As police in Italy and elsewhere round up terror suspects whose online activity contributes evidence of intent, many speculate about how to counter the online operations of groups like ISIS. Some call for social media self-regulation, others for "positive" counter-narratives, still others for ways of subverting encryption. (This last approach continues to be a matter of fierce policy, if not technical, debate. The Washington Post makes the case for "golden keys;" Motherboard and BoingBoing push back hard.) The problem is this: inspiration is harder to combat than direction. The wolves may be lone, but they hear the pack howling on the Internet.
The story of Jeep-hacking on Missouri roads has wheels: it spurs legislation, consideration of responsibility for automotive security, calls for in-car network segregation, and hopes for new DCMA exemptions. (Also concerns about where and when researchers demonstrate hacks.)
This week's cyber story stocks include Palo Alto Networks, Check Point, and Fortinet; the sector's incipient unicorn is Darktrace. An online but non-cyber business having a bad week is AshleyMadison's corporate parent, whose recent breach appears to have killed its plans for an IPO.
WordPress and Oracle patch.
Canada announces plans to increase cyber spending.
The US decision not to formally attribute the OPM hack to China is seen as evidence of American intention to distinguish traditional intelligence operations from criminal hacking. China is newly suspected of a watering hole attack against the (international) Permanent Court of Arbitration.
Snowden would like to return to the US (on his own terms).
Today's issue includes events affecting Canada, China, France, Germany, Indonesia, Iraq, Israel, Italy, Kenya, Democratic Peoples Republic of Korea, Mexico, New Zealand, Nigeria, Pakistan, Syria, Tunisia, United Arab Emirates, United Kingdom, United States.
Revealed: How to Wage War Against the Islamic State Online(National Interest) The media frenzy surrounding the rise of the Islamic State (IS) focuses heavily on the United States' military strategy. But since IS' influence transcends the battlefields of Iraq and Syria, it is equally important that the United States develop a coherent strategy to counter the group's social media reach. The twenty-four-hour news cycle and the Internet plaster IS' horrific beheading videos everywhere. President Obama's July 6 speech at the Pentagon on his strategy to combat IS, as one example, enjoyed only a fraction of the media coverage IS beheadings have received
Twitter and YouTube must self-regulate on terrorism(National) Nairobi's Westgate mall reopened on the Eid Al Fitr weekend, 22 months after it was attacked by a terrorist group that had live-tweeted the bloodshed and the drama of those four harrowing days in September 2013
Duke APT group's latest tools: cloud services and Linux support(F-Secure) Recent weeks have seen the outing of two new additions to the Duke group's toolset, SeaDuke and CloudDuke. Of these, SeaDuke is a simple trojan made interesting by the fact that it's written in Python. And even more curiously, SeaDuke, with its built-in support for both Windows and Linux, is the first cross-platform malware we have observed from the Duke group
Hacking Team's RCS Android: The most sophisticated Android malware ever exposed(Help Net Security) As each day passes and researchers find more and more source code in the huge Hacking Team data dump, it becomes more clear what the company's customers could do with the spyware, and what capabilities other organized and commercial malware authors will soon be equipping their malicious wares with
A tale of Pirpi, Scanbox & CVE-2015-3113(PWC) In the past year, PwC has notified the public about developments relating to the ScanBox reconnaissance framework on several occasions. There has recently been public reporting which relates to possible deployment of malware via ScanBox for the first time. While the report references activity related to a zero-day exploit against Adobe Flash (CVE-2015-3113), it does not detail the delivery mechanism used for this zero-day, which in fact uses ScanBox as part of the process
Modern APTs start at your corporate website(CSO) There hasn't been a day in recent months when the term "Advanced Persistence Threat" wasn't making headlines in the media. According to ISACA APT Awareness Study, 93.6 per cent of respondents consider APTs to be a "very serious threat" for their companies
Some more 0-days from ZDI(Internet Storm Center) For those of us that are in patching world the last few weeks has not been fun. It seemed like there was a new critical issue almost every other day and almost certainly just after you finished the previous round of patching. I guess that is what happens when a hacking firm is breached
Spike in ATM Skimming in Mexico?(KrebsOnSecurity) Several sources in the financial industry say they are seeing a spike in fraud on customer cards used at ATMs in Mexico. The reason behind that apparent increase hopefully will be fodder for another story. In this post, we'll take a closer look at a pair of ATM skimming devices that were found this month attached to a cash machine in Puerto Vallarta — a popular tourist destination on Mexico's Pacific coast
Automakers rush to add wireless features, leaving cars open to hackers(Stuff) The complaints that flooded into Texas Auto Centre that maddening, mystifying week were all pretty much the same: Customers' cars had gone haywire. Horns started honking in the middle of the night, angering neighbors, waking babies. Then when morning finally came, the cars refused to start
Google helps Adobe improve Flash security(Help Net Security) Adobe has been dealt a heavy blow after the Hacking Team data dump produced three Flash Player zero-day exploits and they begun being exploited in the wild
Oracle publishes 193 new vulnerabilities in July 2015 CPU(Onapsis Blog) As a company, Onapsis is focused on the security of business-critical applications such as SAP and Oracle. While our focus is on SAP applications, we have been doing research on Oracle business applications as well, identifying and reporting critical vulnerabilities. In this sense, Oracle is different from SAP, specifically with the way and timing that security patches are released and available to end users
Information security governance practices are maturing(Help Net Security) Information security governance practices are maturing according to Gartner's annual end-user survey for privacy, IT risk management, information security, business continuity or regulatory compliance
Small Biz Fears the Cyber Attack — and for Good Reason(PYMNTS) Small businesses are among the most skeptical of adopting cloud technology to manage their finances. Recent research from Software Advice found that most SMEs prefer in-house payroll systems, for example, for fear that crucial financial details and employee information will be stolen if payroll is moved to the cloud
Caught on the defensive: why the financial sector needs to reevaluate its approach to cyber risk(Banking Technology) Contrary to popular belief, the financial sector is now far more aware and better prepared for cyber attacks. The Bank of England's Financial Stability Report, issued 1 July, states that threat awareness has grown exponentially and the sector is leading efforts to combat cybercrime. Perhaps this isn't surprising given 90% of large businesses across the sector had suffered a malicious attack over the past year. But what is worrying is that the financial sector is falling into a familiar trap: by focusing so much on defence, it has failed to make provisions for an effective recovery
Why Healthcare Security Matters(SecurityWeek) Does it really matter if someone steals your healthcare records? What would a hacker do with that information? Sell it? To whom and for what purpose?
4 common but dangerous cyber threats and steps to address them(Property Casualty 360) Increased access to the technical tools needed to launch cyber attacks, minimal risk of apprehension and lucrative payouts have created a perverse incentive for criminals to embrace crimes that are cyber-enabled or cyber-dependent
Fortinet, Inc. (FTNT — $42.30*) Delivers Eye-Popping June Quarter; Raises FY15 Billings Outlook(FBR Blue Matrix) Last night, Fortinet delivered eye-popping June quarter results as the company handily beat the Street on the top line, bottom line, and billings fronts with major strength from the enterprise, and on the heels of a string of robust quarterly performances, with the company showing no signs of slowing its increasing product/service proliferation in the fast-growing next-generation cybersecurity arena
Fortinet +9.9% on Q2 beat, billings, guidance; FEYE, PANW, CYBR also up(Seeking Alpha) Fortinet (NASDAQ:FTNT) has followed up on its Q2 beat by guiding in its earnings slides (.pdf) for 2015 revenue of $1B-$1.01B and EPS of $0.51-$0.52. The latter (pressured by heavy spending) is only in-line with a $0.51 consensus, but the former is soundly above a $943M consensus
Check Point profit jumps on strong demand for cyber security(Reuters) Network security provider Check Point Software Technologies (CHKP.O) is benefiting from strong global demand for threat-prevention and mobile-security products, it said on Wednesday as it reported better-than-expected quarterly profit
Target opens cybersecurity center to fight online threats(FierceRetailIT) Target (NYSE:TGT) recently opened a state of the art Cyber Fusion Center to protect customer data from online threats. It is part of the $1 billion investment the retailer is making in technology and supply chain this year
Skills Gaps Hamper Firms' Cyber-Defenses(Infosecurity Magazine) IT leaders can't find enough capable security professionals to cope with the rapidly growing volume and sophistication of modern cyber-threats, despite employing more infosecurity pros today than they ever have, according to new research
A 'cyber capital' sprouts from Israel's desert(EnergyWire) Construction cranes swing lazily outside Yaron Wolfsthal's office in the Ben-Gurion University of the Negev. A string of new buildings on a nearby hilltop shimmer through the midafternoon heat
Cylance and Raytheon|Websense Partner on Next-Generation Malware Protection(MarketWatch) Cylance, the first predictive cyber security company that applies artificial intelligence to stop malware, and Raytheon|Websense, a leader in cyber products for commercial and government customers, today announced a partnership that extends Cylance's next-generation security technology to Raytheon|Websense customers
Fortscale Enhances Insider Threat Offering(Dark Reading) Operational workflow integration, enhanced behavior analytics and rapid response toolbox among new features in Version 1.4 that cuts response time by up to 30 percent
Cybersecurity Challenges For The IoT(CloudTweaks) The traditional approach to cybersecurity is to assume trust and then take steps to manage what isn't trusted. But as the concept of an industrial Internet of Things (IIoT) gains momentum, one of the primary challenges facing businesses is safeguarding connections between information technology (IT) and operational technology (OT)
Top obstacles to EMV readiness(Help Net Security) By October 1, 2015, the majority of U.S. businesses must transition to EMV-capable technologies or become newly liable for any costs incurred from fraud using old magnetic strip technologies
They Came From Outer Space: What Sci-Fi Movies Can Teach Us About IAM Security(IBM Security Intelligence) I gained some new insights into identity and access management (IAM) recently when I watched a 1950s science fiction movie titled "They Came from Outer Space." The plot involved aliens disguising themselves as humans in order to move about freely and accomplish their mission (repairing their crashed spaceship). Initially, the impostors are undetected, but the real humans soon realize something is amiss. The aliens' appearance is foolproof, so what tips off the humans that they aren't what they seem?
Hack Me Twice, Shame On Me(Lexington Institute) It is almost becoming tedious; every week or two another major U.S. institution, government department or major corporation is hacked. In the last two years, successful hacks of Premera Blue Cross, Anthem, Target, Home Depot, J.P. Morgan, EBay and Sony Pictures saw the personal, medical or financial data in some 550 million accounts compromised. Forbes reported that a hacking ring managed to steal over $1 billion from some 100 banks around the world. Government offices and departments that have been hacked include the White House, Department of Defense, Department of State, USPS and NOAA. The Pentagon's cyber defenses are tested 250,000 times an hour
Opinion: Why the information sharing bill is anti-cybersecurity(Christian Science Monitor Passcode) Supporters of the Cybersecurity Information Sharing Act says it's an essential tool for Washington and industry to exchange threat intelligence. But in reality, it would give the government carte blanche to collect and store more data on Americans, putting everyone's information at greater risk
US Senate Bill to Stop Smart Cars from Being Hacked(Hot for Security) The world's first automotive cyber-security law may force automakers to deliver software updates and stop vehicle tracking as part of new IT security standards regarding connected cars in the US
Putting the digital keys to unlock data out of reach of authorities(Washington Post) A contentious debate about encryption of data on smartphones and elsewhere has become even more intense in recent weeks. A collision is unfolding between law enforcement devoted to fighting crime and terrorism and advocates of privacy and secure communications. In these chaotic digital times, both are vital to the national interest, and it is imperative that experts invest serious time and resources into finding ways to reconcile the conflict
A 'Golden Key' for Encryption Is Mythical Nonsense(Motherboard) Last year, the Washington Post editorial board called for tech companies to create a "golden key" that would decrypt otherwise secure user communications for law enforcement. Apple, Google, Facebook, and others ignored the editorial, coming out with end-to-end encryption for iMessage and Facetime, end-to-end encryption for Gmail, and PGP for Facebook notification emails. Now, the Washington Post is doubling down on its call for a "golden key"
EFF Hopeful Car Hacking Demo Could Help Yield DMCA Exemption(Threatpost) The latest car hacking research from Charlie Miller and Chris Valasek has elicited a broad spectrum of reactions: admiration for the skill; outrage at the danger the demo may have put drivers; and even a patch from an automaker. And the EFF is hoping it might also help produce a new exemption to the Digital Millennium Copyright Act, the bane of many security researchers
Former Marine Charged With Stealing Fellow Marines' Identities(FARS News Agency via Military.com) A former United States Marine from Calumet City stole the identities of several fellow Marines and used their information to illegally procure more than $138,000 from Navy Federal Credit Union, according to an indictment returned this week in federal court in Chicago
NSA leaker Edward Snowden seeks return to U.S., on his terms(Los Angeles Times) Somewhere in the thousands of towering apartment blocks that ring the Russian capital, whistle-blower Edward Snowden remains in hiding two years after outraging U.S. intelligence agencies with revelations of their snooping into the private communications of millions of ordinary citizens
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
PragueCrunch IV: The Enpraguening(Prague, Czech Republic, July 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event...
Black Hat USA(Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...
ISSA CISO Forum: Third Party Oversight(Las Vegas, Nevada, USA, August 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by...
BSides Las Vegas(Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...
Defcon 23(Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
5th Annual Cyber Security Training & Technology Forum (CSTTF)(Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...
Decepticon 2015(Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...
AFCEA OKC Technology & Cyber Security Day(Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...
Power Grid Cyber Security Exchange 2015(San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.