Fancy Bear's victory prance seems more opportunistic than celebratory. Anti-trust dust-up in Moscow courts. Tesco fraud wave worries other banks. Adult site breached. NIST releases maritime, small-business cybersecurity frameworks.
Security-camera-driven DDoS attacks have intermittently hit major Russian banks since November 8. The attacks appear criminal as opposed to state-sponsored; the botnet was assembled from devices in at least thirty countries, mostly the US, India, and Israel.
Security analysts continue to mull Fancy Bear's post-election, post-Microsoft-patch phishing romp through US think tanks and other policy wonk targets. Some see it as a victory lap, but most see opportunistic targeting of weaknesses before they're closed. ESET has a study of Fancy Bear's operations—ESET calls them Sednit, one of the at least seven names this (GRU) threat actor has acquired.
Researchers describe BlackNurse, a low-and-slow yet effective DDoS technique that exploits firewall vulnerabilities.
Many worries emerge over mobile devices and applications—WiFi hijacking, WiFi password discovery, OAuth 2.0 exploitation, Svpeng Android vulnerabilities, and QRLjacking.
The number of customers affected by the Tesco Bank fraud has been revised downward from 20,000 to 9,000, but the incident continues to trouble bankers in the UK, Ireland and (to a lesser but still significant extent) elsewhere. Investigation suggests weak security controls were at the heart of the problem.
Not that you'd be directly affected, but there are credible reports of a breach at adult friend site
In the US, NIST releases maritime and small-business addenda to its cybersecurity framework.
Kaspersky files antitrust claims against Microsoft in a Moscow court, alleging anti-competitive biases in Windows 10's security bundle. (Did Senator Sherman have a seat in the Duma?)
LabMD scores an appellate court win versus the FTC.
Notes.
Today's issue includes events affecting Algeria, Argentina, Bangladesh, China, Colombia, European Union, India, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Kyrgyzstan, Lebanon, Netherlands, Nigeria, Russia, Taiwan, Turkey, Ukraine, and United Kingdom and the United States.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Level 3, as Dale Drew talks Internet-of-things security. If you enjoy the podcast, please consider giving it an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
Russian ‘Dukes’ of Hackers Pounce on Trump Win (KrebsOnSecurity) Less than six hours after Donald Trump became the presumptive president-elect of the United States, a Russian hacker gang perhaps best known for breaking into computer networks at the Democratic National Committee launched a volley of targeted phishing campaigns against American political think-tanks and non-government organizations (NGOs)
Suspected Russian hackers target U.S. think tanks after election (PC World) The attacks involved spear phishing emails sent to dozens of targets
Russian hackers throw Trump victory party with new spear phishing campaign (Ars Technica) Russian threat group tied to DNC uses election chaos to hook NGOs, think tanks
Sednit: A very digested read (We Live Security) Sedit is one of the most notorious groups of cyberattackers operating in the world today. Active from at least 2004 – possibly earlier – it has unfortunately stepped up activity over the past two years, keen to hit its targets as hard as possible
Zuckerberg claims 99% of Facebook posts “authentic,” denies fake news there influenced election (TechCrunch) In case you missed it, last night Mark Zuckerberg published a response to accusations that “fake news” on Facebook influenced the outcome of the U.S. election, and helped Donald Trump to win
Massive cyberattack hit five top Russian banks: Kaspersky (AFP via Yahoo! Tech) A massive cyberattack has hit at least five of Russia's largest banks, Moscow-based internet security giant Kaspersky said Thursday
Russian banks hit by cyber-attack (BBC) Five Russian banks have been under intermittent cyber-attack for two days, said the country's banking regulator
New attack reportedly lets 1 modest laptop knock big servers offline (Ars Technica) “BlackNurse” could turn lone attackers with modest resources into Internet bullies
Hackers show preference for botnets over reflection attacks in Q3 2016 (Computerworld) Security services provider, Nexusguard, announced that Asia Pacific experienced less distributed reflection denial of service (DrDoS) attacks in the third quarter of this year (Q3 2016) as compared to the previous quarter
Hacker shows how easy it is to take over a city’s public Wi-Fi network (CSO) A buffer overflow in a single router model could have endangered thousands of Wi-Fi users
Researchers reveal WiFi-based mobile password discovery attack (Help Net Security) A group of researchers has come up with WindTalker, a new attack method for discovering users’ passwords and PINs as they enter them into their smartphones
OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking (Threatpost) Third-party applications that allow single sign-on via Facebook and Google and support the OAuth 2.0 protocol, are exposed to account hijacking
Traveling on business? Beware of targeted spying on mobile (Help Net Security) Corporate spying is a real threat in the world of cyber war. Employees traveling on behalf of their company could create opportunities for sophisticated adversaries to take sensitive corporate data. This is especially true if they are not careful with their mobile devices
Telecrypt Ransomware Abuses Telegram Channels to Host C&C Server (Virus Guides) The Kaspersky Lab experts have just discovered a brand new version of ransomware which they called Telecrypt. The newly-found infection uses Telegram channels for hosting C&C (command-and-control) servers
Anatomy of a Chrome for Android bug: the mixed-up world of mobile browsers (Naked Security) Security researchers at Kaspersky recently wrote about various Android attacks featuring malware known as Svpeng
QRLJacking – A new Social Engineering Attack Vector (Hackin9) The SQRL, or Secure Quick Response Login, a QR-code-based authentication, is an amazing system that makes our lives easier, as it allows us to quickly sign into a website without having to memorize or type in any username or password
Millions of job seekers’ info exposed via easily accessible database backups (Help Net Security) A data leak has exposed sensitive information about millions of job seekers that used global recruitment firm Michael Page
Michael Page Recruitment hacked – all passwords compromised (Computing) Michael Page blames Capgemini for hack via insecure “development server” left online
What went wrong at Tesco Bank? (Register) Internal systems blamed for monster cyber-attack
Tesco Bank ‘ignored warnings’ about cyber weakness (Financial Times) Security specialists say lender was targeted by hackers and had weaknesses in its mobile apps
After Tesco fraud, are other banks vulnerable to cyber-attacks? (Guardian) Experts have called for card readers and tighter security after £2.5m was stolen from the accounts of Tesco Bank customers
€350bn cyber crimewave to become a tsunami as high-tech heists soar (Independent) A cyber crimewave is hitting Irish firms and last week's raid on Tesco Bank was another wake-up call
AdultFriendFinder hacked: 400 million accounts exposed (Ars Technica) Huge breach reveals 15 million "deleted" accounts among compromised data
Compromised: 339 million AdultFriendFinder users (Help Net Security) Friend Finder Networks, the company that operates sites like Adultfriendfinder [dot] com ... has been breached – again!
Canadian Casino Says It Was Hacked (Fortune) Employee and vendor data was stolen
Businesses are warned of rising threat of cyber ransom attacks (Independent) Businesses and financial institutions are being told to sharpen their cyber security measures after more than €50,000 was extorted from an education body
Cyber ransoming hits Menomonee Falls businesses (Northwest Now) Investigators from the Menomonee Falls Police Department have said this is the first year cyber ransoming has been reported by local Menomonee Falls businesses
Donald Trump’s Phone Could Be A National Security Crisis (BuzzFeed) “Mobile security is one of the most urgent, and challenging questions facing the security of senior members of government”
College investigates racist cyber attack (Cleveland 19) A freshman at the University of Pennsylvania, along with most of her African-American peers, fell victim to a racist cyber-attack
Security Patches, Mitigations, and Software Updates
OpenSSL Patches High-Severity Denial-of-Service Bug (Threatpost) OpenSSL on Thursday patched three vulnerabilities in its latest update, and reminded users running version 1.0.1 of the cryptographic library that that security support will end Dec. 31
Cyber Trends
Black Duck Lays 2017 Open Source Security Predictions (Forbes) First the Earth cooled, the dinosaurs came and went… and then proprietary software grew to dominate the technology industry. After that last period in our timeline, the IT industry grew to understand how the open source model of community contribution might make enterprise software even better. Code could be augmented, enhanced, finessed and sometimes even forked and skewed when different users felt the need to bring new features to a software product or platform
BeyondTrust Technology Predictions for 2017 and Beyond (Marketwired) Behavior-based authentication, state-sponsored cyber terrorism and IoT regulations top the list of the biggest possibilities for the coming year
How hackers will exploit the Internet of Things in 2017 (Help Net Security) The Internet of Things (IoT) is now a major force in the weaponization of DDoS
Are you ready for the EU GDPR? (Help Net Security) Current application test data management practices are not adequate to meet the compliance requirements of the EU General Data Protection Regulation (GDPR), according to CA Technologies
Networks Getting Younger as Organisations Embrace Mobile Workforce Internet of Things and Software Defined Networking (Dimension Data) The number of enterprises with at least one security vulnerability is the highest in five years
Marketplace
Yahoo had evidence of security breach 18 months before it began investigating (Los Angeles Times) Yahoo Inc. detected evidence that a hacker had broken into its computer network at least 18 months before launching an investigation that discovered personal information had been stolen from about 500 million user accounts
SEC Filing Indicates Yahoo Might Have Known About Data Breach in 2014 (eWeek) A new Security and Exchange Commission filing suggests that Yahoo may have actually known about a massive data breach that it first publicly acknowledged on Sept. 22 as much as two years earlier
MasterPeace Solutions Announces Launch of Two Technology Start-Ups (Digital Journal) Company's innovative portfolio of emerging technology initiatives highlighted by the successful spin-off of SrcLight and Zuul IoT
Privatoria.net is announcing the renewed entry into a market after significant reorganization (PRLOG) Online privacy solutions provider, Privatoria.net, announces complete update of its services & rise onto a new efficiency level
4 Cybersecurity Stats That Will Blow You Away (Motley Fool) These four numbers show how hot the cybersecurity market could become within the next few years
If Trump Bump Holds, Will Palo Alto, Cybersecurity Stocks Rise? (Investor's Business Daily) After falling below key support lines in recent weeks, cybersecurity stocks like Symantec (SYMC), CyberArk Software (CYBR) and Proofpoint (PFPT) are showing signs of a rebound. Meanwhile, fellow security software provider and 2015 IPO Mimecast (MIME) climbed around 17% for the week
Better Buy: FireEye Inc vs. CyberArk (Motley Fool) Pitting the two growing cybersecurity companies against each other as investment ideas
Better Buy: Palo Alto Networks, Inc. vs. Fortinet (Motley Fool) Growth is slowing in the industry, but that could spell opportunity for long-term investors
Acquisition of US cyber security consultancy (London South East) NCC Group plc (LSE: NCC or "the Group"), the independent global cyber security and risk mitigation expert, has acquired Virtual Security Research, LLC ("VSR") for a maximum consideration of $6m in cash
Thiel vs Karp: Palantir co-Founders backed both Clinton and Trump (Sociable) Peter Thiel is tapped for a possible role in President-elect Trump’s transition team while his Palantir business partner gave $100K to the Clinton Global Initiative
Hackers Pwned Apple Safari in 20 seconds; Google Pixel in 60 seconds (HackRead) Recent Pwnfest sends Google and Apple back to basics — hackers pwned Google Pixel and Apple Safari browser — before this, the same hackers hacked Microsoft Edge and VMware all in few seconds
Chinese security specialists flex muscles at international hackers carnival (China Dailly) White hats from Qihoo 360 Technology Co have showcased the latest bug-fixing improvements at an international hackers conference
Reg meets 'Lokihardt', quite possibly the world's best hacker (Register) Korean chap finds flaws in moments, scores $100k apiece for fun
Key NSA contract for CSRA could face 'additional delays' (Washington Business Journal) CSRA Inc. (NYSE: CSRA) is keeping a watchful eye on one of its major National Security Agency contracts slated to be broken up and re-competed in the coming year, but it will have to wait a while longer
Products, Services, and Solutions
New Luma Updates: Bedtime Rules & Additional Security Details (Medium) New and improved security & control for your WiFi
New infosec products of the week: November 11, 2016 (Help Net Security) Norton Mobile Security for Android boosts security and privacy protections... Ixia enhances Application and Threat Intelligence Processor... Guardian Analytics Sentinel protects treasury management organizations from fraud... Aon introduces new risk management solution... Arch Insurance Group releases Arch Netsafe 2.0
OWASP ModSecurity Core Rule Set (CRS) (Modsecurity) The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts
UK Ministry of Defense Signs Deal with Microsoft for Extra Security in the Cloud (Softpedia) 95,000 mailboxes will be protected by Microsoft
Fiserv, CrowdStrike partner to provide multilayered cybersecurity solution for FIs (ATM Marketplace) Fiserv has announced it will add CrowdStrike SaaS-based endpoint protection technology to its multilayered Sentry Cyber Security offerings
Napatech and ntop Partnership Creates Compact 100G Solution for Line-rate Traffic Monitoring with Zero Packet Loss (PRNewswire) Global data center gets the network performance measurement and security traffic analysis it needs
Coalfire Affirms PCI 3.2 Assessment of vArmour DSS Distributed Security System (Marketwired) Application-layer network visibility, software-based segmentation and micro-segmentation from vArmour to protect applications and workloads in data center and cloud environments
Swift and massive data classification advances score a win for better securing sensitive information (IT-Director) We'll learn how Digital Guardian in Waltham, Massachusetts analyzes both structured and unstructured data to predict and prevent loss of data and intellectual property (IP) with increased accuracy
Radware Receives Multi Million Application Delivery Orders From a Leading European Bank (GlobeNewswire) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions ensuring optimal service levels for applications in virtual, cloud, and software-defined data centers today announced that it signed multiple contracts totaling $7M to provide on-site application delivery solutions to a leading European bank
The Warrior to Cyber Warrior (W2CW) Initiative Gives Back on Veterans Day: Free Cyber Certifications for Vets and Active Duty Military (PRNewswire) In honor of Veterans Day, the Warrior to Cyber Warrior (W2CW) initiative today announced that Veterans and Active Duty Military will be entitled to take one exam in the Cyber Certified Experts (CCE) Program free of charge. Made possible through a generous donation from the Lunarline School of Cyber Security (SCS), this free online certification will be available for one year starting November 11th, 2016
Technologies, Techniques, and Standards
New Cybersecurity Framework “Profile” to Help Ensure Safe Transfer of Hazardous Liquids at Ports (NIST) The U.S. Coast Guard (USCG) oversees approximately 800 waterfront facilities that, among other activities, transfer hazardous liquids between marine vessels and land-based pipelines, tanks or vehicles
Maritime Bulk Liquids Transfer Cybersecurity Framework Profile (US Coast Guard) White House Executive Order (EO) 13636 tasked the Director of the National Institute of Standards and Technology (NIST) to “lead the development of a framework to reduce cybersecurity risks to critical infrastructure (the ‘‘Cybersecurity Framework’’).” The “Cybersecurity Framework” was published in February 2014, and the important work of integrating the framework into organizational operations is well underway in many industries. One of the primary ways industries are integrating the Cybersecurity Framework is by creating industry‐focused Framework Profiles (“Profiles”) as described in the Cybersecurity Framework
New NIST Guide Helps Small Businesses Improve Cybersecurity (NIST) Small-business owners may think that they are too small to be victims of cyber hackers, but Pat Toth knows otherwise. Toth leads outreach efforts to small businesses on cybersecurity at the National Institute of Standards and Technology (NIST) and understands the challenges these businesses face in protecting their data and systems
Small Business Information Security: The Fundamentals (NIST) Small businesses are an important part of our nation’s economic and cyber infrastructure. According to the Small Business Administration, there are approximately 28.2 million small businesses in the United States
Feds Can Save More Than $5 Billion Annually and Act Faster by Improving Threat Monitoring, Correlation, and Automation of Protections (MeriTalk) New study highlights need for actionable cyber awareness
IRDAI Developing Cybersecurity Framework for Insurers (InfoRisk Today) Two working groups to develop recommendations
OMB tries again to define a major cyber incident (Federal News Radio) What is a major cyber incident? Seems like a simple enough question to answer. But the Office of Management and Budget has been refining the definition for the better part of a decade
Why Unidirectional Security Gateways can replace firewalls in industrial network environments (Help Net Security) n this podcast recorded at IoT Solutions World Congress Barcelona 2016, Andrew Ginter, VP of Industrial Security at Waterfall Security, talks about Unidirectional Security Gateways. They can replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks originating on external networks
6 Tips For Stronger SOCs (Dark Reading) New guide offers ways for companies to more effectively organize, manage, and staff their security operations centers
Learning To Trust Cloud Security (Dark Reading) Cloud-centric computing is inevitable, so you need to face your concerns and be realistic about risks
Security Metrics Checklist (Dark Reading) Which metrics are the best indicators of a strong cybersecurity team? Experts say security pros should be recording and reporting these data points to demonstrate their success
ABN looked at using undercover security staff to prevent cyber attacks (Reuters) Dutch Bank ABN-AMRO considered sending undercover security staff amid employees to help improve cyber security but has decided not to follow this practice, officials said
Threat Hunting Close to Home: Escaping the RIG EK with Passive DNS (RiskIQ) Sometimes threat hunting brings you to familiar territory
The Danger of Ignoring the 'Espionage' in Cyber Espionage (STRATFOR Security Week) This week, I had the honor of delivering a keynote speech for the Global Cyber Security Leaders Conference in Berlin. The city, which decades ago was a hub of Cold War-era espionage, provided the perfect backdrop for my attempt to put its modern cousin — cyber espionage — into context
Ransomware doesn’t mean game over (Malwarebytes Labs) Let’s face it. We live in a completely different security world from a decade ago and the kinds of threats we face have taken a new form. This time it’s ransomware. Over the course of just a few years, this threat has evolved from an annoying pop-up to a screen freezer that utilizes disturbing imagery to a sophisticated malicious program that encrypts important files
How to prepare your company for cybersecurity threats (Help Net Security) When the FBI announced the arrest of a Russian hacker in October, it was notable – but maybe not for the reason you’d expect. Yevgeniy N., who was picked up in Prague, is implicated in the 2012 megabreach at LinkedIn
Facebook is buying up stolen passwords on the black market (Naked Security) Facebook shops for passwords sold on the online black market, buying up credentials from crooks to sniff out which ones its users are reusing, Chief Security Officer Alex Stamos said at the Web Summit in Lisbon on Wednesday
How ‘Security Scorecards’ Advance Security, Reduce Risk (Dark Reading) CISO Josh Koplik offers practical advice about bridging the gap between security and business goals in a consumer-facing media and Internet company
Mitigating insider threats remains a major cyber concern (TechTarget) Expert panelists at the Cambridge Cyber Summit briefed the audience on some of the steps that organizations should implement for mitigating insider threats
U.S. Army will soon be hacked by freelance security researchers (CyberScoop) Following the successful implementation of a similar program aimed across the Department of Defense earlier this year, the U.S. Army announced plans to launch its own bug bounty program Friday
Worried about the NSA under Trump? Here's how to protect yourself (Guardian) We don’t yet know Trump’s surveillance plans, but follow these guidelines if you think it’s better to be safe than sorry
Design and Innovation
The Future of IoT: Containers Aim to Solve Security Crisis (Linux.com) Despite growing security threats, the Internet of Things hype shows no sign of abating. Feeling the FoMo, companies are busily rearranging their roadmaps for IoT
Defeating Malware With Its Own DNA (Info Tech Garage) It’s widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software
Research and Development
MIT students and others teaching IBM Watson about cybersecurity (Tech Republic) Enterprise IT risks are growing seemingly faster than security professionals can keep up. Enter artificial intelligence as their latest defense mechanism
Researchers set to work on malware-detecting CPUs (Help Net Security) Adding hardware protections to software ones in order to block the ever increasing onslaught of computer malware seems like a solid idea, and a group of researchers have just been given a $275,000 grant from the National Science Foundation to help them work on a possible solution: malware-detecting CPUs
Academia
Five million register for NSA’s ‘Day of Cyber’ (FedScoop) Students and other users get to virtually explore simulated real-life cyber scenarios and discover the skills and tools used by the NSA hackers, analysts and cyber-defenders
Punjab’s Chitkara University becomes India’s First Educational Institution to use Blockchain Technology to issue e-documents (City Air News) Chandigarh based Chitkara University, a University Grants Commission (UGC) recognized private university offering multi-disciplinary industry relevant programs, has today announced that it has started adopting the Blockchain technology to issue e-documents for student’s benefit
Nation’s top cybersecurity students battle at Collegiate Penetration Testing Competition (University News) RIT places third among 10 colleges in annual computing security competition
WorkZone: Pitt scams its workers to teach lesson about phishing schemes (Pittsburgh Post-Gazette) Do you ever feel like your employer is trying to set you up? Catch you in the act? Put you on a watch list? Employees at the University of Pittsburgh, meet Sean Sweeney, your company-sanctioned scammer
Infoblox and University of Washington Tacoma Join Forces in Cybersecurity Battle (South Sound Talk) Infoblox Inc., the network control company that provides Actionable Network Intelligence, announced a partnership with the University of Washington Tacoma for research into the use of cutting-edge machine learning methodologies to help mitigate domain name system (DNS) cybersecurity issues that affect our government, economy and daily lives. The goals of the partnership include publishing research that will benefit the cybersecurity community, developing products to help organizations prevent and remediate cybersecurity issues, and providing real-world experience to students who will enter this growing field
Carnegie Mellon University Wins National Cyber Analyst Challenge (HS Today) A team from Carnegie Mellon University was awarded $25,000 as the winner of the second National Cyber Analyst Challenge (NCAC), a cyber competition powered by Leidos and administered by Temple University's Institute for Business and Information Technology (IBIT) to fill the ever-growing need for cyber analysts
Legislation, Policy, and Regulation
Your Government Wants to Militarize Social Media to Influence Your Beliefs (Motherboard) A global conference of senior military and intelligence officials taking place in London this week reveals how governments increasingly view social media as “a new front in warfare” and a tool for the Armed Forces
New Chinese Cybersecurity Law: A Step Backward? (GovInfo Security) Experts analyze potential impact of measure designed to battle cyberattacks
China’s vast Internet prison (Washington Post) China's Internet is a universe of contradictions. It has brought hundreds of millions of people online and has become a vast marketplace for digital commerce, yet it is also heavily policed by censors to snuff out any challenge to the ruling Communist Party. Under President Xi Jinping, the censors are working overtime to keep 721 million Internet users under control
Russia's increasing cyber-capabilities underestimated? (SC Magazine) As Russia increases its military and civilian cyber-security capabilities, is the West under-estimating these developments?
Russia to Block Access to LinkedIn Over Alleged Legal Violations (Bloomberg) Access to LinkedIn will be blocked in Russia after the U.S. social network failed to move personal data storage to the country, the country’s communications watchdog Roskomnadzor has said
Brace yourselves! Blighty is turning to AI for help (Register) AI will improve UK government's digital services, apparently
UK Spy Agencies on the Hunt for Recruits (Infosecurity Magazine) The UK government is on the lookout for budding coders to take up apprentice positions at GCHQ, MI5 and MI6 with Monday the closing date for applications
Did Weak InfoSec Sway Election? (DataBreach Today) Audio report: ISMG Editors analyze the latest developments
Long Time Mass Surveillance Defenders Freak Out Now That Trump Will Have Control (TechDirt) The Lawfare blog, run by the Brookings Institution, has long reliably been a good source to go to for reading what defenders of mass surveillance and the surveillance state are thinking -- in a non-hysterical way
Trump win alarms cyber pros (SC Magazine) Security pros are bracing for changes the industry may face after the unexpected election of real-estate entrepreneur and reality television personality Donald J. Trump in a historic presidential race
Army honing in on cyber defense (C4ISRNET) Army officials have seen the growth in cyber defense coming down the pike. This is in part to its Defensive Cyberspace Operation infrastructure program. For its part, the Program Executive Office for Enterprise Information Systems is tasked with providing DCO the non-tactical, enterprise network
Who are the CIOs that soon will need new jobs? (Federal News Radio) Ten federal chief information officers are working on their resignation letters. Sometime over the next 70 days, CIOs from the departments of Veterans Affairs to Commerce to Homeland Security to the federal CIO will notify the incoming Trump administration of their plans to leave their posts
Litigation, Investigation, and Law Enforcement
Kaspersky says Windows' security bundle is anti-competitive (Engadget) The antivirus developer has filed complaints over Microsoft's seeming hostility to third-party apps
Russia shoves antitrust probe into Microsoft after Kaspersky gripes about Windows 10 (Register) Друг познаётся в беде́
Court Grants LabMD a 'Stay' of FTC Consent Order (HealthcareInfo Security) Delay granted as lab awaits appellate court review
Infect every TorMail user? That’s not what the FBI’s warrant said (Naked Security) The FBI has served up a redacted version of the warrant it requested to deposit identity-exposing malware on the computers of those who used private TorMail accounts to visit child pornography sites hidden on the dark web
In the Matter of the Search of Computers that Access "Websites 1-23" (United States District Court for the District of Maryland) I have been employed as a Special Agent ("SA") with the Federal Bureau of Investigation since [redacted] and I am currently assigned to the FBI's Violent Crimes Against Children Section, Major Case Coordination Unit ("MCCU")
What Impact Will Removal of High-Denomination Currency Have? (InfoRisk Today) Action raises concerns about increase in cyber fraud
Information Sharing: A Powerful Crime-Fighting Weapon (BankInfo Security) Law enforcement, government agencies stress that threat intelligence is critical
Nigeria Lost $450 Million to Cyber Attack in 2015 - Govt (All Africa) The federal government has lamented the loss of over $450 million dollars to cyber attacks in 2015 alone, saying drastic measures must be taken to arrest the trend
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
AlienVault USM Webcast (Online, Dec 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.
Upcoming Events
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, Nov 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
CyberCon 2016 (Washington, DC, USA, Nov 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the defining challenge for the foreseeable future and CyberCon 2016 will provide a roadmap for innovation and collaboration that lead to more transparent and secure networks.
Versus 16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age
Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, Nov 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
Internet of Things (IoT) (Elkridge, Maryland, USA, Nov 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.