ISIS's acceleration of its information campaign toward increasingly effective, lurid cruelty moves Europol to target the Caliphate's social media presence.
Five Eyes (at least two of them) are implicated by Wikileaks in reverse engineering of security products.
France reacts to US surveillance of the Palais de l'Élysée much as the US reacts to Chinese mining of the Office of Personnel Management (OPM).
As that OPM horrorshow continues, fresh minor surprises surface in other parts of the [dot]Gov world. Recorded Future finds a large number of government credentials in various hacker dumps. Some members of Congress think last year's USIS breach was a big part of the problem. A glitch in State Department security processing software seems to be clogging visa processing.
The OPM problem may have spread to the National Archives and Records Administration (NARA), particularly troubling given the role NARA has recently assumed in protecting sensitive unclassified information.
Congress yesterday continued grilling OPM (and supporting agencies, particularly the Department of Homeland Security). OPM's Archuleta hangs tough in the face of skeptical questioning, citing her own anger, pending upgrades (including Einstein 3), etc. Homeland Security throws some cold water on Einstein 3 — even its latest versions represent, the Department testifies, yesterday's technology.
Federal Government performance draws comparisons to the 1962 Mets (OPM as Marvelous Marv Throneberry) but part of the Government's response is noteworthy — an apparent determination to look inward and not blame China for intelligence collection (cf. France): Sino-US talks show cyber tension, but over IP theft, not espionage.
Today's issue includes events affecting China, European Union, France, Germany, Indonesia, Iraq, Democratic Peoples Republic of Korea, Malaysia, Moldova, Russia, Sweden, Syria, Turkey, United Kingdom, United States.
The CyberWire will be covering SINET's Innovation Summit in New York tomorrow. We'll live-tweet the proceedings and devote a special issue Friday to the conference.
Cyber Attacks, Threats, and Vulnerabilities
ISIL spreads its web in South-East Asia(The National) Brandishing AK-47s, the group of men march along the shoreline with religious music playing and a voice-over calling on followers to join their cause
Does alleged NSA hack of Kaspersky signal new front in cyberwar?(Christian Science Monitor Passcode) Newly released documents reveal a systematic campaign to reverse-engineer anti-virus software produced by firms like Russia's Kaspersky Labs, allowing intelligence agencies to uncover vulnerabilities that could help subvert them
US spying: Don't expect France to do anything(The Local (France)) While the French political world reacted with anger and shock — at least publicly — to the revelations that the US spied on the country's presidents, and demanded firm action, the reality is nothing will happen
Why China Wants Your Sensitive Data(Dark Reading) Since May 2014, the Chinese government has been amassing a 'Facebook for human intelligence.' Here's what it's doing with the info
Hundreds of .Gov Credentials Found In Public Hacker Dumps(Wired) It's no surprise that careless government employees use their .gov email addresses to sign up for all sorts of personal accounts. But when those insecure third party services are breached by hackers — and if those employees were foolish enough to reuse their .gov passwords, too — that carelessness can offer a dead-simple backdoor into federal agencies, with none of the usual "sophisticated Chinese attackers" required
Exclusive: Signs of OPM Hack Turn up at Another Federal Agency(Nextgov) The National Archives and Records Administration recently detected unauthorized activity on three desktops indicative of the same hack that extracted sensitive details on millions of current and former federal employees, government officials said Monday. The revelation suggests the breadth of one of the most damaging cyber assaults known is wider than officials have disclosed
Cybersecurity Sprint: Federal CIO Orders 'Dramatic Increase' in Use of Two-Factor Authentication(Duo Security) In response to the OPM hack that leaked four million records of personal data (and potentially more information, including classified employee security clearance data), the U.S. Chief Information Officer (CIO) launched a 30-day Cybersecurity Sprint, another name for the baseline security requirements that every federal agency must take steps toward implementing in the next thirty days
OPM stands by security upgrade amid critiques(The Hill) Office of Personnel Management Director Katherine Archuleta pushed back against a recent government "flash audit" that admonished the agency's much-touted network modernization plan as poorly budgeted and managed
OPM head: 'I'm as angry as you' about poor fraud protection(The Hill) Office of Personnel Management (OPM) Director Katherine Archuleta told senators Tuesday "I'm as angry as you are" about reports that credit monitoring firm CSID has offered substandard service to the millions of victims of the recent federal data breach
Senators leave classified OPM brief wanting details(The Hill) Senators gleaned little from a classified briefing the Obama administration held Tuesday night on the recent Office of Personnel Management (OPM) data breach that has exposed millions of federal workers' information
Breached Network's Security Is Criticized(Wall Street Journal) System that failed to prevent millions of sensitive government files from being hacked is largely unable to stop the most sophisticated attacks
Why Can't We Play This Game?(Cipher Brief) Jimmie Breslin borrowed a line from manager Casey Stengel to title his chronicle of the worst team in baseball history, the 1962 Mets. Stengel plaintively asked, "Can't Anybody Here Play This Game?" Given recent events, Americans could be asking the same question about their government's cyber performance
Cyberattack on USIS may have hit even more government agencies(Washington Post) The massive cyberattack last year on the federal contractor that conducted background investigations for security clearances may have been even more widespread than previously known, affecting the police force that protects Congress and an intelligence agency that helped track down Osama bin Laden
Computer glitch at State Department causes havoc for foreign visitors(Washington Post) A computer glitch in the State Department system for conducting security checks on foreign visitors has virtually halted the issuing of visas at embassies worldwide this month, upending the travel plans of hundreds of thousands of people seeking to come to the United States for business and pleasure
Did The Aviation Industry Fail Cybersecurity 101?(Tripwire: the State of Security) Most of us in the cybersecurity industry are familiar with a recent "tweet heard around the world." Yes, I'm referring to the infamous tweet that caused Chris Roberts to be removed from a United Airlines flight. This incident has undoubtedly generated much criticism aimed at both Roberts and the airline industry
New Adobe Zero-Day Shares Same Root Cause as Older Flaws(TrendLabs Security Intelligence Blog) Earlier we talked about the out-of-band update for Flash Player that was released by Adobe (identified as APSB15-14) that was released to fix CVE-2015-3113. This update raised the Flash Player version to 220.127.116.11
US Healthcare Organizations Most Affected by Stegoloader Trojan(TrendLabs Security Intelligence Blog) Most victims of the Stegoloader Trojan, which has recently been making its rounds in the news, are observed to come from healthcare organizations in North America. The malware known as TROJ_GATAK has been active since 2012 and uses steganography techniques to hide components in .PNG files
Phishers target middle management(CSO) Phishing scammers have infiltrated the enterprise and they're finding easy prey, but it's not in the C-suite as previously thought. Attackers are exploiting the multitasking, often overloaded middle management ranks, according to research by security and compliance firm Proofpoint
Security Patches, Mitigations, and Software Updates
Security updates available for Adobe Flash Player(Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected system
Emergency Patch for Adobe Flash Zero-Day(KrebsOnSecurity) Adobe Systems Inc. today released an emergency update to fix a dangerous security hole in its widely-installed Flash Player browser plugin. The company warned that the vulnerability is already being exploited in targeted attacks, and urged users to update the program as quickly as possible
eBay Fixes Security Gap in Magneto eCommerce Platform(PYMNTS) It's not the first time eBay has had to patch security holes on its eCommerce platform, Magento, but the online marketplace company has once again cleaned up vulnerabilities that could have provided hackers the opportunity to steal data
iOS 9, Android M Place New Focus On Security, Privacy(InformationWeek) Google and Apple have publicly challenged calls from law enforcement agencies to weaken encryption on consumer devices. In turn, iOS 9 and Android M will sport a string of new security and privacy features for users
Combating Maritime Cyber Security Threats(MarineLink) The U.S. Executive Branch has declared that the cyber threat is one of the most serious economic and national security challenges we face as a nation, and that America's economic prosperity in the 21st century will depend on effective cyber security. Before the maritime industry sounds the danger signal, it needs to monitor other industries and branches of the government and take proactive preventative measures. There is no better place to prepare future and current mariners for these challenges than in maritime simulators
Why Most Cybersecurity Activity Happens Outside the CISO's Office(Wall Street Journal) Most corporate cybersecurity efforts happen outside the official security department, says James Kaplan, a partner at McKinsey & Co. and co-author of "Beyond Cybersecurity: Protecting Your Digital Business." Critical cybersecurity work touches all areas of a company, including risk management and application development, Mr. Kaplan said. He stopped by The Wall Street Journal's office to discuss the current state of cybersecurity and how it can be more effective
Fundraising values Palantir at $20bn(Financial Times) Palantir, the big data start-up that began life catering for the intelligence services, is raising funds at a $20bn valuation, more than doubling its worth in a year and a half
Damballa Appoints Stephen Newman as CTO(BusinessWire) Damballa, a leader in advanced threat detection and containment, today announced the promotion of Stephen Newman to chief technology officer. Newman succeeds former CTO Brian Foster, who joins Damballa's Strategic Advisory Board. Newman was previously vice president of products for the company. With the appointment, the company also announced that Joseph Ward has been promoted to vice president of products
Facebook Helps Combat Apple XARA Vulnerabilities With Osquery(Threatpost) Apple may still be in the process of patching XARA, the series of weaknesses that surfaced in its authentication infrastructure last week, but Facebook has stepped up and made it easier for organizations to detect whether their system is being exploited by the vulnerabilities
Cisco selects Radware's DDoS mitigation technology(F.Business) Cisco has selected Radware, a provider of application delivery and application security solutions for virtual and cloud data centres, to provide its distributed denial of service (DDoS) mitigation technology for the new Cisco Firepower 9300 appliance designed for service providers
Facebook implements security tool (Kaspersky) to fight malicious software(Lauderdale Daily News) A Facebook security engineer, Trevor Pottinger told [us], "Thanks to the collaboration with these companies, in the past three months we have helped clean up more than two million people's computers that we detected were infected with malware when they connected to Facebook"
TLS security: What really matters and how to get there(Help Net Security) Deploying TLS securely is getting more complicated, rather than less. One possibility is that, with so much attention on TLS and many potential issues to consider, we're losing sight of what's really important
7 Considerations to Reduce the Cyber Attack Surface(SecurityWeek) Most cyber attacks and breaches are not manifested as bad actors storming the data center or network perimeter. Threats typically move from the data center out, whether as malware or an insider undertaking some form of exfiltration. Indeed, today's network perimeter is increasingly not a single physical or virtual place, yet much of the industry debate is still focused on the perimeter
Lessons from the Sony Hack: The Importance of a Data Breach Response Plan(National Law Review) In a decision emphasizing the need for employers to focus on data security, on June 15, 2015, the U.S. District Court for the Central District of California refused to dismiss a lawsuit filed by nine former employees of Sony Pictures Entertainment who allege the company's negligence caused a massive data breach. Corona v. Sony Pictures Entm't, Inc., Case No. 2:14-cv-09600 (C.D. Ca. June 15, 2015)
Barclays partners with bitcoin tech vendor Safello on proof of concept(FierceFinanceIT) Barclays has reportedly signed a proof of concept with European bitcoin retailer Safello aimed at working together to explore how blockchain technologies could be used in the financial sector. The partnership came after Safello completed participation in Barclays' 13-week accelerator program
Morgan State University Professor Kevin Kornegay is leading new Internet of Things Initiative(Black Engineer) Dr. Kornegay, professor, Electrical and Computer Engineering Department, Morgan State University's Mitchell School of Engineering
Internet-connected cameras that allow you to post photos to Facebook or Instagram with a single click; home systems that turn on your porch light when you leave work; and wearable technology that easily track daily fitness results are just a few of the millions of "things" connected to the Internet
Legislation, Policy, and Regulation
Why an Arms Control Pact Has Security Experts Up In Arms(Wired) Security Researchers say a proposed set of export rules meant to restrict the sale of surveillance software to repressive regimes are so broadly written that they could criminalize some research and restrict legitimate tools that professionals need to make software and computer systems more secure
Blackshades malware hacker gets 5 years in prison(New York Post) The mastermind behind the malicious software "Blackshades" that infected a half-million computers worldwide was sentenced to almost 5 years in prison Tuesday as the federal judge bashed him for "spreading misery to the lives of thousands"
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Fifth Annual International Cybersecurity Conference(Tel Aviv, Israel, June 22 - 25, 2015) The conference, held jointly this year by the Yuval Ne'eman Workshop for Science, Technology and Security, the National Cyber Bureau, the Prime Minister's Office, the Blavatnik Interdisciplinary Cyber...
Cyber Security for Defense(Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...
AFCEA PNC Tech & Cyber Day(Tacoma, Washington, USA, June 25, 2015) The Armed Forces Communications & Electronics Association (AFCEA) - Pacific Northwest Chapter (PNC) will once again host the 5th Annual Information Technology & Cyber Day at Joint Base Lewis-McChord (JBLM)...
Cybersecurity Outlook 2016(Tysons Corner, Virginia, USA, June 26, 2015) Cybersecurity Outlook 2016 is a breakfast event by Potomac Tech Wire and Billington CyberSecurity that brings together senior executives in the Mid-Atlantic to discuss technology issues in a conversational,...
US News STEM Solutions: the National Leadership Conference(San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...
NSA Information Assurance Symposium (IAS) 2015(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Information Assurance Symposium (Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Cyber Security for Healthcare Summit(Philadelphia, Rennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...
Information Assurance Symposium(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Cyber Security for Healthcare Summit(Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...
Cybergamut Tech Tuesday: The Truth About Security Your System(Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...
Securing Your Digital Assets(New York, New York, USA, July 14, 2015) Privacy and data security are a growing concern across all industries, and any breach of corporate or personal digital assets threatens financial and reputational harm. With all of the news and educational...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.