Iranian cyber operators continue to probe US networks with social-media enabled espionage attempts against the State Department.
In Southwest Asia, Turkish hacktivists express their support for Turkey's downing of a Russian combat aircraft along the Syrian border with a takedown of the Russian Central Bank website. (Russia's President Putin has called Turkey a de facto ally of ISIS.)
And north, in the Caucasus, cyber-rioting flares up as Armenian hackers steal bank info from Azerbaijan.
Investigations into the Paris attacks continue, as do inquiries into ISIS recruitment, which seems very much a friends-and-family affair, despite widespread legitimate concern over ISIS's mass appeal.
The Anonymous war on ISIS appears to be fizzling out, despite ongoing media speculation about how the hacktivist collective could degrade jihadist command-and-control. Observers express skepticism that taking down ISIS sites will help, much: one might look to China's Great Firewall (recently bulked up to block VPN use in the hinterlands) as a cautionary example of how effective that approach can be.
The crypto debates continue, post-Paris.
Pearson VUE's Credential Management System has been compromised through a third-party, and malware injected into the system. It's been taken offline pending remediation.
The eDellroot self-signed certificate issue attracts more scrutiny. Criminals are expected to seek to exploit corporate users first, and the vulnerability raises the general risk of man-in-the-middle attacks for everyone, whether they're working on a Dell or not. There are also other problematic certificates in the machines: Duo Security has found two.
Crimeware infestations surge as the holidays arrive.
Today's issue includes events affecting Armenia, Australia, Austria, Azerbaijan, Belgium, China, European Union, France, Germany, India, Iran, Iraq, Italy, Malaysia, Russia, Syria, Taiwan, Turkey, United Kingdom, United States.
As we celebrate Thanksgiving, the CyberWire will not publish this Thursday or Friday. We'll resume normal publication on Monday, November 30. Best wishes for the holiday.
Cyber Attacks, Threats, and Vulnerabilities
Iranian Hackers Attack State Dept. via Social Media Accounts(New York Times) Four months after a historic accord with Tehran to limit its atomic ambitions, American officials and private security groups say they see a surge in sophisticated computer espionage by Iran, culminating in a series of cyberattacks against State Department officials over the past month
Official: Paris attacks organizer was planning more carnage(USA Today) The man believed to have planned the Nov. 13 Paris attacks that killed 130 people and wounded hundreds more had likely planned to carry out another suicide bombing days later in the French capital's business district, the Paris prosecutor said Tuesday
Public Statement Regarding Pearson Credential Manager System(Pearson) We recently were made aware that an unauthorized third party placed malware on Pearson VUE's Credential Manager System—which is used by adult learners to support professional certifications and licenses. The unauthorized third party improperly accessed certain information related to a limited set of our users
GlassRAT linked to earlier geopolitical malware campaigns(Graham Cluley) Security researchers at RSA have discovered that the GlassRAT remote administration trojan (RAT) might have been in the same command and control (C&C) infrastructure shared in geopolitical malware campaigns observed earlier this decade
s2n and Lucky 13(Amazon Web Services Security Blog) Great security research combines extremely high levels of creativity, paranoia, and attention to detail. All of these qualities are in evidence in two new research papers about how s2n, our Open Source implementation of the SSL/TLS protocols, handles the Lucky 13 attack from 2013
'Tis the Season to Risk Mobile Payments(Bluebox) The holiday shopping season has arrived and with increasing popularity of mobile payment apps from Apple Pay to Venmo, consumers are using their mobile devices more than ever to spend and send money
Leaked Data Search Engines Flood Chinese Cyber Underground(Infosecurity Magazine) The Chinese cybercrime underground has evolved to feature search engines to help darknet users find leaked data, and ATM and POS skimmers to capitalize on the growing consumer trend for non-cash payments, according to Trend Micro
Security Patches, Mitigations, and Software Updates
Lenovo Patches Vulnerabilities in System Update Service(Threatpost) Lenovo has patched two serious vulnerabilities that hackers could abuse in targeted attacks, or at scale, to easily guess administrator passwords on a compromised device, or elevate privileges to Windows SYSTEM user
Network protocol analyzer Wireshark 2.0 released(Help Net Security) Wireshark, the most popular network protocol analyzer, has reached version 2.0. It features a completely new user interface which should provide a smoother, faster user experience
Navigating the internet of security nightmares(Technology Spectator) As recently as ten years ago, IT security was an afterthought in the lifecycle of software development with security features often only added after a vulnerability was exploited and it caused meaningful disruption
Remote working on the rise despite security concerns(Help Net Security) Remote working is increasing in popularity as 96 percent of surveyed organisations now permit remote/mobile working, with 98 percent stating that it is advantageous to their organisation, according to Vanson Bourne
Symantec sharpens security arsenal(Business Spectator) Symantec is about to start life as a stand-alone cybersecurity vendor early next year and the company's global CEO, Michael Brown, is confident its burgeoning coffers and a razor-sharp focus in the enterprise space gives it the ammunition to shake up the market
RedSeal Selected as a 2015 Red Herring Top 100 Global(Marketwired) RedSeal (redseal.co), the cybersecurity analytics company, today announced it has been selected as a 2015 Red Herring Top 100 Global winner for its work helping organizations maximize digital resilience against cyber events
Data Integrity(National Institute of Standards and Technology (NIST)) Constant threats of destructive malware, malicious insider activity, and even honest mistakes create the imperative for organizations to be able to quickly recover from an event that alters or destroys data
New Bank Examination Procedures for Cybersecurity(JDSupra) There is no more pressing problem facing business organizations today, of all types, than cybersecurity threats. For a highly regulated industry like banking, regulators are watching closely to see how the IT governance structure at a bank can manage this risk
Lessons learned from the Adobe data breach(TechTarget) Adobe CSO Brad Arkin spoke at the recent Privacy. Security. Risk. 2015 event about his experiences dealing with the company's massive data breach two years ago
VW's Slow Agony Illustrates Carmakers' Problem With Software(IEEE Spectrum) Behind the bit-by-bit revelations of Volkswagen's emissions-cheating scandal lies a larger problem: old-line carmakers are increasingly out of their element in a software-driven manufacturing world, aka the Internet of Things
India and Malaysia sign cyber-security pact(First Post) India and Malaysia signed three agreements on cyber-security, cultural exchange and infrastructure development on Monday, the third day of Prime Minister Narendra Modi's visit to this southeast Asian nation
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Energy Tech 2015(Cleveland, Ohio, USA, November 30 - December 2, 2015) Now in its 5th year, EnergyTech 2015 seeks the convergence of the best minds in policy, systems engineering and applied technology to address some of the critical issues of our time. In addition to its...
IoT Security Foundation Conference(London, England, UK, December 1, 2015) The is the first official conference of IoTSF. It follows on from the IoT Security Summit earlier in the year, maintaining the momentum of the theme. Delegates can expect a similar level of quality of...
Public Sector Cybersecurity Summit 2015(Reston, Virginia, USA, December 1 - 2, 2015) The Raytheon|Websense 6th Annual Public Sector Cybersecurity Summit is a unique opportunity to learn about the state of cybersecurity and how to prepare for future threats from many thought provoking government...
Enterprise Security and Risk Management(London, England, UK, December 2, 2015) Whitehall Media's 4th ESRM conference will bring together hundreds of leading InfoSec, cyber security and risk management professionals to discuss the latest industry developments and identify the most...
Cargo Logistics America(San Diego, California, USA, December 2 - 3, 2015) Cargo Logistics America (CLA) connects freight owners with freight movers, fostering multimodal synergy between diverse stakeholders in import, export and domestic supply chains. This year's conference...
NG Security Summit US(Austin, Texas, USA, December 2 - 4, 2015) The NG Security Summit US will bring together 65 senior decision makers and business leaders from across the region. The event aims to solve key business challenges. In particular, the ability to network...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Cloud Security Alliance Summit Los Angeles 2015(Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...
Cyber Security Breakdown: Washington DC(Washington, DC, USA, December 3, 2015) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Cyber Security Exchange(Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
2015 Cyber Security Exchange(Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
Disrupt London 2015(London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.