Microsoft warns businesses to be on guard against the possibility that attackers could compromise virtual machines, turning cloud environments against the enterprises that use them.
Dr. Web identifies a new Android threat. This one, known as "Skyfin," is a second stage infection observed in phones already compromised by the Android[.]Downloader malware family. Skyfin infests the local Playstore app to make unwanted purchases.
The SANS Internet Storm Center has a rundown on Sage 2.0, ransomware they've observed in spam hitherto associated with Cerber.
Specific ransomware victims late last week include the St. Louis (Missouri, USA) public library system and the Racingpulse[.]in pony betting site operating out of Bangalore (India). The St. Louis librarians aren't paying up; instead, they're wiping and restoring the approximately 700 affected machines. The Dharma ransomware strain hit Bangalore; there's no word yet on which variety affected St. Louis.
The Lloyds Banking Group disclosed that it was affected by distributed denial-of-service campaign two weeks ago. An unnamed "international cybercrime gang" is said to be responsible.
Both the New York Times and the BBC had their Twitter accounts hijacked yesterday, the Times hijackers tweeting (falsely) Russian President Putin's intentions to launch missiles against the US, and the BBC's hijackers tweeting (equally falsely) that US President Trump had been wounded in an assassination attempt. Protection racketeers at OurMine admit collaborating in the caper, but said their unnamed partners composed the tweets.
The FBI is said to be interviewing the gentleman security journalist Brian Krebs identified as the figure behind Mirai.
Today's issue includes events affecting Algeria, Austria, Brazil, Canada, Estonia, France, Germany, India, Indonesia, Italy, Latvia, Lithuania, Moldova, Pakistan, Philippines, Russia, Spain, Tunisia, Turkey, United Kingdom, United States.
A special edition of our Podcast is currently available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Women in Cyber Security(Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
What You Need To Know About The iMessage Security Flaw(Panda) With everything that’s gone down in 2016 it’s easy to forget Tim Cook’s and Apple’s battle with the FBI over data encryption laws. Apple took a strong stance though, and other tech giants followed suite leading to a victory of sorts for (the little guy in) online privacy
Sage 2.0 Ransomware(SANS Internet Storm Center) On Friday 2017-01-20, I checked a malicious spam (malspam) campaign that normally distributes Cerber ransomware. That Friday it delivered ransomware I'd never seen before called "Sage." More specifically, it was "Sage 2.0"
Meitu photo retouching app may be invading your privacy(Help Net Security) Have you heard about Meitu, the photo retouching mobile app that turns people into more cutesy or beautiful versions of themselves? Chances are that even if you don’t know the app’s name, you’ve already seen examples of the final product posted on a social network of your choice
Meitu, a Viral Anime Makeover App, Has Major Privacy Red Flags(Wired) Meitu is a popular app that transforms your selfie into an adorable anime character. You’ve probably already downloaded it. In exchange for the simple pleasure of giving you an absurd makeover, though, it demands sprawling access to your personal data and numerous features of your smartphone, seemingly collecting a bloat of information about you in the process. Wannabe nymphs and sprites everywhere: be warned
Algerian Phishing Attempt(Wapack Labs) A Red Sky Alliance member is reporting a suspected phishing email to Wapack Labs. Subsequent analysis reveals the campaign was initiated by an Algerian threat actor associated with a known hacking team
Lloyds Services Taken Out by Alleged Cybercrime Gang(Infosecurity Magazine) A denial of service blitz aimed at some of the UK’s biggest high street lenders a fortnight ago took services at Lloyds Banking Group offline intermittently for two days, it has been claimed
Dawn under cyber attack(Dawn) In keeping with the principles of a free and independent press, it is necessary for us to inform our readers and place on public record that Dawn has come under sustained cyber attacks over the last two weeks. A statement issued by dawn.com says the origin of these attacks is unconfirmed as yet
Twitter Accidentally Made Half a Million People Follow Trump(Motherboard) Update, Jan. 21, 2017: Today, Twitter CEO Jack Dorsey confirmed users' claims that Twitter had automatically followed the @POTUS account (at this point, under the authorship of President Donald Trump) for them. Approximately 560,000 people were affected by a flaw in the script used to migrate followers to the new archival handles
Top 6 Types of Rogue Security Software(The Merkle) In this day and age of online attacks, it becomes all the more important to protect one’s computer and other devices against the various threats. Criminals often try to bypass existing security solutions on the device in question, but they also distribute fake tools that allegedly prevent these attacks from happening. This trend is called “rogue security software,” and has been proven to be quite successful over the past few years
A flawed medical device, a troubling response(Christian Science Monitor Passcode) A case involving software vulnerabilities in medical electronics reveals the inability for both the health care sector and federal regulators to swiftly address cybersecurity problems
FCC warns of national security risks from IoT, private networks(Federal Times) The Federal Communications Commission has released a white paper on cybersecurity risk reduction that surveys the increasingly larger “exposed attack surface” created by connected consumer devices on privately owned and managed communications networks
Security Patches, Mitigations, and Software Updates
It’s About To Get Even Easier to Hide on the Dark Web(Wired) Sites on the so-called dark web, or darknet, typically operate under what seems like a privacy paradox: While anyone who knows a dark web site’s address can visit it, no one can figure out who hosts that site, or where. It hides in plain sight. But changes coming to the anonymity tools underlying the darknet promise to make a new kind of online privacy possible. Soon anyone will be able to create their own corner of the internet that’s not just anonymous and untraceable, but entirely undiscoverable without an invite
Security management outlook: Five trends to watch(Help Net Security) Cybersecurity can’t sit still. As we look ahead to what this year has in store for the security management landscape, organizations globally should be paying attention to five key
Mozilla's First Internet Heatlh Report Tackles Security, Privacy(Threatpost) In its first-ever Internet Health Report, the non-profit Mozilla Foundation warned of the dangers of concentrated power among too few internet companies, cyber snooping by nosey governments and new threats posed by connected devices that can further erode privacy
Phishing Awareness Grows, but Volumes Increase(Infosecurity Magazine) When it comes to phishing, there’s been an encouraging 64% increase in organizations measuring end-user risk from 2015 to 2016. But the good news gets more scarce from there
Top 6 Most Targeted Countries For Cyber Attacks(The Merkle) The cyber attack business continues to grow exponentially over time. In the year 2017, there will be several million cyber attacks every single day. As it turns out, some countries are targeted more than others. Although the United States is a top target for cyber criminals, they are not in the top three by any means
Barclays Launches BEC Awareness Campaign(Infosecurity Magazine) Barclays Bank has launched a new awareness-raising campaign designed to help corporates spot and prevent the growing prevalence of so-called Business Email Compromise (BEC) scams
Conveyancing home to most cyber crime(Today's Conveyancer) Within the legal sector, email hacking within conveyancing transactions is the most commonly occurring cyber crime. According to the most recent analysis of SRA reports, client losses recorded in the last year have amounted to £7 million
Infosec certification and the talent shortage crisis(Help Net Security) As more enterprises aspire to create future workspaces and harness the benefits of a mobile workforce that leverages cloud platforms, there’s a greater need to implement appropriate measures to secure data, infrastructures, applications, and users wherever they may reside
What Does Intel Security Group Have to Offer before Spin-Off?(Market Realist) In the previous part of the series, we saw that Intel (INTC) is falling behind Xilinx (XLNX) in the programmable solutions market. Xilinx is now targeting the cloud market, which poses a threat to Intel. Like memory and programmable solutions are core to Intel’s vision of the connected world, so is security. However, the company is spinning off the McAfee business it acquired in 2011
SafeNet Launches New Cryptographic Key Mgmt for US Government(American Security Today) SafeNet Assured Technologies, has released its latest cryptographic key management solution, KeySecure for Government – which is manufactured, sold, and supported in the U.S. exclusively by SafeNet Assured Technologies
Lavabit Reopens, Snowden's Former Email Provider(Bleeping Computer) Lavabit, the encrypted email service provider once used by Snowden, has announced it will reopen its doors after a three-year hiatus during which it developed new email technology
Kaspersky Lab unlocks CryptXXX-encrypted files(IT Online) After releasing decryption tools for two variants of CryptXXX ransomware in April and May 2016, Kaspersky Lab has released a new decryptor for files that have been locked with the latest version of the malware. This malicious programme was capable of infecting thousands of PCs around the world since April 2016, and it was impossible to fully decrypt the files affected by it. But not anymore. The free RannohDecryptor tool by Kaspersky Lab can decrypt most files with .crypt, .cryp1 and .crypz extensions
Securing MySQL DBMS(eSecuity Planet) These steps can help you secure your deployment of the open source MySQL Community Server
Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference(INSS Strategic Perspectives) In this era of persistent conflict, U.S. national security depends on the diplomatic, informational, military, and economic instruments of national power being balanced and operationally integrated. A single instrument of power—that is, one of the country’s security departments and agencies acting alone—cannot efficiently and effectively deal with the Nation’s most important security challenges. None can be resolved without the well-integrated use of multiple
instruments of power—a team bringing to bear the capacity and skills of multiple departments and agencies. The requirement for better interagency integration is not, as some have argued, a passing issue temporarily in vogue or one tied only to counterterrorism or foreign interventions in failed states. Interagency collaboration has become a persistent and pervasive trend in the national security system at all levels, from the strategic to the tactical, and will remain so in an ever more complex security environment
How to Protest Without Sacrificing Your Digital Privacy(Motherboard) There will be many watchful eyes taking notice of your activities this weekend. On Thursday, several days of planned protests started in Washington DC in anticipation of the inauguration of President-elect Trump. Tomorrow, the Women's March on Washington will kick off, with thousands expected to turn up
Design and Innovation
ZCash on Ethereum: Anonymity With Smart Contracts(Cryptocoin News) Ethereum was designed and developed to operate as the base protocol for smart contract settlements. It allows multiple parties to establish unalterable agreements with one another for several use cases, mainly for legal purposes
India turns to AI as cyber warfare threats grow(Interaksyon) In the darkened offices of a tech start-up, a handful of computer engineers sifts through a mountain of intelligence data that would normally be the work of a small army of Indian security agents
Trump pledges to boost U.S. Cyber Command, use 'cyberwarfare' in foreign policy strategy(Inside Cybersecurity) The Trump administration is planning to boost cyber offensive capabilities at U.S. Cyber Command and collaborate with foreign allies to “engage in cyberwarfare to disrupt and disable propaganda and recruiting,” according to the policy statements issued by the White House following President Trump's swearing in ceremony on Capitol Hill
Making Our Military Strong Again(The White House) Our men and women in uniform are the greatest fighting force in the world and the guardians of American freedom. That’s why the Trump Administration will rebuild our military and do everything it can to make sure our veterans get the care they deserve
Trump to CIA: ‘I Am So Behind You’(Voice of America) President Donald Trump, who has sharply criticized the U.S. intelligence community, told workers at the Central Intelligence Agency (CIA) on Saturday, "I am so behind you"
Ex-CIA chief Brennan bashes Trump over speech during CIA visit(CNN) Former CIA Director John Brennan is "deeply saddened and angered" at President Donald Trump after the commander in chief addressed CIA employees at their headquarters in Langley, Virginia, on Saturday, Brennan's former deputy chief of staff says
US Senate Confirms Mattis for Defense Secretary(Defense News) The US Senate overwhelmingly approved two of President Donald Trump's national defense nominees, Defense Secretary James Mattis and Homeland Security Secretary John Kelly — both retired Marine generals
Congressional panels duel to be top dog on cyber(Washington Examiner) Two different Senate committees are holding confirmation hearings this week for the nominee to lead the Office of Management and Budget, a subtle nod to jurisdictional issues that Congress and the Trump administration will face in writing cybersecurity policy this year
FBI questions Rutgers student about massive cyber attack(NJ[.]com) The FBI has interviewed a Rutgers University computer science student who has been identified by a well-known cyber security blogger as the likely author of the malicious code that caused a massive Internet disruption in October
U.S. Eyes Michael Flynn’s Links to Russia(Wall Street Journal) Counterintelligence agents have investigated communications by President Trump’s national security adviser, including phone calls to Russian ambassador in late December
The strange case of Lt. Cmdr. Edward Lin(Navy Times) When Navy Lt. Cmdr. Edward Lin was first arrested at the Honolulu airport in 2015 on a flight to China, military investigators thought they had uncovered an espionage case of epic proportions – a Mandarin-speaking Asian-American military officer accused of leaking highly sensitive U.S. military secrets to Chinese and Taiwanese officials
Indian Government is Training Policemen to Crackdown Electronic Fraud(Deep Dot Web) Indian government and law enforcement are allocating increased capital in training police officers to crackdown electronic fraud involving online transactions. A facility was launched in the police headquarters in Kasaba Bawada to ensure police officers obtain necessary information and technical expertise to detect electronic fraud
Qualcomm fires back against Apple over lawsuit and FTC action(TechCrunch) Never a dull moment in the smartphone wars. This week, Qualcomm started getting serious regulatory heat when the Federal Trade Commission filed charges against the chipmaker, accusing it of anticompetitive tactics designed to shut competitors out from supplying components to handset companies
School sues sysadmin for wiping its only login to Gmail(Naked Security) A college that sacked its IT administrator is claiming that he took his admin password with him, wiped it clean off his work PC (and “damaged” the machine to the point where it’s no longer usable), thereby rendered the school incapable of accessing its Gmail account, deprived some 2,000 students of their email and coursework, and is now suing him for $250,000 in damages
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Enigma(Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses...
SANS Las Vegas 2017(Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...
BlueHat IL(Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel.
Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017(Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...
Blockchain Protocol and Security Engineering(Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...
CyberTech(Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with...
Southern Virginia - Cyber Security Lunch & Learn(Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks...
Insider Threat Program Development Training For NISPOM CC 2(Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training...
The Risks and Benefits of Artificial Intelligence and Robotics(Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of...
SANS Southern California - Anaheim 2017(Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response,...
Workplace Violence & Response To Active Shooter Events Meeting(Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively
RSA Conference 2017(San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace...
Using STIX/TAXII to share automated cyber threat data(San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid...
Insider Threat Program Development Training For NISPOM CC 2(Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training...
SANS Dallas 2017(Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security...
Autonomous Vehicles Silicon Valley(Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.