BAE security researchers have warned that the thieves behind the $81 million cyber theft from the Bangladesh Bank probably also compromised SWIFT, the platform used internationally to manage financial transactions. SWIFT said yesterday it plans to issue a fix sometime today. BAE believes the attackers modified Alliance Access client software to modify a database that logged bank transactions, thereby covering the attackers’ tracks.
The controllers of GozNym, the “two-headed” Trojan IBM warned against earlier this month, have shifted focus from North America to Europe, targeting one Portuguese and several Polish banks.
A new strain of PowerShell-abusing malware is out. Trend Micro reports that “FAREIT” is spreading through spam emails (carried either in an attached Office document’s malicious macro or in a corrupted pdf) and is harvesting banking credentials.
Combat testing has revealed exploitable vulnerabilities in the US Army’s mobile tactical network. Fixes are promised.
The US is increasingly open about cyber operations against ISIS. Intrusion into and monitoring of jihadist networks has prepared the battlespace for effective spoofing and disruption of ISIS messaging.
Observers await word of what US and Russian officials are agreeing to in discussions of cyber warfare.
SecureWorks’ IPO last week is widely viewed as “lackluster.” Investors are looking for profit; they’re less likely to buy the story.
Many observers doubt the FBI’s “grey hat” explanation of how it accessed the San Bernardino jihadist’s iPhone.
The US Justice Department no longer needs Apple’s help unlocking an iPhone in a New York trial: someone gave them the passcode.
Today's issue includes events affecting Bangladesh, Belgium, Canada, China, France, Germany, Iraq, Italy, Philippines, Poland, Russia, Syria, United Kingdom, United States.
We concluded our coverage of SINET ITSEF 2016 on Friday. Today we publish an interview with Canada's Minister of National Defense, the Honorable Harjit Singh Sajjan, which you'll find here; he'd earlier delivered the final day's keynote address.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day.
Time Is Money: GozNym Launches Redirection Attacks in Poland(IBM Security Intelligence Blog) The GozNym banking malware, a Trojan hybrid discovered by IBM X-Force in early April, isn’t wasting any time. A week after launching an aggressive attack campaign on 24 banks in North America, GozNym’s operators are spreading a new European configuration. On the list this time: corporate, SMB, investment banking and consumer accounts held with major Polish banks; one bank in Portugal; and one American bank
New FAREIT Strain Abuses PowerShell(TrendLabs Security Intelligence Blog) In 2014, we began seeing attacks that abused the Windows PowerShell. Back then, it was uncommon for malware to use this particular feature of Windows. However, there are several good reasons for an attacker to use this particular feature
Ransomware-as-a-service + Malicious Insiders = Deadly Threat(Imperva) Insiders with RaaSIn our recent research report, we followed the infection chain and operation of CryptoWall 3.0 ransomware, focusing on payments made by victims and how those payments eventually aggregate to a small number of Bitcoin wallets – suggesting a well-organized operation
Core Windows Utility Can Be Used to Bypass AppLocker (Threatpost) A core Windows command-line utility, Regsvr32, used to register DLLs to the Windows Registry can be abused to run remote code from the Internet, bypassing whitelisting protections such as Microsoft’s AppLocker
An insider's look at iOS security(Tech republic) Apple's battle with the FBI portrays them as a security hero going to great lengths to protect user privacy, but our beloved iPhones may not be as secure as many believe
Verizon Says Strikers Sabotaging Verizon Network(DSL Reports) Verizon is accusing the company's striking workers of sabotaging the Verizon network. According to Verizon, most of the instances of sabotage have involved intentionally cutting fiber lines in various locations across New York, New Jersey, Massachusetts, and Pennsylvania
Insurers could hold key to managing cyber risks(Business Insurance) Could private industry provide at least a partial answer to one of the United States' most critical national security problems? The answer may well be “yes,” if the problem is cyber security and the industry in question is the insurance industry
Halvorsen: Cyber war is a culture war(Defense Systems) Security experts have often said that the key to cybersecurity is a matter of approach and attitude, an idea Defense Department CIO Terry Halvorsen reiterated this week
Q&A: Navigating the new cyber security landscape(IT Pro Portal) The cyber security landscape is changing drastically. The growth of new technologies such as drones and the Internet of Things is creating a host of new access points for hackers to target, thereby weakening companies’ defences
Dell’s SecureWorks Has Lackluster Trading Debut(New York Times) SecureWorks is the first initial public stock offering of the technology industry this year. That may be the extent of the victory lap for the tech I.P.O. market, at least for now
Elixirr strikes partnership with cyber security firm CyberInt(Consultancy) Consulting firm Elixirr has agreed a strategic partnership with CyberInt, an Israeli cyber security firm. The move allows Elixirr to leverage CyberInt’s software to help organisations identify external vulnerabilities in their digital frontier, while for CyberInt, the deal sees it expand its client base
10 Tips for Securing Your SAP Implementation(Dark Reading) Without clear ownership of security for a critical business platform like SAP, it should come as no surprise that SAP cybersecurity continues to fall through the cracks among IT, admin, security and InfoSec teams
How IoT security can benefit from machine learning(TechCrunch) Computers and mobile devices running rich operating systems have a plethora of security solutions and encryption protocols that can protect them against the multitude of threats they face as soon as they become connected to the Internet. Such is not the case with IoT
Is Hybrid AI the future of cyber-security?(SC Magazine) The future of cyber-security looks part human and part machine, according to MIT's Computer Science and Artificial Intelligence Laboratory but what does the broader industry think?
MIT Launches Experimental Bug Bounty Program(Threatpost) The effectiveness of bug bounty programs is difficult to deny, especially after adoption of one at Uber, which announced last month it would begin paying $10,000 for critical bugs, and the Department of Defense, whose Hack the Pentagon illustrates the government’s softening stance on hackers
Legislation, Policy, and Regulation
ISIS Targeted by Cyberattacks in a New U.S. Line of Combat(New York Times) The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons
Intelligence and the Cyber Domain: A Canadian Perspective(The CyberWire) The Honorable Harjit Singh Sajjan, Canada's Minister of National Defense, spoke with the CyberWire shortly after he addressed SINET's ITSEF 2016. He shared his perspective on intelligence and the cyber domain, to which he brings the distinctive experience of both a military intelligence officer and a police detective who specialized in gang crime investigations. He emphasized the prime imperative of developing actionable intelligence: delivering it quickly to those on the ground who can take action
DOD officials push back on civil cyber support critiques(GCN) Pentagon officials pushed back Friday against criticisms levied against the Defense Department for the lack of clarity in its chain of command for domestic cyberattacks. “We know how to do it; we’re making sure that in the event that it happens we’re ready to execute,” Deputy Commander of Cyber Command Lt. Gen. James “Kevin” McLaughlin said
Experts Weigh-In Over FBI $1.3 Million iPhone Zero-Day Payout(Threatpost) Was the Federal Bureau of Investigation justified in paying over $1.3 million for a hacking tool that opened the iPhone 5c of the San Bernardino shooter? For some in the security community the answer is a resounding yes. For others, the answer is not so clear-cut
Chinese firm at center of cyber fears(Washington Post via Astro Awani ) Ever since Chinese computer maker Lenovo spent billions of dollars to acquire IBM's personal-computer and server businesses, some lawmakers have called on federal agencies to stop using the company's equipment out of concerns over Chinese spying
China Punishes Apple by Shutting Down iTunes and Movies(Breitbart) Despite years of Apple Inc. succeeding in gaining huge market share by apparently granting China state security authorities “backdoors” into its product encryption, communist regulators shut down Apple’s iBook Store and iTunes on April 22
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Army SIGINT(Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...
6th European Data Protection Days (EDPD)(Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...
CISO San Francisco(San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...
Staying Ahead of the Curve - Securing a Nation Amid Change(Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...
Assured Communications 2016(Crystal City, Virginia, USA, April 27, 2016) A basic tenet of building an expeditionary fighting force that can respond to hot spots around the world is the ability to surge. That applies to satellite bandwidth as much as it does to personnel and...
CISO Houston(Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
Cybersecurity Futures 2020(Washington, DC, USA, April 28, 2016) On April 28, some of the country's leading policymakers, hackers, and creative thinkers will join Passcode and UC Berkeley to discuss the Internet's alternate futures – and explore how unconventional thinking...
3rd East Africa Cyber Defense Convention 2016(Nairobi, Kenya, April 29, 2016) Building on the success of previous conventions series in the last two years and with insights from cybersecurity experts, participants at this conferene learn how organisations should successfully respond.
CISO United States(Chicago, Illinois, USA, May 1 - 3, 2016) The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda...
SANS Security West 2016(San Diego, California, USA, May 1 - 6, 2016) With cyber-attacks and data breaches on the rise, attacks becoming more frequent, sophisticated and costlier, the gap in the ability to defend has become wider and more time sensitive. Now is the perfect
CEBIT(Sydney, New South Wales, Australia, May 2 - 4, 2016) With the Australian Federal Government officially announcing its national cyber security policy, ahead of CeBit Australia’s business technology event, CeBIT is ultra strong on cyber security, too. CeBIT’s...
Cyber Investing Summit 2016(New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.