Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 8, 2016.
By The CyberWire Staff
As the US and South Korea conduct joint military exercises and shore up collaborative defenses against cyber threats, the Republic of Korea's National Intelligence Service accuses North Korea of a systematic campaign of hacking senior South Korean officials' smartphones. The objectives seem to be those of conventional espionage, but the incidents come at a difficult time of heightened sensitivity to Pyongyang's nuclear capabilities and aspirations.
ESET reports a new and unusually sophisticated form of Android malware. Spy[.]Agent[.]SI, currently most active against banking targets in Turkey, New Zealand, and Australia, locks an Android device's screen until the user enters the passcode. Spy[.]Agent[.]SI is being used to compromise two-factor authentication, and masquerades as a version of Adobe Flash Player.
The post-mortem on KeRanger continues. Apple clapped a stopper over it relatively quickly after being tipped off by Palo Alto, and it's thought that only some 7000 devices were affected. Observers see KeRanger, however, as confirmation of the increasingly important role ransomware is playing in the criminal economy.
Other, familiar, ransomware is found infesting restaurant review service Burrp. Visitors are directed to the Angler exploit kit, which in turn serves up a helping of TeslaCrypt.
In patch news, Google issues a security fix for Android Mediaserver.
Industry analysts take a look at the US cyber war against ISIS. Some of them see in the Pentagon's plans a $7 billion "windfall" for cyber security companies and the big integrators with whom they work.
In the UK, GCHQ glumly considers that return on its own substantial cyber investment has been disappointing.
Today's issue includes events affecting Australia, Brazil, China, Iran, Iraq, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Russia, Syria, Turkey, United Kingdom, United States, and Venezuela.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Dateline RSA 2016
RSA wrapup: Private sector feels burned by feds(Fedscoop) Criticism of the feds’ efforts to force Apple to hack its own encryption dominated chatter at last week’s RSA Conference but seems to be the tip of an iceberg of discontent: The private sector is running out of patience with the U.S. government’s poor understanding and bungled efforts in cybersecurity. Every panel that featured a government representative — even one not affiliated …
Surprising tips from a super-hacker(CSO Online) Virtually everyone in technology knows about Kevin Mitnick, the one-time fugitive hacker who is now a security consultant. Mitnick has a wealth of security advice for the public.
Sophisticated banking malware targets Android users(The Christian Science Monitor) Researchers have discovered malicious software targeting online banking customers that use Android smartphones and tablets, the latest indication of a surge in attacks against the platform.
The malware that upset Apple's cart(International Business Times, India Edition) With the OSX ransomware KeRanger making Mac users nervous, here's a brief history of malware that have infected Apple computers.
The Nuts & Bolts of Ransomware in 2016(TitanHQ) What you need to know about ransomware. What is a ransomware attack? How do the latest Ransomware attacks of CryptoWall, CryptoLocker, Popcorn Time, WannaCry and Not Petya operate?
Abuse runs rampant on new generic top level domains(CSO Online) Generic top-level domains (TLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones.
Report: Thousands of contractor emails found on Dark Web(FierceGovernmentIT) A recent study from ID Agent found thousands of federal contractor emails located on the Dark Web, demonstrating a security fault line than in some cases covered over a third of a contractor's email accounts
Recovering from a Cyber-Attack(Consortiumnews) From Editor Robert Parry: Last week, we were told by IT experts that Consortiumnews was the apparent victim of a sophisticated “denial of service” attack that destroyed the site's functionality by imposing so many commands on the system that it blocked us from updating content or restoring the site
Security Patches, Mitigations, and Software Updates
How new encryption standard could leave poor Web users exposed(The Christian Science Monitor) Even though an online encryption standard adopted Jan. 1 is meant to make the Web safer, Mozilla and Symantec opted to make an exception to the protocol so that people whose devices can't support the upgrade aren't put at risk.
Getting your CEO fired (CSO Online) We will explore the issues of reputational damage, incident cost, stock price impact, and increased regulatory attention. We will also discuss the fate of four CEOs who have faced cybersecurity breaches in the past three years.
Pentagon releases RFP for ENCORE III IT services contracts(FierceGovernmentIT) The Pentagon posted a final request for proposals last week for its ENCORE III project focused on guiding IT processes throughout the department into the future. The $17.5 billion contract will provide defense agencies with IT capabilities over the next five years
iovation Service Named Best Multi-Factor Authentication Solution (Marketwire) iovation, the provider of device intelligence for authentication and fraud prevention, has received the "Editor's Choice for Multi-Factor Authentication Solutions" in Cyber Defense Magazine's 2016 InfoSec Awards. A panel of independent information security experts selected iovation's Customer Authentication service, which verifies a user's...
Spies Sans Frontières?(IRIN) A months-long investigation by IRIN into the secretive intelligence-linked firm Palantir reveals a bargain-basement contract with a sensitive UN agency.
What is Data Isolation & Why Does it Matter?(Information Security Buzz) Nearly one million new malware threats were released every day in 2014, with no signs of slowing down, according to Symantec’s Internet Security Threat Report. Malware, worms and other viruses can spread through a company’s network like wildfire. Getting your system and network back up and running only scratches the surface of expenses. Malware can …
The long road ahead: Obama’s cybersecurity action is a step toward change(TechCrunch) President Obama’s recent announcement of the creation of the Cybersecurity National Action Plan (CNAP) made waves across government and tech audiences, as it proposed a $19 billion budget to bulk up cybersecurity across the U.S. government and the private sector. While the announcement seemed abrup…
St. Louis Offers Free Land for Spy Agency Site(CBS St. Louis) A federal spy agency is weighing offers of free land on both the Missouri and Illinois sides of the St. Louis area as it considers where to relocate its national headquarters.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
CSO 50 Conference and Awards(Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
Navigating Summit 2016(Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.