Islamic state information operations increasingly mix atrocity-boasting videos with "women's propaganda" that seek to normalize life in the Caliphate. (One hopes in vain that few will be deceived by the latter, or impressed by the former.) ISIS attempts to doxx and target American service members continue (doxxing, but no evidence of hacking).
Files stolen by Snowden and released by others apparently reveal Canadian cyber capabilities (and operational styles — some alleged information ops discussions show a markedly puerile malignity).
More analysis of Drupal vulnerabilities and exploitation appear.
Denial-of-service attacks increasingly serve as misdirection and cover for more damaging exploits.
PoSeidon is giving BlackPOS a run for its money in the criminal marketplace.
GoDaddy's layered protections are reported vulnerable to social engineering (not surprising for any system with humans in the loop) and Photoshopping (a little surprising).
Game-streamer Twitch says it's been compromised and will reset user passwords.
Google finds and revokes misused certs (Mozilla does, too).
Tails gets an emergency security fix.
Verizon's report on paycard security tells Fortune testing's in decline.
Passcode revisits a vexed problem: what counts as a "cyber incident" as opposed to, say, a glitch or malfunction? (Of particular concern with respect to industrial control systems.)
Bloomberg's spat with Kaspersky (advantage Kaspersky) over government influence prompts reflections on national borders' continuing role in cyberspace.
Security analysts offer approaches to risk mitigation — start by determining what's at risk.
Chinese release of PLA cyber offensive capabilities may be a step toward deterrence (something the US wants more of, too).
Today's issue includes events affecting Botswana, Canada, China, Denmark, Egypt, European Union, Finland, Iraq, Israel, Mexico, Norway, Russia, South Africa, Spain, Sweden, Syria, Ukraine, United Kingdom, United States.
The CyberWire will be live-tweeting from the Women in Cybersecurity event, in Atlanta on Friday and Saturday.
Cyber Attacks, Threats, and Vulnerabilities
War by Doxxing(Defense One) Combat pilots are just the most recent victims of a common practice. It doesn't mean that the military has been hacked
Army: We are investigating Islamic State threats(Army Times) The Army says it's investigating an Islamic State group call to harm U.S. troops at home. The militant organization occupying parts of Iraq and Syria reportedly posted the names, photos and home addresses of 100 American service members accused of participating in bombing missions against it
The powerful propaganda being spread online by women in the Islamic State(Washington Post) The Islamic State's online reach is notorious. One study estimated that at least 46,000 Twitter accounts were supporting the militant group in 2014. And while much of the content created by the Islamic State showcases the brutality of the group, a lot actually shows a (relatively) softer side
New IS 'Execution' Video Targets Kurds(Radio Free Europe/Radio Liberty) Footage of a notorious Iraqi Kurdish Islamic State (IS) militant who was reportedly killed in Kobani in February appears in a new video showing the execution-style killing of a Kurdish-speaking prisoner
DMARC and Spam: Why It Matters(TrendLabs Security Intelligence Blog) Recently I discussed how TorrentLocker spam was using email authentication for its spam runs. At the time, I suggested that these spam runs were using email authentication to gather information about victim networks and potentially improve the ability to evade spam filters. DomainKeys Identified Mail's (DKIM) own specification mentions the possibility of messages with from "trusted sources" and with a valid signature being whitelisted
Maintaining digital certificate security(Google Online Security Blog) On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC
Revoking Trust in one CNNIC Intermediate Certificate(Mozilla Security Blog) Mozilla was recently notified that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a firewall device that performed SSL man-in-the-middle (MITM) traffic management. It was then used, during the process of inspecting traffic, to generate certificates for domains the device owner does not legitimately own or control
Kreditech Investigates Insider Breach(KrebsOnSecurity) Kreditech, a consumer finance startup that specializes in lending to "unbanked" consumers with little or no credit rating, is investigating a data breach that came to light after malicious hackers posted thousands of applicants' personal and financial records online
Bulletin (SB15-082) Vulnerability Summary for the Week of March 16, 2015(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
How cyberattacks can be overlooked in America's most critical sectors(Christian Science Monitor Passcode) Across some of the most crucial sectors of the American economy, there's a lack of consensus of what exactly should be considered a 'cyberincident' — and whether technical mishaps, even without malicious intent, should count. That's a problem
Most Small Firms Believe Cyber Protection is too Expensive(Information Security Buzz) Today, there are more SMEs than ever making heavy use of new technologies to cut costs and increase efficiency across all areas of their business. With this, however, comes an increasingly persistent risk of hacking and breaches of security that have the potential to cripple smaller businesses. A recent report has found that many of these small businesses carry misconceptions around cyber protection, resulting in a lack of security which leaves their organisations open to massive hacking losses that last year cost UK businesses between £65,000 and £115,000
Six Nordic startups enterprise IT users should watch(ComputerWeekly) Spotify and Angry Birds. Combine the words 'startups' and 'Nordics' and these companies come to mind. But consumer-focused technology is just the tip of the iceberg in the Nordics, with some of the most exciting startups operating in the enterprise space
Why Shares of CyberArk Software Ltd. Jumped Today(Motley Fool) What: Shares of cyber security company CyberArk Software (NASDAQ: CYBR ) jumped on Monday after Bank of America initiated analyst coverage, giving the stock a buy rating and a $60 price target. At noon, the stock was up just over 10%. It had closed Friday at $48.69
Airbus Wins UK Cyber Center Research Deal(DefenseNews) The creation of a UK virtual cyber operations center aimed at defeating battlefield attacks took a step forward with the award of a small study contract to Airbus UK by Ministry of Defence researchers
When Cybersecurity Meets Geopolitics(Wall Street Journal) FireEye Chief Executive David DeWalt says all major powers have "somewhat national-born security companies." Before American computer-security company FireEye FEYE -0.88% releases a report on new hacker activity, it sometimes gives the U.S. government an advance copy. Dutch competitor Fox-IT trains the Netherlands' cyberwarriors. Moscow-based Kaspersky Lab helps Russian authorities investigate hacking cases
Products, Services, and Solutions
Will 2015 Be Adobe Flash's Swan Song?(eSecurity Planet) Following more critical zero-day exploits, Adobe's Flash platform's place in the enterprise appears as unsecure as the software itself
Good Security Starts with Knowing What's Valuable(Dark Matters) In February 2015, a report was published based on findings from 2014 investigations which revealed that while organizations were discovering compromises faster, less than one third were identifying breaches on their own
'Compliance fatigue' sets in(CSO) Yes, compliance with multiple security frameworks is difficult, time-consuming and expensive. But those who defend it point out that being breached causes much worse headaches
Clintonemail.com: A Cautionary Call To Action(InformationWeek) As former Secretary of State Hillary Clinton becomes ever more embattled in the press and in politics because of her personal email usage, we can draw lessons for enterprises and employees alike on contending with Shadow IT
5 Social Engineering Attacks to Watch Out For(Tripwire: the State of Security) We have become all too familiar with the type of attacker who leverages their technical expertise to infiltrate protected computer systems and compromise sensitive data. We hear about this breed of hacker in the news all the time, and we are motivated to counter their exploits by investing in new technologies that will bolster our network defenses
5 steps to protecting your privacy online(IoL SciTech) These are troubling times for anyone concerned about the security of their electronic data. Hardly a day goes by without news of another hack or some other form of cyber skulduggery on the part of criminals, corporations and even government agencies
Digital Dark Age: Information Explosion and Data Risks(Infosec Institute) "Old formats of documents that we've created or presentations may not be readable by the latest version of the software because backwards compatibility is not always guaranteed," says Vint Cerf, Google's Vice President and one the fathers of the Internet
Legislation, Policy, and Regulation
UK Insurance Act Receives Royal Assent(WillisWire) The Insurance Act 2015 received royal assent on 12th February 2015. The Act, which I described as the "the most profound shift in UK commercial insurance law ever," introduces key changes to the duty of disclosure in commercial insurance contracts as well as to warranties and insurers' remedies for fraudulent claims. These measures will not come into force until August 2016, giving all of us enough time to prepare for them
Preparing for Cyber War: A Clarion Call(Just Security) In every War College in the world, two core principles of military planning are that "hope is not a plan" and "the enemy gets a vote." Any plan developed without sensitivity to these two maxims is doomed to fail. They apply irrespective of the mode in which the conflict is fought, the nature of the enemy, or the weapons system employed. Unfortunately, some states seem to be disregarding the maxims with respect to cyber operations. They include certain allies and friends around the world, states that the United States will fight alongside during future conflicts. The consequences could prove calamitous, especially in terms of crafting complementary strategies and ensuring interoperability in the battlespace
Editorial: Strengthen Electronic Warfare(Defense News) One of the key lessons of Moscow's invasion of Ukraine is the potency of Russia's electronic warfare capabilities, the product of decades of focused investment
CISA Security Bill: An F for Security but an A+ for Spying(Wired) When the Senate Intelligence Committee passed the Cybersecurity Information Sharing Act by a vote of 14 to 1, committee chairman Senator Richard Burr argued that it successfully balanced security and privacy. Fifteen new amendments to the bill, he said, were designed to protect internet users' personal information while enabling new ways for companies and federal agencies to coordinate responses to cyberattacks. But critics within the security and privacy communities still have two fundamental problems with the legislation: First, they say, the proposed cybersecurity act won't actually boost security. And second, the "information sharing" it describes sounds more than ever like a backchannel for surveillance
DoD straddles the public cloud fence(Federal Times) The Defense Department has in recent months enacted new policies aimed at accelerated adoption of commercial cloud, even as officials seek to strike a balance between security, savings and efficiency
No Harm No Foul: Time to End the Petraeus Saga(Small Wars Journal) It is a tenet of our system of justice that the punishment should fit the crime. Since 2012, the U.S. Justice Department has been investigating whether retired US Army four-star General David Petraeus leaked classified information to his biographer Paula Broadwell, with whom he had an affair after retiring from the military to take the position of CIA Director
Most parents don't know how to tackle cyber bullying(Help Net Security) 54 percent of UK parents would have no idea if their child was being cyber bullied, highlighting that most parents are completely ill-equipped and under-educated in knowing how to recognize and deal with this growing threat to children
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
3rd Annual Georgetown Cybersecurity Law Institute(Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...
School on Computer-aided Cryptography(College Park, Maryland, USA, June 1 - 4, 2015) The goal of the school is to provide participants with an overview of computer-aided cryptography with a special focus on computer-aided cryptographic proofs using the EasyCrypt tool. Lectures discussing...
Hacker Halted 2015(Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...
Cyber Security Conference 2015(Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...
Fraud Summit Altanta(Atlanta, Georgia, USA, March 24, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Atlanta event include...
CyberTech Israel 2015(Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...
2nd Annual ISSA COS Cyber Focus Day(Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...
28th Annual FISSEA Expo(Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...
Global APT Defense Summit(Atlanta, Georgia, USA, March 25, 2015) This event will lay out a defense framework, which describes the appropriate phases, from establishing a resilient security baseline, through gathering threat intelligence, zero-day malware detection,...
CYBERWEST: the Southwest Cybersecurity Summit(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Conference on Cyber Defence in Europe(Berlin, Germany, March 25 - 26, 2015) The conference aims to address these and other issues of cyber defense in a broad audience of policy-makers, senior officials and experts from EU institutions and Member States, representatives of industry...
CYBERWEST(Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...
Fraud Summit Dubai(Dubai, United Arab Emirates, March 26, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Dubai event include...
Women in Cyber Security(Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.
Automotive Cyber Security Summit(Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.