skip navigation

More signal. Less noise.

Daily briefing.

Security-camera-driven DDoS attacks have intermittently hit major Russian banks since November 8. The attacks appear criminal as opposed to state-sponsored; the botnet was assembled from devices in at least thirty countries, mostly the US, India, and Israel.

Security analysts continue to mull Fancy Bear's post-election, post-Microsoft-patch phishing romp through US think tanks and other policy wonk targets. Some see it as a victory lap, but most see opportunistic targeting of weaknesses before they're closed. ESET has a study of Fancy Bear's operations—ESET calls them Sednit, one of the at least seven names this (GRU) threat actor has acquired.

Researchers describe BlackNurse, a low-and-slow yet effective DDoS technique that exploits firewall vulnerabilities.

Many worries emerge over mobile devices and applications—WiFi hijacking, WiFi password discovery, OAuth 2.0 exploitation, Svpeng Android vulnerabilities, and QRLjacking.

The number of customers affected by the Tesco Bank fraud has been revised downward from 20,000 to 9,000, but the incident continues to trouble bankers in the UK, Ireland and (to a lesser but still significant extent) elsewhere. Investigation suggests weak security controls were at the heart of the problem.

Not that you'd be directly affected, but there are credible reports of a breach at adult friend site

In the US, NIST releases maritime and small-business addenda to its cybersecurity framework.

Kaspersky files antitrust claims against Microsoft in a Moscow court, alleging anti-competitive biases in Windows 10's security bundle. (Did Senator Sherman have a seat in the Duma?)

LabMD scores an appellate court win versus the FTC.

Notes.

Today's issue includes events affecting Algeria, Argentina, Bangladesh, China, Colombia, European Union, India, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Kyrgyzstan, Lebanon, Netherlands, Nigeria, Russia, Taiwan, Turkey, Ukraine, United Kingdom and the United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Level 3, as Dale Drew talks Internet-of-things security. If you enjoy the podcast, please consider giving it an iTunes review.)

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

Cyber Attacks, Threats, and Vulnerabilities

Russian ‘Dukes’ of Hackers Pounce on Trump Win (KrebsOnSecurity) Less than six hours after Donald Trump became the presumptive president-elect of the United States, a Russian hacker gang perhaps best known for breaking into computer networks at the Democratic National Committee launched a volley of targeted phishing campaigns against American political think-tanks and non-government organizations (NGOs)

Suspected Russian hackers target U.S. think tanks after election (PC World) The attacks involved spear phishing emails sent to dozens of targets

Russian hackers throw Trump victory party with new spear phishing campaign (Ars Technica) Russian threat group tied to DNC uses election chaos to hook NGOs, think tanks

Sednit: A very digested read (We Live Security) Sedit is one of the most notorious groups of cyberattackers operating in the world today. Active from at least 2004 – possibly earlier – it has unfortunately stepped up activity over the past two years, keen to hit its targets as hard as possible

Zuckerberg claims 99% of Facebook posts “authentic,” denies fake news there influenced election (TechCrunch) In case you missed it, last night Mark Zuckerberg published a response to accusations that “fake news” on Facebook influenced the outcome of the U.S. election, and helped Donald Trump to win

Massive cyberattack hit five top Russian banks: Kaspersky (AFP via Yahoo! Tech) A massive cyberattack has hit at least five of Russia's largest banks, Moscow-based internet security giant Kaspersky said Thursday

Russian banks hit by cyber-attack (BBC) Five Russian banks have been under intermittent cyber-attack for two days, said the country's banking regulator

New attack reportedly lets 1 modest laptop knock big servers offline (Ars Technica) “BlackNurse” could turn lone attackers with modest resources into Internet bullies

Hackers show preference for botnets over reflection attacks in Q3 2016 (Computerworld) Security services provider, Nexusguard, announced that Asia Pacific experienced less distributed reflection denial of service (DrDoS) attacks in the third quarter of this year (Q3 2016) as compared to the previous quarter

Hacker shows how easy it is to take over a city’s public Wi-Fi network (CSO) A buffer overflow in a single router model could have endangered thousands of Wi-Fi users

Researchers reveal WiFi-based mobile password discovery attack (Help Net Security) A group of researchers has come up with WindTalker, a new attack method for discovering users’ passwords and PINs as they enter them into their smartphones

OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking (Threatpost) Third-party applications that allow single sign-on via Facebook and Google and support the OAuth 2.0 protocol, are exposed to account hijacking

Traveling on business? Beware of targeted spying on mobile (Help Net Security) Corporate spying is a real threat in the world of cyber war. Employees traveling on behalf of their company could create opportunities for sophisticated adversaries to take sensitive corporate data. This is especially true if they are not careful with their mobile devices

Telecrypt Ransomware Abuses Telegram Channels to Host C&C Server (Virus Guides) The Kaspersky Lab experts have just discovered a brand new version of ransomware which they called Telecrypt. The newly-found infection uses Telegram channels for hosting C&C (command-and-control) servers

Anatomy of a Chrome for Android bug: the mixed-up world of mobile browsers (Naked Security) Security researchers at Kaspersky recently wrote about various Android attacks featuring malware known as Svpeng

QRLJacking – A new Social Engineering Attack Vector (Hackin9) The SQRL, or Secure Quick Response Login, a QR-code-based authentication, is an amazing system that makes our lives easier, as it allows us to quickly sign into a website without having to memorize or type in any username or password

Millions of job seekers’ info exposed via easily accessible database backups (Help Net Security) A data leak has exposed sensitive information about millions of job seekers that used global recruitment firm Michael Page

Michael Page Recruitment hacked – all passwords compromised (Computing) Michael Page blames Capgemini for hack via insecure “development server” left online

What went wrong at Tesco Bank? (Register) Internal systems blamed for monster cyber-attack

Tesco Bank ‘ignored warnings’ about cyber weakness (Financial Times) Security specialists say lender was targeted by hackers and had weaknesses in its mobile apps

After Tesco fraud, are other banks vulnerable to cyber-attacks? (Guardian) Experts have called for card readers and tighter security after £2.5m was stolen from the accounts of Tesco Bank customers

€350bn cyber crimewave to become a tsunami as high-tech heists soar (Independent) A cyber crimewave is hitting Irish firms and last week's raid on Tesco Bank was another wake-up call

AdultFriendFinder hacked: 400 million accounts exposed (Ars Technica) Huge breach reveals 15 million "deleted" accounts among compromised data

Compromised: 339 million AdultFriendFinder users (Help Net Security) Friend Finder Networks, the company that operates sites like Adultfriendfinder [dot] com ... has been breached – again!

Canadian Casino Says It Was Hacked (Fortune) Employee and vendor data was stolen

Businesses are warned of rising threat of cyber ransom attacks (Independent) Businesses and financial institutions are being told to sharpen their cyber security measures after more than €50,000 was extorted from an education body

Cyber ransoming hits Menomonee Falls businesses (Northwest Now) Investigators from the Menomonee Falls Police Department have said this is the first year cyber ransoming has been reported by local Menomonee Falls businesses

Donald Trump’s Phone Could Be A National Security Crisis (BuzzFeed) “Mobile security is one of the most urgent, and challenging questions facing the security of senior members of government”

College investigates racist cyber attack (Cleveland 19) A freshman at the University of Pennsylvania, along with most of her African-American peers, fell victim to a racist cyber-attack

Security Patches, Mitigations, and Software Updates

OpenSSL Patches High-Severity Denial-of-Service Bug (Threatpost) OpenSSL on Thursday patched three vulnerabilities in its latest update, and reminded users running version 1.0.1 of the cryptographic library that that security support will end Dec. 31

Cyber Trends

Black Duck Lays 2017 Open Source Security Predictions (Forbes) First the Earth cooled, the dinosaurs came and went… and then proprietary software grew to dominate the technology industry. After that last period in our timeline, the IT industry grew to understand how the open source model of community contribution might make enterprise software even better. Code could be augmented, enhanced, finessed and sometimes even forked and skewed when different users felt the need to bring new features to a software product or platform

BeyondTrust Technology Predictions for 2017 and Beyond (Marketwired) Behavior-based authentication, state-sponsored cyber terrorism and IoT regulations top the list of the biggest possibilities for the coming year

How hackers will exploit the Internet of Things in 2017 (Help Net Security) The Internet of Things (IoT) is now a major force in the weaponization of DDoS

Are you ready for the EU GDPR? (Help Net Security) Current application test data management practices are not adequate to meet the compliance requirements of the EU General Data Protection Regulation (GDPR), according to CA Technologies

Networks Getting Younger as Organisations Embrace Mobile Workforce Internet of Things and Software Defined Networking (Dimension Data) The number of enterprises with at least one security vulnerability is the highest in five years

Marketplace

Yahoo had evidence of security breach 18 months before it began investigating (Los Angeles Times) Yahoo Inc. detected evidence that a hacker had broken into its computer network at least 18 months before launching an investigation that discovered personal information had been stolen from about 500 million user accounts

SEC Filing Indicates Yahoo Might Have Known About Data Breach in 2014 (eWeek) A new Security and Exchange Commission filing suggests that Yahoo may have actually known about a massive data breach that it first publicly acknowledged on Sept. 22 as much as two years earlier

MasterPeace Solutions Announces Launch of Two Technology Start-Ups (Digital Journal) Company's innovative portfolio of emerging technology initiatives highlighted by the successful spin-off of SrcLight and Zuul IoT

Privatoria.net is announcing the renewed entry into a market after significant reorganization (PRLOG) Online privacy solutions provider, Privatoria.net, announces complete update of its services & rise onto a new efficiency level

4 Cybersecurity Stats That Will Blow You Away (Motley Fool) These four numbers show how hot the cybersecurity market could become within the next few years

If Trump Bump Holds, Will Palo Alto, Cybersecurity Stocks Rise? (Investor's Business Daily) After falling below key support lines in recent weeks, cybersecurity stocks like Symantec (SYMC), CyberArk Software (CYBR) and Proofpoint (PFPT) are showing signs of a rebound. Meanwhile, fellow security software provider and 2015 IPO Mimecast (MIME) climbed around 17% for the week

Better Buy: FireEye Inc vs. CyberArk (Motley Fool) Pitting the two growing cybersecurity companies against each other as investment ideas

Better Buy: Palo Alto Networks, Inc. vs. Fortinet (Motley Fool) Growth is slowing in the industry, but that could spell opportunity for long-term investors

Acquisition of US cyber security consultancy (London South East) NCC Group plc (LSE: NCC or "the Group"), the independent global cyber security and risk mitigation expert, has acquired Virtual Security Research, LLC ("VSR") for a maximum consideration of $6m in cash

Thiel vs Karp: Palantir co-Founders backed both Clinton and Trump (Sociable) Peter Thiel is tapped for a possible role in President-elect Trump’s transition team while his Palantir business partner gave $100K to the Clinton Global Initiative

Hackers Pwned Apple Safari in 20 seconds; Google Pixel in 60 seconds (HackRead) Recent Pwnfest sends Google and Apple back to basics — hackers pwned Google Pixel and Apple Safari browser — before this, the same hackers hacked Microsoft Edge and VMware all in few seconds

Chinese security specialists flex muscles at international hackers carnival (China Dailly) White hats from Qihoo 360 Technology Co have showcased the latest bug-fixing improvements at an international hackers conference

Reg meets 'Lokihardt', quite possibly the world's best hacker (Register) Korean chap finds flaws in moments, scores $100k apiece for fun

Key NSA contract for CSRA could face 'additional delays' (Washington Business Journal) CSRA Inc. (NYSE: CSRA) is keeping a watchful eye on one of its major National Security Agency contracts slated to be broken up and re-competed in the coming year, but it will have to wait a while longer

Products, Services, and Solutions

New Luma Updates: Bedtime Rules & Additional Security Details (Medium) New and improved security & control for your WiFi

New infosec products of the week​: November 11, 2016 (Help Net Security) Norton Mobile Security for Android boosts security and privacy protections... Ixia enhances Application and Threat Intelligence Processor... Guardian Analytics Sentinel protects treasury management organizations from fraud... Aon introduces new risk management solution... Arch Insurance Group releases Arch Netsafe 2.0

OWASP ModSecurity Core Rule Set (CRS) (Modsecurity) The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts

UK Ministry of Defense Signs Deal with Microsoft for Extra Security in the Cloud (Softpedia) 95,000 mailboxes will be protected by Microsoft

Fiserv, CrowdStrike partner to provide multilayered cybersecurity solution for FIs (ATM Marketplace) Fiserv has announced it will add CrowdStrike SaaS-based endpoint protection technology to its multilayered Sentry Cyber Security offerings

Napatech and ntop Partnership Creates Compact 100G Solution for Line-rate Traffic Monitoring with Zero Packet Loss (PRNewswire) Global data center gets the network performance measurement and security traffic analysis it needs

Coalfire Affirms PCI 3.2 Assessment of vArmour DSS Distributed Security System (Marketwired) Application-layer network visibility, software-based segmentation and micro-segmentation from vArmour to protect applications and workloads in data center and cloud environments

Swift and massive data classification advances score a win for better securing sensitive information (IT-Director) We'll learn how Digital Guardian in Waltham, Massachusetts analyzes both structured and unstructured data to predict and prevent loss of data and intellectual property (IP) with increased accuracy

Radware Receives Multi Million Application Delivery Orders From a Leading European Bank (GlobeNewswire) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions ensuring optimal service levels for applications in virtual, cloud, and software-defined data centers today announced that it signed multiple contracts totaling $7M to provide on-site application delivery solutions to a leading European bank

The Warrior to Cyber Warrior (W2CW) Initiative Gives Back on Veterans Day: Free Cyber Certifications for Vets and Active Duty Military (PRNewswire) In honor of Veterans Day, the Warrior to Cyber Warrior (W2CW) initiative today announced that Veterans and Active Duty Military will be entitled to take one exam in the Cyber Certified Experts (CCE) Program free of charge. Made possible through a generous donation from the Lunarline School of Cyber Security (SCS), this free online certification will be available for one year starting November 11th, 2016

Technologies, Techniques, and Standards

New Cybersecurity Framework “Profile” to Help Ensure Safe Transfer of Hazardous Liquids at Ports (NIST) The U.S. Coast Guard (USCG) oversees approximately 800 waterfront facilities that, among other activities, transfer hazardous liquids between marine vessels and land-based pipelines, tanks or vehicles

Maritime Bulk Liquids Transfer Cybersecurity Framework Profile (US Coast Guard) White House Executive Order (EO) 13636 tasked the Director of the National Institute of Standards and Technology (NIST) to “lead the development of a framework to reduce cybersecurity risks to critical infrastructure (the ‘‘Cybersecurity Framework’’).” The “Cybersecurity Framework” was published in February 2014, and the important work of integrating the framework into organizational operations is well underway in many industries. One of the primary ways industries are integrating the Cybersecurity Framework is by creating industry‐focused Framework Profiles (“Profiles”) as described in the Cybersecurity Framework

New NIST Guide Helps Small Businesses Improve Cybersecurity (NIST) Small-business owners may think that they are too small to be victims of cyber hackers, but Pat Toth knows otherwise. Toth leads outreach efforts to small businesses on cybersecurity at the National Institute of Standards and Technology (NIST) and understands the challenges these businesses face in protecting their data and systems

Small Business Information Security: The Fundamentals (NIST) Small businesses are an important part of our nation’s economic and cyber infrastructure. According to the Small Business Administration, there are approximately 28.2 million small businesses in the United States

Feds Can Save More Than $5 Billion Annually and Act Faster by Improving Threat Monitoring, Correlation, and Automation of Protections (MeriTalk) New study highlights need for actionable cyber awareness

IRDAI Developing Cybersecurity Framework for Insurers (InfoRisk Today) Two working groups to develop recommendations

OMB tries again to define a major cyber incident (Federal News Radio) What is a major cyber incident? Seems like a simple enough question to answer. But the Office of Management and Budget has been refining the definition for the better part of a decade

Why Unidirectional Security Gateways can replace firewalls in industrial network environments (Help Net Security) n this podcast recorded at IoT Solutions World Congress Barcelona 2016, Andrew Ginter, VP of Industrial Security at Waterfall Security, talks about Unidirectional Security Gateways. They can replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks originating on external networks

6 Tips For Stronger SOCs (Dark Reading) New guide offers ways for companies to more effectively organize, manage, and staff their security operations centers

Learning To Trust Cloud Security (Dark Reading) Cloud-centric computing is inevitable, so you need to face your concerns and be realistic about risks

Security Metrics Checklist (Dark Reading) Which metrics are the best indicators of a strong cybersecurity team? Experts say security pros should be recording and reporting these data points to demonstrate their success

ABN looked at using undercover security staff to prevent cyber attacks (Reuters) Dutch Bank ABN-AMRO considered sending undercover security staff amid employees to help improve cyber security but has decided not to follow this practice, officials said

Threat Hunting Close to Home: Escaping the RIG EK with Passive DNS (RiskIQ) Sometimes threat hunting brings you to familiar territory

The Danger of Ignoring the 'Espionage' in Cyber Espionage (STRATFOR Security Week) This week, I had the honor of delivering a keynote speech for the Global Cyber Security Leaders Conference in Berlin. The city, which decades ago was a hub of Cold War-era espionage, provided the perfect backdrop for my attempt to put its modern cousin — cyber espionage — into context

Ransomware doesn’t mean game over (Malwarebytes Labs) Let’s face it. We live in a completely different security world from a decade ago and the kinds of threats we face have taken a new form. This time it’s ransomware. Over the course of just a few years, this threat has evolved from an annoying pop-up to a screen freezer that utilizes disturbing imagery to a sophisticated malicious program that encrypts important files

How to prepare your company for cybersecurity threats (Help Net Security) When the FBI announced the arrest of a Russian hacker in October, it was notable – but maybe not for the reason you’d expect. Yevgeniy N., who was picked up in Prague, is implicated in the 2012 megabreach at LinkedIn

Facebook is buying up stolen passwords on the black market (Naked Security) Facebook shops for passwords sold on the online black market, buying up credentials from crooks to sniff out which ones its users are reusing, Chief Security Officer Alex Stamos said at the Web Summit in Lisbon on Wednesday

How ‘Security Scorecards’ Advance Security, Reduce Risk (Dark Reading) CISO Josh Koplik offers practical advice about bridging the gap between security and business goals in a consumer-facing media and Internet company

Mitigating insider threats remains a major cyber concern (TechTarget) Expert panelists at the Cambridge Cyber Summit briefed the audience on some of the steps that organizations should implement for mitigating insider threats

U.S. Army will soon be hacked by freelance security researchers (CyberScoop) Following the successful implementation of a similar program aimed across the Department of Defense earlier this year, the U.S. Army announced plans to launch its own bug bounty program Friday

Worried about the NSA under Trump? Here's how to protect yourself (Guardian) We don’t yet know Trump’s surveillance plans, but follow these guidelines if you think it’s better to be safe than sorry

Design and Innovation

The Future of IoT: Containers Aim to Solve Security Crisis (Linux.com) Despite growing security threats, the Internet of Things hype shows no sign of abating. Feeling the FoMo, companies are busily rearranging their roadmaps for IoT

Defeating Malware With Its Own DNA (Info Tech Garage) It’s widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software

Research and Development

MIT students and others teaching IBM Watson about cybersecurity (Tech Republic) Enterprise IT risks are growing seemingly faster than security professionals can keep up. Enter artificial intelligence as their latest defense mechanism

Researchers set to work on malware-detecting CPUs (Help Net Security) Adding hardware protections to software ones in order to block the ever increasing onslaught of computer malware seems like a solid idea, and a group of researchers have just been given a $275,000 grant from the National Science Foundation to help them work on a possible solution: malware-detecting CPUs

Academia

Five million register for NSA’s ‘Day of Cyber’ (FedScoop) Students and other users get to virtually explore simulated real-life cyber scenarios and discover the skills and tools used by the NSA hackers, analysts and cyber-defenders

Punjab’s Chitkara University becomes India’s First Educational Institution to use Blockchain Technology to issue e-documents (City Air News) Chandigarh based Chitkara University, a University Grants Commission (UGC) recognized private university offering multi-disciplinary industry relevant programs, has today announced that it has started adopting the Blockchain technology to issue e-documents for student’s benefit

Nation’s top cybersecurity students battle at Collegiate Penetration Testing Competition (University News) RIT places third among 10 colleges in annual computing security competition

WorkZone: Pitt scams its workers to teach lesson about phishing schemes (Pittsburgh Post-Gazette) Do you ever feel like your employer is trying to set you up? Catch you in the act? Put you on a watch list? Employees at the University of Pittsburgh, meet Sean Sweeney, your company-sanctioned scammer

Infoblox and University of Washington Tacoma Join Forces in Cybersecurity Battle (South Sound Talk) Infoblox Inc., the network control company that provides Actionable Network Intelligence, announced a partnership with the University of Washington Tacoma for research into the use of cutting-edge machine learning methodologies to help mitigate domain name system (DNS) cybersecurity issues that affect our government, economy and daily lives. The goals of the partnership include publishing research that will benefit the cybersecurity community, developing products to help organizations prevent and remediate cybersecurity issues, and providing real-world experience to students who will enter this growing field

Carnegie Mellon University Wins National Cyber Analyst Challenge (HS Today) A team from Carnegie Mellon University was awarded $25,000 as the winner of the second National Cyber Analyst Challenge (NCAC), a cyber competition powered by Leidos and administered by Temple University's Institute for Business and Information Technology (IBIT) to fill the ever-growing need for cyber analysts

Legislation, Policy, and Regulation

Your Government Wants to Militarize Social Media to Influence Your Beliefs (Motherboard) A global conference of senior military and intelligence officials taking place in London this week reveals how governments increasingly view social media as “a new front in warfare” and a tool for the Armed Forces

New Chinese Cybersecurity Law: A Step Backward? (GovInfo Security) Experts analyze potential impact of measure designed to battle cyberattacks

China’s vast Internet prison (Washington Post) China's Internet is a universe of contradictions. It has brought hundreds of millions of people online and has become a vast marketplace for digital commerce, yet it is also heavily policed by censors to snuff out any challenge to the ruling Communist Party. Under President Xi Jinping, the censors are working overtime to keep 721 million Internet users under control

Russia's increasing cyber-capabilities underestimated? (SC Magazine) As Russia increases its military and civilian cyber-security capabilities, is the West under-estimating these developments?

Russia to Block Access to LinkedIn Over Alleged Legal Violations (Bloomberg) Access to LinkedIn will be blocked in Russia after the U.S. social network failed to move personal data storage to the country, the country’s communications watchdog Roskomnadzor has said

Brace yourselves! Blighty is turning to AI for help (Register) AI will improve UK government's digital services, apparently

UK Spy Agencies on the Hunt for Recruits (Infosecurity Magazine) The UK government is on the lookout for budding coders to take up apprentice positions at GCHQ, MI5 and MI6 with Monday the closing date for applications

Did Weak InfoSec Sway Election? (DataBreach Today) Audio report: ISMG Editors analyze the latest developments

Long Time Mass Surveillance Defenders Freak Out Now That Trump Will Have Control (TechDirt) The Lawfare blog, run by the Brookings Institution, has long reliably been a good source to go to for reading what defenders of mass surveillance and the surveillance state are thinking -- in a non-hysterical way

Trump win alarms cyber pros (SC Magazine) Security pros are bracing for changes the industry may face after the unexpected election of real-estate entrepreneur and reality television personality Donald J. Trump in a historic presidential race

Army honing in on cyber defense (C4ISRNET) Army officials have seen the growth in cyber defense coming down the pike. This is in part to its Defensive Cyberspace Operation infrastructure program. For its part, the Program Executive Office for Enterprise Information Systems is tasked with providing DCO the non-tactical, enterprise network

Who are the CIOs that soon will need new jobs? (Federal News Radio) Ten federal chief information officers are working on their resignation letters. Sometime over the next 70 days, CIOs from the departments of Veterans Affairs to Commerce to Homeland Security to the federal CIO will notify the incoming Trump administration of their plans to leave their posts

Litigation, Investigation, and Law Enforcement

Kaspersky says Windows' security bundle is anti-competitive (Engadget) The antivirus developer has filed complaints over Microsoft's seeming hostility to third-party apps

Russia shoves antitrust probe into Microsoft after Kaspersky gripes about Windows 10 (Register) Друг познаётся в беде́

Court Grants LabMD a 'Stay' of FTC Consent Order (HealthcareInfo Security) Delay granted as lab awaits appellate court review

Infect every TorMail user? That’s not what the FBI’s warrant said (Naked Security) The FBI has served up a redacted version of the warrant it requested to deposit identity-exposing malware on the computers of those who used private TorMail accounts to visit child pornography sites hidden on the dark web

In the Matter of the Search of Computers that Access "Websites 1-23" (United States District Court for the District of Maryland) I have been employed as a Special Agent ("SA") with the Federal Bureau of Investigation since [redacted] and I am currently assigned to the FBI's Violent Crimes Against Children Section, Major Case Coordination Unit ("MCCU")

What Impact Will Removal of High-Denomination Currency Have? (InfoRisk Today) Action raises concerns about increase in cyber fraud

Information Sharing: A Powerful Crime-Fighting Weapon (BankInfo Security) Law enforcement, government agencies stress that threat intelligence is critical

Nigeria Lost $450 Million to Cyber Attack in 2015 - Govt (All Africa) The federal government has lamented the loss of over $450 million dollars to cyber attacks in 2015 alone, saying drastic measures must be taken to arrest the trend

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

AlienVault USM Webcast (Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating...

Upcoming Events

Israel HLS and Cyber 2016 (Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...

Infosec 2016 (Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...

Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.

Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions ...

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...

CyberCon 2016 (Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...

Versus 16 (San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security...

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the ...

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.