Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com.
March 29, 2016.
By The CyberWire Staff
The US Department of Justice no longer needs to meet Apple in court. The FBI says it's gained access to the San Bernardino jihadi's iPhone. How it gained access and what it found there remain publicly unknown, but the Bureau is still widely believed to have availed itself of Cellebrite's forensic services.
Yesterday personnel reporting to MedStar Health hospitals in the Baltimore and Washington regions of the US found their systems inaccessible. MedStar detected malware in its networks and as a precaution shut down email and medical record database. Early speculation suggests a ransomware attack. The FBI is investigating.
Ransomware continues to be a growing problem, with more attempts against mobile devices reported. Phishing continues to be a common ransomware vector. Note that one of the more virulent strains currently in circulation—"Petya"—is often downloaded by victims opening an infected resume from an online document-sharing site.
The Turla spyware Trojan is successfully working around command-and-control server takedowns by hijacking satellite Internet links.
As US point-of-sale systems move, slowly, toward general adoption of chip-and-pin technology, FireEye says it's seeing a spike in exploits directed against legacy card-swipe systems: criminals are rushing to get their last shots in against the older technology.
A developer accidentally exposed a very large database of personally identifiable information as he set up a demo for Thailand's Immigration Police. About two thousand foreigners working in Thailand had their data compromised.
Weev makes an unwelcome return to the news, hacking poorly secured printers to spew anti-Semitic propaganda.
Today's issue includes events affecting Abkhazia, Bangladesh, Canada, China, European Union, France, Georgia, Germany, Iraq, Israel, Pakistan, Palestine, Russia, Syria, Thailand, United Kingdom, United States.
ON THE PODCAST
Catch the CyberWire's Daily podcast this afternoon, including a discussion with Zimperium on how they've integrated their mobile security solution with a big telecom's offering. We'll also hear from Accenture Labs' Malek Ben Salem, who takes up the timely and topical question of healthcare security.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
FBI investigating cyber attack at MedStar Health(Baltimore Sun) Hackers attacked the computer system at MedStar Health on Monday, forcing thousands of employees in the state's second-largest health care provider to resort to paper medical records and transactions
FBI probing virus behind outage at MedStar Health facilities(WTOP) Hackers crippled computer systems Monday at a major hospital chain, MedStar Health Inc., forcing records systems offline for thousands of patients and doctors. The FBI said it was investigating whether the unknown hackers demanded a ransom to restore systems
Satellite Turla: still alive and hiding in the sky(Kaspersky Business) Law enforcement agencies, with the help of leading IT security providers, are keen on blocking all the malware Command & Control servers they find. Sometimes, they efficiently shut down massive botnets by putting their controlling structure out of business. But one of the most advanced threat actors is still out there
Printers all over the US “hacked” to spew anti-Semitic fliers(Help Net Security) Andrew “Weev” Auernheimer, one of the two men who were prosecuted and convicted for harvesting e-mails and authentication IDs of 114,000 early-adopters of Apple’s iPad from AT&T’s servers, is back to his old tricks: using publicly accessible assets for furthering his own goals
WUP! There It Is: Privacy and Security Issues in QQ Browser(Citizen Lab) Both Windows (v9.2.5478) and Android (v6.3.01920) versions of web browser QQ Browser transmit personal user data to QQ servers without encryption or with easily decryptable encryption, and are vulnerable to arbitrary code execution during software updates
NorthBit Releases Metaphor Source on Github(XDA Developers) NorthBit Advanced Software Research released on Thursday source code related to their Metaphor exploit of Stagefright to the public. Metaphor has been making its run through the news cycle due to the large footprint of devices likely affected
iOS 9.3 Web Links Bug Causes Apps To Crash(InformationWeek) In the wake of a bricking problem with older iPhones and iPads, users who have downloaded iOS 9.3 are now encountering a separate issue that is causing apps to crash or freeze when launched. This time, Apple may not be to blame
Dark Web’s Got a Bad Rep: 7 in 10 People Want It Shut Down, Study Shows(Wired) Speculation—no matter how baseless—that online black markets for weapons helped make the terrorist attacks in Paris and Brussels possible hasn’t helped the reputation of the dark web’s anonymous corner of the internet. But one new study shows that even before that dubious link between online anonymity and terror attacks, global opinion on the dark web was already overwhelmingly negative
Mach37 Cybersecurity Accelerator Announces Spring 2016 Cohort(Tech.co) The cybersecurity industry is predicted to double by 2020 and the DC metro area is the center of cybersecurity innovation in the US. Therefore it should be no surprise that the premiere accelerator for information security startups and entrepreneurs calls this area home. The accelerator is Mach37 and they’ve just announced their most recent cohort
FireEye's Mandiant Red Team Operations to Curb Cyber-Attack Risk(Gadgets 360) US-based network security company FireEye on Monday launched the "Mandiant Red Team Operations" a set of objectives-based assessments that conduct no-holds-barred attacks on organisations to highlight weakness in systems or procedures and to enhance detection and response capabilities
Countering Cyber Adversary Tradecraft(Tripwire: the State of Security) Why and how do cyber adversaries – criminals, spies, competitors, activists – continue to find success in fraud, extortion, espionage and sabotage?
U.S. and Germany expand cyber cooperation(FCW) The United States and Germany are taking a "whole-of-government" approach to their collaboration in cybersecurity, according to a joint statement released by the State Department after two days of talks
FCC Chair Proposes New Broadband Rules (Lexology) One year ago, in March 2015, the Federal Communications Commission (“FCC”) reclassified broadband Internet access service as a common carrier Telecommunications Service subject to regulation under Title II of the Communications Act
Justice Department cracks iPhone; withdraws legal action(San Deigo Union Tribune) The FBI said Monday it successfully used a mysterious technique without Apple Inc.'s help to hack into the iPhone used by a gunman in a mass shooting in California, effectively ending a pitched court battle between the Obama administration and one of the world's leading technology companies
FBI Breaks into Terrorist’s Encrypted iPhone(Threatpost) A six-week public standoff between Apple and the FBI ended today when the Department of Justice said it had accessed encrypted data stored on the San Bernardino terrorist’s iPhone
The Apple-FBI showdown is over(Quartz) The FBI says it has gained access to the iPhone used by one of the San Bernardino shooters—without Apple’s help—and is now requesting an end to its legal action against the company
What the Founders Would Say About iPhone Unlock Case(Fenwick & West) In a criminal investigation, if important information were behind a locked vault and the vault manufacturer had a master key to access the vault, the government would be on solid grounds to request this master key. But what if no master key existed?
Hundreds of Islamic extremists protest in Pakistan's capital(AP) Hundreds of Islamic extremists who earlier violently protested in Islamabad over the hanging of a man who killed a secular governor continued their demonstrations in Pakistan's capital on Tuesday, despite warnings from the government targeting extremists
The American Anti-Vaccine Mom Turned ISIS Superstar(Daily Beast) The feds say Safya Yassin was a propaganda machine for the Islamic State, even once threatening FBI agents with death. Friends and family say she was a harmless, lonely mother to an autistic boy who was desperate for connection
Navy official gets 46 months for bribes, prostitutes(Federal Times) A Navy captain was sentenced to 46 months in prison on March 25 for disclosing classified information to a foreign contractor in exchange for bribes of alcohol, luxury hotel stays and prostitutes
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cyber Security Summit Atlanta(Atlanta, Georgia, USA, April 6, 2016) The Inaugural Atlanta Cyber Security Summit will be held April 6th at the Ritz-Carlton, Buckhead. This event is for Sr. Executives only. We are Honored to have the US Asst. Attorney General of National...
Cloud Security Expo 2016(London, England, UK, April 12 - 14, 2016) Cloud Security Expo is a cloud security event with over 80 dedicated cloud security exhibitors, seven streams of content, over 150 security speakers, and 40 real cloud security and compliance case studies.
ACSC Conference 2016(Canberra, Australia, April 12 - 14, 2016) The ACSC Conference 2016 will bring together experts from Australia and abroad to discuss trends, mitigations and advances in cyber security. CEOs, CIOs, CISOs, CTOs, ICT Managers, ITSAs, ITSPs, IRAP Assessors,...
2016 Cybersecurity Symposium( Coeur d’Alene, Idaho, USA, April 18 - 20, 2016) The Cybersecurity Symposium: Your Security, Your Future is an opportunity for academic researchers and software and system developers from industry and government to meet and discuss state of the art processes...
6th European Data Protection Days (EDPD)(Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...
3rd East Africa Cyber Defense Convention 2016(Nairobi, Kenya, April 29, 2016) Building on the success of previous conventions series in the last two years and with insights from cybersecurity experts, participants at this conferene learn how organisations should successfully respond.
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
Security of Things World USA(San Diego, California, USA, November 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.