The CyberWire Daily Briefing 12.08.15

Cyber Attacks, Threats, and Vulnerabilities

Iran-based hackers may be tracking dissidents and activists, Symantec says (IDG via CSO) The hackers may have had access to "an enormous amount of sensitive information," the security firm says

Iran-based attackers use back door threats to spy on Middle Eastern targets (Symantec.Connect) Two Iran-based attack groups that appear to be connected, Cadelle and Chafer, have been using Backdoor.Cadelspy and Backdoor.Remexi to spy on Iranian individuals and Middle Eastern organizations

Hack helped anti-Semitic spammer target four million mobile users (Graham Cluley) In April, someone tried to send anti-Semitic spam SMS messages to four million mobile customers in the United Arab Emirates (UAE) by using data that had been compromised in a 2013 breach

ISIS Loyalists Mock Obama's "Fear" After Oval Office Speech (Vocativ) Islamic State adherents said Obama's reluctance to put boots on the ground shows ISIS' power

U.S. Seeks to Avoid Ground War Welcomed by Islamic State (New York Times) As the debate on how best to contain the Islamic State continues to rage in Western capitals, the militants themselves have made one point patently clear: They want the United States and its allies to be dragged into a ground war

Anonymous Plans 'Trolling Day' Against ISIS (Time) They will hack social media networks and protest on the streets on Dec. 11

Anonymous hacks UN climate conference officials (SC Magazine) Anonymous has hacked and released the private details of nearly 1,500 UN officials in retaliation against last week's arrest of protestors at a climate march in Paris

"Backstabbing" malware steals mobile backups via infected computers (Help Net Security) In this day and age, our mobile devices carry more personal and business information than any other electronic device. Is it any wonder, then, that attackers want to have access to them?

'BackStab' the latest vulnerability in Apple's iOS security (FierceMobileIT) Apple's iOS devices have become the mobile device of choice for many enterprises, partly because of the mobile operating system's solid security reputation

East Africa: New Twist On Old Cyber-Attack Method Targeting Mobile Devices - Palo Alto Networks (All Africa) Palo Alto Networks, the next-generation security company, today revealed details of a new "BackStab" attack used to steal private information from mobile device backup files stored on a victim's computer.

Windows' Nemesis: Pre-boot malware pwns payment processors (Register) Infosec bods finger Russian hacking crews

TeslaCrypt — New CryptoTrojan on the March (Check and Secure) Cases of cyber "hostage taking" have reached new heights over the last couple of years, with ever more attention being paid to the causes and effects of this new illegal trend

Cyber Extortion, DDoS-For-Bitcoin Campaigns Rise (Dark Reading) Now that the model is proven, more cyber-extortionists are entering the scene, stealing their predecessors' ideas and even their names

Millions of smartphones, IoT devices risk compromise due to 3-year-old bug (Help Net Security) Can you believe that an estimated 6.1 million smart phones, routers, and smart TVs are vulnerable to remote code execution attacks due to security bugs that have been fixed back in 2012?

McAfee Enterprise Security Manager failed to manage own security (SC Magazine) Hard-coded username allowed access to the McAfee Enterprise Security Manager as master user without authentication or password

Hello Barbie's POODLE problem, and other security issues with internet-connected doll (Graham Cluley) Hello Barbie, the internet-connected talking doll from toymaker Mattel, isn't receiving the best publicity at the moment

Vtech breach: Passwords 'not securely stored' (BBC) Toy giant Vtech has been accused of not securely storing customer passwords in its database, security experts say — with one calling it "unforgivable"

Cybercriminals using fake LinkedIn accounts to scam users: Symantec (Times of India) Cybercriminals are using fake LinkedIn profiles to map out the networks of business professionals to scrape contact information and later use these to send spear-phishing emails, security solutions firm Symantec today said

The Pre-Holiday Retail Risk Report (Bay Dynamics) In 2015, retailers are expected to hire 775,000 workers to deal with the holiday shopping demand. As retailers focus on customers and sales, information security often gets pushed to the backburner

Adventszeit sorgt bei Online-Kriminellen für Hochkonjunktur (Presseportal) Ob per Smartphone, Tablet oder PC — der Onlineeinkauf der Weihnachtsgeschenke boomt

Hackers announce WWE's Jim Ross is dead, after wrestling control of his Twitter account (We Live Security) If you're a fan of watching grown men in spandex, pretending to knock seven bells out of each other in front of a baying crowd, then chances are you will know Jim Ross

Cyber Trends

How will billions of devices impact the Privacy of Things? (Help Net Security) The Internet of Things (IoT) will create the single largest, most chaotic conversation in the history of language

Average age of cyber-attack suspects drops to 17 (Guardian) Experts say 'kudos' of committing crime is luring more teenagers, as average age of suspects falls by seven years in the space of 12 months

BAE: Suppliers could be your weakest cyber security link (IT Wire) Cyber attackers are increasingly using their target organisation's supply chain as a route to attack them and access their data or internal systems

The lesser-known security threat concerning a Symantec exec most (Government Health IT) We hear a lot about the evolving threat landscape, hacktavists, nation-state attackers, ransomware, et al. But what are some of the lesser known threats?

HHS, HITRUST, Deloitte 'attack' healthcare orgs to test cyber preparedness (SC Magazine) Many healthcare organizations still lack a concrete response plan for cyber incidents, the Health Information Trust Alliance (HITRUST) found in a recent series of mock attacks on 12 organizations

Cyberattack Simulation Finds Little Data Sharing Among Plans (Bloomberg NBA) Health care organizations aren't effectively collaborating to ward off cybercriminals, security executives concluded after a major breach simulation

2015 Security Review: Top Hacks, Breaches and Cyber Scams (Redmond Channel Partner) The stakes were high in security this year with attacks designed not only to steal credit-card numbers but also to shame, spy on or extort their victims

Storm clouds hover over data security in year ahead (IT WIre) The cloud is the number one area of risk where security of data is likely to come under a greater number of attacks and breaches in the next 12 months from hackers, according to enterprise security vendor Blue Coat Systems

Cyber Security Knowledge Gap in Vietnam Could Be Putting Users at Risk, Reports ESET (Jakarta Post) Vietnam has lowest levels of cybersecurity awareness when compared with six other Asia-Pacific markets

Marketplace

Cyber security: do CEOs need to step up? (Security Watch) Despite the risks associated with cyber breaches less than half (49%) of CEOs around the world are fully prepared for a future cyber event, according to a new study from KPMG International

Cyber Security Stocks Tumble, FireEye Inc (FEYE), Cyberark Software Ltd (CYBR) Hit a Fresh Low (Bidness Etc.) FireEye Inc. (NASDAQ:FEYE) stock plunged more than 5% in the opening hours of trading today, and fizzled down to its 52-week low of $19.76, amid a sharp decline in cyber security stocks. Cyberark Software Ltd. (NASDAQ:CYBR), its Israel based peer in cyber security, also fell more than 4% today. Meanwhile, Palo Alto Networks Inc. (NYSE:PANW) dipped only 1%

FireEye jumps on Citi upgrade; PANW, SPLK, IMPV favorably mentioned (Seeking Alpha) Stating an IT security survey involving 51 CIOs turned up "exceptional strength" for FireEye (FEYE +7.5%), Citi's Walter Pritchard has upgraded shares to Buy and hiked target hiked by $4 to $35

High-paying Cybersecurity Jobs Go Begging Across the World (Fortune) First step to solving this problem: telling workers that such a field exists

Cybersecurity experts earning up to £10,000 per day says ManpowerGroup (International Business Times) Cybersecurity experts are hot in the UK. A record demand for the professionals has led to a surge in their salaries as well, with some earning up to £10,000 a day as companies scrambled to protect themselves from embarrassing data breaches, according to a study

L-3 Agrees on $550M Gov't Services Segment Sale to CACI (GovConWire) New York City-based defense contractor L-3 Communications (NYSE: LLL) has agreed to sell its government services business segment to Arlington, Virginia-headquartered public sector services company CACI International (NYSE: CACI) for $550 million cash, the companies said Tuesday

Yahoo's Fate: Could There Be a Deal With Verizon? (Bloomberg Video via Yahoo! Finance) Verizon would explore a possible acquisition of Yahoo if a deal made sense, Verizon Chief Financial Officer Fran Shammo said

Cyber security firm Blue Coat Systems in IPO talks: source (Reuters) Network security company Blue Coat Systems Inc is interviewing banks for an initial public offering, according to a person familiar with the matter who requested anonymity because the deliberations are confidential

Magnet Forensics Announces Strategic Partnership with U.S. Intelligence Community's Strategic Investor (Magnet Forensics) Co-development of digital forensic tools will support law enforcement and national security agencies' recovery and analysis of digital evidence

BlackBerry: 8 Ways It Can Be Saved (InformationWeek) BlackBerry continues to underwhelm. Here are eight ways CEO John Chen can turn things around

This Va. Cybersecurity Startup Is So Hot Right Now (DCInno) PhishMe's CEO talks about the company's strong growth and plans for 2016

Small business advocates wary about impact of new DoD cyber rules (Federal News Radio) The Defense Department has an understandable preoccupation with the cybersecurity practices of its vendors, especially since a preponderance of the successful cyber thefts of Defense information involve private IT systems, not government ones

AF seeks security solutions with kill chain integration, spectrum awareness (GCN) The Air Force is inviting industry to help it boost security through kill chain integration and full spectrum awareness of emerging threats

GSA, DHS begin march toward cyber shared services (Federal News Radio) The Homeland Security Department is taking a different, and maybe somewhat surprising path, for its latest task order under the continuous diagnostic and mitigation (CDM) program

DHS ramps up outreach around Internet of Things (FierceGovernmentIT) The Homeland Security Department will host an industry day in the heart of Silicon Valley this week in an effort to better understand and respond to the security challenges associated with the Internet of Things

CenturyLink awarded DHS EINSTEIN 3 Accelerated service expansion contract (CenturyLink) CenturyLink, Inc. (NYSE: CTL) was recently awarded a service expansion contract from the U.S. Department of Homeland Security (DHS) to provide EINSTEIN 3 Accelerated (E3A) protections to U.S. federal civilian agencies that cannot access E3A services through their existing Internet service provider

The big data technology behind online threat detection at Symantec (ZDNet) Over recent years, Symantec has had to implement a new analytics platform in order to enhance its security operations team's ability to prevent, detect, and respond to online attacks

IBM's Chairman Appoints Field General To Lead Security Troops In Battle Against Cyber Crime (Forbes) Ginni Rometty, IBM Corp.'s Chairman, President and CEO, says that cyber crime is the greatest threat to every company in the world

Hexis Cyber Solutions Named to CRN 2015 Tech Innovator List (Nasdaq) Next generation endpoint detection and response platform HawkEye G takes top honor in the 2015 Security category

The Baltimore Sun Media Group Names Chiron Technology Services, Inc. A Winner Of The Baltimore Metro Area 2015 Top Workplaces Award (Sys-Con) The Baltimore Sun Media Group recently recognized Chiron Technology Services, Inc., as one of its Top Workplaces for 2015

Tenable Network Security Recognized as a 'Top Workplace' by The Baltimore Sun for Second Consecutive Year (BusinessWire) Employee feedback earns leading cybersecurity software company a place on The Baltimore Sun's 2015 list of Top Workplaces

Products, Services, and Solutions

Ziften Announces Ziften ZFlow™ Compatibility with Linux to Enable Cloud Visibility Initiative (Yahoo! Finance) Provides unprecedented public cloud infrastructure and east-west visibility

Attivo Networks Announces Real-Time Cyber Attack Detection for SCADA Devices (EIN News) Nuclear, electrical power generation, oil and gas and other control facilities gain continuous visibility into inside-the-network threats

TRUSTe and PactSafe Partner to Help Companies Maintain EU Data Protection Compliance (Legaltech News) Contract distribution will be done by PactSafe, while TRUSTe will provide privacy assessment against the requirements under the EU Data Protection Directive 95/46/EC

Thycotic Announces Secret Server Express: Free Privileged Account Management for IT Admins (Sys-Con Media) Password management solution provides IT teams with a centralized vault featuring advanced security features for privileged credentials

BankVault uses cloud desktops to thwart banking hackers hijacking mobile phone accounts (Sydney Morning Herald) The rise of sophisticated online banking attacks, defeating two-factor authentication via identity theft, is the driver behind the Australian-based BankVault security system

Gemalto Enables Strong Authentication on Any Device Via Bluetooth(R) Smart Technology (CNN Money) Gemalto Bluetooth Smart Solutions extend Open Public Key Cryptographic strong authentication to all devices, in particular all portable computers, tablets and mobile devices

Could Microsoft's early support cutoff date for Windows 10 Mobile signal mobile second thoughts? (FierceMobileIT) Having just launched its Windows 10 Mobile operating system on its Lumia 950 series phones, Microsoft is providing an early cutoff date for supporting the operating system — January 2018

Liquid metal Turing Phone delayed to Q1 2016 (Venture Beat) The so-called Turing Phone, whose alleged tight security and all-liquid metal enclosure have earned it considerable buzz, has been delayed beyond its scheduled December 18 shipping deadline

Technologies, Techniques, and Standards

Tips for managing and securing SSH keys (Help Net Security) A new NIST report raises awareness of the major vulnerabilities associated with SSH user key management and provides concrete steps for securing and protecting SSH systems and environments

MIT hacking institute to vet mHealth apps, tools (FierceMobileHealthcare) The Massachusetts Institute of Technology, via its nonprofit health tech start-up, will begin issuing reviews of connected medical devices, mHealth services and apps researched by Harvard University physicians and experts from MIT's Hacking Medicine Institute

Should risk management planning include root cause analysis? (TechTarget) Incorporating root cause analysis in risk management planning could be beneficial to developing a security plan, but is it the best time for it?

How to Bolster Data, Physical Security to Make Threats Go Elsewhere (eWeek) There are events in today's society that you simply can't control or prevent, no matter how much you try. But it is possible to help convince the bad guys to go elsewhere

Fines for non-compliance with data regulations are just the tip of the iceberg (SC Magazine) ICO fines should be the least of a company's worries should it suffer a data breach according to Nigel Hawthorn who says on-going and potentially business-fatal repercussions of a data-breach that should be the main concern

Advent tip #8: (Don’t) click here for a free iPhone! (Naked Security) Would you like free tickets to a One Direction concert? How about a free iPhone?

Research and Development

Galois Awarded $6.3M DARPA Contract To Research Private Data As A Service (PRWeb) Galois' Jana project selected by DARPA Brandeis program to break logjam between maintaining data privacy and tapping into full potential of big data

DHS Picks 5 Recipients for Cyber Physical Systems Security Contracts (ExecutiveBiz) The Department of Homeland Security's science and technology directorate has awarded five contracts worth $7.8 million combined to universities and other institutions to perform research and develop tools designed to safeguard cyber physical networks from cyber attacks

Academia

CBA, UNSW team up to train cyber security experts (Australian) Australia's biggest bank and one of its largest computer science schools have joined forces to bolster Australia's web defences, as the need for cybersecurity specialists goes viral

Commonwealth Bank’s $1.6 million plan to turn us all into hackers (News.com) If you were born before 1985, you probably remember the cult film Hackers, starring a pixie-haired Angelina Jolie and her soon-to-be husband Jonny Lee Miller

Eric Simonaire Wins Council on CyberSecurity’s National Cyber Quests Competition (US Cyber Challenge) Rolling Meadows, Illinois resident gets $1,000 scholarship

Fourth annual Maryland Cybersecurity Center Symposium attracts 150 (Diamondback) At the fourth annual Maryland Cybersecurity Center Symposium on Monday, visitors arrived at the Samuel Riggs IV Alumni Center to learn about cybersecurity issues such as security certificate removal from hacked sites and bitcoin

Legislation, Policy, and Regulation

EU lawmakers, countries agree on bloc's first cyber-security law (Reuters) EU lawmakers and member states struck a deal on the bloc's first cyber-security law on Monday that will require Internet firms such as Google and Amazon to report serious breaches or face sanctions

You know you've lost if terrorism means you start banning public Wi-Fi (Graham Cluley) After terrorists killed 130 people in Paris last month, it's no surprise to see law enforcement looking to find "easy wins" to curb future attacks

Obama Stokes Crypto Debate (GovInfoSecurity) 'Make it harder for terrorists to use technology to escape from justice,' Obama urges

Obama wants help from tech firms to fight terrorism (CIO) The use of encryption by tech companies has come under criticism from U.S. law enforcement agencies

Week ahead: Path clear for cyber sharing talks (The Hill) A conference to bring together cybersecurity bills in the House and Senate could begin as soon as next week, according to multiple people tracking the discussions

Last-minute scramble over cybersecurity bill (The Hill) The House Homeland Security Committee is working to alter the compromise text of a major cybersecurity bill prepared by the House and Senate Intelligence committees, according to multiple people tracking the negotiations

Legislation requiring tech industry to report terrorist activity may be revived (IDG via CSO) The provision was dropped previously after opposition from lawmakers and the tech industry

Carly Fiorina Warns of Threat She Says the U.S. Is 'Woefully Unprepared' to Handle: Cyberterrorism (Blaze) After terror attacks in Paris and San Bernardino turned the focus of the 2016 presidential race to national security, Republican candidate Carly Fiorina warned voters today that the U.S. remains vulnerable to massive, crippling cyberattacks

Paul: 'Authoritarians' like Christie want to reinstate data collection (CNN) Rand Paul said Monday that voters should be wary of "authoritarians" like New Jersey Gov. Chris Christie who want to reinstate bulk data collection in the wake of recent terrorist attacks

AP FACT CHECK: GOP candidates exaggerating impact of new law on NSA access to US phone records (US News and World Report) In the wake of the California shootings, Republican presidential candidates Marco Rubio, Jeb Bush, Chris Christie and Lindsey Graham are complaining that U.S. intelligence agencies have lost their authority to collect phone records on Americans under a controversial National Security Agency surveillance program

DOD CIO winners honored for security, savings (GCN) This year's winners of the Defense Department's CIO Award for Cyber and IT Excellence were honored at a Pentagon ceremony Dec. 1 for their work protecting the warfighter, securing government networks and identifying millions of dollars in savings

Savannah River Remediation named National Cyber Security Champion (Live 5 News) The Savannah River Remediation is part of a growing effort among business and government agencies to promote online safety awareness

Litigation, Investigation, and Law Enforcement

Sens. Ron Johnson, Tom Carper Ask DOJ, DHS Chiefs on Anti-Ransomware Efforts (ExecutiveGov) Sens. Ron Johnson (R-Wis.) and Tom Carper (D-Del.) have issued letters to inquire about the efforts the departments of Homeland Security and Justice launched to counter attacks related to ransomware

Cybercrime investigations strain Secret Service, risk duplicative efforts, says House committee (FierceGovernmentIT) Cybercrime is a top priority of the Secret Service's investigative mission, according to a new report, but a House committee is concerned that the agency is focusing too much on combating cybercrime and may be venturing into work that overlaps with federal partners

United States Secret Service: An Agency in Crisis (Committee on Oversight and Government Reform: US House of Representatives) The United States Secret Service (USSS) is tasked with a zero-failure mission: to protect the President and other protectees at all costs

Former Secret Service agent sentenced for corruption in Silk Road investigation (IDG via CSO) Shaun W. Bridges was one of two corrupt federal agents involved in the Silk Road investigation

Trend Micro releases North American Deep Web Cybercrime report (ITWire) Trend Micro has released its North American cybercriminal underground report, 'North American Underground: The Glass Tank,' where its underground 'encourages cybercriminal activity amongst novices and seasoned pros alike'

FBI, Interpol, and Microsoft coordinated on Dorkbot takedown (SC Magazine) A coalition of law enforcement agencies partnered with technology companies and security vendors, including Microsoft, CERT.PL and ESET to take down a ring of over 1 million infected computers

Finjan Provides Litigation Update in Proofpoint Case; Claim Construction Order and Significant Motions (MarketWired) The Court entered two substantive orders, both in Finjan's favor

Alleged hit-and-run foiled after driver's car calls the cops on her (Naked Security) "There was no accident," Cathy Bernstein stressed to the emergency response dispatcher who had called her

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, Mar 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests

Upcoming Events

Program on Cyber Security Studies (PCSS) (Garmisch-Partenkirchen, Germany, Dec 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused, non-technical cyber security program that emphasizes and teaches senior key leaders how to best make informed decisions on cyber policy, strategy and planning within the framework of whole-of-government cooperation and approaches

2015 Cyber Security Exchange (Orlando, Florida, USA, Dec 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns, the ever-changing advanced threat landscape, efficient identity access management and more

Disrupt London 2015 (London, England, UK, Dec 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt? We start each day with panels and one-on-one discussions featuring TechCrunch writers and editors, special guest speakers, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. Each afternoon, we host the Startup Battlefield competition which culminates in six finalists taking the stage at the end of the event for a shot at winning the Disrupt Cup

Passwords 2015 (University of Cambridge, England, UK, Dec 7 - 9, 2015) More than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Target, Adobe, Heartland, Forbes, LinkedIn, Yahoo, and LivingSocial. Yet passwords, PIN codes, and similar remain the most prevalent method of personal authentication. Clearly, we have a systemic problem. This conference gathers researchers, password crackers, and enthusiastic experts from around the globe, aiming to better understand the challenges surrounding the methods personal authentication and passwords, and how to adequately solve these problems. The Passwords conference series seek to provide a friendly environment for participants with plenty opportunity to communicate with the speakers before, during, and after their presentations

ACSAC (Annual Computer Security Applications Conference) (Los Angeles, California, USA, Dec 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security professionals of all types gather at ACSAC to discuss the latest developments in the infosec industry. The core mission of this conference is investigating practical solutions for computer security technology. This year's edition will especially focus on security and privacy in the Internet of Things era

Cyber Risk Wednesday: 2016 Threat Landscape (Washington, DC, USA, Dec 9, 2015) To discuss how 2016 will likely challenge today's security thinking and what we can learn from the past year's developments and these trends, please join the Atlantic Council's Cyber Statecraft Initiative on Wednesday, December 9 from 4:00 p.m. to 5:30 p.m. for a moderated panel discussion with a group of prominent cybersecurity experts

NSA RCTCON (Fort Meade, Maryland, USA, Dec 9, 2015) The NSA RCTCON industry exposition will be attended by 250-300 IC (Intelligence Community) cyber personnel working on solutions to the current cyber threats that face the U.S

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, Sep 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel

cyberSecure (New York, New York, USA, Dec 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add value to your company and shareholders DURING and POST breach. Enter ALM cyberSecure. A unique professional event providing an all-encompassing view and the relationships necessary to protect enterprises during all phases, across all departments while keeping revenue on track