Get threat intelligence on hackers and vulnerabilities FREE every day with the Recorded Future Cyber Daily. Sign up today.
March 21, 2016.
By The CyberWire Staff
Social media remain a field for conflict among states and aspiring states, as ISIS resumes its push to inspire the disaffected, and disturbing levels of pro-Russian trolling resume in the Baltic States.
Pakistan considers its long-term interests in cyberspace as Google removes an app—SmeshApp—Pakistan's ISI allegedly used in espionage against Indian targets.
Anonymous undertakes an animal-rights campaign against Japanese targets.
Preliminary reports on the hack of Bangladesh's central bank suggest that the thieves were patient and sophisticated, covering their tracks and planting malware intended to support the apparent legitimacy of their fraudulent transactions. Reports differ on how much was stolen—they range from a low of $81 million to high of $101 million—but the crooks aimed much higher.
The US FBI is said to be assisting authorities in Bangladesh with the investigation. Suggestions that biometric data required to authenticate transactions were properly provided have, among other suspicions, moved Bangladesh's finance minister to assert that bank officials were complicit in the crime.
Administrators of the finance industry's SWIFT messaging system are working to reinforce recommended security measures with banks that use the system.
Pwn2own wrapped up last week. Observers see an increased interest in achieving privilege escalation by exploiting OS kernel flaws.
Late last week the Department of Justice asked for an evidentiary hearing in the case of the San Bernardino jihadist's iPhone. Apple is said to regard this as a sign that the Justice Department is losing confidence in its case. Hearings are set for this week.
Today's issue includes events affecting Bangladesh, Bahrain, Canada, China, Estonia, European Union, India, Iran, Iraq, Israel, Japan, Kuwait, Latvia, Lithuania, Oman, Pakistan, Saudi Arabia, Syria, United Arab Emirates, United Kingdom, United States, and Yemen.
The CyberWire is pleased to welcome new research partners Level(3) and QuintessenceLabs. See our full list of research partners here.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Experts: IS expanding its global reach through social media(Jakarta Post) Law enforcement officials believe the San Bernardino massacre and a stabbing attack on a California college campus were done by lone wolves inspired by the Islamic State group, and counterterrorism experts say both show how the organization is expanding its reach through social media
Bangladesh Central Bank 'Complicit' in Heist: Minister(Security Week) The Bangladesh finance minister has accused central bank officials of being complicit in an audacious $81 million theft from an overseas account, in an interview with a leading Bengali newspaper published Friday
Android adware infiltrates devices’ firmware, Trend Micro apps(Help Net Security) Dubbed Gmobi by Dr. Web researchers, the malware comes in the form of a software development kit (SDK), and has been found in several legitimate applications by well-known companies, as well as in firmware for nearly 40 mobile devices
A VAST Malvertising Attack(Proofpoint) On March 13, 2016, Proofpoint researchers observed a large malvertising campaign hitting many highly-ranked websites including MSN.com, foxnews.com and many others. We also surmised (and later confirmed) that there was a video malvertising involved in this campaign
Lenovo Startpage Pushed Angler(F-Secure) Based on upstream detection reports from our customers… it appears that a Lenovo related website was compromised on March 13th. For some (relatively short) period of time, the portal site “startpage.lenovo.com” redirected visitors towards the infamous Angler exploit kit – a source of no small amount of crypto-ransomware
Locky Ransomware Infecting 90,000 Systems Daily(Credit Union Times) Ransomware is quickly becoming a mainstream form of malware, according to the Clearwater, Fla.-based cybersecurity firm KnowBe4, and one driving factor is the significant amount of cash being racked up by the notorious Dridex banking Trojan gang with its new Locky strain
95% of HTTPS Servers Vulnerable to Trivial MTM Attacks(Information Security Newspaper) Only 1 in 20 HTTPS servers correctly implements HTTP Strict Transport Security, a widely-supported security feature that prevents visitors making unencrypted HTTP connections to a server
Johns Hopkins researchers poke a hole in Apple’s encryption(Washington Post) Apple’s growing arsenal of encryption techniques — shielding data on devices as well as real-time video calls and instant messages — has spurred the U.S. government to sound the alarm that such tools are putting the communications of terrorists and criminals out of the reach of law enforcement
Cyber war — bigger than ever — is here to stay(Washington Post) When the widely respected national security mandarin Robert Gates was appointed secretary of defense in late 2006, his daily intelligence reports on the cascade of cyberattacks directed against the United States left him incredulous
Demand for advanced DDoS mitigation on the rise(Help Net Security) The increasing popularity of DDoS attacks as a tool to disrupt, harass, terrorize and sabotage online businesses is boosting demand for mitigation solutions. In the face of universal vulnerability to attacks, end users are looking for cost-effective solutions that can defend against the most sophisticated and large scale attacks
IoT Security Could Crack Quickly In The Quantum Era(InformationWeek) Internet of Things security is only beginning to get serious attention. However, it might already be too late. In the era of quantum computing, the fragile security that protects IoT devices may crumble faster than you think
IT Pros Are Choosing Between Productivity and Security(Infosecurity Magazine) In an era where operational agility can be a significant differentiator, IT shops face a dilemma: should they adopt security systems that tend to slow down networks and processes with inspections and filtering, or apply a lighter security framework in the name of productivity?
English language used the most for cyber attacks: Report(International Business News) English language was the highest spam sending language in 2015 with 84.1 per cent spammers using it for cyber-attack followed by Chinese (2.6 per cent) and German (1.7 per cent) on second and third spots, a report by Trend Micro Incorporated said
What Does a Typical Fortune 100 CISO Look Like?(SecurityWeek) What does a CISO look like? You may think that's a tough question--and it is. But the folks at cybersecurity firm Digital Guardian have done some research and profiled the typical CISO at a Fortune 100 enterprise
Swiss encrypted email service now available to the public(FierceCIO) ProtonMail, an encrypted email startup based in Switzerland, announced its public launch Thursday. The free email service, which has been in beta since May 2014, is now accepting registrations from the general public
iGov and NIKSUN Partner to Provide Critical Technology for DISA JRSS(PRNewswire) iGov, a Federal Systems Integrator (FSI) and Value Added Reseller (VAR), headquartered in Reston, VA, together with NIKSUN, an industry leader in providing a suite of scalable, forensics-based cyber security and network performance monitoring solutions, are pleased to announce their work to support the Defense Information Systems Agency (DISA) and the Department of Defense (DoD) by providing a turn-key capability to satisfy DISA Joint Regional Security Stack (JRSS) requirements for full packet capture (FPCAP), analysis and retention
Robocalls: where is RoboCop?(We Live Security) Some years ago I came across the story – I can’t say whether it’s true – of a decommissioned server that, at the time it was powered down for good, still had a task left unfinished after something like seven years
DoD, Intel Leaders Partner on Space Capabilities(DoD News) Space is crucial to U.S. national security, and the Defense Department and intelligence agencies are working together well to ensure the United States dominates that domain, officials told the House Armed Service Committee’s strategic forces subcommittee March 15
New Jersey Utility Board Mandates Cybercrime Prevention(MobiPicker) The New Jersey Board of Public Utilities announces that they adopted a new set of regulations and policies against cyber attacks to different sectors such as the state’s electricity, natural gas, water and wastewater utilities
Long Before the Apple-FBI Battle, Lavabit Sounded a Warning(Wired) Three years ago, Ladar Levison, the founder of the now-defunct secure email service known as Lavabit, was in the same position Apple finds itself today: facing off against a formidable government foe with unlimited resources and an aggressive determination to break his tech company’s defiance
Will Hillary get charged, or what?(New York Post) FBI chief James Comey and his investigators are increasingly certain presidential nominee Hillary Clinton violated laws in handling classified government information through her private e-mail server, career agents say
ZTE Document Raises Questions About Huawei and Sanctions(New York Times) When the United States government punished ZTE of China this month, saying it had done business with Iran, it released internal company documents that it said detailed how the electronic equipment maker had done it — and that also suggested the problem might not be limited to one Chinese company
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Rock Stars of Risk-based Security(Washington, DC, USA, April 12, 2016) Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day. Rock Stars of Risk-Based...
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
Billington CyberSecurity INTERNATIONAL Summit(Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.