Yesterday Microsoft issued thirteen security bulletins, five of them rated "critical." Among the vulnerabilities patched is the one Google publicly disclosed last week, to Redmond's displeasure. That fix closes a privilege escalation hole in Windows that can be used to escape security sandboxes.
Adobe and Google also patched. Adobe addressed issues in Flash Player and Adobe Connect, fixing nine remote code execution vulnerabilities. Google addressed twelve critical vulnerabilities in Android, including the bit-flipping privilege-escalation risk known as Drammer, but Mountain View left a comprehensive fix for the Dirty Cow Linux kernel rooting vulnerability to a further round of patching. A supplemental patch did deal with Dirty Cow for Nexus and Pixel devices; other handsets will get their fix next month. Google also noted that Chrome's Safe Browsing will henceforth crack down on sites determined to be repeat offenders.
Banking malware is evolving this week. Svpeng, a mobile Trojan Kaspersky sees lurking in the AdSense network, is troubling bank customers, especially in India. IBM X-Force warns that TrickBot, a Dyre competitor, is using serverside injection and redirection against its targets.
Tesco resumes full operations, but says £2.5 million pounds were lost to debit card fraud. The money seems to have gone to crooks in Spain and Brazil.
FireEye reports a rise in Cerber ransomware attacks, largely driven by the Dridex botnet.
Oh—the US held elections yesterday, little disturbed by hacking, despite fears and a precautionary DHS all-hands-on-deck. WikiLeaks' Assange assumes the unlikely mantle of good-government advocacy—tell it to Vlad.
Today's issue includes events affecting Albania, Bosnia and Herzegovina, Brazil, Bulgaria, Canada, China, Croatia, European Union, Finland, France, Germany, Greece, Ireland, Kosovo, Macedonia, Montenegro, NATO/OTAN, New Zealand, Nigeria, Romania, Russia, Serbia, Slovenia, Spain, United Kingdom, United States.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the Johns Hopkins University, as Joe Carrigan discusses the privacy of medical information. Our guest is Gene Tsudik, of the University of California Irvine, who describes research into the risks of using a keyboard while Skyping. If you enjoy the podcast, please consider giving it an iTunes review.)
On Election Day, WikiLeaks’ Assange says U.S. voters benefited from email leaks(McClatchyDC via the Idaho Statesman) With the U.S. election campaign at an end, WikiLeaks founder Julian Assange denied Tuesday that his group has “a nefarious allegiance with Russia” and said he had come under “enormous pressure” to halt publication of a trove of emails pirated from Hillary Clinton’s presidential campaign
Hackers Target Pro-Clinton Phone Banks—But Hit Trump’s Too(Wired) After months of hacker meddling in the US presidential election, government officials and campaign-watchers have been bracing for the next attack to hit on Election Day. As it turns out, one arrived a day early and focused on a key get-out-the-vote tool—a phone bank service
Communications watchdog: Criminals behind home automation system cyber attack(Uutiset) The Finnish Communications Regulatory Authority Ficora says that a cyber attack that disrupted home automation systems in Lappeenranta, southeast Finland, was the work of criminals. The incident caused services such as heating to restart when web traffic overloaded the capacity of computers controlling the systems
Dyn, Liberia DDoS Attacks Were Just Test Runs(Infosecurity Magazine) The Mirai-fueled DDoS attacks that took the entire country of Liberia offline last week are waning—but researchers say the offensive was merely a test run for something much bigger
Floki Bot: The Rest of the Story(SC Magazine) Last week we took the 100,000 foot level view of the relatively new floki bot. This bot - allegedly modeled after Zeus 220.127.116.11 is selling in the underground marketplaces for around $1,000
Cerber Ransomware On The Rise, Fueled By Dridex Botnets(Threatpost) Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex financial Trojan extremely dangerous
November 2016 Microsoft Patch Day(SANS Internet Storm Center) Microsoft today released 13 bulletins (plus one bulletin from Adobe for Flash). 5 of the Microsoft bulletins, and the Adobe Flash bulletin are rated critical. There are a number of vulnerabilities that have either already been known, or have already been exploited
Google Releases Supplemental Patch for Dirty Cow Vulnerability(Threatpost) Google’s November Android Security Bulletin, released Monday, patched 15 critical vulnerabilities and addressed 85 CVEs overall. But conspicuously absent is a fix for the Linux race condition vulnerability known as Dirty Cow (Copy-on-Write) that also impacts Android
Google Safe Browsing goes after repeat offenders(Help Net Security) “Over time, we’ve observed that a small number of websites will cease harming users for long enough to have [Google Safe Browsing] warnings removed, and will then revert to harmful activity,” Brooke Heinichen, of the Safe Browsing Team, explained
At the frontline: The cyber threat is becoming ever more subtle(City A.M.) On any given day, typing the words “cyber attack” into Google News will give you a fresh medley of hacking stories. Hollywood and Edward Snowden may have romanticised the perpetrators of these crimes, but behind most of the headlines sit one or more business owners who are the victims of these devastating breaches
VC-backed Thycotic acquires Cyber Algorithms(PE Hub) Thycotic, which is backed by Insight Venture Partners, has acquired Virginia-based Cyber Algorithms, a provider of network security analytics. No financial terms were disclosed
Peter Thiel explains why his company’s defense contracts could lead to less war(Washington Post) When billionaire tech investor Peter Thiel explained his support for Republican nominee Donald Trump at length to a room of journalists last week, he based part of his rationale on the notion that Washington “insiders” currently leading the government have “squandered” money, time and human lives on international conflicts
LockPath and Edgile Team Up to Deliver Complete Enterprise GRC Implementations(LockPath) LockPath, a leader in governance, risk management and compliance (GRC) software, today announced its partnership with Edgile, the leading security and risk consulting firm and provider of industry-specific regulatory content libraries. Edgile will support implementations of LockPath’s Keylight® Platform, allowing organizations to more efficiently manage both their compliance and cyber risk
Signal Protocol’s crypto core has no major flaws, researchers find(Help Net Security) A group of computer science and cryptography professors and doctoral students has effected a security analysis of the secure messaging Signal Protocol – specifically, of its Key Agreement and Double Ratchet multi-stage key exchange protocol (the effective cryptographic core)
Signal’s protocol gets glowing reviews in first security audit(CyberScoop) Signal is widely considered the gold standard of secure encrypted messaging apps but, until today, it hasn’t been subject to a fine-toothed audit. But the technology passed a major test Tuesday after an international team of security researchers gave the messaging platform’s security glowing reviews in its first ever formal security audit
The Enemy Within: The Soft Underbelly of Cybersecurity(Metropolitan Corporate Counsel) “Cybersecurity” is a term that occupies virtually everyone these days. The list of U.S. government agencies that have been hacked seemingly grows with each passing day and includes the White House, the Pentagon, the State Department, the Office of Personnel Management, the National Oceanographic and Atmospheric Administration, and even the U.S. Postal Service
How bitcoin protects against geopolitical risk(TechCrunch) Today’s election is anything but ordinary. People from every corner of the globe have been watching, not only for its theatrical elements but because the impact will be felt around the world in very real ways. And nowhere will the impact be more immediate and certain than on the economy
18-year-old Wins Cyber Security Challenge UK(Infosecurity Magazine) Ben Jackson, an 18-year-old student from the Sussex town of Bexhill-on-sea, has won the Cyber Security Challenge UK’s Masterclass competition, making him the youngest ever champion
Experts Comment On New Chinese Cyber Security Legislation(Information Security Buzz) Following the news that the Chinese government has approved a broad new cybersecurity law aimed at tightening and centralizing state control over information flows and technology equipment. IT security experts from Prevoty and Lieberman Software commented below
Cloud Adoptions Practices and Priorities in the Chinese Financial Sector: Survey Report(Cloud Security Alliance) The Financial Services Institution (FSI) industry has never been an early adopter of technology. Furthermore, it is also one of the most heavily regulated industry internationally. However, with the improvement of Cloud security over the years, many FSIs have become more confident in embracing it. Having seen this trend, the Cloud Security Alliance (CSA) and Ernst & Young (China) Advisory Limited (”EY China”) have jointly conducted a survey, part of the result related with the FSI are have been used by the CSA for this report, to provide a clearer picture of Cloud adoption and to identify potential gaps that are holding back the adoption of Cloud within the FSI sector
We’re Winning The Crypto Wars(Motherboard) This year has been filled with bad news. The world of cybersecurity has been no different, with zombie armies of hacked internet-connected devices taking down the internet, seemingly endless data breaches hitting hundreds of millions of people, and Russian hackers allegedly trying to mess with the US election
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
IAPP Europe Data Protection Congress 2016(Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...
SANS Miami 2016(Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...
11th Annual API Cybersecurity Conference & Expo(Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...
SecureWorld Seattle(Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Infosec 2016(Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...
Commercial Cyber Forum: Insider Threat(Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab(Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...
CISO Charlotte(Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions
Pharma Blockchain Bootcamp(Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...
CyberCon 2016(Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.