Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 7, 2016.
By The CyberWire Staff
Proofpoint finds an active cyber espionage campaign targeting Indian diplomatic and military personnel. "Transparent Tribe," as they're calling it, seems most active against Indian missions to Saudi Arabia and Kazakhstan. Several Pakistani IP addresses are said to be involved in the campaign, which uses a mix of phishing and water hole attacks to distribute the MSIL/Crimson remote access Trojan.
Observers continue to look for the causation, if any, behind BlackEnergy's correlation with December's Ukrainian grid hack.
Trend Micro finds Pawn Storm infesting government and media targets in Turkey. They offer no attribution, but they do avert to ongoing tensions between Turkey and Russia, Pawn Storm's circumstantial connection with various Russian actors, and the current infestation's localization to sites involved with criticism of Russian intervention in Syria.
The legitimate BitTorrent application Transmission has become enmeshed in what's being called the first ransomware campaign directed against Mac users. Palo Alto Networks reported the KeRanger attacks to Apple last week, and Apple has taken steps to interdict the ransomware.
The US and South Korea increase cooperation against North Korean threats, kinetic and cyber.
Observers mull the impact of last week's open avowal, by the US, of its possession of (and intent to use, against ISIS) offensive cyber weapons.
Apple draws more industry support in its dispute with the US FBI over unlocking the San Bernardino jihadist's iPhone.
And ave atque vale, Ray Tomlinson, "godfather of email," who passed away late last week. Our thanks to him; our condolences to his family and friends.
Today's issue includes events affecting Brazil, Chile, China, Colombia, European Union, India, Iran, Ireland, Kazakhstan, Democratic Peoples Republic of Korea, Republic of Korea, Netherlands, Pakistan, Romania, Russia, Saudi Arabia, Syria, Turkey, Ukraine, United Kingdom, United States, and Venezuela.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Beat the Breach: What's at stake in the encryption debate?(Christian Science Monitor Passcode) Passcode deputy editor Sara Sorcher interviews Assistant Attorney General for National Security John Carlin, RSA President Amit Yoran and Former White House Cyber Advisor Richard Clarke on the federal government's approach to cybersecurity and leading news topics at at the second annual Beat the Breach event in San Francisco, Calif. on March 1, 2016. Hosted by cybersecurity firm Invincea and the Christian Science Monitor's Passcode section, the event brings together top private sector executives with leading government officials in cybersecurity
RSA 2016: Future of cyber-espionage(SC Magazine) Security researchers laid out potential scenarios for the future of cyber-espionage on Wednesday at the RSA Conference in San Francisco. In a session titled "The Dark Web and Cyber-espionage," attendees were presented with a bleak outlook in which relatively simple attacks will increasingly be used by nation-state entities seeking to gain control of infrastructure and resources
How the 'Internet of Things' could be fatal(CNBC) Researcher Marie Moe woke up after emergency surgery in 2011 with a new pacemaker to correct a heart condition. What she didn't realize at the time was that the lifesaving device in her chest exposed her to a completely different kind of threat
#RSAC: Hackers Will Abuse Gov Data Access, Say Security Pros(Infosecurity Magazine) With the RSA Conference drawing to a close over in San Francisco, Tripwire took the opportunity to pick the brains of some of the security professionals at the event about the current hot topic of government access to encrypted data
Pawn Storm Campaign Adds Turkey To Its List of Targets(TrendLabs Security Intelligence Blog) Pawn Storm, the long-running cyber espionage campaign, added to its long list of targets several government offices (including the office of the prime minister and the Turkish parliament) and one of the largest newspapers in Turkey
Apple users targeted in first known Mac ransomware campaign(Reuters) Apple Inc (AAPL.O) customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc (PANW.N) told Reuters on Sunday
Seagate Phish Exposes All Employee W-2’s(KrebsOnSecurity) Email scam artists last week tricked an employee at data storage giant Seagate Technology into giving away W-2 tax documents on all current and past employees, KrebsOnSecurity has learned
Another Malicious Document, Another Way to Deliver Malicious Code(Internet Storm Center) I’m operating several catch-all mailboxes that help me to collect interesting emails. Besides the classic spam messages which try to sell me colored pills and to promise me millions of revenue, I’m also receiving a lot of malicious documents. For a few weeks, I can see a huge peak of emails
Symantec And Check Point: Finding Value In A Highly Valued Space(Seeing Alpha) Symantec and Check Point have far more modest valuations than their faster-growing rivals in the enterprise security space. Check Point achieves remarkable margins, and as such, is one of the better GARP stories in the IT universe. Symantec: Now that the Veritas divestiture is complete, is a bet on a turnaround. But valuation provides a support for the bet
TalkTalk chief signals change after cyber attack(FInancial Times) The damaging cyber attack on TalkTalk’s website last year will lead to a fundamental change in how the company operates, says chief executive Dido Harding, who signalled that chasing customers with low-cost offers would be tempered with greater responsibility
IBM Cuts Jobs In 'Workforce Rebalancing'(InformationWeek) IBM has reportedly begun a wave of layoffs that are initially targeting the Global Technology Services and Global Business Services groups. Here's what we know so far
Unisys Stealth coming to classified programs(GCN) Unisys’s Stealth security software solution, which provides identity-based micro-segmentation across a range of environments, received word from the National Security Agency that the platform is close to approval for NSA’s Commercial Solutions for Classified Program Components List
Ransomware Rules for Payment: Do Extortionists Have the Advantage?(RSA Blogs) When an entire health system fell prey to cybercriminals and medical records were locked up by a ransomware attack in early February, there seemed no choice but to pay the sum demanded in order to avoid the impact on patient care: $17,000 in 40 Bitcoin. And in that single moment, one hospital became the obligatory canary in a coal mine
Can you take the Internet out of the Internet of Things?(TechCrunch) The Internet of Things and the Internet might seem inextricably linked, but, increasingly, there are questions centered around how IoT devices should work with one another — and what happens when the Internet connection goes down?
SK launches quantum cryptography communication network(Telecompaper) A consortium led by SK Telecom has completed the rollout of five different national test networks for national quantum cryptography communication that cover a combined total of 256 kilometers. The test networks cover five different areas in Korea
Why the Pentagon is finally acknowledging the U.S.'s 'offensive cyber' efforts(Jacksonville Business Journal) U.S. Secretary of Defense Ashton Carter was in Washington this past week testifying on the Pentagon’s budget before jetting off to Silicon Valley to talk innovation with tech business leaders, but whether he’s on the East Coast or the West Coast there’s one issue that every audience is asking about: offensive cyber
US and South Korea to work more closely on cyber security enhancements 0(StreetWise Journal) South Korea’s Ministry of Science, ICT and Future Planning announced at the weekend that vice minister Choi Jae-Yu had met with Dr. Reginald Brothers, the under-secretary of the US Department of Homeland Security recently to forge closer cooperation in the field of cyber security
The Crypto Wars Are Global(Motherboard) American politicians, media, and the public may be focused on the ongoing battle between Apple and the FBI over encryption in the iPhone, but the so-called Crypto Wars are far from just a national issue
Apple case exposes ongoing government rift over encryption policy(Reuters) Even as the Department of Justice battles Apple in court over access to encrypted data, the Obama administration remains split over backing requirements that tech manufacturers provide law enforcement with a "back door" into their products, according to a dozen people familiar with the internal debate
Why Apple should hold firm against FBI(San Francisco Chronicle) Since a pitched legal battle between the FBI and Apple began last month, the arguments over encryption and national security are deepening
Tech Companies Hesitated Before Supporting Apple(New York) Tech companies — including Alphabet, Microsoft, Facebook, Snapchat, and Yahoo — are signing amicus briefs in support of Apple in its case against the federal government, which has asked Apple to unlock the phone of one of the San Bernardino terrorists
FBI v Apple: Is medical records privacy at risk?(HealthcareDIVE) The debate over whether tech giant Apple should help the Federal Bureau of Investigation unlock an iPhone used by one of the San Bernardino terrorists moved to Congress Tuesday, where lawmakers pressed both sides on how best to balance physical security and information security
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CSO 50 Conference and Awards(Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
Navigating Summit 2016(Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.