Germany’s domestic intelligence service, the Bundesamt für Verfassungsschutz (BfV), accuses Russia’s government of a longstanding cyber campaign against a range of targets, including the Bundestag. Pawn Storm and its Sofacy tool are specifically mentioned in the Bundestag investigation. Other researchers, notably at Trend Micro, remark Pawn Storm’s continuing activity against a similar array of targets—the Russian government is widely believed to be behind the Pawn Storm APT.
Russian authorities are closing some four thousand websites on the grounds that they encourage extremism or facilitate drug trafficking. Russia’s privately held news outlet, RBC, has also fired its three senior editors. It’s widely believed the firings are in response to government pressure—RBC and its editors had reported extensively on oligarchs’ appearance in the Panama Papers breach.
Twitter’s decision late last week to end the US Intelligence Community’s access to Dataminr social media analytics isn’t playing well in the media. Wired calls it "a move that left many scratching their heads," and the Wall Street Journal notes with strong disapproval that Russia Today still gets its Dataminr feeds.
US intelligence services pick up increased signs of desperation in social media from ISIS, which seems to have declared a “state-of-emergency” its self-proclaimed capital, Raqqa. Other signs point to increasing, opportunistic competition from al Qaeda, and to ISIS plans to shift its center of gravity to Libya and Tunisia.
Vietnam's Tien Phong Bank says it’s the unnamed bank that detected and stopped a SWIFT-based fraud attempt.
Kaspersky has cracked the latest CryptXXX version.
Today's issue includes events affecting Bangladesh, China, France, Germany, Israel, Democratic Peoples Republic of Korea, Luxembourg, Mexico, Nigeria, Philippines, Russia, Sri Lanka, Sweden, Tanzania, Trinidad and Tobago, Tunisia, Turkey, United Arab Emirates, United States, and Vietnam.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. (And if you like what you hear, consider giving it an iTunes review.) Today's guest is from Quintessesnce Labs.
U.S. envoy in anti-ISIS battle: 'perverse caliphate' shrinking(Associated Press via Military Times) The Obama administration's diplomatic point man in the international fight against the Islamic State group says the extremists have been losing control over territory and that "this perverse caliphate is shrinking." Brett McGurk, a presidential envoy to the 66-member anti-ISIS coalition, told a news conference Sunday that the tide is turning against extremists, both online and on the battle field
Al Qaeda Turns to Syria, With a Plan to Challenge ISIS(New York Times) Al Qaeda’s top leadership in Pakistan, badly weakened after a decade of C.I.A. drone strikes, has decided that the terror group’s future lies in Syria and has secretly dispatched more than a dozen of its most seasoned veterans there, according to senior American and European intelligence and counterterrorism officials
CAUTION: The SSL blind spot is growing(IT Brief) The use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption is growing fast, and that’s a good thing for protecting user privacy and business communications. However, it’s also good news for hackers and cybercriminals because SSL provides a great hiding place for malware. In fact, research from Gartner forecasts that 50% of all network attacks will hide in encrypted traffic by 2017
Malware-Laced Porn Apps Behind Wave of Android Lockscreen Attacks(Threatpost) Incidents of Android lockscreen malware masquerading as porn apps are a growing concern to security analysts who are forecasting an uptick in attacks. Once infected, Android users bitten by this malware appear to be locked out of their device and are forced to undergo a complex extraction of the app to win back control of their phone or tablet
Meteocontrol Web'log 100/Light/Pro/Pro Unlimited Access Command Shell Feature Privilege Escalation(VulDB) A vulnerability has been found in Meteocontrol WEB'log 100/Light/Pro/Pro Unlimited and classified as critical. This vulnerability affects an unknown function of the component Access Command Shell Feature. The manipulation with an unknown input leads to a privilege escalation vulnerability. As an impact it is known to affect confidentiality, integrity, and availability. The weakness was shared 05/14/2016. This vulnerability was named CVE-2016-2297. The attack can be initiated remotely. The technical details are unknown and an exploit is not available
World's oldest hacking profession doesn't rely on internet(CNBC) As the number of reported data breaches continues to blitz U.S. companies — over 6 million records exposed already this year, according to the Identity Theft Resource Center — IT budgets are ballooning to combat what corporations see as their greatest threat: faceless, sophisticated hackers from an outside entity
Pornhub said to be compromised, shell access available for $1,000(CSO) On Saturday evening, an underground researcher running the 1x0123 Twitter account offered command injection abilities and shell access to a subdomain on Pornhub for a mere $1,000 USD. See updates at the bottom of this story. On Sunday evening, Pornhub called this incident a hoax
Apple Deletes App That Informed Users If Their iPhone is Hacked(HackRead) The usual search keywords on Google about hacking are hacking tools, how to hack or how to know if I am hacked. Well, one can’t find answers for every question but a German IT security researcher Stefan Esser developed an app informing users if their iPhone has been secretly hacked, jailbroken or being spied by malicious actors but it looks like Apple didn’t like the idea of ”information for all” and deleted the app because according to the Apple’s review team the System and Security info app didn’t compliance with the App store review guidelines
New FireEye Research Reveals the Impact of High-Profile Security Breaches on U.S. Consumers' Trust of Brands(Marketwired) FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today released the results of new research that finds high-profile data breaches are negatively impacting consumer trust in major brands. The FireEye commissioned research -- conducted by independent technology market research specialist Vanson Bourne with a survey of 2,000 adults within the U.S. in April 2016 -- confirms the rising public concerns of data privacy.
Many Americans refrain from shopping, stating opinions online(Help Net Security) Recently released results of a survey by the US Department of Commerce’s National Telecommunications and Information Administration (NTIA) have revealed that security and privacy fears stopped 45 percent of polled households from conducting financial transactions, buying goods or services, posting on social networks, or expressing opinions on controversial or political issues via the Internet
Security spending rises in areas ineffective against multi-stage attacks(Help Net Security) Vormetric announced the results of the Financial Services Edition of the 2016 Vormetric Data Threat Report (DTR). This edition extends earlier findings of the global report, focusing on responses from IT security leaders in financial services, which details IT security spending plans, perceptions of threats to data, rates of data breach failures and data security stances
Security startup confessions: Limited funds and their impact on security(Help Net Security) My name is Kai Roer and I am a co-founder of a European security startup, and these are my confessions. I hope you will learn from my struggles, and appreciate the choices startups make when security matters. I will share experiences from my own startups (my first was in 1994), and things I have learned by watching and advising numerous other startups around the world
Nigeria Records Significant Improvement in E-Transactions and Cyber Fraud(VenturesAfrica) According to the Central Bank of Nigeria (CBN), electronic transactions, also known as e-transactions, in the country have seen a significant improvement. The level of fraud has dropped, while the value of e-transactions in the country has risen significantly when compared to its status in 2014
How much security is enough?(Fedscoop) With a CISO on their board of directors, organizations could gain a better understanding of the cyberthreats their systems face
Hackers Find Dozens of Ways into Pentagon Servers—with Permission(Newsweek) The Pentagon asked hackers to take a crack at its servers, and in response 1,400 hackers found 90 ways in, according to a tweet from the CEO of HackerOne on Friday. “Hack the Pentagon” was a test run of a bug bounty program, which allow hackers and the public at large to find and report problems with servers and websites
VA wants to scan dark web for stolen data(Federal Times via C4ISR & Networks) Navigating the Internet has become a routine thing since the invention of strong search engines like Google but not everything on the web is indexed and searchable. Websites that aren’t meant to be found — from criminal sites to backend systems not meant for public consumption — are part of what’s known as the “dark web"
So You Want to Fund a Startup? Here’s What You Need to Know(Wired) When big startups go public and all those early investors become gazillionaires, it’s like: “Why can’t that be me?” Now, with a little bit of luck, it can! Thanks to the newly approved JOBS Act rules, which go into effect today, you no longer have to make $200K a year or have a net worth of $1 million to invest in a startup—you just need to have some cash
Fujitsu enhances Global Managed Security Service(Telecompaper) Fujitsu announced that it has enhanced its Global Managed Security Service, which provides unified support in response to cyber-attacks across the lifecycle, including detection and prevention, analysis and countermeasures, and enhanced security resilience
CISO Playbook: Games of War & Cyber Defenses(Dark Reading) Limiting incident response planning to hypothetical table-top scenarios is far too risky in today's threat environment. But with cyberwar gaming you can simulate the experience of a real attack
Don't dump your perimeter security(SC Magazine) While perimeter security has certainly changed over the years, it would be negligent to suggest that companies not protect the edge of their network as best as they can
New Method of Producing Random Numbers Could Improve Cybersecurity(UT News) With an advance that one cryptography expert called a "masterpiece," University of Texas at Austin computer scientists have developed a new method for producing truly random numbers, a breakthrough that could be used to encrypt data, make electronic voting more secure, conduct statistically significant polls and more accurately simulate complex systems such as Earth's climate
OkCupid Study Reveals the Perils of Big-Data Science(Wired) On May 8, a group of Danish researchers publicly released a dataset of nearly 70,000 users of the online dating site OkCupid, including usernames, age, gender, location, what kind of relationship (or sex) they’re interested in, personality traits, and answers to thousands of profiling questions used by the site
IUP offering cybersecurity summer camp(Indiana Gazette) Indiana University of Pennsylvania is offering a free Cybersecurity Camp for middle and high school students and teachers from June 13 to 17 on the IUP campus
How Israel is turning part of the Negev Desert into a cyber-city(Washington Post) Here in the middle of the Negev Desert, a cyber-city is rising to cement Israel’s place as a major digital power. The new development, an outcropping of glass and steel, will concentrate some of the country’s top talent from the military, academia and business in an area of just a few square miles. No other country is so purposefully integrating its private, scholarly, government and military cyber-expertise
CJ defends introduction of Cyber Crime Act(Daily News) The CJ made the remarks here at a meeting with Tanzanians living in the UK over the weekend, saying three out of every four people including children in Tanzania own mobile phones, thus a need for such act to protect every section in the community
GOP lawmakers back effort to screen social media accounts for security clearances(Washington Times) Republican lawmakers voiced support Friday for authorities to look more closely at things like the Facebook and Instagram accounts of applicants for government security clearances — a day after the Obama administration issued new guidelines for using publicly-available social-media information in federal background checks
Navy cyber commander nominated as service intel chief(C4ISR & Networks) Navy Vice Adm. Jan Tighe on May 13 was nominated by Defense Secretary Ash Carter for assignment as deputy chief of naval operations for information warfare and director of naval intelligence at the Pentagon, Washington, D.C., according to a Defense Department release
Litigation, Investigation, and Law Enforcement
Everything We Know About How the FBI Hacks People(Wired) Recent headlines warn that the government now has greater authority to hack your computers, in and outside the US. Changes to federal criminal court procedures known as Rule 41 are to blame; they vastly expand how and whom the FBI can legally hack. But just like the NSA’s hacking operations, FBI hacking isn’t new. In fact, the bureau has a long history of surreptitiously hacking us, going back two decades
Report: France saw Paris attack coming, failed to stop it(CBS News) A French newspaper says France changed its military strategy last year and started airstrikes in Syria because of concerns months before the attacks on Paris that ringleader Abdelhamid Abaaoud was plotting to target a concert and take hostages
CISO DC(Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and...
2016 CyberWeek(Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's...
DC / Metro Cyber Security Summit(Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
Chicago Cyber Security Summit(Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
New York Cyber Security Summit(New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
Los Angeles Cyber Security Summit(Los Angeles, California, USA, October 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
Telegraph Cyber Security(London, England, UK, May 17, 2016) The Telegraph Cyber Security conference will provide the key components to create a cutting-edge cyber security plan, regardless of your organisation’s size or sphere of activity
DCOI 2016(Washington, DC, USA, May 18 - 19, 2016) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization that aims towards enhancing collaboration...
ISSA LA Eighth Annual Information Security Summit(Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.