Ukraine continues investigation into December's attack on its power grid, now thought to have been long-prepared, with reconnaissance beginning some six months earlier. Latest statements from Ukrainian officials offer more evidence of a Russian connection — Russian ISP, phone calls from within Russia — but stop short of attribution to the Russian organs.
Palo Alto looks at Fysbis, Linux malware widely used by the Sofacy group (a.k.a. APT28 or Sednit, and believed to be connected to Russia). Fysbis is thought to succeed because of what Palo Alto characterizes as businesses' underdeveloped awareness of Linux malware.
ESET describes how criminals used Corkow malware to manipulate Energobank's currency trading platform. Corkow is described as both evasive and capable, but it's unclear how its masters profited from their attack. Not directly, but they may have traded in futures markets or enabled profitable third-party speculation. Or the incident may have been a trial run.
Los Angeles' Hollywood Presbyterian Hospital works to recover from an unusually tough-to-remediate ransomware attack. (Pricey, too: with a $3.6 million ransom.)
Some good ransomware news: Emsisoft decrypts HydraCrypt and UmbreCrypt.
Securities markets have given cyber companies a rough ride recently, but Forbes thinks fears of cyber security bear market are wildly overblown. New growth is forecast after the correction. Barron's looks at the US Federal budget and sees "tailwinds" for security companies, notably FireEye, Imperva, Fortinet, Proofpoint, Palo Alto Networks and CyberArk. BAE's new COO is expected to push into commercial cyber markets.
Police in the UK close in on the Crackas.
Today's issue includes events affecting Australia, Austria, Canada, China, France, Germany, India, Israel, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Pakistan, Russia, Saudi Arabia, South Africa, Thailand, Ukraine, United Arab Emirates, United Kingdom, United States.
ON THE PODCAST
In today's Daily Podcast, we'll hear from the University of Maryland's Jonathan Katz on how Bitcoin works. The podcasts will be up later this afternoon.
New malware targets Android users through text messages(IT Pro Portal) Malware is a common security threat on desktop operating systems but now it is also gaining more of a foothold on mobile. A new Android-based malware has been discovered, which is able to grant itself administrator privileges and completely take over a users' device
PwnPhone: Default passwords allow covert surveillance.(Paul Moore) A few weeks ago, I was asked to observe an installation of several wireless access points & VoIP phones, with a view to making recommendations on how best to improve security while maintaining ease of deployment
How White Hat Hackers Stole Crypto Keys from an Offline Laptop in Another Room(Motherboard) In recent years, air-gapped computers, which are disconnected from the internet so hackers can not remotely access their contents, have become a regular target for security researchers. Now, researchers from Tel Aviv University and Technion have gone a step further than past efforts, and found a way to steal data from air-gapped machines while their equipment is in another room
Crypto-Malware — Don't become a victim!(Check & Secure) Last week saw another disturbing example of the indiscriminate damage that crypto-malware can wreak. On Wednesday the Lukas Hospital in Neuss, Germany was crippled by the trojan TeslaCrypt 2.0. It seems that a worker at the hospital opened an attachment in a mass email, leading to the hospital mainframe being paralysed and thousands of patient health records being encrypted
Security Patches, Mitigations, and Software Updates
Reflecting on Recent iOS and Android Security Updates(Zimperium) The last thirty days proven to be yet another exciting time for the mobile security ecosystem. Apple and Google released updates for their respective mobile operating systems that fix several critical issues
Connected Devices Are Transforming the Medical World, but Pose Security Challenges(IBM Security Intelligence Blog) Connected devices — from regular smartphones to specialized gadgets such as fitness trackers — are storming the world of health care on multiple fronts, transforming everything from the mechanics of health records and payment processes to how people track their own health and seek care when needed
BAE's Uncharted Waters(Bloomberg Gadfly) U.K. aerospace and defense group BAE Systems looks to be preparing the ground for Charles Woodburn, an oil industry executive, to become CEO. By hiring an outsider, it's taking a leaf from Rolls-Royce's playbook
General Dynamics to Help Secure German Bundeswehr's IT Networks(PRNewswire) General Dynamics Mission Systems' partner QGroup received a contract from the Bundeswehr (German Federal Armed Forces) to deploy and maintain QTrust Server security appliances for their secure IT networks. QGroup's QTrust Server is based on General Dynamics Mission Systems' PitBull Trusted Operating System (PitBull)
Sticking to the facts with Windows 10 privacy debate(FierceCIO) While it is probably fair to say that Microsoft's opaque data collection in Windows 10 will not be winning any popularity contests any time soon, an almost surreal report on Forbes earlier this week suggested that the telemetry issue is actually much worse than previously believed due to how Windows 10 is "phoning home" thousands of time a day
G DATA bringt VPN-Modul für Android(Online Computer) G DATA integriert Schutzfunktion für WLAN und Funknetz in seine mobilen Sicherheitslösungen. Das VPN-Feature erscheint zunächst für Android und ist demnächst auch für iOS erhältlich
Protecting the grid(Ames Tribune) In an attempt to protect their simulated cities from a cyber attack, 15 teams from around Iowa and the Midwest faced off Saturday in the country's first Cyber-Physical System Cyber Defense Competition at Iowa State University
Cyber security degree coming to Iowa Western(Daily Nonpareil) As the Internet of Things starts to tether our cars, appliances, homes, offices and even wearable devices together into common platforms for convenience and efficiency, securing our digital lives becomes more and more of a priority.
Legislation, Policy, and Regulation
The Challenge of China's Bid for Cyber Suzerainty(World Politics Review) The Internet revolution began in the 1990s, when China was still recovering from the damage done during Mao Zedong's reign and the world was adjusting to the West's post-Cold War pre-eminence
Hacker Lexicon: What Counts as a Nation's Critical Infrastructure?(Wired) As the US government contemplates the recent hack of Ukraine's power grid, which is only the second hack of this kind against critical infrastructure since the Stuxnet attack against Iran's nuclear program was discovered in 2010, the implications for the US power grid are clear
The end in sight, Obama wants a cyber blueprint for next president(EE News) The new Cybersecurity National Action Plan announced Tuesday by the White House aims at protecting federal agencies from cyberattacks, an urgent need dramatized by the ransacking of the Office of Personnel Management's aged computer systems by hackers two years ago
Does the UK need a chief information security officer?(SC Magazine) While most of the media understandably covers the search for a new President of the United States, we couldn't help but notice another job going begging at the White House: CISO. Which got us to thinking
Un lycéen risque la prison pour un outil de communication chiffré(Numerama) Le lycéen de Dijon mis en garde à vue dans le cadre de l'affaire des fausses menaces à la bombe avait mis à disposition un serveur Jabber (XMPP) sécurisé, utilisé pour communiquer anonymement. Il risque jusqu'à 5 ans de prison pour son refus de fournir ses clés de déchiffrement
What If Vladimir Putin Has Hillary Clinton's Emails?(Forbes) Despite a clear warning received almost three years ago, it has taken a heated presidential campaign and an FBI investigation to make us aware of the national security threat of Hillary Clinton's unsecured state department e-mails
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Department of the Navy (DON) IT Conference, West Coast 2016(San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...
ICISSP 2016(Rome, Italy, February 19 - 21, 2016) The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information...
CISO Canada Summit(Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...
Interconnect2016(Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...
Insider Threat Program Development Training Course — Maryland(Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
CISO New York Summit(New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
BSides San Francisco(San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...
CISO Summit Europe(London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...
RSA Conference 2016(San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016
Cybersecurity: Defense Sector Summit(Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.