Voter data exposed online. GozNym banking Trojan hits US. Swagger may have RCE bugs. The state of crypto-ransomware. Industry notes, homebrew servers, and waiting for Brexit.

Cyber Attacks, Threats, and Vulnerabilities

154 million US voter records exposed following hack (Help Net Security) MacKeeper security researcher Chris Vickery has discovered yet another database containing voter profiles of US citizens, accessible to anyone who stumbled upon it or knew where to look

Tech support scammers impersonate victims’ ISP (Help Net Security) Tech support scammers have switched from cold calls to pop-ups ambushing users online, seemingly coming from the victims’ ISP

GozNym Banking Trojan Hits the US with Redirection Attacks (Twrix) GozNym, a banking trojan discovered only two months back, has added a new trick to its arsenal and is using it to target high-level business banking services in the US

Unpatched Remote Code Execution Flaw Exists in Swagger (Threatpost) An unexpected behavior in a relatively new and popular open source API framework called Swagger could lead to code execution, researchers at Rapid7 said

Crypto Ransomware Officially Eclipses Screen-Blocker Ransomware (Darek Reading) Encryption malware represented 54 percent of all ransomware in April compared to barely 10 percent a year ago, Kaspersky Lab found

Security Researchers Puzzled by Demise of TeslaCrypt Ransomware (eWeek) Cyber-criminals have already shifted to another ransomware program, CryptXXX, but researchers continue to puzzle over why TeslaCrypt's operators gave up their encryption keys

Pen testers discover mega vulnerabilities in Uber (SC Magazine) Portuguese pen testing team discover 14 flaws in Uber apps which would have enabled them to get free rides and disclose details of passengers' and drivers' journeys

Carbonite Triggers Password Reset for 1.5M Customers After Reuse Attack (Threatpost) Online backup firm Carbonite is forcing all of its 1.5 million users to change their passwords after reporting that accounts was targeted in a password reuse attack. According to a statement issued by Carbonite on Tuesday hackers were attempting to break into user accounts using stolen credentials. In some cases, personal information may have been exposed, Carbonite wrote in a blog post

Carbonite Accounts Targeted in Password Reuse Attack (Carbonite) What Happened: As part of our ongoing security monitoring, we recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts

Carbonite Is Latest Victim Of Password Reuse Attack (Dark Reading) Back-up services provider asks users to reset passwords, claims hackers used details from earlier breached websites

Internet trolls hack popular YouTube channel WatchMojo (CSO) Hackers tag videos, but leave content unchanged

Mark Zuckerberg is paranoid about webcam spies – for good reason (Naked Security) Here’s a riddle: what do Mark Zuckerberg and FBI Director James Comey have in common? I mean, besides the fact that they both run organizations that know waaaaaaaay too much about us?

Cyber attack at Holley School District (WHAM) The FBI and State Police are investigating a cyber attack against the Holley Central School District

Security Patches, Mitigations, and Software Updates

Patched libarchive Vulnerabilities Have Big Reach (Threatpost) The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software

WordPress Security Update Patches Two Dozen Flaws (Threatpost) WordPress last week updated to version 4.5.3, a security release for all versions of the content management system

Cyber Trends

Rise of Darknet Stokes Fear of The Insider (KrebsOnSecurity) With the proliferation of shadowy black markets on the so-called “darknet” — hidden crime bazaars that can only be accessed through special software that obscures one’s true location online — it has never been easier for disgruntled employees to harm their current or former employer. At least, this is the fear driving a growing stable of companies seeking technical solutions to detect would-be insiders

KnowBe4 Releases Results of 2 Year Survey Showing Rising Concern over Ransomware (Benzinga) Security awareness training and backup deemed most effective to combat ransomware

Why are hackers increasingly targeting the healthcare industry? (Help Net Security) Cyber-attacks in the healthcare environment are on the rise, with recent research suggesting that critical healthcare systems could be vulnerable to attack

Shipping unprepared for five stages of a cyber attack (Marine Electronics & Communications) The shipping industry is unprepared for any serious and lengthy cyber attacks. Shipowners, operators and managers may feel they are ready for malware infections on their ships because they employ antivirus software. But they would not be prepared for a well-thought-out attack from a strong-willed hacker

United Kingdom has the strongest security globally, report says (CSO) A recent research study listed how countries fared

Marketplace

Cyber-Security M&A Heats Up: Symantec’s Purchase May Spur Deals (See IT Market) Cyber-Security was one of the hottest areas in the Tech space during the first half of 2015. Then came the July washout of all high growth and high valuation technology stocks. That sent the sector reeling. The Cyber-Security ETF (HACK), peaked above $33.50 in June of 2015 and traded almost down to $19 in February of 2016. That low marked the bottom of a massive correction. HACK has since recovered to $24.45 and recent developments hint that more Cyber-Security M&A deals may be around the corner

Is Dell cutting too deep? (Enterprise Times) As Dell gets closer to closing its EMC acquisition it is disposing of assets no longer considered core. This is not just about Dell slimming down. It has a lot of investors wanting to see a return on the monies pledged for the EMC acquisition

Why the Carlyle Group's vanishing stake in Booz Allen will be good for the contractor (Washington Business Journal) Booz Allen Hamilton Inc. (NYSE: BAH) is finally seeing growth after years of revenue declines — an improved financial picture that helped boost its credit ratings outlook recently. But buried in that report, the credit rating agency noted another reason for optimism: "a reduced Carlyle equity ownership stake"

Akamai Technologies: A Long Term Value Play? (Small Cap Network) Our SmallCap Network Elite Opportunity (SCN EO) portfolio has opened a position in Akamai Technologies, Inc (NASDAQ: AKAM) as a long-term idea and value play on forward growth with short-term trading implications

NeuStar's upcoming split will mean a tale of two headquarters (Washington Business Journal) NeuStar Inc. will split its business into two, divided between its legacy operations and its rapidly growing realtime marketing services

Canadian cyber security expert Daniel Tobok launches new firm, Cytelligence (Newswire) Daniel Tobok, an internationally recognized cyber security and digital forensics expert, launches Cytelligence Inc., a new elite kind of cyber security firm

SecurityScorecard raises $20 million from Google Ventures (TechCrunch) SecurityScorecard, the platform that monitors and assesses companies’ cybersecurity strength, has raised $20 million in Series B funding from GV (the Alphabet-ized new name for Google Ventures)

LightCyber raises $20 million to boost sales globally (Start-Up Israel) Investors include US firm Access Industries and Shlomo Kramer, the cybersecurity company says

Israeli cybersecurity boom 'sustainable', argues industry’s father (Register) Pipelines are improving but discrimination is still a problem

Northern Ireland becoming a global IT security hub as Alert Logic creates 88 jobs (Silicon Republic) Alert Logic has created 88 jobs in Belfast – 30 of which are already in place – at a new Security Research and Technology Development Centre

REI Systems is a Washington Post Top Workplace for the Second Year in a Row (REI Systems) REI ranks 7th on The Washington Post Top Workplaces List of 2016

NSFOCUS receives Bounty Award for fourth consecutive year (SC Magazine) For the fourth consecutive year, NSFOCUS has received the honour of the Microsoft Mitigation Bounty Award

Optiv Snags CIO Away From Experian (Techrockies) Denver-based cyber security provider Optiv has snagged an executive from Experian, to serve as the company's new Chief Information Officer

Products, Services, and Solutions

E8 Security Joins IBM Security App Exchange Community (MarketWired) E8 Security App for QRadar part of collaborative development to stay ahead of evolving threats

Cylance expands ties with partners to meet cybersecurity demands in EMEA regions (Voice and Data) Artificial Intelligence-based cybersecurity company Cylance has expanded its Europe, Middle East and Africa (EMEA ) operations with three leading channel partners. Cylance has established partnerships in France, Germany and the Middle East to meet rising demands in EMEA for preventive cybersecurity solutions and services

Microsoft Rolls Out New Data Classification And Security Service (Dark Reading) Azure Information Protection the first-fruit of Microsoft's acquisition of Secure Islands

Azure Information Protection makes warding off data leaks easier (Ars Technica) Based on tech bought last year, new system builds on Azure Rights Management

Gurucul Extends Cloud Security User Behavior Analytics Platform to Protect Microsoft Office 365 (BusinessWire) Visibility across cloud and on-premises hybrid environments can protect confidential data in sharepoint online that spans both infrastructures

Akana Platform Wins Cloud Platform Innovation Award (CBS8) Innovative end-to-end API Management Platform is recognized

Ixia Wins 2016 NetworkWorld Asia Information Management Award for Network Testing & Measurement (BusinessWire) Ixia (Nasdaq: XXIA), a leading provider of network testing, visibility, and security solutions, announced that Ixia was selected as the winner in the Network Testing and Measurement category for the 2016 NetworkWorld Asia Information Management Awards

MobileIron First to Receive Common Criteria Certification for Mobile Device Management Protection Profile V2 (PRNewswire) MobileIron (NASDAQ: MOBL), the stand-alone EMM leader, today announced that it has become the first company in the world to receive Common Criteria certification against Version 2.0 of the Mobile Device Management Protection Profile (MDMPP V2.0 and MDMPP Agent V2.0) from the National Information Assurance Partnership (NIAP)

Let’s Encrypt Celebrates Big HTTPS Milestone (Threatpost) Certificate authority Let’s Encrypt is celebrating a major milestone in the young nonprofit’s existence issuing its 5 millionth certificate this month. Let’s Encrypt launched to the general public just seven months ago

Technologies, Techniques, and Standards

ApocalypseVM ransomware decrypter released (Help Net Security) AV company Emsisoft has added yet another ransomware decrypter tool to its stable: a decrypter for ApocalypseVM

Updating code can mean fewer security headaches (InfoWorld via CSO) Contrary to what you might think, updating code a lot can cut security issues in half -- and improve software quality

5 ways to keep your Instagram profile safe (Naked Security) Although I’m generally an early adopter of most new social media networks when they come out (go figure, I’m a shameless #Millennial), I was an Instagram curmudgeon for a while. But after giving it a go, its ease of use and brilliantly minimal interface completely won me over, and now I’m an InstaAddict

Design and Innovation

There’s a new OS in the works, and it’s being built by Huawei (Android and Me) There comes a point when everything passes, and for some, the best way to cope is to prepare. Huawei falls into that group, with The Information reporting that Huawei is developing its own operating system as a fallback to Android. While the details are unknown and intriguing, the larger question is, why?

DOD looks to develop a preemptive approach to network defense (Defense Systems) With roughly 43,000 attempted daily intrusions on the Department of Defense Information Network, or DODIN, the department has sought a more proactive approach to defense as opposed to a “whack-a-mole” response

Apple “opens up” the iOS 10 kernel – accident or design? (Naked Security) Apple, it seems, just can’t win when it comes to openness

Apple confirms iOS kernel code left unencrypted intentionally (TechCrunch) When Apple released a preview version of iOS 10 at its annual developers conference last week, the company slipped in a surprise for security researchers — it left the core of its operating system, the kernel, unencrypted

The Core Capabilities of Cognitive Systems (IBM Security Intelligence) The technologies behind cognitive systems have matured greatly in recent years, which has expanded the number and types of applications for the technology. One such initiative involves applying cognitive computing to cybersecurity

Research and Development

How much havoc is caused by unwanted radio signals? FCC tries to find out (Ars Technica) Radio noise floor is likely rising, but we don't know how much

Academia

Secure Your Future (Cybersecurity Education) Browse hundreds of programs and schools for cyber security

NSA Designates UTEP as a National Center of Academic Excellence (CAE) in Cyber Operations (KRWG) The University of Texas at El Paso recently earned recognition as a National Center of Academic Excellence (CAE) in Cyber Operations. The designation from the National Security Agency is for academic years 2016–21

Wittenberg, ATIC partner on cybersecurity effort (Dayton Business Journal) Wittenberg University is working with the Advanced Technical Intelligence Center in a bid to strengthen its cyber security programs

Verizon officials dig into cybersecurity challenges facing colleges (EdScoop) Higher education institutions can secure their data and networks without compromising a community of openness, Verizon officials said

Legislation, Policy, and Regulation

What People are Saying on Twitter about Brexit (Expert System) Analysis of 55,000 Tweets by Expert System and the University of Aberdeen reveal the main topics and trends around “Brexit”

When will we know the result of the Brexit vote? (MarketWatch) Financial markets are on a knife’s edge ahead of Thursday’s Brexit referendum, but investors will have to wait longer than usual to get the result of the vote

Opinion: How to craft a meaningful cyberarms pact (Christian Science Monitor Passcode) US diplomats are trying to revise how a global arms pact known as the Wassenaar Agreement applies to digital weapons. Despite misgivings from the tech sector, there’s an opportunity for Washington to help forge a deal that keeps hacking tools out of the wrong hands

Think tanks mull Geneva Convention for cybercrime (IDG via CSO) One way to protect critical national infrastructure from cyberwar is to promise not to attack it, policy wonks say

US Still Has No Definition for Cyber Act of War (Military.com) Pentagon leaders are still working to determine when, exactly, a cyber-attack against the U.S. would constitute an act of war, and when, exactly, the Defense Department would respond to a cyber-attack on civilian infrastructure, a senior Defense Department official told lawmakers on Wednesday

The US Military Can’t Train To Fend Off the Worst Cyber Attacks on Infrastructure — Yet (Defense One) Digital wargames that ‘truly represent a realistic and relevant threat’ are coming in 2019

Are China's hackers shying away from US targets? (Christian Science Monitor Passcode) A report indicates that Chinese cyberattacks on US companies are declining. But other experts say hackers are simply changing tack

Senate blocks access to online data without warrant (AP via Yahoo! Tech) The Senate on Wednesday blocked an expansion of the government's power to investigate suspected terrorists, a victory for civil libertarians and privacy advocates emboldened after a National Security Agency contractor's revelations forced changes in how the communications of Americans are monitored

Google, privacy groups urge Congress not to expand federal hacking power (Christian Science Monitor Passcode) A change to federal criminal procedure would allow judges to approve searches on computers outside their jurisdiction, a move that could have vast 'unintended consequences' for innocent people, civil liberties groups say

As FBI surveillance takes center stage, Senator Wyden warns against eroding civil liberties (Christian Science Monitor Passcode) After the Senate beat back a proposal to expand FBI surveillance powers in the wake of the Orlando shooting, the Oregon Democrat told Passcode 'the public is picking up that you don’t fight terror by eroding our freedoms for policies that don’t leave them safer'

Pakistan’s ‘University of Jihad’ is getting millions of dollars from the government (Washington Post) After terrorists killed more than 100 Pakistani school children 18 months ago, the country’s leaders vowed to crack down on religious seminaries that are recruiting grounds for domestic and international Islamist militant groups

Litigation, Investigation, and Law Enforcement

Emails: State Dept. scrambled on trouble on Clinton's server (AP) State Department staffers wrestled for weeks in December 2010 over a serious technical problem that affected emails from then-Secretary Hillary Clinton's home email server, causing them to temporarily disable security features on the government's own systems, according to emails released Wednesday

Can cops use phone left at scene of crime to call 911 to find its owner? (Ars Technica) Lawyer says court must suppress search that resulted in link to kidnapping case

Mobile advertiser tracked users' locations, without their consent, FTC alleges (IDG via CSO) InMobi has agreed to pay $950,000 as part of a penalty

New Zealander Gets Prison Time for Sending Militant Videos (AP via ABC News) A New Zealand man was sentenced Thursday to more than three years in prison for distributing Islamic militant videos in the first case of its type in the South Pacific nation

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

2016 CyberWeek (Tel Aviv, Israel, Jun 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.

Security of Things World (Berlin, Germany, Jun 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.

SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!

DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.

ISS World South Africa (Johannesburg, South Africa, Jul 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.

Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SINET Innovation Summit 2016 (New York, New York, USA, Jul 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental Cybersecurity challenges is critical to the advancement of innovation in the Cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on Cybersecurity research projects

Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

CyberSec 2016 (New York, New York, USA, Jul 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.

Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.

Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.

SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!

AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.