Operation Groundbait continues to chum for influential meat fishermen in eastern Ukraine. Don’t be too quick with attribution—hybrid war is rarely obvious—but the targets seem to be, generally speaking, pro-Russian. ESET is tracking the campaign.
One associates information operations in social media with ISIS. But don’t overlook the Chinese government. A study outlines the role played by the “50-centers” (so named for the rumored fifty cents a post they’re paid). Their piecework is estimated to churn out about 488 million posts annually. The content is propaganda; the audience is largely domestic.
Phineas Phisher remains on the hacktivist stage, now with an exposé of alleged brutality by Catalan police. He’s also said to have taken down a police union server.
Ransomware holds its place as businesses’ principal threat. But some good news arrives: ESET took a direct approach and asked TeslaCrypt’s proprietors for their key. They gave it up, said they were sorry, and told Bratislava they were closing up shop. One may doubt the remorse, but the key seems genuine.
Conficker, patched by Microsoft in 2008, is still around. Check Point says the worm was implicated in one in every six identifiable attacks last month. (It doesn’t have to be a zero-day to work.)
Investigation suggests a Bangladesh Bank official’s compromised computer was used in the SWIFT-related hack. The Bank of England tells UK financial institutions to buck up the security of their interactions with SWIFT.
The US House wants to make Cyber Command a Unified Combatant Command.
Today's issue includes events affecting Canada, France, China, Germany, India, Israel, Italy, Japan, Republic of Korea, Russia, Singapore, Spain, Ukraine, United Kingdom, United States.
Today we're in Laurel, Maryland, attending the Jailbreak Security Summit, the world's leading cyber security and craft beer event. This year's focus is Internet-of-things security. Watch for live Tweets today, and a report next week.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the week. Today's guests are our research partner, Accenture Labs' Malek Ben Salem who discusses semantic technology for cyber defense. We'll also hear from historian and author Abby Smith Rumsey who'll talk about her book, “When We are No More: How Digital Memory Memory Will Shape Our Future." (If you enjoy the Podcast, please share your enjoyment with an iTunes review.)
DCOi 2016(INSS) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization t that aims towards enhancing collaboration between the United-States and Israel in cybersecurity. The summit is supported by Israel state agencies alongside companies and corporation across the United-States and Israel and is free of charge for registrants. DCOI 2016 will present best technological and creative skills, industry leaders and some of the most innovative entrepreneurs in the world
US-Israel Cyber Cooperation: The US brings information; Israel brings agility of innovation.(The CyberWIre) Organized by the Institute for National Security Studies (INSS, based at Tel Aviv University), DCOi featured high-level participation by both Israeli and US officials engaged in various aspects of cyber security. It also served as an opportunity for Israeli security companies to introduce themselves to the US market. Two overarching themes emerged: the centrality of rapid cyber intelligence development and sharing to security, and the importance of agility in developing and deploying security solutions
Catalan Police Union Server Destroyed, Data Leaked Against Police Brutality(HackRead) A couple of hours ago HackRead reported on a robin hood hacker going with the handles “Phineas Phisher” “Hack Back!” and “@GammaGroupPR” stealing Bitcoins and donating them to Kurdish groups. Yes, the same hacker who previously hacked Hacking Team and the developers of FinFisher malware. Now, he’s back with another hack and this time the target is the official website of Sindicat De Mossos d’Esquadra (SME) or the Catalan Police Union
Android Qualcomm Vulnerability Impacts 60 Percent of Devices(Threatpost) A flaw in Qualcomm’s mobile processor, used in 60 percent of Android devices, allows attackers to take control over a targeted phone or tablet under specific conditions. Researchers at Duo Labs said the vulnerability is tied to Android’s problem-plagued mediaserver, coupled with a security hole in Qualcomm’s Secure Execution Environment (QSEE)
Noodles & Company Probes Breach Claims(KrebsOnSecurity) Noodles & Company [NASDAQ: NDLS], a fast-casual restaurant chain with more than 500 stores in 35 U.S. states, says it has hired outside investigators to probe reports of a credit card breach at some locations
Activist Focus: Is It Time To Get Long Infoblox?(Seeking Alpha) Starboard Value filed a 13D on April 22, 2016, disclosing a 7.1% stake. The activist fund is nominating directors to the Infoblox board. A possible sale of the company will likely emerge in the coming months after the Thoma Bravo’s takeover offer
Juniper Networks CFO: The First 100 Days(Wall Street Journal) Ken Miller has more than a decade of experience at Juniper Networks Inc. Yet the first 100 days of his tenure as finance chief have been a lesson in strategic planning
Greg Kushto: Agencies could be facing a cyber brain drain(Federal News Radio) For a variety of reasons, a large number of people seem to be leaving government for the private sector. Greg Kushto, a former cyber official at the Department of Agriculture and now the director of the Security Practice at Force 3, tells Federal Drive with Tom Temin this could mean a brain drain in crucial cybersecurity skills
CyberArk Named a 2016 Best Place to Work in Massachusetts(Yahoo! Finance) CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, has been named one of Boston Business Journal’s 2016 Best Places to Work
Observable Networks Announces Integration with Amazon Inspector Service(Benzinga) Observable Networks Inc., an emerging leader of advanced threat detection services, is proud to announce the integration between its Dynamic Endpoint Modeling solution and Amazon Inspector, an automated security assessment service that helps improve the security and compliance of applications deployed on the Amazon Web Services (AWS) Cloud
Oddly Named App Makes Sharing Your Location Less Creepy(Wired) Parents see an obvious benefit to location-sharing mobile apps—keeping track of their kids. Almost everyone else considers broadcasting your location 24/7 a pointless threat to privacy that quickly drains your battery
TCC named National Center of Academic Excellence in Cyber Defense(Inside Business) Gov. Terry McAuliffe announced Thursday that Tidewater Community College is the latest Virginia institution to be named a National Center of Academic Excellence in Cyber Defense by the United States National Security Agency and the Department of Homeland Security
Survey: OPM breach did little to raise feds' cyber posture(Federal Times) A new survey of federal cybersecurity executives and contractors shows a split opinion on whether the massive breach of Office of Personnel Management networks and subsequent Cyber Sprint did anything to improve federal cybersecurity
US Widens Sanctions on Islamic State, Al-Qaida Branches(ABC News) The United States expanded sanctions Thursday against affiliates of al-Qaida and the Islamic State group operating across the Middle East and North Africa, reflecting the spreading threat of extremism far beyond the groups' traditional strongholds in Iraq, Syria and Afghanistan
NYC Man Who Joined Then Escaped ISIS Speaks Out Against 'Evil'(NBC News) He left the United States to join ISIS and then fled the group after five months. Now a New York City man is revealing the disturbing details of his journey into the heartland of terror — and warning others not to follow in his footsteps
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
ISSA LA Eighth Annual Information Security Summit(Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Innovations in Cybersecurity Education Workshop 2016(Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
New York State Cyber Security Conference(Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...
SecureWorld Portland(Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
Cleared Job Fair(Tysons Corner, Virginia, USA, June 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...
SIFMA Cyber Law Seminar(New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.