Security incidents happen at the seams, between tools and teams. Unite your people, processes, and technologies behind an intelligence-driven defense. Attend this ThreatConnect webinar to learn how.
June 6, 2016.
By The CyberWire Staff
The latest round of attacks in South Asia cyberspace came to light at the end of last week as FireEye reported that hackers operating from Pakistan posed as journalists in a spearphishing campaign targeting Indian civil servants. The bait was purported news about their pay (referencing the Seventh Pay Commission); the payload was BreachRAT. The threat group is believed to have been active for several years in campaigns against the Indian government and Pakistani dissidents.
Continuing investigation of the Bangladesh Bank fraud suggests that the New York Federal Reserve Bank rejected thirty-five bogus transfer requests before releasing $81 million to the thieves. More observers are convinced that North Korea’s government is implicated in the theft.
Criminals are giving Android security a close look. Among other things, they’re looking at ways to exploit the UsageStatsManager API. And Github is serving as their collaborative R&D platform.
Russian IT security companies have developed monitoring apps that raise privacy concerns (but not within the Russian government).
The war against ISIS proceeds. Observers characterize US cyber operations against ISIS networks as obvious battlespace preparation. ISIS itself shows signs of autocannibalism as its leaders’ mutual mistrust grows.
In a gift to those who treasure anxiety, Carnegie-Mellon offers the ten riskiest emerging technologies: augmented reality, smart homes, enterprise 3D printing, networked dashboard telematics, smart medical devices, smart robots, smart sensors, commercial drones, driverless cars, and car communications.
Germany prepares to restrict BND surveillance. UK observers wonder if similar restriction of GCHQ are likely to have any effect.
Today's issue includes events affecting Australia, Bangladesh, Canada, China, Germany, India, Iraq, Democratic Peoples Republic of Korea, Pakistan, Russia, Saudi Arabia, Syria, Turkey, United Kingdom, United States.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from Malek Ben Salem (of our research partner Accenture) on the challenges identity poses for the Internet-of-things. We'll also interview our guest Zach Schuler from Zinjio on his company's innovative training videos. (And we welcome iTunes reviews.)
Exclusive: NY Fed first rejected cyber-heist transfers, then moved $81 million(Reuters) Hours before the Federal Reserve Bank of New York approved four fraudulent requests to send $81 million from a Bangladesh Bank account to cyber thieves, the Fed branch blocked those same requests because they lacked information required to transfer money, according to two people with direct knowledge of the matter
Russian hi-tech spy devices under attack over privacy fears(Interaksyon) New Russian technologies, including phone call interception and a facial recognition app, have stirred a fierce debate about privacy and data monitoring. Infowatch, a Moscow-based IT security company managed by businesswoman Natalya Kasperskaya, found itself in hot water last month after it revealed it had invented a system that companies can use to intercept employees’ mobile phone conversations
Will the next major data breach start on mobile?(Help Net Security) Over the past few years, we have seen a spike in major data breaches from noteworthy businesses such as Target, Home Depot, and Sony (to just name a few). While data breaches continue to dominate headlines, the news often focuses on the cost to the business and consumers. What is often missing are the details on how attackers gained access to the organization in the first place
New FastPOS Malware Focuses on Data Exfiltration Speed(Twrix Technology News) FastPOS is the name of a new malware family discovered by Trend Micro that uses a unique approach to data exfiltration, focusing on getting the stolen credit card data as soon as possible to one of its servers
Researchers Uncover Affiliate Network for Ransomware(Threatpost) Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers. The security firm released two reports on Thursday, one on a burgeoning ransomware-as-a-service business model (PDF) in Russia and the second on new developments in Russian ransomware kingpins targeting hospitals (PDF)
Understanding Angler Exploit Kit – Part 1: Exploit Kit Fundamentals(Palo Alto Unit 42) Generally speaking, criminal groups use two methods for widespread distribution of malware. The most common method is malicious spam (malspam). This is a fairly direct mechanism, usually through an email attachment or a link in the message to the malware. However, malspam requires some sort of action by the user to be successful (for example, opening an attached file).
Bkav: Router holes pose major risk(Vietnamnet) Bkav Technology Group has recently announced the results of its research on the security status of routers worldwide, finding that around 300,000 in Vietnam are at risk
Banks: Credit Card Breach at CiCi’s Pizza(KrebsOnSecurity) CiCi’s Pizza, an American fast food business based in Coppell, Texas with more than 500 stores in 35 states, appears to be the latest restaurant chain to struggle with a credit card breach. The data available so far suggests that hackers obtained access to card data at affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and that multiple other retailers have been targeted by this same cybercrime gang
How cyber criminals target their victims(My Broadband) Young and older people display different behaviours that make them targets for cyber criminals who are intent on stealing money from their bank accounts, says an expert
Sh0ping.su Hacked, Thousands of Credit Cards and Accounts Leaked(HackRead) The year 2016 has been hard on internet users and websites alike since more than 1,076 data breaches have occurred. The latest one is ShOping.su previously known as ShOping.net, a Dark Net platform where hackers and cyber criminals sell hacked and stolen accounts. Recently, someone decided to take care of the stolen data stored on ShOping.su’s server by stealing thousands of accounts and putting it for sale online – But days after the hackers decided to leak the data to the public
Reale Gefahr, aber kein Hauptangriffsziel(CRN) Mit Schadcode infizierte E-Zigaretten und Ladestationen können zum Datendiebstahl missbraucht werden. Das davor warnende Bundesamt für Sicherheit in der Informationstechnik rudert allerdings zurück: Im Fokus stehen USB-Geräte bei Hackern nich
Lenovo urges users to remove updater app from computers after critical flaws exposed(International Business Times) Major consumer PC manufacturer Lenovo is urging users to remove one of its updater applications that comes pre-installed in dozens of Lenovo laptop and desktop PC models following a damning report showing that security vulnerabilities in the app would make it possible for hackers to easily hijack the system
Human error more damagaing than cyber attacks(Charity Digital News) Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request to the Information Commissioner’s Office (ICO) highlight a concerning upward curve in reported data breach incidents, with human error remaining the main cause
Was Sicherheitsexperten derzeit den Schlaf raubt(IT-Markt) Komplexer Stuxnet-Doppelgänger, schädliche E-Glimmstängel und die schönsten Bedrohungskarten im Netz. Die Redaktion hat die Neuigkeiten zu Cybercrime und Cybersecurity der Woche zusammengefasst
Cyber security a growing threat in aviation(My Broadband) Protection against cyber attacks is becoming a growing challenge in the aviation industry, according to Tony Tyler, CEO of the International Air Transport Association
Unsurprisingly, malware incidents set to grow(Help Net Security) Up to half of US organizations have experienced malware attacks which have had a severe impact on their business operations, according to new research by IDG Connect
Are buyouts the new IPOs?(TechCrunch) Buyouts may replace IPOs as the exit of choice for tech companies in the coming months. This comes as the number of startups unable to exit into a frozen market continues to grow. With only two tech IPOs so far in 2016, and poor market returns for the majority of those already public, companies are turning elsewhere to cash in on their efforts. Just this week, analytics firm QLik was
The CISO Job Market in 2016: Time to Jump Ship?(IBM Security Intelligence) For CISOs that are even remotely considering switching jobs, the sky appears to be the limit. A quick search of job offers for CISOs returns thousands of results, and there should only be more to come as organizations realize the importance of having a security leader firmly ensconced in the enterprise.
Symantec lays out details of its cost-cutting plan(CIO Dive) A large part of the cost savings will come from moves such as outsourcing back office positions to India and cutting about 1,200 employees, Andrew Nowinski, Piper Jaffray senior research analyst, told CRN
Akamai's Impressive Cloud Connectivity And Security Solutions Make It A Compelling Buy(Seeking Alpha) Cloud solutions are the future of an economy moving towards digitization. AKAM's product platforms are trying to offer solutions to some of the most pressing challenges in the space of digital security and cloud based data management. Strong numbers in fiscal 2015 show the company's ability to develop sustainable solutions in a field where data management and security is fast becoming a major inflection point for corporations
root9B Awarded Subcontract Supporting U.S. CYBER COMMAND(PRNewswire) root9B, a root9B Technologies (OTCQB: RTNB), company and leading provider of advanced cybersecurity services and training for commercial and government clients, announced today that it has been awarded a subcontract from prime contractor Science Applications International Corporation (SAIC). The USCYBERCOM multiple award, indefinite-delivery/indefinite-quantity (IDIQ) contract awarded to SAIC, has a period of performance of 5 years, and a ceiling value of $460 million for all awardees
Chris Inglis Elected to KEYW’s Board of Directors(Globe Newswire) The KEYW Holding Corporation (NASDAQ:KEYW) announced today the election of John C. (“Chris”) Inglis to its Board of Directors. The Board also appointed him to the Nominating and Governance Committee
Products, Services, and Solutions
Encryption launched by Symantec for Web Hosting Companies(SirG) ecurity major Symantec recently launched the Encryption Everywhere, an encryption, and security package that can be used by web hosting companies. It aims at providing better safety and security for web hosts and therefore the clients who use web hosts for their websites
Verizon Launches IoT Solution for Water Utilities(CivSource) Verizon has launched a new IoT offering for water utilities that is part of the company’s broader on-demand IoT platform for utilities. The platform will support electric, water and gas services and has been in development for the past two years
Atari is embracing the Internet of Things with new smart home devices(TechCrunch) Admittedly, Atari isn’t the entertainment powerhouse it once was. The company has spent the last few years digging attempting to reinvent itself after declaring bankruptcy in 2013, focusing largely on mobile gaming plays and casino deals. Now the one-time gaming juggernaut is lending its legendary name to a line of connected home devices. It’s not exactly a new console, sadly
Technologies, Techniques, and Standards
The Art of Intelligent Deception in Cyber Security(Information Management) While tools that protect a network’s perimeter are undoubtedly an important part of an organization’s security architecture, no solution – whether it’s a firewall or antivirus software – can prevent every attack. This is because it’s not an even fight
The security concerns of free email service provider use(Help Net Security) Thanks to modern collaboration tools, today’s workforce can be more secure, efficient and powerful than ever. However, leading organizations recognize that security threats are evolving, and agree that mitigating cyber risks is a job for everyone — from the sales team up to the board of directors. Yet, a recent Ponemon study found that 35% of board members admit cyber security is not on their agenda and 26% reported having minimal to zero cyber security knowledge
9 reasons why your security awareness program sucks(CSO) As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing
Artificial intelligence is changing SEO faster than you think(TechCrunch) By now everyone has heard of Google’s RankBrain, the new artificial intelligence machine learning algorithm that is supposed to be the latest and greatest from Mountain View, Calif. What many of you might not realize, however, is just how fast the SEO industry is changing because of it
Thinking through the threat of cyber war(Business Insurance) Sound risk management requires its practitioners to perform many tasks, and to perform them well. Some are obvious, like making sure insurance purchased adequately covers the exposures involved. Others may not be so obvious
The ‘Little Boy’ of Cyberspace(Foreign Policy) Academy Award winner Alex Gibney on how cyber weapons like Stuxnet are changing the future of war -- and why Washington isn't prepared for the fallout
No more hoarding zero days(The Hill) Imagine how angry you would be if you found out that the last time someone stole your banking information something could have been done to stop that from happening. Or, better yet, how violated you would feel if some creepy digital predator was able to take over your family's home surveillance system only because someone failed to update the system's security settings?
Without solid training options, mysterious Cyber Command remains a work in progress(Military Times) The military's demand for cyber capabilities is soaring. Defensive and offensive operations, including those targeting the Islamic State group, are occurring with greater frequency. There's talk of elevating U.S. Cyber Command's profile within the Defense Department. And yet six years after its creation, the organization does not have a training environment for large-scale exercises and to evaluate the readiness of its force
Tackling Cyber Warfare(Defense News) Matthew Swartz, executive director of the Navy’s Fleet Cyber Command, discusses his work as manager for “Task Force Cyber Awakening," the Navy’s approach and response to cyber security
Dozens in Russia imprisoned for social media likes, reposts(AP) Anastasia Bubeyeva shows a screenshot on her computer of a picture of a toothpaste tube with the words: "Squeeze Russia out of yourself!" For sharing this picture on a social media site with his 12 friends, her husband was sentenced this month to more than two years in prison
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
LegalSEC Summit 2016(Baltimore, Maryland, USA, June 9 - 10, 2016) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
New York State Cyber Security Conference(Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...
SecureWorld Portland(Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
Cybersecurity and Financial Services: Understanding the Risks(San Diego, California, USA, June 9, 2016) Join San Diego's KCD PR for a conversation on a hot topic for every business operating in the Fintech and Financial Services space: Cybersecurity. The nature of cybersecurity breaches is continuously changing...
SIFMA Cyber Law Seminar(New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...
Cleared Job Fair(Tysons Corner, Virginia, USA, June 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...
SANSFIRE 2016(Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind...
Show Me Con(St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they...
CISO DC(Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and...
Cyber Security Opportunities in Turkey Webinar(Online, June 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk.
Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks. ...
The Security Culture Conference 2016(Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture...
TECHEXPO Top Secret Hiring Event(Baltimore, Maryland, USA, June 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence,...
2016 CyberWeek(Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's...
Cyber Security for Critical Assets LATAM(Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency...
Cyber 7.0(Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle...
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
SANS Salt Lake City 2016(Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...
DC / Metro Cyber Security Summit(Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
TECHEXPO Cyber Security Hiring Event(Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.