The US elections passed without apparent cyber perturbation from Russia or others. If you're nostalgic for vote-hacking worries, no fear—there's an election coming in Germany next year, and Chancellor Merkel is warning people to expect disruptive Russian cyber campaigns. And back in the US there's no shortage of cyber policy advice, news, and speculation swirling around President-elect Trump.
Fancy Bear is showing unusual activity mid-week, seeking to take advantage of the recently patched Microsoft zero-days before users get around to applying the fixes.
Tesco continues to mop up the fraud campaign that hit the bank's customers over the past week. No clear word yet on how the fraud was accomplished, but speculation about an inside job continues.
OPM-themed and spoofed emails to US Government workers and contractors are serving up Locky ransomware—don't open suspicious attachments.
Yahoo! says some of its personnel may have known as long ago as 2014 that foreign state-sponsored hackers had compromised the company's networks. Yahoo! tells investors that its deal with Verizon may be in jeopardy.
RiskIQ receives $30.5 million in a Series C funding round led by Georgian Partners.
Different approaches to the increasingly tight cyber labor market are mooted, from marketing the field to students, to educational initiatives, to moving toward a gig economy in vulnerability testing and research. The EU's General Data Protection Regulation (GDPR), which goes into full effect in 2018, will require some 75,000 Data Protection Officers, and not just in the EU: the US will need around 9000.
Today's issue includes events affecting Australia, Austria, Bangladesh, Estonia, European Union, Germany, Greece, Ireland, Liechtenstein, Philippines, Romania, Russia, Spain, Switzerland, United Kingdom, United States.
A note to our readers: tomorrow, November 11, we'll be observing Veterans Day, and so won't be either publishing or podcasting. Spare a thought for your veterans, and remember that the observance has its origin in the First World War, now receding a hundred years into the past. This is a day of recollection in many parts of the world; we'll take this opportunity to direct your attention to one American commemoration, the United States World War One Centennial Commission.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Markus Rauschecker talks us through new FCC privacy rules. Our guest is Chuck Ames, Director of Maryland Cybersecurity, on nurturing an environment of growth and innovation in the state, and on the Chesapeake Regional Tech Council's upcoming symposium on insider threats.. If you enjoy the podcast, please consider giving it an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
Merkel fears Russian meddling in German election(The Hill) German Chancellor Angela Merkel told reporters Tuesday that she feared Russia might launch hacking campaigns to interfere with the 2017 German elections, something U.S. intelligence agencies say it did this year in America
Tesco Bank Hack May Have Been An Inside Job(Information Security Buzz) Experts have suggested that the cyber attack on Tesco Bank could be an inside job. Cyber criminals managed to steal money from more than 20,000 accounts at nearly the same time in automated fashion. IT security experts from Lieberman Software and Institution of Engineering and Technology’s (IET) commented below
Locky Targets OPM Breach Victims(Threatpost) A phishing campaign pushing Locky ransomware is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015
A lightbulb worm could take over every smart light in a city in minutes(Boing Boing) Researchers from Dalhousie University (Canada) and the Weizmann Institute of Science (Israel) have published a working paper detailing a proof-of-concept attack on smart lightbulbs that allows them to wirelessly take over the bulbs from up to 400m, write a new operating system to them, and then cause the infected bulbs to spread the attack to all the vulnerable bulbs in reach, until an entire city is infected
Down the H-W0rm Hole with Houdini's RAT(ThreatGeek) Commodity Remote Access Trojans (RATs) -- which are designed, productized and sold to the casual and experienced hacker alike -- put powerful remote access capabilities into the hands of criminals
D-Link DIR Routers HNAP Login Stack Buffer Overflow Vulnerability(Iranian Exploit Database) A stack bof in several Dlink routers, which can be exploited by an unauthenticated attacker in the LAN. There is no patch as Dlink did not respond to CERT's requests. As usual, a Metasploit module is in the queue (see  below) and should hopefully be integrated soon
Security Patches, Mitigations, and Software Updates
Patch Tuesday, 2016 U.S. Election Edition(KrebsOnSecurity) Let’s get this out of the way up front: Having “2016 election” in the headline above is probably the only reason anyone might read this story today. It remains unclear whether Republicans and Democrats can patch things up after a bruising and divisive election, but thanks to a special Election Day Patch Tuesday hundreds of millions of Adobe and Microsoft users have some more immediate patching to do
Number of vulnerable enterprises at five year record high(Help Net Security) Enterprises across the globe are refreshing their network equipment earlier in its lifecycle in a move to embrace workplace mobility, Internet of Things, and software-defined networking strategies. In addition, their equipment refresh is more strategic, with architectural vision in mind. But despite the higher refresh rate, networks are getting less secure, largely due to neglected patching
GDPR privacy, preparations and understanding(Help Net Security) A new GDPR privacy benchmarking study by IAPP and TRUSTe provides insight into how companies are preparing for the sweeping changes to privacy laws under the EU General Data Protection Regulation (GDPR)
DHS Under Secretary: Vibrancy Makes Us Attractive Target for Hackers(Cybersecurity Business) “Minnesota is adding tech jobs at the greatest rate of anywhere in the country,” declared Suzanne Spaulding, Under Secretary for the National Protection and Programs Directorate (NPPD) at the Department of Homeland Security, a keynote speaker at Cyber Security Summit 2016 in Minneapolis
Sophos priced for cyber growth(Investors Chronicle) Concerns about hacks and cyber attacks fuelled constant-currency sales growth of a tenth at Sophos (SOPH) in the reported period. But exclude $22.9m (£18.4m) in deferred billings and the cyber security group's adjusted cash profit shrank by more than a quarter to $28m
Better Buy: Palo Alto Networks Inc. vs. FireEye Inc.(Madison) Palo Alto Networks (NYSE: PANW) and FireEye (NASDAQ: FEYE) are frequently mentioned in discussions about high-growth cybersecurity companies. Back in May, I compared the two companies and concluded that Palo Alto's stronger sales growth made it a better pick than FireEye
7 Bug Bounty Myths, Busted(BugCrowd) Attackers only need to exploit one security flaw to compromise an organization, while organizations must be able to defend against all potential flaws. Security teams are resource constrained; hackers aren’t
Cybersecurity Should Send Smart Investors Back To School(Forbes) Hundreds of fledgling security companies have sprung up in recent years, promising “next-generation” technologies to fight cyber criminals, government spies and hacker activists. Last year alone, investors poured a record $3.3 billion in capital into 229 cybersecurity deals
APT Ransomware Description and Removal Instructions(SpywareTechs) APT Ransomware is the latest version of Crypto-Ransomware virus. APT Ransomware targets PCs running Windows OS. Every file that has been encrypted will have its extension changed to: .dll. Unfortunately, still, there is no way of decrypting the files encrypted by APT Ransomware
Evaluating cybersecurity risk(GCN) With the specter of a cybersecurity incident hovering over enterprise systems, government leaders can be more confident in their risk management programs by assessing their effectiveness with the Baldridge Cybersecurity Excellence Builder
Trump’s Win Signals Open Season for Russia’s Political Hackers(Wired) Yesterday, America elected as president the apparently preferred candidate of Russia’s intelligence agencies. After a campaign season marred by the influence of hackers, including some widely believed to be on Vladimir Putin’s payroll, that outcome means more than a mandate for Trump and his coalition. For Russia, it will also be taken as a win for the chaos-injecting tactics of political hacks and leaks that the country’s operatives used to meddle in America’s election—and an incentive to try them elsewhere
Our Security Wish List for President-elect Trump(Nuix) It’s finally over! A long, contentious, and tumultuous Presidential election is finally behind us. While both candidates have, at some point, touched upon the concept of cybersecurity—Mrs. Clinton and the widely publicized email server on one hand, Mr. Trump and his calls for Russian hackers on the other—neither candidate laid out a comprehensive plan for cybersecurity under their administration
What Trump's victory means for cybersecurity(Christian Science Monitor Passcode) During the campaign, Donald Trump split with intelligence officials over Russia's involvement in hacking US political organizations and offered few details about cybersecurity policies
Trump's Vague Cybersecurity Platform Needs A Combover(Forbes) The campaign is over, the votes have been cast, and Donald Trump will officially take over the Oval Office on January 20th. When he does, we’ll finally find out what changes he has in mind to make America great again — and how he plans to address the nation’s cybersecurity needs. His campaign’s policies page offers some insight, but there are still a lot of blanks to fill in
Could President Trump Really Turn the NSA Into a Personal Spy Machine?(Motherboard) It's the nightmare scenario that many worried about: the US elects a president who uses the country's nearly omnipotent surveillance powers for his or her own gain. Edward Snowden has described the NSA's spying capabilities as the “architecture of oppression,” with the fear being that it could be deployed by a malicious commander in chief
Trump’s Presidency Raises Encryption and Surveillance Fears(Infosecurity Magazine) The Trump presidency could lead to a stand-off with China over cyber espionage, increasing pressure on Silicon Valley companies to break encryption, and a restoration of the Patriot Act, according to a leading think tank's summary of his election campaign
Palantir ruling could tweak Army's innovation track(FCW) As the Department of Defense focuses on the political transition, two top Army officials say that innovation, personnel management and partnership with industry will be key challenges for the Trump administration
Whistleblower Investigative Report on NSA Suite B Cryptography(Schneier on Security) The NSA has been abandoning secret and proprietary cryptographic algorithms in favor of commercial public algorithms, generally known as "Suite B." In 2010, an NSA employee filed some sort of whistleblower complaint, alleging that this move is both insecure and wasteful. The US DoD Inspector General investigated and wrote a report in 2011
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CyberUK 2017(Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information...
IAPP Europe Data Protection Congress 2016(Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...
SANS Miami 2016(Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...
11th Annual API Cybersecurity Conference & Expo(Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...
SecureWorld Seattle(Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Infosec 2016(Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...
Commercial Cyber Forum: Insider Threat(Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab(Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...
CISO Charlotte(Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions
Pharma Blockchain Bootcamp(Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...
CyberCon 2016(Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.