ISIS and Anonymous appear to be going after each other in cyberspace. Collision between two groups whose direction is largely inspiration will be interesting. (While they may rival one another in self-importance, ISIS has a corner on brutality.)
The US Government declines to say officially what's almost universally believed: Chinese intelligence services were responsible for the OPM breach. Other US agencies raise their eyebrows about OPM's request that they help pay for mitigation.
AshleyMadison's corporate parent finds few sympathetic ears willing to listen to characterization of its hack as "cyber terrorism." Crime, probably; terrorism, not so much. See Avast for comment on the breach's implications.
eWeek reports seeing indications that the Hacking Team (which again denies violating any laws) explored the possibility of targeting crypto-currencies.
Those looking for new things to worry about will find researchers' demonstration of how to hack a Jeep Cherokee interesting: a Wired reporter sat through it (literally, in the driver's seat).
Google patches forty-three Chrome vulnerabilities.
Arbor Networks says the average size of denial-of-service attacks is increasing.
Several bits of industry news. LookingGlass acquires Kleissner & Associates (see the CyberWire's interview with LookingGlass CEO Coleman) and Synopsys buys up some of Quotium's assets. Darktrace, Keybase, and WireX all announce new funding.
The US Commerce Department's Wassenaar implementation is widely panned. If you've time to read only one comment, read Google's.
US and Israeli police arrest four in connection with the JPMorgan hack, now seen as criminal, and not the Russian espionage widely perceived last year.
Today's issue includes events affecting Australia, Canada, China, France, Germany, Iraq, Israel, Italy, Philippines, Syria, Taiwan, Turkey, United Kingdom, United States.
U.S. decides against publicly blaming China for data hack(Washington Post) Months after the discovery of a massive breach of U.S. government personnel records, the Obama administration has decided against publicly blaming China for the intrusion in part out of reluctance to reveal the evidence that American investigators have assembled, U.S. officials said
China's New Intelligence War Against the United States(War on the Rocks) The Chinese intelligence threat is set to change dramatically as hackers believed to be linked to China's civilian intelligence agency, the Ministry of State Security (MSS), acquired millions of personal records from the U.S. Office of Personnel Management (OPM). Although the full extent of the damage remains unknown, fears have emerged about the compromise of data gathered during security clearance background checks, including foreign national contacts
Bartalex malspam pushing Pony/Dyre(Internet Storm Center) Earlier this year, we started seeing reports of macro-based Bartalex malware. Bartalex has been used in Microsoft Office documents sent through malicious spam (malspam). On Tuesday 2015-07-21, we found a sample to examine for today's diary. We used this example of Bartalex to infect a Windows host with Pony malware that downloaded a Dyre banking Trojan
'State Dept' email just tried to infect my computer(Federal Times) Someone pretending to be from the State Department just sent me a virus, a variation of a particularly nasty piece of malware that reportedly brought down the State Department's email system last year and compromised the White House's unclassified network
Statement From Avid Life Media Inc.(PRNewswire) We were recently made aware of an attempt by an unauthorized party to gain access to our systems. We immediately launched a thorough investigation utilizing leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident
Is the Ashley Madison data breach worse than other data breaches?(Avast Blog) Ashley Madison calls itself the "most famous website for discreet encounters between married individuals". Now, the platform for infidelity and dating has been hacked and its user database of 40 million cheaters with their real names, addresses, financial records, and explicit information were stolen. Discreet is done
Is It OK to Cheat on the AshleyMadison Cheaters? (Poll)(F-Secure: Safe & Savvy) The user register of AshleyMadison has been hacked. You don't know what that is? Well, that's perfectly fine. It's a dating site for people who want to cheat on their spouses. Many dislike this site for moral reasons, but there is apparently a demand for it. The Canadian site has some 37 million users globally! Some user data has already been leaked out and the hackers, calling themselves Impact Team, have announced that they will leak the rest unless the site shuts down. So this hack could contribute to many, many divorces and a lot of personal problems!
Stable Channel Update(Chrome Releases) The Chrome team is delighted to announce the promotion of Chrome 44 to the stable channel for Windows, Mac and Linux. Chrome 44.0.2403.89 contains a number of fixes and improvements
Google Patches 43 Bugs in Chrome(Threatpost) A new version of Google Chrome is available, and it contains patches for 43 security vulnerabilities, many of them in the high-risk category
Windows 10 Sharpens Browser Security With Microsoft Edge(TrendLabs Security Intelligence Blog) Internet Explorer is possibly the most popular target for vulnerabilities around today. In 2014 alone, a total of 243 memory corruption vulnerabilities in Internet Explorer were disclosed and patched
Are Asian governments the next major cybercrime targets?(eGovInnovation) In recent months, a disturbing trend happening right here in the Asia Pacific region has come to light — Cyber espionage groups are placing governments and military organizations in the region on their hit list, with an objective of gathering geo-political intelligence
Hardware encryption market revenue to reach $36.4 billion by end of 2015(Help Net Security) There are a variety of ways to secure data, either on the perimeter or within the LAN, but the most fundamental method in a defense-in-depth model is hardware encryption. The advantage of hardware-based solutions is that they bypass many of the typical drawbacks of software-based solutions like performance degradation or vulnerability to attacks aimed at the encryption key stored in memory
LookingGlass Acquires Prague-based Kleissner and Associates(The CyberWire) Mergers and acquisitions are of particular interest in a growing sector like cyber security. We spoke with LookingGlass CEO Chris Coleman about his company's acquisition of Prague-based Kleissner & Associates, and he shared his views on the importance of aligning acquisition with strategic goals
Synopsys Completes Acquisition of Seeker from Quotium(PRNewswire) Synopsys, Inc. (Nasdaq: SNPS) has completed its acquisition of certain assets of Quotium (NYSE Euronext: QTE), including the Seeker® product and R&D team. The asset acquisition adds talent and technology that will accelerate Synopsys' efforts in the software application security market and extend the company's Coverity® platform with interactive application security testing (IAST) functionality
Microsoft Buys FieldOne for Mobile CRM, Adallom for Cloud App Security(The VAR Guy) Microsoft (MSFT) made two mobile/cloud/security strategic purchases in the past few days, the first a $39 million deal to buy New Jersey-headquartered FieldOne Systems, which makes field service management solutions, and a second to buy Adallom, a cloud app cybersecurity provider, for some $320 million
Darktrace Raises Growth Equity From Summit Partners(PRNewswire) Darktrace, the leader in Enterprise Immune System technology, announced today that it has raised $22.5 million in Series B funding from Summit Partners, a global growth equity investor that has raised more than $16 billion in capital since inception
Keybase Raises $10.8M to Develop Encrypted Messaging Using Public Keys(CoinTelegraph) Keybase, a cryptographic message and verification startup, has raised US$10.8 million in a Series A funding round led by Andreessen Horowitz and including angel investors and entrepreneurs such as Reddit co-founder Alexis Ohanian, MakerBot co-founder Bre Pettis and Chain.com CEO Adam Ludwin
Israeli cybersecurity startup WireX raises $9.3M(GeekTime) The network forensics firm receives a major boost with its latest round of funding to improve its security solutions and reach new markets — and could give RSA a run for their money
CESG gives security seal of approval for Samsung Galaxy smartphones(SC Magazine) Communications and Electronics Security Group (CESG), the information security arm of GCHQ, issues security guidance for various end-user communication devices, and has just certified the Samsung Galaxy S6 and S6 edge encryption under its Commercial Product Assurance (CPA) programme for data-at-rest. Samsung Electronics says it is the first mobile handset vendor to receive a certification of this type in UK
Haystax Threat Analytics: Mitigating Insider Threats Before It’s Too Late(Homeland Security Today) Two men escaped from prison in upstate New York last month with the aid of two employees who provided tools and a cell phone. Their successful getaway shows that no matter how many safety measures an organization or government agency has in place, it's only as secure as the employees it hires
Corporate Espionage Risk Management For Financial Institutions(Tripwire: the State of Security) In the financial industry, business success and sustainability depends on the health of information systems. Damage to a firm's information systems can tarnish its reputation, compromise its data, as well as result in legal fines and penalties. Large firms often depend on thousands of such systems interconnected via the internet, which raises a major security concern of corporate espionage
How to apply threat intelligence feeds to remediate threats(Help Net Security) IT organizations are recognizing the value of threat intelligence feeds, and that's good. Threat intelligence is a must-have for identifying malware and other threats that evade preventive security controls. But threat intelligence is only as good as how you apply it — and many organizations aren't applying it in a way that enables them to get the full value
Creating an Intelligence-Led Security Organization(Cisco Blogs) I recently had the opportunity to sit down with Roland Cloutier, Global Chief Security Officer at ADP and former CISO at EMC, to discuss how they integrate and leverage threat intelligence into their security operations centers as well as their greater security technology infrastructure. It's pretty rare for the CISO of a F500 company to discuss what technologies they use in such an open way, but it was really a testament to the trust they have for the solutions they have chosen. To hear Roland discuss it himself, watch the video at the end of this post or read the case study
How Do You Protect Your Systems From Ransomware?(Lumension) In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work. In the case of most malware, if you can interrupt it at any point in the cycle you've neutralized it
Incident Tracking In The Enterprise(SANS Institute) Some organizations employ Computer Security Incident Response Teams (CSIRTs) to investigate and respond to security incidents. They often find these investigations to be poorly executed, time consuming, and ultimately
ineffective at discovering the root cause of a breach. Unfortunately, this is not usually due to the skill of
the investigators, but rather due to the tools and processes they use to manage the investigations
Why Isn't the Inventor of SMS Better Known?(TechCrunch) Alexander Graham Bell invented a telecommunications system that connected people around the world and became indispensable to businesses, governments and individuals, changing the way we interact forever
Wassenaar Arrangement 2013 Plenary Agreements Implementation: Intrusion and Surveillance Items(Regulations.gov) The Bureau of Industry and Security (BIS) proposes to implement the agreements by the Wassenaar Arrangement (WA) at the Plenary meeting in December 2013 with regard to systems, equipment or components specially designed for the generation, operation or delivery of, or communication with, intrusion software; software specially designed or modified for the development or production of such systems, equipment or components; software specially designed for the generation, operation or delivery of, or communication with, intrusion software; technology required for the development of intrusion software; Internet Protocol (IP) network communications surveillance systems or equipment and test, inspection, production equipment, specially designed components thereof, and development and production software and technology thereof
This is a Comment on the Bureau of Industry and Security (BIS) Proposed Rule: Wassenaar Arrangement Plenary Agreements Implementation; Intrusion and Surveillance Items(Regulations.gov) I am a published and respected forensics expert who pioneered the very first forensic techniques to extract data from the iPhone as early as 2008.. Since then, I have spend several years, and much of my time, assisting numerous law enforcement and military agencies around the world, including our own. I've trained government agencies in the US, Canada, and UK, and trained law enforcement from dozens of our allies here at home in the US. My work has been validated by the NIJ/NIST. I have invested my time in providing free assistance to many US-based federal and state agencies who have flown personnel into my small town for help in the middle of the night. Because of my research and hard work, I've provided the necessary information to the rest of the industry to be able to perform iOS forensics, and a vast majority of today's forensics solutions are founded upon my techniques
Google, the Wassenaar Arrangement, and vulnerability research(Google Online Security Blog) As the usage and complexity of software grows, the importance of security research has grown with it. It's through diligent research that we uncover and fix bugs — like Heartbleed and POODLE — that can cause serious security issues for web users around the world
OPM to Charge Agencies for Services Offered to Hack Victims(Government Executive) The Office of Personnel Management is asking agencies to pitch in to help pay for the credit monitoring services being offered to the 21.5 million individuals affected by the hack of background investigation data it maintains
Leading OPM back to the future(Federal Times) I was profoundly saddened to learn of Katherine Archuleta's resignation two weeks ago as Office of Personnel Management director, not only because of the personal toll it took on a friend and colleague of mine, but because of what OPM's massive data breaches did to the reputation of one of my former agencies
As Nations Hack Each Other, Protecting Personal Information Must Become National Security Priority(Forbes) The nation with the most powerful military in the world suffered a major strategic loss — and for several months not a single person even noticed. That's because that attackers didn't use traditional weapons or seek out conventional targets. They hacked their way in, exploiting lax security and management practices at the Office of Personnel Management. More than data, they shattered the foundation of secrets and information that our government has used to protect American interests at home and abroad
SOCOM Battles The Enemy Within (Strategy Page) The U.S. Army intelligence bureaucracy is again in trouble with SOCOM (Special Operations Command) over a long-term dispute about computer software. Troops in combat zones and especially SOCOM prefer to use an intelligence database management system called Palantir
Litigation, Investigation, and Law Enforcement
U.S., Israel make arrests related to JPMorgan hack(Reuters via Business Insurance) U.S. and Israeli law enforcement agencies have arrested four people in Israel and Florida related to securities fraud tied to computer hacks of JPMorgan Chase & Co. and other financial institutions, Bloomberg reported, citing sources
Hacking Team Claims It Always Sold 'Strictly Within the Law'(Threatpost) Hacking Team officials are disputing reports that the company sold its surveillance and intrusion software to oppressive regimes in countries that were under sanction. The company said it sold its products "strictly within the law and regulation as it applied at the time any sale was made"
- See more at: https://threatpost.com/hacking-team-claims-it-always-sold-strictly-within-the-law/113894#sthash.PdXi2QO8.dpuf
Experian Hit With Class Action Over ID Theft Service(KrebsOnSecurity) Big-three credit bureau Experian is the target of a class-action lawsuit just filed in California. The suit alleges that Experian negligently violated consumer protection laws when it failed to detect for nearly 10 months that a customer of its data broker subsidiary was a scammer who ran a criminal service that resold consumer data to identity thieves
ISP: Cyber Crime section has new area commander(Chesterton Tribune) The Indiana State Police's Special Investigation Command, Cyber Crime and Investigative Technologies Section of the Indiana State Police's Special Investigation Command for Area 1-which includes the Lowell Post-has a new chief
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
PragueCrunch IV: The Enpraguening(Prague, Czech Republic, July 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event...
Black Hat USA(Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...
ISSA CISO Forum: Third Party Oversight(Las Vegas, Nevada, USA, August 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by...
BSides Las Vegas(Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...
Defcon 23(Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
5th Annual Cyber Security Training & Technology Forum (CSTTF)(Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...
Decepticon 2015(Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...
AFCEA OKC Technology & Cyber Security Day(Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...
Power Grid Cyber Security Exchange 2015(San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.