Fortinet warns of an Android banking Trojan. It's mostly affecting German users' devices.
Facebook Messenger is being used as a vector for ransomware. Criminals are distributing Locky in malicious images shared over the service. The Nemucod downloader is bypassing Facebook's whitelisting protections by arriving in the form of an SVG file, so treat images you receive with circumspection.
GeekedIn, a tech job recruiting site, scraped (not clearly legitimately) 8 million GitHub profiles, but then left them exposed in an unsecured database. GeekedIn regrets the misstep, and says it's correcting it. Those with GitHub profiles should take steps to secure themselves.
Investigators continue to look into the upgrade fraud at Three. Some observers think on-boarding and off-boarding practices may have contributed to compromising the credentials used in the scam.
In industry news, Symantec indeed is ready to acquire LifeLock for $2.3 billion, and Optiv is filing for an IPO.
The holiday shopping season begins more-or-less officially this Friday, and there's much advice out on how to buy safely online. RiskIQ this morning released a white paper on the topic. They draw particular attention to the risks apps pose during the season (and suggest specific points of skepticism), and they emphasize the importance of knowing you're on the site where you intend to shop, not on a spoofed page.
In US news, President Obama says he "can't" (meaning "won't") pardon Snowden. Rumors in Washington suggest DNI Clapper and Secretary of Defense Carter want NSA Director Rogers removed; Congress disagrees, and threatens hearings.
Today's issue includes events affecting Australia, Canada, China, European Union, Finland, India, Iran, Morocco, Romania, Russia, Spain, Ukraine, United Kingdom, United States.
A note to our readers: We won't publish this Thursday; we'll be observing the Thanksgiving holiday.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland's Center for Health and Homeland Security: Markus Rauschecker talks about proposed Federal voluntary standards for automotive cyber security. As always, if you enjoy the podcast, please consider giving it an iTunes review.
AlienVault USM Webcast(Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.
8 million GitHub profiles scraped, data found leaking online(Help Net Security) Technology recruitment site GeekedIn has scraped 8 million GitHub profiles and left the information exposed in an unsecured MongoDB database. The backup of the database was downloaded by at least one third party, and it’s likely being traded online
Fraudsters accessed Three UK customer database with authorised credentials(Help Net Security) Three UK, a telecom and ISP operating in the United Kingdom, has suffered a data breach. According to Three’s status report on the investigation, the attackers were able to access the company’s customer upgrade system by using login credentials of an employee, and their goal was to steal high-end smartphones
Black Friday eCommerce Blacklist(RiskIQ) According to Adobe Digital Index, in 2015, online shoppers filled eCommerce cash registers with more than $5.8 billion in sales over the Black Friday weekend—and with that number expected to grow this year, threat actors are looking to take advantage
Manufacturing companies highly exposed to cyberattacks, study(Insurance Business) Manufacturing companies highly exposed to cyberattacks, study Manufacturing businesses are particularly vulnerable to cyberattacks owing to their focus on innovation and increasing reliance on connected products, a multinational professional services firm said in a recent study
35% of websites still using insecure SHA-1 certificates(Help Net Security) 35 percent of the world’s websites are still using insecure SHA-1 certificates, according to Venafi. This is despite the fact that leading browser providers, such as Microsoft, Mozilla and Google, have publicly stated they will no longer trust sites that use SHA-1 from early 2017. By February 2017, Chrome, Firefox and Edge, will mark websites that still rely on certificates that use SHA-1 algorithms as insecure
Hybrid cloud storage use to double in next 12 months(Help Net Security) The use of hybrid cloud storage will accelerate rapidly over the next 12 months, according to Cloudian. Across 400 organisations surveyed in the UK and USA, 28% already use hybrid cloud storage, with a further 40% planning to implement within the next year. Only 19% have no plans to adopt
More than 55 percent millennials have been hit by cybercrime in India: Norton by Symantec(Open Sources) Over 55 percent of millennials (born between 1980-2000) in India have experienced cybercrime in the past year and globally, millennials are the most commonly affected victims, with 40 percent experiencing it last year, a report revealed on Saturday. According to the ‘Norton Cyber Security Insights’ report by security software firm Norton by Symantec, “39 percent Indian millennials have either experienced ransomware themselves or know someone who has”
Symantec to acquire LifeLock for $2.3 billion(Reuters) Symantec Corp (SYMC.O) said it would acquire U.S. identity theft protection services company LifeLock Inc (LOCK.N) for $2.3 billion, in a deal that it hopes will prop up sales at its Norton cybersecurity unit
Cybersecurity company Optiv files for IPO(Reuters) Cybersecurity company Optiv Security Inc, majority owned by Blackstone Group LP (BX.N), filed with U.S. regulators for an initial public offering of its common stock on Friday
Analysts Unimpressed With Cisco Systems, Should You Be?(Seeking Alpha) Cisco Systems' revenue decelerated in the first quarter. Nevertheless, I expect dividend growth to continue due to a very strong balance sheet and cash flow. Guidance for next quarter was for revenue to decline. For this reason, I no longer recommend adding shares of Cisco Systems
Qualcomm and HackerOne Partner on Bounty Program(Threatpost) Qualcomm kicked off its first bug bounty program Thursday, opening the door for white hat hackers to find flaws in a dozen Snapdragon mobile chipsets and related software. Rewards for the invite-only bug bounty program top $15,000 each
Where cybersecurity computes(MIlford Daily News) Cyberattacks may be bloodless, but they are far from painless, especially for the besieged company that sees its services temporarily or indefinitely disrupted
Kaspersky introduces its own “Hackproof” OS(Technews) The popular anti-virus software company called “Kaspersky” has quite recently claimed to have their very own Operating System software since last October. They are constructing a secure operating system for preserving the personal data of users
Russian Security Firm Kaspersky Announces Its Own Secure OS, 14 Years in the Making(Circle ID) "I've anticipated this day for ages — the day when the first commercially available mass market hardware device based on our own secure operating system landed on my desk," writes Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, in a blog post introducing company's layer 3 switch powered by Kaspersky OS. Kaspersky believes the OS will be "ideal for applications where a small, optimized and secure platform is required" — particularly when it comes to Internet of Things
UK bank to extend trial of behavioural biometrics security(NFC World) UK bank Natwest has trialled a behavioural biometrics system designed to offer continuous authentication throughout an online banking session, using more than 500 behaviour patterns to identify users and prevent fraud from unauthorised logins and automated attacks
LogRhythm Enhances Security Software(Techrockies) Boulder-based security software developer LogRhythm, which develops security intelligence and analytics software, said this week that it has made a major upgrade to its flagship software
Argus Breakthrough Technology for Automotive Cyber Security(American Security Today) Argus Cyber Security, the world’s largest independent automotive cyber security company, today announced further expansion of its In-Vehicle Network Protection suite with its new groundbreaking ECU Fingerprinting technology
Website Security Partner Program(Symantec) The Symantec Website Security Partner Program includes the most relevant, recognized, trusted and diverse SSL Certificate, Code Signing, and Website security & management solutions. Our partners have multiple brand options to sell including; Symantec, Thawte, GeoTrust, & RapidSSL. Each brand has a specific product offering which will allow you to succinctly map to your customers unique requirements
Tips for Secure Online Shopping(Above Security) Shopping online for Black Friday is convenient. You avoid the crowds and browse more effectively with the comfort of your home. However, we are not immune from cyber attacks. How to protect yourself from identity theft or credit card fraud?
Device Security Issues for the Infosec Community to Consider(Tripwire: the State of Security) The issue of device security has once again returned to the forefront in light of the recent botnet attacks that have leveraged CCTV cameras, DVRs and other Internet of Things (IoT) devices. As a community, especially those of us who are CISSPs, it is our responsibility to think several chess moves ahead and to take deeper dives into the investigative questions that aren’t being discussed in the aftermath of such attacks
Govt to soon appoint cyber professionals(Tribune) Due to increase in cyber crime, the Information and Technology Ministry is in major disarray. To control this, the Central Government is soon going to appoint a force of cyber professional, who will be able to stop hacking and keep a check on cyber crime in the government body
NSA Director Mike Rogers Could Be Removed in Restructuring(ABC News) President Obama is considering a recommendation by Defense Secretary Ash Carter and Director of National Intelligence James Clapper to separate the commands of the National Security Agency and U.S. Cyber Command that could lead to the removal of Admiral Mike Rogers who heads both commands
Lawmakers decry possible removal of NSA director, call for hearings(Federal News Radio) Several key GOP members of Congress began to weigh in this weekend with strong disapproval over suggestions that Adm. Michael Rogers, the director of the National Security Agency and commander of U.S. Cyber Command may be fired during the final weeks of the Obama administration
Former NSA, CIA Director Hayden: World Needs a Set of Cyber Norms(USNI News) The United States should help create an international set of norms for cyber behaviors – to distinguish between accepted behaviors like espionage and non-accepted behaviors like cyber theft and destruction – and then craft laws and policies that allow U.S. cyber warriors to succeed in that domain, a former director of the National Security Agency and Central Intelligence Agency said today
What a Trump presidency could mean for U.S. cyber weapons(CyberScoop) Defense contractors developing military grade cyber weapons find themselves in a prime position to capitalize on President-elect Donald Trump’s rise to the White House. With this significant-yet-exclusive business opportunity on the horizon, policy and security experts question what Trump’s apparent plan to develop offensive cyber tools will mean for both those at home and abroad
House Intel chair arranging hearing on NSA director(The Hill) House Intelligence Chairman Devin Nunes (R-Calif.) is questioning two top Obama administration officials over reports they recommended President Obama remove National Security Agency Director Adm. Michael Rogers
Cross-continental operation brings down payment card fraudsters(Help Net Security) On 14 and 15 November 2016, the Finnish National Bureau of Investigation, the Spanish Guardia Civil, the British West Midlands Regional Cyber Crime Unit together with the Royal Canadian Mounted Police and with the support of Europol’s European Cybercrime Centre (EC3) teamed up in a cross-continental joint action day aimed at breaking down an international card-not-present fraud network
FS.to pirate website shut down after Ukraine’s National Police Raid(HackRead) A complaint made by the Motion Picture Association of America led to the arrest of people behind FS.to. The cyber-crime department of Ukraine’s National Police force carried out a series of operations against the website which is used by millions of users around the world. The perpetrators were arrested and a total of 60 servers were shut down as a result
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Insider Threat Program Development Training For NISPOM CC 2(Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
AlienVault USM Webcast(Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating...
Cyber Threats Master Class(Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding...
Disrupt London(London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators.
US Department of Commerce Cyber Security Trade Mission to Turkey( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey...
Practical Privacy Series 2016(Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly...
CISO Southern Cal(Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
SANS Cyber Defense Initiative 2016(Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative...
Privacy, Security and Trust: 14th Annual Conference(Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.