ISIS and other terrorist organizations concentrate on using legitimate, consumer technology for coordination. ISIS inspiration appears to be suffering from limited returns even as it grows in cruelty and brutality: the Caliphate isn’t built to endure setbacks; its endgame, sadly, will probably be bloody.
The venerable threat group Pawn Storm, lately attending to Germany’s CDU, is now generally regarded as a Russian state operation. Its modus operandi and target selection may be circumstantial evidence, but that evidence has convinced most observers.
Another SWIFT-based raid is reported, this one an attempt on an unnamed Vietnamese commercial bank. Investigation of the earlier Bangladesh Bank hack continues. FireEye, engaged to look into the theft, says it’s found evidence of three groups: a Pakistani organization, one from North Korea, and a third, as yet unidentified actor. It’s the third one that actually pulled off the heist. The Pakistani and North Korea groups are thought to be state-sponsored. BAE sees commonalities in code used against the banks in Bangladesh and Vietnam with that used in the Sony hack.
Two other banking issues have surfaced. OpIcarus has expanded to targets in Montenegro, Monaco, Jordan, and South Korea. And the US Federal Deposit Insurance Corporation discloses that it’s suffered “five major breaches” since October—individual banking consumer data are affected.
Adobe has patched the latest Flash zero-day as promised.
7-Zip flaws are said to affect security products; users are advised to update.
The FBI’s “fingerprint-unlock warrant” in California didn’t work, even after they tried all ten fingers.
Today's issue includes events affecting Bangladesh, China, European Union, Germany, Iraq, Jordan, Democratic Peoples Republic of Korea, Republic of Korea, Monaco, Montenegro, Pakistan, Philippines, Russia, South Africa, Sri Lanka, Syria, United Kingdom, United States, and Vietnam.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. (And if you like what you hear, consider giving it an iTunes review . If you don't like it, well, then, no worries; don't go to any trouble.)
Terrorists opt for consumer tools(CSO) Although cybercriminals have been turning out specialized hacking and attack tools at a rapid pace, terrorists are often using legitimate, consumer-focused technologies
Pawn Storm APT targets members of Angela Merkel’s party(Help Net Security) Pawn Storm, one of the oldest APTs engaging in cyber espionage, has been spotted targeting members of the German Christian Democratic Union (CDU), the political party of German Chancellor Angela Merkel
Second SWIFT Attack Hits Vietnam Bank Showing Links to Sony Hack(SecurityWeek) At a financial conference in Frankfurt, Thursday, SWIFT's chief executive Gottfried Leibbrandt told the audience that the $81 million theft from the Bangladesh central bank's New York account "was from our perspective a customer fraud." He added, "I don’t think it was the first, I don’t think it will be the last"
Bangladesh Bank Heist Probe Said to Find Three Hacker Groups(Bloomberg Technology) Investigators examining the theft of $81 million from Bangladesh’s central bank have uncovered evidence of three hacking groups -- including two nation states -- inside the bank’s network but say it was the third, unidentified group that pulled off the heist, according to two people briefed on the progress of the bank’s internal investigation
OpIcarus: Anonymous Shut Down 4 More Banking Websites(Hack Read) After a short break, Anonymous, BannedOffline and Ghost Squad are back in action — Their latest targets to face the fury are banking websites in Jordan, South Korea, Monegasque and Montenegro. All attacks were conducted under the banner of operation OpIcarus
Double trouble for Android(ITWeb) Check Point and Kaspersky Lab unearthed major vulnerabilities in the Android OS. Android, the most dominant operating system, faces more security challenges, with two global security companies discovering major flaws in a week
Carding Sites Turn to the ‘Dark Cloud’(KrebsOnSecurity) Crooks who peddle stolen credit cards on the Internet face a constant challenge: Keeping their shops online and reachable in the face of meddling from law enforcement officials, security firms, researchers and vigilantes. In this post, we’ll examine a large collection of hacked computers around the world that currently serves as a criminal cloud hosting environment for a variety of cybercrime operations, from sending spam to hosting malicious software and stolen credit card shops
Pirates find rich pickings in shipping computer files(Standard) Pirates have become more sophisticated and can now hack into the management systems of shipping companies targeting various vessels, cybersecurity consulting firm Verizon Asia Pacific said in a report issued yesterday
Google Hit by Insider Data Breach(Infosecurity Magazine) Google has suffered an embarrassing insider data breach after an employee at a third-party vendor mistakenly sent personal information on an unspecified number of Mountain View employees to another company
Security Patches, Mitigations, and Software Updates
Criminals continue to target healthcare data – Ponemon study finds(id experts) The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data by the Ponemon Institute, finds that criminal attacks are the leading cause of half of all data breaches in healthcare. Employee mistakes, third-party snafus, and stolen computer devices—are the root cause of the other half of data breaches. The study also found that while most healthcare organizations believe they are vulnerable to a data breach, they are unprepared to address new threats and lack the resources to protect patient data
Sextortion as Cybersecurity: Defining Cyber Risk Too Narrowly(Lawfare) When we think of cybersecurity, we don't think of sexual violence. Sexual assault, rape, and child molestation are problems of intimate contact between individuals in close proximity to one another. By contrast, we tend think of cybersecurity as a problem of remote attacks that affect governments, major corporations, and—at an individual level—people with credit card numbers or identities to steal
Why M&A activity leaves companies vulnerable to cyber criminals(City A.M.) Global merger and acquisitions (M&A) activity reached record-breaking deal values in 2015 at over $5 trillion. Whilst these vast sums excite shareholders, they also attract cyber criminals who sense an opportunity via inherent weaknesses in the M&A process
Is FireEye Finished?(GuruFocus) I have been bullish on FireEye (FEYE) for quite some time. I recommended buying FireEye multiple times over the last few months and the stock, on average, was up —…% until I recently suggested investors to sell it and book profits
Palo Alto Networks Is a Screaming Buy(Investor Guide) Palo Alto Networks (PANW) announced second quarter ended January 31, 2016 total revenue of $334.7 million, up 54 percent year-over-year from $217.7 million of total revenue during the same period last year. Going forward, the company estimates third quarter of 2016 total revenue in the $335 to $339 million range, illustrating 43 percent to 45 percent of year-over-year growth
Finjan Holdings (FNJN) Enters $10.2M Series A Preferred Private Placement(StreetInsider) Finjan Holdings, Inc. (Nasdaq: FNJN) announced that it has secured a $10.2 million Series A Preferred Stock financing in a private placement transaction led by Halcyon Long Duration Recoveries Investments I LLC ("Halcyon LDRII"), an affiliate of both funds managed by Halcyon Long Duration Recoveries Management LP and its affiliates ("Halcyon") and Soryn IP Group, LLC ("Soryn")
Check Point Software Co-Founder Launches Simple Network Security In The Cloud(Forbes) Shlomo Kramer, who co-founded Check Point Software alongside Gil Schwed and Marius Nacht in 1993, raised $20 million in a series A funding round for Cato Networks late last year, a startup venture aimed at redefining how enterprises secure their networks and mobile devices. His elevator pitch: “Network security is simple again.” Now Kramer is up and running in the cloud
Quick Heal enhances security software revenue in Q1(Infotechlead) Quick Heal Technologies, a IT security software products and solutions provider, said its revenues grew 26 percent to Rs 1,314.4 million in Q4 fiscal 2016 and 18 percent to Rs 3,380.7 million in FY 2016
Sophos in MSP push(ChannelWeb) Security vendor has launched a new partner programme aimed at MSPs
Which Porn Sites are Trustworthy?(Check and Secure) Porn – it’s what the internet was made for, according to the musical Avenue Q. Website popularity listings like Alexa seem to support with this, showing that U.S. pornsite XVideo is more popular than Apple.com
Technologies, Techniques, and Standards
What the C-Suite Should Know about the Rise of Ransomware(Palo Alto Networks) With ransomware on the rise, executives have many questions on their minds. What do I need to know about ransomware? To what extent is ransomware covered by cyber insurance? And most importantly, what can be done to prevent these attacks from happening in the first place?
Tips to Use Penetration Testing to Protect Your Business From Cyber Attacks(App Developer Magazine) Forty-seven percent of all breaches were caused by malicious or criminal attacks according to the most recent global data breach study released by the Ponemon Institute. Resolving an attack cost businesses an average of $170 per record, translating to an average total cost of $3.79 million for a data breach
Bridging the security automation gap(Help Net Security) Security management has gotten out of hand, according to our recent State of Automation in Security Report. 48% of survey respondents had an application outage as a result of a misconfigured security device, 42% experienced a network outage, while 20% suffered a security breach. And on average, these issues took up to three hours to fix, while 20% of organizations needed a day or more to fix the problem
Milagro: A distributed cryptosystem for the cloud(Help Net Security) A new open source project within the Apache Incubator aims to create an alternative to outdated and problematic monolithic trust hierarchies such as commercial certificate authorities
The Dark Web Has Its Own Lit Magazine(Wired) When most people think about the dark web, they envision the Silk Road, terrorist networks, pornography, and other sinister threats. They certainly don’t imagine finding poetry. Or short stories. Or creative nonfiction. That’s a preconception the founders of The Torist, the first literary magazine on the encrypted network Tor, hope to correct
US Focusing Intently on China's Cyber Commitments(Voice of America) U.S. officials say they are watching closely to ensure that China abides by its cybersecurity commitments, following the first meeting between the two sides since they struck an anti-hacking agreement in September
Pentagon chief sees problems with cybersecurity(National Defense via Bloomberg Government) The private sector in the United States is underinvesting in network protection and hindering the growth of the cybersecurity market, Secretary of Defense Ashton Carter told reporters on May 11
Motion Filed Asking FBI To Disclose Tor Browser Zero Day(Threatpost) Mozilla on Wednesday filed a motion with the U.S. District Court in Tacoma, Wa., asking the government to disclose a vulnerability it exploited in the Tor Browser and Firefox. The FBI used the zero-day to hack a child pornography site and de-anonymize users visiting the site using the Tor Browser
In on-going litigation, startup now sues prominent VCs and angel investors for aiding and abetting a fraud, trade secret misappropriation and other wrongdoing.(PRNewswire) Tech entrepreneurs Jason Hullinger and Benjamin de Bont, as well as start-up Agora Systems LLC, filed a lawsuit this week in a Los Angeles federal court against prominent venture capital firms U.S. Venture Partners and Karlin Ventures, tech incubator Launchpad LA, angel investors Michael Stern, Adam Lilling and Sam Teller, famed technologist Dan Kaminsky and others. The lawsuit supplements original claims against Defendants Kunal Anand, Julien Bellanger and their security tech start-up Prevoty, Inc., seeking compensatory and punitive damages for fraud, breach of fiduciary duties and trade secret misappropriation, among other wrongdoing
Call Centers In The Bullseye(Dark Reading) Cheap set-ups, economic recession, and the US rollout of chip-and-PIN technology, all contribute to dramatic increase in call center fraud
Telegraph Cyber Security(London, England, UK, May 17, 2016) The Telegraph Cyber Security conference will provide the key components to create a cutting-edge cyber security plan, regardless of your organisation’s size or sphere of activity
DCOI 2016(Washington, DC, USA, May 18 - 19, 2016) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization that aims towards enhancing collaboration...
ISSA LA Eighth Annual Information Security Summit(Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Innovations in Cybersecurity Education Workshop 2016(Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.