Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 10, 2016.
By The CyberWire Staff
A branch of al Qaeda—the Caucasus Emirate—takes the field in Syria and seeks to rival ISIS with online videos. The US continues to work toward fulfilling its promise to take the fight to ISIS in cyberspace, and quiet conversations with tech companies on potential contributions to information operations continue.
360 SkyEye Labs says that a threat actor they're calling "OnionDog" has been stealing information from the "energy, transportation and other infrastructure industries of Korean-language countries." There's no attribution, but some of the command-and-control appears to be located in the Republic of Korea itself.
Defense One looks at December's Ukraine grid hack and sees it as connected with Russian incursions into Crimea: if the territory seized got its power from Russia as opposed to Ukraine, that would help Russia consolidate its hold.
The Mac ransomware KeRanger has been assessed, by Bitdefender and others, as a variant of Linux Encoder, malware identified by Dr. Web last November.
Children's toys and games continue to be vulnerable points-of-entry into home networks and families' lives. The Wi-Fi enabled toy LeapFrog appears susceptible to attacks that leverage Adobe Flash weaknesses. And parents are advised not to let children download mods or add-ons for Minecraft, especially when offered by third-parties.
Cothority, a project working toward preventing backdoored software updates, has offered to help Apple ensure, by decentralizing the signing process, that backdoors installed in response to secret court orders would become public.
Apple warns that opening the jihadist's phone would cause it to fall behind in the "arms race" with hackers.
Today's issue includes events affecting Australia, Canada, China, India, Iraq, Japan, Malta, Malaysia, Netherlands, Russia, Saudi Arabia, Syria, Ukraine, United Kingdom, United States..
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Dateline RSA 2016
Innovation Sandbox and the modern threat landscape(Help Net Security) In this podcast, recorded at RSA Conference 2016, Ajay Arora, CEO at Vera, and Amir Ben-Efraim, CEO at Menlo Security, discuss their participation in the Innovation Sandbox Contest and offer insight into the current information security issues shaping our industry
RSAC 2016: Bro, Do You Even Cybercrime? Key 2016 Trends(Duo Blog) I attended the talks at the 2016 RSA Conference, and one that stood out to me was Bro, Do You Even Cybercrime? Key 2016 Trends. Given by James Lyne, Global Head of Security Research at Sophos and SANS, it was a snappy review of his research on phishing emails, successful vulnerabilities, malicious mobile apps and more
Network hacking methods and prevention tips(IDG.TV) At the 2016 RSA Conference, CSO's Steve Ragan chats with Fengmin Gong, co-founder and Chief Strategy Officer of Cyphort, about the latest ways that cybercriminals are attacking networks. In addition, he presents some ways on how IT can prevent (or slow down) the attacks
“May the best of your past, be the worst of your future.”(Deep Run Security Blog) I recently attended the RSA security conference in San Francisco. Several things struck me as appropriately “St. Paddy’s worthy.” All of the right characters were there: rainbows, leprechauns, imagination and of course promises of pots of gold
OnionDog APT targets the infrastructure industry(Help Net Security) The Helios Team at 360 SkyEye Labs revealed that a group named OnionDog has been infiltrating and stealing information from the energy, transportation and other infrastructure industries of Korean-language countries through the Internet
DROWN Vulnerability Remains 'High' Risk, Firms Say(Threatpost) Despite the rush to patch systems at risk to the massive transport layer security (TLS) vulnerability, known as DROWN, hundreds of cloud services are still at risk of attack. According to two independent research firms, Netskope and Skyhigh Networks, a week after the vulnerability was identified DROWN still presents a high risk to companies
PoSeidon Completionist(Trustwave SpiderLabs Blog) Most gamers have explored every nook and cranny of their favorite game, completing achievements for hours after they finished the main story line
Ezaki Glico hit by possible data breach(Japan News) Japanese confectionery maker Ezaki Glico Co. said Monday that personal data of users of its online shopping site may have been compromised following unauthorized accesses
Hacking Internet-connected trucks and buses(Help Net Security) Among the things one can find with Shodan, the search engine for the Internet of Things, are trucks, buses and delivery vans that have been equipped with the Telematics Gateway Unit (TGU) device and a modem to connect to the Internet
OTR Protocol Patched Against Remote Code Execution Flaw(Threatpost) Users of secure messaging apps such as Pidgin, Adium and others built upon libotr, the Off-the-Record protocol, are being urged to update immediately to current versions after the discovery of a critical flaw that can be used in targeted attacks to expose encrypted communication
Cisco Releases Security Updates(US-CERT) Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device
ISC Releases Security Updates for BIND(US-CERT) The Internet Systems Consortium (ISC) has released updates that address three vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition
Exploit Kits in 2015: Flash Bugs, Compromised Sites, Malvertising Dominate(TrendLabs Security Intelligence Blog) Threats never stand still, and exploits kits were no exception. 2015 saw multiple changes to this part of the threat landscape: freshly-discovered exploits were added, and compromised websites and malvertising were used to deploy and spread threats using exploit kits
Sophisticated threats dictate future response strategies(Help Net Security) Trend Micro released its annual security roundup report which dissects the most significant security incidents from 2015. The research confirms attackers are now bolder, smarter and more daring in attack vectors, cyberespionage efforts and cyber underground activity on a global basis
Ponemon: Health orgs hit with cyberattacks every month(GovernmentHealthIT) Healthcare organizations "are in the crosshairs" of cyber attackers, suffering one hack per month over the last year, with about half experiencing an incident involving the loss or exposure of patient information and another third unsure whether or not data was exposed, according to a new report
What you should know about cyber insurance(FirstPost) Decades ago, a group of merchants created a concept of general average—which is when all parties in a maritime venture share in losses resulting from a sacrifice of cargo in an emergency
FireEye: A Victim Of Market Myopia(Seeking Alpha) FireEye's stock has experienced a massive fall from the market's good graces. Despite this drop, revenue and billings continue to grow. From a valuation standpoint, FEYE has enormous potential
Raytheon's Strength Lies In Its Diversity(Seeking Alpha) Raytheon is not reliant on a single platform for their success. Their products cover many different areas of defense and they've been stretching into the civilian sector recently. Their incredibly diverse product portfolio make Raytheon one of the more appealing defense companies
Palantir Connects the Dots With Big Data(Fortune) With a growing book of corporate clients and a high-profile Syrian relief project, the data-analysis startup is branching out beyond its roots in the war on terror
7 Tech Jobs Hardest Hit By Layoffs In 2015(InformationWeek) Despite a relatively low unemployment rate for the tech industry, some of its jobs were hit harder with layoffs than others in 2015. Take a look at the US Department of Labor's Bureau of Labor Statistics data to see how your job and those of your peers fared
Products, Services, and Solutions
MariaDB Enterprise: Security at every level in the database(Help Net Security) MariaDB announced MariaDB Enterprise Spring 2016. New capabilities defend data against application and network-level attacks, support faster development of high-performance applications, and deliver higher service levels at lower cost
Why Security & DevOps Can’t Be Friends(Dark Reading) Legacy applications are a brush fire waiting to happen. But retrofitting custom code built in the early 2000's is just a small part of the application security problem
DoD-Wide Windows 10 Rapid Deployment to Boost Cybersecurity(US Department of Defense) The Defense Department will deploy Windows 10 departmentwide by January to strengthen cybersecurity and streamline the information technology operating environment, according to a Feb. 26 memo by Deputy Defense Secretary Bob Work
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
QuBit Conference(Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business
2016 Cybersecurity Summit(Scottsdale, Arizona, USA, May 5, 2016) The Arizona Technology Council (AZTC), Arizona Commerce Authority (ACA) and Arizona Cyber threat Response Alliance (ACTRA)/Arizona InfraGard present the third annual Cybersecurity Summit on Thursday, May...
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.