Expect some apparent Islamist cyber vandalism to be false flag hacks by state intelligence services — this would appear to be the lesson of the TV5 Monde hack, now regarded as a Russian operation. (It's important to note that much will still be committed by freelancing jihadists — one of whom just pled guilty to US Federal charges in Virginia — and some will be centrally directed by organized groups.)
Russian intrusion into Bundestag networks persists, too.
Kaspersky continues to receive good reviews for its handling of the Duqu 2.0 infestation it suffered. Many observers conclude on the strength of circumstantial evidence that Duqu 2.0 is an Israeli operation. Swiss police raid a facility possibly connected with surveillance of Iranian nuclear diplomacy; Austrian police undertake a related investigation.
The recently disclosed hack of the US Office of Personnel Management (OPM) provides a contrasting incident response case study. While OPM did try to get ahead of the story, it increasingly appears that the news is worse than first reported: 14 million people, not 4 million, are apparently affected, and that figure may rise. Seeping bad news provides an unfortunate perspective on the Government's proposed fixes, like requiring https by the end of 2016. (Wikipedia turned https on by default this morning, for example — people are noticing.)
Microsoft is applauded for blocking the Ask toolbar.
Security upgrades arrive not only for Wikipedia, but Ubuntu, Cisco IOS XR, OpenSSL, watchOS, Twitter, and (sort of) Snapchat.
Law firms look to their cyber security.
Rapid7 announces its IPO.
Today's issue includes events affecting Austria, Canada, China, France, Germany, Iraq, Iran, Israel, Russia, Switzerland, Syria, United Kingdom, United States, and Vietnam.
Why Kremlin-backed Russian hackers blamed Isis for cyberattack on TV5 Monde(International Business Times) At 10pm on 8 April 2015 the millions of viewers watching the 11 channels operated by French TV station TV5 Monde saw their screens go blank as hackers disrupted broadcast for three hours. They also brought the station's internal systems to its knees and took control of the social media accounts and websites associated with the station
Duqu spy group also targeted telecommunications companies(IDG via CIO) The group behind the Duqu cyberespionage tool has compromised at least two telecommunications operators and one electronic equipment manufacturer, in addition to a cybersecurity firm and venues that hosted high-level nuclear negotiations between world powers and Iran
Duqu2.0 knocks Kaspersky and security peers(SC Magazine) The news that Kaspersky Lab, one of the leading cyber-security companies in the world, was hit by a "next-generation" malware attack is an indication of both how far we have come in cyber-warfare and how much further we still have to go
4 Unsolved Mysteries About Duqu 2.0(Dark Reading) Several key questions remain surrounding the nation-state attack targeting intel at Kaspersky Lab, international participants at the Iranian nuclear negotiations, and other organizations
Report: OPM hack went undetected for a year(Federal Times) The cyber attack that potentially exposed information on 4 million people lasted far longer and may have done more damage than has been publicly acknowledged, according to an ABC News report
Why The OPM Breach Is Such a Security and Privacy Debacle(Wired) If it's not already a maxim, it should be: Every big hack discovered will eventually prove to be more serious than first believed. That's holding to be especially true with the recently disclosed hack of the federal Office of Personnel Management, the government's human resources division
White House Weighs Responses as Scope of Federal Hack Widens(BloombergBusiness) More federal personnel records have been hacked than previously reported and U.S. officials are weighing responses ranging from new counterintelligence initiatives to destroying the data in the intruders' servers, according to people briefed on the investigation
OPM's response to hack comes under fire(FierceGovernmentIT) Since news came out about the cyber attack on the Office of Personnel Management, more information has come out about the agency's steps to help millions of affected government workers and to shore up its cyber defenses, but those efforts are being met with doubt
Hack the vote: Cyber experts say ballot machines easy targets(Fox News) The recent cyber theft of millions of personnel records from the federal government was sophisticated and potentially crippling, but hackers with just rudimentary skills could easily do even more damage by targeting voting machines, according to security experts
Popcash Malvertising Leads to CryptoWall(Malwarebytes Unpacked) The online advertising industry is a very lucrative business and so it comes as no big surprise that cyber-criminals have taken a keen interest on how to 'milk' it using different fraudulent techniques
Bug in iOS Mail app is a dream come true for phishers(Help Net Security) A serious bug in the default Apple iOS Mail application can be easily exploited to show extremely realistic-looking pop-up prompts and trick users into sharing their Apple iCloud login credentials, security researcher Jan Soucek warns
Gift Card Scams(IC3) While it is very popular to purchase, spend, and give others gift cards, the FBI would like to warn consumers of the potential for fraud
DDoS Attacks Cost Victims Average of $40,000 per Hour(Dark Matters) The annual DDoS Threat Landscape Report (gated) reveals that distributed denial of service (DDoS) attacks can cost a victim as much as $40,000 dollars per hour in lost revenue, the loss of consumer trust, sensitive data theft, and intellectual property losses
Ubuntu Releases Security Update(US-CERT) Ubuntu has released 10 security updates to address multiple vulnerabilities affecting Ubuntu 15.04, 14.10, 14.04 LTS, and 12.04 LTS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of the affected system
Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability(Cisco Security Advisory) A vulnerability in the IP version 6 (IPv6) processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit (NPU) and a reload of the line card processing an IPv6 packet
Twitter's new 'Block Together' enables en masse blocking of trolls(Naked Security) Twitter's new 'Block Together' enables en masse blocking of trollsTwitter's ever-growing toolkit for handling harassers might do the job for normal people, but those who get caught up in harassment campaigns like Gamergate can get stuck in an endless game of whack-a-mole, overwhelmed by hundreds of harassers as tormenters pull cohorts in on coordinated attacks and put up new accounts as fast as they can be closed down
The Seven Steps of a Successful Cyber Attack(Infosec Breach) Advanced cyber attacks can now nest inside a network for more than 200 days on average before being discovered. In the infamous Sony Pictures breach, the hackers infiltrated the network for over a year before they were detected. That's a long time for an attacker to stealthily gather private data, monitor communications and map the network
20 Top Security Influencers(eSecurity Planet) It can be tough to know where to go for the latest enterprise security news and actionable advice. This list of influencers is a great place to start
Legal vertical ripe for security support(MicroScope) Legal firms are increasingly being asked by their clients to provide guidance around cyber security risks and help deliver advice about risk management
Cyber defenses crucial for law practices(Daily Record) Law firms can be attractive targets for hackers, in part because they handle sensitive, confidential documents such as financial records or medical histories that could easily be exploited. But firms also may not be doing enough to prevent cyberattacks, experts say. The biggest challenge facing law firms is the "shoemaker's children have no shoes" trap
IT security's worst fear: CIO fear itself(FierceCIO) Corporate board attention, CEO priorities, IT budgets, and even IT hiring are all focused squarely on all things cybersecurity, but most CIOs and CSOs still fear they are sitting in the crosshairs of a pending attack or breach
Cybersecurity Firm Rapid7 Files For $80 Million IPO(Forbes) Boston-based cybersecurity firm Rapid7 announced its plans to go public in an SEC filing on Thursday, confirming rumors that the company was one of several security firms with IPO plans this year. The company is seeking to raise $80 million in the IPO, according to the filing
Wall Streeters back Symbiont crypto-securities startup(FierceFinanceIT) A startup that plans to leverage the blockchain technology that underpins Bitcoin to improve the efficiency of financial markets has attracted key Wall Street executives to participate in a $1.25 million seed financing round
Deutsche Bank Picks Top 3 Cybersecurity Stocks to Buy Now(24/7 Wall Street) Almost every single day, we hear something about a security breach. Recently it was the U.S. government getting hacked and thousands of names and information stolen. Enterprise and network security is probably the current highest priority in our nation. Deutsche Bank recently attended the Gartner Security event, and from their discussions concluded that spending will continue is a big way
How to develop effective honeypots(Help Net Security) Honeypots — decoy systems used for learning cyber attackers' capabilities and potential objectives — can be very useful to organizations, businesses, and individuals
Instilling a culture of cyber security(Help Net Security) Every company that sells cyber security technology markets how their tools will "defend", "stop threats" and "protect". There is no doubt that the technologies that exist today are quite incredible in helping fight malicious adversaries. However, the reality is that technology can sometimes cause a false sense of security
U of I looks for weak cyberlinks in the power grid(Crain's Chicago Business) The University of Illinois was chosen by the Department of Homeland Security to lead a $20 million effort to beef up technology used to run the nation's critical infrastructure
DHS secretly videotaping citizens to 'predict crime'(WND) Traveling through the T. F. Green Airport of Providence, Rhode Island? If so, the Department of Homeland Security may be collecting video of you as part of a project to sniff out behavioral indicators of "malicious intent"
Legislation, Policy, and Regulation
The four rules of being a good Chinese "netizen"(Quartz) As China celebrates its second annual National Cybersecurity Week, top officials and the country's leading papers have worked hard to spread the message that it's not just the responsibility of the state to promote cybersecurity, but something all citizens should be concerned about and involved in
France wants RTBF law to be applied properly(Softpedia) One year after the European Union's Court of Justice decided that the Right to Be Forgotten law would stand, CNIL, France's user privacy watchdog agency, is now making new formal demands, asking Google to delist approved results from all its domain extensions, not just the French one
S.C. Congressman seeks gauge of cyber attacks(Southern Political Report) National-defense policymakers need a way to gauge the severity of the increasingly frequent cyber attacks so that they canrecommend the appropriate strategic response, according to the chairman of the House Armed Services' Emerging Threat Subcommittee
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Fifth Annual International Cybersecurity Conference(Tel Aviv, Israel, June 22 - 25, 2015) The conference, held jointly this year by the Yuval Ne'eman Workshop for Science, Technology and Security, the National Cyber Bureau, the Prime Minister's Office, the Blavatnik Interdisciplinary Cyber...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
POPL 2016(St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...
NSA Mobile Technologies Forum (MTF) 2015(Fort Meade, Maryland, USA, June 8 - 12, 2015) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
19th Colloquium for Information Security Education (CISSE)(Las Vegas, Nevada, USA, June 15 - 17, 2015) The Colloquium for Information System Security Education (CISSE) has represented the constant in the changing field of cybersecurity education. CISSE was established in 1996. Its mission was (and still...
Information Management Conference 2015(Nashville, Tennessee, USA, June 15 - 18, 2015) This year's theme is "Mission Excellence through Innovation" and is aligned with the Information Resources Management Strategic Plan vision, which aims to collaborate as an enterprise and deliver innovative...
Cornerstones of Trust 2015(San Mateo, California, USA, June 16, 2015) The World Ahead: Ending The Insanity In Information Security. Insanity is often defined as repeatedly doing the same while expecting different results. Year after year our cyber security success has been...
AFCEA Defensive Cyber Operations Symposium(Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...
TRUSTe Internet of Things Privacy Summit 2015(Menlo Park, California, USA, June 17, 2015) The Second IoT Privacy Summit will be held on June 17th 2015 and focus on practical solutions to the privacy challenges of the Internet of Things with multiple case studies, workshops and panel presentations...
Portland Secure World(Portland, Oregon, USA, June 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
2015 Community College Cyber Summit (3CS)(North Las Vegas, Nevada, USA, June 17 - 19, 2015) The second annual Community College Cyber Summit (3CS), hosted by the College of Southern Nevada, is organized and produced by the five cybersecurity-related Advanced Technological Education (ATE) centers...
Suits and Spooks All Stars 2015(New York, New York, USA, June 19 - 20, 2015) Unlike our typical "collision" event, our All Stars will have at least 60 minutes each for their talks. Seating will be limited because we're going to hold it in one of our most popular venues —...
REcon 2015(Montréal, Québec, Canada, June 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations...
Nuit du Hack 2015(Paris, France, June 20 - 21, 2015) The "Nuit Du Hack" conference was initiated in 2003 by the French hacking group: HackerZvoice. This event has been gathering people willing to learn and share their knowledge around lectures and challenges...
Cyber Security for Defense(Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...
Cybersecurity Outlook 2016(Tysons Corner, Virginia, USA, June 26, 2015) Cybersecurity Outlook 2016 is a breakfast event by Potomac Tech Wire and Billington CyberSecurity that brings together senior executives in the Mid-Atlantic to discuss technology issues in a conversational,...
NSA Information Assurance Symposium (IAS) 2015(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
US News STEM Solutions: the National Leadership Conference(San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...
Information Assurance Symposium(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Cyber Security for Healthcare Summit(Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...
Cybergamut Tech Tuesday: The Truth About Security Your System(Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.