ISIS has shown dismayingly effective information operations online and (especially) in social media. Observers see signs it may be acquiring broader, more sophisticated espionage and attack capabilities as well — ISIS isn't by any stretch the DPRK "city killer" of recent imagination, but its reach is growing. Note that June 29 is reckoned the Caliphate's anniversary: security specialists suggest increased vigilance as that date approaches.
Israeli cyber operators report a Hezbollah cyber campaign more advanced than any the group has hitherto undertaken.
Lawfare offers interesting speculation on the alleged Stuxnet whiff on Pyongyang's nuclear program.
A hacktivist group calling itself "Unicorn Nocturne" claims (in what Lawfare would probably call a "thinly sourced" story) to have pwned the security organs of the Chinese Communist Party.
Airbus confirms that flawed engine control software brought down the A400M destined for Turkey.
ESET tracks new variants of the Linux/Moose malware family, these designed not only for DDoS, but also to goose social media stats.
The IRS post mortems continue as revenue agencies look to avert return fraud as observers note how PII compromises cascade from enterprise to enterprise. Bay Dynamics CEO Rifai draws some lessons on the importance of detecting anomalous behavior. EY expert Remnitz outlines the coming trends in cyber crime.
The Japan Pension Service is also compromised.
The next moves on US surveillance policy now rest fully with Congress.
Some wonder if crooks scamming crooks in cyber black markets is karma. We prefer to see it as a smack-down by the invisible hand.
Today's issue includes events affecting Australia, China, European Union, France, Iraq, Israel, Japan, Palestine, Russia, Spain, Syria, Turkey, United Nations, United States.
The CyberWire will be in Northern Virginia this Wednesday, reporting from TechExpo's DC Metro Cyber Security Summit.
Cyber Attacks, Threats, and Vulnerabilities
A Deadly Mistake: Don't Underestimate ISIS in Cyberspace(National Interest) The nature of ISIS's online presence is intended to do three things. Firstly, and most importantly for the longevity of its existence, it's intended as a mechanism to attract and recruit members to its ranks. Secondly it's a means through which ISIS aims to strike fear into the hearts of all that come across its frequently gruesome propaganda. Both objectives are well documented, but a third dimension to the ISIS presence online is emerging: their attempts to use cyberspace for offensive purposes
The Failed North Korean Cyber Attack(Lawfare) According to this report from Reuters, the Unites States tried, but failed, to implant a Stuxnet-like virus within the North Korean nuclear weapons program operating system. The effort failed due, it is said, to North Korea's extreme isolation of its communication system. What are we to make of this report (which, I hasten to add, is lightly sourced — much more lightly than, say, the original New York Times piece outing Stuxnet) assuming it is true?
Chinese Hackers Steal Data From Powerful Party Security Agency(Epoch Times) Most Chinese hackers usually seem to work for the state in one way or another, pilfering the commercial secrets of companies abroad and feeding them back to state-run firms. But another group is instead targeting the Chinese Communist Party itself
ESET uncovers new Linux/Moose malware threat(SecurityWatch) Security specialists ESET has discovered a new threat from the Linux/Moose malware family that is generating fake activity on social networks, the company announced today
Researchers: Hola Fixes Incomplete(Threatpost) Hola, a popular, free, peer-to-peer service that enables anonymous surfing and access to blocked online resources, said today it has patched vulnerabilities discovered last week that expose its millions of users to possible code execution, remote monitoring and other threats to privacy and security
IRS Using 13-Yr. Old Microsoft Software(Fox Business) IRS computers are still running the 13-year old Microsoft (MSFT) Windows XP operating software which Microsoft stopped supporting a year ago with security updates
States Seek Better Mousetrap to Stop Tax Refund Fraud(KrebsOnSecurity) With the 2014 tax filing season in the rearview mirror, state tax authorities are struggling to incorporate new approaches to identifying and stopping fraudulent tax refund requests, a $6 billion-a-year problem that's hit many states particularly hard this year
The Future of Cyber Crime, and What Enterprises Can Do About IT(The CyberWire) The CyberWire was able to hear David Remnitz speak at 2015's inaugural Billington Corporate Cybersecurity Summit in New York. We caught up with him after the conference to discuss the future of cyber crime, and what enterprises can do about it
A Look at the Real Social Engineers(Tripwire: the State of Security) Since the very first day I started working in the information security industry, I have found everything to be just so interesting and fascinating
Hackers Expose 49% of FT 500 Europe(Recorded Future) Recorded Future analysis identified recent employee credential exposures for at least 49% (244) of the FT 500 Europe, a Financial Times listing of Europe's largest companies
3 Reasons IT Security Breach Costs Keep Rising(MSPMentor) Last week the Ponemon Institute rolled out the results of yet another Global Cost of Data Breach report and, surprising very few people in the security world, the stats show costs rising again
Can Tweeters be tamed?(Christian Science Monitor) In an age of uncivil social media, a simple tweet can bring a torrent of threats and taunts. Can anything be done to stop the 'trolls?'
A fundamental shift in security spending(Help Net Security) Firms are shifting their cyber security spend away from traditional Prevent & Protect approaches towards Detect & Respond operations, according to Pierre Audoin Consultants (PAC)
Confusion regarding strategic defenses for network security(Help Net Security) RedSeal uncovered a high level of confusion regarding security issues in the network infrastructure. Nearly 60% of the 350 C-level executives surveyed believe they can "truthfully assure the board beyond a reasonable doubt" that their organization is secure, a surprising show of confidence in an environment where many reports reveal a high incidence of network breaches in up to 97% of all companies
Centrify's Holly Adams Named to 2015 CRN Women of the Channel List(BusinessWire) Centrify Corporation, the leader in unifying identity management across cloud, mobile and data center, today announced that Holly Adams, head of channel marketing for Centrify, has been named to The Channel Company's prestigious 2015 CRN® Women of the Channel
Which malware lures work best?(Help Net Security) More often than not, malware peddlers' main goal is to deliver their malicious wares to the maximum number of users possible. Choosing the right lure is crucial to achieving that goal
Detecting Lateral Movement(Windows Incident Response) Almost two years ago, I posted this article that addressed how to track lateral movement within an infrastructure. At the time, I'd been using this information successfully during engagements, and I still use it today
Protecting Client Data: Shoring Up Information Security at Law Firms(Duo Security) According to Marsh's 2014 Global Law Firm Cyber Survey published early this year, nearly 80 percent of law firms consider cyber security and privacy to be one of their firm's top 10 risks, but 51 percent said they have not taken measures to reduce cyber risk
How the Tech Behind Bitcoin Could Stop the Next Snowden(Wired) The National Security Agency knows Edward Snowden disclosed many of its innermost secrets when he revealed how aggressive its surveillance tactics are. What it doesn't know is just how much information the whistleblower took with him when he left
Either way, no more NSA collection of U.S. phone records(MIlitary Times) However Congress resolves its impasse over government surveillance, this much is clear: The National Security Agency will ultimately be out of the business of collecting and storing Americans' calling records
Sunset of Section 215 Means All Eyes on USA Freedom Act(Threatpost) The sun may have set at midnight on Section 215 of the PATRIOT Act, putting a temporary halt to the NSA's bulk collection of phone call metadata, but privacy champions and legal experts point to May 7 as the day the lights dimmed on that facet of the government's surveillance efforts
Opinion: Why Congress should not pass USA Freedom(Christian Science Monitor Passcode) While it has been hailed as a surveillance reform bill, the USA Freedom Act would immediately ramp back up the collection of billions and billions of records about our everyday actions
Don't (Just) Let the Sun Go Down on Patriot Powers(Motherboard) A handful of provisions of the sprawling USA Patriot Act are now all but certain to at least temporarily expire at the end of the month, including the controversial section 215, the basis of the National Security Agency's notorious bulk telephone records dragnet
Newly Declassified Documents(IC on the Record) Today we've added newly declassified documents to two prior posts: The Department of Justice Releases Additional Documents Concerning Collection Activities Authorized by President George W. Bush Shortly After the Attacks of September 11, 2001 — Published December 12, 2014; Release of Documents Concerning Activities under the Foreign Intelligence Surveillance Act — Published March 3, 2015
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Gartner Security & Risk Management Summit(National Harbor, Maryland, USA, June 8 - 11, 2015) Gartner Security & Risk Management Summit 2015 provides you with best practices and strategies so you can maintain cost-effective security and risk programs in order to support digital business and drive...
Cornerstones of Trust 2015(San Mateo, California, USA, June 16, 2015) The World Ahead: Ending The Insanity In Information Security. Insanity is often defined as repeatedly doing the same while expecting different results. Year after year our cyber security success has been...
Techno Security & Forensics Investigations Conference(Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...
Mobile Forensics World(Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...
TakeDownCon: Capital Region 2015(East Hyattsville, Maryland, USA, June 1 - 2, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
School on Computer-aided Cryptography(College Park, Maryland, USA, June 1 - 4, 2015) The goal of the school is to provide participants with an overview of computer-aided cryptography with a special focus on computer-aided cryptographic proofs using the EasyCrypt tool. Lectures discussing...
AusCERT2015: Smarten up(RACV Royal Pines Resort, Gold Coast, Queensland, June 1 - 5, 2015) This year's conference theme explores how we need to smarten up to manage information security risks better. We need to "smarten up" by focusing on information security essentials; by taking advantage...
NSA SIGINT Development Conference 2015(Fort Meade, Maryland, USA, June 2 - 3, 2015) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
ASIA (Annual Symposium on Information Assurance)(Albany, New York, USA, June 2 - 3, 2015) ASIA is an event held jointly with the 18th Annual New York State Cyber Security Conference (NYSCSC), aiming to attract researchers and practitioners alike for engaging talks about information security...
Infosecurity Europe 2015(London, England, UK, June 2 - 4, 2015) Infosecurity Europe is the largest and most attended information security event in Europe. It is a free exhibition featuring not only over 325 exhibitors and the most diverse range of new products and...
Cyber Security Summit: DC Metro Area(Tysons Corner, Virginia, USA, June 3, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at...
Seventh Annual Information Security Summit(Los Angeles, California, USA, June 4 - 5, 2015) Information Security has become top of mind for companies and this conference is a must for IT staff, CISOs, Board members and CEOs. The Seventh Annual Information Security Summit offers comprehensive,...
ShowMeCon 2015(St. Louis, Missouri, USA, June 8 - 9, 2015) This highly technical forum showcases eye-opening presentations from world-renown ethical hackers and security experts that will leave you amazed and frightened at the same time. By giving you access into...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.