Researchers independently find significant zero-days in Kaspersky and FireEye products. Kaspersky is working on a patch; FireEye has contacted the researchers for information that might help it determine whether remediation is necessary. The two incidents raise interesting issues concerning responsible disclosure and the payment of bug bounties. All the parties involved say they're in favor of responsible disclosure, but FireEye and those who discovered its systems' issues differ, apparently, over bounties. (Comments to the linked articles are worth more attention than usual.)
Damballa notes the reappearance of the TVSPY threat actors, whose stock in trade is exploitation of vulnerabilities in the Teamviewer remote administrator tool.
Mozilla finds that a bad actor compromised Bugzilla and may have lurked there since 2013 with the apparent aim of obtaining information on Firefox vulnerabilities.
Android and iOS vulnerabilities continue to receive researchers' attention.
The campaign to map infosec professional networks on LinkedIn again shows the risk sockpuppets and catphish pose (and how difficult it can be to recognize bogus personae). Meanwhile TrendLabs takes a look at Ashley Madison and asks a good question: how did their honeypots wind up with adulterous dating accounts? TrendLabs is pretty sure their honeypots wouldn't have signed up on their own…
Microsoft and BlackBerry make security acquisitions.
China and Russia maintain and tighten their policy of close Internet control, with Chinese attention going to VPN restriction, Russian to general surveillance (Snowden notices, disapproves of the latter).
The US (or at least its State Department) gropes toward a cyber "playbook."
Today's issue includes events affecting Australia, Austria, Belarus, Brazil, Canada, China, Estonia, European Union, Germany, Hungary, India, Iran, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Latvia, Malaysia, Moldova, Netherlands, New Zealand, Nigeria, Norway, Oman, Russia, Singapore, United Kingdom, United States, and Zimbabwe.
This Thursday we'll be covering two events: the second annual Senior Executive Cyber Security Conference at the Johns Hopkins University in Baltimore, and GovConnect's Cyber 6.0 in Howard County, Maryland. Watch for live tweets and full conference reports.
Cyber Attacks, Threats, and Vulnerabilities
Kaspersky And FireEye Security Products Cracked By Researchers(International Business Times) As the world becomes ever more digital, it is a great time to be in the cybersecurity business with everything from our cars to our most critical infrastructure being controlled by computers and therefore at risk of attack
Sinking into the iOS Quicksand Vulnerability(TrendLabs Security Intelligence Blog) Our investigation on the iOS Quicksand vulnerability (designated with CVE-2015-5749) leads us to the conclusion that this security gap, despite its serious risks to confidential data, is difficult to exploit due to its required specific conditions
Ashley Madison, Why Do Our Honeypots Have Accounts On Your Website?(TrendLabs Security Intelligence Blog) She is 33 years old, from Los Angeles, 6 feet tall, sexy, aggressive, and a "woman who knows what she wants", according to her profile. She is intriguing. However, her intrigue doesn't end there: her email address is one of Trend Micro's email honeypots. Wait— what?
COSO–Guided Cybersecurity: Risk Assessment(Wall Street Journal) As cyber risk continues to be a critical topic of discussion in the C-suite and boardroom, organizations should consider how to adapt cyber security strategies, processes and technologies to meet this significant and constantly evolving threat
HDD firmware: Hacking in the dark(HP Security Research Blog) In light of the recent publicity around malware that can remain persistent in hard drive firmware, it seems reasonable to seek a better understanding of what actually happens inside the hard drive
Cybersecurity: 6 schools with the right stuff(FCW) For all of the finger-pointing and blame-shifting that followed the massive hacks of the Office of Personnel Management, lawmakers and officials agree on this much: The federal government needs more cybersecurity professionals
Legislation, Policy, and Regulation
China Continues Its Crackdown On VPN Services(TechCrunch) China is showing no sign of letting up on internet users who seek to hurdle its censorship system after it began imposing new restrictions on a popular censorship avoidance service in the country
Is It Time to Appoint a Data Security Czar?(RAND Blog) The increasingly alarming news about government-held data security breaches should cause Americans to seriously question whether the U.S. government at all levels is doing everything it could — and should — to protect the data it collects
Second Review Says Classified Information Was in Hillary Clinton's Email(New York Times) A special intelligence review of two emails that Hillary Rodham Clinton received as secretary of state on her personal account — including one about North Korea's nuclear weapons program — has endorsed a finding by the inspector general for the intelligence agencies that the emails contained highly classified information when Mrs. Clinton received them, senior intelligence officials said
Arrests Tied to Citadel, Dridex Malware(KrebsOnSecurity) Authorities in Europe have arrested alleged key players behind the development and deployment of sophisticated banking malware, including Citadel and Dridex
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
MeriTalk: Cyber Security Brainstorm(Washington, DC, USA, September 23, 2015) Co-locating with the NIST Cloud Security Working Group, this MeriTalk Brainstorm has an excellent program lined up, featuring keynote speakers Allison Tsiumis (Section Chief, Cyber Intelligence Section,...
2015 Government Cybersecurity Forum(Washington, DC, USA, October 20, 2015) The Government Cybersecurity Forum was created three years ago a result of the complexity of today’s global threat environment. As more devices connect to the Internet and data breaches continue to escalate,...
Data Breach Summit Asia 2015(Mumbai, India, October 28, 2015) As Cyber Security continues to become a challenge for all industries, ISMG's Data Breach Summit a unique, one-day event will focus on the issues to help the participants learn more about how to prevent...
FedCyber 2015(Tyson's Corner, Virginia, USA, November 10, 2015) This conference, orchestrated by cyber practitioners Matt Devost and Bob Gourley, is designed to advance the state of cyber defense. The FedCyber.com Threat Expo will bring together thought leaders who...
SIN 2015(Sochi, Russia, September 8 - 10, 2015) The 8th International Conference on Security of Information and Networks (SIN 2015) provides an international forum for presentation of research and applications of security in information and networks.
NSPW (New Security Paradigms Workshop)(Twente, Netherlands, September 8 - 11, 2015) Although NSPW is more of a workshop than a conference, it has earned its right to be included in this list. Since 1992, NSPW has been offering a unique forum for cyber security specialists involved in...
Global Cyberspace Cooperation Summit VI(New York, New York, USA, September 9 - 10, 2015) An invitation-only event, this meeting of international actors aims to coordinate and consolidate progress, showcase results and promote collective action. The annual cyber summits provide a crucial forum...
Intelligence and National Security Summit(Washington, DC, USA, September 9 - 10, 2015) AFCEA International (AFCEA) and the Intelligence and National Security Alliance (INSA) are pleased to host the second Intelligence and National Security Summit to provide the platform for this essential...
Cybersecurity Innovation Forum(Washington, DC, USA, September 9 - 11, 2015) The 2015 Cybersecurity Innovation Forum is a three-day event hosted by the National Institute of Standards and Technology, and planned with the National Security Agency, and the Department of Homeland...
[New Date] Cyber 6.0(Laurel, Maryland, USA, September 10, 2015) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
2nd Annual Senior Executive Cyber Security Conference(Baltimore, Maryland, USA, September 10, 2015) The one-day symposium will examine the potential advantages and pitfalls of an information-sharing strategy from the technological, business and regulatory perspectives
BSides Augusta 2015(Augusta, Georgia, USA, September 12, 2015) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
Gulf Cooperation Council Cyber Security Summit(Abu Dhabi, United Arab Emirates, September 13 - 15, 2015) The GCC Cyber Security Summit will bring together regional and international thought leaders and decision-makers to examine one of the most vital threats to the region's future well-being: cyber-attack.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.