Commentators and defense intellectuals weigh the costs and benefits of restricting ISIS access to social media and run up against the old electronic warfare trade-off: you can no longer intercept what you jam.
Businesses reassess the cyber threat from state actors in the wake of the Gemalto affair. What do you do when those intruding into your systems aren't just bad guys, but, effectively, those you might have thought of as friends and family? Gemalto itself casts its experience as a privacy issue as opposed to a security problem, which is certainly one way of looking at it.
Users continue to purge their devices of Lenovo's unhappy Superfish experiment. Microsoft says its Malicious Software Removal Tool shows that about 250,000 machines have been scrubbed.
Bromium reports a new variant of Cryptolocker targeting files associated with games. (These are apparently single-player games — popular, but not necessarily the most popular.) FireEye reports another criminal development: exploitation of real-time advertising bidding networks to spread ransomware.
Various sectors struggle with question of assessing cyber value-at-risk. Insurance companies are obviously concerned with the question, not only as underwriters, but for judging their own exposure as well. Other businesses take calculated risks with respect to addressing their own vulnerabilities (one hopes the calculations are sound).
OpenDNS acquired BGPmon. Bloomberg reports that Websense is for sale. PayPal, preparing for its spinoff from eBay, may have a security acquisition strategy.
NIST announces cyber research grant topics for small businesses.
The US Government receives advice on cyber information sharing.
Today's issue includes events affecting Australia, Canada, European Union, Indonesia, Iraq, Republic of Korea, Syria, United Kingdom, United States.
SINET's ITSEF conference opens next Tuesday in Mountain View, California, and the CyberWire will be there to cover it. We'll be live-tweeting from the event, and on Wednesday our editor will moderate a panel on emerging trends in cyber attack.
Cyber Attacks, Threats, and Vulnerabilities
Weighing the pros, cons of blocking ISIS's access to social media(Homeland Security Newswire) The Islamic State has successfully used social media to spread its ideology, share videos of beheadings, and recruit new followers. U.S. counterterrorism agencies have launched their own social media campaigns to diminish ISIS's effects on would be jihadists, but some officials have considered whether it would be simpler to cut off ISIS from social media networks altogether. Doing so would no doubt limit ISIS's reach on Western recruits, but could it create a challenge for officials looking to monitor the group's activities?
Enterprise Security vs. Nation State Threat Actors(Dark Matters) The recently published slides regarding the Gemalto hack have caused quite a stir amongst security practitioners, board members and politicians alike, but the uproar is minor when considering that it is now more than clear that not only non-allied nations such as China, Russia and Iran are attacking commercial entities
New crypto-ransomware encrypts video games files(Help Net Security) A new piece of ransomware that (mis)uses the Cryptolocker "brand" has been analyzed by Bromium researchers, and they discovered that aside from the usual assortment of file types that ransomware usually targets, this variant also encrypts file types associated with video games and game related software
MazelTov! More Android Malware Coming to a Mobile Device Near You(IBM Security Intelligence) Today's motley cybercrime economy is by no means unfamiliar grounds to those tasked with defending their organizations from its many nefarious devices. Cybercriminals congregate in underground forums and darknets globally, peddling everything a would-be cybercriminal could need, from identities and exploits to Web injections or a place to hide a botnet
Huge IT Slider WordPress plugin opens SQL injection hole(Help Net Security) The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website administrators and anonymous attackers to inject and execute arbitrary SQL queries within the application's database
KHNP hacker demands money to withhold documents(World Nuclear News) A hacker who launched a cyber attack on Korea Hydro and Nuclear Power (KHNP) last December has released more files and demanded money in return for not exchanging sensitive information with third countries
Florida Not the First to Suffer Testing Cyber Attack(Sunshine State News) Florida is the latest victim of a cyber attack, leaving many students unable to log in and complete the writing portion of the Florida Standards Assessment, but the Sunshine State hasn’t been the only place where technological issues have caused problems for standardized testing
Security Patches, Mitigations, and Software Updates
Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks(Virus Bulletin) Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy. Patching is hard, especially when the code base is old and the bugs are buried deeply. This was highlighted once again this week when Microsoft released a patch for a vulnerability that was thought to have been patched almost five years ago, but which could still be exploited
How Data-Breach Hype Undermines Your Security(Tom's Guide) Some media outlets called last month's data breach at health-insurance company Anthem, which resulted in the theft of highly sensitive personal information pertaining to up to 80 million people, a "sophisticated attack." However, later reports showed that weak authentication had let hackers into the database, and that a lack of proper encryption had allowed the personal information to be shared
Online security in insurance sector(ComputerWeekly) Much of Quocirca's research looks at the differing attitudes to IT between various business sectors. For example a 2014 report titled Online domain maturity, which was sponsored by Neustar, showed that retailers and financial services were the most likely to interacting online with consumers. Another 2015 report, Room for improvement, Building confidence in data security, which was sponsored by Digital Guardian, showed that by some measure, financial services were the most confident about data security
The reason companies don't fix cybersecurity(CBS News) U.S. air traffic control systems are vulnerable to hackers, says the General Accounting Office. Cybercriminals target retail loyalty cards. Obsolete encryption leaves phones vulnerable
OpenDNS Acquires BGPmon(BusinessWire) OpenDNS enhances cloud-delivered security services and research capabilities with acquisition of network monitoring company
PayPal Quickens Its Acquisition Pace For Enhancing Customer Security(GuruFocus) The online payments player, PayPal is about to be spun off from its parent company, eBay inc (EBAY), within the coming few months and the announcement of the spin off was done in last September. To compete better in the fast-moving online payments segment, PayPal acquired Braintree to boost its own mobile platform called OneTouch. Recently on March 10, PayPal has declared that is on the verge of completing another vital acquisition which would aid in preventing data breaches during online payment and thus would prevent hackers from deciphering confidential information of its golden customers
Bugcrowd seals $6 million Series A funding round(ZDNet) Australian-founded online crowdsourced security testing startup Bugcrowd is preparing for a period of rapid expansion after completing a $6 million Series A funding round led by Costanoa Venture Capital
4 Reasons Why FireEye Is My Top Pick In The Cybersecurity Space(Seeking Alpha) FireEye reported a 163% revenue increase in 2014 and is forecasting an additional 50% growth in 2015. The company gained notoriety in the first quarter of 2014 on word that its software had identified a breach at Target before it became a bigger issue. It's estimated that the penetration rates for next generation cybersecurity are still less than 10% leaving a lot of room for further revenue growth and investment. FireEye could end up being a takeover target for a big technology firm like Cisco
Palo Alto Networks: Well-Positioned In A Promising Industry(Seeking Alpha) Palo Alto Networks has impressed with its quarterly earnings, beating on many important metrics and growth figures. Palo Alto Networks continues to innovate at a torrid pace, consolidating market share and displacing legacy cybersecurity business. While Palo Alto Networks is well-positioned in the cybersecurity industry, there are still many risks associated with this constantly evolving digital space
3 mobile email solutions Hillary Clinton can use next time(FierceMobileIT) The stir surrounding Hillary Clinton and the choices she made as secretary of state regarding her mobile work practices have thrust secure device management into the national spotlight. And while the debate is raging over whether or not Clinton was as careful with state intelligence as she should have been, it has certainly made clear that the options users are offered in today's marketplace far outstrip what was available then
Webroot Helps 443 Networks Harness The Power Of Collective Threat Intelligence(BusinessSolutions) Webroot, the market leader in cloud-based, real-time internet threat detection, recently announced a partnership with 443 Networks, a developer and distributor of security platforms. The partnership provides 443 Networks with a highly distributed and highly cooperative learning system to deliver smarter security with Webroot BrightCloud Security Services
Swimlane launches automated security operations management platform(GCN) Phoenix Data Security has announced the launch of Swimlane, a new security operations management platform and company focused on empowering enterprises and government agencies with data-driven automation and orchestration for incident response and improved security operations
netool.sh - MitM Pentesting Opensource T00lkit(Kitploit) netool.sh toolkit provides a fast and easy way For new arrivals to IT security pentesting and also to experience users to use allmost all features that the Man-In-The-Middle can provide under local lan, since scanning, sniffing and social engeneering attacks "[spear phishing attacks]"
Technologies, Techniques, and Standards
The first 72 hours are critical for hacking victims(Phys.org) If you've been hacked or had your identity stolen, time is of the essence when it comes to minimising the damage. Credit: Shutterstock.com
US President Barack Obama is seeking US$14 billion to tackle it. The UK wants to build a start-up industry around it. And Australia is in the middle of what could be a year-long review into getting better at it. The issue is cyber security, and at risk is the entire digital economy and consumer confidence in it. In this Cyber insecurity series we investigate the size and nature of the cyber crime threat, the industry growing with it, and the solutions emerging to get in front of it
Preventing fraud through enterprise password management(Help Net Security) The past few years the world has seen various incidents where students have fraudulently modified their school grades, progress reports and attendance records. Recently, there was the incident at the Dutch Barleaus Gymnasium where pupils managed to glean the principal's password, upon which they modified their grades and attendance data from throughout the entire year
Determining Whether a HIPAA Data Breach Occurred(HealthITSecurity) Covered entities need to be able to determine if a HIPAA data breach has taken place following the potential exposure of sensitive data. The implementation of the HIPAA Omnibus Rule slightly changed this process, in that there were new determining factors for assessing exactly what constitutes a data breach
Meet the Air Force's future cyber force(FCW) The young Air Force Academy cadets are glued to their computer screens, staring at jumbled lines of code. One is trying to hack a website in a competition sponsored by the Pentagon's research arm. Another is working on reverse-engineering problems generated by a Korean website
South Dakota CAP cyber team at national competition(KELO) A team of cadet cyber-sleuths from the Big Sioux Composite Squadron in Brookings, members of the Civil Air Patro's South Dakota Wing, are competing in the national finals of CyberPatriot-VII which began today in Washington, D.C. The national finals competition runs from11-15 March
UA to Launch Interdisciplinary Cyber Crime Minor(UA News) The demand for cyber professionals doesn't look to be slowing down. The Pentagon and Congress announced March 5 the approval to hire 3,000 civilian cyber experts, in part because of growing cyber security threats and the struggle by Cyber Command to keep up
Cyber-Security University Announces Accreditation(Virtual Strategy Magazine) EC-Council University (ECCU), sister company of the world-renowned EC-Council creator of the Certified Ethical Hacking Certification (CEH), announces their accreditation from Distance Education Accrediting Commission
Securing territorial sovereignty in cyberland(Jakarta Post) Decades ago, a computer was nothing more than a calculating device plugged into an electrical outlet in the wall. Yet now we see many forms of computers, like digital watches, smartphones, tablets and whatnot
Cyber Threat Information Sharing: Recommendations for Congress and the Administration(Center for Strategic and International Studies) As technology and the Internet continue to evolve and grow in complexity, so, too, does the nature of cyber attacks. The economics of cyber attacks are skewed to favor the attacker: exploits are easily acquired and can be reused on multiple targets, and the likelihood of detection and punishment is low
CISA Cybersecurity Bill Advances Despite Privacy Concerns(Wired) For months, privacy advocates have been pointing to flaws in CISA, the new reincarnation of the cybersecurity bill known as CISPA that Congress has been kicking around since 2013. But today that zombie bill lurched one step closer to becoming law
How the CIA can get from spy to cyberspy(Los Angeles Times) Agility and digital savvy traditionally haven't been the strong suits of government agencies, so it's encouraging that CIA Director John O. Brennan wants a big investment in cyberespionage and a new Directorate of Digital Innovation as part of what he calls a "bold" reorganization of the CIA. Brennan's overhaul is commendable, but it's urgent to do more to make his agency cyber literate
Coast Guard cyber plan to focus on ports, shipping(Federal Times) The Coast Guard plans to unveil a new cyber security strategy within the next month that focuses on protecting not only Coast Guard networks and systems from cyber attacks, but also the country's 3,600 sea ports and the ships they serve
DHS CIOs see cyber, budgets as top concerns(FCW) Cybersecurity remains the biggest headache for CIOs at the Department of Homeland Security, but they say the steady drumbeat of smaller and smaller budgets stings, too
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
B-Sides Vancouver(Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between
Insider Threat 2015 Summit(Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...
2015 North Dakota Cyber Security Conference(Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...
Philadelphia SecureWorld(Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
2015 Cyber Security Summit(McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...
BSides Salt Lake City(Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation
B-Sides Salt Lake City(Salt Lake City, Utah, USA, March 20 - 21, 2015) B-Sides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation
CarolinaCon-11(Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...
Cyber Security Conference 2015(Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...
Fraud Summit Altanta(Atlanta, Georgia, USA, March 24, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Atlanta event include...
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
28th Annual FISSEA Expo(Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.