Release of alleged information on US FBI and Department of Homeland Security personnel continues. The pro-Palestinian hacktivist-who-prefers-to-remain anonymous still remains anonymous for now, but a screen name worthy of Carlos Danger augurs his eventual betrayal by a libido ostentandi.
SecureList has an account of AdWind, a complex, cross-platform backdoor currently afflicting banks in Singapore and elsewhere. Also known as "AlienSpy," it's being sold openly as a subscription service in Internet black markets.
The "Poseidon Group," Brazilian in origin and speaking both Portuguese and English, presents what observers see as a novel twist on extortion. Operating as an APT group, they prospect vulnerable enterprises for sensitive data, approach their victim ("in well-dressed suits," notes Dark Reading, emphasizing Poseidon's white-collar self-presentation), point out their security issues, and urge the victim to hire them for security services. Victims who balk find that (1) their data move over to Poseidon's "market forecasting" business, which sells sensitive information, and (2) that Poseidon, having established persistence in the network, is in no hurry to leave.
In patch news, Avast fixes issues Google discovered with Avast's SafeZone browser security tool. Oracle closes some Java vulnerabilities to DLL hijacking, and Apple updates iOS 9.
A depressed equities market drags down share prices, and cyber stocks suffer along with the rest. Digital Shadows attracts $14M in Series B funding. Infoblox buys IID (for talent and data) and Kingston acquires encrypted flash-drive shop IronKey.
In the US, Wassenaar renegotiation gains Congressional support. NSA's reorganization continues apace. Congress deliberates encryption (deliberately).
Today's issue includes events affecting Belgium, Brazil, China, European Union, France, India, Iran, Iraq, Netherlands, Pakistan, Russia, Syria, United Kingdom, United States.
Hack Brief: FBI and DHS are Targets in Employee Info Hack(Wired) Last year, A hack of the U.S. Office of Personnel Management exposed the personal information of millions of government employees. Now, Motherboard reports, a hacker has threatened another federal employee dump of a much smaller scale but potentially more sensitive target: the names, titles, and contact information of nearly 30,000 FBI and Department of Homeland Security workers
Hacker Publishes Personal Info of 20,000 FBI Agents(Motherboard) While America was getting ready to watch the Super Bowl on Sunday, a hacker promised he would dump online a list of more than 20,000 agents of the Federal Bureau of Investigation and 9,000 Department of Homeland Security officers
Adwind: FAQ(SecureList) We have become aware of unusual malware that was found in some banks in Singapore. This malware has many names — it is known as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which makes it cross-platform
Power Grid Honeypot Puts Face on Attacks(Threatpost) The rhetoric around hacking the power grid would have you believe it's a relatively mundane practice. Policymakers, intelligence agencies and vendors, for example, spread the word gleefully, leaning on scenarios such as state-sponsored hackers shutting off the lights in the dead of winter as a scare tactic to glean budget and influence
IoT Reality: Smart Devices, Dumb Defaults(KrebsOnSecurity) Before purchasing an "Internet of things" (IoT) device — a thermostat, camera or appliance made to be remotely accessed and/or controlled over the Internet — consider whether you can realistically care for and feed the security needs of yet another IoT thing
Homegrown Extremists Top Terrorist Threat List, Clapper Says(BloombergBusiness) Homegrown extremists probably will "continue to pose the most significant Sunni terrorist threat to the U.S. homeland in 2016," Director of National Intelligence James Clapper said in a summary for Congress of the perils facing the nation globally
Security Patches, Mitigations, and Software Updates
Avast Patches Critical SafeZone Flaw(Infosecurity Magazine) Security vendor Avast has patched a dangerous vulnerability in its SafeZone protected browsing tool which researchers claimed could allow attackers to compromise secure sessions like online banking
Oracle Security Alert for CVE-2016-0603(Oracle) This Security Alert addresses CVE-2016-0603 which can be exploited when installing Java SE 6, 7 or 8 on the Windows platform. This vulnerability has received a CVSS Base Score of 7.6
CSA survey finds trust in the cloud increasing(Business Cloud News) Suspicion of the cloud has lifted so much that trust in cloud services is on par with on-premises applications, according to a survey by the Cloud Security Alliance
It's Been 20 Years Since This Man Declared Cyberspace Independence(Wired) When digital dystopians and critics of Internet libertarians need a rhetorical dart board, they often pull out a document written by John Perry Barlow, co-founder of the nonprofit Electronic Frontier Foundation, a former cattle rancher and Grateful Dead lyricist
Big data's very bad day in the stock market(FierceBigData) Investor trends are not the same as predictive analytics because far too much stock market movement is merely knee-jerk reactions with precious little data to aim the kick
Digital Shadows Gets $14M To Keep Growing Its Digital Risk Scanning Service(TechCrunch) UK cyber security startup Digital Shadows, which sells a SaaS service to businesses wanting to monitor and manage potential risks by keeping tabs on activity related to their digital footprint — has closed a $14 million Series B funding round, led by Trinity Ventures. As part of the investment, Trinity's Fred Wang has joined the Digital Shadows board
Darktrace reports surge in cyber defence demand(Business Weekly) Cambridge UK cyber technology business Darktrace reports a 510 per cent surge in year on year bookings with and revenue growth of 450 per cent. Headcount has grown 231 per cent and now stands at close to 200 employees in 18 locations around the world, with new US headquarters in San Francisco and a new office on the Champs-Élysées in Paris
(Hardly any) French MPs back emergency powers reform(The Local (France)) The lower house of the French parliament voted on Monday in favour of enshrining in the constitution the process of declaring a state of national emergency, although 411 MPs didn't bother turning up
Momentum slows for encryption bill(The Hill) Congress seems unlikely to pass an encryption bill anytime soon despite the burst of momentum that followed the terrorist attacks in Paris and San Bernardino, Calif
McCain calls for encryption standards(Washington Examiner) Sen. John McCain criticized encryption technology, which allows terror suspects to communicate without the government seeing it, in an editorial over the weekend, and renewed a call for legislation to prohibit it
EC Announces Privacy Shield Timeframe, Conditions(Forbes) The European Commission announced today via Commissioner Vera Jourová the time frame and remaining conditions for reaching agreement on Privacy Shield, the framework "agreement" to replace the invalid Safe Harbor EU-U.S. data transfers agreement
SANS Cyber Threat Intelligence Summit & Training 2016(Alexandria, Virginia, USA, February 3 - 10, 2016) This Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and...
Insider Threat Program Development Training — California(Carlsbad, California, USA, February 8 - 10, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
OPSWAT Cyber Security Seminar(Washington, DC, February 9, 2016) OPSWAT, along with our Washington DC partners, InQuest and Punch Cyber, will be hosting a half-day seminar to cover several threat detection and research technologies
Secure Rail(Orlando, Florida, USA, February 9 - 10, 2016) The first conference to address physical and cyber rail security in North America
Cyber Security Breakdown: Dallas(Dallas, Texas, USA, February 10, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...
SecureWorld Charlotte(Charlotte, North Carolina, USA, February 11, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
Suits and Spooks(Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...
Department of the Navy (DON) IT Conference, West Coast 2016(San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...
ICISSP 2016(Rome, Italy, February 19 - 21, 2016) The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information...
Interconnect2016(Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...
CISO Canada Summit(Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...
Insider Threat Program Development Training Course — Maryland(Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
CISO New York Summit(New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
BSides San Francisco(San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...
CISO Summit Europe(London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...
RSA Conference 2016(San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.