The Panama Papers database, released yesterday to much éclat, has attracted the scrutiny of Canadian tax enforcers and New Zealanders interested in transparency policy, but as far as the US is concerned, the results are ho-hum. But search and see for yourself.
Al Qaeda steps up its propaganda game, competing with ISIS for leadership of jihad in the Levant.
ImageMagick flaws are being exploited in the wild. Users should consult available policy-based mitigations if they’re working with an affected version.
Check Point fins a new strain of Android malware infesting the Google Play Store. “Viking Hoard,” seems mainly useful for ad fraud, but can be adapted for spamming and DDoS campaigns as well.
Kaspersky, to its credit, developed a decryption tool for the CryptXXX ransomware. But no good thing lasts forever—Proofpoint, which discovered and has continued to track CryptXXX, says that the malware has been modified to render the decryption tool ineffective.
Palo Alto warns that revenant ransomware Bucbi, not much seen since 2014, is making a comeback. Its approach to infection is different: its controllers brute-force their way into servers.
The security industry shows ambivalence about sharing—zero-day vendors are in bad odor, and start-ups don’t like their exclusion from VirusTotal. Twitter’s Dataminr poke at the US Intelligence Community is called fruit of a bad relationship between Government and industry.
The Bangladesh Bank hack investigation follows two lines: the FBI thinks it sees insiders, and Bangladesh police think SWIFT technicians rendered the bank vulnerable (which SWIFT vigorously disputes).
Today's issue includes events affecting Afghanistan, Australia, Azerbaijan, Bangladesh, Brazil, Canada, Chile, Colombia, Dominican Republic, Germany, Greece, India, Israel, Lebanon, Malaysia, Mexico, New Zealand, Panama, Russia, Saudi Arabia, Spain, Syria, Tunisia, Ukraine, United Arab Emirates, United Kingdom, United States.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from Accenture's Malek Ben Salem on big data security frameworks. Our guest is John Prisco, CEO of Triumfant, on his company's recent study of the Locky ransomware.
Osama bin Laden’s son says jihad in Syria key to ‘liberate Palestine’(Long War Journal) Al Qaeda’s propaganda arm, As Sahab, has released a new message from Osama bin Laden’s son, Hamzah. It is the second time Hamzah has spoken on behalf of al Qaeda since last August. Hamzah’s message has been paired with a speech by Ayman al Zawahiri on both occasions.
Taliban claims to have ‘thousands of fully armed martyrdom seekers’(Long War Journal) The Afghan Taliban said it would give “top priority” to retaliate against government agencies involved in the execution of jihadist prisoners and claimed it has “thousands of fully armed martyrdom seekers” at its disposal who are “awaiting to take revenge.” The Taliban issued the statement yesterday on its official website, Voice of Jihad, after the Afghan government executed six jihadists, including a member of al Qaeda, for various attacks in the country
Panama Papers database of offshore companies goes public(Chicago Tribune) A group of investigative journalists made live the names of thousands of offshore companies based on a massive trove of data on the finances of the rich and powerful that has become known as the Panama Papers
You can now search the Panama Papers – the secret accounts of the global rich – yourself(Washington Post) Some of the information from the Panama Papers, a vast trove of more than 11 million leaked documents that have cast a light into the shadowy world of offshore finance, is now available to the public for the first time. The Washington Post is joining a group of global media organizations in publishing a searchable database of more than 300,000 opaque offshore entities
CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool(Proofpoint Insight) In mid-April, Proofpoint researchers discovered CryptXXX, a new malware variant developed by the authors of the Reveton malware and closely tied to Angler and Bedep . Our colleagues at Kaspersky quickly released a decryption tool with which infected users could recover encrypted files without paying the CryptXXX ransom. However, the latest version of CryptXXX, which appeared in the wild today, renders that tool ineffective, returning the focus on CryptXXX to detection and prevention
5 Email Campaigns Evading In-Market Security Solutions(IT Business Edge) Email is still the primary attack vector for many cybercriminals. In addition to malicious attachments and URLs, credential phishing is also on the rise and placing everyday users at the root of the attack. Why? Cybercriminals are using advanced attack methods that are consistently evading traditional detection tools. As such, organizations are beginning to realize that these advanced attacks can only be detected through multi-dimensional behavioral analytics that operate on diverse data sources and use a full spectrum of machine learning techniques
Beware: fake emails are becoming more realistic(Business IT) A security vendor reports that fake emails are getting harder to spot, as cyber criminals become more effective at spreading malware and stealing passwords. Criminals are crafting increasingly realistic emails using local brands and logos to impersonate postal companies, tax and law enforcement agencies and utility firms, according to security vendor Sophos
How secure are the devices connecting to enterprise assets?(Help Net Security) Most enterprises have accepted that its employees will use their own various, often mobile devices to access company assets, and have realized that the defined, more easily secured network perimeter is a thing of the past. All that remains for them is to make sure these devices are secure as they can be
Cyber Attacks in Retail Sector Highest in 2015, Reports Dimension Data(Spamfighter News) A report from an Information Technology security firm in Wellington reveals that the number of cyber-assaults on the retail market was the highest in 2015 therefore consumers and businesses must remain watchful while worldwide cyber-crime gets increasingly refined
Here's Why Palo Alto Networks Is Better Than FireEye(Investor Guide) Cyber security stocks have been very volatile. For instance, FireEye (FEYE), which is off considerably from its 52-week highs, fell almost 20% yesterday after reporting bleak quarterly report. Investors need to be very careful when choosing a stock in this space. Since the companies are focusing on growing market share, they spend more money than they generate, which is why stocks in the sector are very volatile
NRC to sole-source cyber simulation contract ... unless(Federal Times) The Nuclear Regulatory Commission is planning to award a sole-source contract for evaluating and training its cybersecurity staff, however the commission is giving other prospective vendors a chance to show they can meet the requirements
Raytheon Opens New Campus in Richardson(WPAB News) Raytheon has opened a campus in Richardson along Bush Turnpike, east of Highway 75. The facility will house Raytheon’s Intelligence, Information and Services
An Innovation Jason Bourne Would Love(Forbes) You know that scene in the 2002 movie The Bourne Identity, when Jason Bourne (Matt Damon) dispatches a CIA assassin sent to kill him at his French farmhouse hideout — and then uses the guy’s phone to make a zero-click encrypted phone call to CIA headquarters in Langley?
Swimlane Selected as a Gartner "Cool Vendor"(PRNewswire) Swimlane, a developer of cybersecurity automation solutions, today announced that it has been named to Gartner's list of "Cool Vendors 2016" in the category of Security Infrastructure Protection
The IT Checklist to Prevent Data Breach(Aim.ph) A big part of data security is the proactive prevention of data loss, theft, and security breach, and it is always better to prevent these from happening instead of mitigating attacks
Preventing user-based attacks(ITWeb) Today, an enormous percentage of business is conducted via the Internet on a multitude of devices and platforms. End users share more information than ever and connect to numerous outside networks, increasing the potential attack surface exponentially
Guardsman conduct large-scale cyber training(Defense Systems) The potential threat to infrastructure was one focus of the recent Cyber Shield 2016, a national cyber exercise in which National Guard units took part along with Army, Reserve and Marine Corps cyber warriors
Why cyber tools are not total solutions(Federal Times) I had the opportunity to attend this year’s RSA Conference in San Francisco and I was impressed with the hundreds of cybersecurity exhibitors on display there. If you ever have the chance to go and haven’t been already, do yourself a favor and take the trip. It’s absolutely worth the investment
Why ONI May Be Our Best Hope for Cyber Security Now(Datanami) Huge volume of network data has made it all but impossible for the good guys to detect new security threats, which has created space for the bad guys to operate. But thanks to a new Apache big data project called Open Network Insight (ONI), the good guys now have a powerful way to cut through the noise and identify bad guys and their malicious schemes
CYREN Awarded Second Cybersecurity Grant from Israeli Government(PRNewswire) CYREN (NASDAQ: CYRN) today announced it was awarded a grant of ILS 3.22 million (approximately USD 0.85 million) by the Office of the Chief Scientist (OCS) at Israel's Ministry of Economy and Industry. The grant is part of Israel's ongoing initiative that provides benefits to Israeli companies in order to encourage R&D activity aimed at developing technological solutions in the field of cybersecurity. CYREN received a similar grant last year as well
Presidential Advisers Recommend Countering Cyberattacks, Shootings with Big Data(Nextgov) An adversary has spent months executing a cyberattack on an unnamed part of the nation's critical infrastructure, after years of planning. Now, the disruption to daily American life is reaching its climax. First, there is a distributed denial of service, or DDoS," attack that masks a massive theft of data crucial to plotting the final coordinated strike. No one notices because security personnel are too busy trying to revive systems overwhelmed by a deluge of bogus network traffic
IoT security: not ripe for regulation(The Hill) Media reports regularly offer frightening stories about security vulnerabilities in the emerging “Internet of Things,” from the hack of a Jeep to the specter of bad guys accessing “smart homes” or exploiting industrial IoT to compromise utilities
Privacy and the New Math(Linux Journal) In the Apple vs. FBI case, the real disputes are between math and architecture, and between open and closed. Linux can play an important role in settling those disputes, because it is on the right side of both
Syrian hacker extradited to the United States from Germany(Washington Post) An alleged hacker with the Syrian Electronic Army, a group that supports the Syrian government, has been extradited to the United States from Germany on charges of conspiracy linked to a hacking-related extortion scheme, U.S. officials said Monday
Afognak Native Corporation Recovers $3.665M of Cyber Fraud Funds(Globe Newswire) Afognak Native Corporation announced today that it has recovered nearly all of the stolen funds that were fraudulently obtained by an international criminal ring during a sophisticated cyber crime attack against the corporation in May 2015
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
IP EXPO Europe(London, England, UK, October 5 - 6, 2016) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forwardIP EXPO Europe now includes six co-located events with their own...
MCRCon 2016: Some Assembly Required(Ypsilanti, Michigan, USA, May 10, 2016) The annual conference focuses on hacking prevention, incident handling, forensics and post-event public relations, with presentations delivered by nationally-recognized experts, cybersecurity skills competitions,...
CISO UK(London, England, UK, May 10, 2016) We're in an historic transition — one marked by challenges, but filled with possibility. Preparing for the upturn and making the right decisions in times of change can better position your enterprise...
SecureWorld Houston(Houston, Texas, USA, May 11, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
Guarding the Grid(Washington, DC, USA, May 12, 2016) Protecting the power grid from today's cyber threats has become one of the nation's top national security priorities. Nowhere was this more evident than in the aftermath of the cyberattack in Ukraine that...
Telegraph Cyber Security(London, England, UK, May 17, 2016) The Telegraph Cyber Security conference will provide the key components to create a cutting-edge cyber security plan, regardless of your organisation’s size or sphere of activity
DCOI 2016(Washington, DC, USA, May 18 - 19, 2016) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization that aims towards enhancing collaboration...
ISSA LA Eighth Annual Information Security Summit(Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.