Malwarebytes researchers warn that a fresh, more dangerous version of DMA Locker ransomware will soon appear in the wild. DMA Locker was famous for its easily cracked encryption, but in version 4.0 the criminal developers seem to have done better. (Right for them, wrong for the rest of us.)
Turla espionage malware has hit Swiss defense firm RUAG. Switzerland’s CERT describes the attack as as careful, closely targeted, and patient. It seems to have begun at least as early as 2014.
ESET last week received the keys to TeslaCrypt, along with something like an apology from the ransomware’s criminal controllers. But there’s less remorse here than meets the eye: Bleeping Computer says TeslaCrypt’s impresarios have shifted to CryptXXX.
The recently patched Flash zero-day has been integrated into at least three exploit kits: Magnitude, Angler, and Neutrino.
In industry news, the SWIFT funds transfer system plans to release a plan for upgrading security sometime today. The organization intends to improve information sharing, “harden” security requirements for its member institutions, and offer help detecting fraud through some form of pattern recognition.
IBM is preparing for layoffs, but it’s still hiring in the areas into which it intends to expand, notably security.
Panama Papers post mortems proceed, reaching some consensus among observers that Mossac Fonseca was the victim of an SQL injection attack.
The US House and Senate have published versions of the Defense Authorization Act; both have significant implications for cyber policy.
Phineas Phisher seems to be starting a hack-back political movement.
Today's issue includes events affecting China, Israel, Kenya, Romania, Russia, Slovenia, South Africa, Switzerland, Turkey, United Kingdom, United States.
Tomorrow and Thursday the CyberWire will be covering Georgetown University's Cyber Law Institute. Watch for a full account in upcoming issues, and follow us as we live Tweet from this always interesting conference.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our research partners at Quintessence Labs are up, as their John Leiseboer explains some security aspects of cloud data storage. We also have Robert Lord from Protenus as our guest: he'll talk about protecting the privacy of medical records. (If you feel so inclined, please give us an iTunes review.)
Unraveling Turla APT Attack Against Swiss Defense Firm(Threatpost) Ever since hackers targeted Swiss defense contractor RUAG, government officials have been tight lipped about the breach. But on Monday Switzerland’s CERT (Computer Emergency Readiness Team) spilled the beans on the attack against the firm and the how perpetrators pulled it off
Cyber Lessons From The Panama Papers Hack(SIGNAL) April marked one of the largest data breaches in history, with 11.5 million confidential documents leaked online. How did it happen—and what can we learn from it?
SQL injection: The oldest hack in the book(IT Pro Portal) The latest reports suggest the highly publicised ‘Panama Papers’ data leak was the result of a hacking technique known as SQL injection. With 11.5 million files being leaked, the Mossack Fonseca breach exceeds even the 1.7 million files leaked by the infamous Edward Snowden
Three Exploit Kits Spreading Attacks for Recent Flash Player Zero Day(Threatpost) Exploits for the most recent Adobe Flash Player zero-day vulnerability have been integrated into the Angler, Neutrino and Magnitude exploit kits, and are leading compromised computers to different ransomware strains, banking malware, and a credential-stealing Trojan
Jaku: Analysis of a botnet(Help Net Security) In May 2016, the Special Investigations team at Forcepoint revealed the existence of a botnet campaign that is unique in targeting a very small number of individuals while in tandem, herding thousands of victims into general groups
CIOs are hindered by massive tech skills shortage(Help Net Security) More CIOs report directly to the CEO (34 percent) than at any time in the past decade, rising 10 percent over last year, according to the 2016 Harvey Nash/KPMG CIO Survey. CIOs with a direct report to the CEO are also the happiest (87 percent report job fulfillment)
A10 Networks (ATEN): Strong Industry, Solid Earnings Estimate Revisions(Zacks) One stock that might be an intriguing choice for investors right now is A10 Networks, Inc. (ATEN - Snapshot Report). This is because this security in the Communication Network Software space is seeing solid earnings estimate revision activity, and is in great company from a Zacks Industry Rank perspective
CYBERCOM awards spots on new $460M cyber operations contract(Federal Times) The General Services Administration and Cyber Command — the lead command for military cyber operations — announced the winners of a multi-award contract to provide “a broad scope of services needed to support the U.S. Cyber Command mission,” according to the award announcement
KEYW Awarded Prime Position on $460 Million Multiple Award Contract with the U.S. Cyber Command(Globe Newswire) The KEYW Holding Corporation (NASDAQ:KEYW) announced today that is has been awarded a prime position on a five-year multiple-award, indefinite delivery/indefinite quantity contract with a $460 million ceiling value to provide a broad scope of services needed to support the U.S. Cyber Command mission including project management, cyberspace operations, planning, training, and exercises and other mission support disciplines
KEYW Holding (KEYW) Announces CFO Transition(Street Insider) The KEYW Holding Corporation (Nasdaq: KEYW) announced the departure of the company’s Chief Financial Officer and Executive Vice President Philip L. Calamia. Mr. Calamia is departing KEYW to pursue other opportunities
Review: Signal for iOS(Help Net Security) Open Whisper Systems’ Signal is an encrypted voice and text communication application available for Android and iOS. The technology is built upon the organization’s open source Signal Protocol, which has recently been implemented by messaging heavy-hitters such as WhatsApp and Google Allo
Each Cyber Attack Has Its Own Cure(Design News) Cyber attacks continue to get more plentiful and more dangerous. And Verizon, in response, has released its 2016 Data Breach Investigations Report, which reveals the dark side of cybersecurity
Training to protect our Infrastructure(DVIDS) Imagine somebody has hacked into your water utility and made your water undrinkable…or worse. Critical Infrastructure Exercise 16.2, also known as Crit-Ex, is helping utility companies learn where those cyber weaknesses might be
UK Certifies 6 New Cybersecurity Masters' Degrees(Infosecurity Magazine) The workforce skills gap continues to widen as businesses desperately search for qualified security personnel amidst a snowballing threat landscape. To help remedy the situation, GCHQ, as the UK’s national technical authority for information assurance, has certified six more masters' degrees in cybersecurity
IBM Launches Coginitive Cybersecurity Lab in Baltimore(CivSource) IBM is partnering with the University of Maryland, Baltimore County (UMBC) to create the Accelerated Cognitive Cybersecurity Laboratory (ACCL), which will be housed within the College of Engineering and Information Technology at UMBC. The Lab will use Watson technology to improve cybersecurity
H. R. 4909 [Report No. 114–537](Congress.gov) To authorize appropriations for fiscal year 2017 for military activities of the Department of Defense and for military construction, to prescribe military personnel strengths for such fiscal year, and for other purposes
National Defense Authorization Act for Fiscal Year 2017(Senate Armed Services Committee) For 54 consecutive years, the Senate Armed Services Committee has fulfilled its duty of producing the National Defense Authorization Act (NDAA). This vital piece of legislation authorizes the necessary funding and provides authorities for our military to defend the nation. And it is a reflection of its critical importance to our national security that the NDAA is one of few bills in Congress that continues to enjoy bipartisan support year after year
When Is NSA Hacking OK?(US News and World Report) A top agency official explains the balancing act the government attempts when it comes to quietly using security flaws or exposing them
Here’s What the NSA Does for the Department of Agriculture and the Fed(Observer) At the end of the 1992 Robert Redford movie Sneakers, a National Security Agency [NSA] official offers a team of hackers whatever they want in exchange for a piece of omnipotent code-breaking technology disguised as an answering machine. In this writer’s opinion, the film is the best movie to put the NSA at the center of its plot. A lot of flicks depict the agency as the CIA with a different name, but Sneakers focuses on the crux of the NSA’s work: capturing information in transmission, also known as signals intelligence. NSA spies don’t sneak bugs into diplomat’s offices. They use satellites
Clinton hacker ‘Guccifer’ expected to plead guilty(The Hill) A Romanian hacker who claimed to have broken into former Secretary of State Hillary Clinton’s personal email server is expected to plead guilty to U.S. criminal charges in a federal court this week
Clinton email probe in late stage, FBI may question her(AP) FBI agents probing whether Hillary Clinton's use of a private email server imperiled government secrets appear close to completing their work, a process experts say will probably culminate in a sit-down with the former secretary of state
A New Front In Obama’s War on Whistleblowers(Defense One) Fired Pentagon assistant inspector general John Crane is going public with allegations senior officials retaliated against whistleblowers, destroyed permanent records and altered audits under political pressure
Teenager charged over Mumsnet hack and DDoS attack(We Live Security) An 18-year-old man has been charged by British police in connection with an internet attack that saw Mumsnet hacked, users’ accounts breached, passwords stolen, and the site blasted offline
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Innovations in Cybersecurity Education Workshop 2016(Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
New York State Cyber Security Conference(Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...
SecureWorld Portland(Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
Cleared Job Fair(Tysons Corner, Virginia, USA, June 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...
SIFMA Cyber Law Seminar(New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.