Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 11, 2016.
By The CyberWire Staff
According to "officials familiar with the investigation," the US will publicly attribute the 2013 hack of a small dam in Rye, New York, to Iran. The Justice Department is expected to indict Iranian operators next week. Iran has long been the leading suspect. This news, together with legislation pending in the Senate designed to protect the power grid, makes it worth reviewing recent expert presentations on ICS security.
ISIS itself suffers a data breach. A disgruntled jihadist, dismayed by what he saw as an excessive Baathist presence in the Caliphate, stole a USB drive with data on 22,000 ISIS fighters. Sky News and German intelligence services have the information.
ISIS retains its formidable social media presence: estimates of sympathetic Twitter accounts ranging up to 90,000.
Cyber espionage against Tibetans (presumably the work of Chinese security services) adapts its techniques to accommodate changes in the Tibetan community's online behavior.
Zscaler continues to track the Android Marcher Trojan—it's now moved from fake Google Play to (presumably real) adult sites.
Adobe issues an emergency patch for Flash; the vulnerability is being exploited in the wild. Oracle patches Java—a 2013 fix is found to be easily bypassed.
The North American Securities Administrators Association has updated its exams to test cyber knowledge.
The US Congress deliberates what's being called "anti-encryption" legislation.
The US Patriot Act's anti-terrorism surveillance provisions are said to have bled over into other forms of law enforcement.
Apple and the FBI move into the "open hostilities" phase of their case.
Today's issue includes events affecting Bangladesh, Canada, China, Egypt, France, Germany, India, Iran, Israel, Morocco, Russia, Saudi Arabia, Syria, Tunisia, Ukraine, United Arab Emirates, United Kingdom, United States..
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Joe Weiss on Industrial Control Systems(GUIRR) Joe Weiss's keynote presentation at the winter meeting of the Government-University-Industry Research Roundtable (GUIRR) on "Critical Infrastructure Security: The Role of Public-Private Partnerships," which took place on February 23-24, 2016
Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans(Citizenlab) This report describes the latest iteration in a long-running espionage campaign against the Tibetan community. We detail how the attackers continuously adapt their campaigns to their targets, shifting tactics from document-based malware to conventional phishing that draws on “inside” knowledge of community activities. This adaptation appears to track changes in security behaviors within the Tibetan community, which has been promoting a move from sharing attachments via e-mail to using cloud-based file sharing alternatives such as Google Drive
Pompous Ransomware Dev Gets Defeated by Backdoor(Bleeping Computer) A new ransomware was released yesterday that was based on the open-source EDA2 ransomware. This ransomware encrypts your data using AES encryption, appends the Locked extension, and then demand .5 bitcoins to get the decryption key. There have been quite a few EDA2 ransomware variants, but what makes this story different is how this ransomware developer is such a pompous ass and that we were able to get the victim's keys back
Hackers Target Anti-DDoS Firm Staminus(KrebsOnSecurity) Staminus Communications Inc., a California-based Internet hosting provider that specializes in protecting customers from massive “distributed denial of service” (DDoS) attacks aimed at knocking sites offline, has itself apparently been massively hacked
Hackers Claim Breach Of Ku Klux Klan's Security Company(Forbes) A website run by the Ku Klux Klan has been downed as part of what appears to be a significant breach of its host and security provider Staminus. The company, which promises to protect users from distributed denial of service (DDoS) attacks, was exposed by a crew going by the name of FTA, which leaked data online yesterday
Adobe Releases Security Updates for Flash Player(US-CERT) Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system
Citrix Releases Security Update(US-CERT) Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected server
Symantec pops on an RBC upgrade to Outperform(Seeking Alpha) Declaring Symantec (NASDAQ:SYMC) to be a "value stock that doesn’t have to get a lot right for shares to move higher," RBC's Matthew Hedberg has upgraded the security software vendor to Outperform
Cisco Lights a Fire in Its Security Business(eWeek) In 2013, Cisco acquired Martin Roesch's company Sourcefire for $2.7 billion, and since then Sourcefire's technology has become a foundation for Cisco's network security portfolio. Today, Roesch is still with Cisco, serving as vice president and chief architect of Cisco's Security Business Group
Cisco, McAfee drop security appliance market share in 2015(Infotechlead) Enterprise networking major Cisco has dropped its security appliance market share to 16.2 percent in 2015 from 17.4 percent in 2014, according to IDC. The gainers in the security appliance market were Check Point, Palo Alto Networks and Fortinet. Check Point, the #2 security appliance vendor, increased market share marginally to 12.8 percent from 12.7 percent
IBM Job Cuts Affect 14,000 Workers, Analyst Firm Estimates(InformationWeek) Financial analyst firm Bernstein has estimated that at least 14,000 workers will be affected by IBM's Q1 job cuts. IBM has declined to provide details on the size of a "workforce rebalancing" effort, which employees have said began March 2
Security Training for Incident Handlers: What’s Out There?(IBM Security Intelligence) Information technology, and especially information security, is a quickly evolving playing field. Those working in incident handling and incident response always need to stay on top of what’s new and what is trending in their area of expertise
Army, Silicon Valley to tackle social media challenge(Defense Systems) The Defense Department’s latest foray in its developing partnership with the Silicon Valley on innovative projects is looking to ways to contend with how adversaries use of social media against U.S. interests
National Collegiate Cyber Defense Competition kicks off(Homeland Preparedness News) The 2016 National Collegiate Cyber Defense Competition (NCCDC) kicked off on Friday to showcase college students from more than 180 schools in a contest to determine who best protects their computer network against real-world cyber attack scenarios
Indian cabinet approves cyber security deal with UAE(Khaleej Times) The agreement would pave the way for both countries cooperating mutually in combating cyber crime, particularly through coordination and exchange of information in relation with cyber crime and training in cyber crime investigation, an official statement said
US Anti-Encryption Legislation Is Imminent: Report (InformationWeek) US Senators Feinstein and Burr are preparing legislation that would punish tech companies that refuse to cooperate with investigators, Reuters reports. French lawmakers recently backed a similar mandate that goes one step further by threatening jail time for execs who don't cooperate with law enforcement
Apple and the Justice Department enter the ‘open hostilities’ phase of iPhone unlocking case(TechCrunch) A 43-page rebuttal from the Justice Department today characterized Apple’s earlier response to an iPhone unlocking request as ‘corrosive’. Shortly thereafter, an Apple press conference attended by TechCrunch provided a rejoinder from two Apple executives, including General Counsel Bruce Sewell, who said that “the tone of the brief reads like an indictment"
Can the Apple code be misused?(Errata Security) The government is right that the software must be signed by Apple and made to only work on Farook's phone, but the situation is more complicated than that
Facebook in Germany: definitely NOT a “Like”(Naked Security) It’s one of the world’s most well-known icons. It’s experienced by hundreds of millions of people every day. It’s Facebook’s Like button – and it’s at the heart of Europe’s newest data privacy controversy
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.