Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 9, 2016.
By The CyberWire Staff
The Republic of Korea issues another complaint about North Korean cyber operations: an attempt to access South Korean railroad workers' email, apparently in an effort to compromise transportation control systems.
FireEye thinks that governments with advanced cyber capabilities have already built latent vulnerabilities into industrial control systems with a view to holding them in reserve for future exploitation. This is, it seems, a matter of a priori possibility as opposed to a conclusion based on specific evidence.
ISIS success at information operations seems strongly connected to close control of messaging and its reiterated claims to be in control of territory.
A Damballa study describes how cyber criminals are evading legacy detection techniques by adopting an agile approach to their infrastructure. The company's eight-month study of Pony Loader revealed that the malware's controllers "281 domains and more than 120 IPs spread across 100 different ISPs."
In the US, phishing of companies for employee tax records continues as we approach the April 15th tax-filing deadline. The Internal Revenue Service, which sustained a major breach last year, has been forced to take its online PIN service offline—the remedial service has itself been compromised.
This week sees patches from Microsoft, Google, Adobe, Mozilla, Facebook, and SAP.
The Apple-FBI dispute in US courts continues, spooking the Silicon Valley companies the Defense Department hopes to win over with support for encryption (echoed by the UK's GCHQ).
Today's issue includes events affecting Australia, European Union, France, Iraq, Democratic Peoples Republic of Korea, Republic of Korea, Russia, Syria, Turkey, Ukraine, United States..
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Dateline RSA 2016
Record numbers attend RSA Conference 2016(OnWIndows) A record 40,000 attendees participated in the 25th RSA Conference, which took place at the Moscone Center in San Francisco, US from 29 February to 4 March
RSA Conference 2016: The infosec glass house?(Help Net Security) A couple of years late to the party, but I finally made it to San Francisco with a real sense of excitement to attend what was described to me as the “Super Bowl of the Security Industry"
Making sense of threat intelligence data in your IT environment(Help Net Security) Threat intelligence data has been growing at an exponential rate of 39% a month. Enterprise customers are looking at around 30,000 events going into their SIEM every second. Only a small percentage have the infrastructure able to handle that amount of data
Interview: Laura Galante, FireEye(Infosecurity Magazine) With another pivot into the threat intelligence space recently, FireEye continues to make strides in the services side of security
Why ISIS is So Successful(Cipher Brief) The rise of the Islamic State has been accompanied by the increasing presence of the terror group on social media. ISIS’s message of a Muslim utopia is disseminated through various organizations and outlets, all coordinated through complex bureaucratic measures
Russia-linked malware group turns to Turkey(FierceGovernmentIT) A prolific malware group with suspected ties to Russia known as "Pawn Storm," has reportedly launched a cyber espionage campaign against the Turkish prime minister, Turkish parliament and one of the largest newspapers in Turkey
Reactions to the KeRanger ransomware for Macs(Help Net Security) Palo Alto researchers have discovered the first fully functional ransomware aimed at Mac users. The malware, dubbed KeRanger, has been found bundled into the Mac version of the open source Transmission BitTorrent client, and made available for download on the Transmission developers’ official website
Rosen Hotel Chain Had a PoS Malware Infection for 17 Months(Softpedia) Rosen Hotels & Resorts Inc. (RH&R), a Florida-based US hotel chain, had some bad news for its customers during the past week after the company announced a malware infection that affected its credit card processing system for over 17 months
Security update available for Adobe Digital Editions(Adobe Security Bulletin) Adobe has released a security update for Adobe Digital Editions 4.5.0 and earlier versions. This update resolves a critical memory corruption vulnerability that could lead to code execution
Security Updates Available for Adobe Acrobat and Reader(Adobe Security Bulletin) Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system
Mozilla Releases Security Updates(US-CERT) Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system
Stable Channel Update(Chrome Releases) The stable channel has been updated to 49.0.2623.87 for Windows, Mac, and Linux...This update includes 3 security fixes that were contributed by external researchers. Please see the Chromium security page for more information
SAP Security Notes March 2016 – Review(ERPScan) SAP has released the monthly critical patch update for March 2016. This patch update closes 28 vulnerabilities in SAP products including 18 SAP Security Patch Day Notes and 10 Support Package Notes. 12 of all Notes were released after the second Tuesday of the previous month and before the second Tuesday of this month. 3 of all notes are updates to previous Security Notes
Patch insanity: Organizations are overwhelmed by vulnerability fixes(FierceITSecurity) While IT professionals know that patch management plays a critical role in maintaining an adequate cybersecurity profile, reality tends to bite: IT teams all too often struggle to keep up with, or find themselves completely overwhelmed by, the sheer volume of patches that need to be applied on a weekly, if not daily, basis in enterprise environments
IoT adoption is driving the use of Platform as a Service(Help Net Security) The widespread adoption of the Internet of Things (IoT) is driving platform as a service (PaaS) utilization. Gartner predicts that, by 2020, more than 50 percent of all new applications developed on PaaS will be IoT-centric, disrupting conventional architecture practices
FireEye higher as Piper upgrades following analyst day(Seeking Alpha) Piper's Andrew Nowinski, who smartly downgraded FireEye (NASDAQ:FEYE) to Neutral last October (shares were at $33.06 at the time), has upgraded to Overweight following yesterday's analyst day, and hiked his target by $9 to $24. Shares are up 4.6% premarket to $18.74
FireEye Is Starting To Shine(Seeking Alpha) FireEye's human and machine-based intelligence should allow the company to remain highly competitive in the rapidly evolving cybersecurity industry. It continues to improve its financial health, as evident in the company's Q4 results. FireEye's acquisition-heavy strategy could potentially backfire in an increasingly competitive cybersecurity industry
IBM Denies Layoff Size As Salesforce CEO Woos Talent(InformationWeek) IBM called reports that it is laying off a third of its workforce "outlandish and untrue." That's not stopping Salesforce CEO Marc Benioff from publicly inviting IBM employees to apply for open posts at his firm
Google open sources vendor security review tool(Help Net Secuirty) Google has open sourced its Vendor Security Assessment Questionnaire (VSAQ) Framework with the hope that other companies and developers could use it to improve their vendor security programs and/or posture
Integrated security frameworks help mitigate risk(SecurityInfoWatch) There has been an increased push by security executives across various disciplines and vertical markets in recent years to transform the C-Suite’s perception of security departments as being reactive cost centers into proactive business enablers
FBI adopts new rules for accessing NSA data: report(Washington Times) New policies adopted by the FBI reportedly affect the bureau’s access to intelligence gathered by the National Security Agency on U.S. citizens, but officials say they’re barred from explaining since the changes are classified
Mandatory data breach notification proposals will unleash compliance confusion(CSO) Companies will struggle to comply with the Federal Government’s mandatory data breach notification proposals unless detailed guidance is developed and consultation processes with the Privacy Commissioner are introduced, to help them determine whether they have a notification obligation, says an IT security expert from global consulting firm, Protiviti
Einstein, cyber workforce priorities for DHS chief(FCW) In what will likely be his last budget presentation before the Senate, Homeland Security Secretary Jeh Johnson said implementing the Einstein cybersecurity system across government, attracting capable cyber defenders and ensuring the success of the Department of Homeland Security's unified acquisition and management programs are among his top targets for the year and into the future
Snowden: FBI’s stance in Apple case is 'horses---'(The Hill) National Security Agency leaker Edward Snowden on Tuesday had harsh words regarding the FBI’s claim that only Apple can break into the iPhone used by one of the San Bernardino, Calif., terrorists
Fact checking the Hillary Clinton email controversy(Washington Post) It’s been one year since it was learned that Hillary Clinton had set up a private email system when she was secretary of state — a revelation that has dogged her campaign for the presidency
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.