The Panama Papers claimed their first high-profile scalp yesterday, as Iceland's Prime Minister Sigmundur Davíð Gunnlaugsson resigned over allegations that his family sought to conceal large amounts of money in offshore accounts.
How the Panama Papers leaked remains unclear, and presumably under investigation. The law firm whose papers they were—Mossack Fonseca—has called the incident "an email server hack" and definitely not an inside job. But this brief statement leaves a great deal unexplained.
How journalists sifted through the enormous trove of documents is perhaps a bit clearer. At any rate, Nuix says that its big data analysis tool Investigator Workstation was used by the Süddeutsche Zeitung and the International Consortium of Investigative Journalists as they developed the story over the past several months.
Security industry observers see the incident as a clear instance of two trends: first, the enormous quantity of highly sensitive information law firms hold, and, second, the relatively porous defenses with which those firms surround that information.
Avast warns that a malicious search-engine-optimization (SEO) campaign is attacking vulnerable WordPress and Joomla installations.
Some one hundred problematic Android apps have been found in the Google Play Store. Google has also booted the popular Chrome extension Better History after it was found to be hijacking browser sessions and redirecting users to ad pages.
Customized ransomware—which now calls its intended victims by name—has, Proofpoint researchers warn, turned up in spearphishing campaigns.
US NSA Director Rogers has recommended that Congress designate U.S. Cyber Command a Combatant Command.
Today's issue includes events affecting Argentina, Australia, Austria, British Virgin Islands, China, Egypt, European Union, France, Germany, Iceland, India, Iran, Israel, Morocco, Netherlands, Niue, Panama, Qatar, Russia, Saudi Arabia, Serbia, Spain, Sweden, Turkey, Ukraine, United Kingdom, United States.
Tomorrow we'll be covering the CAMI Cyber Risk Management 360 conference in Baltimore, Maryland, on Thursday. Watch for our usual live-Tweets and extra.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, in which we'll talk with the University of Maryland's Ben Yelin on ransomware and HIPPA.
SINET IT Security Entrepreneurs Forum (ITSEF) 2016(Mountain View, California, USA, April 19 - 20, 2016) The IT Security Entrepreneurs Forum (ITSEF) offers a venue for entrepreneurs to meet leaders of government, business and the investment community for open collaboration on the challenges of cybersecurity.
Dateline Billington CyberSecurity International Summit
U.S. officials: World needs to follow our lead on cyber norms - Fedscoop(Fedscoop) Even as the U.S. government shores up its own beleaguered cyber defenses, its officials are touting their progress setting cybersecurity standards — saying the rest of the world should follow the U.S. to protect itself online. Two U.S. officials — Deputy Homeland Security Secretary Alejandro Mayorkas and State Department Coordinator for Cyber Issues Chris Painter — implored a …
Cyber-Attack Against Ukrainian Critical Infrastructure(ICS-CERT) On December 23, 2015, Ukrainian power companies experienced unscheduled power outages impacting a large number of customers in Ukraine. In addition, there have also been reports of malware found in Ukrainian companies in a variety of critical infrastructure sectors. Public reports indicate that the BlackEnergy (BE) malware was discovered on the companies’ computer networks, however it is important to note that the role of BE in this event remains unknown pending further technical analysis
PowerWare or PoshCoder? Comparison and Decryption(AlienVault Blogs) PowerWare was brought to my attention by Carbon Black via their blog post. PowerWare is downloaded by a malicious macro-enabled Microsoft Word document that is distributed via a phishing email campaign. The malicious document in question attempts to convince the user to enable macros by informing them that the file is protected by Microsoft Office. This, of course, is a farce. Once the macro is enabled, the PowerWare payload will be downloaded and executed. PowerWare, unfortunately, is hitting
Incident response teams dealing with 3 to 4 Ransomware incidents weekly(CSO Online) Ransomware has gone from a niche attack to a booming criminal market since its introduction in 2013. Dozens of organizations have faced Ransomware attacks this year, and some of them have turned to Stroz Friedberg for help. In an interview with Salted Hash, the company says they were dealing with three to four Ransomware cases per week in the first quarter of 2016.
BillGates Malware used in DDoS Attacks(Akamai Blog) By Bill Brenner, Akamai SIRT Senior Tech Writer Akamai's Security Intelligence Research Team (SIRT) continues to see the BillGates trojan/bot family of malware being used to launch DDoS attacks. Attackers who control the malware -- first disclosed on a Russian...
New Variant of TinyPOS Discovered(SecurityWeek) TinyPOS malware gathers input card data before the system can encrypt it, but is written in "'hand rolled' assembly language and comes in at only 5120 bytes."
YAFP (Yet Another Flash Patch) - SANS Internet Storm Center (SANS Internet Storm Center) SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.
5 reasons you need to hire a Chief Privacy Officer(CSO Online) Businesses are increasingly relying on data, but they're overlooking another key aspect of data: privacy. In order to keep up with the growing regulations surrounding data privacy, it may be time to hire a Chief Privacy Officer.
Envisioning the CISO of 2020(InfoRiskToday) Ahmed Baig, founder of the CISO Council of UAE, says security leadership via fear, uncertainty and doubt is a thing of the past. In fact, future CISOs who use those
ThreatTrack Launches VIPRE® Endpoint Security(Yahoo! Finance) Latest VIPRE for Business solution is powered by the new VIPRE anti-malware engine, which ranks among the top-performing antivirus products in the world, according to AV-Comparatives
FTC debuts web tool for health app makers(Fedscoop) The Federal Trade Commission unveiled a new online tool to help mobile health app developers figure out what federal laws and regulations might apply to their products. The tool asks developers a series of yes-or-no questions, each related to one of four possibly applicable laws: the Health Insurance Portability and Accountability Act, the Federal Food, Drug
A retailers guide to cyber security(Information Age) In recent times, mobile smart devices and cloud-based platforms have been the predominant sources of new security challenges and have received the majority of attention by businesses. Their proliferation has rapidly produced ‘perfect storm’ conditions, with the traditional security models and practices in place unable to keep pace with emerging threats. Added to this, the importance and amount of data retailers transmit within an omnichannel operational landscape makes the security challenge greater. >See also: How retailers can combat the growing tide of cyber attacks Last year, 38% more security incidents were reported than in 2014, but the increase in the retail sector was an enormous 154%. Here are the main security threats that retailers should address. 1. Making BYOD policies smart The benefits and risks with bring your own device (BYOD) at work are largely known. Data leakage and control of intellectual property is at the top of the risk list, as users can easily…
Phishing Attacks Prevented by SCAM(ISS Source) Educating employees on how to recognize phishing emails, those authentic-looking messages that encourage users to open a malicious hyperlink or attachment that
Wendy Hall Named Kluge Chair in Technology and Society(The Library of Congress) Dame Wendy Hall, professor of computer science at the University of Southampton, England, and an early pioneer in serious research on computing and the web, has arrived at the John W. Kluge Center at the Library of Congress as the Kluge Chair in Technology and Society.
Hands-On CyberSec Skills Needed(InfoRiskToday) Each year the skills gap estimate for cybersecurity goes up, with few concerted, industry-wide efforts to address the issue. What organizations in all sectors truly
Senate Leaders Set to Expand Role of U.S. Cyber Command in New Defense Bill(USNI News) The Senate Armed Services Committee’s version of the defense authorization bill will call for making U.S. Cyber Command a functional combatant command and also recommend consolidating some geographic commands, the panel’s chairman and ranking member said Tuesday. When asked at a hearing whether Cyber Command was mature enough for such a step, Adm. Michael Rogers …
CIA drops plan to destroy most email records(FierceGovernmentIT) Facing widespread criticism, the Central Intelligence Agency has formally withdrawn its plan to destroy email records of most agency officials, the National Archives and Records Administration told the Federation of American Scientists
DNI Clapper Signs IC Transparency Council Charter(IC ON THE RECORD) On April 5, 2016, Director of National Intelligence James Clapper formalized the transition of the Intelligence Community Transparency Working Group into a permanent IC Transparency Council with his signature on the Council Charter. The IC’s Transparency Working Group, made up of senior officers from across the Intelligence Community, was established over two years ago to develop the Principles of Intelligence Transparency, which provide guidance to the Intelligence Community on being more transparent with the public, while protecting the sources and methods necessary for performing its national security mission. The Working Group then created an Implementation Plan to put these Principles into action across the community. Recognizing the importance of the transparency initiative, the DNI directed that the Working Group be elevated to a permanent entity in the form of a Council. With its Charter in place, the Council will be responsible for overseeing the Transparency Implementation Plan and ensuring that transparency becomes a comprehensive and sustainable practice within the Intelligence Community. Read IC Transparency Council Charter (photo by Brian Murphy, ODNI Public Affairs)
Poll: People Don't Mind Hacking to Fight Terrorism(Morning Consult) The Federal Bureau of Investigation’s solution to opening a locked iPhone used by a San Bernardino shooter reflects how public generally wants government policing to work, a new Morning Consult poll shows. Voters do, however, think law enforcement officials should tell manufacturers about any vulnerabilities they exploit during criminal investigations. (See poll toplines and crosstabs.) A healthy majority of registered voters (57 …
The impact of the new Trans-Atlantic privacy law(CSO Online) After 20 years of relative calm regarding the handling of personal data of EU citizens by U.S. companies, events over the past six months have instigated widespread reform. While the resolution is yet to be confirmed, the building blocks for a modern, cross-border data privacy agreement have begun to take shape.
Litigation, Investigation, and Law Enforcement
FBI Analyzing Data From San Bernardino iPhone for Leads (WSJ) The Federal Bureau of Investigation is still analyzing data on the iPhone used by a San Bernardino, Calif., terrorist and won’t decide whether to talk about what it has found until after that examination is complete, a senior FBI official said Tuesday.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
ISSA LA Eighth Annual Information Security Summit(Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
Cyber Security Summit Atlanta(Atlanta, Georgia, USA, April 6, 2016) The Inaugural Atlanta Cyber Security Summit will be held April 6th at the Ritz-Carlton, Buckhead. This event is for Sr. Executives only. We are Honored to have the US Asst. Attorney General of National...
ASIS 15th European Security Conference & Exhibition(London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world
ISC West 2016(Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.
ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world.
Cyber Risk Management 360(Baltimore, Maryland, USA, April 7, 2016) The Cybersecurity Association of Maryland, Inc. (CAMI) is partnering with the MD Department of Commerce, Chesapeake Regional Tech Council and Greater Baltimore Committee to host our first Signature event...
Cybersecurity and Privacy Protection Conference(Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...
Spring Conference 2016: Creating a Cybersecurity Communtiy(Los Angeles, California, USA, April 11, 2016) The ISACA Los Angeles Chapter provides affordable quality training on fundamental information systems auditing concepts and emerging technology risks, and an opportunity to network with other auditing...
Rock Stars of Risk-based Security(Washington, DC, USA, April 12, 2016) Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day. Rock Stars of Risk-Based...
Federal Security Summit 2016(Washington, DC, USA, April 12, 2016) Advanced threats and more sophisticated hackers are making it increasingly difficult to protect mission-critical government systems and communications. The U.S. Government is probed 1.8 billion times per...
Workforce 2.0: How to Cultivate Cybersecurity Professionals(Baltimore, Maryland, USA, April 12, 2016) Please join Passcode along with White House Chief Information Officer Tony Scott and other leading figures in digital security to explore the newest ideas and approaches to close the cybersecurity skills...
Threat Hunting & Incident Response Summit 2016(New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...
QuBit Conference(Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business
Cloud Security Expo 2016(London, England, UK, April 12 - 14, 2016) Cloud Security Expo is a cloud security event with over 80 dedicated cloud security exhibitors, seven streams of content, over 150 security speakers, and 40 real cloud security and compliance case studies.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.