The CyberWire Daily Briefing 07.29.15

Summary

By The CyberWire Staff

Observers on both sides of the Atlantic take note of how inadequate both British and American information operations seem when compared to those of ISIS, whose online recruiting a lawyer in the UK calls "the ultimate marketing success."

The US Joint Staff took an unclassified email network offline over the weekend after detecting unspecified "suspicious activity."

Malvertising continues to distribute the Angler exploit kit. Flash attacks spread PoisonIvy.

Trend Micro describes an Android vulnerability that could "silence" devices.

The Darkode forum may be returning: recently dismantled by a multinational law enforcement operation, one of the criminal network's last administrators may be at large and planning a comeback.

The Hammertoss espionage tool is linked to the Miniduke gang.

Vulnerability demonstrations and proof-of-concept exploits will surround Black Hat and Defcon. Two are noted today: an RFID access tool and a method of stealing door badge credentials.

A vulnerability in BIND is patched; users are urged to update.

Several trend reports appear: Flash exploits, online piracy, and point-of-sale issues. Some observers think big security firms are serving up "stale" antivirus offerings.

Industry and government receive glumly familiar news of coming cyber security labor shortages.

UK insurers believe reinsurance is the key to a healthy cyber risk-transfer market.

Lockheed Martin's CEO indicates the company will keep its government cyber business.

Cylance and Darktrace secure more funding.

Researchers look at behavioral biometrics.

The US Congress looks into car hacking as cyber legislation advances in the Senate.

Snowden will receive no pardon, says the White House.

Notes.

Today's issue includes events affecting China, European Union, Indonesia, Russia, Saudi Arabia, Taiwan, United Arab Emirates, United Kingdom, and United States.

The CyberWire will be covering CyberMontgomery 2015 tomorrow in Rockville, Maryland. We'll be live-tweeting the proceedings and publishing a special issue on Friday devoted to the conference.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

China-Tied Hackers That Hit U.S. Said to Breach United Airlines (Bloomberg) The hackers who stole data on tens of millions of U.S. insurance holders and government employees in recent months breached another big target at around the same time — United Airlines

Cyber Trends

Bromium Threat Report Identifies Security Risks of Popular Websites and Software ( Street Insider) News and entertainment websites unknowingly host more than 50 percent of malvertisements; Flash exploits increase 60 percent and ransomware increases 80 percent since 2014

Marketplace

Leidos, Cerner win 'DHMSM', DoD's $11B electronic health record contract (FierceGovHealthIT) Contract will replace legacy health IT at DoD and advance interoperability with VA's health record

Products, Services, and Solutions

Share files simply and securely in the cloud — Partner offering from Covata and T-Systems (Deutsche Telekom) Lists of customers, contract details, price calculations – employees need secure and quick access to this kind of sensitive data. T-Systems and Australian data security specialist Covata are now offering a solution to this problem, from the cloud. The service is as simple to use as other file sharing offerings, but is based on enterprise grade security architecture and runs in a high-security data center operated by T-Systems in Germany. The Australian government, including the Australian Taxation Office, uses Covata to securely share information

TeleSign SDK streamlines verification on mobiles (Betanews) Many of the latest cyber attacks focus on mobile platforms as they're often seen as inherently less secure, particularly when handling account logins and important transactions

Technologies, Techniques, and Standards

Travel Security: It’s a Tough World in the Competitive Trenches (IBM Security Intelligence) You are ultimately responsible for your travel security, be it physical or technical. But this is a tall order. You are most vulnerable when you move and travel because you operate outside of your daily pattern of life, including connecting to the Internet via a third-party service provider with which you may not be familiar

Legislation, Policy, and Regulation

Senators push bill to authorize EINSTEIN 3A, shore up 'insufficient cybersecurity practices' governmentwide (FierceGovernmentIT) Leaders of the Senate Homeland Security and Governmental Affairs Committee introduced Monday a bipartisan bill that would grant federal agencies clear legal authority in utilizing EINSTEIN, the Homeland Security Department's continuous diagnostics and monitoring system

Experts say tech industry has duty to counter extremism, but against imposing legal onus (FierceGovernmentIT) Former Homeland Security Secretary Michael Chertoff said social media companies may have a social obligation to suppress videos of beheadings by terrorist groups and report information to law enforcement that a user might commit a violent act, but he said he was "nervous" about imposing any legal duty or regulatory mechanism on companies to take such actions

Litigation, Investigation, and Law Enforcement

Five Suspects Reportedly Connected to the JPMorgan Chase Breach (Legaltech News) Reports said two of the men’s names were somehow mentioned in connection with an inquiry into the JPMorgan Chase breach

Investigation Follows Claims of Hacking at Planned Parenthood (Legaltech News) The cyber-attack comes soon after controversy erupted over Planned Parenthood statements recorded in edited undercover videos by The Center for Medical Progress

Why do email policies of local governments seem so sketchy? (FierceContentManagement) A new policy in St. Paul, Minnesota allows city employees to "delete [email messages] as soon as their purpose is served" or within six months. Messages moved to trash or junk folders will evaporate in a mere two weeks. In a not-at-all-shocking turn of events, public watchdog groups are voicing their concern

Industry Events

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

Cyber Risk Wednesday: Rethinking Commercial Espionage (Atlantic Council: Brent Scowcroft Center on International Security, Jul 29, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on July 29 from 4:00 p.m. to 5:30 p.m. for a discussion on new ideas on commercial cyber espionage and intellectual property theft

CyberMontgomery 2015 (Rockville, Maryland, USA, Jul 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen other Federal agencies, plus regional State and local agencies, educational institutions (such as Montgomery College, the Universities at Shady Grove, a satellite campus of Johns Hopkins, and the Bethesda-based SANS Institute), plus scores of cyber companies, ranging from start-ups to multinational corporations such as Lockheed Martin, employing upwards of 37,000 people in cyber-related jobs. With cybersecurity constituting a major growth engine in the region for many years to come, and with leading Federal government, industry and academic assets already in place in the region, the annual CyberMontgomery conference serves to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. In that light, CyberMontgomery provides clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in the County, and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders

Career Discovery in Cyber Security: A Women's Symposium (New York, New York, USA, Jul 30, 2015) Our annual conference brings together some of the best minds in the industry, with the goal of guiding women with a talent and interest in cyber security into top-flight careers

PragueCrunch IV: The Enpraguening (Prague, Czech Republic, Jul 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event on the terrace at Střelecký Ostrov. If you've been to any of the previous events you'll know it's a good time

Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)

ISSA CISO Forum: Third Party Oversight (Las Vegas, Nevada, USA, Aug 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by invitation only and subject to approval. Membership criteria will act as a guideline for approval. Invitations can be made by a CISO Members or ISSA Management. Guest, renewing, and new members are all subject to approval

BSides Las Vegas (Las Vegas, Nevada, USA, Aug 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is no charge to the public to attend BSidesLV. Our costs are covered by our generous donors and sponsors, who share our vision of free dissemination of information. The conversations are getting more potent and the "TALK AT YOU" conferences are starting to realize they have to change. BSidesLV is making this happen by shaking-up the format

Defcon 23 (Las Vegas, Nevada, USA, Aug 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information

3rd Annual Psyber Behavioral Analysis Symposium (Fort Meade, Maryland, USA, Aug 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium is to provide U.S. and Second Party Intelligence Communities (IC) a forum to present and collaborate on Human Science-based projects and research. This event attracts a multi-disciplinary government audience from across the IC and Second Party Partner organizations

USENIX Security (Washington, D.C., USA, Aug 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer systems and networks

5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, Aug 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring together cyber experts from the DoD, federal government, business, research, and academia to address a variety of current cyber topics

Decepticon 2015 (Cambridge, England, UK, Aug 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines, sub-disciplines and countries. To cover the great diversity of approaches to deception research, our scientific committee has members covering several domains

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.