Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com.
March 28, 2016.
By The CyberWire Staff
Details of how hackers allegedly got into the control system of that dam in Rye, New York, emerge from the US Justice Department's indictment of seven Iranians. They're said to have found the dam's vulnerable systems by Google-dorking, and then worked their way in through there.
ISIS is said to respond to reverses on the ground by, first, conducting increasingly violent propaganda-of-the-deed outside its core territory (which it then celebrates online) and, second, within territory still under ISIS control, employing closely controlled legacy media and harshly repressive censorship. It's apparently not particularly active on the dark web, which is, as Defense One points out, "too slow and annoying for terrorists." Good for black markets, but not for information ops.
Trustwave researchers describe a cross-site scripting vulnerability in the widely used open source online shopping cart app Zen Cart.
Stolen code-signing certificates are finding their way into crimeware toolkits as criminals adapt to SHA-2, Symantec finds.
Researchers at Carbon Black are warning of a new ransomware strain, "PowerWare," which is fileless and written in the Windows PowerShell scripting language. Word documents crafted to induce victims to disable the Word preview sandbox and execute malicious macros are the vectors. Hospitals are particularly affected.
In industry news, cyber insurance underwriters continue to worry about the paucity of actuarial data.
Apple is apparently familiar with Cellebrite, engaged by the FBI in the San Bernardino jihad case. Observers think the Bureau will eventually have to disclose how they got into that iPhone (assuming it succeeds).
Today's issue includes events affecting Belgium, Canada, European Union, India, Iran, Saudi Arabia, United Arab Emirates, United States.
ON THE PODCAST
Catch the CyberWire's Daily podcast this afternoon, including a discussion with BUFFERZONE Security of the ways in which hospitals are vulnerable to ransomware. We'll also hear from the University of Maryland's Jonathan Katz, who explains the importance of random numbers to cyber security.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
Totalitarianism 101: The Islamic State’s Offline Propaganda Strategy(Lawfare) In the last few years, the Islamic State has expended a staggering amount of energy in pursuit of a position at the top of the global jihadist food chain. Given its sustained control over of huge tracts of land in Iraq and Syria, declaration of a transnational caliphate, and wide-ranging assaults against civilians from Paris to Jakarta, some would say it has achieved this with remarkable efficiency
ISIS's Campaign in Europe: March 2016(Institute for the Study of War) ISIS is using its foreign fighters and safe haven in Iraq and Syria to execute a terror campaign within Europe. ISIS’s March 22 Brussels attacks support a larger strategy to punish, destabilize, and polarize the West
Nine Lessons of Russian Propaganda(Small Wars Journal) After visiting repeatedly, I moved to Ukraine from the United States in 2012. My parents had been born in Ukraine and taught me some of the language during my childhood in Queens, NY
TWSL2016-006: Multiple XSS Vulnerabilities reported for Zen Cart(Trustwave SpiderLabs Blog) Today Trustwave released a vulnerability advisory in conjunction with Zen Cart. Researchers from the SpiderLabs Research team at Trustwave recently found multiple Cross-Site Scripting (XSS) vulnerabilities in the popular online open source shopping cart application
Your Favorite Movies and Cyber from Down Under(New America) New America's Peter Singer and Passcode's Sara Sorcher interview Walter Parkes, the noted screenwriter-turned-film producer who’s behind many of your all time favorite cybersecurity movies: Sneakers and WarGames. They talk about the hacker archetypes depicted in pop culture, why these movies resonate with this community, how fiction sometimes inspires real policy change in this field – and whose cybersecurity work he finds most fascinating
Splunk: Is The Share Price Outrageous?(Seeking Alpha) Splunk shares have been in an extended downtrend since last summer and are selling for 36% less than they were 5 months ago. The company continues to beat consensus expectations significantly and to raise guidance almost continuously
Symantec Is A Value Trap(Seeking Alpha) Symantec seems like a good relative value play in its space. However, there are many reasons to dislike Symantec. And further still, there's a powerful bearish thesis that calls into question all of Symantec's profitability. Moreover, this bearish thesis is structural
NIST is looking for a few good cryptographers(FCW) The National Institute of Standards and Technology wants to hire more than a dozen cryptographers to deal with a growing portfolio, said Matthew Scholl, chief of NIST's Computer Security Division
What will it take to diversify the cyber workforce?(FCW) The cybersecurity field is dominated by white men, but the International Consortium of Minority Cybersecurity Professionals aims to help ensure that U.S. companies and government agencies have access to a full spectrum of talent -- and that all Americans have a shot at jobs in the increasingly critical cybersecurity arena
Security doesn't just happen, cyber experts say(Business Insurance) Risk managers worrying about cyber threats have to be aware that not only can their systems be attacked for their data, but that criminals also may use their systems to commit cyber crimes against others, according to a security expert
Design and Innovation
Software security needs a new perspective(TechCrunch) Source code bugs have been a constant in the software industry since the dawn of computers — and have ever been a major source of attacks, exploits and security incidents
This war on math is still bullshit(TechCrunch) In the wake of Paris, San Bernardino, and now Brussels, the encryption debate has become such a potent cocktail of horror, idiocy, and farce that it has become hard to tease out any rational threads of discussion
Time to rewrite the rules on cyberattacks(Washington Post) About 30 miles north of New York City, in Rye, N.Y., sits the Arthur R. Bowman Dam, a reinforced-concrete gravity dam constructed a century ago for ice-making, and now primarily used for flood control, with a sluice gate that can control water permitted to flow downstream. Between Aug. 28 and Sept. 18, 2013, a hacker sneaked into computer systems that monitor the dam and move the sluice gate
Can Europe Connect the ISIS Dots?(Foregin Policy) The Brussels attacks expose yet again the bureaucratic walls that prevent European agencies from sharing intelligence on terror threats
Who Will Become a Terrorist? Research Yields Few Clues(New York Times) The brothers who carried out suicide bombings in Brussels last week had long, violent criminal records and had been regarded internationally as potential terrorists. But in San Bernardino, Calif., last year, one of the attackers was a county health inspector who lived a life of apparent suburban normality
Who lives, dies in attacks can give clues about terror cells(AP via Yahoo! News) The bomb maker, the transporter, the landlord and the cipher. The four men slipped away after the Nov. 13 attacks in Paris, and all but one reappeared as key figures in the Islamic State cell that went on to attack Brussels
UAE finds 38 guilty in terror case, issues 11 life sentences(AP via Yahoo! News) The top security court in the United Arab Emirates on Sunday sentenced 38 people to prison in connection to a cell accused of plotting terrorist attacks and seeking to overthrow the government to create an Islamic state
Russian investor, funds settle U.S. press release hacking case(Business Insurance) A Moscow-based hedge fund manager, his investment firms and two Paris-based funds have agreed to pay nearly $18 million to resolve a U.S. regulator's claims that they engaged in insider trading using hacked press releases from newswire services
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cloud Security Expo 2016(London, England, UK, April 12 - 14, 2016) Cloud Security Expo is a cloud security event with over 80 dedicated cloud security exhibitors, seven streams of content, over 150 security speakers, and 40 real cloud security and compliance case studies.
ACSC Conference 2016(Canberra, Australia, April 12 - 14, 2016) The ACSC Conference 2016 will bring together experts from Australia and abroad to discuss trends, mitigations and advances in cyber security. CEOs, CIOs, CISOs, CTOs, ICT Managers, ITSAs, ITSPs, IRAP Assessors,...
2016 Cybersecurity Symposium( Coeur d’Alene, Idaho, USA, April 18 - 20, 2016) The Cybersecurity Symposium: Your Security, Your Future is an opportunity for academic researchers and software and system developers from industry and government to meet and discuss state of the art processes...
6th European Data Protection Days (EDPD)(Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...
3rd East Africa Cyber Defense Convention 2016(Nairobi, Kenya, April 29, 2016) Building on the success of previous conventions series in the last two years and with insights from cybersecurity experts, participants at this conferene learn how organisations should successfully respond.
Cyber Investing Summit 2016(New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
Security of Things World USA(San Diego, California, USA, November 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.