The CyberWire Daily Briefing 08.06.15
Someone, Trend Micro reports, has established honeypots on gas gauge monitoring systems in seven countries. There's no obvious campaign in progress, beyond IoT probing. Those responsible are thought to be the Assad sock puppets of the Syrian Electronic Army, although Trend Micro acknowledges the possibility this being a false-flag operation, in which case the Mullah's sock puppets of the Iranian Dark Coders would be the leading suspects.
ICANN warns that an unknown "unauthorized person" has accessed its website's profile accounts.
A Chinese espionage group known as "TG-3390" or "Emissary Panda" has targeted at least fifty companies. Emissary Panda seems most interested in the aerospace sector, and has used watering holes and stolen credentials to accomplish its intrusions. Dell SecureWorks advises two-factor authentication as a defense against Emissary Panda's ministrations.
Recorded Future reports the availability in the wild of exploits for Android Stagefright vulnerabilities. Google takes these seriously enough to both patch the vulnerability and revise its patching policies. Analysts doubt, however, that monthly Nexus updates will do the trick for Android security.
Malvertising surges, with last week's Yahoo infestation suggesting that there are more Flash vulnerabilities out there. Observers complain that advertisers are doing a disservice by keeping Flash alive.
Onapsis notes three SAP pivots implicated in last year's USIS hack, probable ancestor of the OPM breach.
In industry news, Proofpoint buys the assets of Marble Security. Bulls slaver over story stocks.
NIST releases the SHA-3 crypto standard.
Experts continue to doubt the very possibility of a crypto golden key.
Notes.
Today's issue includes events affecting Brazil, China, Germany, Iran, Jordan, Russia, Syria, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Iranian, Syrian Hackers Hit 'Gas Gauges' (Dark Reading) Honeypots posing as gas gauge monitoring systems located in 7 nations hit with DDoS attacks, defacements, and queries from attackers
The GasPot Experiment: Hackers Target Gas Tanks (TrendLabs Security Intelligence Blog) Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remotely, especially now that a number of fuel companies worldwide use Internet-connected systems to monitor their tanks
ICANN website security breached (CSO) The Internet Corporation for Assigned Names and Numbers (ICANN) has issued a warning to those who registered with its public website that their profile accounts were accessed by an "unauthorized person". ICANN states that the usernames, email addresses, and encrypted passwords to people's profile accounts have been compromised in the last week. Profile accounts on the ICANN website can contain "user preferences for the website, public bios, interests, newsletter subscriptions, etc."
Watering Hole Campaign Compromises More Than 50 Companies (eWeek) Further research into one China-linked espionage group finds a network of more than 100 Websites, serving a variety of industries and government agencies, that have been compromised to infect targets with espionage trojans
BlackHat 2015: 2FA key to defence against cyber espionage groups (ComputerWeekly) Abuse of credentials and watering-hole attacks are main tactics used by cyber espionage group TG-3390 or Emissary Panda, research reveals
Chinese gang shoots down aerospace security with MSFT flaws (Register) 'Panda Emissary' group has an appetite for defence projects
Stagefright Exploits Hit the Web (Recorded Future) Exploits and proof of concepts (POCs) are appearing on the Web for Stagefright, hyped as the "Mother of all Android vulnerabilities" capable of gaining remote code execution privileges via a malicious MMS (e.g., a picture message). This collection of 10 vulnerabilities reportedly impacts 95% of all Android devices — over 900 million phones
Hacking Team Flash exploit leak revealed lightning reflexes of malware toolkit crafters (Register) Less than 24 hours from release to attack
Yahoo Malvertising Attack Points To More Flash Problems (InformationWeek) For nearly a week, Yahoo sustained a malvertising attack that seems to point to further security concerns with Adobe's Flash platform
Ad firms are the reason Adobe's Flash still exists — despite its many, many security flaws (Quartz) There's yet another security issue surrounding Flash, the Adobe technology that is used in the majority of rich online ads today
Advising You about Malvertising (Trend Micro: Simply Security) This week we learned of a concerted cybercriminal effort to subvert the Yahoo ad network, which could have affected the 6.9 billion monthly visitors to their site. The threat actors behind this attack utilized a few threats we've seen recently, such as malvertisements and exploit kits
The Rise of Malvertising (National Law Review) One of the hottest topics in cyberthreat detection right now is the rise of malvertising, online advertising with hidden malware that is distributed through legitimate ad networks and websites. In the first half of this year the number of malvertisements has jumped 260% compared to the same period in 2014, according a new study released at the Black Hat USA conference here today by enterprise digital footprint security company RiskIQ. The sheer number of unique malvertisements has climbed 60% year over year
Interested in Mac viruses? Here's Thunderstrike 2, a.k.a. the "firmworm" (Naked Security) Thunderstrike is back. And like your favourite movie sequel, it's called Thunderstrike 2
Hacking Team brewed potent iOS poison for non-jailbroken iThings (Register) Masque attack weaponised
Pentagon Hack 'Most Sophisticated' Ever (Daily Beast) The hacking of the Joint Chiefs of Staff email network on July 27 marked the "most sophisticated" cyberbreach in U.S. military history, Department of Defense officials concede. Various government officials are working to revamp parts of their network in response. In the meantime, officials have spent the last 10 days scrubbing the system and creating mock hacking scenarios before giving military personnel access to it again
CYREN Cyberthreat Report Highlights Alarming Increase in Phishing Attacks (MarketWatch) CYREN CTO Lior Kohavi points to fast-paced escalation in phishing attacks targeting businesses
Onapsis identifies 3 attack vectors targeting SAP, Oracle enterprise software (FierceCIO) 'Pivoting' was used by attackers who breached U.S. government contractor USIS last year
Mainframe Computers That Handle Our Most Sensitive Data Are Open to Internet Attacks (MIT Technology Review) Mainframe computers have handled our most precious data since the 1960s, but they're being put online without adequate security
Hacker Cracks Satellite Communications Network (Defense One) Satellite tracking of people and objects was supposed to make the world safer. If only it was secure
How your battery life could be used as an undeletable cookie (Naked Security) How much charge does your computer's battery have right now? Actually, you don't have to tell me because if you're using Firefox, Chrome or Opera I can find out for myself with a little code and some help from the HTML5 Battery Status API (Application Program Interface)
How your washing machine can steal computer files (CNN Money) Imagine hackers stealing top secret files from a military base. Except they don't need the Internet to pull data out of the facility's computers. Instead, they can just infect an office printer and — with software alone — turn it into a radio
Warning: Zero-day vulnerabilities found in top-selling Amazon smart home systems (IT Pro Portal) Tripwire, Inc., a leading global provider of advanced threat, security and compliance management solutions, today announced results of an extensive security assessment of three top-selling smart home automation hub products available on Amazon. The research uncovered zero-day flaws in each hub that could allow hackers to take control of smart home functionalities
Security alert at Hover leads to password reset (Graham Cluley) Website domain name registrar Hover has emailed users warning of possible "unauthorised access" to one of its systems, and told them that they will not be able to log into the service until they reset their passwords
Dubizzle strengthens online security following breach (Emirates 24/7) Several customers instructed to change passwords
500 free Virgin Airlines flights being given away on Facebook? It's a scam (Graham Cluley) I noticed earlier today that a friend of mine had decided to Like a curious post on Facebook
Attacker Demands $15,000 Ransom for Stolen Customer Credentials (IBM Security Intelligence) A cybercriminal going by the name DetoxRansome claims to have stolen some of the login credentials of Bitdefender's users and threatened to release the details if $15,000 is not paid as ransom. The attacker told Forbes that all information, including passwords and usernames, was unencrypted
Preparing for a New Type of Information Extortion (Legaltech News) Businesses and individuals alike need to not only reexamine their security practices, but also reconsider why they're retaining information in the first place
Health Data Breaches Stem From Cyber Attack, Exposed Binders (Health IT Security) Health data breaches can occur because of numerous reasons, which is why covered entities and their business associates must have comprehensive training measures and data security measures. All physical safeguards, technical safeguards and administrative safeguards need to properly align to give healthcare organizations the best chance at keeping PHI secure
Security Patches, Mitigations, and Software Updates
Big news. Google patching millions of Android devices against Stagefright exploit (Lumension) If you needed any more convincing as to just how big a deal the recently discovered Stagefright vulnerability is on Android devices, just take a look at Google's response
Google announces monthly Nexus security updates, but that won't fix Android's security issues (PCWorld) The Stagefright vulnerability may have been fixed for Nexus devices, but what about all the other Android phones and tablets out there?
Under Pressure, Google Promises To Update Android Security Regularly (NPR) Google is making big promises to fix its Android operating system. The company recently came under sharp criticism after researchers found a major flaw in Android would let hackers take over smartphones, with just a text message
Cyber Trends
"The Dream Of Internet Freedom Is Dying" (TechCrunch) So says Jennifer Granick, Director of Civil Liberties at the Stanford Center for Internet and Society, who gave the keynote address at the (somewhat infamous) Black Hat security conference today. Once, techno-utopians could say things like "The Internet treats censorship as damage and routes around it" with a straight face. Today, though, the ongoing centralization of the Internet in the name of security and convenience "increasingly facilitates surveillance, censorship, and control," to quote Granick again
Lightbulb moment: Why the Internet of Things is a security watershed (We Live Security) The white-hot market for wearable devices, bolstered by increasing connectivity speeds and better battery technology has led to an almost unprecedented explosion in the Internet of Things. These IoT devices are challenging traditional notions of security and security practices due to their sheer volume and variety — in a few years there will be billions of tiny, connected devices in almost every item we encounter
Internet of Things (IoT) Security Market Worth 28.90 Billion USD by 2020 (MarketWatch) According to a new market research report, "Internet of Things (IoT) Security Market by Technologies (Network, Cloud and Application Security, Identity Access Management, Analytics, UTM, IDS/IPS, Device Management, Encryption), Industry Verticals and Applications - Global Forecast to 2020", published by MarketsandMarkets, Internet of Things (IoT) Security Market is expected to grow from USD 6.89 Billion in 2015 to USD 28.90 Billion by 2020, at a Compound Annual Growth Rate (CAGR) of 33.2% from 2015 to 2020
Tech security improvements we need in light of recent hacking scares (Globe and Mail) In recent weeks, a bumper crop of computer security scare stories have revealed that hackers could remotely attack your Jeep, your Android phone, your Mac and even a Brinks safe
API security becoming a CXO level concern (Help Net Security) Today at Black Hat USA 2015, Akana released the findings of a survey of over 250 security practitioners, including CSOs, CISOs, and security architects
Marketplace
Amid Cyber War, CyberArk, Palo Alto Are Young Guns (Investor's Business Daily) The threat of a cyberattack always seems to loom large, as entities from Target (NYSE:TGT) to Anthem (NYSE:ANTM) to the U.S. Office of Personnel Management have fallen victim to security breaches. Even a car in motion is vulnerable to getting hacked
Proofpoint Buys Mobile App Threat Identification Assets (CRN) Proofpoint has purchased the assets of Marble Security, a malicious mobile app identification company, to provide enterprise customers with greater visibility into this rapidly growing threat
Q&A: Proofpoint CEO On How To Keep Up With Rapidly Evolving Security Landscape (CRN) Proofpoint is fresh off of a second quarter in which the security vendor posted double-digit sales and billings growth. The Sunnyvale, Calf.-based company has been named a "leader" by Gartner in its 2015 Gartner Magic Quadrant for Secure Email Gateways and saw revenue rise 37 percent to $63.5 million in the second quarter. Earnings for the quarter posted a net loss of $25 million, compared to $15.1 million in the same quarter last year. Behind those numbers is a rapidly changing and competitive security landscape for both the vendor and its partners, CEO Gary Steele said in an interview with CRN after the earnings call
Bulls Swarm Cybersecurity Stocks; FireEye Inc (FEYE) In Focus (Schaeffer's Investment Research) Cybersecurity stocks are in focus today, with FEYE grabbing attention among option bulls
Keeping an Eye on Cyber Security: FireEye (Express Computer) Cloud is re-defining the security paradigm and putting huge challenges on enterprises as well as security companies to meet the expectation of customers. In an interview with EC's Mohd Ujaley, FireEye's Senior Vice President and Chief Information Officer Julie Cullivan, says "At a time when we are having rapid increase in cloud deployments and BYOD, the CIOs need to ensure that there is balance between productivity and protection"
IoT Startup Producing 'First Ever' Airborne IoT Security Product Following $9M Funding Round (CRN) Internet-of-Things security startup Bastille has big plans in the works to use $9 million of capital funding it recently captured to create an enterprise-grade IoT security product using software and sensors to scan an organization's air space, giving visibility into every radio-frequency-emitting device
An Israeli security bigwig built Windows like 'Microsoft should be doing' (Business Insider via Yahoo! Finance) Dudu Mimran is the co-founder of an Israeli security startup called Morphisec that is creating a super-secure version of Microsoft Windows like "Microsoft should be doing" he tells Business Insider
Accuvant and FishNet Security Complete Transformation; Become Optiv Security (BusinessWire) New company builds on nearly 30 years of cyber security industry experience to help organizations better achieve security success
Risk I/O Rebrands to Kenna, Accelerates Business Momentum in 2015 (IT Business Net) Business grows more than 300 percent; new customers join seeking Kenna's powerful approach to risk and vulnerability intelligence
iSIGHT Partners Continues Global Expansion (Realwire) New Australian threat analysis center and sales office extends reach into the Asia Pacific Japan region and completes the company's "Follow the Sun" Global Threat Analysis Capability
CrowdStrike Named 2015 Technology Pioneer by World Economic Forum (BusinessWire) CrowdStrike Inc., provider of the first true Software-as-a-Service (SaaS) based next-generation endpoint protection platform, today announced that it has been recognized as a Technology Pioneer by World Economic Forum (WEF). CrowdStrike has been honored as one of the world's most innovative companies for pioneering groundbreaking technology in the cybersecurity industry and for driving visionary leadership and long-standing market value
Contract to Notify and Protect OPM Hack Victims Now Out (Nextgov) Vendors who win the job of protecting the identities of 21.5 million victims of the largest known federal data breach will have to let the government inside their own databases, according to new contracting papers
Pentagon seeks recruits at Black Hat 2015 hacker conference (IHS Jane's Defence Weekly) The world's largest gathering of self-described hackers, the Black Hat conference in Las Vegas, opened to the media on 5 August, with major defence contractors, security researchers, government officials mingling with hacking enthusiasts as the Pentagon — and US government — struggle to recruit cyber personnel
Products, Services, and Solutions
Microsoft improves AV protection but still trails the pack (Expert Reviews) Kaspersky and Norton lead the way as Microsoft makes gains
Palo Alto Networks and Tanium forge strategic alliance for security solutions (First Post) Palo Alto Networks and Tanium, the company that provides security and systems management solutions, announced the formation of a strategic alliance which will transform the effectiveness, accuracy, and speed by which large, distributed organizations prevent, detect, and respond to today's cyberthreats
Qualys announces free global asset inventory service (Help Net Security) At Black Hat USA 2015, Qualys announced the availability of Qualys AssetView, a free cloud-based asset inventory service that enables companies to search for information on any IT asset where an agent is deployed, scaling to millions of assets for organizations of all sizes. Global IT assets can be searched in seconds and an up-to-date inventory continuously maintained
CDNetworks to showcase Cloud Security 2.0 at Black Hat USA 2015 (Help Net Security) Cloud Security 2.0 includes intelligent, next generation behavioral-based WAF technology and DDoS mitigation. This comprehensive solution combines web application and website acceleration with end to end security including DDoS attack mitigation at the network and application layers with 24/7 monitoring and customer portal visibility
CounterTack | MCSI Announces Integration with Blue Coat Systems (BusinessWire) CounterTack | MCSI and Blue Coat Systems combine best-of-breed endpoint and network security technology for an integrated enterprise security workflow
Vulnerability and configuration management for Amazon Web Services (Help Net Security) Alert Logic revealed at the Black Hat USA 2015 conference Alert Logic Cloud Insight, a cloud-native vulnerability and configuration management solution designed for customers running on Amazon Web Services (AWS)
PhishMe Enhances Real-Time Malicious File Analysis and Notification to Further Strengthen Enterprise Defenses Against Phishing Attacks (Sys-Con Media) Triage integration with Cuckoo Sandbox malware analysis system automates analysis for select files, improves malicious file identification and reduces resources needed to conduct investigations
HP offers threat intelligence insight with new TippingPoint security product (FierceEnterpriseCommunications) With the growing threat of cyberattacks, most of the major networking vendors are looking for ways to help enterprises protect their networks and their assets. The latest announcement on that front comes from HP, which released the TippingPoint Threat Protection System
BrightPoint Shares Leading Threat Intelligence Platform (CIO Today) BrightPoint Security broadens availability of leading threat intelligence platform across all ISAC/ISAO Organizations — all ISACs/ISAOs can benefit from proven solution leveraged by NH-ISAC to offer threat intelligence sharing to members for free
ACT-IAC launches crowdsourcing initiative to help feds improve their level of cybersecurity (FierceGovernmentIT) The public-private partnership ACT-IAC has launched a crowdsourcing initiative to help the federal government improve its short- and long-term cybersecurity environment in the wake of recent high-profile breaches
Keypasco's break-through on the banking market: Hua Nan Commercial Bank in Taiwan is launching the Keypasco solution (Keypasco) Keypasco are happy to announce that Hua Nan Commercial Bank (HNCB) in Taiwan is deploying Keypasco's patented authentication solution to secure their mobile banking and Internet banking services for all 6.3 million customers
Technologies, Techniques, and Standards
NIST releases SHA-3 cryptographic hash standard (Help Net Security) The National Institute of Standards and Technology (NIST) has released the final version of its "Secure Hash Algorithm-3" standard, a next-generation tool for securing the integrity of electronic information
Why It's Time to Encrypt Lawfare (Lawfare) The good people at Just Security, a fellow online security blog, recently moved their entire website to "HTTPS". This means you'll always see "https://" in your browser when you visit, with a little lock sign next to it that means your connection is secure and encrypted
The Windows 10 Security Settings You Need to Know (Wired) So you finally installed Windows 10 and joined the ranks of the other 67 million users. You open your browser to search for a place to grab lunch, and Bing already knows your location. You notice that all the banner ads are geared toward your secret knitting hobby. And when you open Cortana to ask what's going on, she knows your name and the embarrassing nickname your mother calls you
Sigcheck and virustotal-search (Internet Storm Center) In my last diary entry I mentioned offline use of Sysinternal tools with my tool virustotal-search
5 common mistakes when responding to a cyber-attack (Canadian Manufacturing) KPMG has identified responses that can cripple an organization's response to data breaches
What I learned from resetting over 300 passwords (CSO) Lessons learned from auditing and resetting all passwords after the LastPass breach
SAP Security for CISOs. Part one: How I started my SAP journey (ERPScan) Hello, dear readers, recently we have finished our series of articles on how to Secure SAP Systems from XXS vulnerabilities. Having a great success with the previous series, I decided to launch another series of articles called "SAP Security for CISOs". However, you don't need to be a CISO to benefit from reading these articles as they are great starting point for everybody who is into security but wants to know more about emerging topic called SAP Security and doesn't know where to begin
What is the core idea behind applying ISO 27001? (We Live Security) The dynamic environment of security risks is a place of constant change, where new threats develop, vulnerabilities are discovered, and security incidents arise with major repercussions, both for companies and individuals. One approach is centered on the idea that faced with this scenario, it is only a matter of time until a company will have to suffer the consequences of these threats
Busting cybersecurity jargon: 20 need-to-know terms to protect your enterprise (Computer Business Review) Laurance Dine, Managing Principal at Verizon Enterprise Solutions, goes from detection deficits to VERIS in this guide to cybersecurity jargon
Design and Innovation
Security machine learning methods needed to adapt to evolving threats (TechTarget) Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats
Microsoft granted patent for security feature that uses multiple biometric features (Biometric Update) Microsoft has been granted a patent for a new biometric security technology which uses multiple biometric features instead of a single biometric system such as is used with Apple's Touch ID
The real secret to success in Silicon Valley, according to a Stanford professor (Quartz) Silicon Valley has become something of a mecca for talented entrepreneurs looking to make their mark. As a professor teaching them, I have had a ringside seat as some of the most driven businesspeople on the planet slug it out. An intoxicating blend of innovation, money and cutting-edge technology means the story is told with a liberal dusting of magic. Life here is not all billion-dollar valuations poolside parties and drinks with venture capitalists
The One Thing Every Great Company Has In Common (TechCrunch) Obscured in the valuation dust of the current unicorn stampede is a key question: What actually makes a great company great? What do the future Facebooks, Googles and Apples have in common — not to mention the current ones?
Legislation, Policy, and Regulation
Twitter account launched by counter-terrorism unit to combat radicalisation (Peterborough Telegraph) A Twitter account which aims to provide support and advice to combat radicalisation has been launched
Hague warns Chinese of cyber terror threat at Cambridge summit (Business Weekly) Former Foreign Secretary William Hague warned Chinese CEOs and entrepreneurs of the threat from cyber terrorism in a changing world, when he addressed a global leadership event run by The Møller Centre in Cambridge
Controversial cybersecurity bill on hold as experts charge it won't stop hackers (Guardian) The White House-backed Cybersecurity Information Sharing Act has stalled in the Senate after a revolt led by Republicans
Cyber bill sponsor: 'Doubtful' Senate finishes this week (The Hill) Senate Intelligence Committee Chairman Richard Burr (R-N.C.) said Wednesday it is unlikely that lawmakers will be able to complete work on a major cybersecurity bill before the August recess
White House endorses CISA cyber bill amid Senate stalemate (Washington Times) Democrats and Republicans are both applauding the White House for coming out in support of a cybersecurity bill that lawmakers in the Senate are trying to pass before breaking for recess later this week
Mikulski, Cardin Introduce Amendments to Cybersecurity Bill to Improve Security of Federal Cyber Systems and Expand Protections for Federal Employees Affected by OPM Data Breaches (Office of Senator Mikulski) Without these amendments, cybersecurity legislation neither adequately protects federal employees whose data has been exposed in OPM data breaches nor accelerates protection of OPM data
Major tech industry group issues scores of cybersecurity recommendations to feds (FierceGovernmentIT) A major technology industry group on Aug. 3 released what it described as "sweeping recommendations" on how the federal government can better protect its information systems and data in the wake of the Office of Personnel Management breach that resulted in millions of personal records being stolen
U.S. Treasury warns of debt cap impact on markets, cyber readiness (Reuters) The U.S. Treasury warned on Wednesday that a brush with the threat of default could leave government finances more vulnerable to the disruptions caused by a cyber attack, while also putting a squeeze on debt markets
Feasible 'Going Dark' Crypto Solution Nowhere to be Found (Threatpost) Try as they might, technologists are struggling to find a feasible way to solve the government's and law enforcement's "Going Dark" crypto issue
Security Sense: Encryption is a necessity that cannot feasibly be compromised (Windows IT Pro) It's always fascinating to watch how security concepts are communicated to the general public and by "fascinating", I mean it's sometimes horrifying. There is no more poignant an example than that of encryption and I found the piece from CNN a few days ago on how encryption is a growing threat to security to be the absolute epitome of disinformation. It would be understandable if the general public walked away from reading and watching this piece with the distinct impression that encryption was the root of all evil. Why? Apparently "because terrorism"
Senators Want New Opt In Privacy Protections for Broadband (DSL Reports) Senator Ed Markey (D-Mass.) and seven other senators have sent FCC boss Tom Wheeler a letter (pdf) urging him to impose tougher privacy protections for broadband consumers. The FCC was already considering expanding such protections after recently reclassifying ISPs as common carriers under the Communications Act. As deep packet inspection and clickstream sales surged over the last decade, privacy has often been little more than an afterthought
How DoD is making cyberattacks more costly, less successful (C4ISR & Networks) One of the best ways to reduce the cyber threat is to make it harder and more costly for adversaries to initiate attacks, says Defense Department CIO Terry Halvorsen. Powerful and innovative security measures such as multifactor authentication and biometrics, along with strategic security planning and training, could make launching attacks on DoD resources time-consuming and futile
VA launches cyber squad (FCW) LaVerne Council, the new CIO at the Department of Veterans Affairs, has assembled a team charged with coming up with an overall cybersecurity plan for the agency. The new Enterprise Cybersecurity Strategy Team will be led by Susan McHugh-Polley, a senior executive program manager at VA
Litigation, Investigation, and Law Enforcement
The Legal Problems with Cyber War Are Much Bigger Than You Think (Defense One) Much of the unchartered territory begins with questions of what it takes to trigger self-defense in cyberspace, and what does it mean for a nation-state to have 'effective control' of a hacker?
Global Cybersecurity Leader Fox-IT and US Security Company Crowdstrike, in Collaboration With the FBI, Demystify GameOver ZeuS and Uncover Unexpected New Facts (Nasdaq) Today, global cybersecurity leader Fox-IT and U.S. security company Crowdstrike, in collaboration with the FBI, presented their joint research on GameOver ZeuS at Black Hat in Las Vegas. GameOver ZeuS is considered by many to be the most successful cybercrime group to date. In a joint investigation over multiple years, the FBI, with the help of Fox-IT's InTELL team and others, has taken down a vital part of the botnet and rendered GameOver ZeuS ineffective. What we learned in these investigations has just been presented in detail for the first time during the Black Hat briefing, "GameOver ZeuS: Bad Guys and Backends"
Inside the $100M 'Business Club' Crime Gang (KrebsOnSecurity) New research into a notorious Eastern European organized cybercrime gang accused of stealing more than $100 million from banks and businesses worldwide provides an unprecedented, behind-the-scenes look at an exclusive "business club" that dabbled in cyber espionage and worked closely with phantom Chinese firms on Russia's far eastern border
Warrant required for mobile phone location tracking, US appeals court rules (Ars Technica) Fed's position would "convert an individual's cell phone into a tracking device"
EFF and MuckRock run census to find out how local police track your biometrics (Naked Security) Law enforcement agencies are increasingly tracking people by biometrics, whether it's facial recognition, fingerprints, tattoos, voiceprints or our DNA
We know more about Hillary Clinton's personal server — now that the FBI is looking into it (Business Insider) The FBI is looking into the security setup of the email server used by former Secretary of State Hillary Clinton at her New York home
State Department Nomination Blocked Over Clinton Email Inquiry (Time) Senator will block nomination over State Department's "contemptuous failures to respond to Congressional inquiries"
'Software Liability is Inevitable' (Threatpost) The push for some form of liability for vendors who sell faulty or insecure software is nearly as old as software itself. Software makers have pushed back hard against it for decades, but the day may soon come when software liability is a reality
Signal and Noise: Identity Crisis (Legaltech News) We now live in a world of data sets where pieces of information can be combined together in a myriad of ways to de-anonymize the user
RIAA says BitTorrent software accounts for 75% of piracy, demands action (Ars Technica) RIAA missive doesn't mention filtering, but sharing hashes and "next steps"
Good Technology Provides Update on Patent Litigation with MobileIron (PRNewswire) Recent court decision is first of four; case continues
Aveshka, Inc. sues Global Record Systems, LLC in federal court for unpaid debt and services (BusinessWire) Aveshka, Inc., a tech services firm in Arlington, Va. announces a U.S. District Court entered final judgment against Global Record Systems, LLC, a healthcare information technology firm with offices in Rockville, Md. for more than $2.6 million in connection with an unpaid loan made by Aveshka, Inc., as well as unpaid services rendered (Case No. 1:14cv1006, U.S. District Court, Eastern District of Virginia, Alexandria Division.) With interest, the judgment amount exceeds $2.9 million. On July 20, 2015, the Court also granted Aveshka judgment for an additional $50,000 in attorneys' fees and costs
Tutor who helped students cheat by keylogging teachers gets 1 year in prison (Ars Technica) 29-year-old tutor was charged with 20 counts of computer access and fraud
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
2nd Annual Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, Sep 10, 2015) The one-day symposium will examine the potential advantages and pitfalls of an information-sharing strategy from the technological, business and regulatory perspectives
Smart Industry (Chicago, Illinois, USA, Oct 5 - 7, 2015) The Industrial Internet of Things (IIoT) is no longer a futuristic notion. Those that are embracing IIoT now are realizing positive, near-term benefits and creating a competitive advantage in the market. Are you prepared? No matter where your company is on the path to IIoT initiatives, the Smart Industry Conference & Expo will deliver critical information to help you plan, execute and optimize your IIoT implementation
Upcoming Events
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
Defcon 23 (Las Vegas, Nevada, USA, Aug 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
3rd Annual Psyber Behavioral Analysis Symposium (Fort Meade, Maryland, USA, Aug 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium is to provide U.S. and Second Party Intelligence Communities (IC) a forum to present and collaborate on Human Science-based projects and research. This event attracts a multi-disciplinary government audience from across the IC and Second Party Partner organizations
USENIX Security (Washington, D.C., USA, Aug 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer systems and networks
5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, Aug 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring together cyber experts from the DoD, federal government, business, research, and academia to address a variety of current cyber topics
Decepticon 2015 (Cambridge, England, UK, Aug 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines, sub-disciplines and countries. To cover the great diversity of approaches to deception research, our scientific committee has members covering several domains
AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, Aug 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker AFB. This is the only Technology Day held at Tinker AFB each year. The annual Technology Day allows exhibitors the opportunity to have access to information technology, communications, cyber, engineering, and contracting personnel at Tinker AFB. Over 300 attendees participated in the 2014 Technology Day and we expect the same level of attendance in 2015
Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, Aug 30 - Sep 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology and information security executives. This program is tailored to utility executives and industry stakeholders that are responsible for addressing threat intelligence, analysis and monitoring; network architecture; and cyber incident response
2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, Aug 30 - Sep 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015 (Vancouver, British Columbia, Canada, Aug 31 - Sep 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire spectrum of work, from practice to theory, including its peripheries