The Shadow Brokers resurfaced for Halloween, dumping an archive they call "trickortreat" and still writing completely implausible broken English. (Why cartoonist Stephen Pastis doesn't sue them for ripping off the crocodiles' diction from "Pearls before Swine" is beyond us.) Flashpoint, who's suffered through the present participles malapropistes so the rest of us don't have to, says the dump appears to reveal server stage infrastructure used by the Equation Group. The Equation Group is thought by most observers to be, roughly speaking, an NSA contractor. Flashpoint also notes that the Shadow Brokers tend to mirror Russian President Putin's jibes at the American political system, this time, for example, calling it "free, as in free beer," a one-liner Mr. Putin delivered recently at the St. Petersburg Economic Forum.
Concerns about US elections persist—forty-six states have now asked for Federal help securing the vote. More WikiLeaks doxing is expected before next Tuesday's voting. The FBI's newly resumed investigation into candidate Clinton's State Department era email practices continues.
Google discloses flaws it discovered in Microsoft Windows and Adobe Flash.
Researchers continue to consider approaches to cleaning up Mirai and similar Internet-of-things threats. One proof-of-concept, a white-hatted worm that changes default passwords, is unlikely to pass legal muster.
Experts call for active defenses short of hacking back.
Canadian anti-bullying law may be seeing anti-journalism applications.
The Furby is back in a new, more connected form. We assume Furbys are still banned from Fort Meade and its environs? Check before you bring one to work.
Today's issue includes events affecting Australia, Canada, China, European Union, France, India, Netherlands, Russia, Spain, United Kingdom, United States.
A note to our readers: We'll be in Washington tomorrow and Thursday covering the SINET Showcase 2016. We're particularly looking forward to getting to know this year's SINET 16, a selection of some of the most innovative young companies in our industry.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we meet a new partner, Palo Alto Networks' Unit 42. Rick Howard will introduce himself and the Unit 42 team. Our guest is Ferruh Mavituna from Netsparker, who will discuss content security policy. And as always, if you enjoy the podcast, please consider giving it an iTunes review.
TECHEXPO Cyber Security Hiring Event(McLean, VA, USA, November 2, 2016) Our professional hiring events have benefited nearly a million attendees since 1993. We look forward to helping you advance your career and saving you time in your job search by providing you the opportunity to meet face to face with the nation's leading companies.
Malware Detection: How to Spot Infections Early with AlienVault USM(Live Webcast, November 3, 2016) While malware has been a thorn in the side of IT pros for years, some of the recent variants observed by the AlienVault Labs security research team, like CoreBot, have the ability to modify themselves on the fly, making them nearly impossible to detect with traditional preventative security measures. Join us for a live demo to learn about the most common types of malware, and how you can detect infections quickly with AlienVault USM.
Cyber Attacks, Threats, and Vulnerabilities
“The Shadow Brokers” “Trick or Treat” Leak Exposes International Stage Server Infrastructure(Flashpoint) The hacker collective known as “The Shadow Brokers” has published another leak related to the “Equation Group” — a group of hackers believed to be operated by the National Security Agency (NSA). The group posted an archive titled “trickortreat,” leaking the pair (redirector) keys allegedly connecting stage servers of numerous covert operations conducted by the NSA. The Shadow Brokers’ most recent leak is related to the server stage infrastructure used by the various exploits from the group’s previous leak
NSA data may have been dumped in second leak(Washington Times) The group responsible for publishing National Security Agency data over the summer released hundreds of new files on Monday, exposing domains and Internet protocol addresses that could reveal who the agency has targeted over the last several years
Hackers apparently fooled Clinton official with bogus email(Federal Times) New evidence appears to show how hackers earlier this year stole more than 50,000 emails of Hillary Clinton's campaign chairman, an audacious electronic attack blamed on Russia's government and one that has resulted in embarrassing political disclosures about Democrats in the final weeks before the U.S. presidential election
Google Publicly Discloses Security Flaw In Adobe Flash, Microsoft Windows(International Business Times) Google’s Threat Analysis Group recently discovered vulnerabilities in Adobe Flash and Microsoft’s Windows which allow malware attacks on the Chrome web browser. The company made the discovery on Oct. 21 and has also disclosed it publicly today, which isn’t sitting well with Microsoft
Windows Atom Tables Could Blow Up Security, Researchers Say(Security Intelligence) Researchers from enSilo may have too much time on their hands: Instead of putting out fires, they came up with a method to nuke Windows security. To make it worse, this attack vector cannot be patched because of how it uses Windows atom tables, which are basic system calls, to operate
Hackforums Shutters Booter Service Bazaar(KrebsOnSecurity) Perhaps the most bustling marketplace on the Internet where people can compare and purchase so-called “booter” and “stresser” subscriptions — attack-for-hire services designed to knock Web sites offline — announced last week that it has permanently banned the sale and advertising of these services
IoT-based Linux/Mirai: Frequently Asked Questions(Fortinet) Ever since the Mirai DDoS attack was launched a few weeks ago, we have received a number of questions that I will try to answer here. If you have more follow-up questions, please let me know
Can we extinguish the Mirai threat?(Help Net Security) The recent massive DDoS attack against DNS provider Dyn has jolted (some of) the general public and legislators, and has opened their eyes to the danger of insecure IoT devices
Anti-worm ‘Nematode’ Could be Answer to Mirai Botnets(Infosecurity Magazine) A security researcher has uncovered what is claimed to be an effective way to mitigate the threat from Mirai-powered IoT botnets like the one that caused a massive internet outage over a week ago
After botnet attacks, stakes rise for security in connected things(Christian Science Monitor Passcode) At the Security of Things Forum in Washington, cybersecurity experts addressed the challenges of securing the Internet of Things after hackers shut down large segments of the web by taking advantage of insecure connected devices
Trend Micro: Fake Apple iOS Apps Are Rampant(Infosecurity Magazine) The Apple iOS environment is riddled with malicious fake apps, signed with enterprise certificates and had the same Bundle IDs as their official versions on the App Store. Repackaged versions of Pokemon Go, Facebook, and several other gaming apps are just some of the affected titles
Trick or Tweet: the 5 Spookiest Social Media Cyber Security Incidents(ZeroFOX Team) The rise of social media cyber security incidents has been explosive in recent years. According to Cisco, Facebook scam are now the #1 way to breach the network. In the spirit of Halloween, ZeroFOX is looking back at the 5 scariest cyber security incidents we’ve seen on social networks. It ranges from high-profile account hacks to nasty malware distributed via Facebook or Twitter
Security Patches, Mitigations, and Software Updates
Smart machines: Is full automation desirable?(Help Net Security) By 2020, smart machines will be a top five investment priority for more than 30 percent of CIOs, according to Gartner. With smart machines moving towards fully autonomous operation for the first time, balancing the need to exercise control versus the drive to realize benefits is crucial
The difference between IT security and ICS security(Help Net Security) In this podcast recorded at IoT Solutions World Congress Barcelona 2016, Andrew Ginter, VP of Industrial Security at Waterfall Security, talks about the difference between IT security and ICS security
Researchers Claim Wickr Patched Flaws but Didn't Pay Rewards(Security Week) Vulnerability Lab security researchers claim that Wickr Inc., the company behind encrypted messaging service Wickr, hasn’t paid promised bounties for multiple vulnerabilities disclosed years ago, although the company did patch all of them
Why India’s 'Leaky' Submarines Matter(National Interest) The wide-ranging data leak on India’s French-origin Scorpene submarines uncovered by The Australian in August 2016 has undermined New Delhi’s sensitive submarine construction program
LockPath wins 2016 GRC Value Award for Policy Management(Yahoo! Finance) LockPath, a leader in governance, risk management and compliance (GRC) solutions, today announced the company is being honored with the 2016 GRC Value Award in Policy Management. The GRC Value Awards program recognizes real-world implementations for GRC programs and processes that have returned significant and measurable value to an organization
Symantec Unveils the Future of Endpoint Security(BusinessWire) Symantec Endpoint Protection 14 provides multi-layered protection including advanced machine learning and response capabilities to protect and respond to cyber threats at the endpoint
4 Essential IoT Security Best Practices(eSecurity Planet) With IoT security top of mind in the wake of recent IoT-based attacks, here are four tips on improving your Internet of Things security measures
Design and Innovation
Former CYBERCOM official calls for human oversight of autonomous systems(C4ISRNET) There must be human input and oversight when it comes to autonomous systems meant to make decisions on when, where and on whom to pull the trigger, the former deputy commander of U.S. Cyber Command said during a panel at a conference focused entirely on the so-called third offset strategy
Injecting Security Into DevOps(Information Security Buzz) DevOps is now being met by the OpsDev movement, which some say is just NetOps with SDN thrown in
Research and Development
Call for Papers(International Journal of Business and Cyber Security) We are currently seeking scholarly papers for the next issue of IJBCS which is due for publication in January 2017. This important area of research is undergoing a period of rapid change, and thus it is vitally important to be up with current developments, hence the growing interest in IJBCS () IJBCS is a scholarly and refereed journal that provides an authoritative source of information for scholars, academicians, policy makers and professionals regarding business and cyber security. It is peer reviewed journal that is published twice a year and serves as an important research platform
UK commits £1.9B to National Cyber Security Strategy, working with Microsoft and more(TechCrunch) The recent rush of allegations against countries like Russia and China and their possible roles against cyber attacks on countries like the U.S. have prompted a big move from the UK: the government said today that it plans to invest £1.9 billion ($2.3 billion) over the next five years in a new cyber defense strategy, called the National Cyber Security Strategy, to prepare for and fight back against cyber attacks in the future
New report: Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats(George Washington University) A new report from the GW Center for Cyber and Homeland Security offers the most comprehensive assessment to date of the legal, policy and technological contexts that surround private sector cybersecurity and active defense measures to improve U.S. responses to evolving threats. The report provides a framework to develop active defense strategies and offers a set of policy recommendations to the public and private sectors to support implementation of more effective cybersecurity defenses
U.S. Should Strike Back at Cyberattackers: Report(Security Week) The US government and private sector should strike back against hackers to counter cyberattacks aimed at stealing data and disrupting important computer networks, a policy report said Monday
Hey Silicon Valley, John Kerry Wants You to Help Save the World(Wired) When the Secretary of State pitches Silicon Valley, he’s looking for more than just series-A capital. John Kerry’s looking for help—for technological innovations that could help win the online war with extremist groups like ISIS, find a path between privacy for US citizens (and dissidents abroad) and unbreakable encryption available to terrorists, and maybe even provide energy without damaging Earth’s climate or global economies
Litigation, Investigation, and Law Enforcement
How Canada’s Anti-Cyberbullying Law Is Being Used to Spy on Journalists(Motherboard) Patrick Lagacé, a columnist for Montreal’s La Presse newspaper, says that police told him he was a “tool” in an internal investigation when they tapped his iPhone’s GPS to track his whereabouts and obtained the identities of everyone who communicated with him on that phone
What to Know About the New Clinton-Related Emails(ABC News) The revelation that the FBI is working to review a cache of newly discovered emails potentially tied to the agency’s probe of Hillary Clinton’s private email server has jolted her campaign and put FBI Director James Comey in the crosshairs of even longtime supporters. But exactly what do we know about the emails? The bottom line: not much
Judge Rules in Favor of Palantir in Lawsuit Against US Army(Defense News) In what could be a big blow to the Army’s current path to develop its internal intelligence software suite -- which has been long been marred in controversy -- a presiding judge in a lawsuit brought by Palantir Technologies protesting the Army’s acquisition efforts for the system has ruled in favor of the Palo Alto-based company
Dutchman 'Who Almost Broke the Internet' to Go on Trial(Security Week) A Dutchman accused of launching an unprecedented cyberattack that reportedly "almost broke the internet" is to go on trial Tuesday on charges of masterminding the 2013 incident that slowed down web traffic world-wide
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Regional Cyber Security Summit(Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the...
Inside Dark Web(Washington, DC, USA, November 1 - 2, 2016) Individuals, organizations, corporations, and governments use the Dark Web to protect themselves and their users, employees, customers, and citizens seeking a more accessible and secure Internet experience.
GTEC(Ottawa, Ontario, Canada, November 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual...
Black Hat Europe 2016(London, England, UK, November 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days...
TECHEXPO Cyber Security Hiring Event(Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...
ISSA International Conference(Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.
SINET Showcase 2016: Highlighting and Advancing Innovation(Washington, DC, USA, November 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators...
3rd Annual Journal of Law and Cyber Warfare Conference(New York, New York, USA, November 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from
Security of Things World USA(San Diego, California, USA, November 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in...
2nd Annual Summit: Global Cyber Security Leaders(Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping...
IAPP Europe Data Protection Congress 2016(Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...
SANS Miami 2016(Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...
Federal IT Security Conference(Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private...
11th Annual API Cybersecurity Conference & Expo(Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...
SecureWorld Seattle(Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Infosec 2016(Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...
Kaspersky Academy Talent Lab(Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...
CISO Charlotte(Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions
Pharma Blockchain Bootcamp(Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...
Cybercon 2016(Washington, DC, USA, November 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.