Russian security services are suspected of blocking opposition online publications, and of ongoing cyber espionage against Western financial institutions.
ISIS continues to threaten cyber attacks against Western institutions, although the only hack of any (albeit minor) note is the defacement of a Nashville music site with an "I-love-jihad" message. Sure, the Caliphate messaging's there (and offering minor corroboration of NSA Director Rogers's claim that ISIS information operations are "resonating with [some] Americans") but attributing such skiddish cyber vandalism to ISIS is a little like concluding a teenager wearing a Che t-shirt is a duly enlisted member of the Venceremos Brigade.
Speaking of skids, Indonesia's Gantengers Crew struts its mad skilz with some vandalism of Kenya's presidential website.
Incapsula reports discovering a "40,000-node botnet exploiting poorly-configured Ubiquiti routers." The botmasters, whom some observers characterize as an Anonymous faction, others as LizardSquad rivals, are apparently offering denial-of-service-for-hire. (In a separate story, HackRead publishes an interesting but depressing menu of cyber crime products and services available on the black market.) Other observers note that, whether Anonymous is legion or not, unsecured routers certainly seem to be.
CrowdStrike announced discovery of a buffer-overflow vulnerability affecting popular virtual machine platforms. The flaw in the open-source QEMU hypervisor, which CrowdStrike is calling "VENOM," could permit breakout from an exploited VM.
Patch Tuesday produced a large crop of Microsoft fixes as well as critical security updates from Mozilla and Adobe, so expect system administrators to be busy.
M&A stories (and one rumor) appear in industry news today.
Today's issue includes events affecting Canada, China, Indonesia, Iran, Kenya, Democratic Peoples Republic of Korea, Singapore, Romania, Russia, Ukraine, United Kingdom, United States.
See the page on Friday's Jailbreak Security Summit for some updated coverage. Video will be up later this week.
President Of Kenya Website Hacked By Indonesian Hackers(HackRead) On 11th May 2015, the President of Kenya (Uhuru Kenyatta) website was hacked where its homepage was replaced by hackers with one of their own — The group behind this hack is an Indonesian based Gantengers Crew
Mystery botnet hijacks broadband routers to offer DDoS-for-hire(TechWorld) Incapsula detects 40,000-node botnet exploiting poorly-configured Ubiquiti routers. A rival hacker group to the infamous Lizard Squad has been discovered quietly using a previously unknown global botnet of compromised broadband routers to carry out DDoS and Man-in-the-Middle (MitM) attack
Recent Dridex activity(Internet Storm Center) Botnet-based Dridex malspam is like the Energizer Bunny. It just won't quit. We see it almost every day
Bublik Trojan — Variant Evolves with New Features(iSIGHT Partners) iSIGHT Partners has been tracking the development of the Bublik downloader trojan and recently discovered a new variant with more complex features - See more at: http://www.isightpartners.com/2015/05/bublik-trojan-variant-evolves-with-new-features/#sthash.XxnZjzwa.dpuf
Angler EK pushes unnamed ransomware(Help Net Security) Malware distribution campaigns based using the popular Angler exploit kit continue delivering different types of ransomware
Cyber extortionists are hitting hedge funds(Help Net Security) Hedge funds are increasingly targeted by cyber extortionists, John Carlin, US Assistant Attorney General for National Security, has warned the audience at the SALT hedge fund conference held last week in Las Vegas
Security Patches, Mitigations, and Software Updates
Adobe, Microsoft Push Critical Security Fixes(KrebsOnSecurity) Microsoft today issued 13 patch bundles to fix roughly four dozen security vulnerabilities in Windows and associated software. Separately, Adobe pushed updates to fix a slew of critical flaws in its Flash Player and Adobe Air software, as well as patches to fix holes in Adobe Reader and Acrobat
Security updates available for Adobe Flash Player(Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest version
Security Updates available for Adobe Reader and Acrobat(Adobe Security Bulletin) Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions
Security Advisories for Firefox(Mozilla) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Security Advisories for Firefox ESR(Mozilla Foundation) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Security Advisories for Thunderbird(Mozilla Foundation) The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates…" item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site
Aon & Ponemon say cyberrisk to sky rocket over next 5 years(Actuarial Post) The 2015 Global Cyber Impact Report, released today by the Ponemon Institute, a leading research firm on privacy, data protection and information security, and sponsored by Aon plc found that information technology assets are 39 percent more exposed than property assets on a relative value to insurance protection basis
Time for a new approach to IT security?(Channelweb) It's no longer about stopping the bad guys getting in, but instead accepting you'll be compromised and working out what to do next. Traditional preventative controls such as firewalls and AV are old hat. Or at least that's what the big vendors and analysts — both of whom are trying to punt their latest wares — would have us believe
Cutting Through the RSA Conference Jargon: Cybersecurity Lessons for the C-Suite(Information Security Buzz) Mike Potts, CEO of Lancope, published a blog post reflecting on the recent RSA Conference and how, while once the domain of IT security specialists, cybersecurity is now becoming familiar terrain to C-level execs. Far from being a solely a technical concern, Mike explains that "cybersecurity is finally being recognized as a business discipline that directly impacts an organization's business goals, which is causing the C-Suite to sit up and listen"
FireEye Earnings: Balancing Demand and Capability(Investopedia) Cybersecurity solutions provider FireEye (NASDAQ: FEYE) is a small player attempting to procure market share in a very sizable market. The company specializes in virtual machine-based threat detection, meaning that it runs software in a simulated environment to assess potential harm to user systems
FireEye up 4.1% on vague Cisco M&A rumor(Seeking Alpha) Unconfirmed market chatter that Cisco has made a $9B bid for FireEye (NASDAQ:FEYE) has led shares of the threat-prevention hardware/software/service provider to spike higher. For reference, FireEye's market cap is currently $6.7B. As Pandora investors can vouch, such rumors often (though not always) prove unfounded
MACH37 Cyber Accelerator accepting applications for fall 2015 session(Augusta Free Press) The MACH37™ Cyber Accelerator has officially announced it will begin accepting applications from information security startups and security entrepreneurs for its Fall 2015 (F15) Cohort beginning September 8. The MACH37™ program consists of an intense 90-day program in which the selected startups are coached in all aspects of creating a sustainable and successful business
Singapore tackles skills gap in cyber security sector(Asia One) The digital super highway that's coming up in Singapore, as part of the Smart Nation initiative, will allow for many services that will be transformational in nature. There will be instant connectivity, access to information and vital services such as health care
SecureRF Offers Next Generation of Asymmetric Security for the Internet of Things(App Developer Magazine) SecureRF offers a family of Algebraic Eraser public key cryptography cores that offer increased performance while requiring low power and a small footprint. The AE Core is a Diffie-Hellman like authentication protocol that utilizes SecureRF's Algebraic Eraser algorithm, a linear-in-time method, to enable higher levels of security to low resource devices without altering the standard platforms currently in use
OpenDNS first to offer threat intelligence cloud enforcement through APIs(Software Development Times) OpenDNS, a leading provider of cloud-delivered security, today announced that it has opened its enforcement API to all Umbrella Platform customers. This API automatically turns the threat intelligence generated by customers' own security and incident response teams into threat prevention, providing real-time protection for users and devices anywhere in the world. OpenDNS is the first cloud-delivered security provider to enforce threat intelligence through APIs and to provide an open, interoperable platform to its customers
Cool Vendor to Provide ARTIK Security(MobileIDWorld) Sansa Security has announced that it's going to support Samsung's new ARTIK platform. Sansa Client, the company's device-focused software stack, is going to be integrated into the ARTIK silicon in order to provide end-to-end security
Free, cheap and easy security tools(ChannelWorld) Free, cheap and easy security tools When it comes to detecting, preventing and analyzing information security threats, security teams need all the help they can get
How retailers can protect against security breaches(SecurityInfoWatch) When you swipe your card to pay at a store, how safe is your data? According to Symantec, the security of your data varies greatly depending on the sophistication of the payments system of the retailer you’re visiting. Outdated point of sale systems are notoriously insecure and, according to Symantec, are particularly vulnerable due to a lack of encryption and reliance on outdated software
British Snoops GCHQ Openly Recruiting Hackers As Government Seeks More Surveillance Powers(Forbes) Now that the Conservative Party has secured a majority government in the UK, it's pushing ahead with plans to expand the surveillance state with the Communications Data Bill, also known as Snooper's Charter, which would require communications providers from BT to Facebook to maintain records of customers' internet activity, text messages and voice calls for a year. This may have emboldened GCHQ, the British spy agency and chief NSA partner, which has, for the first time, openly called for applicants to fill the role of Computer Network Operations Specialists, also known as nation-state funded hackers
International norms in cyberspace(Today's Zaman) Last month, the Netherlands hosted the Global Conference on Cyberspace 2015, which brought together nearly 2,000 government officials, academics, industry representatives, and others. I chaired a panel on cyber peace and security that included a Microsoft vice president and two foreign ministers. This "multi-stakeholder" conference was the latest in a series of efforts to establish rules of the road to avoid cyber conflict
Pentagon looking for future threats beyond ISIL(USA TODAY) After missing the early stages of the Islamic State's rise into one of the world's most threatening militant groups, the Pentagon has begun a review to help anticipate possible threats beyond the Islamic State, military records show
Whistleblower claims cybersecurity firm hacked clients(We Live Security) In a case that raises serious ethical and legal issues, a U.S. cybersecurity firm is accused by a former employee and whistle blower of hacking into the information systems of potential clients in order to extort potential customers, according to Engadget
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
[New Date] Cyber 6.0(Laurel, Maryland, USA, September 10, 2015) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
NG Security Summit(San Antoino, Texas, USA, May 11 - 13, 2015) The NG Security Summit bringx together more than sixty-five relevant CISOs from the private and public sector for a high level summit where they will workshop to benchmark, identify, and tackle key challenges.
12th CISO Summit & Roundtable Geneva 2015(Geneva, Switzerland, May 11 - 13, 2015) The 12th CISO Summit will give you direct insights from Europe's most experienced CISOs, you will get the latest top hot buttons and focuses from other CISOs for the coming 5 years — shared predictions...
Houston Secure World(Houston, Texas, USA, May 13, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...
QuBit 2015 Cybersecurity Conference(Prague, Czech Republic, May 13 - 15, 2015) QuBit brings together top experts and leaders in the field, from the private sector, to academia, to government. The main topics this year are APTs, the Internet of Things, and Digital Forensics, which...
THOTCON 0x6(Chicago, Illinois, USA, May 14 - 15, 2015) THOTCON (pronounced \ˈthȯt\ and taken from THree - One - Two) is a hacking conference based in Chicago IL, USA. This is a non profit non-commercial event looking to provide the best conference possible...
International Conference on Cyber Security (ICCS) 2015(Redlands, California, USA, May 16 - 17, 2015) The ICCS 2015 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY.
FS-ISAC & BITS Annual Summit(Miami Beach, Florida, USA, May 17 - 20, 2015) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
2015 Cyber Risk Insights Conference — Chicago(Chicago, Illinois, USA, May 18, 2015) Advisen again brings its acclaimed Cyber Risk Insights Conference series to Chicago with a full-day event addressing the critical privacy, network security and cyber insurance issues confronting risk professionals...
2015 Honeynet Project Workshop(Stavanger, Norway, May 18 - 20, 2015) Each year the Honeynet Project annual workshop brings together top information security experts from around the globe to present their latest research efforts and discuss insights and strategies to combat...
Fraud Summit Chicago(Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include...
3rd Annual Georgetown Cybersecurity Law Institute(Washington, DC, USA, May 20 - 21, 2015) In 2015, it is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. Those lawyers who ignore cyber threats are risking...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.