More scrutiny for Germany's Bundesnachrichtendienst (BND), reported to have collected against "partners" in operations Berlin calls "beyond the BND's remit."
Iran's Rocket Kitten cyber espionage group gets poor reviews (and a lots of Schadenfreude) for its slovenly OPSEC.
Tunisian Islamists deface webpages belonging to North London's JFS, Europe's largest Jewish school, with anti-Israel, pro-Palestinian messages. Elsewhere the Hill notes the growing scope and impact of hacktivism ("cyber vigilantes") as a general phenomenon.
njRAT morphs into KillerRat, with enhanced anonymity and more capable spying.
Palo Alto Networks discovers a new, modular Trojan infesting targets in Thailand. "Bookworm" is similar to earlier Chinese-run exploits. It abuses legitimate executables found in either Kaspersky Anti-Virus or Microsoft Security Essentials.
Ransomware continues its run as a major criminal threat. Mac users are in criminal developers' crosshairs, so their sense of (relative) immunity may be short-lived. Poorly written ransomware has recently work to the victims' advantage, but not so this week: "Power Worm's" buggy code inadvertently dumps its encryption key, making recovery impossible even if victims pony up.
Many vendors issue patches. Microsoft is reworking one fix that's had unintended bad consequences for functionality.
Last week's stock sell-offs prompt M&A talk.
Tenable's big infusion of cash set off IPO speculation (but Tenable says you'll know its IPO when you see it).
Microsoft opens a data center in Germany as a hedge against EU privacy requirements, especially should the trans-Atlantic Safe Harbor regime not return.
US prosecutors indict suspects for hacks of JPMorgan, eTrade, Scottrade and others.
Today's issue includes events affecting Brazil, China, Denmark, Egypt, Estonia, European Union, Finland, Germany, Iran, Israel, Japan, Latvia, Lithuania, Norway, Sweden, Thailand, Tunisia, Turkey, United Kingdom, United States.
Cyber vigilantes flex growing power(The Hill) Activist hackers — so-called hacktivists — are getting harder to differentiate from more serious threats such as terrorist groups and nation-state cyber warriors, security researchers say
Operation Buhtrap malware distributed via ammyy.com(We Live Security) We noticed in late October that users visiting the Ammyy website to download the free version of its remote administrator software were being served a bundle containing not only the legitimate Remote Desktop Software Ammyy Admin, but also an NSIS (Nullsoft Scriptable Installation Software) installer ultimately intended to install the tools used by the Buhtrap gang to spy on and control their victims' computers
Backdoor Trojan Ingeniously Hidden Within Joomla Logo(Spamfighter News) Security firm Sucuri that practices developing security software to benefit website operators recently unearthed one clever tactic of hackers who were capable of concealing backdoor Trojan inside as innocuous a place as the logo site of Joomla Content Management System (CMS)
Rooted, Trojan-infected Android tablets sold on Amazon(Help Net Security) If you want to buy a cheap Android-powered tablet, and you're searching for it on Amazon, the best thing you can do is carefully read all the negative reviews you can find. If you are lucky, you'll see some that will warn you about the device being rooted and coming pre-installed with malware
Alert (TA15-314A) Web Shells — Threat Awareness and Guidance(US-CERT) This alert describes the frequent use of web shells as an exploitation vector. Web shells can be used to obtain unauthorized access and can lead to wider network compromise. This alert outlines the threat and provides prevention, detection, and mitigation strategies
Patch Tuesday demonstrates strength of Microsoft Edge browser security(CSO) It's Patch Tuesday time again. Microsoft released a total of 12 new security bulletins this month, fixing a combined total of 49 separate vulnerabilities. There are eight ranked as Important, and four rated as Critical — including cumulative updates for Internet Explorer and the newer Microsoft Edge browser
Security updates available for Adobe Flash Player(Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system
SAP Security Patch Day — November 2015(SAP Community Network) This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that the customer visits the Support Portal and applies patches on a priority to protect his SAP landscape
SAP Security Notes November 2015 — Review(ERPScan) SAP has released the monthly critical patch update for November 2015. This patch update closes 23 vulnerabilities in SAP products (15 Patch Day Security Notes and 8 Support Package Security notes), 13 of which are high priority, some of them belong to the SAP HANA security area. The most common vulnerability is Code injection
Health Insurance for Data Breaches(National Law Review) In a previous post we reviewed insurance coverage that is now available to protect companies against potential third-party claims resulting from their failure to protect the private or confidential data of consumers and other businesses
Tenable Network CEO: 'You'll Know When We're Going To IPO'(DCInno) On Tuesday, Columbia, Md.-based cybersecurity firm Tenable Network Security shocked the startup world with the announcement of a record shattering $250 million Series B funding round led by two prominent venture capital firms, Insight Venture Partners and Accel Venture Partners
ORWL Aspires To Be A Secure PC(InformationWeek) The small, tamper-resistant device is the focus of a Kickstarter campaign. Olivier Boireau, CEO of Design SHIFT, makers of the ORWL, said he believes the device will appeal to companies interested in privacy and data security
Data capacity, analysis, expertise drive IoT work at NASA(FierceGovernmentIT) The Internet of Things is getting a lot of attention at NASA, as the IT organization looks to support new ways sensors and advanced networks can drive its mission. With the addition of end points that collect information, much of the conversation centers around the data, said John Sprague, deputy chief technology officer for IT at NASA
Iowa State University Wins National Cyber Analyst Challenge(PRNewswire) A cyber competition created by Lockheed Martin (NYSE: LMT) and Temple University's Institute for Business and Information Technology (IBIT) to fill the ever-growing need for cyber analysts has a winner. A student team from Iowa State University was awarded $25,000 as the winner of the first National Cyber Analyst Challenge
TPP Countries Can't Insist on Software Code Disclosure(Bloomberg BNA) National laws mandating access to the source code of mass-market software as a condition of selling software in those countries would be prohibited under the electronic commerce chapter of the Trans-Pacific Partnership trade agreement
One Defense: Bridging the Pentagon and Silicon Valley(War on the Rocks) Former Secretary of Defense Donald Rumsfeld once said, "try to make original mistakes, rather than needlessly repeating theirs [previous Administrations]." The Department of Defense is on the verge of repeating old mistakes and in the process of committing some original ones, including some in the name of innovation
DISA director: Cyber threat forced new command to evolve on the fly(Defense Systems) For Lt. Gen. Alan Lynn, director of the Defense Information Security Agency and commander of the Joint Force Headquarters Department of Defense Information Networks, or JFHQ-DODIN, who assumed both responsibilities in July, the ongoing cyber threat forced him to neglect his post at DISA for some time initially
Army Learning How Cyber Support Plays Role In Tactical Operations(Defense News) The Army's cyber branch is using pilot programs and training center rotations to show commanders at a variety of echelons what cyber capabilities can be brought to the table and, at the same time, refine how cyber will be a part of tactical operations both on the defensive and offensive side, cyber leaders said Tuesday at an Association of the US Army forum
What a big Navy breach taught the Army(FCW) A Navy operation that began in August 2013 to drive Iranian hackers from the unclassified portion of the service's intranet has had a lasting impact on the Navy's approach to network security
Veterans Affairs names new permanent CISO(Federal Times) The Veterans Affairs Department has a new full-time chief information security officer, Brian Burns, a longtime VA employee and health IT security expert
U.S. charges three in huge cyberfraud targeting JPMorgan, others(Reuters) U.S. prosecutors on Tuesday unveiled criminal charges against three men accused of running a sprawling computer hacking and fraud scheme that included a huge attack against JPMorgan Chase & Co and generated hundreds of millions of dollars of illegal profit
Arrests in JP Morgan, eTrade, Scottrade Hacks(KrebsOnSecurity) U.S. authorities today announced multiple indictments and arrests in connection with separate hacking incidents that resulted in the theft of more than 100 million customer records from some of the nation?s biggest financial institutions and brokerage firms, including JP Morgan Chase, E*Trade and Scottrade
Court Docs Show a University Helped FBI Bust Silk Road 2, Child Porn Suspects(Motherboard) An academic institution has been providing information to the FBI that led to the identification of criminal suspects on the dark web, according to court documents reviewed by Motherboard. Those suspects include a staff member of the now-defunct Silk Road 2.0 drug marketplace, and a man charged with possession of child pornography
Justice officials fear nation's biggest wiretap operation may not be legal(USA TODAY) Federal drug agents have built a massive wiretapping operation in the Los Angeles suburbs, secretly intercepting tens of thousands of Americans? phone calls and text messages to monitor drug traffickers across the United States despite objections from Justice Department lawyers who fear the practice may not be legal
Standing in Data Breach Cases: A Review of Recent Trends(Bloomberg Law) For most substantial companies, it is said, experiencing a data breach is not a matter of "if," but "when." Particularly when a company is consumer-facing, any publicized data breach is likely to be followed by consumer class action lawsuits
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
First International Conference on Anti-Cybercrime (ICACC-2015)(Riyadh, Saudi Arabia, November 10 - 12, 2015) Al Imam Mohammad Ibn Saud Islamic University is organizing this international conference to establish a forum where discussions on vital issues related to anti-cybercrime can occur. This conference will...
Black Hat Europe(Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...
Pen Test Hackfest Summit & Training(Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.
Cybersecurity, the SEC and Compliance(New York, New York, USA, November 18, 2015) The recent SEC CyberSecurity Examination Initiative focuses on information safeguards for financial services organizations. Are you prepared? Please join us for a panel discussion on what cybersecurity...
CyberCon 2015(Pentagon City, Virginia, USA, November 18, 2015) CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private sector networks that hold their sensitive data
Internet-of-Things World Forum 2015(London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions
2015 U.S. Cyber Crime Conference(National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...
CyberPoint 2nd Annual Women in Cyber Security Reception(Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...
DefCamp6(Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.