skip navigation

More signal. Less noise.

Economic Alliance of Greater Baltimore

Maryland leads the nation in cybersecurity with a large, highly qualified workforce, 20,000 job openings, investment opportunities, and proximity to key buyers.

Daily briefing.

The Ivano-Frankivsk grid hack remains a matter of intense interest. Investigation indicates that the attackers (described by observers as disciplined and sophisticated) ran a patient campaign to establish persistence in the Ukrainian utility's network and harvest control system credentials used to produce rolling blackouts in late December.

The consensus on the DROWN vulnerability is that the SSL hole is bad enough, but not quite so bad as Heartbleed.

Researchers report that Schneider Electric’s StruxureWare Building Operation software suffers from weak default credentials and a command execution bug that could enable minimally skilled hackers to disrupt building security systems.

The US continues to pursue ISIS in cyberspace, intent on disrupting the Caliphate's communications infrastructure. Effective cyber capabilities are beginning to make their appearance at the tactical level—special operations forces, specifically including the US Navy's SEALs, are taking an increasing interest in social media as vehicles for counter-ISIS information operations.

The ACLU, in an amicus brief filed regarding the FBI's request that Apple assist in giving them access to an iPhone used by a San Bernardino shooter, warns that if the Department of Justice has its way, we can all forget about trusting future software updates. What assurance, they ask, will users have that they're not being pushed another Government OS?

The pay card breach at Wendy's chain restaurants produces significant debit card losses. Credit unions are believed especially affected.

Google has issued a Chrome update.

Skids are now trying to extort Bitcoin payments from the wives of Ashley Madison customers.

Notes.

Today's issue includes events affecting Iraq, Russia, Syria, Ukraine, United States.

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.

Dateline RSA 2016

Photo gallery: RSA Conference 2016 Expo – Moscone North (Help Net Security) The RSA Conference 2016 is underway at the Moscone Center in San Francisco

Attorney general and NSA director pitch cyber-security industry for cooperation (Network World) U.S. Cyber Command chief and NSA director Admiral Michael Rogers and United States Attorney General Loretta Lynch both took the stage at the RSA Security Conference in San Francisco yesterday to appeal for cooperation with the cyber-security industry

Defense Secretary Says He Is For Encryption And Against Back Doors (Fortune) Statements made amid a legal battle between Apple and the Justice Department

Pentagon needs data security, strong encryption: U.S. defense chief (Reuters) Defense Secretary Ash Carter on Tuesday underscored the U.S. military's support for data security and strong encryption as he asked top U.S. technology sector entrepreneurs and innovators to play a larger role in national security

At RSA, Carter Calls for Help with Data Security (Defense News) US Secretary of Defense Ash Carter said Wednesday that the Pentagon understands it is lagging behind the commercial sector when it comes to best practices for protecting its data

Hack the Pentagon: Hackers asked to help secure public-facing systems (Help Net Security) The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the Department’s websites

At Silicon Valley Outpost, Carter Hears Pitches from Small Firms (Defense News) Secretary of Defense Ash Carter may not be a millionaire, but he got to play one Tuesday during a visit to the Pentagon’s Defense Innovation Unit-Experimental (DIUX) outpost

OPM hack might not have been illegal (Federal TImes) Last year, President Barack Obama and Chinese President Xi Jinping signed an agreement to prevent hacking between the countries focused on the theft of intellectual property, otherwise known as economic espionage. During a panel at the 2016 RSA Conference in San Francisco, current and former federal officials made a distinction between hacking for economic purposes as opposed to more traditional espionage between nations

RSA 2016: Cryptographers enter cyber security debate (Jane's) Cryptographers debated the future of mobile device security at the 2016 RSA Conference in San Francisco, California, on 1 March, as the US Department of Justice pushes mobile and software manufacturer Apple to unlock an iPhone for national security authorities

RSA: Geolocation shows just how dead privacy is (CSO) Where you are says a lot about what you do, what you think, what you believe and how you live. And data about all of that is being collected from our mobile devices

Only one in five orgs set up to securely manage user identities (Help Net Security) As organizations seek to capitalize on digital opportunities through rapidly developing and hosting new services online, they frequently under-invest in adequate cybersecurity measures creating significant risks, in particular governing user access

Unmanaged Wearables Infiltrating the Enterprise, According to Centrify RSA Survey (BusinessWire) Identity management for wearables should be a top priority for IT managers

Which passwords to avoid for Internet-facing systems? (Help Net Security) For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login attempts by random, opportunistic actors

Redundant cloud security controls creating headaches (TechTarget) Trend Micro's Mark Nunnikhoven said enterprises are often forced to deploy distinct cloud security controls for each type of service they deploy, making security unmanageable

#RSAC: How to Get Company Buy-in for Security Initiatives (Infosecurity Magazine) Keeping your company safe from online threats requires tech savvy but it also requires business savvy. Security officers need great analytical skills, but they also need great communications skills

Tenable debuts new cybersecurity tools at RSA Conference (Baltimore Business Journal) Tenable Network Security Inc. has launched three new cybersecurity products intended to position the Columbia company on the forefront of emerging cyber challenges among commercial companies

Kaspersky Lab Moves into IT Security Services (IT Business Edge) At the RSA 2016 conference this week, Kaspersky Lab made it clear that its ambition lies well beyond simply providing IT security products

Gone in 12 minutes: CyberArk announces real-time detection, automatic containment of cyber attacks targeting active directory (IT Web) New targeted analytics and network monitoring improve effectiveness of incident response teams by focusing on the data that matters to stop in-progress attacks

Open source risk management tool for Android application packages (Help Net Security) Are there any security vulnerabilities in the open source you use?

Balabit’s Blindspotter extends behavior analysis with biometrics (Help Net Security) Balabit, best known as “the creator of syslog-ng,” announced the release of Blindspotter version 2016.03 at the RSA Conference in San Francisco

Barracuda showcases new firewall for IoT applications and deployments (Help Net Security) At RSA Conference, Barracuda announced it has expanded its next-generation firewall product family with the addition of the new Barracuda NextGen Firewall S-Series, which is designed to empower customers to connect thousands of machine endpoints, such as ATM machines or other remote devices, enabling new ‘Internet of Things’ applications and deployments

Qualys delivers scalable, cloud-based patching (Help Net Security) Qualys announced at RSA Conference an OEM partnership with HEAT Software to deliver a cloud-based patch management offering to its global customers

Votiro's Zero Day Exploit Technology Honored as Silver Winner in the 12th Annual 2016 Info Security PG's Global Excellence Awards® Under the Category of 'Tomorrow's Technology Today' (PRNewswire) The Security Industry's Coveted Global Excellence Awards Winners and Finalists from all over the world were honored by Info Security Products Guide in San Francisco on February 29, 2016

Zimperium honored as Best of Breed winner in 2016 Cyber Defense Magazine Infosec Awards in Mobile Endpoint Security Solutions (PRNewswire) Zimperium is recognized for its innovation in mobile security during the RSA® Conference 2016

Safe-T Data Named Gold Winner in Info Security Products Guide's 12th Annual 2016 Global Excellence Awards (PRNewswire) Safe-T Data announced today that Info Security Products Guide, the industry's leading information security research and advisory guide, has named Safe-T Cloud Access Security Broker, a winner for the 12th Annual 2016 Global Excellence Awards

Intel and Intercede aim to end passwords in the workplace (ITProPortal) Digital identity and credentials company Intercede announced today that it has partnered up with Intel to bring a whole new way to authenticate in the workplace, which eliminates the dreaded password

Cyber Attacks, Threats, and Vulnerabilities

Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid (Wired) It was 3:30 p.m. last December 23, and residents of the Ivano-Frankivsk region of Western Ukraine were preparing to end their workday and head home through the cold winter streets. Inside the Prykarpattyaoblenergo control center, which distributes power to the region’s residents, operators too were nearing the end of their shift. But just as one worker was organizing papers at his desk that day, the cursor on his computer suddenly skittered across the screen of its own accord

Joe Weiss on Industrial Control Systems (National Academies of Sciences, Engineering, and Medicine) Keynote Presentation by Joe Weiss, Managing Partner at Applied Control Solutions, LLC

Weak default credentials, command injection bug found in building operation software (Help Net Security) A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to the servers and make changes that could affect a building’s security

SSL's DROWN not as bad as Heartbleed, still a security ship wreck (Register) Just set SSLv2 on fire

Researchers discover major security breach in 3D printing technology (Neowin) Researchers from the University of California, Irvine have discovered what may amount to a major security breach in the 3D printing process: the source code of any 3D printer can be easily recorded and reverse engineered, allowing hackers to reverse-engineer 3D-printed objects and potentially engage in corporate espionage

Now it's Ashley Madison wives who are receiving blackmail letters (Graham Cluley) "I am afraid this letter contains bad news"

Credit Unions Feeling Pinch in Wendy’s Breach (KrebsOnSecurity) A number of credit unions say they have experienced an unusually high level of debit card fraud from the breach at nationwide fast food chain Wendy’s, and that the losses so far eclipse those that came in the wake of huge card breaches at Target and Home Depot

10 reasons why phishing attacks are nastier than ever (CSO) Forget Nigerian princes -- today’s spearphishing is sophisticated business, fooling even the most seasoned security pros

Dark Web drugs, data dumps and death: Which countries specialize in what services? (ZDNet) An interesting study on the global underground company shows that money can get you anything -- wherever you are

You know how we're all supposed to automate now? Dark web devs were listening (Register) Crafted tool to brute-force, take over accounts, buy stuff

How Hackers Recruit New Talent (Atlantic) It involves job postings on the dark web, Skype interviews, and digital voice-changing technology

The 'Hacker' Talent Shortage: What Organizations Can Learn from the Recruitment Efforts of their Adversaries (DIgital Shadows) The seventh annual (ISC)² Global Workforce Survey estimates that there will be a shortage of information security professionals by 2020

Pirates, Ships, And A Hacked CMS: Inside Verizon's Breach Investigations (Dark Reading) New Verizon Data Breach Digest report shares in-the-trenches scenarios of actual cyberattack investigations by the company's RISK team

Security Patches, Mitigations, and Software Updates

Stable Channel Update (Chrome Releases) The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux

Microsoft Touts Timely Patching To Address Security Woes (Remond Magazine) Organizations should keep up to date with Windows updates and they should patch their line-of-business applications, too

Cyber Trends

75 Percent of Execs, Board Members Don't Prioritize Recruiting Skilled Security Pros (eSecurity Planet) And 35 percent don't know or aren't sure what legally constitutes a data breach in their state, a recent survey found

Marketplace

Investing In The Network Security Space: Palo Alto, Fortinet And Their Less Enabled Competitors (Seeking Alpha) Network security continues to be a priority investment for most companies in 2016 and beyond. The space is probably growing 3X faster than overall IT and that should continue for the foreseeable future. While there are many vendors in the space, the two standouts are clearly Fortinet and Palo Alto

The Great Divide: Cyber Security in the Corporate Boardroom (Radius) Not a day seems to go by without news about a new data breach or some other threat to a company’s cyber security

Why FireEye's Stock Is Rallying (DCInno) Acquisitions, partnerships and a new direction

Cisco 2.0: What does Cisco look like in a post-Chambers world? (MicroScope) Approximately four days after Cisco Partner Summit 2015 in Montreal, the industry’s longest serving CEO stood down

Kaspersky Lab Denies Being a Threat to US Security (Prensa Latina) The Kaspersky computer security laboratory denied today that its products might serve the hackers to damage large networks of industrial computers in the United States, according to US media

Security Fears Drive Big Companies to Cloud, Box CEO Says (Fortune) The upstart is benefiting from ties to Microsoft, IBM, and Salesforce

NATO brings two more players into its cyber partnership with industry (Jane's) The NATO Communications and Information Agency (NCIA) has formally placed two more cyber industry players under the umbrella of its NATO Industry Cyber Partnership (NICP)

Fortinet to Share Cyber Threat Intelligence With NATO (GovConWire) Fortinet (Nasdaq: FTNT) has partnered with NATO’s Communications and Information Agency to pursue information-sharing efforts to boost cybersecurity

Products, Services, and Solutions

Lockheed Martin Commercial Cyber, Cybereason release advanced endpoint solution (Financial News) Lockheed Martin (NYSE: LMT) has released Wisdom EDR, an endpoint solution that combines Lockheed Martin Threat intelligence with Cybereason´s Endpoint Detection and Response (EDR) platform, the company said

Technologies, Techniques, and Standards

Is your security awareness program culturally sensitive? Does it matter? (Infosec Institute) A security awareness program is probably the first line of defense against modern threats to IT systems and company data

3 Signs Your Information Security Team Needs Threat Intelligence (Recorded Future) Be honest, sometimes you aren’t sure

Academia

No Transparency in Administrative Delay to Inform Students of Cyber Attack (Guardian (UCSD)) In late December, the UC Berkeley Financial System was breached and the personal information of approximately 80,000 students, faculty staff and vendors was accessed

Legislation, Policy, and Regulation

Pentagon Cyber Campaign Against ISIS Signals A New Era In Warfare (Forbes) Secretary of Defense Ashton Carter and Joint Chiefs Chairman Joseph Dunford revealed on Monday that the military has launched a cyber campaign against the ISIS terrorist group aimed at disrupting its communications and impeding the extremist organization’s ability to coordinate operations. Although few details of the campaign were disclosed, Secretary Carter acknowledged that using digital weapons to disrupt enemy operations is “something new in warfare” that could not have occurred a generation ago

America's silent warriors look to up their game on social media (Military Times) The Navy SEALs' next mission could be on Twitter

‘Democratization’ of Technology Rattles U.S. National Security Agencies (National Defense) The information revolution has reached the far corners of the Earth, and for United States, that has created a whole slew of national security challenge

Hacked U.S. companies have more options, departing cybersecurity official says (Washington Post) The Obama administration’s power to impose economic sanctions in response to malicious cyberspace acts gives companies that have been hacked by foreign governments a new way to deter adversaries and prevent them from reaping the rewards of their intrusions, a former senior U.S. official said

What the Cybersecurity National Action Plan gets right (Federal Times) On Feb. 9, President Barack Obama released his Cybersecurity National Action Plan, which many accurately described as the culmination of seven years of this administration’s work on a dynamic and critical topic

Cybersecurity Information Sharing Act (CISA) Guidelines: Privacy and Civil Liberties Interim Guidelines for Federal Agencies (National Law Review) Last week, we discussed the Federal government’s first steps toward implementing the Cybersecurity Information Sharing Act (CISA). Among the guidance documents released by the Department of Homeland Security and the Department of Justice were the Privacy and Civil Liberties Interim Guidelines. This guidance is designed to apply Fair Information Practice Principles (FIPPs) to Federal agency receipt, use and dissemination of cyber threat indicators consistent with CISA’s goal of protecting networks from cybersecurity threats

Litigation, Investigation, and Law Enforcement

The OTHER iPhone unlocking case – Judge sides with Apple (Naked Security) A New York judge ruled earlier this week that the government can not force Apple to assist the FBI in unlocking an encrypted iPhone

ACLU: You can kiss trust in software updates goodbye if Apple's forced to help the FBI (Computerworld) American Civil Liberties Union files amicus brief with federal court in support of Apple

San Bernardino police officers honored by Thomson Reuters for response to Dec. 2 terrorist attack (San Bernerdino Sun) Police officers here were honored Tuesday with the Thomson Reuters Everyday Heroes award for their work on Dec. 2

FBI Agent Testifies About Undercover Role in Terror Probe (ABC News) A Los Angeles undercover FBI agent posing as an Islamic State sympathizer testified Wednesday at a terrorism trial that a U.S. Air Force veteran revealed that he expected to be arrested when he returned to the United States from a trip to the Middle East

Justice Dept. grants immunity to staffer who set up Clinton email server (Washington Post) The Justice Department has granted immunity to a former State Department staffer, who worked on Hillary Clinton’s private email server, as part of a criminal investigation into the possible mishandling of classified information, according to a senior law enforcement official

Turkish Hacker Pleads Guilty to Stealing $55M from ATMs Around the World (Softpedia) Hacker "Segate" pleads guilty, faces 57.5 years in jail

Cyberstalker sentenced to 10 years in prison (Help Net Security) Michael Daniel Rubens, 31, formerly of Tallahassee, was sentenced today to 10 years in prison, a $15,000 fine, and $1,550 in restitution for cyberstalking, unauthorized access to a protected computer, and aggravated identity theft

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

RSA Conference 2016 (San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

International Academic Business Conference (New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...

CISO Chicago Summit (Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Navigating Summit 2016 (Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...

CISO Atlanta Summit (Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...

The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

SANS 2016 (Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 ...

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, March 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM),...

Pwn2Own 2016 (Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...

ICCWS 2016 (Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...

Risk Management Summit (New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce.

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.