Ransomware, especially Locky (distributed via malicious Word macros, like Dridex) but also PadCrypt (which picks up the trend set by CrytoWall 4.0, treating victims as if they're customers) continues to exercise researchers and security teams. Palo Alto believes it's discovered the revenant Dridex subnet that's pushing Locky. PadCrypt's "customer service" includes both an uninstaller — but it only uninstalls the malware, leaving files encrypted — and a "live chat" feature in which PadCrypt's controllers walk victims through their payment options.
Cyber extortion seems to pay. Hollywood Presbyterian said yesterday it paid its attackers $17,000 in Bitcoin to release control of some affected systems. A Bitdefender survey suggests paying up has become increasingly common, with victims in the UK willing to pay the highest levels of ransom.
In industry news, some retail investment advisors look upon the recent pullback in cyber security share prices as a buying opportunity.
Amid conflicting reports over how well private sector cooperation against ISIS is going — some say Twitter's giving ISIS troubles; others say account-blocking amounts to little more than a gesture — US Secretary of State Kerry asks Hollywood to help with counter-ISIS messaging.
Apple continues to fight the court order it received to assist the FBI in the Bureau's efforts to unlock an iPhone used by the San Bernardino jihadists. Apple receives support from Microsoft and Google, and also from both Ed Snowden and former NSA Director Michael Hayden. Observers agree the case's outcome will set important precedents. It's also likely to push Congress toward encryption legislation.
Today's issue includes events affecting China, Czech Republic, Denmark, France, Germany, Iran, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Moldova, Romania, Russia, Syria, United States.
ON THE PODCAST
Today's CyberWire Daily Podcast will have more on what's at stake in the case of the jihadists' iPhone. Listen for the podcast later this afternoon.
Researchers leak phony data on dark web to track journey(SC Magazine) Researchers at Bitglass leaked the digital identity of a fictional bank employee on the dark web as part of its "Where's Your Data: Project Cumulus" experiment to help organizations understand what happens to sensitive data once it's stolen
Xen Project Explains Patch Snafu(Threatpost) Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday
Spear Phishing Incident Average Cost is $1.6M(Infosecurity Magazine) Spear phishing has become an endemic scourge: 95% of US and 83% of UK respondents in a recent Cloudmark survey said that they have experienced spear phishing attacks (91% combined)
Cyber risks evolving to hit less traditional targets(Business Insurance) Last year was the year of collateral damage with respect to cyber risks with attacks touching people "who never dreamed they might be involved in a security breach," says Hewlett-Packard Co. in a report issued Wednesday
Security Startup Provider buguroo Launches New Threat Intelligence Platform(App Developer Magazine) Security provider buguroo, a U.S. startup and spinoff of Deloitte's European Security Operations Center (SOC), is launching bugThreats, a threat intelligence platform (TIP) that looks outside the enterprise infrastructure and focuses on useful intelligence gathered where the compromised end users, and their stolen data, are
How is cryptography incorporated into PoS terminals?(We Live Security) When analyzing the security of PoS (Point of Sale) applications, we have to take into account the necessary involvement of magnetic stripes and cardholder data, which is extremely sensitive information, both for the holder and the financial institution that issued it
Threat Intelligence and SIEM (Part 3) — Combining for Better Security(Recorded Future) Previously, in part one and part two of this series, I explained how threat intelligence (TI) provides defenders better insight into the type of malware, delivery mechanisms, exploits, and overall situational awareness of threats and attack strategies faced by other companies
ISIS's Twitter Campaign Faltering Amid Corruption(Newsweek) The success of the Islamic State militant group (ISIS) at spreading its English-language radical Islamist propaganda on Twitter is faltering, as the social media platform continues its crackdown on jihadi accounts, according to a new report released Thursday
Opinion: Why cybersecurity needs a grass-roots solution(Christian Science Monitor Passcode) President Obama's Cybersecurity National Action Plan rightly aims to make digital security a higher priority. But Washington needs to work more with states and cities to boost awareness of cyberthreats and the adoption of best practices
DHS releases initial guidelines for cyber threat info-sharing(Federal Times) The Department of Homeland Security is moving forward with the biggest piece of cybersecurity legislation passed last year, issuing preliminary guidance on how the private sector and government will communicate threat data as part of the Cybersecurity Information Sharing Act
Obama Creates Cyber Panel, Says Long-Term Vigilance Needed(ABC News) President Barack Obama on Wednesday appointed his former national security adviser, Tom Donilon, to lead a new commission on cybersecurity that will make detailed recommendations on how the nation should better protect itself against computer attacks
DHS Official: US Digital Service Not Only a Fix-It Team(Nextgov) The White House's digital services team earned heaps of publicity after rushing to fix the botched Healthcare.gov roll-out, but its mission isn't necessarily to "fix broken things in government," according to one senior official
Apple can comply with the FBI court order(Trail of Bits Blog) Earlier today, a federal judge ordered Apple to comply with the FBI's request for technical assistance in the recovery of the San Bernardino gunmen's iPhone 5C
Ex-NSA, CIA chief Michael Hayden sides with Apple in FBI iPhone encryption fight(The Week) Apple and the U.S. government are gearing up for a public and legal battle over FBI Director James Comey's demand that Apple give the FBI a tool to break the passcode on San Bernardino shooter Syed Farook's iPhone, a tool Apple argues create a "backdoor" around the iPhone's security, putting customer privacy and safety at risk and setting a dangerous precedent in the U.S. and abroad
Edward Snowden, Sundar Pichai back Apple in fight over iPhone(USA Today) Former National Security Agency contractor Edward Snowden has backed Apple's refusal to comply with a federal court order to help the FBI unlock an iPhone used by one of the assailants in the mass shootings in San Bernardino, Calif., in December
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Department of the Navy (DON) IT Conference, West Coast 2016(San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...
ICISSP 2016(Rome, Italy, February 19 - 21, 2016) The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information...
CISO Canada Summit(Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...
Interconnect2016(Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...
Insider Threat Program Development Training Course — Maryland(Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...
CISO New York Summit(New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
BSides San Francisco(San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...
CISO Summit Europe(London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...
RSA Conference 2016(San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016
Cybersecurity: Defense Sector Summit(Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.