Lawfare reads ISIS's online magazine and discerns in the group's information operations an oddly Trotskyite intention: worsen conditions and heighten contradictions, thereby bringing about not the revolution, but a worldwide Caliphate.
An Anonymous group takes a poke at ISIS by defacing an ISIS website with a bogus Viagra ad. (Higher priorities, however, engage the hacktivist collective: punishing Iceland in cyberspace for Icelandic whaling.) Pro-ISIS hackers deface a Wisconsin county's veterans' services page with a perfunctory Islamist message.
Iran's foreign ministry denies anything to do with hacks of the US State Department, but says the US deserved them anyway.
Cyber-rioting between Indian and Pakistani hacktivists continues.
Toy maker VTech has been breached, and customer data lost.
The Encoder ransomware family continues its spread through Linux servers, with an odd promise to victims: if you're in Russia or the Commonwealth of Independent States (that is, the friendlier or more frightened precincts of the Near Abroad), the criminals are sorry and will decrypt your files at no charge to you.
iSight describes the ModPOS point-of-sale malware as unusually dangerous and stealthy. Some agree, but others (notably Verizon) remain skeptical, so the jury's still out.
LANDESK reports a breach that exposed employees' personal information, but some insiders hint the threat may be broader.
Analysts warn that medical devices are soon likely to be targets of new attacks, including ransomware.
Industry digests news that cyber security will now affect credit ratings.
NSA stopped bulk collection of phone records Sunday. Many policy wonks already miss it.
Today's issue includes events affecting Australia, Armenia, Azerbaijan, Belarus, Belgium, Bulgaria, Canada, China, Czech Republic, European Union, France, Iceland, India, Iran, Iraq, Kazakhstan, Democratic Peoples Republic of Korea, Republic of Korea, Kyrgyzstan, Moldova, Pakistan, Russia, Singapore, Sweden, Syria, Tajikistan, United Kingdom, United States, Uzbekistan, and Vietnam.
Cyber Attacks, Threats, and Vulnerabilities
What Does ISIS Really Want Now?(Lawfare) In the latest issue of Dabiq, ISIS's on-line magazine, the organization sets forth two principal but contradictory goals, which it labels "options"
On China's fringes, cyber spies raise their game(Reuters) Almost a year after students ended pro-democracy street protests in Hong Kong, they face an online battle against what Western security experts say are China-sponsored hackers using techniques rarely seen elsewhere
Breach at IT Automation Firm LANDESK(KrebsOnSecurity) LANDESK, a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information
Nest refutes webcam spying claims(Naked Security) Home surveillance manufacturer Nest has dismissed reports of secret surveillance by its internet-connected Nest Cam
Welcome to the Internet of stupid (hackable) things(CIO) The rise of IoT technology brings with it the promise of innovation the likes of which we've never seen. But the reality of everything being connected can have unintended consequences, not all of them useful
Tis the season…of malware(CSo) Every year cybercriminals find the time to give out holiday malware. It is their way of giving back to the community, so instead of look out for these pieces of malware coal
Hotel sector faces 'cyber crime wave'(Financial Times) The hotel industry is the next big target for cyber criminals, experts have warned, after Hilton became the fourth major hotel group to have customers' credit card details hacked
Quarter of Brits Would Switch Providers Following a Breach(Infosecurity Magazine) More than two-thirds of consumers would stop using a bank or retailer's web site if the firm suffered a data breach, according to new research from NTT Com Security, which drives home the importance of effective cybersecurity as we head into the busy festive season
Cyberattacks On Firms Posing Credit Risk(CXO Today) Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services
A cybersecurity future in Baltimore(Baltimore Sun) Soon enough your blender will be able to communicate when its blades are becoming dull and at the same time instruct you where to go to purchase new ones — at the lowest price, we hope
Fortinet hires Intel Security CTO Tyson Macaulay(Infotech Lead) Cyber security solutions provider Fortinet today announced the appointment of Intel Security CTO Tyson Macaulay as chief security strategist and vice president of consulting services
Seven Tips to Protect Your Computer Online(IRS Security Awareness Tax Tip Number 1) The Internal Revenue Service, the states and the tax industry urge you to be safe online and remind you to take important steps to help protect yourself against identity theft
ODNI Announces Transition to New Telephone Metadata Program(IC on the Record) In January 2014, in a speech at the Department of Justice to address domestic and international concerns regarding U.S. intelligence activities, President Obama announced that the Intelligence Community would end the NSA bulk telephony metadata program conducted under Section 215 of the USA PATRIOT Act
NSA's bulk collection of Americans' phone records ends Sunday(Washington Post) The National Security Agency on Sunday will end its mass collection of data about Americans' phone calls under the Patriot Act, 2 1/2 years after a leak by former NSA contractor Edward Snowden forced the government to confirm its existence
After Paris, US Political Shift on Privacy Vs. Security(ABC News) The Paris attacks have renewed debate on the U.S. government's post-Sept. 11 domestic surveillance laws, leading to efforts to revive the issue on Capitol Hill and handing Marco Rubio an opening against Ted Cruz in the Republican presidential race
Congress struggles to secure nation's power grid(The Hill) Policymakers are searching for ways to defend the nation's power grid from a major cyberattack, amid concerns the industry's digital defenses are dangerously lagging and underfunded
Fort Sill trains soldiers for electronic battle(Military Times) In war-torn eastern Ukraine and Syria, experts say Russian forces are using sophisticated equipment and techniques to shut down battlefield communications, effectively leaving enemy forces blind
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Energy Tech 2015(Cleveland, Ohio, USA, November 30 - December 2, 2015) Now in its 5th year, EnergyTech 2015 seeks the convergence of the best minds in policy, systems engineering and applied technology to address some of the critical issues of our time. In addition to its...
IoT Security Foundation Conference(London, England, UK, December 1, 2015) The is the first official conference of IoTSF. It follows on from the IoT Security Summit earlier in the year, maintaining the momentum of the theme. Delegates can expect a similar level of quality of...
Public Sector Cybersecurity Summit 2015(Reston, Virginia, USA, December 1 - 2, 2015) The Raytheon|Websense 6th Annual Public Sector Cybersecurity Summit is a unique opportunity to learn about the state of cybersecurity and how to prepare for future threats from many thought provoking government...
Enterprise Security and Risk Management(London, England, UK, December 2, 2015) Whitehall Media's 4th ESRM conference will bring together hundreds of leading InfoSec, cyber security and risk management professionals to discuss the latest industry developments and identify the most...
Cargo Logistics America(San Diego, California, USA, December 2 - 3, 2015) Cargo Logistics America (CLA) connects freight owners with freight movers, fostering multimodal synergy between diverse stakeholders in import, export and domestic supply chains. This year's conference...
NG Security Summit US(Austin, Texas, USA, December 2 - 4, 2015) The NG Security Summit US will bring together 65 senior decision makers and business leaders from across the region. The event aims to solve key business challenges. In particular, the ability to network...
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
Cyber Security Breakdown: Washington DC(Washington, DC, USA, December 3, 2015) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
Cloud Security Alliance Summit Los Angeles 2015(Los Angeles, California, USA, December 3, 2015) The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area. Hosted by the CSA LA/SoCal chapter, some 200 well-qualified attendees are expected. The theme is "Enterprise...
2015 Cyber Security Exchange(Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...
Disrupt London 2015(London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt?...
Passwords 2015(University of Cambridge, England, UK, December 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial.
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
NSA RCTCON(Fort Meade, Maryland, USA, December 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure (New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.