Ukraine continues to investigate Saturday's apparent cyberattack on the electrical utility serving Kiev and its environs. Authorities, who say the outage was remediated in less than an hour and a half, disclosed the incident yesterday.
The ShadowBrokers, whose English hasn't improved even to the point of broken plausibility, are still offering Equation Group code at a deep discount.
In the Subcontinent, the "Team Pak Cyber Attackers" deface Google's Bangladesh domain with a security awareness taunt; the incident seems more skid caper than patriotic hacktivism or other serious attempt.
OurMine is back, hacking a Netflix Twitter account and other high-profile online identities.
Panasonic denies with some heat an IOActive report that Panasonic in-flight entertainment systems could compromise airline passenger data or even open flight control systems to interference. IOActive stands by its claims.
After last week's disclosure of Yahoo!'s second major breach, Verizon is rumored to be reviewing its planned acquisition of Yahoo!'s core assets. What Verizon eventually does is likely to set significant precedents in M&A activity.
NIST asks cryptographers for input on information security standards in a post-quantum-computing world.
Wassenaar renegotiation will be deferred, in the US, until the new Administration takes office.
German police pursue suspected terrorists' online trail as ISIS claims responsibility for the murders committed at the Berlin Christmas market. ISIS appears to be concentrating its recruiting effort on children—one twelve-year-old is suspected of building a nail bomb for use against "Crusader" targets. Much Caliphate current chatter appears to fantasize about attacking Christians observing Christmas.
Today's issue includes events affecting Australia, Bangladesh, China, European Union, Pakistan, Russia, Saudi Arabia, Ukraine, United Kingdom, United States.
A note to our readers: We'll be observing US Federal holidays, as is our custom, and since this year both Christmas and New Year's Day fall on Sunday, that means we'll take a break on Monday, December 26th, and again on Monday, January 2nd. Other than that we'll publish on our normal schedule.
An additional, Kessel-themed note: The new Star Wars flick, Rogue One, is billed as "the epic tale of a scrappy group of rebels and their daring mission to steal the plans for the Death Star." Given what's known about information security, however, one wonders if perhaps the plans might actually have been compromised in a different way. (Like using "camaro" as your password for both a deathstar [dot] edu email account and your Heavybreather social media handle...not that a Sith Lord and a T.I.E. ace would do that, y'know...)
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our partners at the Johns Hopkins University, as Joe Carrigan talks about the use of burner email addresses (and not dot-gov or dot-mil). us on recent advances in homomorphic encryption. Our guest, Sam McLane from Arctic Wolf, takes up those aspects of an incident response plan people commonly overlook.
A special edition of our Podcast is also up—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.
The podcast will take a holiday break on December 26th and January 2nd. Next week, December 27th through December 30th, we'll be running special best-of-episodes from 2016. All returns to normal on January 3rd. Today marks a milestone for us: it's the first anniversary of the CyberWire Daily Podcast's soft launch. A special thanks to those who've participated in the more than 500 interviews we've been able to include in our programming. If you've enjoyed the podcasts, please consider giving us an iTunes review. On the day we first podcast we had three downloads; a year later we're seeing several thousand daily. So, as always, but especially today, thanks for listening.
Germany Releases Berlin Attack Suspect as ISIS Claims Involvement(New York Times) For a Germany that likes to see itself as meticulous, the slip-up was startling: Hours after the authorities said they had grabbed a suspect in the deadly truck rampage at a Christmas market in Berlin, they acknowledged they may have detained the wrong man and began a desperate search for the actual driver
The Virtual Caliphate: ISIS's Information Warfare(Institute for the Study of War) The Islamic State of Iraq and al-Sham (ISIS) poses an evolving threat to the U.S., its allies, and its broader interests. Its approach to information warfare has represented a key component of its overall strategy, including during the period it has faced sustained pressure. ISIS has suffered significant setbacks on the ground, yet has demonstrated the ability to adapt
The Great Cyber Game: Commentary (3)(Medium) In the first part of this commentary I looked at what and why the cyber full court press is happening. The second part was a textual analysis of the Shadow Brokers drop (matryoshka messaging.) This third part will explore how we know that this was such an expensive message
OurMine hacks Netflix’s U.S. Twitter account(TechCrunch) OurMine is up to its old tricks again, with an attack on Netflix’s official U.S. Twitter account. The hacking team has been responsible for taking over a number of high-profile Twitter accounts during the past year or so, including Google’s Sundar Pichai, actor Channing Tatum – and us, TechCrunch dot com
Panaxonic, IOActive Clash on Vulnerability Report(Threatpost) Panasonic Avionics has pushed back against research released Tuesday by IOActive suggesting that in-flight entertainment system firmware used by more than a dozen airlines contains vulnerabilities that allow a local attacker to manipulate data displayed to passengers, or put their personal data at risk
Pen Tester in Bust Up with Aircraft Electronics Firm(Infosecurity Magazine) Pen testing firm IOActive has been forced to defend its findings after Panasonic Avionics reacted angrily to a new report highlighting potential weaknesses in aircraft computer systems this week
Report: $3-5M in Ad Fraud Daily from ‘Methbot’(KrebsOnSecurity) New research suggests that an elaborate cybercrime ring is responsible for stealing between $3 million and $5 million worth of revenue from online publishers and video advertising networks each day. Experts say the scam relies on a vast network of cloaked Internet addresses, rented data centers, phony Web sites and fake users made to look like real people watching short ad segments online
One phishing attack: 756K potential victims(CIO Dive) More than 756,000 Californians are currently being notified that their private information may have been compromised after a single phishing email scammed 108 Los Angeles County employees last May
RUAG Acquires Cyber Security Specialist Clearswift(PRNewswire) The RUAG Defence division is acquiring the British Cyber Security specialist Clearswift. With this acquisition, RUAG is making a significant investment in the expansion and long-term development of its cyber security business. Clearswift's leading products will be a significant addition to the RUAG Defence Cyber Security business unit. As previously announced, the business unit will be headed by cyber security expert Dietmar Thelen as of 1 January 2017
Bugcrowd Caps 2016 with Record Growth(Yahoo!) Bugcrowd, the leader in crowdsourced security testing, today announced the company has achieved its fourth consecutive year of significant growth with nearly double the number of fully-managed programs and nearly triple the payouts to security researchers in their 45,000-strong crowd. In 2016, the company also expanded its executive team, released new innovations to its Crowdcontrol platform and more than doubled employee headcount
Why Cisco Systems Could Have a Great 2017(Fox Business) Networking hardware giant Cisco Systems (NASDAQ: CSCO) has been cautious when talking about its outlook for the new year. The company is anticipating a revenue decline during its fiscal second quarter, driven by what the company calls "a challenging global business environment." CEO Chuck Robbins pointed to macroeconomic uncertainty as well as uncertainty surrounding the political and regulatory environments following the election as the main reasons for the weak guidance. The company is taking a conservative approach and not modeling any improvement in these areas going forward
Contrast Security Makes .NET Applications Self-Defending(PRNewswire) Contrast Security, the leader in next-generation application security, today announced that Contrast Protect now supports Microsoft .NET applications. Contrast Protect uses runtime application self-protection (RASP) technology to empower applications to automatically detect and fix vulnerabilities, identify attacks and defend themselves. Microsoft .NET remains one of the top three enterprise application development environments. As a result, more enterprise applications can be self-protecting than ever before
SAIC and root9B Partner to Offer Advanced Cybersecurity Simulation and Training(BusinessWire) Science Applications International Corp. (NYSE: SAIC) is teaming with root9B, a root9B Holdings Company (OTCQB: RTNBD), to provide advanced cybersecurity training and simulation environments to government clients. As part of the agreement, SAIC and root9B will focus on redefining how organizations prepare their personnel to conduct cyber operations through tailored training, dynamic simulation, and realistic scenarios
Outertech Releases Cacheman 10.03 Windows Optimizer That Improves Performance, Privacy, and Security of a PC(PRNewswire) Memory is one of the most important pieces of computer hardware as it is in constant use no matter what a PC is used for. Many variables can influence the speed and performance of memory, and this in turn will affect the overall performance of a computer. Cacheman (short for Cache manager) can help by making it possible to automatically optimize system cache and take control of RAM. A computer cache is a software or hardware component that stores user data so that future requests for that data can be served faster
Inside LeakedSource and Its Database of 3 Billion Hacked Accounts(Wired) By new it's hard to keep track of which companies have been hacked and which haven’t. Remember the FourSquare hack? What about Adobe? Even breaches that were high-profile at the time are fading into obscurity as bigger and scarier ones crop up. (Ahem, Yahoo.) And if you can’t remember what’s been hacked, you’re probably struggling to keep track of which leaks have included your personal data. That’s where “the Google of data breaches” comes in
Technologies, Techniques, and Standards
NIST Asks Public to Help Future-Proof Electronic Information(NIST) The National Institute of Standards and Technology (NIST) is officially asking the public for help heading off a looming threat to information security: quantum computers, which could potentially break the encryption codes used to protect privacy in digital systems. NIST is requesting methods and strategies from the world’s cryptographers, with the deadline less than a year away
New Decryptor Unlocks Cryptxxx v.3 Files(Threatpost) Researchers have neutralized the threat of the latest strain of the CryptXXX v.3 ransomware, releasing a decryption tool for unlocking files, and have added it to the RannohDecryptor, a free utility hosted by Kaspersky Lab’s No Ransom Project.
‘Lock down Your Login’ to Improve Security(ReadITQuik) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership that promotes awareness and education on cyber-security and privacy in the United States of America, has shared some tips to enhance personal security in an era when the boundary between our digital and personal lives is quickly vanishing. With the world becoming more and more connected, NCSA advises that individuals should also commit to staying safe and secure when online, in order to protect personal data
Design and Innovation
How Google’s Search business and humanity’s information is disappearing(TechCrunch) Search, Google’s crown jewel, and humanity’s way of finding the world’s information, has big problems. These problems threaten the internet as we know it; if they’re allowed to continue developing, unchecked, the consequences will be far-reaching and severe. Collectively, these threats are called Dark Matter
DoD unveils open data project(C4ISRNET) The Defense Department is continuing to break down digital barriers, this time unveiling an open data project. Data.mil — a cooperative project with Data.world, a data resource organization — and the Defense Digital Services within the Pentagon seek to make military data available and searchable
IBM blockchain in healthcare rallies for patients(CIO) IBM is creating solutions to connect the global healthcare delivery system. A recent IBM Institute for Business Value survey found the trailblazers of blockchain adoption will focus on three areas
U.S. Blacklists 15 Russian Entities Linked to Ukraine and Crimea(New York Times) President Obama on Tuesday blacklisted 15 Russian individuals and companies for their dealings in Crimea and Ukraine, creating an early test for the new administration of President-elect Donald J. Trump, who is widely expected to roll back the pressure campaign against Russia
Obama's long years of cyber neglect(Washington Examiner) President Obama is calling on President-elect Trump to prevent foreign cyber-meddling in future U.S. elections. But Obama himself already has had the power to preempt cyberattacks — a power he has used poorly and insufficiently, according to experts and Obama's opponents
Dear Mr. Trump: To ‘Cyber’ Better, Try the Blockchain(Wired) A massive distributed denial-of-service (DDoS) attack took several high-profile websites—Twitter, Amazon, the New York Times, even WIRED—offline in October. This attack didn’t target any of these companies directly, but rather Dyn, the company that provides DNS services for each of those sites. Dyn is one of many vulnerable, centralized chokepoints in the infrastructure of the web; a targeted attack on this one company allowed the perpetrators to momentarily disable a big chunk of the internet for people all over the US. The attack is an unsettling precedent and should serve as a warning: Our digital infrastructure is more fragile than we imagine
Cloud security vendor Zscaler bats away patent infringement lawsuit(TechCrunch) Symantec, one of the world’s largest cybersecurity companies, closed its giant acquisition of Blue Coat Systems in August, ushering in a new regime under incoming CEO Greg Clark. He hasn’t wasted much time in disparaging upstarts in the market, either, including the well-funded, venture-backed companies Cylance, Tanium and Carbon Black
Anonymous’ Barrett Brown Is Free—and Ready to Pick New Fights(Wired) When Barrett Brown was arrested in his home by FBI agents in 2012—a moment captured by chance in a public videochat streamed to his fans and haters alike—the hacker group Anonymous was an online force to be reckoned with. Just nine months earlier the group had hacked the private intelligence firm Stratfor and dumped five million of its emails, the crime to which Brown would later be tied and sentenced to five years in prison
Sexuelle Übergriffe durch einen Lehrer an Wetzlarer Werner-von-Siemens-Schule( Gießener Anzeiger) Nachdem Anfang November der Leitung der Werner-von-Siemens-Schule in Wetzlar sexuelle Übergriffe eines Lehrers bekannt wurden, schaltete sie sofort die Kriminalpolizei ein. Staatsanwaltschaft und Kriminalpolizei in Wetzlar ermitteln derzeit gegen einen 40-jährigen Lehrer dieser Einrichtung, wie diese in einer gemeinsamen Presseerklärung bekannt gaben
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CES® CyberSecurity Forum(Las Vegas, Nevada, USA, January 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in...
SANS Security East 2017(New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...
Cybersecurity of Critical Infrastructure Summit 2017(College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...
ShmooCon 2017(Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...
SANS Las Vegas 2017(Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...
BlueHat IL(Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel.
Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017(Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...
Blockchain Protocol and Security Engineering(Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.