Late last Thursday Google's Project Zero disclosed that Cloudflare (a major provider of a content delivery network, Internet security services, and distributed domain name server services) was leaking sensitive information online. The company has patched the memory leak bug responsible (the flaw is being called "Cloudbleed") and stresses that the problem with its caching infrastructure affected a relatively small set of the websites that use their DNS service.
Bitsight explains on its blog that Cloudflare's problems arose from an error in parsing logic that could lead to a buffer overrun that would output uninitialized memory content onto affected web pages. The websites potentially affected by Cloudbleed were those that had either email obfuscation, server-side excludes, or automatic HTTPS rewrites enabled.
Since popular services (said to include Uber, Fitbit, OK Cupid, and Patreon) use Cloudflare and since data have been leaking for some time, many researchers are advising users to assume their credentials have been exposed, and, of course, to change them.
Ransomware and DDoS remain fixtures of the threat landscape. F-Secure describes the "ruthlessness" of Spora ransomware's controllers. New "TrumpLocker" ransomware turns out to be VenusLocker in disguise.
In the ongoing Moscow cyber-treason trial, it emerges that one of the defendants, Ruslan Stoyanov, is accused of passing state secrets to US companies, notably to Verisign's iDefense cybercrime unit. The accusations date back to 2010, and were leveled by the Russian online payment company ChronoPay.
The FBI is being asked, again, how it gained access to the San Bernardino jihadist's iPhone.
It's not too late to listen to our special 2017 prognostication edition, in which we talk to experts and even editors about where they see cyber security headed this year.
Jailbreak Security Summit - Insecurity Tools(Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.
2nd Annual Cyber Investing Summit(New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector.
Dateline RSA 2017
The Best of RSA Conference 2017(BankInfo Security) Our objective, as the industry’s largest global media organization, is to bring you the most important bits from the conference, whether you attended the event or
Salted Hash: RSAC 2017 Recap(CSO Online) Last week, Salted Hash was in California for the annual RSA Conference in San Francisco. The week was full of drama between the testing labs and endpoint protection firms, but aside from that we managed to have a few interesting conversations, here's a quick recap.
Blockchain's New Role In The Internet of Things(Dark Reading) With next gen 'distributed consensus' algorithms that combine both security and performance, organizations can defend against DDoS attacks, even those that leverage IoT devices
Cyber Attacks, Threats, and Vulnerabilities
Bleeding clouds: Cloudflare server errors blamed for leaked customer data(CSO Online) While working on something completely unrelated, Google security researcher, Tavis Ormandy, recently discovered that Cloudflare was leaking a wide range of sensitive information, which could have included everything from cookies and tokens, to credentials. Cloudflare moved quickly to fix things, but their postmortem downplays the risk to customers, Ormandy said.
Extensive Breach at Intl Airport(MacKeeper) In what should be considered a complete compromise of network integrity, New York’s Stewart International Airport was recently found exposing 760 gigs of backup data to the public internet. No password. No username. No authentication whatsoever.
World's Largest Spam Botnet Adds DDoS Feature(BleepingComputer) Necurs, the world's largest spam botnet with nearly 5 million infected bots, of which one million active each day, has added a new module that can be used for launching DDoS attacks.
Expect many more 300Gbps DDoS attacks(My B roadband) Akamai has released its Q4 2016 State of the Internet Security Report, which shows a dramatic increase in the number of DDoS attacks greater than 100Gbps.
0.2 BTC Strikes Back, Now Attacking MySQL Databases(GuardiCore) Last week we first tweeted that the GuardiCore Global Sensor Network (GGSN) has detected a wide ransomware attack targeting MySQL databases. The attacks look like an evolution of the MongoDB ransomware attacks first reported earlier this year by Victor Gevers. Similarly to the MongoDB attacks, owners are instructed to pay a 0.2 Bitcoin ransom (approx. …
Macs Feel More Crypto-Locker Ransomware Love(BankInfo Security) New ransomware circulating via BitTorrent is disguised as software that purports to allow Mac users to crack popular Adobe and Microsoft applications. Separately, new ransomware calling itself Trump Locker appears to be the previously spotted VenusLocker ransomware in disguise.
The Evolution of Ransomware: Part 2(Security Week) For most, ransomware attacks are the byproduct of uninformed users opening malicious attachments sent by devious and anonymous criminals.
Dynamite Phishing(SANS Internet Storm Center) Last week I ran across a very successful phishing campaign, what’s odd in most ways it was nothing special. The attacker was using this more like a worm, where stolen credentials would be used within the hour to start sending out a mass amount of more phishes. I've decided to call this "Dynamite Phishing" because there is nothing quiet about this at all.
Understanding and Combating the Evolving Attack Chain(Security Week) Adversaries continue to find new ways to operate, using varied techniques to accomplish their mission. And, unless you remain informed about these changes, it’s hard to defend against these evolving threats.
NSA Deputy Director: Why I Spent the Last 40 Years In National Security(Time) In 1977 I was finishing my sophomore year of college, working two jobs to put myself through school, and thought, “There has to be a better way.” So I enlisted in the U.S. Army as a Signals Intelligence/Electronic Warfare Morse Intercept Operator, which didn’t tell me much but would let me earn money toward college through the GI Bill.
Ponemon Study Finds Cybersecurity Lacking In Oil & Gas Industries(Information Security Buzz) Ponemon has published research that looks at the state of cyber security, particularly in the Oil and Gas industry. Edgard Capdevielle, CEO at Nozomi commented below. Edgard Capdevielle, CEO at Nozomi Networks: “While the oil and gas industries aim to make improvements to their cyber security risk posture, it’s not straight forward and this recent …
Demystifying cyber insurance(DU Press) Organizations continue to invest heavily in cybersecurity efforts to safeguard themselves against threats, but far fewer have signed on for cyber insurance to protect their firms afteran attack. Why not? What roadblocks exist, and what steps could the industry take to help clear them?
U.S. Air Force Awards $875 Million for Cryptography and Information Assurance(SIGNAL Magazine) General Dynamics Mission Systems, Scottsdale, Arizona (FA8307-17-D-0006); Harris Corp., Rochester, New York (FA8307-17-D-0007); L-3 Systems Corp., Camden, New Jersey (FA8307-17-D-0008); Leidos Inc., Columbia, Maryland (FA8307-17-D-0009); Raytheon, El Segundo, California (FA8307-17-D-0010); Sypris Electronics LLC, Tampa, Florida (FA8307-17-D-0011); and ViaSat Inc., Carlsbad, California (FA8307-17-D-0012) have been awarded a combined not-to-exceed $875 million indefinite-delivery/indefinite-quantity contract.
Microsoft protecting Mexican people with new cybersecurity center(BetaNews) With all of the talk about border walls and immigration in the news lately, something very important sometimes gets forgotten in the discussion -- Mexicans are people. In other words, these folks are just as important as anyone else; they are not statistics. The same goes for everyone regardless of skin color, religion, region, or country. All humans matter.
Amid cyberattacks, ISPs try to clean up the internet(CSO Online) If your computer’s been hacked, Dale Drew might actually know about it. His company, Level 3 Communications, is a major internet backbone provider and routinely on the lookout for cyberattacks on the network level. From what they can tell, there’s a staggering 178 million IP addresses out there associated with malicious activity.
Advancing Cyber Resilience Principles and Tools for Boards(World Economic Forum) Cyber resilience and cyber risk management are critical challenges for most organizations today. Leaders increasingly recognize that the profound reputational and existential nature of these risks mean that responsibility for managing them sits at the board and top level executive teams.
Has fraud met its match?(CSO Online) New and dynamic authentication factors can help prevent identity theft. The idea of using a fingerprint reader to log on to a smartphone is nothing new, but the latest wrinkle is the pressure with which that finger pushes on the reader.
CyberTraining 365 and ICMCP Join Forces to Offer Expert Cyber Security Training and Decrease the Skills-Gap(Yahoo Singapore Finance) We are proud to announce our newest scholarship for the International Consortium of Minority Cybersecurity Professionals (ICMCP). Offering 100 ICMCP Members with 6 months of free access to our online academy, CyberTraining 365 hopes to give those new to cybersecurity the skills they need to further their career, while helping fill the cybersecurity skills-gap. ICMCP will be awarding over $33,000 worth of online cyber security training, from our academy, to their members, over the next two years.
Cyber Challenge begins at VMI(WDBJ) This is the first year for the event which combines an invitation-only cyber competition with learning and career opportunities in the cyber world.
A Survey of Nation State Sponsored Hackers(Owl Cyber) The darknet is an unpredictable source of both white hat and black hat hackers working to develop malware, toolkits and viruses (MTVs) for any number of reasons - from political hacktivism to cyber crime.
Cyber Espionage Seen Expanding to Grasp Trump Policy Changes(Bloomberg.com) U.S. government agencies, think tanks and political groups should expect an increase in cyber espionage as countries like Iran try to grasp changing foreign and military policies under the new Trump administration, according to an executive with cybersecurity company FireEye Inc.
Rogers touts SOCOM as model for cyber command(InsideDefense.com) The head of U.S. Cyber Command says his organization should be elevated to a unified combatant command and have a centralized structure similar to that of U.S. Special Operations Command.
NSA head Rogers pushes to loosen reins on cyberweapons(TheHill) Adm. Michael Rogers — both head of the National Security Agency (NSA) and Cyber Command — is pushing for widespread changes to the U.S.'s treatment of cyber weaponry, including contracting private sector firms to develop arms.
Assessing US capabilities in cyberspace(Fifth Domain | Cyber) Among the proposals and directives outlined in the three drafts are four cyber reviews, including a full-scale assessment of the nation’s capabilities in cyberspace.
Opinion: Will Trump sink Privacy Shield?(The Christian Science Monitor Passcode) If Trump walks back US surveillance reform, he could jeopardize a trade agreement with the European Union that ensures the free flow of data across the Atlantic.
Sentenced to Prison For Telegram Posts(Iran Wire) The Revolutionary Court in the Kurdish city of Saghez sentenced four people to prison for “propaganda in support of Kurdish opposition parties” after they set up a group and channel on the Telegram messaging service.
How to Hunt a Lone Wolf(Foreign Affairs) To make one-off attacks less likely and prepare for those that do occur, governments should keep would-be terrorists isolated, build strong relationships between Muslim communities and law enforcement, monitor social media, and discredit the ideology that lone wolves embrace.
Can parental spyware keep kids safe online?(The Christian Science Monitor Passcode) Some law enforcement officials says it won't – and are discouraging parents from relying on a growing number of smartphone surveillance apps to guard against bullying and sexual predators.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Citrix Synergy(Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.
Second Annual International Security Conference(Riyadh, Saudi Arabia, February 27 - 28, 2017) The conference will facilitate national, regional and international collaboration between government, industry and critical infrastructure organizations. It will also feature investors who want to diversify...
SANS Dallas 2017(Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...
Autonomous Vehicles Silicon Valley(Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.
The Cyber Security Summit: Denver(Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.
International Cyber Risk Management Conference (ICRMC)(Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons
SANS San Jose 2017(Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries...
Cybersecurity: Defense Sector Summit(Troy, Michigan, USA, March 7 - 8, 2017) Don’t miss out on the opportunity to be a part of the conversation regarding how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. What are the synergies amony Army,...
15th annual e-Crime & Cybersecurity Congress(London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.
ISSA Mid Atlantic Security Conference(Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations...
Investing in America’s Security: Cybersecurity Issues(Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will...
IAPP Europe Data Protection Intensive 2017(London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its...
Rail Cyber Security Summit(London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry,...
CyberUK 2017(Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information...
Cybersecurity: The Leadership Imperative(New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed.
BSides Canberra(Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates.
Cyber Resilience Summit: Securing Systems inside the Perimeter(Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing...
European Smart Grid Cyber Security(London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants,...
Maryland Cybersecurity Awards Celebration(Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their...
SANS Pen Test Austin 2017(Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test...
Insider Threat 2017 Summit(Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
2nd Annual Billington International Cybersecurity Summit(Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations...
WiCyS 2017: Women in Cybersecurity(Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.