skip navigation

More signal. Less noise.

Economic Alliance of Greater Baltimore

Maryland leads the nation in cybersecurity with a large, highly qualified workforce, 20,000 job openings, investment opportunities, and proximity to key buyers.

Daily briefing.

The director of Norway's E-tjenesten intelligence service flags both Russia and China as cyber espionage threats. He also explicitly charged Chinese actors with theft of intellectual property from Norwegian firms.

Nominal ISIS supporters continue their practice of hitting small targets of opportunity, this time a small manufacturer of solar panels in England. The "Caliphate Cyber Army" defaced the website of Solar UK at the end of January.

The ransomware infestation of German hospitals has spread beyond the initially reported attack on Lukaskrankenhaus in Neuss. Two other medical centers in Nordrhein-Westfalen, Klinikum Arnsberg and a second unnamed facility have also been affected. Klinikum Arnsberg says that patient care was not interrupted. Police are investigating.

Trustwave researchers say they've found the Angler exploit kit on Extendoffice[dot]com. Angler, of course, disseminates TeslaCrypt ransomware.

TrendLabs reports that FighterPOS, a strain of point-of-sale malware active largely in Brazil, has acquired worm-like capabilities that enhance its ability to spread. FighterPOS steals payment card details, and a Brazilian site is offering validation services on the black market to assist criminals with monetization of stolen cards. Validated cards fetch a premium price.

Snapchat has apparently sustained a successful phishing attack and exposure of employee data.

In the US, the Internal Revenue Service revises upward—by some 390,000—the number of taxpayers whose information was stolen from weakly secured IRS sites.

Palo Alto Networks strong results released late last week buoyed the company's shares and had a broader effect on the markets: Fortinet and Check also enjoyed a lift.

Notes.

Today's issue includes events affecting Australia, Brazil, China, Germany, Japan, Republic of Korea, New Zealand, Norway, Russia, Singapore, United Kingdom, United States.

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Dateline RSA 2016

A guide to the RSA 2016 conference (CSO) Going to RSA 2016? Failing to plan is planning to fail

RSA Conference 2016: Past Tense and Future Trends (IBM Security Intelligence Blog) 2016 marks the 25th RSA Conference in San Francisco. In two and a half decades, this IT gathering has established itself as a communal space for both digging deep into current threat vectors and taking a hard look at the future: What’s the on the radar, and how can enterprises get prepared?

RSA Conference Opens Feb. 29, Tackling Pervasive Security Crises (NewsFactor) Set to kick-off Monday, the 25th annual RSA Conference on information security in San Francisco will see speakers and attendees focus on an array of fast-evolving and ever-more-pervasive cybersecurity threats. That focus is reflected in the theme of this year's event: "Connect to Protect"

RSA Conference 2016: What's Old Security is New Again (eWeek) Kurt Stammberger, founder of the RSA Conference, sees the same issues in FBI vs. Apple as were brought to the fore in 1993 with Clipper Chip

Apple vs FBI shines spotlight on RSA Conference (CNBC) As our online and offline lives merge, cybersecurity has crept into mainstream consciousness as both a business and personal concern

RSA 2016: Cyber-Insurance (CSO) When I was a kid growing up on Montreal, every now and again a door to door salesman would knock on the door

Cyber Attacks, Threats, and Vulnerabilities

Norway officially accuses China of stealing military secrets (SC Magazine) Threat actors in China have stolen confidential information from Norwegian companies which is now being used in Chinese military technology says General Lt Morten Haga Lunde, head of the Norwegian intelligence

ISIS launch cyber attack… on a tiny East Sussex solar panel company (Express) ISIS computer hackers followed their high-profile attack on the Pentagon's website with an unusual target: a solar panel company in East Sussex

Crypto ransomware hits German hospitals (Help Net Security) At least three hospitals in the German state of North Rhine-Westphalia have been hit with crypto ransomware

Hackers hold German hospital data hostage (Deutsche Welle) Several hospitals in Germany have come under attack by ransomware, a type of virus that locks files and demands cash to free data it maliciously encrypted. It will take weeks until all systems are up and running again

Angler Exploit Kit Learns New Tricks, Finds Home On Popular Website (Threatpost) Researchers report Angler Exploit Kit attacks have become more brazen and are now targeting top websites with new tricks that can evade browser-based antimalware protection

FighterPOS Malware Can Now Spread on Its Own (Softpedia) Brazilian POS malware gets worm-like features

Card “Verification” Now Offered “As a Service” by Brazilian Cybercriminals (TrendLads Security Intelligence Blog) We highlighted in our Brazil underground report how rampant credit card fraud is in Latin America. One key step in this process is card verification – i.e., checking that the cards work. We’ve found a new service called CheckerCC that was meant to help make this easier

Snapchat Employee Data Leaks Out Following Phishing Attack (Tech Crunch) Snapchat is famous for its disappearing messages, but unfortunately not everything in this world is ephemeral when you need it to be

Beware malicious invoices spammed out via email (Hot for Security) It’s been over 20 years since the first Word macro virus reared its ugly head and pulled the carpet from underneath the feet of computer users worldwide

UC Berkeley Alerts 80,000 People After Cyber Attack (Huffington Post) A system that stores social security and bank account numbers was hacked

Total Recall: Troy Hunt Breaks Down his Nissan Hack (Threatpost) Last month, when researcher Troy Hunt argued the dangers of insecure APIs at a security workshop, little did he know hours later he would discover an API vulnerability that allowed remote access to onboard computers of 200,000 Nissan Leaf and eNV200 electric automobiles

IRS: Actually, that breach last year was way worse than we thought (CIO) The 'Get Transcript' cyberattack is now thought to have affected roughly seven times more taxpayers than originally estimated

IRS: 390K More Victims of IRS.Gov Weakness (KrebsOnSecurity) The U.S. Internal Revenue Service (IRS) today sharply revised previous estimates on the number of citizens that had their tax data stolen since 2014 thanks to a security weakness in the IRS’s own Web site

A debut of sorts on ‘60 Minutes’ (Pittsburgh Post-Gazette) My words, but not my name, recently appeared in an odd cameo about Chinese cyber-hacking

2,000 personal photos, emails, and other info found on used smartphones (Graham Cluley) Porn found on phones found at pawn shops

E-filing taxes? Watch out for fraud. (CNBC) If you're planning on filing your taxes online, caution is advised

Ads on websites are dangerous to more than your sanity (Trend Micro: Simply Security) When surfing the Web, there are few instances more annoying than unprovoked ads

Looking for love in all the wrong places: Hackers go after online dating (Trend MIcro: Simply Security) It's been said that hackers will exploit any possible entry point for gain, and this includes the heart

Most software already has a “golden key” backdoor: the system update (Ars Technica) Software updates are just another term for cryptographic single-points-of-failure

Security Patches, Mitigations, and Software Updates

Those software updates are more important than you think (Trend Micro: Simply Security) Microsoft has announced that it will be going forward with its original plans to end support for older versions of Internet Explorer

Cyber Trends

How hackers are making the worst-case security scenario ever worse (ZDNet) Threats, ransom demands and public taunting of executives by hackers are all on the rise, warns report, changing what worst-case scenario really means

Modern Web Apps: Not The Risk They Used To Be (They’re Worse!) (Dark Reading) Even a tiny Web application without a single byte of confidential data can expose your corporate crown jewels to cybercriminals

5 Reasons SAP Security Matters (Dark Reading) New research shows many organizations may not realize the threat posed by vulnerabilities in SAP applications

The rise of polymorphic malware (Help Net Security) 97% of malware is unique to a specific endpoint, rendering signature-based security virtually useless

Can poorly designed embedded devices kill? (Help Net Security) The industry is not taking safety and security seriously enough, according to the Barr Group, who conducted a survey to better understand the state of safety- and security-aware embedded systems design around the world

Threat Intelligence: The hot topic that makes people hesitant (CSO) While the concept is great, actually discussing threat intelligence is a huge roadblock for some firms

Is threat intelligence being devalued by an information overload? (Computer Business Review) Analysis: The comfort blanket of data in threat intelligence is suffocating cyber security analysts

Feds want mobile security, except when they don’t (GCN) Mobile security is assumed to critical to an agency’s overall IT security, but details on the effectiveness of such programs are scarce, making it hard to assess the overall risk from mobile devices

Study: Asia-Pacific’s ‘Cyber Five’ nations more vulnerable to cyberattack (eGovInnovation) The ‘Cyber Five’ nations -- South Korea, Australia, New Zealand, Japan, and Singapore -- appear nine times more vulnerable to cyberattack than other Asian economies, according to the 2016 Asia-Pacific Defense Outlook released by Deloitte Touche Tohmatsu Limited (DTTL)

Marketplace

Playing With Fire: Risk and Reward in a Digital World (Willis Towers Watson Wire) This year is the 350th anniversary of the Great Fire of London, one of the largest urban fires in history. Caused by a flying spark in a bakery, the fire destroyed a third of the city, and made 100,000 people homeless

Why cyber insurance will be the new enterprise necessity in 2016 (Information Age) Financial organisations must find ways to insure themselves against cyber attacks, but with insurance premiums rocketing they face a difficult challenge in evaluating their cyber insurance needs

DHS Says: No Need for $675M Cyber Contract, We've Already Got It Under Control (Nextgov) The Department of Homeland Security says it will not resuscitate a more than half-billion dollar cyber contract it abandoned earlier this month after a 2-year competition

PSC wants answers on cancelled $675M cyber solicitation (FCW) The Department of Homeland Security's sudden cancellation of a two-year-old, $675 million solicitation for a Cyber Centric Mission Support Services contract has the Professional Services Council wondering what happened

Cyberark Software Ltd, FireEye Inc Rally After Palo Alto Networks Inc Earnings (Bidness Etc.) Several cyber-security stocks jumped today, after Palo Alto Networks reported strong quarterly results

Palo Alto Networks CEO: ‘We’re Taking Share From Everyone’ (Investors.com) Investors heaved a collective sigh late Thursday, relieved that a slowdown in network security spending didn’t batter Palo Alto Networks (PANW), which delivered view-crushing fiscal Q2 earnings on its simplified platform approach

Cybersecurity Stocks to Buy Now (Barron's) Three security firms that are poised to benefit as companies bolster defenses against cybercrime

Morgan Stanley slashes value of stakes in Palantir, Dropbox (Silicon Valley Business Journal) Even the highest-flying unicorns are being brought lower amid the market turmoil of recent months

Singtel transforms to answer call of the future (Straits Times) It is investing in new digital businesses to stay ahead after building up strong global presence

So You Want to Be a Security Researcher? (Dark Reading) Security researchers need a broad set of skills to investigate a constantly-changing threat landscape. But specializing in areas such as reverse engineering or network forensics will boost opportunities

CyberCalifornia initiative to facilitate research and innovation (Help Net Security) More than ever, California stands at the forefront of new technologies based on the Internet of Things (IoT)

The Techies 2016 winners - Ticketmaster, Darktrace and Barclays among winners at The Techies (Techworld) Ticketmaster, Darktrace, Barclays and glh.Hotels were among the big winners at The Techies last night, the inaugural edition of the awards to celebrate innovation, disruption and entrepreneurship across the UK technology scene

Products, Services, and Solutions

Comodo Launches New Cloud Delivered Secure Web Platform (IT Business Net) The Comodo organization, a global innovator and developer of cybersecurity solutions, today launched a new Cloud Delivered Secure Web Platform - Comodo Dome, an integrated solution that acts as a series of highly advanced security checkpoints across all incoming and outgoing traffic on a network

CipherCloud Releases New Cloud Security Broker App (CloudWedge) CipherCloud has quietly gained a large following in the enterprise cloud access security broker market by building solutions that are both affordable and easy to implement

Finally: The Solution For Parents On Cyber Safety For Kids (Newsmaker) For most parents in this digital age, tackling the pitfalls of their children’s current or future internet usage is of huge concern, to the point of overwhelm

Technologies, Techniques, and Standards

The ROI Of Infosec: 11 Dos and Don’ts For Management Buy In (Dark Reading) The case for a bigger bottom line depends on how well you argue that the business can't run without a specific level of security infrastructure

Second cyberspace weapon system reaches Full Operational Capability status (AIr Force Space Command) Air Force Space Command achieved a significant milestone February 12 when the Cyberspace Vulnerability Assessment/Hunter (CVA/H) Weapon System reached Full Operational Capability (FOC) status

Microsoft Shores Up Its Cyberattack Defenses (Wall Street Journal) New war room to thwart hackers unites security engineers from various parts of software giant

Design and Innovation

Fixing the Internet's routing security is urgent and requires collaboration (CSO) A volunteer participation program for ISPs to prevent route hijacks and IP spoofing is gaining some traction

Academia

Pulaski County gets grant for cyber camp (Roanoke Times) A state-sponsored cyber security camp is set for Pulaski County this summer

Legislation, Policy, and Regulation

White House moves to expand 'sharing intelligence between NSA, FBI and CIA' (International Business Times) The Obama administration is reportedly moving to broaden the current scope of information sharing between the National Security Agency (NSA) and other US intelligence agencies by stripping away existing restrictions on who exactly has access to communications data scooped up by surveillance programmes

Obama administration closing in on rules to let NSA share more freely with FBI, CIA (Ars Technica) New rules have been in the works since 2008 and may be approved in “months"

Litigation, Investigation, and Law Enforcement

Police chief: There’s a “reasonably good chance” not much is on seized iPhone (Ars Technica) Top San Bernardino cop tells NPR there's "low probability" unlocking it will reveal more

Apple says DoJ’s request for iPhone unlocking is unconstitutional (Help Net Security) Apple has filed a motion to vacate the earlier court order that would force them to help the FBI access the contents of the iPhone of the San Bernardino gunman by creating a new OS that would bypass existing security measures

Forcing Apple to Hack That iPhone Sets a Dangerous Precedent (Wired) Are Apple and other tech companies somehow against America’s national security if they create uncrackable encryption software that government investigators or even the company’s own engineers can’t break into?

Facebook, Google, Microsoft to join tech industry in supporting Apple in court (CSO) The court ordered Apple to assist the FBI to unlock an iPhone 5c

Why It's So Hard For The Government To Hack Your Phone (TestTube) The FBI is currently in a battle with Apple to allow encrypted phones be unlocked, but how does encryption even work?

Apple-FBI Case Has Wide Implications (The Bull) Apple and the US government are squaring off in an epic legal battle with wide-ranging implications for how technology firms must work with law enforcement

Opinion/Editorial: FBI's phone request will lessen safety (Charlottesville Daily Progress) “There’s nothing secure about giving the FBI their way,” says Brian Barrett at Wired.com

RIAA gets $22M default judgment against “brazen and egregious” MP3 website (Ars Technica) RIAA: "The modern Internet landscape has no room for this blatantly illicit site"

Iovation’s Greg Pierson Opens Up (But Only So Far) About UB Scandal Following Nevada Licensing (CardChat) Greg Pierson, CEO of the newly licensed in Nevada Iovation, opened up about his relationship with Russ Hamilton in an exclusive interview with Gaming Intelligence (GI) on Thursday

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

BSides San Francisco (San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...

CISO Summit Europe (London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...

RSA Conference 2016 (San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in...

International Academic Business Conference (New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...

CISO Chicago Summit (Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Navigating Summit 2016 (Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...

CISO Atlanta Summit (Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...

The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

SANS 2016 (Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 ...

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, March 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM),...

Pwn2Own 2016 (Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...

ICCWS 2016 (Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...

Risk Management Summit (New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce.

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.