ESET attributes Babar espionage malware (and probably its Casper and Bunny cousins) to France DGSE. Its principal targets appear to be (have been?) Syrian.
Bluebox finds preinstalled malware in a Xiaomi Mi 4 smartphone. Signs that the malicious code was inserted by third-party tampering arouse fears of the retail supply chain's security.
Researchers track the evolution of some familiar malware kits and botnets. In some cases these gain functionality, in others, shed capability.
Some 46,000 Twitter accounts seem at least nominally devoted to the cause of the Islamic State. Amid signs of domestic fraying — infighting, local disaffection, murky adherence of Boko Haram — the Caliphate continues to draw foreign fighters seeking authenticity in jihad. Much of its information operations push is directed toward potential Western recruits who seem attracted by ISIS's grotesque and unapologetic propaganda-of-the-deed, the sort of traffic US NSA Director Rogers deplored in a plea to media to stop "feeding" terror groups.
ISIS is also having success inducing various hackers to claim allegiance to the Islamic State as they vandalize Western websites. The choice of targets resembles AnonGhost's long-standing campaign against poorly defended, low-profile networks — attacks recently hit a Montana credit union and a Biloxi, Mississippi, blues-and-barbecue joint — and suggests that ISIS is inspiring script kiddies. The FBI is investigating.
The still-immature cyber insurance market is developing a comprehensive approach to cyber risk. (While it matures, read your policies' fine print.)
A tight cyber labor market gets tighter as the US military increases recruiting (and retention) in the field.
Today's issue includes events affecting Australia, Cameroon, Canada, Chad, China, Denmark, Estonia, European Union, France, Iraq, Ireland, Malaysia, New Zealand, Niger, Nigeria, Switzerland, Syria, Russia, United Kingdom, United States.
The CyberWire will be offering special coverage of SINET's ITSEF conference in Mountain View, California, next week. We'll also be live-tweeting from the event, and our editor will be moderating a panel on emerging trends in cyber attack.
What Happened to You, Asprox Botnet?(Internet Storm Center) Earlier this year, @Techhelplistcom reported the spam and landing site infrastructure used to spread Asprox malware switched to porn-related URLs. This started back in mid-January 2015, and I still haven't seen much about it in the open press. Since then, this infrastructure has continued spreading links to pornography or diet-related scams
How Malware Generates Mutex Names to Evade Detection(Internet Storm Center) Malicious software sometimes uses mutex objects to avoid infecting the system more than once, as well as to coordinate communications among its multiple components on the host. Incident responders can look for known mutex names to spot the presence of malware on the system. To evade detection, some malware avoids using a hardcoded name for its mutex, as is the case with the specimen discussed in this note
NSA warns not to 'feed' terrorist agenda(The Australian) The chief of America's powerful National Security Agency has warned social and traditional media outlets against "feeding" and "perpetuating" the agenda of radical terrorist groups such as Islamic State by publishing horrific images displaying their barbarity
Islamic State appears to be fraying from within(Washington Post) The Islamic State appears to be starting to fray from within, as dissent, defections and setbacks on the battlefield sap the group's strength and erode its aura of invincibility among those living under its despotic rule
Why Are Foreign Fighters Joining ISIS?(The Atlantic via Defense One) Foreign fighters participate in some of ISIS' 'worst acts,' but there isn't one clear explanation on why they join the battle in the first place
Boko Haram's pledge of allegiance to ISIL is a symptom of weakness, not strength(Quartz) The Islamic terrorist group Boko Haram has pledged allegiance to the Islamic State group this weekend, just hours after it set off five bombs in busy areas of Maiduguri, northeast Nigeria's largest city, killing 54 people and injuring 146, according to local authorities. Boko Haram leader Abubakar Shekau pledged allegiance to ISIL through a video shared on a Twitter account that has since been suspended.
Point-of-Sale Vendor NEXTEP Probes Breach(KrebsOnSecurity) NEXTEP Systems, a Troy, Mich.-based vendor of point-of-sale solutions for restaurants, corporate cafeterias, casinos, airports and other food service venues, was recently notified by law enforcement that some of its customer locations have been compromised in a potentially wide-ranging credit card breach, KrebsOnSecurity has learned
N. Korea orchestrated cyber attack on Sony Pictures: Sankei Shimbun(Airirang News) A new report by a Japanese daily backs the U.S. claim that North Korea carried out last year's cyber attack on Sony Pictures. The Sankei Shimbun on Sunday reported a claim by a former officer of Pyongyang's Reconnaissance General Bureau, who said the bureau director, General Kim Yong-chol, orchestrated the attack
St. Mary's Reports Cyber Attack Affecting 4,400 People(Tristate) A cyber attack at a Tri-State hospital leaves thousands of local people potentially at risk. St. Mary's Health officials report a hacking attack has compromised the personal information of approximately 4,400 individuals
Stuxnet, Snowden and Sony: Why we've passed the cyber security tipping point(CSO) Heavy-handed pressures from tech-unaware legislators, successful strikes by laterally-thinking hackers, a growing tide of dissent about government intervention and corporate concerns about last year's massive hack of Sony Pictures corporate documents have pushed us past the security tipping point into an environment where cyber-attacks will increasingly become favoured tools of nation states and terrorist groups, a leading security journalist has warned
Financial firms are putting more stock in the cloud(Help Net Security) Many financial firms are slowly putting more stock in the cloud. That's a key finding from a new Cloud Security Alliance (CSA) survey, which targeted executives from banking, insurance and investment firms around the world
Why hacking is not a victimless computer crime(Channel 4 News) Hacking often seems a victimless offence. When the National Crime Agency announces it's arrested 57 alleged computer hackers, it's easy to believe that the crimes they're accused of didn't really "harm" anyone
"New era" of cyber crime leaves financial institutions uninsured(Insurance Business) After an international group of hackers managed to bypass customers and steal directly from banks, cyber insurance experts are warning that brokers have a renewed responsibility to work with underwriters to ensure all potential coverage gaps are filled
Detectify picks up €1.5 million to hack your startup(Arctic Startup) Stockholm-based Detectify has been a fun company to follow. With a team of hackers (in both the startup and Hollywood sense) they've done everything from hacking Google, Facebook, Spotify, Klarna, and Stripe for bug bounty programs. Taking their ethical hacker knowledge mainstream, they've built a "get hacked as a service" tool for anyone to hack their own web service and see how their cyber security stacks up
Leidos makes cyber divestiture(Washington Technology) Since January of 2014, Leidos has said it was looking to sell its Clouldshield Technologies business, and now 14 months later, it has found a buyer
The best mobile anti-virus software available(IT Pro Portal) With Mobile World Congress now behind us, we can reflect on an event dominated by innovative wearables, cutting-edge smartphones and flashy VR headsets, but which also showcased the importance of security
BioCatch pitches behavioural biometrics to detect new acount fraud(Finextra) BioCatch, the global leader in Behavioral Biometrics™, Authentication and Malware Detection, announced today the launch of its New Account Fraud Detection solution which detects fraud in new user accounts in the retail banking, eCommerce and payments industries.
U.S National Security Approved Samsung Devices for Secret Mission(Insight Ticker) Samsung Electronics informed that U.S National Security Agency permitted the use of a Samsung smartphone for their official tasks. The officials will utilize the Galaxy devices to transfer confidential information and data which will certainly improve the reputation of the company
Technologies, Techniques, and Standards
Cyber Insurance: Managing the Risk(Tripwire: the State of Security) Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations — but what actually is it?
FREAK flaw: How to protect yourself now(ZDNet) The FREAK security hole is more widespread than previously thought. Here's everything users and system administrators need to know in order to stay safe now
Breaches Reveal Patch Management Weaknesses(Credit Union Times) First Moscow-based security firm Kaspersky Lab revealed a cybercriminal gang raided up to 100 financial institutions internationally for an estimated $1 billion. Then, the San Diego based Identify Theft Resource Center said that as of March 4, there had been 14 breaches, including one credit union, affecting almost 400,000 records in the financial sector this year
CyberWar Game Simulates Healthcare Attacks(Forbes) Last week was rough for County West General Hospital. Its IT staff noticed almost immediately that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals appeared to be compromised
Robocall spotting contest launched by FTC(Naked Security) The US Federal Trade Commission (FTC) has launched a pair of competitions to stimulate research into technological approaches to the problem of robocalls
Research and Development
Google Tackles Quantum Computing's Hardest Problem: Errors(Wired) The promise of quantum computing is computers powerful enough to break the encryption techniques we now use to protect the world's data. But realizing that promise means, among other things, cracking a thorny paradox. A basic operation of any computer is checking for mistakes. But by the logic of quantum computing, the act of checking is itself likely to create an error
An Unhackable QR Code to Fight Bogus Chips(IEEE Spectrum) To combat the rising threat posed by counterfeit microchips, researchers from the University of Connecticut now suggest the QR codes often used in ads and signage could be made nearly impossible to hack for use in security
The EMBERS Project Can Predict the Future With Twitter(Newsweek) For the majority of Americans born after World War II, it is unlikely Arlington, Virginia, holds any special significance. But for those who know that the outcome of the war largely hinged on Imitation Game-style code-breaking, Arlington has a mystique as the epicenter of American military cryptanalysis
IT Digest: Siemens gives GWU a $30 million grant(Washington Post) George Washington University picked up a $30 million grant from Siemens, the German conglomerate that bases its U.S. headquarters in the District, to give engineering students access to the company's manufacturing software, the firm said last week
Post-graduate course in cyber security(Star Online) BAE Systems is further strengthening its long-term commitment to Malaysia by agreeing to fund a new post-graduate programme in Cyber Security at the National Defence University of Malaysia
New Zealand PM refuses to rule out mass surveillance(ZDNet) New Zealand's prime minister has refused to rule out the possibility that the country's electronic spy agency conducts mass surveillance, while suggesting that New Zealanders are not legally entitled to be told when their communications data is collected
On Cyber Arms Control (Apropos of the New York Times Editorial)(Lawfare) A bit late, but one more observation about the New York Times editorial calling for cyber arms control. In their words, "the best way forward [to reduce cyber threats] is to accelerate international efforts to negotiate limits on the cyberarms race," in much the same way that we did with the nuclear arms control treaties of the Cold War
Cybercom Chief: Cyber Threats Blur Roles, Relationships(Ameriforce) Over five years of U.S. Cyber Command operations, global movement of threat activity through cyberspace has blurred roles and relationships among government agencies, as well as between the public and private sectors and the real and virtual worlds, the Cybercom commander told a House panel
The Doomed Quest For The Golden Key(TechCrunch) Some months ago, the Washington Post waded into the debate about the NSA, pervasive surveillance, and end-to-end encryption with a call for Apple and Google to magically "invent a kind of secure golden key they would retain and use only when a court has approved a search warrant." This was met with a chorus of contempt and opprobrium
Cyber-Liberty Depends on Cyber-Security(American Thinker) My colleagues at the Fraser Institute have just published a report examining the issue of cyber-security from an underappreciated but crucial perspective, namely, the importance of cyber-security to liberty
Cybersecurity Challenges for Canada and the United States(Fraser Institute) The Internet was designed not with security in mind, but rather openness and the free flow of information. The resulting globally connected nature of the Internet has brought unprecedented levels of information and commercial exchange, contributed enormous gains to individual prosperity, empowered individuals, and promoted and expanded individual liberty. Only in recent years have governments, militaries, industries, firms, and individuals come to grips with the importance of protecting this critical sphere of activity on which so much liberty, property, and security depends. How to protect legitimate activity in cyberspace without compromising its open character is the challenge
Cyber Warriors Need Not Be Soldiers(Discover) Throughout history, warriors of all cultures have trained their bodies to endure physical hardship and combat, whether they wielded swords and shields or carried guns and ammunition. In the 21st century, countries such as China and Estonia have recruited a new breed of warriors who fight as part of cyber militias rather than as official military personnel in uniform
Lawmakers target data brokers in privacy bill(IDG via CIO) Four U.S. senators have resurrected legislation that would allow consumers to see and correct personal information held by data brokers and tell those businesses to stop sharing or selling it for marketing purposes
Feds Indict Three in 2011 Epsilon Hack(KrebsOnSecurity) U.S. federal prosecutors in Atlanta today unsealed indictments against two Vietnamese men and a Canadian citizen in connection with what's being called "one of the largest reported data breaches in U.S. history." The government isn't naming the victims in this case, but all signs point to the 2011 hack of Texas-based email marketing giant Epsilon
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Fraud Summit Chicago(Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include...
Fraud Summit Boston(Boston, Massachusetts, USA, June 10, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Boston event include...
Fraud Summit San Francisco(San Francisco, California, USA, September 15, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Among the areas to be discussed are...
OISC: Ohio Information Security Conference(Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference...
RiSK Conference 2015(Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region.
B-Sides Vancouver(Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between
Insider Threat 2015 Summit(Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...
2015 North Dakota Cyber Security Conference(Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...
Philadelphia SecureWorld(Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
2015 Cyber Security Summit(McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.