Bitdefender describes a new Internet-of-things (IoT) botnet, "Hide 'N' Seek" (or simply HNS). HNS is marked by its rapid spread, growing from twenty-seven-hundred to more than twenty-four-thousand devices over the last two days. Its infection mechanism is the same as Reaper's, but researchers discern no other connection between the two botnets.
HNS's rapid spread is enabled by a decentralized peer-to-peer mechanism that will complicate any takedowns. Other botnets have used P2P communications, but they've relied upon an existing BitTorrent protocol. HNS uses a custom system. Once installed, HNS's capabilities include code execution, data exfiltration, and interference with device operation. Effectively every infected device serves as a command-and-control server, a file server, and a jumping-off point for further infection. Bitdefender thinks HNS has the hallmarks of an attack prepared by an unusually sophisticated threat actor.
Initial coin offerings (ICOs) appear to be losing about ten percent of their value to hacking and fraud.
Bell Canada disclosed a data breach affecting about one-hundred-thousand customers.
Observers would like to see evidence from Ontario transit outfit Metrolinx that it was hit by North Korean hackers.
At Davos, British Prime Minister May doubles down on her crypto-skeptic position in the cryptowars.
Olympic-related hacking didn't end with the first doxing wave earlier this month. Fancy Bear has released documents stolen from the International Luge Federation. The hackers claim the documents reveal doping violations. Fancy Bear, generally identified with Russia's GRU military intelligence organization, has been upset over the International Olympic Committee's sanctioning of the Russian team.
Is your security team equipped to make the very best tactical decisions?
Conducting business in another country and need to know more about international business laws? Want to know some of the biggest threats to the 2018 Winter Olympics or North Korea’s cyber capabilities? You need finished intelligence…from the experts. Join LookingGlass’ Sr. Director of Investigation and Analysis, Olga Polishchuk and Jonathan Tomek, Sr. Director of Research on February 20 @ 2PM ET, as they discuss what your security team needs to make more effective business decisions.
ON THE PODCAST
In today's podcast, we talk with our partners at WebRoot, as David DuFour from WebRoot offers his outlook on where ransomware is going this coming year. Our guest, Malcolm Harkins from Cylance, has some interesting reflections on India's very large Aadhaar data breach.
Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28(Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com
Ransomware as a Service(SANS Internet Storm Center) Hunting on the dark web is interesting to find new malicious activities running in the background. Besides the classic sites where you can order drugs and all kind of counterfeited material, I discovered an interesting website which offers a service to create your own ransomware!
Expect More Cybersecurity 'Meltdowns'(BankInfo Security) Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
Dark web Dream Market drives cyber fraud industry(ComputerWeekly.com) An international operation shut down the AlphaBay and Hansa marketplaces in July 2017, but new ones have sprung up on the dark web, with one in particular helping to drive cyber fraud.
Major GTA Transit Company Targeted in North Korea Cyber Attack(Insauga) In news you definitely don’t hear every day, it appears that massive Ontario transit company Metrolinx successfully thwarted a cyber attack carried out by North Korean hackers.A recent CTV news article reports that a team of counter (or “ethical”) hackers at the provincial transit agency detected and addressed malware before any damage was done.
Chronicle: A Meteor Aimed At Planet Threat Intel?(KrebsOnSecurity) Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools.
Cylance’s Dayton: ‘We Want Partners to Be The Heroes’(Channel Partners) Channel Partners recently sat down with Didi Dayton, VP of worldwide channels and alliances at Cylance. The endpoint security provider sells exclusively through the channel and posted impressive 283 percent revenue growth over the past year on $11.1 million in sales. It was ranked No. 10 on Deloitte’s 2017 Technology Fast 500 list, and its technology is deployed on more than 10 million endpoints.
Bromium Now Provides Application Isolation for Citrix XenServer 7.3(Security Boulevard) Bromium now supports Citrix XenServer 7.3 nested virtualization with superior performance. Use application isolation to stop common attack vectors that layered defenses miss. Real-time, high-fidelity alerts trigger the Bromium Sensor Network to provide extended protection. XenServer is an open source platform for cost-effective application, desktop, cloud, and server virtual infrastructures. When Bromium is used for The post Bromium Now Provides Application Isolation for Citrix XenServer 7.3 appeared first on Bromium.
Third Party Risks To Enterprise In A Post Equifax World(Information Security Buzz) Subhead: When everyone’s data has been breached, how do you confirm employees are who they say they are? In the aftermath of the Equifax breach in which millions of people’s Personally Identifiable Information (PII) was stolen, everyone from press to the Senate has been focused on the customers. From a consumer perspective, many still don’t …
VU Course Aims to Boost Cyber Security(Inside Indiana Business) Vincennes University says new curriculum being offered this fall to high school students enrolled in its dual credit programs will help enhance cyber security in Indiana. The Certified Secure Compu...
Navy’s top intel officer to retire(C4ISRNET) Vice Adm. Jan Tighe, the Navy’s director of intelligence, has submitted her retirement paperwork, a spokesman for the service told C4ISRNET.
NY Governor Signs Order Requiring Net Neutrality From State ISPs(New York Law Journal) New York Gov. Andrew Cuomo has signed an executive order requiring the state to do business only with internet service providers who adhere to net neutrality principles. Travis LeBlanc the former FCC enforcement bureau chief who is now a partner at Boies Schiller Flexner said states will likely decide the future of net neutrality.
Biden: Russian election meddling issue 'tricky as hell'(CNN) Joe Biden defended the Obama administration's response to intelligence indicating Russian interference in the 2016 US elections, calling the matter "tricky as hell" during a discussion at the Council on Foreign Relations Tuesday afternoon.
Judge Urges Action to Curb 'Overbroad' Digital Search Warrants(New York Law Journal) Overbroad search warrants for digital evidence are “all too common” in New York are often green-lighted by busy judges who are focused on processing motions and are the product of a system based on outdated statutes a Manhattan judge said in a ruling to suppress warrants for evidence in a murder case.
Triumph for Twitch over the viewbots(Graham Cluley) A US court has ruled in the favour of videogame-streaming service Twitch against two bot-makers who sold a service to artificially inflate Twitch channels' number of viewers and fans.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
ATARC Federal CISO Summit(Washington, DC, USA, January 25, 2018) This educational, one-day symposium will discuss the security challenges faced by Federal Chief Information Security Officers and examine the lessons learned and best practices used to secure the information...
Connected Medical Device and IoT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) We are at a critical juncture in Healthcare. As an industry, we must combat these threats in multiple dimensions and on many fronts. The Summit will bring together healthcare, medical device, and security...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
Legal CIO(New York, New York, USA, January 31 - February 1, 2018) LegalCIO: Formerly the Law Firm Chief Information and Technology Officers Forum, combines cutting-edge updates on legal technologies with the chance to exchange practical guidance and discuss daily challenges...
Security Titans(Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...
European Cybersecurity Forum – CYBERSEC Brussels(Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
SINET ITSEF 2018(Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.