Kryptowire has discovered a significant vulnerability that affects Android phones, especially prepaid or disposable phones. Not a bug, it's allegedly a deliberately installed backdoor in software provided by Shanghai Adups Technology Company, which says its product is in some 700 million devices. Kryptowire says that Adups reports all texts to an address in China every seventy hours. Whether this is data mining for commercial marketing or state-directed espionage remains unclear.
State espionage services are reported by Motherboard to be making foreseeable use of various social media platforms for traditional ends of infiltration, compromise, and recruitment.
US Army Cyber Command reports that some of its personnel have been receiving phishing emails carrying Locky ransomware payloads.
Verint has seen a new variant of SpamTorte, an advanced, multilayered spambot, circulating in the wild.
ESET says the Retefe Trojan was involved in Tesco bank fraud. Retefe, usually spread via malicious email, configures a proxy server for man-in-the-middle access to traffic between customers and their online account. It also installs a bogus root certificate to fend off warnings of interaction with a spoofed site, and it has a mobile component that intercepts passcodes to subvert two-factor authentication. ESET believes other banks are being actively targeted with Retefe.
Security vendors have begun their holiday season warnings and advice for online shoppers.
In industry news, Nehemiah Software acquires Siege Technologies, specialists in forecasting attacker capabilities.
A UK court approves Lauri Love's extradition to the US.
If Ash Carter has his druthers, Ed Snowden gets no pardon.
Today's issue includes events affecting Argentina, Brazil, China, Germany, Iraq, Netherlands, Russia, Spain, Syria, Ukraine, United States.
A note to our readers: we've spent the morning at the Chesapeake Regional Tech Council's Commercial Cyber Forum on insider threats. We'll have a full report later this week.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Terbium Labs, as Emily Wilson discusses Terbium's recent report on the dark web. We'll also hear from Ping Identity's Pamela Dingle, who will describe the Digital Transformation Journey. (If you enjoy the podcast, please consider giving it an iTunes review.)
AlienVault USM Webcast(Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.
The election is over but spammers aren't conceding(Christian Science Monitor Passcode) During the presidential campaign, experts spotted an explosion in malicious email spam attempting to trick recipients into downloading harmful files or revealing personal data. And the spammers aren't going away
Spies Use Tinder, and It's as Creepy as You'd Think(Motherboard) On September 4, a group of young activists planned to attend a demonstration against Interim President Michel Temer in the city center of São Paulo. They never made it. Their group had been infiltrated by an Army Captain Willian Pina Botelho—via Tinder
Someone tried to infect Army Cyber Command with ransomware(CyberScoop) Phishing emails that were sent last week as part of an extensive ransomware campaign designed to target government employees and contractors were also found in the inboxes of Army Cyber Command employees, a spokesperson told CyberScoop
Tesco Bank cyber attack could have been avoided, say experts(Bob's Guide) Internet security experts are now claiming that Tesco Bank missed or ignored warning signs that cyber hackers were present in the software many months before cash was actually stolen, forcing the supermarket to pay back £2.5m ($3.1m) of losses to 9,000 customers
78,000 military email accounts found in adult website hack(Washington Examiner) Tens of thousands of government and military-issued email addresses were among those stolen from a conglomeration of adult hookup and pornography sites last month, according to an analysis of the breach issued Monday by LeakedSource.com
Critical Linux bug opens systems to compromise(Help Net Security) Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on affected Linux systems
Twitter (finally) updates its abuse policy: easier troll reporting, more granular mutes(TechCrunch) In the wake of the U.S. Election, as Facebook and Google come under fire for the dissemination of fake “news” in their News Feed and search results, Twitter is tackling another area that’s been a flashpoint issue not only recently, but for years: the social media platform today is unveiling some major updates to its safety policy, aimed at helping users weed out abusive Twitter accounts and Tweets
As Cybercrime Rises, So Does Spending On Cyber Security(Globe Newswire) The world is becoming increasingly connected through networks and data in an ecosystem governed by digital technologies which have created immense opportunities for individuals, businesses and organization
Things You Should Know Before You Buy Raytheon(Seeking Alpha) Investors might not necessarily buy Raytheon(Forcepoint) as a short-term value play. As against the recent SA article that explained the upsides for Forcepoint, critical points were left out of the argument while making the bullish case. What are the issues that need to be resolved before investors make the bet on RCP (Raytheon cyber products)?
FireEye: Dominating The Cloud Security Market(Seeking Alpha) FireEye is transitioning into a cloud-based business model. It is still underperforming in market share growth compared to competitors. Will the proliferation of IoT be sufficient to achieve and maintain profitability?
PacketSled Response to Matt Harrigan Comments(PacketSled) PacketSled takes recent comments made by our CEO, seriously. Once we were made aware of these comments, we immediately reported this information to the secret service and will cooperate fully with any inquiries. These comments do not reflect the views or opinions of PacketSled, its employees, investors or partners. Our CEO has been placed on administrative leave
Weave a web of deception to secure data(Help Net Security) Today’s technically superior and incredibly well-funded (often state-funded, in fact) hackers are not impressed with breach prevention and traditional security solutions
Police Raid IS Suspects Across Germany(Radio Free Europe/Radio Liberty) German authorities have launched simultaneous raids on mosques, apartments, and offices in 10 states against suspected supporters of the Islamic State (IS) group
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Versus16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Infosec 2016(Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...
Commercial Cyber Forum: Insider Threat(Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab(Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...
CISO Charlotte(Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions
Pharma Blockchain Bootcamp(Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...
CyberCon 2016(Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.