Ransomware is evolving in some interesting directions as its purveyors adopt crimeware best practices. CryptoWall 4.0 is circulating in the wild, and Heimdal notes that the new strain is not only more adept at evading firewalls, but has also taken to encrypting filenames as well as the files themselves. That latter step is thought to increase victims' confusion and susceptibility to the ransom pitch. That pitch is now presented as a "welcome to the CryptoWall community," with an offer of a remedial "software package" replacing the expected ransom demand.
Check Point takes a look at a different strain of ransomware (going by too many names to list) whose contribution to criminal technique is to obviate a need to interact with a command-and-control server to receive encryption keys. Rather, the victim contacts the criminal through a shifting set of email addresses, making it more difficult to run the criminal to ground.
Ars Technica looks at the evolution of CryptoWall and Chimera and sees a boom in the ransomware market.
Banking Trojans are still out there and enjoying success, too: Timba in Russia and the Near Abroad, a variety of opportunistic exploits in Singapore (which has both wealth and a lot of online transactions).
A Forbes piece looks at the IoT and sees a future battlefield. Other policy wonks regard cyber attacks as potential casus belli.
A sell-off in cyber stocks (led by FireEye) prompts analyst speculation about the industry as a whole. (FBRFlash sees the problem as FireEye's, not the sector's.)
Today's issue includes events affecting Belarus, China, European Union, Moldova, Nigeria, Russia, Singapore, Ukraine, United Kingdom, United States.
Crypto-ransomware encrypts files "offline"(Help Net Security) Ransomware comes in various forms, and not all ransomware encrypts files — some just block computers until the ransom is paid. When the file encryption feature is included, the encryption key is usually sent to the malware's C&C server, which is controlled by the crooks — but not always
Cyber criminals often resort to simple trickery(San Jose Mercury News) As it does every year, security firm Trend Micro has released its annual threat report, titled "Security Predictions for 2016 and Beyond." And, to me, the most profound statement in the report is "cybercriminals don't need to use the most advanced technologies or sophisticated methods to succeed. Sometimes, simply understanding the psychology behind each scheme and its targets can be enough to make up for the lack of sophistication"
Security Patches, Mitigations, and Software Updates
Cyber attacks could warrant military reply, experts say(Tribune-Review) Computer attacks like North Korea's breach of Sony Entertainment are not acts of war, but they could cause enough havoc and economic pain to trigger a military response, experts told the Tribune-Review on Thursday
Cloud key to future cyber security, says Qualys(ComputerWeekly) Security could be improved by moving to a world where security is enabled by customised and optimised security agents in virtual datacentres, endpoints and apps, says Qualys CTO Wolfgang Kandek
The Physical Internet Will Rest On The Internet Of Things(Manufacturing Net) The 11th International Industrial Engineering Conference (CIGI2015) that was held on October 26-28, 2015 at Laval University in Quebec City, whose theme was "integrative engineering for responsible innovation and sustainable performance," provided a timely opportunity to explore the synergetic interaction of two revolutionary concepts, i.e., the Internet of Things and the Physical Internet
Security's Ever-Growing, Ever-Moving Target(Infosecurity Magazine) It would seem there is no airport, no train station, and no mode of transport that has not been used by mobile service providers to demonstrate the capabilities of their networks
Data Breaches Cost $1,000 Per Record: Study(Credit Union Times) Every record compromised in a data breach ends up costing almost $1,000 — and that's probably on the low end, according to a new study by Gladwyne, Penn.-based risk assessment company NetDiligence
FTNT, CUDA, VDSI, PFPT, KEYW slump as FireEye plunges post-earnings (updated)(Seeking Alpha) Fortinet (FTNT -4.2%), Barracuda (CUDA -3.9%), Vasco (VDSI -1.9%), Proofpoint (PFPT -4.6%), and KEYW (KEYW -6.3%) have joined the ranks of enterprise security tech firms selling off in the wake of FireEye's Q3 revenue/billings miss, soft Q4 sales guidance, and full-year billings guidance cut.Other decliners include Palo Alto Networks, CyberArk, and Rapid7. FireEye itself is down 23%.Also: PC/mobile security software firm AVG is down 17.7% after missing Q3 estimates and providing light Q4 guidance. Symantec is up slightly following an FQ2 EPS beat.The PureFunds ISE Cyber Security ETF (HACK -3.1%) has fallen below $27. CyberArk reports after the bell.
AVG Announces Transition of Chief Financial Officer(PRNewswire) AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, today announced that it is initiating a Chief Financial Officer transition. During this period, John Little will remain CFO and maintain all of his existing duties until a successor is named and the transition is complete
Guidance Software Unveils Major Corporate Brand Overhaul(BusinessWire) Guidance Software, makers of EnCase®, the gold standard for digital investigations and endpoint data security, today introduced the company's new corporate brand identity and logo. This major brand overhaul reflects the company's repositioning to focus on broader markets
411 for Hackers: Disclosure Assistance(HackerOne) When a vulnerability is found, it needs to get into the right hands quickly. This is the only way to ensure it will be resolved safely without public harm
Avast releases updated security suite for mobile and PC(ITProPortal) Avast Software, maker of the world's most popular mobile and desktop security products in the world, today announced the launch of its new mobile and PC security solutions to help consumers address their growing privacy concerns
Edward Snowden's Favorite Messaging App: How It Works(Gear & Style Cheat Sheet) If you're an Android user looking for a more secure way to send text messages and make calls, you're in luck. Encrypted chat and call app, Signal, is coming to Android six months after it was first released for iOS
Endpoint Epidemic(MeriTalk) Federal agencies are facing an explosion of endpoints in both volume and variety. However, as endpoints increase, so do cyber vulnerabilities. How are Federal IT managers handling this endpoint epidemic? What's the best approach to building an effective, practical, and enforceable endpoint strategy? What are the challenges and what's the path forward?
Air Force awards emitter detection contract(C4ISR & Networks) Southwest Research Institute has been awarded a $9.4 million Air Force contract to develop technology that can detect and geolocate high-frequency emitters
Legislation, Policy, and Regulation
E.U. seeks to reassure companies about trans-Atlantic data transfers(Business Insurance) The European Commission on Friday will seek to reassure firms operating on both sides of the Atlantic that they can continue to transfer Europeans' personal data to the United States after a court struck down a system used by over 4,000 companies to do just that
FG Urged To Adopt Cyberspace To Boost National Security(Leadership) In furtherance to tackle the rising state of crime and to boost national security, researchers have urged the federal government to consider the use of cyberspace technology as needful, saying it has contributed to the development of many countries and now critical to the socio-economic success of the growth of most nations
States vs. feds: Who does cybersecurity better?(GCN) Federal, state and local governments face different flavors of cybersecurity threats, but there is a common need for additional threat intelligence sharing and better cyber-talent recruitment, a recent research report suggests
Lawmakers move to study car hacking(The Hill) Two congressmen want to study vehicle cybersecurity after several high-profile car hacking incidents thrust the issue into the limelight
DHS Secretary remains focused on E3A, CDM programs(FierceGovernmentIT) Homeland Security Department Secretary Jeh Johnson said he is determined to make "tangible improvements to cybersecurity" in the final months of the Obama administration through the department's EINSTEIN 3 Accelerated and Continuous Diagnostics and Mitigation, or CDM, programs
Cyber official: IT rulebook revamp overdue, but not agile enough(FCW) The federal government is making progress in the never-ending cybersecurity fight, but everything from acquisition to network protection is lagging by decades, said retired Brig. Gen. Gregory Touhill, deputy assistant secretary of cybersecurity and communications at the Department of Homeland Security
DoD still 'working through' cyber strategy implementation(C4ISR & Networks) he Defense Department's cyber strategy released earlier this year outlined several overarching goals, fleshed out narrower objectives and plans for implementation, and hit on a number of Pentagon cyber ambitions. Now, six months after the strategy's late-April release, DoD officials are working to carry out its directives
GAO doesn't fully endorse FITARA scorecard conclusions(FierceGovernmentIT) Yesterday morning, the House Oversight and Government Reform Committee released a scorecard grading agencies on their implementation of the Federal Information Technology Acquisition Reform Act, or FITARA — but during a hearing later that afternoon, a Government Accountability Office official said he did not fully concur with the conclusions the committee drew from agencies' self-reported data
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Public Sector Cybersecurity Summit 2015(Reston, Virginia, USA, December 1 - 2, 2015) The Raytheon|Websense 6th Annual Public Sector Cybersecurity Summit is a unique opportunity to learn about the state of cybersecurity and how to prepare for future threats from many thought provoking government...
Department of the Navy (DON) IT Conference, West Coast 2016(San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...
ICMC (the International Cryptographic Module Conference)(Washington, D.C., USA, November 4 - 6, 2015) ICMC core focus includes cryptographic modules, FIPS 140-2, ISO/IEC 19790 and cryptographic algorithms. Specialists from all over the world gather in Washington to discuss about commercial cryptography...
University of Phoenix® Technology Conference(Arlington, Virginia, USA, November 7, 2015) At the University of Phoenix® Technology Conference 2015, a free event hosted by the University of Phoenix College of Information Systems and Technology, you will be introduced to cyber security,...
Cyber³ Conference: Crafting Security in a less Secure World(Nago City, Okinawa, Japan, November 7 - 8, 2015) An international conference on cyber security hosted by the Government of Japan with the support of the World Economic Forum. At this conference, multi-stakeholders, including policymakers, business leaders,...
FedCyber 2015(Tyson's Corner, Virginia, USA, November 10, 2015) This conference, orchestrated by cyber practitioners Matt Devost and Bob Gourley, is designed to advance the state of cyber defense. The FedCyber.com Threat Expo will bring together thought leaders who...
First International Conference on Anti-Cybercrime (ICACC-2015)(Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...
Black Hat Europe(Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...
Pen Test Hackfest Summit & Training(Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.
Cybersecurity, the SEC and Compliance(New York, New York, USA, November 18, 2015) The recent SEC CyberSecurity Examination Initiative focuses on information safeguards for financial services organizations. Are you prepared? Please join us for a panel discussion on what cybersecurity...
CyberCon 2015(Pentagon City, Virginia, USA, November 18, 2015) CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private sector networks that hold their sensitive data
Internet-of-Things World Forum 2015(London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions
2015 U.S. Cyber Crime Conference(National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...
CyberPoint 2nd Annual Women in Cyber Security Reception(Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...
DefCamp6(Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.