ISIS (whose nominal sympathizers continue their practice of whacking at poorly protected sites in the American Midwest — this time at an Indianapolis artisan group) posts a sinister call asking supporters to attack US military personnel in their homes. The Caliphate helpfully publishes a doxed list of service members and their addresses, gleaned apparently from public sources. Such episodes illustrate the degree of nuisance (and menace) achievable with very modest technical skills.
The Rocket Kitten APT group (linked to Iran's government) resurfaces with attacks on European and Israeli targets.
China's government denies involvement with last week's hack of Register.com, suggesting accusations to the contrary are basically another American provocation. (Back in America, the FBI is investigating the hack.)
Cisco announces discovery of new paycard-scraping point-of-sale malware, PoSeidon, caught exfiltrating stolen data to servers in Russia.
A site-hijacking bug is found in another WordPress plug-in. Pakistan blocks WordPress for "national security" reasons, but that's because of terrorist group Tehreek Taliban Pakistan's heavy use of the blogging platform, not any technical vulnerabilities.
A recently patched Flash vulnerability appears in the Nuclear exploit kit. Patched bugs are being weaponized at a noticeably faster pace — speed of patching grows in importance.
Bank of America customers are targeted in a phishing campaign that shows a new tactical wrinkle: use of spoofed email addresses with a .gov top-level domain.
Apple and Google continue purging their respective app stores. Analysts warn that leaky apps have become a principal enterprise threat.
High-profile hacking spurs a wave of security IPOs.
Today's issue includes events affecting Australia, Bangladesh, China, European Union, Finland, Germany, India, Iran, Iraq, Israel, New Zealand, Pakistan, Russia, Syria, United Arab Emirates, United Kingdom, United States.
The CyberWire will be in Atlanta at week's end, covering the Women in Cybersecurity conference on Friday and Saturday. We'll be live-tweeting from the event and will publish a wrap-up in our March 30 edition.
Chinese military denies role in reported U.S. hacking(Reuters) China's Defense Ministry on Friday denied that it had anything to do with a cyber attack on Register.com, a unit of Web.com, following a report in the Financial Times that the FBI was looking into the Chinese military's involvement
New Zealand Spied on WTO Director Candidates(Intercept) New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals
Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware(Cisco Blogs) Cisco's Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and technology security backgrounds. The team works directly with Cisco's Talos Security Intelligence & Research Group to identify known and unknown threats, quantify and prioritize risk, and minimize future risk
Cisco confirms IP phone eavesdropping flaw(IT News) Update: But successful exploit 'not likely'. Cisco's small business SPA300 and SPA500 internet protocol (IP) phones contain a vulnerability that if exploited, allows attackers to remotely listen in on audio from the devices
Fake job seeker's emails deliver ransomware and info-stealer(Help Net Security) The latest Cryptowall-delivery campaign comes with an additional menace: the Fareit Trojan, which is designed to steal logins and passwords from compromised computers, download additional malware, and can be used in DDoS attacks
Phishing and the .gov TLD(TrendLabs Security Intelligence Blog) Brand owners frequently use SPF and DKIM to protect their brands from email forgery. For example, a brand owner could register the same domain name under multiple top-level domains (TLDs) (such as .com, .net, .org, etcetera) and announce SPF/DKIM records for all of these domains (even if they were not actively being used). While generally effective, there is one loophole: what about the .gov TLD?
Premera hack: What criminals can do with your healthcare data(Christian Science Monitor: Passcode) The Premera Blue Cross breach gave hackers valuable financial and medical data on millions of people. That information can be sold on the black market to criminals looking to commit identity theft, obtain prescription drugs illegally, or commit insurance fraud
Open Letter to Premera Blue Cross CEO Jeffrey Roe(Digital Dao) Dear Mr. Roe: My wife and I were Premera Blue Cross customers during my tenure with Microsoft. During that time, we both had surgeries done and she has a long history of medical treatments. In other words, Premera Blue Cross holds a lot of very sensitive information on both of us, separate and apart from our social security numbers, dates of birth, and other personally identifiable information. I'm sure that many of your customers could say the same. This open letter serves to notify you of my intention to see that Premera Blue Cross is made an example of for the insurance industry, much like Target was for the retail industry for the following reasons
Nuisance Adware Blights Google Play Again(Infosecurity Magazine) Mobile security firm Lookout claims to have found 13 new pieces of adware in the Google Play app store, potentially affecting up to half a million users
Which Apps Expose Your Data to the NSA's Spying?(Tech Cheat Sheet) A recent Pew Research Center report found that some Internet users have changed their use of social networking services, apps, email, and even search engines as a result of former National Security Agency (NSA) contractor Edward Snowden's 2013 revelations about the government's pervasive online surveillance. So how does your smartphone — the device that many of us find indispensable in our day-to-day lives — have the potential to expose your personal data and your online activity to government snooping? How does your mobile device protect your anonymity, and how does it leave your communications vulnerable to interception by the NSA and other intelligence agencies?
Hilton Honors Flaw Exposed All Accounts(KrebsOnSecurity) Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number
PokerStars Account Hacks Lead to Questions About Site's Security(Flushdraw) For the past few days, discontent has been brewing in the poker community about possible security issues at PokerStars, or at least about how the world's largest poker room handles security issues. It appears that a number of accounts have been hacked and, in turn, drained of funds, but to the dismay of players, the poker room has not been of much help
2015 Global Megatrends in Cybersecurity(Infosec Island) The Ponemon Institute has published the "2015 Global Megatrends in Cybersecurity". Sponsored by Raytheon Company, the aim of this research is to understand the big trends or changes that will impact the security posture of organizations in both the public and private sector in the next three years
Speed of Tech Change a Threat to Cybersecurity(Wall Street Journal) Companies are having problems adapting to the speed of technological change, continue to use legacy technologies while trying to combat evolving cyberattacks, a report says
IT pros are taking action against the insider threat(Help Net Security) 2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organizations. Currently 56% of IT professionals in the US have an insider threat program already in place, and 78% of those remaining, or 34% of the total, are planning to put one in place this year. A further 6% are planning an insider threat program within five years
The High Cost of a Data Breach Data: Do You Have $5M to Lose?(CMS Wire) The average security breach costs between $3 million and $5 million. That's the alarming word from a new report on the importance of cybersecurity on enterprise IT from BDNA, a Mountain View, Calif.-based IT data intelligence provider
The decade of the data breach — how to cope(Information Age) The worst nightmare that CEOs and their board face today is not an unchecked competitive threat or insufficient market capitalisation, but that of the data breach
Hack Attacks Mean More Cyber Firms Will Go Public(Fiscal Times) Rapid7, LogRhythm and Mimecast are joining a growing list of cybersecurity firms planning to go public in 2015 to capitalize on investor interest following a spate of hacker attacks, according to people familiar with the matter
Raytheon: Rising Cybersecurity Ambitions(Seeking Alpha) Raytheon's increasing emphasis on its cybersecurity segment is a positive sign for the company, as cybersecurity will be more important than ever moving forward
UK Cyber Security: the Role of Insurance in Managing and Mitigating the Risk(HM Government) The cyber threat remains one of the most significant — and growing — risks facing UK business. 81% of large businesses and 60% of small businesses suffered a cyber security breach in the last year, and the average cost of breaches to business has nearly doubled since 20131. Working in partnership, the Government and industry have done much to improve understanding of cyber attacks and how to reduce their impact, yet more needs to be done. As part of this Government's long-term economic plan, we want to make the UK one of the safest places in the world to do business online
7 reasons why Israeli cyber-security will remain hot(Venture Beat) Is Israeli cyber-security worthy of its global reputation? Are the impressive price tags of recent M&As in the field justified? And will the field of cyber-security continue to be a driving force in the Israeli hi-tech ecosystem?
Nation's only IT apprenticeship program fails to attract corporate players(FierceCIO) IT leaders constantly complain about how difficult it is to find IT workers in the job market, so any potential source of new talent would seem to be welcome relief. That hasn't been the case with the nation's only active IT apprentice program, which several months after its launch has yet to attract a single corporate employer
Northrop Wins $74M Task Order for DISA Cyber Program(GovConWire) Northrop Grumman (NYSE: NOC) will continue its cyber defense support for the Defense Information Systems Agency's Acropolis and Sensor Operations program following the award of a four-year, $73. 6 million task order
Guidance Software Appoints Vice President, Product Marketing and Operations(MarketWatch) Guidance Software, GUID, -0.93% the World Leader in Digital Investigations™, today announced the appointment of Linda Souza in the newly created role of Vice President, Product Marketing and Operations. Ms. Souza leads Guidance Software's worldwide product marketing, program marketing, marketing operations, and content development teams
Products, Services, and Solutions
Huawei, Black Lotus open anti-DDoS centre in Europe(Telecompaper) Huawei announced at Cebit the opening of its European DDoS cloud scrubbing centre. Based in Amsterdam, the centre is run in cooperation with the security company Black Lotus. The two companies first announced their partnership last December
Built-in intelligence for NGFW(IT Online) Firewalls are the first line of any organisation's defences. They are the "sentinels" of the network, standing guard and controlling traffic entering and leaving the network, blocking potentially dangerous or unknown traffic that may threaten the organisation
Dark Reading Threat Intelligence Survey(InformationWeek) Threat intelligence is the best way to stay ahead of new and complex attacks, say survey respondents. How analytics influences their IT security strategies varies
Five criteria for purchasing threat intelligence services(TechTarget) Once an organization has determined it is a candidate for threat intelligence services, the next order of business is to select the service that provides the best fit for its needs. Because the threat intelligence services market is still relatively new, however, it's often a challenge to compare service details side by side to get an accurate picture of which offers what
A CIO's best allies in the fight against 'shadow IT' are the shadow IT vendors(VentureBeat) The term "Shadow IT" can conjure up visions of overwhelmed CIOs frantically trying to keep information repositories secure from online attacks, while their own employees compromise security by brazenly using personal devices and consumer cloud services without IT?s permission or even IT's knowledge
Trumping cybercriminals during tax season: Tips on how to stay safe(Help Net Security) Tax season is stressful for many reasons and April 15 equals a headache for many Americans. In addition to wading through taxes, tax season also opens up a new vector in which cybercriminals can attack. With consumers sending and receiving very personal information over email — one of the weakest links in the cyber security fence — cybercriminals are on high alert, looking for the most opportune moment to strike
Design and Innovation
PC security upgrades a welcome antidote to breaches(Seattle Times) With so much in the news about computer security these days, personal experience says innovations and new developments could be appealing antidotes to the fright that breaches and theft can provoke
New approach uses 'twisted light' to increase efficiency of quantum cryptography systems(Science Daily) Researchers have developed a way to transfer 2.05 bits per photon by using 'twisted light.' This remarkable achievement is possible because the researchers used the orbital angular momentum of the photons to encode information, rather than the more commonly used polarization of light. The new approach doubles the 1 bit per photon that is possible with current systems that rely on light polarization and could help increase the efficiency of quantum cryptography systems
Stealing Data from Computers Using Heat(Wired) Air-gapped systems, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet, are used in situations that demand high security because they make siphoning data from them difficult
Wordpress Blocked In Pakistan(TechCrunch) According to multiple local outlets, WordPress blogs are currently not accessible in Pakistan and pointing the blockage at the Pakistan Telecommunication Authority (PTA). TechCrunch has not been able to confirm that yet. As it stands right now, WordPress.com and blogs hosted by WordPress cannot be reached. Self-hosted WordPress blogs still work
Defence ministry sounds red alert on web spying(Times of India) India's defence establishment has sounded a fresh red alert over the need to ensure physical as well as cyber security of classified information in light of ever-increasing espionage attempts by foreign intelligence agencies, especially from China and Pakistan
House panel releases bill on cyber threat data-sharing(The Hill) A discussion draft of a House Homeland Security Committee bill to give companies legal liability protections when sharing cyber threat data with the Department of Homeland Security (DHS) was released Friday
It's too late to debate metadata(Phys.org) The government can?t read your email, but it will be able to find out where you sent it to and from. Credit: Paul Downey/Flickr, CC BY
What has been so frustrating throughout the metadata "debate" is that we have been kept in ignorance as to what it was that the law enforcement agencies actually wanted to retain
The NSA's plan: improve cybersecurity by hacking everyone else(Guardian) The National Security Agency want to be able to hack more people, vacuum up even more of your internet records and have the keys to tech companies' encryption — and, after 18 months of embarrassing inaction from Congress on surveillance reform, the NSA is now lobbying it for more powers, not less
UK Police Deem Snowden Leak Investigation a State Secret(Intercept) British police claim a criminal investigation they launched into journalists who have reported on leaked documents from Edward Snowden has to be kept a secret due to a "possibility of increased threat of terrorist activity"
US Threatened Germany Over Snowden, Vice Chancellor Says(Intercept) German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. "They told us they would stop notifying us of plots and other intelligence matters," Gabriel said
Chicago Police fighting to keep cellphone trackers secret(Chicago Sun-Times) The Chicago Police Department is fighting to keep a lid on how, when and where officers have used covert cellphone tracking systems — with an outside law firm billing the city more than $120,000 to battle a lawsuit that seeks those secret details
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
DaytonDefense Ohio Cyber Dialogue with Industry Conference(Dayton, Ohio, USA, May 6 - 7, 2015) Our Cyber Security conference presents how Cyber Security affects you as an individual, your company, and your nation, along with business opportunities in this growing area. You will walk away with an...
3rd Annual Georgetown Cybersecurity Law Institute(Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...
BSides Las Vegas(Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...
Hacker Halted 2015(Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...
Cyber Security Conference 2015(Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...
Fraud Summit Altanta(Atlanta, Georgia, USA, March 24, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Atlanta event include...
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
28th Annual FISSEA Expo(Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...
Global APT Defense Summit(Atlanta, Georgia, USA, March 25, 2015) This event will lay out a defense framework, which describes the appropriate phases, from establishing a resilient security baseline, through gathering threat intelligence, zero-day malware detection,...
CYBERWEST: the Southwest Cybersecurity Summit(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Conference on Cyber Defence in Europe(Berlin, Germany, March 25 - 26, 2015) The conference aims to address these and other issues of cyber defense in a broad audience of policy-makers, senior officials and experts from EU institutions and Member States, representatives of industry...
CYBERWEST(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Fraud Summit Dubai(Dubai, United Arab Emirates, March 26, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Dubai event include...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.