political objectives and strengthen them as a neutral pillar of global cybersecurity
Army's Electronic Warfare Cupboard Is Bare: No Jammer Until 2023(Breaking Defense) The US Army is struggling to fund the increasingly crucial capabilities it fields for electronic warfare, which it largely abandoned after the Soviet Union fell. The Army has over 32,000 short-range defensive jammers to stop roadside bombs, but on current plans, it won't have an offensive jammer until 2023
Homeland Security Leaders Bent Rules on Private E-Mail(BloombergReview) Jeh Johnson, the secretary of homeland security, and 28 of his senior staffers have been using private Web-based e-mail from their work computers for over a year, a practice criticized by cybersecurity experts and advocates of government transparency
Hackers Gain Access to Extramarital Dating Databases(Legaltech News) Few things in life are as private as our romantic entanglements. So with hackers announcing they've made off with as many as 37 million records from the parent company of extramarital dating site AshleyMadison.com, you can be sure there are plenty of people sweating over the potential fallout…If hackers are successful in leaking Avid Life Media user information, legal action stemming from the breach is inevitable. That's likely to include not only the standard class action against the breach victims, but probably an uptick in divorce filings as well
Neiman Marcus Customer Card Data Breach Suit Given New Life(BloombergBusiness) Neiman Marcus Group LLC must face a proposed class action in which the high-end retailer is accused of failing to protect customers from computer hackers who stole credit and debit card information, an appeals court ruled, saying a judge decided too soon that the victims didn't have a case
First International Conference on Anti-Cybercrime (ICACC-2015)(Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
The APTs are coming(New York, New York, USA, July 21, 2015) With cyberespionage and Advanced Persistent Threats (APTs) on the rise, it's important to understand today's threat landscape-and the ways you can keep your company safe. Join LIFARS, Kaspersky Lab, Cyphort,...
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
PragueCrunch IV: The Enpraguening(Prague, Czech Republic, July 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event...
Black Hat USA(Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...
ISSA CISO Forum: Third Party Oversight(Las Vegas, Nevada, USA, August 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by...
BSides Las Vegas(Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...
Defcon 23(Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
5th Annual Cyber Security Training & Technology Forum (CSTTF)(Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...
Decepticon 2015(Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...
AFCEA OKC Technology & Cyber Security Day(Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...
Power Grid Cyber Security Exchange 2015(San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.