skip navigation

More signal. Less noise.

Daily briefing.

Austria's FACC AG, an aircraft parts supplier to both Boeing and Airbus, reports losing $54 million to cyber criminals. Early indications suggest the loss occurred through socially engineered fraudulent wire transfers.

The current wave of cyber attacks against Ukrainian power distribution systems still seems unconnected with December's rolling blackouts.

Malwarebytes fingered a Symantec partner, Silurian Tech Support, as the perpetrator of a tech support scam that spoofed Symantec warnings to push services on its victims. Symantec promptly moved to terminate its relationship with Silurian.

US voter databases still circulate on the Dark Web, apparently stolen from campaign consulting firms.

US-EU Safe Harbor arrangements will almost certainly expire before a new modus vivendi can be reached. Companies look closely at how expiration will affect compliance and risk management.

NATO leaders, notably US Defense Secretary Carter, say they're working harder at counter-ISIS information operations, but also acknowledge that they're playing catch-up in the struggle for disaffected hearts and minds.

US NSA Director Rogers says, "encryption is here to stay," apparently staking out a position in contrast to that of crypto-skeptical FBI Director Comey.

Igor Dubovoy pleads guilty to conspiracy to commit wire fraud in a US Federal court. Prosecutors describe insider stock-trading that hacked corporate networks for early copies of press releases.

"Find-my-phone" apps steer people to an innocent address in Atlanta, and no one seems to know why.

Analysts look at FireEye's prospects and wonder how it with weather challenges from rival Palo Alto, especially given Palo Alto collaboration with Proofpoint.

Notes.

Today's issue includes events affecting European Union, France, Germany, India, Israel, NATO, Russia, Turkey, Ukraine, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Ukraine says cyber attack on airport launched from Russia (Hue Wire) Malware was found in the airport's IT infrastructure, which included air traffic control, that was similar to the software used to attack Ukrainian power plants in December. He said there has been no damage, and the malware was detected early in the airport's system

Cyberattacks Against Ukraine Power Grid Continue, Experts Warn Against Blaming Russia (International Business Times) Hackers are continuing to target Ukraine's power grid with cyberattacks after initial strikes in December caused a widespread power outage impacting hundreds of thousands of people. But security experts warn these new attacks show that pointing the blame at the Russian government without real evidence is premature

Aircraft part manufacturer says cybercrime incident cost it $54 million (PCWorld) FACC AG said the attack was executed against one of its accounting departments

Tech Support Scammers Lure Users With Fake Norton Warnings, Turn Out To Be Symantec Reseller (Malwarebytes Unpacked) Fraudulent tech support companies are well-known for taking advantage of unsavvy computer users by reeling them in with scare tactics and charging large amounts of money for bogus services

Symantec terminates partner over tech support scam (CRN) Rival Malwarebytes outs US partner Silurian as unlikely source of 'one of the worst cases of abuse' it's seen

Kovter Malware Victims Were Secret Zombies in the ProxyGate Proxy Network (Softpedia) During the past few months, computers infected with the Kovter click-fraud malware were also secretly added to the proxy network operated by ProxyGate, the Forcepoint team reports

Kovter Actors Now Turning Machines Into Zombies (Forcepoint Security Labs) For a while now, actors have been distributing the Kovter click-fraud malware in e-mails via JavaScript attachments

Fake Facebook emails deliver malware masquerading as audio message (Help Net Security) A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same

Operation Emmental Revisited: Malicious Apps Lock Users Out (TrendLabs Security Intelligence Blog) Imagine getting a notification from your bank, asking for your cooperation in installing an updated version of their mobile app

Criminals Impersonating India's Income Tax Department to Deliver Malware: Symantec (Gadgets 360) Cybercriminals are targetting India, US and other countries with fraudulent "tax deduction" emails to steal information, security software firm Symantec said

Scanning for Fortinet ssh backdoor (Internet Storm Center) On 11 Jan, a Python script was posted on the full-disclosure mailing list that took advantage of a hardcoded ssh password in some older versions of various products from Fortinet

Media devices sold to feds have hidden backdoor with sniffing functions (Ars Technica) Highly privileged account could be used to hack customers' networks, researchers warn

Backdoor account replaced by another backdoor in vendor stumble (IDG via CSO) The issue has been fixed but raises questions over how companies manage vulnerability reports

RSA Conference registration page collecting Twitter credentials (CSO) Security pros notice something strange on the registration website

More US Voters Data Circulating On The Dark Net (Hack Read) Recent chronicles and newly found excerpts that reveal questionable and suspicious voting records of millions of American citizens are uploaded to a sneaky website on the dark web

Show me the Money: Cybercriminals Hijack Online Resources to Boost Profits (SecurityWeek) Two decades ago the movie Jerry McGuire premiered and the phrase "show me the money" was launched into the popular lexicon

Flint hospital confirms 'cyber attack,' Anonymous threatens action over water crisis (Michigan Live) Hurley Medical Center has confirmed it was the victim of a "cyber attack" a day after hacktivists threatened action over Flint's water crisis

Here's what an Ashley Madison blackmail letter looks like (Graham Cluley) I've written before about Ashley Madison-related blackmail threats and how they then began to be sent out by extortionists via the US postal system

Security Patches, Mitigations, and Software Updates

Google creates fix for zero-day kernel flaw, says effect on Android is greatly exaggerated (IDG via CSO) Most Android devices are unlikely to run vulnerable kernel versions, and those that do are protected by SELinux, the company said

Apple Fixes Cookie Theft Bug in iOS 9.2.1 (Threatpost) When Apple pushed out iOS 9.2.1 earlier this week, it fixed a nasty bug that lingered in the wild for nearly three years and could have let an attacker steal cookies and impersonate victims

Cyber Trends

The Five Risks That Threaten the Future of FinTech — and How Insurance Can Help (Willis Towers Watson Wire) Advances in technology promise to change the way financial institutions operate in hundreds of ways in the next decade. Many of these changes will require a reexamination of the way insurance mitigates the risk associated with the business

Secunia Research urges everybody to patch up Flash Player (IT Pro Portal) Secunia Research at Flexera Software has published a report covering the fourth quarter of 2015 for 14 countries, regarding vulnerable software, applications and PCs

Why your health data isn't as secure as it should be (Naked Security) Your health status is perhaps the most intimate information anyone could know about you, so it should be your decision whether you share or keep your medical records private

Loss of life, liability top cybersecurity fears for health IT leaders (FierceHealthIT) Losing patients due to malicious actors gaining access to systems or hacking medical devices is the top fear for healthcare leaders when it comes to cybersecurity, according to the results of a new survey

Exposing the shadow data threat (Help Net Security) Blue Coat conducted an analysis using the Elastica CloudSOC platform provided insights into 63 million enterprise documents within leading cloud applications, including Microsoft Office 365, Google Drive, Salesforce, Box and others

Marketplace

Israel Claims Surge in Cyber Sales, Investment (DefenseNews) Israeli exports of cyber-related products and services in 2015 are an estimated $3.5 billion, about $500 million more than 2014 figures and more than all other nations combined apart from the United States, the government announced Thursday

FireEye closes lower after Q4 pre-announcement; Street worried about 2016, PANW/PFPT alliance (Seeking Alpha) Though FireEye (NASDAQ:FEYE) opened up strongly after pre-announcing Q4 sales/billings and disclosing it's buying threat intelligence services firm iSIGHT for $200M+, shares closed down 0.5%. The cybersecurity hardware/software/services provider is down 29% in 2016, and 49% since its Nov. 4 Q3 report

Will Palo Alto-Proofpoint Alliance Undercut FireEye? (Investor's Business Daily) FireEye's (NASDAQ:FEYE) shift to cloud-based email protection could face "strong competition" from a Palo Alto Networks (NYSE:PANW)-Proofpoint (NASDAQ:PFPT) team-up announced late Wednesday, FBN analyst Shebly Seyrafi said Thursday

root9B Technologies Inc (OTCMKTS:RTNB) Looking To Breakout (Insider Financial) root9B Technologies Inc (OTCMKTS:RTNB) is an exciting story in small caps. Based in Colorado Springs, CO, root9B is a leading provider of advanced cybersecurity services and training for commercial and government clients

Rebuilding brand trust: TalkTalk's path back from cyber attack (Computer Business Review) Analysis: There is little precedent to show how much a cyber attack affects reputation

Gary Kasparov opens Avast's new offices (Prague Post) Chess grandmaster was guest of honor at launch of new home for anti-virus firm

Akana Names Mark Tapling as New CEO (BusinessWire) Akana, a leading provider of API Management and API security solutions for Digital Business, announced today that Mark Tapling has joined the company as its new Chief Executive Officer

Products, Services, and Solutions

LemonFish Technologies and LIFARS Announce Partnership (PRNewswire) LemonFish Technologies and LIFARS partner to deliver a unique data breach expertise using pioneering data analytics and external data detection practices to find lost content and leaked data on the deep and dark web

BlackMesh's Red Hat-based PaaS Cloud Offering Achieves FedRAMP Certification (BlackMesh) BlackMesh, a leader in cloud-based solutions, continues to provide innovative solutions to the government cloud market by officially achieving Federal Risk Authorization Management Program (FedRAMP) certification for its SecureCloud PaaS offering built with OpenShift by Red Hat

Rambus Cryptography Research CryptoMedia Platform to be Integrated into Kaleidescape Home Cinema Products (BusinessWire) CryptoMedia Player Agent will support VIDITY™–enabled 4K Ultra HD with HDR movie players

ThreatStream Adds Taia Global to its Alliance of Preferred Partners (APP) Store (EIN News) ThreatStream®, the pioneer of an enterprise-class threat intelligence platform, today announced another addition to its Alliance of Preferred Partners (APP) Store. Taia Global is the latest cyber security company to be offered in the ThreatStream APP Store

CenturyLink, WISeKey Partner to Produce Internet of Things Security Platforms (GovConWIre) CenturyLink (NYSE: CTL) and WISeKey have collaborated to produce cybersecurity services for the Internet of Things market

Parameter Security Attains PCI Approved Scanning Vendor (ASV) Certification (PRWeb via the Edwardsville Intelligencer) Parameter Security, an ethical hacking and information security firm, is proud to announce its Sentinel PCI service has successfully completed the PCI Scanning Vendor Compliance Testing and Approved Scanning Vendor certification

Technologies, Techniques, and Standards

Proactive Planning Solutions: Inside Legal's Place in Guiding Cybersecurity Plans (Legaltech News) With the potential to generate stockholder lawsuits, regulatory action and reputational damage, cybersecurity events have increasingly come under the purview of the legal department

Design and Innovation

ACT-IAC Releases Report Summarizing National Cybersecurity Ideation Initiative (PRNewswire) The American Council for Technology and Industry Advisory Council's (ACT-IAC) announced the release of its report on "Strengthening Federal Cybersecurity: Results of the Cyber Innovation Ideation Initiative"

Strengthening Federal Cybersecurity: Results of the Cyber Innovation Ideation Initiative (ACT-IAC) By all accounts, cybersecurity is a great concern across the federal government. Recent events, such as the OPM data breach, underscore the need to reinforce cyber fundamentals and introduce new, innovative ways to promote cyber resilience in an ever changing threat ecosystem

Research and Development

Largest Prime Number Discovered - Cryptography and Security Systems To Benefit (Crazy Engineers) Curtis Cooper, a volunteer of Great Internet Mersenne Prime Search at the University of Central Missouri discovered the largest known prime number — 2 to power (74,207,281)−1

Academia

Morgan Establishes Its First Endowed Chair (Morgan State University) Private and state grants fund research on Internet-of-things security

Legislation, Policy, and Regulation

Snoopers and scrutiny (Economist) Britain's planned law on intelligence oversight could become an example to other countries

Geopolitics of cyber defense and NATO's Incirlik Airbase (Turkish Weekly) Cyberspace has a significant difference from the geographies of land, sea, and air; it was created not by nature, but is an artificial construct that has components which might be used for geopolitical interest

ISIS propaganda must be boosted, U.S. Defense Secretary Ash Carter urges (Newsday) U.S. and coalition forces are battling Islamic State militants in the skies and on the ground across Iraq and Syria, but the allies are increasingly also targeting the airwaves, where they now are losing the propaganda war

U.S. lawmakers delay bill on European data privacy deal (Reuters) Legislation that would grant U.S. privacy rights to Europeans is being delayed in the U.S. Senate, which may complicate negotiations over a broader trans-Atlantic data transfer pact that faces a January deadline for completion, sources said on Wednesday

Sunset on US-EU safe harbor data agreement fast approaching (FierceGovernmentIT) Only ten days remain until the deadline for the United States and European Union to reach a new "safe harbor" agreement on data transfers between the two jurisdictions. Given U.S.-EU talks aren't expected to pick back up until Feb. 2, U.S. companies are preparing for the pact to expire

NSA Chief Stakes Out Pro-Encryption Position, in Contrast to FBI (Intercept) National Security Agency Director Adm. Mike Rogers said Thursday that "encryption is foundational to the future," and arguing about it is a waste of time

AT&T CEO won't join Tim Cook in fight against encryption backdoors (Ars Technica) Stephenson: Apple and other tech companies should stay out of encryption debate

Feds seek balance between privacy and data collection (CIO via CSO) Federal consumer-protection authorities expect companies to do more to educate consumers and offer options to limit how personal data is collected and used

Rogers: Cyber Command capabilities at 'tipping point' (FCW) More than five years after its inception, U.S. Cyber Command is at a "tipping point" in maturing its offensive and defensive cyber capabilities, said Adm. Michael Rogers, the command's head

FedRAMP authorization process changes, 'high' security baseline pilot in the works (FierceGovernmentIT) The General Services Administration-led program that aims to speed up and standardize agencies' security assessments for cloud computing technology plans to roll out major changes in the coming weeks and months

Gov't tries to soothe cyber security permit concerns (Globes) Israeli cyber figures held an emergency conference on a draft order imposing supervision on cyber systems exports

Litigation, Investigation, and Law Enforcement

Facebook's Friend Finder found unlawful by Germany's highest court (Naked Security) In its younger days, a fear spread through Facelandia: friend requests were popping up, from people who Facebook said had suggested friendships but who protested that in actuality, they'd done nothing of the kind

The interplay between information security standards and security measures under the EU data protection legal framework (Lexology) This essay discusses the relationship between technical standards and mandatory security measures under the European data protection legal framework

Know the Basics of Data Breach Notification Laws (Recorder) In 2002, California was the first worldwide to pass a law requiring businesses and agencies to notify data subjects of data security breaches

Hillary's 'Special Access' Server (Wall Street Journal) More evidence that she mishandled highly classified information

New guilty plea in big U.S. insider trading hacking case (Reuters) A trader from an Atlanta suburb admitted to involvement in what U.S. authorities have called a more than $100 million international insider trading scheme that involved hacking into networks that distribute corporate news releases

"Find my phone" apps mistakenly bring dozens of people to this house in Atlanta (Ars Technica) Fusion catches up with the couple — so far nobody knows what's causing the problem

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

POPL 2016 (St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome,...

Automotive Cyber Security Summit — Shanghai (Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards...

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

CyberTech 2016 (Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with...

Global Cybersecurity Innovation Summit (London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective...

Fort Meade IT & Cyber Day (Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products...

ESA 2016 Leadership Summit (Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and...

SANS Cyber Threat Intelligence Summit & Training 2016 (Alexandria, Virginia, USA, February 3 - 10, 2016) This Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and...

BSides Tampa 2016 (MV Royal Caribbean Brilliance of the Seas, Tampa to Mexico, February 4 - 8, 2016) BSides Tampa is an annual IT security/hacking conference featuring hands on training classes and lectures from some of the greatest minds in the industry and academia

The Law and Policy of Cybersecurity Symposium (Rockville, Maryland, USA, February 5, 2016) This one-day symposium will cover the critical legal and policy issues, challenges, and developments in cybersecurity. Legal professionals, professionals who develop cybersecurity strategies and policies,...

National Cybersecurity Center of Excellence to Celebrate Opening of Newly Remodeled Facility (Rockville, Maryland, USA, February 8, 2016) The National Cybersecurity Center of Excellence is celebrating its dedication on February 8, 2016 at the center's newly remodeled facility at 9700 Great Seneca Highway

Insider Threat Program Development Training — California (Carlsbad, California, USA, February 8 - 10, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...

Secure Rail (Orlando, Florida, USA, February 9 - 10, 2016) The first conference to address physical and cyber rail security in North America

Cyber Security Breakdown: Dallas (Dallas, Texas, USA, February 10, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach...

2016 Cyber Security Division R&D Showcase and Technical Workshop (Washington, DC, USA, February 17 - 19, 2016) The cybersecurity threat continues to evolve and in order to keep ahead of the threat; new cutting-edge cybersecurity technologies are needed. The Cyber Security Division (CSD) within the Department of...

Department of the Navy (DON) IT Conference, West Coast 2016 (San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...

ICISSP 2016 (Rome, Italy, February 19 - 21, 2016) The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information...

Interconnect2016 (Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...

CISO Canada Summit (Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...

cybergamut Tech Tuesday: Neuro Cyber Analytics: Understanding the Patterns of Human Cognition in the Cyber Domain (Elkridge, Maryland, Middletown, February 23, 2016) This presentation will discuss Neuro Cyber Analytics. Humans use context-specific neurocognitive patterns for receiving and processing internal and external sensory information. Stated differently, people...

Insider Threat Program Development Training Course — Maryland (Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...

CISO New York Summit (New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

BSides San Francisco (San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There...

CISO Summit Europe (London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to...

RSA Conference 2016 (San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.