As TeslaCrypt is retired, and superseded for the most part by CryptXXX, other strains of ransomware continue to circulate. CYBER.POLICE, puerile screen presentation and all, remains a problem for Android devices. More criminals are making use of a combined ransomware and DDoS attack. KnowBe4, Invincea, and FireEye are tracking this development, which strikes many observers as the new normal: such attacks are inexpensive to mount and promise a good payoff.
Paying ransom loses some of its meretricious luster. Kansas Heart Hospital, following the example of Hollywood Presbyterian, did pay recently, only to find that its attackers reneged on their promise to decrypt files. The criminals decrypted only a fraction of the affected files, then demanded additional payments. That was enough for Kansas Heart—they’re no longer paying.
Rogue hardware devices turn up in the wild: the US FBI warns against keyloggers disguised as USB charging devices.
Microsoft’s Azure Active Directory now blocks weak passwords that have shown up in breaches. (Like, the Register notes, “M!cr0$0ft.”)
In industry news, the next major security IPO is rumored to be Blue Coat, which could move as early as next week. And investors continue to look for buying opportunities in established companies.
In the crypto wars, some in law enforcement are coming around to the view, prevalent in the US IC, at least, that hacking, not backdoors, are the way to access systems. (Law enforcement adds “undercover work.”)
In the UK, the “snooper’s charter” will be subjected to a review before it clears Parliament.
Today's issue includes events affecting Australia, Belgium, European Union, Iraq, Switzerland, Syria, United Arab Emirates, United Kingdom, United States.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from the University of Maryland's Markus Rauschecker, who'll consider whether Congress and the FCC are actually taking a hands-off approach to regulating the Internet-of-things. (If you feel so inclined, please give us an iTunes review.)
CYBER.POLICE Android Ransomware still on patrol…(Malwarebytes) Over the weekend we saw the following rogue Android APK being downloaded to mobile devices via a rogue advert. It claims to be an “Adult Player”, but is really a piece of Ransomware bearing the name “CYBER.POLICE” which has been doing the rounds for a while now
Consumers have no idea what ransomware is(Help Net Security) A new study reveals almost half (43%) of connected consumers today do not know what ransomware is, despite the recent aggressive spread of this type of cyber threat. In addition, a similar amount (44%) confessed that they did not know what data or information could be stolen in a ransomware attack
WPAD name collision bug opens door for MitM attackers(Help Net Security) A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to mount MitM attacks from anywhere on the Internet, US-CERT warns
Who’s tracking you online, and how?(Help Net Security) Armed with a tool that mimics a consumer browser but is actually bent on discovering all the ways websites are tracking visitors, Princeton University researchers have discovered several device fingerprinting techniques never before seen in the wild
The Growing Threat of Cyber-Attacks on Critical Infrastructure(Huffpost Business) Despite the fact that cyber-attacks occur with greater frequency and intensity around the world, many either go unreported or are under-reported, leaving the public with a false sense of security about the threat they pose and the lives and property they impact
CNBC gets swift boot by money transfer group Swift(CNBC) A camera operator working for CNBC on Tuesday was ejected from a financial conference in Brussels before a speech on cybersecurity by the CEO of the group that runs the electronic financial messaging program that knits together the global financial system
Security Patches, Mitigations, and Software Updates
Reputation damage and brand integrity: Top reasons for protecting data(Help Net Security) Vormetric announced the results of the European Edition of the 2016 Vormetric Data Threat Report. It focuses on responses from IT security leaders in European organisations, which detail IT security spending plans, perceptions of threats to data, rates of data breach failures and data security stances
Consumer password authentication dissatisfaction reaches tipping point(Biometric Update) Over half of consumers in the US and UK would prefer to get rid of their usernames and passwords altogether, and instead use biometrics and other modern authentication methods, according to survey results released by customer identity management company Gigya on Tuesday
Death of the Password(Gigya) Consumers now expect more trusted and personalized experiences in exchange for their personal information, but businesses are struggling to protect user privacy in light of growing global security and privacy concerns. Since tolerance is diminishing for username and password processes, today’s businesses must find new ways to secure users’ data while delivering better customer experiences
Most Swiss firms unprepared for cyberattacks(SwissInfo) More than half of Swiss firms are unprepared for cyberattacks on their networks as the so-called “Internet of Things” becomes a reality, a study has shown. Meanwhile, new information has come to light in the recent hack of the RUAG defence firm
Palo Alto Networks: Well Positioned In The Changing Cybersecurity Industry(Seeking Alpha) Palo Alto Networks' highly integrated approach will likely push the company to new heights in the changing cybersecurity realm. PANW's rapid increase in individual customer value and overall customer count is indicative of the company's growing brand appeal. While Palo Alto Networks is in a great position, the company is facing a growing number of competitive risks from peers such as Fortinet
Apple rehires prominent security pro as encryption fight boils(Reuters) Apple Inc (AAPL.O), which has resisted pressure from U.S. law enforcement to unlock encrypted iPhones, this month rehired a top expert in practical cryptography to bring more powerful security features to a wide range of consumer products
Products, Services, and Solutions
(ISC)2 Partners with PivotPoint on Risk Assessment(Infosecurity Magazine) There is much talk about why CISOs need to translate cybersecurity into business terms rather than technical terms in order to get a seat at the board table. But no one has provided an answer as to how
The next wave of smart Data Loss Prevention solutions(Help Net Security) Data Loss Prevention has evolved beautifully in the last few years. The measure of control that DLP now provides is extremely powerful, and helps organizations from all sectors and of all sizes minimize the risk of data theft and loss, and protect their intellectual property as well as other type of sensitive data
The Best Anti-Virus(PC Gamer) Nobody wants to pay for antivirus software, particularly savvy PC users who know that the best protection is still to practice smart computing habits. You are your best line of defense and if you avoid shady websites, use different passwords for each online account, and avoid clicking on links in email and instant messages, you might be fine to roll without protection. Then again, you might not be
Ads are for humans, not bots, say advertisers(Naked Security) Someday this may change… but, in 2016, when advertisers pay for online advertising, they still want actual humans to see those ads. Not bots. Or, as the Trustworthy Accountability Group (TAG) puts it
Threat Intelligence - The Answer to Threats or Another Fad?(Infosecuriy Magazine) The threat landscape has been dynamic and ever changing, and the growth and rapid advancement in cyber-attacks against enterprises and individuals have rendered traditional cyber-security measures virtually obsolete
Five myths about Web security(Datacenter Dynamics) Almost 3 terabytes of data stolen in the Panama Gate scandal will shortly become searchable online. Mossack Fonseca, the breached legal firm behind one of the largest data leaks in the history, had numerous high-risk vulnerabilities in its front-end web applications, including its Client Information Portal. Actually, few hacking groups would spend money on expensive zero-days and complicated APTs, when the information can be easily stolen via insecure web applications. Moreover, even if your corporate website doesn’t contain a single byte of sensitive data, it’s still a perfect foothold to get into your corporate network
The Problem with Analytics(Beta News) There is a difference between knowledge and understanding. Knowledge typically comes down to knowing facts while understanding is the application of knowledge to the mastery of systems. You can know a lot while understanding very little
Research and Development
NAVAIR wants to build cyber resiliency into weapons systems(GCN) Recognizing the complexity of securing its weapons systems, the Naval Air Systems Command issued a broad agency announcement for research and development to support in technologies to make its systems more resilient to cyber warfare in an environment of connectivity
Raytheon Partners with AU Kogod Cybersecurity Governance Center(Washington Executive) Raytheon Company announced May 19 that the company is partnering with American University’s Kogod Cybersecurity Governance Center to promote good governance in the preparation for, prevention and detection of, and response to cybersecurity breaches in cybersecurity research and education
UK surveillance bill’s controversial bulk powers to be reviewed(TechCrunch) The UK government has agreed to an independent review of so called “bulk collection” — aka mass surveillance — powers in proposed new surveillance legislation, one of the most controversial elements of the Investigatory Powers bill which is currently before parliament. It’s aiming to get the bill onto the statute books before the end of this year
House passes policy bill for intelligence agencies(The Hill) The House easily passed legislation on Tuesday to authorize intelligence agency activities for the next year with provisions to prevent officials from manipulating reports on combating terrorism
Industry reactions to the EU General Data Protection Regulation(Help Net Security) As of today, businesses have just two years to become compliant to the EU General Data Protection Regulation (GDPR) or risk major fines. Businesses will need to take adequate measures to ensure the security of personal data, actively demonstrating that they comply with the GDPR and implement “privacy by design"
Man hacks highway sign to read “Drive Crazy Yall”(Naked Security) A Texas man has admitted to guessing at what must have been a forehead-slapper of an easy login for a highway sign, changing what should have been a “construction ahead” warning to “Drive Crazy Yall”
Facebook Facing Lawsuit for Scanning Users’ Private Messages for Likes(HackRead) According to reports, Facebook historically scanned private text messages of its users for identifying links to websites and treated them as Likes. We do know that Facebook often finds itself in hot water over its observation of user privacy but this time, the matter is far worse than what we may have presumed
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Enfuse 2016(Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...
HITBSecConf2016 Amsterdam(Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of THC.org, an in-depth...
Insider Threat Program Development Training(Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC.
4th Annual Cybersecurity Law Institute(Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...
MCRCon 2016: Some Assembly Required(Ypsilanti, Michigan, USA, May 10, 2016) The annual conference focuses on hacking prevention, incident handling, forensics and post-event public relations, with presentations delivered by nationally-recognized experts, cybersecurity skills competitions,...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
New York State Cyber Security Conference(Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...
SecureWorld Portland(Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
SIFMA Cyber Law Seminar(New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...
Cleared Job Fair(Tysons Corner, Virginia, USA, June 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...
SANSFIRE 2016(Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind...
Show Me Con(St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they...
CISO DC(Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and...
The Security Culture Conference 2016(Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture...
2016 CyberWeek(Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's...
Cyber Security for Critical Assets LATAM(Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency...
Cyber 7.0(Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle...
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
SANS Salt Lake City 2016(Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...
DC / Metro Cyber Security Summit(Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.