Security incidents happen at the seams, between tools and teams. Unite your people, processes, and technologies behind an intelligence-driven defense. Attend this ThreatConnect webinar to learn how.
June 10, 2016.
By The CyberWire Staff
The Hamas-connected hacking group variously known as Gaza Cybergang, the Gaza Hackers Team or the Molerats is back after going to ground in January. Reports connect them to the DustSky cyber espionage campaign.
The Atlanticist Bilderberger Group is meeting in Germany this week, with cyber security figuring among its announced ten-point agenda. Anonymous doesn’t much care for Bilderberg, and has turned its anti-global finance OpIcarus DDoS campaign against the Bilderbergers’ website.
And since the old LinkedIn, MySpace, and Tumblr compromises have turned out to be bigger than thought, companies like Netflix are checking their customers’ credentials against lists of exposed email addresses and passwords to avoid cross-contamination.
The point-of-sale breach at the Wendy’s fast food chain also seems poised to emerge as bigger-than-thought.
uTorrent has suffered the compromise of 385,000 credentials.
Bitdefender announces it’s found a way of eavesdropping on TLS-encrypted communications between users and virtualized server instances. They’re calling the proof-of-concept “TeLeScope,” and say it exploits the hypervisor.
Phishing, ransomware, and DDoS continue their popularity among criminals and hacktivists. Enterprises are warned to be on their guard against business email compromise (particularly in the US, UK, and Australia). Crysis ransomware has eclipsed TeslaCrypt, and CryptXXX has switched its distribution mode from Angler to the Neutrino exploit kit. Locky and Dridex have fallen off dramatically as the Necurs botnet has apparently vanished.
In industry news, Zimperium gets $25 million in series C funding, and Tenable opens its search for a new CEO. US startups still find Federal acquisition too slow.
Today's issue includes events affecting Australia, China, Finland, India, Israel, NATO, New Zealand, Palestinian Territories, Russia, Singapore, Ukraine, United Kingdom, United States.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Our legal expert Markus Rauschecker from the University of Maryland's Center for Health and Homeland Security will explain a recent ruling on phone location data. You may recall that late last month we hit the Jailbreak IoT security conference, where among other interesting presentations we heard Wesley Wineberg, a senior security researcher with Microsoft, make people's flesh creep with an account of how security cameras can be hacked. Today we follow up with Wes, and he takes us through some unexpected threats arising from IP security cameras. (If you enjoy the Podcast, please share your enjoyment with an iTunes review.)
There’s the Beef: Wendy’s Breach Numbers About to Get Much Meatier(KrebsOnSecurity) When news broke last month that the credit card breach at fast food chain Wendy’s impacted fewer than 300 out of the company’s 5,800 locations, the response from many readers was, “Where’s the Breach?” Today, Wendy’s said the number of stores impacted by the breach is “significantly higher” and that the intrusion may not yet be contained
When tech CEOs get hacked, is anyone safe from data breaches?(San Francisco Business Times) When it comes to protecting online accounts, even the social media tycoons among us aren't immune to data breaches. And beyond the embarrassment factor, the breaches reveal an ever-vulnerable security landscape that can threaten individuals and business alike
Hypervisor wiretap feature can leak data from the cloud(Help Net Security) Bitdefender has discovered that encrypted communications can be decrypted in real-time using a technique that has virtually zero footprint and is invisible to anyone except extremely careful security auditors
BEC scams: What you need to know(Help Net Security) Ransomware attacks hitting businesses and institutions might be the latest trend, but they are just one of the threats these organizations have to protect themselves against
Dramatic Increase in Phishing Proves Its Effectiveness(IT Business Edge) On any given day, between 50 and 100 email messages land in my spam filter, and maybe one ended up there by accident. A few are legitimate emails, trying to sell me something based on past purchases, but most of them are phishing
CryptXXX Ransomware Jumps From Angler to Neutrino Exploit Kit(Threatpost) Crooks behind the revamped CryptXXX 3.100 ransomware have switched its distribution from the Angler Exploit Kit to the Neutrino Exploit Kit. The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center
Crysis ransomware fills vacuum left by TeslaCrypt(Help Net Security) TeslaCrypt has reached the end of the road, and other ransomware is ready to fill the vacuum left behind it. A relative newcomer to the market, Crysis ransomware is already laying claim to parts of TeslaCrypt’s territory
One of the World's Largest Botnets Has Vanished(Motherboard) With no warning, one of the world's largest criminal botnets—a massive collection of computers used to launch attacks—has disappeared. Researchers have reported huge drops in traffic for two of the most popular pieces of malware which rely on it
Locky Volumes Plummet, One of the Worlds Largest Botnets Possibly Taken Down(Cloudmark Security Blog) Motherboard reports that researcher Kevin Beaumont and several security firms have seen the distribution of Dridex and Locky malware stop as of June 1st. These pieces of malware, and several others such as Neverquest2, are spread via Necurs — what is possibly the world’s largest botnet, as stated by Beaumont
Hitting emails and Facebook: Ray-Ban scam is back(We Live Security) A while ago, we informed you about a Ray-Ban scam campaign flooding Facebook via hacked profiles. Using fake ads that offered massive discounts, attackers tried to lure users into “buying” branded sunglasses, thus giving up their payment card details via an unsecured channel
Apple users in UK and China targeted in phishing attacks(International Business Times) Apple users have become prime targets of several phishing campaigns in 2016. Security researchers have discovered that since the start of the year, assorted phishing attacks have emerged targeting iCloud users in the UK and China
Communications of the Bolek Trojan(Arbor Networks) A few weeks ago CERT Polska released a short blog post introducing a new malware family now known as Bolek. PhishMe and Dr.Web have since added some additional insight into the family. Browsing through a memory dump of the malware, a Webinjects section sticks out. Webinjects usually imply banking malware, so it seems Bolek picks up where its predecessor, Carberp, leaves off. This post takes a closer look at its command and control (C2) mechanism and what it takes to elicit a configuration file from its C2 servers
Black Hat SEO: A detailed analysis of illegal SEO tactics(Imperva) Researchers at the Imperva Defense Center have discovered a series of long-running, multi-vector search engine optimization (SEO) campaigns that exploit vulnerabilities in thousands of legitimate websites to illegally increase the SEO results for malicious websites
Bugging phones the Rube Goldberg way(Naked Security) Researchers at the University of Illinois at Urbana-Champaign have demonstrated that they can discern 80% of a mobile phone conversation by turning the phone’s vibration motor into a microphone
Do employers give enough security training?(Help Net Security) More than half of UK office workers say their employers have provided no cyber security awareness training, according to ISACA’s 2016 Cyber Security Perceptions study of more than 2,000 UK consumers online
War Games: Tracing the History of Cyber Security(Knowledge@Wharton) The concept of “cyber war” goes back to the beginning of the internet, almost 50 years ago. A new book by Pulitzer-Prize-winning journalist Fred Kaplan traces the history of this topic in his new book Dark Territory: The Secret History of Cyber War
SAIC wins big Cyber Command support contract(Defense Systems) SAIC was awarded a prime contract to provide cyber operations support services for the U.S. Cyber Command, the company announced. The contract, however, was not issued by Cyber Command or the Defense Department directly, but rather, by the General Services Administration
Hewlett Packard Enterprise, GE Team Up for Industrial IoT(Zacks via Nasdaq) n a major event yesterday, the two IT services giants, Hewlett Packard Enterprise Company (HPE) and GE Digital, a unit of General Electric Company (GE), joined forces to develop products for Industrial Internet of Things (IoT)
Tenable Network Security CEO steps down(Baltimore Sun) Tenable Network Security co-founder Ron Gula has stepped down from his role as CEO and is leading a search for a successor to help the company grow globally
Tenable Network Security looking for new CEO(Washington Business Journal) Tenable Network Security Inc., a fast-growing Columbia cybersecurity company, is searching for a new CEO that will help it expand globally, the company said Thursday
Finland's F-Secure Lays Code 'Honeypots' To Catch Cybercriminals(Forbes) The IT security market is very crowded. Along with death and taxes, this is a truth we can pin down irrefutably. London has just played host to its annual InfoSec event and the Olympia conference centre was crammed with over a hundred firms all claiming to offer ‘a new approach to threat intelligence’ and so on. As repetitively deflating as some of these claims are, a few trends are emerging
BT readies itself for IoT with Fortinet(Enterprise Times) BT has announced a deepening of its relationship with Fortinet. The new agreement will see Fortinet’s Fortigate enterprise firewalls integrated into its global portfolio of managed service
BioCatch Boosts Behavioral Biometrics Tech(PYMNTS) BioCatch, a global behavioral authentication and malware detection company, announced on Wednesday (June 8) that it will extend its collaboration with Microsoft Azure to increase its behavioral biometrics technology capabilities
Meem backs up your phone every time you charge it(TechCrunch) Forgot to back up your phone again? Meem‘s new product might be just the solution to your woes. The company creates power cables for iOS and Android that back up your device every time you plug it in. After a successful Kickstarter campaign, Meem’s cables started shipping earlier this week
What autonomous driving is — and isn’t — in 2016(TechCrunch) When Honda announced that its latest Civic sedan would have a full suite of state-of-the-art driver assist features for $20,000, The Wall Street Journal called it a self-driving vehicle. While the Civic can do a lot, it cannot drive itself. Yet. So what are we even talking about when we talk about autonomous or self-driving vehicles?
Research and Development
Researchers pack massive amounts of data into a stream of light(TechCrunch) If you’re hungry for a little holographic data storage and transfer this morning have I got a flapjack for you. Researchers at the University of the Witwatersrand, Johannesburg have packed 100 times more data into a light stream by using a pair of holographic Spatial Light Modulators to encode and decode transmissions
Former Nittany Lion Butler makes leap from NFL to cyber forensics(Penn State News) As a wide receiver for the Penn State football team from 2004 to 2009 and later for the Seattle Seahawks, Deon Butler is fully aware of the importance of teamwork to the success of any organization. As a recent graduate of the College of Information Science and Technology's (IST) online graduate program, Butler has carried the lessons he learned on the field into his role as a cybersecurity analyst
$22.2 million for a national CERT: What does it mean for your school?(Educators) Government has allocated funding for a nation-wide Computer Emergency Response Team (CERT) to help New Zealand organisations – businesses, local and regional government, health care and education – understand and respond to cyber threats. With initial funding of $22.2 million, this initiative underscores the importance government places on keeping Kiwi networks safe for commerce, privacy and learning. But what are the immediate and practical implications for the education sector, specifically your school?
Technology Acquisition Reform(Naval Research Advisory Committee) In February 2003, the Naval Research Advisory Committee was charged by Mr. John J. Young, Jr., Assistant Secretary of the Navy (Research, Development and Acquisition) to conduct a study on technology acquisition reform. The major difference between this study and others on acquisition reform is that this study focuses on ways to more smoothly inject new technology into acquisition programs
House panel approves $1.8 billion for DHS cyber spending(The Hill) The House Appropriations Subcommittee on Homeland Security on Thursday approved a spending bill providing $1.8 billion to the Department of Homeland Security (DHS) to guard against cyberattacks and protect critical infrastructure
Major cyber leadership changes for Army, Navy(C4ISR & Networks) Defense Secretary Ash Carter this week announced changes to leadership in top positions in the Army and Navy cyber divisions, appointments that come after the Navy's cyber commander was confirmed as the service's top intelligence and cyberwarfare officer
No clear answer in probe of Bangladesh cyber heist: FBI(Reuters) The Federal Bureau of Investigation is working quickly to figure out who perpetrated the cyber heist of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York in February, but there are no definitive answers yet, an FBI official said Thursday
ISIS Might Not Be So Broke After All(Vocativ) They’re being crushed on the battlefield, and losing men and morale. But Islamic State militants are a long ways still from going belly up
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
LegalSEC Summit 2016(Baltimore, Maryland, USA, June 9 - 10, 2016) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The...
SANSFIRE 2016(Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind...
Show Me Con(St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they...
CISO DC(Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and...
Cyber Security Opportunities in Turkey Webinar(Online, June 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk.
Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks. ...
The Security Culture Conference 2016(Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture...
TECHEXPO Top Secret Hiring Event(Baltimore, Maryland, USA, June 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence,...
2016 CyberWeek(Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's...
Cyber Security for Critical Assets LATAM(Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency...
Cyber 7.0(Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle...
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
SANS Salt Lake City 2016(Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...
DC / Metro Cyber Security Summit(Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
TECHEXPO Cyber Security Hiring Event(Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.