Israeli officials (as they cautiously mull unification of their national cyber assets, not wishing to disrupt Unit 8200) describe what they characterize as recent Iranian–led and –supported attacks on Israeli networks.
Effects of the US Office of Personnel Management (OPM) breach continue to ripple outward, affecting the rest of the Government both directly and by drawing critical scrutiny to other agencies' cyber practices: "Login creds for US agencies found scrawled on web's toilet walls," as the Register spins Recorded Future's findings. Concerns focus on compromise of security-clearance-related data. (That's the unsurprising story Newsweek reports concerning the FBI: the Bureau wasn't hacked, as the headline somewhat misleadingly suggests, but of course its personnel data passed through OPM.) OPM has released an account of what it's doing to clean up the problem, leading with an ill-timed paean to its current director's security leadership — Congress is unlikely to be mollified. NSA Director Rogers sounds a prim note of caution over attribution.
The Bundestag winces as it prepares to pay for cleaning up its surprisingly stubborn spyware infestation.
Researchers disclose significant vulnerabilities in Adobe Reader, Windows, and Android's Instapaper. The Dyre banking Trojan is proving newly troublesome. Symantec has an analysis.
US Defense Secretary Ashton Carter wants NATO to upgrade cyber defensive capabilities before it works on offense.
Spectrum management will have significant implications for the Internet-of-things, and manufacturers want the US Federal Communications Commission to get allocation policies right.
The US SEC hunts "FIN4," a criminal group believed responsible for cyber-enabled insider trading.
Today's issue includes events affecting Australia, Canada, China, Czech Republic, Estonia, Finland, France, Germany, Iran, Israel, NATO, Romania, Russia, Slovakia, United States.
Dateline SINET Innovation Summit
SINET Innovation Summit 2015: "Connecting Wall Street, Silicon Valley and the Beltway"(SINET) SINET Innovation Summit connects America's three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental cybersecurity challenges is critical to the advancement of innovation in the cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on cybersecurity research projects
Regulation Systems Compliance and Integrity(US Securities and Exchange Commission) The Securities and Exchange Commission ("Commission" is adopting new Regulation Systems Compliance and Integrity ("Regulation SCI") under the Securities Exchange Act of 1934 ("Exchange Act") and conforming amendments to Regulation ATS under the Exchange Act. Regulation SCI will apply to certain self-regulatory organizations (including registered clearing agencies), alternative trading systems ("ATSs"), plan processors, and exempt clearing agencies (collectively, "SCI entities"), and will require these SCI entities to comply with requirements with respect to the automated systems central to the performance of their regulated activities
Israel Confirms It Was Cyber Attack Target(DefenseNews) Defense Minister Moshe Ya'alon confirmed Wednesday that Israel was the target of cyber attacks by Iran during last summer's Gaza war and by Hezbollah, which reportedly ran an operation going back three years
OPM 'not comfortable' yet admitting 18 million had data stolen(Washington Examiner) Office of Personnel Management Director Katherine Archuleta said that she "is not comfortable" corroborating anonymous reports circulating that sensitive information from as many as 18 million current, former and potential federal employees and their families is in the hands of hackers, after they twice attacked OPM's files last year
Price tag for OPM breach at least $19 million(Christian Science Monitor Passcode) The beleaguered head of the Office of Personnel Management returned to Capitol Hill on Tuesday for the first in a trio of hearings this week over the hack that exposed millions of personal files
NSA Chief Casts Doubt on China as Main Suspect in OPM Data Theft(National Defense) China may not have been responsible for the massive data breach at the Office of Personnel Management that resulted in the theft of millions of government worker records, according to the director of the National Security Agency. Director of the NSA and head of U.S. Cyber Command Adm. Mike Rogers said the process of attributing the OPM data breach is ongoing, and that he does not accept the "assumption" that the breach has been attributed to China, in response to a question during a speech at the GeoInt 2015 conference
Why the OPM Data Breach is Unlike Any Other(Center for Democracy and Technology) The scope of the recent hack of the Office of Personnel Management (OPM), in which the records of millions of current and former federal employees were breached, is exponentially greater than the many other recent headline-generating breaches in the private sector. This breach not only impacts government employees but countless of their partners, associates, and confidantes, and the stolen information includes some of the most intimate personal details about the individuals affected. It also raises real questions about the government?s ability to safeguard the data in its possession, and makes somewhat disingenuous the government?s call to strengthen and enforce private-sector security systems
Official Warns of DoD's Sloppy Cyber Hygiene(Defense News) The Defense Department is struggling to apply software patches for known vulnerabilities in a timely way, leaving systems open to hackers, a senior Pentagon official said Wednesday
Deadly Windows, Reader font bugs can lead to full system compromise(Help Net Security) "Even in 2015 — the era of high-quality mitigations and security mechanisms - one good bug still suffices for a complete system compromise," Mateusz Jurczyk, an infosec engineer with Google Project Zero, noted in a recent talk at the REcon security conference in Montreal
Don't Cry Wolf: Tracking Dyre Wolf's Evolution(OPSWAT Blog) Banking Trojans are nothing new to security experts and citizens around the globe. Many banking Trojans seem to come and go, while others leave a reputation that will forever be burned into the psyche of security analysts, such as Carberp, Citadel, Spyeye and of course, Zeus
Elusive HanJuan EK Drops New Tinba Version (updated)(MalwareBytes Unpacked) Update: Dutch security firm Fox-IT has identified the payload as a new version of Tinba, a well-known banking piece of malware.In this post, we describe a malvertising attack spread via a URL shortener leading to HanJuan EK, a rather elusive exploit kit which in the past was used to deliver a Flash Player zero-day
Fraud Alert — Business E-mail Compromise Continues to Swindle and Defraud U.S. Businesses (FS-ISAC) FS-ISAC members and federal law enforcement agencies continue to report an increase in wire transfer fraud against U.S. businesses through a scam referred to as "Business E-mail Compromise" (BEC).a BEC is a type of payment fraud that involves the compromise of legitimate business e-mail accounts for the purpose of conducting an unauthorized wire transfer. After a business e-mail account is compromised, actors use the compromised account or a spoofed account to send wire transfer instructions. The funds are primarily sent to Asia, but
funds have also been sent to other countries all over the world
Hershey Park Investigates Card Fraud Pattern(KrebsOnSecurity) Hershey Park, a popular resort and amusement park in Hershey, Pa. has hired a security firm to investigate reports from multiple financial institutions about a possible credit card breach, KrebsOnSecurity has learned
Six key facts about malicious macros and the cybercrime economy(Help Net Security) Cybercrime is big business and criminals are increasingly exploiting people to circumvent automated protection systems. Cybercriminals have, in the last nine months, increasingly returned to cost-effective macros to reach more targets and see a greater return on their financial investment
Security Patches, Mitigations, and Software Updates
iOS 9, Android M Place New Focus On Security, Privacy(InformationWeek) Google and Apple have publicly challenged calls from law enforcement agencies to weaken encryption on consumer devices. In turn, iOS 9 and Android M will sport a string of new security and privacy features for users
Docker To Defang Root Privilege Access(InformationWeek) Docker's upcoming 1.8 release will answer security concerns by separating a running container's root privilege from that of its owner to avoid the owner becoming a "Superuser"
Common cybersecurity myths debunked(CSO) One of the greatest challenges for organizations attempting to address cybersecurity risks is the number of fundamental security myths that cause organizations to incorrectly assess threats, misallocate resources, and set inappropriate goals. Dispelling those myths is key to developing a sophisticated, appropriate approach to information security
IT: Forget the device, secure the data(CSO) Last June, Wisegate, a crowd sourced IT research company, surveyed hundreds of its senior-level IT professional members to assess the current state of security risks and controls in business today. The respondents considered malware and breaches of sensitive data to be the primary security risks/threats, followed by malicious outsider risk
Cybersecurity stocks sell off following Fortinet downgrade(Seeking Alpha) Baird has downgraded Fortinet in response to a healthy 2015 run-up, and many security tech peers have joined the company in seeing profit-taking (HACK -1.3%). The Nasdaq is down just 0.1%. Decliners include FireEye (FEYE -2.3%), Qualys (QLYS -6.7%), KEYW (KEYW -5.1%), Check Point (CHKP -1.9%), Barracuda (CUDA -2.5%), Vasco (VDSI -2.5%), and Proofpoint (PFPT -1.8%). UBS downgraded FireEye to Neutral two days ago while citing valuation, and also cut Symantec to Sell. RBC has hiked its Qualys target by $6 to $44 today, while reiterating a Sector Perform
Why Light Point Security is all about 'isolation'(Technical.ly Baltimore) CEO Zuly Gonzalez explains the thinking behind her cybersecurity company's products. Light Point recently signed a pair of deals with other firms to grow its customer base
Practical guidance for CISOs from former federal security adviser(CSO) In this edition of the Irari Report, Ira Winkler and Araceli Treu Gomes interview Howard Schmidt, who served as the cybersecurity adviser to both President George W. Bush and President Barrack Obama, Chief Information Security Officer of Microsoft and eBay, among other senior and operational roles in industry and government. Schmidt provides extremely practical guidance for security practitioners and executives, as well as business executives as to how they can create more effective security programs and advance in their careers
Georgia Tech Receives Nearly $2 Million for Naval Research to Bolster Cyber Defense(Newswise) Researchers from the College of Computing at Georgia Institute of Technology in Atlanta have been awarded nearly $2 million from the Department of the Navy, Office of Naval Research (ONR) and the Assistant Secretary of Defense for Research and Engineering (ASD R&E) to fund projects that will bolster defense and other large-scale systems against cyber attack
Nothing cryptic: Israeli scientist works to simplify information security(JNS) You want to send a PDF to your colleague, but the information is sensitive. You password-protect the document (encryption) and store it on your flash drive. To read the PDF, you share that password with your colleague, who uses it to gain access to the file (decryption). The goal is to ensure that someone who does not know the password cannot decrypt the PDF
Utica College Unveils New Masters in Cyber Policy and Risk Analysis(gnomes) Utica College's new online degree, Master of Professional Studies in Cyber Policy and Risk Analysis, will educate and prepare cybersecurity professionals to understand and deal with the unique policy-related challenges that are present in the dynamic field of cybersecurity
Legislation, Policy, and Regulation
Spectrum Management, IoT Security, and Economic Growth(The CyberWire) Spectrum management is an issue for both Internet-of-Things security and technological innovation. We spoke with Brian Raymond of the National Association of Manufacturers on the implications spectrum policy will have for both security and economic growth
Obama raises cyber, maritime concerns with Chinese(Military Times) President Obama closed out two days of talks between U.S. and Chinese officials on Wednesday by raising concerns about Chinese cyber behavior and tensions over disputed seas of East Asia. He urged China to take action to reduce the tensions, the White House said
Actions to Strengthen Cybersecurity and Protect Critical IT Systems(US Office of Personnel Management) The recent intrusions into U.S. Office of Personnel Management (OPM) systems that house personnel and background investigation data for Federal employees and other individuals have raised questions about the security of OPM data and the integrity of its Information Technology (IT) assets. Since Director Archuleta arrived at OPM, she has led the agency in taking significant strides to enhance cybersecurity and modernize its IT systems ? strides that are in many ways forging new territory and laying groundwork for the rest of government. But recently discovered incidents have underscored the fact that there is clearly more that can and must be done. Government and non-government entities are under constant attack by evolving, advanced, and persistent threats and criminal actors. These adversaries are sophisticated, well-funded, and focused. For that reason, efforts to combat them and improve Federal IT and data security must be constantly improving as well
McCaul says OPM hack should push Senate to act on cyber(FCW) The recently disclosed theft of information on federal employees from government systems should provide the Senate with the necessary urgency to pass cybersecurity legislation, according to one of bill's key sponsor in the House
Senate spy panel approves annual policy bill(The Hill) The Senate Intelligence Committee unanimously approved the fiscal 2016 Intelligence Authorization Act on Wednesday, advancing the annual policy bill to the chamber floor
Counterterrorism, Backdoors, and the Risk of "Going Dark"(War on the Rocks) The terrorist threat to the United States is evolving rapidly, especially in terms of the methods by which extremists communicate. Counterterrorism analysts and operators face a variety of technical challenges to their efforts. In Oct. 2014, Federal Bureau of Investigation (FBI) Director James Comey warned of the growing risk of "going dark," whereby intelligence and law enforcement agencies "have the legal authority to intercept and access communications and information pursuant to court order," but "lack the technical ability to do so." European Police Chief Rob Wainwright has warned that terrorists are using secure communications in their operations more frequently, a technique the Islamic State of Iraq and the Levant (ISIL) is apparently pioneering. The emergence of secure messaging applications with nearly unbreakable end-to-end encryption capabilities such as surespot, Wickr, Telegram, Threema, and kik highlights how rapid technological change presents a powerful challenge to security and counterterrorism agencies
Why We Need To Take A 'Spartacus' Approach To Data Encryption(LifeHacker) Encryption is still the most effective way to achieve data security from outside threats. However, it can also throw up a red flag that your data is worth stealing — and could even convince government agencies that you have something to hide. According to encryption expert and Silent Circle founder Phil Zimmermann, the solution is for businesses to band together, Spartacus style
Carter: NATO must bolster cyberdefense(AP via KXNews) NATO must improve its ability to defend itself against cyberattacks before it tries to build its offensive cyberwarfare capabilities, Defense Secretary Ash Carter told alliance leaders Wednesday amid rising tensions with Russia, which has proven its willingness to launch computer-based attacks against other nations
NSA Chief Wants to Watch, as Well as Listen and Read(Intercept) The National Security Agency, while primarily occupied by sweeping up billions of phone calls, emails, texts and social media messages each day, wants better visual information about the earth and its residents, too, Admiral Michael Rogers said Wednesday
Brigadier Alan Hill: Cybersecurity In The Military Domain(Cybersecurity Dojo) Brigadier Alan Hill is head of Operate and Defend, Information Systems and Services for the UK Ministry of Defence. He was previously the Army's head of Information Superiority with CIO responsibilities for the military branch. He was commanding officer of the 3rd Division Signal Regiment and the commander of the 11th Signal Brigade. It's fair to say that when it comes to running a tight IT ship, Brigadier Hill knows a thing or two
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cargo Logistics America(San Diego, California, USA, December 2 - 3, 2015) Cargo Logistics America (CLA) connects freight owners with freight movers, fostering multimodal synergy between diverse stakeholders in import, export and domestic supply chains. This year's conference...
Fifth Annual International Cybersecurity Conference(Tel Aviv, Israel, June 22 - 25, 2015) The conference, held jointly this year by the Yuval Ne'eman Workshop for Science, Technology and Security, the National Cyber Bureau, the Prime Minister's Office, the Blavatnik Interdisciplinary Cyber...
Cyber Security for Defense(Augusta, Georgia, USA, June 24 - 26, 2015) This conference serves as an opportunity for solution providers to break through the background noise and present their unique ideas and products in an environment specifically tailored to highlighting...
AFCEA PNC Tech & Cyber Day(Tacoma, Washington, USA, June 25, 2015) The Armed Forces Communications & Electronics Association (AFCEA) - Pacific Northwest Chapter (PNC) will once again host the 5th Annual Information Technology & Cyber Day at Joint Base Lewis-McChord (JBLM)...
Cybersecurity Outlook 2016(Tysons Corner, Virginia, USA, June 26, 2015) Cybersecurity Outlook 2016 is a breakfast event by Potomac Tech Wire and Billington CyberSecurity that brings together senior executives in the Mid-Atlantic to discuss technology issues in a conversational,...
NSA Information Assurance Symposium (IAS) 2015(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
US News STEM Solutions: the National Leadership Conference(San Diego, California, USA, June 29 - July 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow...
Information Assurance Symposium(Washington, DC, USA, June 29 - July 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred...
Cyber Security for Healthcare Summit(Philadelphia, Pennsylvania, USA, June 29 - July 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part...
Cybergamut Tech Tuesday: The Truth About Security Your System(Elkridge, Maryland, USA, June 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic...
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.