Some instructive analysis of this week's interference with google-dot-com-dot-br is out.
Kaspersky Lab reports "a globally coordinated cyber attack" against some 500 companies in 50 countries. The campaign began in August 2016, made extensive use of spearphishing, and appears to have as its object industrial espionage. The targeted sectors are construction, engineering, electrical power distribution, and basic metals.
Bleeping Computer warns that more MongoDB attacks are on the way—may database administrators look to their configurations.
Ransomware gets riskier, more perfidious, and more expensive. KillDisk has been developed into a ransomware package, infecting both Linux and Windows systems. It demands 222 Bitcoin (between $210,000 and $250,000), but apparently doesn't bother restoring the files even after the victim pays up.
The ransomware threat is affecting the security market: MarketsandMarkets predicts a 16.3% compound annual growth rate in the market for ransomware defense, rising from $8.16 billion in 2016 to $17.36 billion in 2021.
Verizon's planned acquisition of Yahoo!'s core assets looks shakier at week's end. The Street quotes a Verizon executive to the effect that the telecom company doesn't want to be "jumping blindly off a cliff."
The US Senate held hearings yesterday on Russian election hacking. US Intelligence Community leaders reaffirmed their conclusions that Russian services successfully targeted the Democratic National Committee. Eyebrows are raised over the FBI's apparent reliance on CrowdStrike's forensics, but such reliance is not really surprising. DNI Clapper promises a full report next week; rumor has it the report will detail how WikiLeaks got DNC emails.
If you've been enjoying the podcasts, please consider giving us an iTunes review.
A special edition of our Podcast is also available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Cyber Attacks, Threats, and Vulnerabilities
Are Russian cyberspies buried in Dutch networks, too?(Christian Science Monitor Passcode) A US government analysis appears to show that Russian operatives hijacked hundreds of computers globally to carry out attacks on US political groups. But in this case, looks may be deceiving
Was "google[.]com[.]br" hacked?(LinkedIn) We followed at yesterday’s afternoon the many news and comments regarding the compromise of the address www.google.com.br. At the beginning, many (me included) discredited the news, however, big online portals quickly started to propagate the event. People close to me also reported to be accessing the invalid content and ask me for help
Experts Warn of Novel Pdf-Based Phishing Scam(Threatpost) The SANS Internet Storm Center published a warning on Wednesday about an active phishing campaign that utilizes PDF attachments in a novel ploy to harvest email credentials from victims
Ransomware masquerades as CV(Enterprise Times) Researchers at security vendor Check Point have warned of a ransomware attack targeting HR departments. This attack is currently targeted at German speaking companies and pretends to be a job application. Researchers say that the email comes with two attachments. A covering letter which is a standard PDF and an Excel file containing the GoldenEye variant of the Petya ransomware
Ransomware likely migrate beyond computers in 2017(Trade Arabia) This could be the year in which the ruthless threat of ransomware migrates to other platforms beyond computers and smartphones, whose primary purpose is not data processing or digital communications, a report said
“The Internet Will SHUTDOWN For 24 Hours In 2017,” Security Firm LogRhythm Predicts(Fossbytes) US-based security firm LogRhythm has predicted that due to a massive DDoS attack, the worldwide internet will shutdown for 24 hours in 2017, resulting in the tanking of financial markets. Company’s vice president and chief information security officer James Carder also predicted that the DDoS attacks that took place in 2016 were a clear indication. He also hinted at the increasing ransomware threats
Smart Meters Are Laughably Insecure, Are a Real Danger to Smart Homes(Bleeping Computer) Most smart meters that are installed, or are soon to be installed, in hundreds of millions of homes around the world are woefully insecure and can be easily hacked by a remote attacker to alter energy consumption levels, hack other smart devices in the user's home, or even cause the meter to explode
Stolen Passwords Fuel Cardless ATM Fraud(KrebsOnSecurity) Some financial institutions are now offering so-called “cardless ATM” transactions that allow customers to withdraw cash using nothing more than their mobile phones. But as the following story illustrates, this new technology also creates an avenue for thieves to quickly and quietly convert stolen customer bank account usernames and passwords into cold hard cash. Worse still, fraudulent cardless ATM withdrawals may prove more difficult for customers to dispute because they place the victim at the scene of the crime
Windows 10 Mobile has a pretty weird security flaw(MS Poweruser) Today, we noticed a pretty weird security flaw in Windows 10 Mobile. If you are using a Windows 10 Mobile that does not support Windows Hello, your are likely using a pin to secure your device. The pin can be easily set-up from Windows 10 Mobile’s Sign-in Options page in the Settings app. However, there’s an interesting issue with this system
Porn Gets Pwned: for Hackers, XXX Means Exploit, Extort and Expose(Infosecurity Magazine) Nearly 400,000 users of adult site xHamster have found themselves in a compromising position after their private details were leaked. There’s no confirmation of who was behind the breach as yet, but usernames, email addresses and passwords have apparently been trading hands on the dark web for several months
Over One Million Over-45s Hit by Email Scams(Infosecurity Magazine) More than one million Brits over the age of 45 have fallen victim to some form of email-related fraud, as the internet supersedes the telephone as the favored channel for scammers, according to Aviva
Companies still struggle with security(Khaleej Times) In an era of increasingly interconnected devices, it doesn't take much for a skilled hacker to avoid detection and launch an attack that can spell disaster for a company
Ransomware protection market to reach $17.36 billion by 2021(Help Net Security) According to a new report on the ransomware protection market by MarketsandMarkets, the market size is expected to grow from $8.16 billion in 2016 to $17.36 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 16.3%
Investor Takeaways from The Russian Hacking Scandal(Investing Daily) Shocking the norms of political discourse is customary for Donald Trump and he did so again on Wednesday, when he publicly sided with WikiLeaks founder Julian Assange against America’s own intelligence community. Contrary to the findings of the NSA, CIA and FBI, Trump endorsed the activist’s claim that Russia didn’t provide WikiLeaks with hacked Democratic Party emails
Verizon-Yahoo Deal On The Ropes - Is Cyber Security Killing Deals?(Forbes) It seems every day there is another story about hacking and data breaches, whether the alleged attackers are foreign governments or a lone wolf, the newsworthy targets are high profile, but it is a problem impacting a huge swath of businesses, regardless of size. Yahoo, Eddie Bauer and Target stores are amongst many others who have been affected and Cloud giant Oracle reported a potential intrusion on its MICROS payment systems last August
Two Cyber Security Stock Picks For 2017(Nasdaq) Cyber security is going to be in the news over the next week or so. The Congressional hearings into the hacks of the Democratic National Committee e-mail server and that of Clinton campaign chair John Podesta begin today, with the public version of the intelligence community’s reports being made available on Monday
New infosec products of the week: January 6, 2017(Help Net Security) Fortress Cyber Security launches Fortress UTM... WISeKey makes available its cryptographic Root of Trust... Bitdefender BOX gets an update... HEAT Software updates three UEM and Cloud Service Management solutions
Bitdefender Box Hopes To Secure The Internet Of Things(Tom's Hardware) The Internet of Things (IoT) is out in full force at CES 2017. Seemingly everything, from toothbrushes to refrigerators, is being connected to the internet. Bitdefender revealed an updated Box to make sure those IoT products, mobile devices, and other connected gizmos are kept secure
Three Ways that Security Researchers Trolled Hackers in 2016(CSO) The year 2016 has not really been a standout for information security. This was the year that the Russians hacked the DNC (and now the RNC, apparently), the year that ransomware authors bricked an entire transit system, and the year that the IoT literally broke the internet. Like most of the population, the security community can’t wait to say goodbye to 2016
Social media security is not just for kids – how safe are your profiles?(Naked Security) The news is full of the risks children face on the internet, not just in terms of predators but also in terms of the rights they might be signing away. Their details and the rights to any images they post may be compromised, says a report from the UK’s Children’s Commissioner, entitled Growing Up Digital
Design and Innovation
A prize for “real-world cryptography” was given to programmers behind AES and the Signal app(TechCrunch) This week I had the chance to visit Columbia University to meet with Max Levchin, currently the CEO of financial company Affirm and one of the co-founders of PayPal. He was in the Lerner Hall auditorium surrounded by a large flock of programmers belonging to a special branch of the field: cryptology. They were all there vying for the second annual Levchin Prize
All that glisters is not security gold at CES in Las Vegas(Naked Security) Depending on your outlook, the Internet of Things (IoT) is either an exciting frontier that promises to embed smartness into a world of unforgivably dumb objects or a gilded cage of expensive proprietary technology whose security standards we must take on trust
How Russia wields cyberpower(Christian Science Monitor Passcode) Cyberattacks around the world linked to Russia – including hacking US political groups – expose a growing sophistication for leveraging the internet's speed and scale to exert influence
McCain: Russia Hack Should Spark National Cyber Policy(Defense News) The US Senate Armed Services Committee will focus on beefing up the nation’s cyber security after alleged Russian meddling in US elections, which chairman John McCain at a committee hearing Thursday called “an unprecedented attack on our democracy”
DHS should house new cyber agency, experts tell President-elect(Federal News Radio) The Homeland Security Department has come a long way in the last decade in how it manages, assists, oversees and responds to cybersecurity incidents that the public and private sectors face daily. Now a group of experts are recommending to the President-elect Donald Trump to go even further
From Awareness to Action: A Cybersecurity Agenda for the 45th President(CSIS Cyber Policy Task Force) This report lays out specific recommendations for the next administration’s cybersecurity policy. It identifies the policies, organizational improvements, and resources needed for this. It builds on the 2009 Commission on Cybersecurity for the 44th Presidency, a foundational document for creating a strategic approach to cybersecurity. In the eight years since that report was published, there has been much activity, but despite an exponential increase in attention to cybersecurity, we are still at risk and there is much for the next administration to do
Donald Trump Casts Intelligence Aside(New York Times) What plausible reason could Donald Trump have for trying so hard to discredit America’s intelligence agencies and their finding that Russia interfered in the presidential election? Maybe he just can’t stand anyone thinking he didn’t, or couldn’t, win the presidency on his own
Are Trump And U.S. Intelligence Community Headed For A Showdown?(NPR) There's a new narrative solidifying in Washington: President-elect Donald Trump distrusts the U.S. intelligence community because it's been sounding the alarm on Russia's interference in the November election. In turn, this feeds a growing sense of dread among U.S. intelligence professionals that the president-elect and his inner circle will ignore or undermine the intelligence community at every opportunity
They could walk(Vice) U.S. intelligence officials warn agents could quit en masse if Trump keeps mocking them
U.S. Intelligence Leaders Push Back on Trump Attacks(Newsweek) American intelligence officials on Thursday got a chance to hit back against the broad attacks Donald Trump has lobbed against them, a day ahead of their briefing with the president-elect on Russia’s interference in the 2016 election
U.S. Intelligence Report Due Next Week on Election Hack(Threatpost) The various branches of the U.S. intelligence community said they will next week deliver a joint report that corroborates claims that Russian intelligence attempted to influence the 2016 presidential election
U.S. official says Russia undoubtedly meddled in U.S. election(Military Times) America's top intelligence official said Thursday that Russia undoubtedly interfered in America's 2016 presidential election but stopped short of using the explosive description "an act of war," telling lawmakers such a call isn't within the purview of the U.S. intelligence community
U.S. spy chief 'resolute' on Russia cyber attack, differs with Trump(Reuters) The top U.S. intelligence official said on Thursday he was "even more resolute" in his belief that Russia staged cyber attacks on Democrats during the 2016 election campaign, rebuking persistent skepticism from Republican President-elect Donald Trump about whether Moscow was involved
U.S. intercepts capture senior Russian officials celebrating Trump win(Washington Post) Senior officials in the Russian government celebrated Donald Trump’s victory over Hillary Clinton as a geopolitical win for Moscow, according to U.S. officials who said that American intelligence agencies intercepted communications in the aftermath of the election in which Russian officials congratulated themselves on the outcome
Assange’s Claims on DNC Hack Have ‘No Credibility,’ Say Intel Chiefs(Wired) As the world seeks to understand the alleged Russian hacking that rattled last year’s election, WikiLeaks founder Julian Assange threw a spanner into the investigation, saying earlier this week that Russia wasn’t the source of Democratic Party emails that his secret-spilling group published—a claim then amplified in a tweet from president-elect Donald Trump. But America’s top spies have made clear that no statement from Assange, even one backed by the next president, will sway their finding that the Kremlin is behind those political attacks
Lawmakers demand answers on Rhodes' Security clearance(Washington Examiner) White House Deputy National Security Adviser Ben Rhodes has become the subject of a congressional probe into whether FBI officials declined to grant him an interim security clearance for use during President Obama's transition
Zero Days review: how the Pandora's box of hacking broke open(Telegraph) merican documentarist Alex Gibney - director of films about WikiLeaks, US government torture policy and Catholic church sex abuse, as well as the gripping Scientology exposé Going Clear - is no stranger to difficult, headline-grabbing subjects
Stop Gossiping in Your Work Slack(Motherboard) If you use an online chatroom service at work, make sure you keep office gossip offline to avoid unnecessary scandals in 2017. That’s a big lesson media giant Gawker learned last year when their Campfire online work chat records were revealed after Hulk Hogan sued the media outlet for publishing a sex tape of him in 2012
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Security East 2017(New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...
S4X17 ICS Security Conference(Miami Beach, Florida, USA, January 10 - 12, 2017) Three Days of advanced ICS cybersecurity on three stages with the top 500 people in ICS security. Main Stage - The big names (Richard Clarke, Renee Tarun, ...) and forward looking topics (ICS certification,...
Suits and Spooks DC 2017(Arlington, Virginia, USA, January 11 - 12, 2017) “What we are creating now is a monster whose influence is going to change history, provided there is any history left.” (John von Neumann) When John von Neumann said those words in 1952, he didn’t mean...
Cybersecurity of Critical Infrastructure Summit 2017(College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...
ShmooCon 2017(Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...
SANS Las Vegas 2017(Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...
BlueHat IL(Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel.
Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017(Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...
Blockchain Protocol and Security Engineering(Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.