Cyber tensions rise around the Arabian Gulf. Palo Alto Networks reports on espionage campaign, “OilRig,” deploying the Helminth backdoor against targets in Saudi Arabia’s banking and defense sectors. Helminth’s command-and-control infrastructure contains clues suggesting Iranian origin. Iran says its Statistics Centre sustained an unspecified cyber attack traceable to Saudi IP addresses.
The Russia-linked PawnStorm/Sofacy cyber espionage group is said to be newly active against targets in Finland, especially those targets showing an interest in Russian operations in Ukraine and Syria.
Symantec says it’s found evidence pointing to North Korean involvement in the Bangladesh Bank theft and similar attempts on banks in other Asian countries. Investigators in Bangladesh render their report to the Finance Ministry. They take care not to absolve SWIFT, but they now say an insider may have been involved. Banks around the world continue to work with SWIFT and various national standards bodies to shore up the security of funds transfers.
Old social media data breaches continue to trouble users. About 360 million MySpace credentials have turned up for sale on the dark web, as have 65 million Tumblr user emails and passwords. In both cases the data were lost in breaches that occurred a few years ago.
Check Point reports vulnerabilities in widely used LG Android devices.
IBM warns of “bug poaching.” Criminals hack into a network, and then offer to explain the vulnerability they exploited in exchange for payment. Asks are running at around $30,000.
Industry observers see high, but newly selective, VC interest in cyber.
Today's issue includes events affecting Albania, Australia, Bangladesh, Canada, China, European Union, Finland, France, Iran, India, Kazakhstan, Kenya, Democratic Peoples Republic of Korea, Kyrgyzstan, Malaysia, Myanmar, Nepal, Nigeria, Pakistan, Philippines, Russia, Saudi Arabia, South Africa, United States, and Uzbekistan.
ON THE PODCAST
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we learn about one-time pads, the only mathematically unbreakable encryption, from Quintessence Labs' Vikram Sharma. And our guest today is Ryan Trost of Threat Quotient, who'll be discussing the utility of attack attribution. (And please note: we welcome iTunes reviews.)
Cyber Attacks, Threats, and Vulnerabilities
Russian cyber-espionage group hits Sanoma(Yle) Yle has obtained new evidence of cyber-attacks on Finnish targets by a cyber-espionage group linked to Russian state intelligence. The group, known as Sofacy or Pawn Storm, has attempted to hack into data communications of Finland's largest group, Sanoma, as well as of a Finnish member of Bellingcat, an international group investigating the Ukraine conflict
Banks pressed to step up defences against cyber attack(Financial Times) Banks received a double dose of pressure to tighten up their defences against cyber attack on Friday as they were admonished on the subject by one of Europe’s top regulators and the Swift global payment messaging system
MySpace Data Breach Exposes Passwords for 427 Million Users (Softpedia) LeakedSource, a company that maintains a searchable database of credentials leaked in data breaches, has revealed today it added over 427 million user records to its immense database, after earlier this week it also added 167 million LinkedIn account
MySpace.com was hacked(LeakedSource) LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data
Reddit resets passwords after LinkedIn data dump(SCMagazine) Reddit announced it would require users to reset their passwords following the release of a dataset containing 100 million LinkedIn emails and password combinations from a 2012 breach
Bug Poaching: A New Extortion Tactic Targeting Enterprises(IBM Security Intelligence) Imagine a scenario in which burglars break into your home but steal nothing and don’t harm anything inside. Instead, these burglars take pictures of all your precious belongings and personal assets. Later that day, you receive a letter with copies of all these pictures and an alarming message: “If you’d like to know how we broke into your house, please pay us large sums of money”
Users Fail To Update Adobe Flash Player, Being Vulnerable To Attacks(Neurogadget) Researchers have discovered that some users have failed to install the latest patch released by Adobe for a zero-day vulnerability and hackers took advantage of the situation and continued infecting vulnerable devices with ransomware or Trojans that steal online banking logins and passwords
Facebook’s Twin in North Korea Identified and Hacked within a Single day(Hack Read) Andrew McKean, an 18-year old from Scotland, revealed that he successfully logged into the North Korean version of Facebook (Starcon.net.kp) using “admin” and “password” as login details. This gave the Scottish teenager complete control on this website along with the power to delete and suspend users, modify the name of the website, censor content and also control the forthcoming ads. Not just this, it also gave him the authority to “see everyone’s emails”
Katy Perry’s Twitter account, the platform’s most followed, got hacked(TechCrunch) Many of Katy Perry’s 89 million Twitter followers—the most on the platform—were probably intrigued and confused when the pop star tweeted supposed archnemesis Taylor Swift this morning. As it turns out, that tweet—along with several others that were filled with profanity and slurs—was the work of a hacker and quickly deleted
Respect my Certificate Authority!(IT News) You should decide who to trust. When infosec equipment vendor Blue Coat was issued an intermediate Certificate Authority (CA) signed by Symantec, not only did it create an uproar in the security industry, but it also (again) raised the question of why we're still using CAs
Global profiles of the typical fraudster(Help Net Security) Technology is an important tool to help companies fight fraud, but many are not succeeding in using data analytics as a primary tool for fraud detection
Growing advanced threats will augment the IT security market through 2020(Help Net Security) Research analysts are forecasting positive growth for many segments of the global IT security market over the next four years as several markets including BYOD security, mobile payment security software, and contactless smart card market in banking sector, will witness an increase in revenues
Cyber security demand sends billings soaring at Sophos(Investors Chronicle) As organisations increasingly embrace mobile devices and conduct business online, hackers and data thieves are jumping for joy. Recent cyber attacks on companies such as LinkedIn (US:LNKD) and TalkTalk (TALK) have fuelled demand at Sophos (SOPH), which provides end-user and network security software to more than 220,000 organisations worldwide. The upshot was adjusted cash profits of $121m (£82.4m) in the year to March, up almost a third at constant currencies
Cylance to offer customized AI-designed cybersecurity solutions in APAC(Voice & Data) Cylance, Singapore-based cybersecurity solutions company that uses artificial intelligence to proactively prevent advanced persistent threats and malware, has decided to expand its Asia Pacific operations with a tailored approach that could be ideal for satisfying customer needs in specific APAC countries
Main One partners Radware on robust DDOS mitigation(Nation) Main One, the premier connectivity and data centre Solutions Company in West Africa and Radware, a leading provider of cyber security and application delivery solutions, have launched an outsourced Managed Security Service
How visibility can help detect and counter DDoS attacks(Help Net Security) It’s been proven that preventive medical strategies are more cost-effective for treatment and better solutions to support long-term health than reactive medical measures. Anticipating issues and preparing for and supporting healthy systems is simply more logical than troubleshooting and fixing things when they go wrong
Exclusive: New strategies to combat cyber attacks, from LogRhythm(Security Brief) Some SMEs are are paying lip service to cyber security, opening themselves up to being just another statistic in the malicious cyber crime game. That's according to Bill Smith, LogRhythm sales and customer relationship manager and Bill Taylor, LogRhythm Asia-Pacific and Japan CEO
The Romanian Teen Hacker Who Hunts Bugs to Resist the Dark Side(Wired) It's 3 A.M., and his eyes are almost closed. The pack of gummy bears on his desk is empty. So’s the Chinese takeout box. Romanian white hat hacker Alex Coltuneac has had three hours of sleep tonight. And last night. And the night before that. He’s busy trying to find a vulnerability in YouTube live chat, which he plans to report to the company and hopefully get some money in return. None of the bugs he has discovered in the past few days electrifies him, so he keeps digging
The Grand Cyber Spy Game: Russia, America, and China Stealing th World One Byte at a Time(Modern Diplomacy) Every month another story of cybertheft linked to China or Russia emerges. Recent data breaches at Target, United Airlines, Blue Cross Blue Shield, and OPM have been linked back to Russia, while theft of key technology across major Department of Defense contractors such as Lockheed Martin and US government laboratories have been linked to China
Cybersecurity: the case for a European approach(Open Democracy) The EU objective of developing a cyber ‘soft’ power privileging defence, resilience and civil society, sharply contrasts with national cybersecurity policies developed both inside and outside Europe
Enhancing National Cybersecurity Requires Surrendering the Crypto War(Lawfare) On Monday, Paul Rosenzweig suggested a number of areas in which the recently formed Commission on Enhancing National Cybersecurity should focus in charting the US government’s path forward. While I agree the government must rethink strategic policy choices, Rosenzweig is putting the cart before the horse. Before we can construct an effective long-term policy agenda, the government must first repair a number of critical relationships
Congressman: Why is the White House Exempt from Federal Cyber Rules?(Nextgov) When federal Chief Information Officer Tony Scott testified Wednesday before the House Oversight and Government Reform Committee to make the case for a $3.1 billion IT modernization fund, he faced a series of questions about the government’s archaic systems – some of which are more than 50 years old
Microsoft, Mexican drug lords and the Fight for New York(Alphr) In a corner of Microsoft’s Redmond campus there sits a plain, unremarkable building. Slip inside, and a black wall sports a map of the world pin-pricked with lights so bright that you can’t stare at them for long. The lights spell out Microsoft Cybercrime Center. And it’s the last place you’d expect to find a trophy taken from a Mexican drug cartel
Holder: Edward Snowden performed 'public service'(USA Today) Fugitive former National Security Agency contractor Edward Snowden damaged U.S. interests but also performed a public service when he leaked national security documents in 2013, former U.S. attorney general Eric Holder said Monday
US State Dept. Report Alleges Hillary Clinton Deceived Staff, Officials And Americans – OpEd(Eurasia News) The Office of the Inspector General (OIG) at the U.S. State Department’s following what it claims was an extensive probe has released to federal lawmakers and other interested parties a “highly critical analysis” of former Secretary of State Hillary Clinton’s communications security practices while she headed the department. The report, which was released on Wednesday, alleges that she failed to seek legal approval for her use of a private email server and her hiring of a private Internet company to maintain the server
Conspirator Pleads Guilty to Bank Fraud Scheme Involving Over 200 Victims(United States Attorney's Office, District of Maryland) Shivani Patel, age 30, of Reisterstown, Maryland, pleaded guilty today to bank fraud conspiracy and aggravated identity theft arising from a scheme to use stolen credit information of more than 200 victims to defraud financial institutions
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Innovations in Cybersecurity Education Workshop 2016(Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...
TECHEXPO Cyber Security Hiring Event(Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...
Borderless Cyber Europe(Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness...
SecureWorld Atlanta(Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
ISS World Europe(Prague, Czech Republic, June 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
New York State Cyber Security Conference(Albany, New York, USA, June 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The...
SecureWorld Portland(Portland, Oregon, USA, June 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...
SIFMA Cyber Law Seminar(New York, New York, USA, June 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role...
Cleared Job Fair(Tysons Corner, Virginia, USA, June 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research,...
SANSFIRE 2016(Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind...
Show Me Con(St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they...
CISO DC(Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and...
The Security Culture Conference 2016(Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture...
2016 CyberWeek(Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's...
Cyber Security for Critical Assets LATAM(Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency...
Cyber 7.0(Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle...
Security of Things World(Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June...
SANS Salt Lake City 2016(Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more...
DC / Metro Cyber Security Summit(Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.