The guttering information and cyber conflict surrounding ISIS continues. The Washington Post offers an account of how the US State Department attempted to take a page from the ISIS information operations playbook, with indifferent success. And an apparent Saudi hacktivist succeeds in defacing the website of Iran's Ministry of Defense.
Hacktivists in Sweden, associating themselves with Anonymous, take down various neo-Nazi sites with connections to Sweden (thereby coming in on the Allied side on the seventieth V-E Day).
Another, largely negative review, of the Open Smart Grid Protocol (OSGP) appears, reiterating the conclusions of earlier discussions: home-brew crypto is probably not a particularly good idea. It's especially questionable, perhaps, in an area that touches particularly sensitive parts of the Internet-of-things.
The US Government raises concerns about the vulnerability of hedge funds to cyber attack. The funds, regulators think, may constitute a soft underbelly of the financial sector as a whole.
Attempts to quantify breach losses continue as various sectors grope towards cyber risk actuarial data.
The US Commerce Department this week undertakes a major cyber security trade mission to Eastern Europe, with the initial focal points being Romania and Poland.
Tory victory in the UK elections is expected to have significant ramifications for both surveillance policy and support of security start-ups — observers expect a strengthening of both.
As the US expresses concerns to China over the "Great Cannon," Russia and China conclude an agreement in which the two powers agree to forego cyber operations against one another. (Observers are skeptical.)
Today's issue includes events affecting China, European Union, India, Iran, Iraq, Poland, Romania, Russia, Saudi Arabia, Sweden, Syria, Taiwan, United Kingdom, United States.
Dateline Jailbreak Security Summit
Apple Security Talks & Craft Beer: A New Kind of Technology Event(Jailbreak Brewing Company) The world's first security summit held at a production brewery. Join some of the world's best Apple security researchers as they talk about iOS, OS X, Apple hardware and other Apple-related security topics at the first computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors
Practical iOS App Security(Totem Training) Had a great time presenting at this year's security summit focused on Mac OS X and iOS at Jailbreak Brewing Co. Here's the the slides and demos from my talk
So, the NSA Has an Actual Skynet Program(Wired) We've suspected it all along — that Skynet, the massive program that brings about world destruction in the Terminator movies, was just a fictionalization of a real program in the hands of the US government. And now it's confirmed — at least in name
Malicious Word Document: This Time The Maldoc Is A MIME File(Internet Storm Center) Bart Blaze Tweeted me a malicious Word document sample (MD5 23a2d596d927ceab01918cc1dfd5db68) that can not be analyzed with my oledump tool. It turns out to be a MIME file that contains a MSO file, that in turn contains an OLE file. We've seen MSO files containing OLE files when we talked about XML Office documents. I've updated my oledump tool (V0.0.15) to handle MSO files directly
The impact of Rombertik(Blue Coat Labs) This week, researchers from Cisco wrote a blog post detailing a new malware they named Rombertik. This malware contains a lot of obfuscation and may also trigger a destructive routine, which will overwrite data — typically the master boot record (MBR) on the hard disk. This destruction is quoted to happen if the malware detects that it runs inside a virtual machine. Rombertik also contains several tricks to achieve this and also a few tricks assumed to hamper the detection of the malware inside malware sandboxes
60 Days of Watching Hackers Attack Elasticsearch(Jordan-Wright Security and Programming Blog) Two months ago, one of my DigitalOcean instances started attacking another host with massive amounts of bogus traffic. I was notified by the abuse team at DO that my VPS was participating in a DDoS attack. I managed to track down that the attackers leveraged an RCE vulnerability in Elasticsearch to automatically download and run malware
Who's Scanning Your Network? (A: Everyone)(KrebsOnSecurity) Not long ago I heard from a reader who wanted advice on how to stop someone from scanning his home network, or at least recommendations about to whom he should report the person doing the scanning. I couldn't believe that people actually still cared about scanning, and I told him as much: These days there are countless entities — some benign and research-oriented, and some less benign — that are continuously mapping and cataloging virtually every devices that's put online
It's Not The Hackers You're Thinking Of in 2015(Dark Matters) On Sunday, April 26, 2015, I was reviewing a bazillion emails coming to me via groups I engage on LinkedIn. One that caught my eye had a bi-line of "Why is there not more emphasis on getting the word out to the public on how individuals can protect…" and my first thought was "Really? Seriously"
Health data breaches: Why size doesn't matter(Government Health IT) Big breaches make for big news: Anthem, Heartland Payment Systems, Sony, Target, to name just a few. The causes of these big breaches are numerous: big data and information integration provide a larger attack surface, and criminals are becoming more adept at acquiring and exploiting personal information
How should we regulate the Internet of Things?(The Week) There seems to be a lack of public appreciation of the extent to which the Internet of Things is going to fundamentally change how people interact with the world around them
Lack of joined up thinking undermining IoT security(MicroScope) The only reason that there has not been a major IoT security breach is because the technology is not yet widely deployed but as interest in the technology grows so do the fears that more vulnerabilities will emerge
To what extent companies digitally track our daily lives?(Help Net Security) Do you know how digitally collected information uncovers things about you which you would rather remained private? We're already living in the age of Big Data, and are on the very cusp of the age of the Internet of Things — will this lead to to complete and ubiquitous surveillance?
The new perimeter and the rise of IDaaS(GCN Cybereye) Identity management has been a major focus in security for a long time, and in government that stretches at least as far back as the implementation of HSPD-12 in 2005. The Obama administration ratcheted the effort even higher in 2012 when it released the National Strategy for Trusted Identities in Cyberspace (NSTIC)
Agency CIOs Need to be Aware of the Dangers of Consumer Tech(Nextgov) We've all heard about the benefits of consumerized IT for large organizations. Consumer technology is more innovative and faster moving than its enterprise counterpart. Just look at Apple, Google or Facebook and compare them to IBM, Oracle or SAP
Survey shows most data breaches don't happen online(Ventura County Star) Most data breaches that occurred last year originated with a brick-and-mortar store or financial institution, according to a recent Consumer Reports survey of more than 3,000 American adults
US leads 20 groups on cyber security mission(Financial Times) A top US Department of Commerce official is leading a cyber security trade mission to Romania and Poland this week to discuss ways to bolster defences against a common threat of cyber attacks emanating from Russia and elsewhere in eastern Europe
Why It's Not Too Late To Buy FireEye Inc.(Motley Fool) Shares of cyber security vendor FireEye (NASDAQ: FEYE ) have risen significantly since last October, and are now up more than 50%. Demand for FireEye's services remains intense, and the company's recent earnings reports have exceeded expectations
DHS picks Booz Allen Hamilton for cyber contract(C4ISR & Networks) Booz Allen Hamilton has been awarded a $39 million DHS cybersecurity contract. The award, for DHS's Continuous Diagnostics and Mitigation (CDM) program, will provide tools and sensors. It was awarded under the $6 billion General Services Administration's Continuous Monitoring as a Service (CMaaS) contract. It will support four functional areas: Hardware Asset Management, Software Asset Management, Configuration Management, and Vulnerability Management
Is Marc Benioff becoming Microsoft's new CEO?(LinkedIn) I loved Microsoft (MSFT) — it was a huge part of my previous business — hundreds of millions of dollars. But today I find it embarrassing to see a company's 30,000 engineers releasing a new Windows version that has only changes but zero improvements, then releasing a Windows server version that most top engineers actually roll back to the previous version because Microsoft failed to make it easier to use — not more complicated
Omnicom's Porter Novelli Launches Cybersecurity Platform(Zacks) Global public relations leader Porter Novelli, a part of Omnicom Group Inc.'s (OMC - Analyst Report) DAS Group of Companies, launched PNProtect, a full-service cybersecurity platform to protect clients from digital threats
Check Point launches cyberthreat map(IT Online) Check Point recently launched the ThreatCloud World Cyber Threat Map, which visualises how and where cyber-attacks are taking place worldwide in realtime
ThreatStream's approach to threat intelligence(Help Net Security) Imagine being able to make sense of all the threat information that's flowing through your security controls and coming from your threat feeds in minutes, not weeks, months or years
BalaBit updates Shell Control Box(Help Net Security) BalaBit announced Shell Control Box (SCB) 4 F1, an enterprise-level activity monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. It integrates seamlessly into the enterprise's existing infrastructures and is completely independent from clients and servers
Cybersecurity Standards and Your Enterprise(CTOvision) As we have noted in the past, "The nice thing about standards is that you have so many to choose from" teaches Andrew S. Tanebaum in his classic text on Computer Networks
3 rules to help secure the Internet of Things(EET India) There is a wide and growing concern for the security of the Internet of Things (IoT). It's abundantly clear that the Internet is infested with ne'er-do-wells who thrive on hacking into networked devices. But many embedded development teams have never had to deal with security issues before, and are still trying to decide what, if anything, they need to do
How to balance safety and security in medical software(Electronics Weekly) Say "software security" to most people and they will think of hacked bank accounts, or attacks on corporate databases. Closer to home, consider the current trend for hackers to target medical records rather than electronic credit card data as the former proves to be more profitable and less risky
Identifying and Dividing Networks and Users(TrendMicro) Proper network segmentation is the most critical proactive step in protecting networks against targeted attacks. It is also important for organization to properly identify and categorize their own users and the networks they access
SOC Analyst Pyramid(Internet Storm Center) Last weekend, I did a 10 minute fireside chat during lunch at BSidesSATX 2015. It was an informal presentation, where I discussed some of the issues facing security analysts working at an organization's Security Operations Center (SOC)
Rethinking cyber security in the age of the hacker(Financial Review) Fear is an important factor driving many organisations to increase their IT security spending, with a Gartner study predicting global expenditure will rise by 8.5 per cent, to $US77 billion ($97.52 billion) in 2015. But if even the best-resourced companies are losing the cyber-security battle, what hope is there for the rest of us?
Keeping your car safe from hacking(Fox News) Picture this: You're driving along a stretch of road, and an unseen force takes over. The car picks up speed, then swerves — without your touching the accelerator or turning the wheel. You're no more than a helpless passenger. What just happened? Your car has been hacked
Obama and His Cybersecurity 'Trojan Horse'(The Blaze) President Barack Obama signed a new cybersecurity executive order that gives him ultimate control over information gathered for the purposes of protecting it against nefarious individuals or groups. This has caused a ripple of concern among cybersecurity firms that could grow into a tsunami should the new legislation go forward
Silicon Valley licensing company crafts 'best practices,'argues it could transform patent system(Legal Newsline) As the number of bills aimed at reforming the nation's patent system continue to pile up in Congress, one Silicon Valley company argues that a more commonsensical approach to the perceived "patent troll" problem is needed. Finjan, a cyber security technology company that became a publicly-traded company in 2013 and has shifted its focus to licensing its intellectual property, has spent the better part of a year crafting a list of "best practices"
Cybersecurity firm accused of staging data breaches to extort clients(Engadget) Have you ever heard of a cybersecurity firm called Tiversa? No? Well, you'll likely be hearing about it a lot in the coming weeks, because an ex-employee is accusing it of fraud. Richard Wallace, one of its former investigators, has recently testified against the firm in a Washington DC courtroom. During the proceeding, he claimed Tiversa's employees would hack potential clients to force them to pay for the firm's services. The CEO, Bob Boback, would apparently even order them to look for IPs of known identity thieves using Tiversa's close ties to law enforcement agencies. They'd then tell the companies they were targeting that those IPs are breaking into their computers as an additional scare tactic
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2015 Honeynet Project Workshop(Stavanger, Norway, May 18 - 20, 2015) Each year the Honeynet Project annual workshop brings together top information security experts from around the globe to present their latest research efforts and discuss insights and strategies to combat...
12th CISO Summit & Roundtable Geneva 2015(Geneva, Switzerland, May 11 - 13, 2015) The 12th CISO Summit will give you direct insights from Europe's most experienced CISOs, you will get the latest top hot buttons and focuses from other CISOs for the coming 5 years — shared predictions...
NG Security Summit(San Antoino, Texas, USA, May 11 - 13, 2015) The NG Security Summit bringx together more than sixty-five relevant CISOs from the private and public sector for a high level summit where they will workshop to benchmark, identify, and tackle key challenges.
MCRCon(Ypsilanti, Michigan, USA, May 12, 2015) Please join the Michigan Cyber Range for the third annual MCRCon cybersecurity conference. MCRCon 2015 will focus on hacking prevention, incident handling, forensics and post-event public relations. MCRCon...
Houston Secure World(Houston, Texas, USA, May 13, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
QuBit 2015 Cybersecurity Conference(Prague, Czech Republic, May 13 - 15, 2015) QuBit brings together top experts and leaders in the field, from the private sector, to academia, to government. The main topics this year are APTs, the Internet of Things, and Digital Forensics, which...
THOTCON 0x6(Chicago, Illinois, USA, May 14 - 15, 2015) THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a hacking conference based in Chicago IL, USA. This is a non profit non-commercial event looking to provide the best conference possible...
International Conference on Cyber Security (ICCS) 2015(Redlands, California, USA, May 16 - 17, 2015) The ICCS 2015 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY.
FS-ISAC & BITS Annual Summit(Miami Beach, Florida, USA, May 17 - 20, 2015) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
2015 Cyber Risk Insights Conference — Chicago(Chicago, Illinois, USA, May 18, 2015) Advisen again brings its acclaimed Cyber Risk Insights Conference series to Chicago with a full-day event addressing the critical privacy, network security and cyber insurance issues confronting risk professionals...
IEEE Symposium on Security and Privacy(San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...
Fraud Summit Chicago(Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include...
3rd Annual Georgetown Cybersecurity Law Institute(Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...
AFCEA Spring Intelligence Symposium 2015(Springfield, Virginia, USA, May 20 - 21, 2015) The Symposium will be a one-of-a-kind event designed to set the tone and agenda for billions of dollars in IC investment. Leaders from all major IC agencies, from the ODNI, IARPA, and the National Intelligence...
SOURCE Conference(Boston, Massachusetts, USA, May 25 - 28, 2015) SOURCE is a computer security conference happening in Boston, Seattle, and Dublin that is focused on offering education in both the business and technical aspects of the security industry. The event's...
7th International Conference on Cyber Conflict(Tallinn, Estonia, May 26 - 29, 2015) CyCon is the annual NATO Cooperative Cyber Defence Centre of Excellence conference where topics vary from technical to legal, strategy and policy. The pre-conference workshop day, 26 May, features a variety...
HITBSecConf2015 Amsterdam(De Beurs van Berlage, Amsterdam, The Netherlands, May 26 - 29, 2015) This year's event will feature a new training courses. Keynote speakers include Marcia Hofmann and John Matherly. To encourage the spirit of inquisitiveness and innovation, Haxpo will showcase cutting...
1st Annual Billington Corporate Cybersecurity Summit(New York, New York, USA, May 27, 2015) Join Billington CyberSecurity's unparalleled network of cybersecurity professionals as they provide hard-earned insights and education to a high level and exclusive group of attendees from the corporate...
Atlanta Secure World(Atlanta, Georgia, USA, May 27 - 28, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
Techno Security & Forensics Investigations Conference(Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Seventeenth Annual International Techno Security & Forensics Investigations Conference will be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. This conference promises...
Mobile Forensics World(Myrtle Beach, South Carolina, USA, May 31 - June 3, 2015) The Eighth Annual Mobile Forensics World will also be held May 31 ? June 3 in sunny Myrtle Beach at the Myrtle Beach Marriott Resort. The Mobile Forensics World is specifically dedicated to Federal, State...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.