Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 17, 2016.
By The CyberWire Staff
The convergence among criminals and nation-state espionage services continues to develop, as US Cyber Command chief Admiral Rogers warned Congress during budget hearings this week. Lest one be tempted to write such warnings off as mere appropriations-driven FUD, compare recent reports of PLA code appearing in ransomware, and of stolen digital certificates used in both espionage and malware campaigns.
The US Department of Justice warns that ISIS is actively seeking cyber attack tools; it's unclear whether the warning derives from specific intelligence or is instead a sensible conclusion drawn from a priori possibility.
Anonymous say it will start hitting US Presidential candidate Donald Trump's online presence on April 1. A10 Networks thinks Trump's campaign unusually well-prepared against such attacks. (We may see, although the activities of any anarcho-syndicalist collective are difficult to predict. Just ask Ghostshell.)
Sophisticated crooks impersonate FinCERT to successfully phish Russian banks.
The Olympic Vision business email compromise campaign continues to hit companies in the Middle Eastern and Asia-Pacific regions.
Several malware developments are worth noting. Palo Alto says malware authors have found ways around iOS defenses with "AceDeceiver." Recorded Future reports upgrades to Hydra, a version of Umbra Loader with Tor-based support. Shape Security describes Sentry MBA, an automated tool for credential stuffing. TeslaCrypt has become harder to break ("unbreakable," according to Cisco Talos). Fortinet finds that Nemucode has added ransomware functionality.
Information sharing remains a vexed issue, especially government-to-corporate sharing, but TruSTAR and others increasingly focus on sharing techniques as opposed to mere threat data.
Today's issue includes events affecting Canada, China, Denmark, European Union, Germany, Iran, Iraq, New Zealand, Philippines, Russia, Syria, Ukraine, United Kingdom, United States.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Cyber Attacks, Threats, and Vulnerabilities
Top DOJ prosecutor: ISIS 'actively' seeking cyberattack tools(Fox News) The Justice Department’s chief national security prosecutor said Wednesday that the Islamic State is “actively attempting” to possess destructive cyberattack capabilities, adding that the group is intent on causing major damage via cyber means
Anonymous declares cyber war on Donald Trump(The Hill) The hacking group Anonymous is urging its followers to launch a barrage of cyberattacks on April 1 to take down Donald Trump’s websites and expose the “appalling” GOP presidential candidate
Release the Hydra: Umbra Loader With Tor Support(Recorded Future) The Hydra open source Tor-based botnet (an Umbra Loader variant) recently received an update. Potential to serve as a blueprint for new malware written in Delphi, specifically around ease of Tor integration. Malicious network traffic-based detection becomes more difficult as additional families piggyback on the Tor network
Security Pros Love Python? and So Do Malware Authors!(Internet Storm Center) Learning how adversaries compromise our systems and, more importantly, what are the techniques they use after the initial compromise is one of the activities that we, Incident Responders and Forensic/Malware investigators, dedicate most of our time to
Carbanak Cyber Thieves Back on the Scene(Infosecurity Magazine) Security researchers are warning of an uptick in activity from the notorious Carbanak cyber bank robbing gang signalling a change of focus to the Middle East, US and Europe
Thieves Phish Moneytree Employee Tax Data(KrebsOnSecurity) Payday lending firm Moneytree is the latest company to alert current and former employees that their tax data — including Social Security numbers, salary and address information — was accidentally handed over directly to scam artists
Fitness wearables: Who's tracking who?(CSO) They are a hot product, since they can tell you so much about your health. The problem is fitness wearables can tell the same things to a lot of other people, from marketers to identity thieves
Security Patches, Mitigations, and Software Updates
Microsoft rescinds mistaken ‘Bitcoin ban’(IBS Intelligence) Microsoft has revealed that inaccurate information, which had lead people to believe the computing giant had stopped accepting Bitcoin, had been posted on its online store’s FAQ in error
Ben Horowitz to Take Board Seat at Security Startup Tanium(Re/code) Ben Horowitz, the rap-loving, book-writing co-founder of the big shot venture capital firm Andreessen Horowitz will be joining the board of directors at Tanium, the computer security outfit in which the firm has so heavily invested
Products, Services, and Solutions
Deutsche Telekom ushers in a new era of mobile security(Telekom) "Mobile Protect Pro" can detect even new and unknown types of malware...The new solution, which has been developed by Zimperium, an Israeli-American provider, is based on machine-learning algorithms that can identify even previously unknown attacks
PLDT addresses cyber threats with Akamai tie-up(Business Inquirer) An enterprise unit of the Philippine Long Distance Telephone Co. (PLDT) has rolled out an expanded portfolio of services aimed at providing businesses with more secure Internet solutions
Cybersecurity Needs a Moonshot!(SecurityWeek) Coming out of the 2016 RSA Conference, it is clear we have hit a watershed moment in the history of the IT industry
Legislation, Policy, and Regulation
Canada’s national cyber threat centre looking to expand(ITWorld Canada) Everyone looks forward to April 1 as a sign that spring will really be here. Gwen Beauchemin, director of the federal government’s Canadian Cyber Incident Response Centre (CCIRC) is looking forward to it even more
Cyber Command Needs Silicon Valley Input, Official Says(Law360) U.S. Cyber Command's head argued for further cooperation with private sector companies at a House budget hearing Wednesday, saying that as the U.S. Department of Defense ramps up its cyberspace capabilities, it must draw on expertise from companies in Silicon Valley and elsewhere
Apple’s Brief Hits the FBI With a Withering Fact Check(Wired) Apple's latest brief in its battle with the FBI over the San Bernardino iPhone offered the tech company an opportunity to school the Feds over their misinterpretation and misquotations of a number of statutes and legal cases they cited as precedent in their own brief last week
Facebook Hate Speech Probe Dropped in Germany(Wall Street Journal) German prosecutors dropped an investigation of Facebook Inc.FB +1.34% managers on allegations the social network failed to remove hate speech from its platform, a spokeswoman for the prosecutors’ office in Hamburg said Wednesday
Clinton tried to change rules to use BlackBerry in secure facility for classified information(Fox News) Less than a month after becoming secretary of state, and registering the personal email domain that she would use exclusively for government business, Hillary Clinton’s team aggressively pursued changes to existing State Department security protocols so she could use her BlackBerry in secure facilities for classified information, according to new documents released under the Freedom of Information Act
MobileIron Announces Dismissal of Class Action Lawsuit by United States District Court(PRNewswire) MobileIron (NASDAQ: MOBL), the leader in mobile enterprise security, announced today that the United States District Court for the Northern District of California has dismissed, with prejudice, the Panjwani v. MobileIron, Inc., et al. securities class action that was filed on May 1, 2015 against the Company and certain of the Company's officers
Consumer Data Breach Injury: Not a Guessing Game(Lexology) Big data breaches are all over the news lately, but when is a merchant liable to individuals whose information is breached? Two cases have recently addressed questions relating to the nature of damages needed to sustain a civil claim against a merchant for data breaches
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
Billington CyberSecurity INTERNATIONAL Summit(Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...
ISC West 2016(Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.
ASIS 15th European Security Conference & Exhibition(London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world
Cybersecurity and Privacy Protection Conference(Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...
Threat Hunting & Incident Response Summit 2016(New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...
QuBit Conference(Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business
CISO Dallas(Dallas, Texas, USA, April 14, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility...
CSO 50 Conference and Awards(Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share...
Amsterdam 2016 FIRST Technical Colloquium(Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the...
Security & Counter Terror Expo 2016(London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees...
SecureWorld Philadelphia(King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
AFCEA Defensive Cyber Operations Symposium(Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...
Army SIGINT(Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...
CISO San Francisco(San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...
CISO Houston(Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.