What Guccifer 2.0 and the Bears were up to, hacking the DNC, and why you should care (trust us—you should). Attend ThreatConnect’s webinar to find out.
Wikileaks DDoSed, now banned in Turkey. Brazilian, Chinese groups pledge allegiance to ISIS. Brazil blocks, then unblocks, WhatsApp. Code hooking issues in security products. Risk updates on Apple cookie bugs, Cknife, CryptXXX, Lurk, and Fareit.
Wikileaks said it sustained a denial-of-service attack (it’s now recovered) over the weekend after announcing plans to release a tranche of Turkish government documents. It has now released them, and has been duly blocked by Turkish authorities.
Brazilian security services are watching cyber threats to the Rio Olympics closely. Cybercrime and hacktivism have long been concerns, but a recent Telegram pledge of allegiance to ISIS by Ansar al-Khilafah has added a specifically jihadist threat to the mix. (Ansar al-Khilafah is small and, as the Washington Post puts it, “obscure,” but authorities are taking the threat of lone-wolf inspiration seriously.) Brazil is also receiving the DDoS attentions of Anonymous, protesting a lower court’s now-reversed order blocking WhatsApp.
ISIS has also attracted some adherents in China, as some members of that country’s Uighur minority are revealed (via doxed ISIS communications) to have signed on to the Caliphate.
In vulnerability news, enSilo warns of software code hooking issues affecting more than fifteen security products from leading vendors. enSilo promises a report at Black Hat, but they’ve posted an early version of their findings in the company’s blog.
Zscaler describes the now-patched Apple cookie bug the company discovered. Recorded Future continues its exposure of the Cknife web shell.
The SoakSoak botnet is delivering CryptXXX ransomware through compromised business WordPress sites. (The RevSlider plugin is being exploited.)
Ammy Admin remote admin software is being exploited as a vector for the Lurk and Fareit Trojans, Kaspersky reports.
Three jackpotters are collared in the Taiwan ATM heist.
Notes.
Today's issue includes events affecting Brazil, China, European Union, India, Iraq, Russia, Syria, Taiwan, Turkey, Ukraine, United Kingdom, and United States.
A note to our readers: This Friday we'll be in Detroit, for the first annual Billington Global Automotive Cybersecurity Summit. Watch for live-tweets from the event, and a full report published here next week. For a preview of some of the conference's important themes, check our interview with Booz Allen Hamilton's Jon Allen.
If you're interested (as who is not?) in risk management and cyber insurance markets, check out the CyberWire's Special Edition Podcast, "Quantifying Cyber Risk." It features experts in the security and insurance sectors about quantifying cyber risk: how you do it, what you do with the numbers once you've got them, and why it all matters.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today's partner segment comes to us from the University of Maryland's Center for Health and Homeland Security: Markus Rauschecker will offer some insight into the lenient sentence serial stalker, doxer, and swatter Mir Islam received (two years--actually just one, considering time served). We'll also hear from Morphisec's Ronen Yehoshua about the limitations of end point protection. (If you like our podcast, consider giving it an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
Turkey Blocks WikiLeaks After Dump of Government Emails (Motherboard) Turkey has blocked access to WikiLeaks after the whistleblowing platform published what it claimed were emails from Turkey's ruling political party, according to censorship group Turkey Blocks
WikiLeaks suffers ‘sustained attack’ after announcing release of Turkish government docs (Naked Security) WikiLeaks is back up after having tweeted on Monday that it was suffering an ongoing attack
‘FaceTime Is a Cyberweapon’ and Other Lessons About Digital Age Coups (Foreign Policy) After Turkey, has the internet torn up the playbook for how coups are won and lost?
With Turkey in chaos, its secular citizens feel even more nervous (Washington Post) Yildiz Gerjain feels cornered. That sensation has intensified since a coup attempt last week that she did not support, a subsequent purge launched by a strongman president she opposes and large rallies by conservative Islamists whom she fears
Bloody Ramadan: How the Islamic State Coordinated a Global Terrorist Campaign (War on the Rocks) In late May 2016, the Islamic State (ISIL) released an audio statement featuring Abu Muhammad al-Adnani, the group’s chief spokesman, celebrating the upcoming lunar month of Ramadan. Adnani exhorted ISIL’s supporters to make Ramadan “a month of calamity everywhere for the non-believers” and urged everyone considering migrating to the caliphate to instead carry out attacks in their home countries. Adnani’s statement proved to be an ugly portent of things to come. Militants acting in ISIL’s name struck in over 10 countries during the group’s Ramadan offensive. Highly visible attacks in Istanbul, Dhaka, Orlando, and Baghdad together left hundreds of civilians dead as operatives targeted airports, restaurants, night clubs, and shopping centers
Brazilian extremist group uses Telegram to pledge allegiance to ISIS ahead of Olympics (Washington Post) Hundreds of thousands of athletes and tourists are about to arrive in Rio de Janeiro from around the world for this year's Summer Olympics, whose opening ceremony is just more than two weeks away. Security is going to be extremely tight. The police and army are on high alert for copy-cat attacks after European cities have suffered one terrorist assault after the other
Brazil probes Olympics threats after group backs Islamic State (Reuters) Brazil's intelligence agency said on Tuesday it was investigating all threats to next month's Rio Olympics after a presumed Brazilian Islamist group pledged allegiance to Islamic State (IS) less than three weeks before the Games
Experts warn of hacking threat at Rio Olympics (CNBC) World-class athletes aren't the only ones preparing for the Olympic Games. World-class cybercriminals are also hoping to walk away with some gold
Anonymous DDoS Rio Court Website for Blocking WhatsApp in Brazil (Hack Read) Anonymous shut down Rio De Janeiro Court website for blocking Whatsapp in Brazil
Report: More Than 100 Chinese Muslims Have Joined the Islamic State (Foreign Policy) Leaked ISIS documents suggest that Uighur fighters are seeking a new home and a sense of belonging
ISIS suspect was sending encrypted emails to handler Shafi Armar (DNA India) A senior NIA official said that accused Ibrahim had used tutanota.com, a secure encryption mail to be in touch with his handler abroad
Hacker ‘Phineas Fisher’ Speaks on Camera for the First Time—Through a Puppet (Motherboard) A little bit over a year ago, the normally quiet Twitter account of Hacking Team, an Italian company that sells spying tools to governments all over the world, started acting weird
Flaws found in security products from AVG, Symantec and McAfee (Register) Patch frenzy imminent, say researchers, thanks to bad use of code hooking
Flawed code hooking engines open endpoints to compromise (Help Net Security) Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different products, including anti-virus (AV) and anti-exploitation solutions, data loss prevention software (DLP) and host-based intrusion-prevention systems (HIPS)
Intrusive Applications: 6 Security Issues to Watch Out for in Hooking (enSilo Blog) For over a year our enSilo researchers have been looking into hooking engines and injection methods used by different vendors. It all started back in 2015 when we noticed injection issue in AVG but this was only the tip of the iceberg. A few months after that we noticed similar issues in McAfee and Kaspersky Anti-Virus. At that point we decided to extend our research and look into the security implications of hooking engines and injection techniques. The results were depressing
Apple Patches Persistent Cookie Vulnerability Discovered by Zscaler (Zscaler) Cookies are a fundamental part of our everyday web access. We take them for granted and freely give websites access to relevant “cookies” in our browsers because they dramatically enhance our user experience. Cookies are considered “persistent” if they last beyond a single browser session. Persistent cookies remain in your browser until you explicitly erase them or your browser deletes them after a given duration (set by the site using the cookie)
New Made-in-China Web Shell Threatens the Security of Web Servers Worldwide (Softpedia) New Cknife Web shell modeled after old China Chopper shell
Shell No! Adversary Web Shell Trends and Mitigations (Part 1) (Recorded Future) Open sourcing unauthorized persistence with web shells for over 15 years. Web shells are a favorite Chinese speaking forum topic. Actor laziness leads to code reuse, but not enough to alert on functions or strings. b374k, b374k r3c0d3d, and WSO 2.1 are clear open source favorites (by mention). Static signatures that capture specificity or uniqueness in a web shell are only marginally useful. Higher-level web shell behaviors are the choke points to focus on for long-term, large-scale meaningful detection
Shell No! Introducing Cknife, China Chopper’s Sibling (Part 2) (Recorded Future) In part one of our web shell series we analyzed recent trends, code bases, and explored defensive mitigations. In part two we investigate a new web shell created by Chinese-speaking actors
Wave of business websites hijacked to deliver crypto-ransomware (Ars Technica) Sites exploited by SoakSoak bots give the gift of CryptXXX malware
Slew of WP-based business sites compromised to lead to ransomware (Help Net Security) If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief
Symantec Sees Ransomware Hackers Getting More Advanced, Targeted (Bloomberg) ‘Gold rush’ mentality fueling higher demands for blocked data. Hospitals not the most targeted, despite publicized cases
Cyber-Threat Landscape Domination: What’s Next for Ransomware? (TechTV) The FBI recently published that ransomware victims paid out US$209 million for only the first quarter of 2016 compared to US$24 million for all of 2015. Ransomware is now completely dominating the threat landscape conversation. Fortinet’s FortiGuard Labs R&D team, for instance, is seeing one new ransomware strain every day
Why ransomware criminals need great customer service (CSO) Yes, even bad-guy malware developers have to keep their "customers" happy. Read what happens when F-Secure tests the "help desks" of four crypto-locking malware makers
Data Stockpiling Pays Off For Cybercriminals, Says New Report By Surfwatch Labs (PR Rocket) Old breaches led to new breaches as cybercriminals’ ability to use and monetize personal information rose significantly across all industries
Report: More, stronger cyber attacks to flood networks (The Hill) A popular cyber attack used to clog victims’ internet connections is being used more frequently at far higher strengths, according to a new report
Remote Systems Admin Software Rigged With Lurk Trojan (Dark Reading) Website of legitimate and popular application used by banks in Russia and nearby nations faced successive compromises
Ammyy Admin remote admin tool repeatedly bundled with Trojans (Help Net Security) The website of the company that develops the popular remote administration software Ammyy Admin has been repeatedly compromised in the last year or so, and users who downloaded the tool were saddled with malware
Google Chrome Malware Leads to Sketchy Facebook Likes (Threatpost) Ever wonder how your mild-mannered friend’s Facebook feed suddenly got packed with lewd clickbait? That’s the question Maxime Kjaer was determined to answer when he noticed a friend’s Facebook feed peppered with Likes for sketchy link bait such as “Basic Kissing Tips”
New Credential Theft Tactic Seen on E-Commerce Sites (Softpedia) WooCommerce and Prestashop sites affected
Several vulnerabilities discovered in OpenFire version 3.10.2 to 4.0.1 (SysDream IT Security Services) OpenFire is an opensource project under GNU GPL licence. It provides a Jabber/XMPP server fully develloped in Java. It's develloped by the Ignite realtime community. The actual version of the product is 4.0.2
Warning issued over baby monitor, webcam, IoT security… again! (Naked Security) A few years back, a site that made extremely dubious white-hat claims about pointing out the dangers of not changing default passwords on IP cameras was corralling live streams, allowing strangers to spy on the feeds coming from baby monitors and security webcams in bedrooms, offices, shops, restaurants, bars, swimming pools and gymnasiums
ICO in Internet of Things Security Warning (Infosecurity Magazine) Data protection watchdog the Information Commissioner’s Office (ICO) has repeated warnings about the Internet of Things, urging users to take steps to protect their privacy and security
OurMine is now hacking into Minecraft accounts (PCWorld) The hacking team has also taken over the social media accounts of tech executives
Baton Rouge City Website Hacked Against Alton Sterling’s Death (Hack Read) Ghost Squad hackers defaced Baton Rouge City website against police brutality leading to the death of Alton Sterling
Cici’s Pizza: Card Breach at 130+ Locations (KrebsOnSecurity) Cici’s Pizza, a Coppell, Texas-based fast-casual restaurant chain, today acknowledged a credit card breach at more than 135 locations. The disclosure comes more than a month after KrebsOnSecurity first broke the news of the intrusion, offering readers a sneak peak inside the sprawling cybercrime machine that thieves used to siphon card data from Cici’s customers in real-time
How DHS fell silent when a hack threatened the U.S. power grid (E&E News) A month after hackers blacked out power in western Ukraine, a team of U.S. security experts touched down in Kiev to piece together the extraordinary assault
Deconstructing Connected Cars: A Hack Waiting To Happen (Dark Reading) Why your automobile's simple and reliable Controller Area Network will put you at risk in the brave new world of connected and autonomous driving
10 The Most Dangerous Computer Viruses of the Decade 2007-2016 (TechTwisted) These types of viruses in computer will blow your mind
Security Patches, Mitigations, and Software Updates
Oracle splats 276 bugs with mammoth Critical Patch Update (Help Net Security) In case you missed it, Oracle’s July 2016 Critical Patch Update is out, and it’s bigger than ever before
Apple Announces OS X and iOS Security Updates (eWeek) Fixing security glitches, Apple's OS X 10.11.6 and iOS 9.3.3 came out ahead of the company's major product announcements expected next fall
Cyber Trends
Failure to Secure: The 2016 State of Privileged Account Management Report (Thycotic) 550+ organizations benchmarked their privileged account management score. Of them, 80% consider PAM security a high priority, but, 52% received a failing grade
Three topics everyone will be talking about at Black Hat USA 2016 (Help Net Security) There has never been a more interesting or daunting time to be in security. We have the proliferation of connected devices and a digitally connected global economy, colliding with nation-state threat actors and concerns over consumer privacy. All of these trends are converging at a time when companies are struggling with how to detect and stop new threats, while the enterprise becomes more distributed and open than ever
Muddled Thinking On Security Leaving Organizations Exposed (Infosecurity Magazine) A new survey on the state of security defenses at organizations across the UK has revealed that while many are satisfied with their strategy there are still worrying gaps that could leave businesses exposed to attacks
Over One-Third of Managers Would Bypass IT Security (Infosecurity Magazine) Shadow IT is still a major security risk for organizations, despite apparent improvements in employees’ security awareness, according to new research
How External Threats May Impact Health Data Security Measures (HealthITSecurity) A recent Ponemon report shows security leaders believe they lack necessary tools to mitigate external threats, which might not bode well for health data security needs
Marketplace
Gartner: Niche vendors control 2015 security software market (Channelnomics) Majority of top five vendors saw revenue drop for the year
EMC Shareholders Approve Merger With Dell (Wall Street Journal) Deal would be the largest technology merger ever
Ball Aerospace Positions For Future Growth In Washington D.C. Metro Area (PRNewswire) Ball Aerospace is increasing its footprint in the Washington D.C. metro area. To position the business for continued growth, Ball acquired specialized engineering cyber firm Wavefront Technologies earlier this year to further strengthen and diversify its business portfolio. The new Ball team will make the move to a larger location in Columbia, Maryland, this summer
Waltham cybersecurity firm takes aim at Symantec with latest acquisition (Boston Business Journal) Waltham cybersecurity firm Carbon Black said Tuesday that it acquired Confer, an anti-virus company based in Southborough
Carbon Black Takes a NGAV Leadership Position with Confer Acquisition: Targets Symantec, Palo Alto Networks, Cylance, and CrowdStrike with Disruptive, Zero-Gap Protection (EconoTimes) Carbon Black, the leader in next-generation endpoint security, today announced its acquisition of Confer, a next-generation antivirus (NGAV) company. Carbon Black is recognized for its market-leading application control, incident response, and threat-hunting products that serve more than 2,000 organizations globally. By adding Confer's NGAV product, Carbon Black delivers the industry's most complete endpoint-security platform. Confer's software solution will be renamed "Cb Defense"
VIDEO Interview: Zscaler's CISO Michael Sutton talks cloud security and more (ITWire) Zscaler chief information security officer Michael Sutton is in Australia for a CISO Round Table and to meet customers, and he spoke to iTWire about cloud, security, ransomware, Gartner "Magic Quadrants" and plenty more
Defense Intelligence Agency is Scoping Out Social Media Background Checkers (Nextgov) The Pentagon is conducting market research for a planned 12-month "social media checks" pilot that would analyze public posts to help determine an employee's suitability for Defense Intelligence Agency classified work
Plantation-based Thales e-Security adding jobs (Sun-Sentinel) French multinational company Thales is expanding throughout Florida, from its e-security business in Plantation to its flight entertainment system in Orlando and Melbourne
Versasec Expands US and Global Operations to Meet Growing Demand for Security Solutions (PR Urgent) Additions include new GM of North America and Silicon Valley office
Cylance Announces FedResults as Strategic Partner for Federal IT Market (PRNewswire) Partnership will accelerate Federal market adoption Of next-generation antivirus technology
ObserveIT Appoints Larry Whiteside to Company's New Board of Advisors (PRNewswire) Distinguished security and IT expert joining ObserveIT to support its mission to help organizations eliminate the risk of insider threats
Products, Services, and Solutions
Savvius Insight™ Brings Open Source ELK Stack to SMB and Remote Office Network Management (MarketWired) All-in-one appliance now gives SMBs, MSPs, and distributed enterprises ability to monitor networks using Elasticsearch, Logstash, and Kibana
E8 Security Cited by Independent Research Firm for Ability to Discover Anomalous Behavior and Provide Threat Activity Insight (MarketWired) Behavioral intelligence innovator included in 2016 "Vendor Landscape: Security User Behavior Analytics" industry analyst report
Siemplify Rounds Out ThreatNexus Security Operations Platform with Orchestration Module (BusinessWire) Siemplify™ today announced the availability of a new orchestration module for its Siemplify ThreatNexus™ security operations platform, fulfilling the demand for a complete end-to-end SOC solution
Dark data? Not if Teradata and Nuix can help it (PCWorld) The companies have teamed up to bring your dark data to light
Imperva SecureSphere Deployment Kit Now Available for Microsoft Azure Security Center (Nasdaq) Imperva simplifies web application firewall deployment on Microsoft Azure to protect enterprise apps in the cloud
Akana Platform to Power Barclays Developer Hackathon (BusinessWire) Akana, a leading provider of API Management, API Security, API Analytics and Microservices solutions for Digital Businesses, announced today that its Akana Platform will power the app development efforts at the upcoming Barclays Hackathon. By joining forces with Barclays to sponsor the July 20-21 Hackathon, Akana and Barclays will showcase the same technology that the bank itself is using to manage APIs in its Barclays Developer Network (BDN), a strategic platform for exposing and managing APIs external to Barclays
University of Florida Cybersecurity Team Turns to Tektronix to Outfit Electronics Security Lab (PRNewswire) State-of-the-art Tektronix test equipment to advance efforts to improve Internet of Things security, prevent reverse engineering and more
Sophos Adds Encryption To Synchronized Security Strategy With SafeGuard Encryption 8 Launch (CRN) Sophos is building on its synchronized security vision with the Tuesday launch of an encryption solution that ties into the security vendor's endpoint and network offerings
Rémy Cointreau Selects Centrify to Simplify Security, Improve Business Agility and Reduce IT Costs (BusinessWire) Centrify’s identify management solutions enable global liqueur and spirits leader to give its employees secure, one-click access to scores of cloud-based applications
Partnership Joins IT/OT Cybersecurity Efforts (AutomationWorld) SCADAfence has joined Gigamon’s ecosystem partner program, the two companies bringing information and operational technology products together for smart manufacturing cybersecurity
ThreatMetrix created network to stop hackers at the front door (Secure ID News) When talking about cybersecurity, identity and authentication, the conversation often turns to “killing the password,” multi-factor authentication and mobile devices
Farsight Security to Debut Brand Watch, a Breakthrough Brand Protection Cybersecurity Technology, at Black Hat USA 2016 (MarketWired) In an industry first, Farsight Security, Inc. today announced Brand Watch, a breakthrough technology that can monitor company brands across the Internet to help organizations protect their brand by defending against phishing, counterfeiting and other cyber threats
Wombat Security Announces General Availability of PhishAlarm Analyzer (Yahoo! Finance) Wombat Security Technologies (Wombat), the leading provider of security awareness and training for end users, today announced the general availability (GA) for PhishAlarm Analyzer, a software-based phishing threat analysis tool that uses machine learning to identify and prioritize reported phishing emails for incident response teams. Quick identification and categorization allows infosecurity officers and security response teams to quickly isolate and remediate suspected phishing messages, including zero-hour attacks
Recently Released Industry Research Study Reveals Triple-Digit ROI for IBM Application Security Testing Solution (IBM Security Intelligence) Quantifying benefits of an IBM client’s application security testing investment
Sqrrl Joins IBM Security App Exchange CommunityBy PR Rocket on July 19, 2016 (Press Release Rocket) Sqrrl Threat Hunting App for QRadar, now a part of collaborative development to stay ahead of evolving threats
A New Service Alerts You When Someone Uses Your Social Security Number (Wired) You already know that identity theft could happen to you. You’re never more than a few headlines away from another wide-scale hack. But what are you supposed to do with that knowledge? According to a new service called Civic, the answer is simple: track your Social Security number
Technologies, Techniques, and Standards
The security implications of China's quantum communications satellite (SC Magazine) Dwayne Melancon discusses why he thinks China's quantum communication satellite is more of a novelty than a practical solution to the eavesdropping problem
Ransomware Holds Your Data Hostage. Here’s How to Stop It (Infosecurity Magazine) Finding yourself in a situation where your data is held hostage can be an intensely frustrating experience for individuals and businesses
How to craft a threat intelligence strategy (ITWorld Canada) An increasing number of CISOs are realizing the value of threat intelligence to protecting the enterprise, helping the infosec team doing the day-to-day defending. But if you don’t already have a unit/person assigned for doing this it may be daunting to start
Patch Management Software Buyer's Guide (eSecurity Planet) Patch management software automates patch management, one of the most important security tasks in any organization
Why you should use a password manager (Naked Security) For years, I read many, many articles about password managers – much like this one – and despite the fact that I’ve been working in the information security field for about a decade, I still resisted trying them out. It seemed like a lot of hassle, and who needs more of that?
Follow These 10 Easy Steps to Enhance your LinkedIn Security and Privacy [Updated] (Heimdal Security) Social media is mostly about entertainment. Facebook’s for keeping up with what our friends are up to. Twitter is our favorite tool for staying informed with the latest news (or for starting a revolution for that matter)
CISOs need teamwork and a framework, says Chief Cybersecurity Officer at Trend Micro (Help Net Security) Eduardo Cabrera is the Chief Cybersecurity Officer at Trend Micro, responsible for analyzing emerging cyber threats to develop enterprise risk management strategies. Before joining Trend Micro, he was a 20-year veteran and former CISO of the United States Secret Service
Five trends to help senior executives protect against fraud threats (Help Net Security) A new Experian report identifies five trends that businesses should assess and take action on to mitigate fraud and improve the customer experience in today’s fast-paced, consumer-centric environment
Behavioural attack detection: Why a cyber breach isn’t game over for your business (Computer Business Review) C-level briefing: LightCyber EVP Jason Matlof (pictured) and other cyber security experts talk known threats and firewall shortcomings
Legislation, Policy, and Regulation
Top Turkish ministers expected to skip anti-ISIS summit (Washington Examiner) Both Turkey's foreign minister and defense minister have canceled plans to attend Wednesday's Counter-Islamic State summit in Washington, according to Turkish press reports
Tripwire Survey: Security Professionals Unconcerned About Cyber Security Impact of US Presidential Election (BusinessWire) Tripwire, Inc., a leading global provider of endpoint protection and response, security and compliance solutions, today announced the results of a survey of over 400 information security professionals who attended Infosecurity Europe 2016. The conference took place June 7-9, 2016, at the Olympia Conference Centre in London
Major cyber security threat underscored by congressional Homeland Security chairman (ABC5) "Nation not ready" for threat
New HIPAA guidance addresses ransomware (CSO) The U.S. Department of Human Services has released new guidance for health care companies that focuses on the growing threat of ransomware, stresses the need for better education and regular backups, and confirms that a ransomware attack against plain-text health information is, in fact, a breach that must be disclosed
Blog: Four Strategies the DOD Can Implement to Increase Cybersecurity (SIGNAL) It wasn’t too long ago that the Defense Department embarked on a Cybersecurity Discipline Implementation Plan identifying specific tasks that department’s IT personnel must perform to reinforce basic cybersecurity requirements identified in policies, directives and orders across the agency
NASA hires cyber mainstay as CISO (FedScoop) NASA's newest security head has 20 years of government experience, ranging from the DHS to the White House
Litigation, Investigation, and Law Enforcement
Turkey formally requests extradition of cleric from Pa. (The Hill) Turkey has formally asked the United States to extradite a Muslim cleric it blames for last week’s coup attempt, Turkey’s prime minister said Tuesday
Brazil’s Federal Supreme Court lifts WhatsApp block [Updated] (Ars Technica) WhatsApp: "We cannot share information we don't have access to"
Brazilian judge orders another WhatsApp block over message encryption (ZDNet) WhatsApp uses end-to-end encrypted messages, which the company can't decrypt
Joseph Hassan Farrokh Sentenced for Attempted Material Support to ISIL (Lawfare) Last Friday, a federal district court in the Eastern District of Virginia sentenced Joseph Hassan Farrokh, a 29-year-old man from Woodbridge, Virginia, to 102 months in prison for attempting to provide material support to ISIL
Feds shut down tech support scammers, freeze assets (CSO) Scammers duped consumers out of millions using pop-up messages generated in search results on PCs and Macs
Three Arrested After Taiwan ATM Heist (Infosecurity Magazine) Three foreigners have been arrested in Taiwan after thieves made off with $2.5 million from ATMs around the country.
How the new EU cybersecurity regulations affect businesses (Panda Security) The 28 countries that form the European Union will have a common cybersecurity goal beginning July 6th. The European parliament has approved a new directive in which these countries will have to change their legislation in the next 21 months
US Safe Habor and POPI (Lexology) The potential effects of the U.S. Safe Habor invalidity judgment on the Protection of Personal Information Act
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, Nov 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues. The symposium is a day long event comprised of panels, Q&A sessions, tool demonstrations and networking opportunities. Focused and thorough, there are take-aways for all attendees.
Upcoming Events
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.
Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
SANS Boston 2016 (Boston, Massachusetts, USA , Aug 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.
Secure Bermuda 2016 (Bermuda, Aug 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, Aug 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches
2016 Information Assurance Symposium (Washington, DC, USA, Aug 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SANS Alaska 2016 (Anchorage, Alaska, USA, Aug 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.
CISO New Jersey (Hoboken, New Jersey, USA, Aug 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
CyberTexas (San Antonio, Texas, USA, Aug 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.
Chicago Cyber Security Summit (Chicago, Illinois, USA, Aug 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, Aug 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.
CISO Toronto (Toronto, Ontario, Canada, Aug 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.