Stolen Yahoo data appear on the black market, initially priced around $300,000. Observers note the data are valuable for either criminal or espionage purposes. It seems increasingly likely that Yahoo itself will face growing hostile scrutiny from both regulators and investors. The company's stock price took a predictable hit, and there are reports that Verizon is considering ways of backing out of its planned acquisition of Yahoo's core assets.
The Equation Group code the ShadowBrokers have now put on their discount zeronet retail shelf could, if purchased and used, afford various bad actors newly commodified modes of attack, HackerHouse reports.
Recorded Future reports the US Election Assistance Commission breach enables "Rasputin" to sell an SQL exploit on the dark web.
Investigation of Russian hacking of US elections continues, now with bipartisan Congressional goading. The issues are these: No one seriously doubts Russian intelligence services compromised the Democratic National Committee (and also made attempts with mixed success on the Republicans). How WikiLeaks received the emails perceived as so damaging to the Clinton campaign is less clear. Theories range from direct provision by the Russians (denied by WikiLeaks), through sourcing by a Russian front, to compromise by a disgruntled DNC-insider (in most stories a Sanders adherent). US President Obama faces growing pressure to "do something."
In the UK, Tories want GCHQ to offer more cyberdefense for banks; Labour wants government to inspect tech companies' algorithms. German legislation would address fake news, and Australia might shift the burden of proof against vulnerability researchers.
Today's issue includes events affecting Australia, Canada, China, France, Iran, Ireland, Democratic Peoples Republic of Korea, Republic of Korea, Nigeria, Philippines, Romania, Russia, Turkey, United Arab Emirates, United Kingdom, United States, and Venezuela.
A note to our readers: The new Star Wars film, Rogue One, is out this week. It's billed as "the epic tale of a scrappy group of rebels and their daring mission to steal the plans for the Death Star." Given what's generally known about information security, however, one wonders if perhaps the plans might actually have been compromised in a different way. (Like using "letmein123" as your password for both Lord.Vader@deathstar.imp and Heavybreather@yakhoo.com, maybe SithDude@vkontakt'e, too...not that a Sith Lord would like do that, or anything...)
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our partners at Ben Gurion University of the Negev, as Yisroel Mirsky discusses the vulnerabilities of the 911 emergency response system.
A special edition of our Podcast up is up as well—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.
As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
Poor security led to military hacking by North(JoongAng Daily) Earlier this month, the South Korean military accused Pyongyang of hacking South Korea’s defense intranet, and cyber experts are now pointing out holes in the security system
Hacked Yahoo data is for sale on dark web(Financial Review) Some time around August 2013, hackers penetrated the email system of Yahoo, one of the world's largest and oldest providers of free email services
Yahoo hack shows data as tool of information warfare(France 24) The massive hack affecting a billion Yahoo users shows how seemingly innocuous bits of data gleaned from cyber attacks can be exploited for profit -- and potentially for espionage and information warfare
Merry Haxmas! Shadow Brokers strike again!(HackerHouse) The ShadowBrokers have released details of another selection of software from the Equation Group auction files. This time they are listed as individual sale items on a zeronet website including a brief description of what each software could be used for. We took a look at the latest leaked data to attempt to determine what the impact of these files could be
Security Firms Almost Brought Down Massive Mirai Botnet(Bleeping Computer) Following a failed takedown attempt, changes made to the Mirai malware variant responsible for building one of today's biggest botnets of IoT devices will make it incredibly harder for authorities and security firms to shut it down
How ThyssenKrupp Fended Off a Cyber Attack(Handlesblatt Global) For over six months, a reporter from WirtschaftsWoche was granted exclusive access as German industrial goliath ThyssenKrupp defended itself against a major cyber attack. An inside report from the front line
Why Hackers Love The Cloud(Fox Business) For a skilled hacker, a major company’s cloud system is a treasure trove – sensitive data, including millions of bank account logins, email addresses and Social Security numbers can be just a few clicks away
Security Patches, Mitigations, and Software Updates
Deadlines for investigating and reporting data breaches(Help Net Security) 75% of organisations set fixed time limits for investigating potential security incidents, according to Balabit. However, 44% of respondents reported missing internal or external deadlines for investigating or reporting a breach in the last year, and 7% said a missed deadline had resulted in serious consequences
The difficult path to cyber resilience(Help Net Security) Global organizations are more confident than ever that they can predict and resist a sophisticated cyber attack, but are falling short of investments and plans to recover from a breach in today’s expanding threat landscape, according to EY
Cybersecurity Christmas Wish List(Wapack Labs) It’s that time of year again, when we place our faith and trust in imaginary entities who always deliver exactly what is needed, under impossible circumstances, just in the nick of time
Technology trends in 2017: A bluffer’s guide(IDG Connect) If bluffers have become used to calling on our old composite friend SoCloMo to remind themselves that social, cloud and mobile have been the uber trends of the last few years then it might be time for a new coinage
Filipinos brace for more online threats(Business Inquirer) A more digitally connected world also means a world that is more vulnerable to online threats: phishing, spying, tracking, frauds and scams. On top of that, most people now are also multidevice users—which only means more avenues for such threats
Verizon seeking to amend Yahoo deal(Otago Daily Times) The latest breach of Yahoo accounts has left Verizon Communications looking at ways to modify its multibillion-dollar bid to buy the core internet business from the technology company
MacGibbon leads US cyber mission(InnovationAus) The Prime Minister’s special advisor on cybersecurity will join with freshly-minted Australian Cyber Security Growth Centre Network CEO Craig Davies to lead an Austrade delegation of 20 local companies to the United States in February
New infosec products of the week: December 16, 2016(Help Net Security) Ixia enhances network assessment and monitoring platform...First digital identity certificate for drones...Microsoft customers can now secure content on Office 365...DB Networks launches AI-based agentless database activity monitoring...Percipient Networks defends against social engineering and malware...Radiflow introduces security assessment service for Industrial Control Systems...Barracuda offers Next-Generation Firewall for Google Cloud platform customers...Resilient Access enables data-sensitive organizations to connect securely...Fall 2016 Everbridge platform update improves global security...Iris authentication reference designs for deployment across IoT devices
Salient CRGT Expands Voyager Mobility Query For Law Enforcement(American Security Today) Salient CRGT, is expanding its software product offerings of Appix Financial Services, Assure6i™ Cyber Security Solutions, and Voyager™ Mobility Solutions to add enhanced features, be more widely available and decentralized, and offer multi-platform accessibility
Playing the blame game: Breaking down cybersecurity attribution(Help Net Security) Attributing the adversary behind a cyber attack ranks as perhaps the hardest challenge in all of cyber security, well beyond securing networks from intrusions, for the simple reason that bits are simply bits and do not belong to any single person
The Bittersweet Sweepstakes to Build an AI That Destroys Fake News(Wired) Autonmous 18-wheelers are now driving the highways. Coffee table gadgets are recognizing spoken English nearly as well as humans. Smartphones apps instantly translate conversations between people speaking as many as nine different languages. But for Dean Pomerleau, none of this is all that surprising
Who are Russia's cyber-warriors and what should the West do about them?(Telegraph) Western intelligence services and cyber security firms say they have identified two particular groups involved in the hack of the Democratic National Committee (DNC) that led to a series of embarrassing emails being leaked to the public ahead of the US presidential election
Obama’s cyber conundrum: how hard to hit back(New York Times News Service via the Central Oregon Bulletin) Over the past four months, U.S. intelligence agencies and aides to President Barack Obama assembled a menu of options to respond to Russia’s hacking during the election, ranging from the obvious — exposing President Vladimir Putin’s financial ties to oligarchs — to the innovative, including manipulating the computer code that Russia uses in designing its cyberweapons
A civil defense for the cyber age?(Boston Globe) The Russians are coming — again. So are the Chinese, the North Koreans, and an array of international bad actors, threatening American security — not with nuclear weapons but with computer hacks
Bipartisan group of senators seeking panel on Russia hacking(Help Net Security) A bipartisan group of senators announced on Sunday that they will push for an investigative panel to look into allegations that Russia tried to manipulate the U.S. election by hacking into Democratic officials and groups' email servers
Obama points finger at Putin for hacks during U.S. election(Reuters) President Barack Obama on Friday strongly suggested that Russian President Vladimir Putin personally authorized the computer hacks of Democratic Party emails that American intelligence officials say were aimed at helping Republican Donald Trump win the Nov. 8 election
My Turn: The Russian issue and the rhetoric surrounding it(Gaston Gazette) I think it would be helpful if there was an explanation of the differences in intelligence gathering and criminal investigations and how this difference impacts the current election emotions connected to the alleged Russian intrusion into our political process
U.S. to disclose number of Americans our government spied on as soon as January 2017(Boing Boing) The United States intelligence community has promised lawmakers it will provide as soon as January 2017 a public estimate of the number of Americans whose digital communications were subject to surveillance under the pretense of capturing foreign espionage, according to a bipartisan group of congressional lawmakers' letter that Reuters saw and reports here
Trump’s security advisor dismisses ‘insignificant’ data-sharing fears(Naked Security) US President-elect Trump’s pick for National Security Advisor, retired three-star army general Michael T Flynn, “inappropriately” shared classified information, according to a military investigation report completed in 2010 and only recently made public via a Freedom of Information Act filing by the Washington Post
Bayrob Fraud Ring Extradited to US(Infosecurity Magazine) Symantec is claiming victory after a Romanian fraud ring thought to have made as much as $35 million from their illegal activities was arrested and extradited to the US
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Black Hat Asia(, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...
CES® CyberSecurity Forum(Las Vegas, Nevada, USA, January 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in...
SANS Security East 2017(New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...
Cybersecurity of Critical Infrastructure Summit 2017(College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...
ShmooCon 2017(Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...
SANS Las Vegas 2017(Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...
BlueHat IL(Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel.
Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017(Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...
Blockchain Protocol and Security Engineering(Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.