As the US elections proceed, the Government is simultaneously said to have "all hands on deck" against hacking, and to not really be that worried about it. Most observers see the principal threat as (Russian) information operations directed toward eroding public trust and confidence in the vote, with "data deception and denial" following in their train. Direct widespread hacking of voting machinery is thought less likely, although as Cylance and Symantec have shown, such hacks are clearly locally possible.
Both Democratic and Republican presidential campaign sites sustained Mirai-driven distributed denial-of-service campaigns yesterday, but with little effect. Flashpoint researchers say this is because Mirai's widespread availability has caused its botnets to "fracture"—essentially there are more controllers now, and there aren't enough bots to go around.
Tor's duality is on display this week. Internet users in Turkey are moving heavily to Tor as they seek to circumvent the government's blocking of social media services and its implementation of stronger online censorship. On the other hand, Operation Hyperion, a multinational police takedown of Tor-enabled black markets, has shown the less savory uses to which the anonymizing network may be put.
China's citizens (and international companies doing business in China) try to come to grips with their exposure to recently promulgated laws tightening state control of online activity.
Tesco fraud remains under investigation. Continued access to paycards and ATMs suggests the fraud may have been an inside job. Estimates of Tesco's exposure to litigation and regulatory penalties run as high as £1.9 billion.
Today's issue includes events affecting Australia, Canada, China, European Union, Finland, France, Germany, India, Ireland, Italy, Libya, Malawi, Mali, New Zealand, Netherlands, Romania, Russia, South Africa, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, United States.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from Rick Howard from our partners over at Palo Alto Networks' Unit 42, who'll give us the latest skinny on that Nigerian prince; you know, the one whose widow might have approached you with an investment opportunity... And, in an early contribution to the upcoming predictions-for-next-year season, our guest, Dan Larson from the influential threat intelligence shop Crowdstrike, will offer a look at what we can expect in 2017 from the threat actors Crowdstrike is tracking. If you enjoy the podcast, please consider giving it an iTunes review.)
America’s extraordinary cyber threat against Russia(News.com) The United States government promised retaliation against Russia for hacking into the e-mails of Democratic Party officials in an apparent bid to influence the presidential election. And according to one US military figure they have followed through with that threat — in a very big way
The Real Hacker Threat to Election Day? Data Deception and Denial(Wired) Hacks, data leaks, and disinformation have all added to the chaos of one of the most contentious elections in history. US intelligence agencies have even accused Russia of perpetrating some portion of the digital meddling. And now reports indicate that officials are preparing for worst-case cybersecurity scenarios on November 8. But what might those election day digital threats realistically look like?
Your Government Isn’t That Worried About An Election Day Cyberattack(Wired) Over the past few months, an escalating series of attacks on computer networks—many of them inflicted by something called the Mirai botnet, which uses a web of infected DVRs, webcams, and other “smart” devices to drown targeted websites in traffic—have wrought unprecedented havoc all over the world
Old voting machine vulnerability sparks new round of outrage(CyberScoop) With just four days separating the American public from Election Day, rising Irvine, Calif.-based cybersecurity company Cylance published an eyebrow-raising vulnerability disclosure report, complete with a video showing researchers hacking into a voting machine used in the United States
How Malicious Bots Can Target IoT Devices and Impact eCommerce Businesses(ShieldSquare) The Internet of Things (IoT) is a collection of billions of electronic devices, ranging from smart fridges to wireless wearable products. Since 2010, the number of devices connected to the internet has doubled from 12.5 billion devices to 25 billion. IoT, simply put, is the virtual avatar of a physical device. These devices communicate over the internet, and are controlled by their users
Recent DDoS attacks shine light on sub-standard vendors, says DarkMatter(CPI Financial) On 4 November 2016 a large-scale distributed denial of service (DDoS) attack took out web access across Liberia. This followed a 21 October attack on Dynamic Network Services Inc., (Dyn), a New Hampshire-based Domain Name Server (DNS), which DarkMatter called the largest cyberattack in history
Apocalypse now: The IoT DDoS threat(Help Net Security) One of the things you learn about humanity, if you’re paying attention, is that “gold rushes” bring out the worse in us. When there are no constraints and there is a greed motivator, people will literally trample anyone or anything to get to the goods
Hancitor Maldoc Bypasses Application Whitelisting(SANS ISC Infosec Forum) For about two months I've seen malicious documents dropping Hancitor malware with the following method: VBA code injects shellcode in the Word process, this shellcode extracts an embedded EXE from the Word document to disk, and executes it
LinkedIn Scam Pretends to Care About Your Security(Infosecurity Magazine) Oh the irony: A new approach to LinkedIn scamming has been spotted making the rounds, looking to steal confidential information from unsuspecting users by pretending to worry about their cyber-safety
ThreatSTOP Releases New Ransomware Targets(Information Security Buzz) The following ransomware targets have been introduced by the ThreatSTOP Security Team. It is important to update policies to include these targets for immediate increased protection from the growing number of ransomware attacks
Tesco Bank attack: What do we know?(BBC) Supermarket giant Tesco has suspended some parts of its online banking system after it detected attempts to steal cash from customers' accounts
Worried about the Tesco Bank attack? Here’s our advice(Naked Security) Thousands of holders of current accounts with the UK’s Tesco Bank were unable to access online banking on Monday after some accounts were subjected to “online criminal activity” and money was stolen from some accounts
Tech support scammers use old bug to freeze browsers(Help Net Security) Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt to convince users that they have been hit with malware
That Nigerian Prince Has Evolved His Game(Palo Alto Networks Unit 42) Today Unit 42 published its latest paper focused on Nigerian cybercrime. Applying advanced analytics to a dataset of 8,400 malware samples resulted in the attribution of over 500 domains supporting malware activity linked to roughly 100 unique actors or groups. The breadth and depth of this research has enabled a modern, comprehensive assessment focused on the collective threat rather than individual actors
Microsoft Tears off the Band-Aid with EMET(Threatpost) Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit (EMET). But for some time, the once-useful tool has been well on its way out to pasture
Blackhat EU: Breaking Big Data(SC Magazine) Former intelligence officer David Venable gave a crowd at Blackhat EU 2016, a rundown of what big data, and bad data in the private sector could mean for your privacy
Retailers overconfident in endpoint security(Help Net Security) A new study conducted by Dimensional Research evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 100 participants from the retail sector
Vista Equity Partners Successfully Completes Cash Tender Offer for Shares of Infoblox(BusinessWire) Infoblox Inc. (NYSE:BLOX) (“Infoblox” or the “Company”) and Vista Equity Partners (“Vista”) today announced the successful completion of the tender offer (the “Offer”) by India Merger Sub, Inc. (“Merger Sub”), a wholly owned subsidiary of Delta Holdco, LLC (“Parent”) and an affiliate of Vista, for all of the outstanding shares of common stock of the Company at a price of $26.50 per share, net to the seller in cash without interest and less any applicable withholding taxes or deductions required by applicable law, if any
How Palo Alto Networks Is Building Next-Generation Security Innovators(Palo Alto Research Center) The rate of change driven by today’s technology is unlike anything we have ever experienced. New business models and ways of doing business are being created every day. Industries that have been stagnant for years are being disrupted. Look at what Uber did to transportation, what Airbnb has done to hospitality and what Palo Alto Networks is doing together with its channel partners in cybersecurity
Distil Networks to fingerprint bots(Enterprise Times) Distil Networks has launched a hi-def fingerprinting solution to tackle the problem of bots. It intends to start: “actively pulling additional data from the browser to identify devices with precision.” This raises questions over Personally Identifiable Information (PII) especially when the EU GDPR comes into force
Tenable Network Security joins the Intel Security Innovation Alliance(Networks Asia) Tenable Network Security, Inc. announced it has joined the Intel Security Innovation Alliance and completed a new technology integration that will provide McAfee ePolicy Orchestrator (ePO) customers with continuous visibility across their existing McAfee environment
Securing Black Friday sales: Is your business ready?(Help Net Security) Black Friday is the day following Thanksgiving Day in the US, well-known for a variety of promotional sales. These are dependent on Internet connections working, servers coping with demand, in-store bandwidth holding up for transaction processing, and more. Both in-store and online, Black Friday sales are dependent on technology
Tips and Best Practices for Securing your Cloud Initiative(Data Center Knowledge) As organizational IT data centers move to adopt cloud technologies they’ve immediately begun to see benefits in this type of distributed computing. Users are now able to access their applications or corporate desktops from any device, anytime and anywhere. But it’s not just about apps and desktops. New types of cloud services are revolutionizing user experiences and rich content delivery
Army Wargames Hone Battlefield Cyber Teams(Breaking Defense) The Army is reinforcing its combat brigades with cyber soldiers. In 18 months of wargames with a wide range of units — tanks, Strykers, infantry, Airborne, Rangers — Army Cyber Command troops have brought hacking and jamming to bear on the (simulated) battlefield alongside guns and bombs
China research team smashes quantum cryptography record(Silicon Republic) A team of researchers from China – with assistance from a lab in the US – has smashed the current quantum cryptography record, by sending a message across a distance of 404km that is impossible to eavesdrop on
Factoring Quantum Mechanics into Encryption(Physics Central) Recent cyber-attacks have left many people convinced that there is no real way to keep anything secret, at least not anything connected to the grid. You can strengthen your passwords and antivirus protection, but if the systems that send and receive your data are vulnerable, so are you. And the reality is, no one actually knows just how secure our encryption systems are
New boot camp for cyberspies announced(Misco) In a move that brings us ever closer to living in the plot of a James Bond film, last week the government released news of its new boot camp for cyberspies
Litigation, Investigation, and Law Enforcement
Regulators could fine Tesco Bank over cyber attack(Telegraph) Tesco could be potentially be hit with a multi-million pound fine by City regulators in the wake of an unprecedented attack on its banking arm that saw money taken from about 20,000 current accounts
Clinton email case handling brings tumultuous time for FBI(Federal Times) The FBI's handling of the Hillary Clinton email investigation has created more turmoil for the bureau than any other matter in recent history, exposing internal tensions within the Justice Department and stirring concerns the famously apolitical organization unnecessarily injected itself into the campaign
Tor marketplaces shut down by Operation Hyperion(Naked Security) Tor, the conduit for below-the-radar browsing, and drugs, weapons and other illegal activities, has been under the microscope by law enforcement in the past two years. In the past months alone, we saw Brian Richard Farrell, who helped run Silk Road 2.0, sentenced to eight years in jail for his work in the dark market. His arrest was part of Operation Onymous, which aimed to take out illegal marketplaces on Tor, back in 2014
Dutch police takes over darknet market, posts warning(Help Net Security) As law enforcement agencies around the world continue taking down online markets on the Dark Web, the Dutch National Police and the nation’s Public Prosecution Service are trying out a new strategy for deterring sellers and buyers of illegal goods
Unsealed Court Docs Show FBI Used Malware Like ‘A Grenade’(Motherboard) In 2013, the FBI received permission to hack over 300 specific users of dark web email service TorMail. But now, after the warrants and their applications have finally been unsealed, experts say the agency illegally went further, and hacked perfectly legitimate users of the privacy-focused service
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
The Risks and Benefits of Artificial Intelligence and Robotics(Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...
2nd Annual Summit: Global Cyber Security Leaders(Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping...
IAPP Europe Data Protection Congress 2016(Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...
SANS Miami 2016(Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...
Federal IT Security Conference(Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private...
11th Annual API Cybersecurity Conference & Expo(Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...
SecureWorld Seattle(Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Infosec 2016(Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...
Commercial Cyber Forum: Insider Threat(Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab(Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...
CISO Charlotte(Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions
Pharma Blockchain Bootcamp(Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...
CyberCon 2016(Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.