New Android lawful intercept spyware discovered. Crooks crow over Tesco. Carbanak evolves. A couple more million adult friends are in trouble. Polaris Alpha formed by Arlington Capital. German, US cyber strategies. Hacker cops to TalkTalk hack.
news from the Chesapeake Regional Tech Council's Commercial Cyber Forum—Insider Threat
The US National Industrial Security Program (NISPOM) mandates measures companies must take to secure classified information. On May 18, 2016, the Department of Defense issued Change 2 to NISPOM, significant because it requires contractors (defined as any "industrial, educational, commercial, or other entity that has been granted a facility security clearance (FCL) by a Cognizant Security Agency") to implement an Insider Threat Program no later than November 30, 2016. We're two weeks away from that deadline, and yesterday the Chesapeake Regional Technology Council convened a panel of experts on the insider threat at the Chesapeake Innovation Center in Odenton, Maryland, to give companies some perspective on what NISPOM Change 2 means to them.
Chuck Ames, Director of Cyber Security at the Maryland Department of Information Technology, chaired the panel, which consisted of Mike Miller (VP Insider Threat, Tanager), Shawn Thompson (founder and president, Insider Threat Management Group), and Keith Moulsdale (Whiteford Taylor Preston). Our account of the forum may be found here.
A new strain of lawful intercept spyware appears to be targeting Android devices. The manufacturer is not HackingTeam, however: it's instead thought to be a different Italian company. Attribution, however, remains circumstantial and preliminary.
Synack points out that the Mac version of music-identifying tool Shazam keeps recording when it's switched off. It just stops processing. Shazam says this is benign behavior, but that, out of sensitivity to user concerns, it will update its software in a few days.
The Carbanak cyber gang, known for attacks on banks, has turned its attention to the hospitality sector. Trustwave has a rundown on the criminal campaign, which still begins with social engineering.
The tally from the AdultFriendFinder breach creeps up, reaching a reported 412 million.
Lots of cyber hoods have been crowing on the dark web for some time about the Tesco fraud—the crowing seems to have started long before the incident was disclosed.
In industry news, Arlington Capital (advised by the Chertoff Group) assembles a new cyber security firm, Polaris Alpha, from EOIR, Intelligent Software Solutions, and Proteus Technologies.
Germany's new cyber security strategy appears to exhibit familiar tensions: calls for public-private partnership (but without clarity about how such might be realized), a commitment to widely available strong encryption (and to the ability of security and legal agencies to access communications in cases of need). In the US, lobbyists are already approaching the incoming Administration to advocate strong encryption and limits on surveillance.
A British teen cops to the TalkTalk hack.
Notes.
Today's issue includes events affecting Australia, China, Estonia, Georgia, Germany, Ireland, Italy, NATO/OTAN, Romania, Russia, United Kingdom, and United States.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland, as Jonathan Katz gives us a report on how cryptography can make us of photonic technology. Our guest is Steven Grossman from Bay Dynamics, who offers a timely discussion of insider threats. If you enjoy the podcast, please consider giving it an iTunes review.
Odenton, Maryland: the latest from the CRTC Commercial Cyber Forum—Insider Threat
Developing an Insider Threat Program: Risk Mitigation and Compliance (The CyberWire) Wednesday, November 30, 2016, marks the deadline by which affected contractors must comply with new US Government insider threat mitigation requirements
National Industrial Security Program Operating Manual (US Department of Defense) This Manual: a. Is issued in accordance with the National Industrial Security Program (NISP). It prescribes the requirements, restrictions, and other safeguards to prevent unauthorized disclosure of classified information
ISL 2016-02 (US Department of Defense) On May 18, 2016, the Department of Defense published Change 2 to DoD 5220.22-M, “National Industrial Security Operating Manual (NISPOM)”
Insider Threat Program (ITP) for Industry (Defense Security Service, Center for Development of Security Excellence) I heard that NISPOM Change 2 requires me to establish an Insider Threat Program. I don't know where to begin
Insider Threat Toolkit (Defense Security Service, Center for Development of Security Excellence) Do you have a question about how to do something or need more information about a topic? This toolkit will quickly point you to the resources you need to help you perform your role in the Insider Threat field
NISPOM Change 2 (Tanager) On May 18th 2016 DoD 5220.22-M, “National Industrial Security Operating Manual (NISPOM) Change 2 was released by the US Government
Cyber Attacks, Threats, and Vulnerabilities
Kryptowire Discovered Mobile Phone Firmware That Transmitted Personally Identifiable Information (PII) Without User Consent Or Disclosure (PRNewswire) Kryptowire has identified several models of Android mobile devices that contained firmware that collected sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent
Shhh! Shazam is always listening – even when it's been switched 'off' (Register) But it's totally benign, say developers
Malware Hunters Catch New Android Spyware For Governments In The Wild (Motherboard) A group of malware hunters has caught a new Android spyware in the wild. The spyware is marketed to governments and police forces and was made in Italy—but it wasn’t built by the infamous surveillance tech vendor Hacking Team
Dangerous Android threat points to Italian spyware maker (Help Net Security) A piece of Android spyware recently analyzed by researchers with the RedNaga Security team seemed to be yet another Hacking Team spying tool but, according to more recent revelations, another Italian company is its likely source
Carbanak Attacks Shift to Hospitality Sector (Threatpost) The Carbanak cybercrime gang, best known for allegedly stealing $1 billion from financial institutions worldwide, have shifted strategy and are targeting the hospitality and restaurant industries with new techniques and malware
New Carbanak / Anunak Attack Methodology (Trustwave SpiderLabs Blog) In the last month Trustwave was engaged by two separate hospitality clients, and one restaurant chain for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new Carbanak gang attack methodology, focused on the hospitality industry
Ransomware Threatens to Expose Child Pornography (Infosecurity Magazine) Security researchers have discovered a new ransomware variant designed to harvest social and comms data and scan for evidence of child exploitation and pirated content in a bid to guarantee payment of the ransom
Malspam distributing Troldesh ransomware (SANS Internet Storm Center) Earlier this week on Monday 2016-11-14, I found an example of malicious spam (malspam) distributing Troldesh ransomware. Troldesh (also called Filecoder or Shade) was initially reported in 2015
Meet PoisonTap, the $5 tool that ransacks password-protected computers (Ars Technica) The perils of leaving computers unattended is about to get worse
Cryptsetup Vulnerability Grants Root Shell Access on Some Linux Systems (Threatpost) A vulnerability in cryptsetup, a utility used to set up encrypted filesystems on Linux distributions, could allow an attacker to retrieve a root rescue shell on some systems. From there, an attacker could have the ability to copy, modify, or destroy a hard disk, or use the network to exfiltrate data
Ramnit Trojan Resurgence Now Complete as v2 Targets UK Banks (WebImprints) Ramnit’s revival is now complete as security researchers are starting to see more coordinated attacks spreading the banking trojan’s latest version, with the vast majority of targets being banks from the UK
Cyber criminals boast on dark web about Tesco Bank breach (IT Pro) Hackers knew about data thefts months before Tesco Bank reported the attack
Tesco was warned before hack – claim cyber security firms (Computer Business Review) Reports say dark web chats described the bank as a cash machine
Privacy stripped bare as hackers breach 412 million Adult Friend Finder accounts (Naked Security) S[*]x and dating website Adult Friend Finder Network has reportedly suffered one of the largest – and potentially compromising – data breaches in internet history
Adult Friend Finder Hack Will Lead to 'Domino Effect' (Newsweek) A major data breach to the “s[*]x and swingers” website Adult Friend Finder could trigger a series of follow-on hacks, security researchers have warned
The Web-Shaking Mirai Botnet Is Splintering—But Also Evolving (Wired) Over the last few weeks, a series of powerful hacker attacks powered by the malware known as Mirai have used botnets created of internet-connected devices to clobber targets ranging from the internet backbone company Dyn to the French internet service provider OVH. And just when it seemed that Mirai might be losing steam, new evidence shows that it’s still dangerous—and even evolving
Zscaler traffic analysis finds IoT devices misbehaving (SC Magazine) In a two-month analysis of Internet of Things device traffic that was picked up on its cloud service, network and Internet security company Zscaler identified various IoT connected devices that were exhibiting potentially dangerous behaviors
Akamai: Look for IoT devices to attack during Thanksgiving, Christmas (CSO) DDoS threats including the Mirai botnet will likely surge
Deloitte and MAPI Study: Connected Devices, Industrial Control Systems Expose Manufacturers to Cyber Threats (PRNewswire) Intellectual property theft tops manufacturers' concerns; new report identifies measures to control cyber risks associated with advanced manufacturing
Cybercriminals – Who They Are and What They Do (Tech Featured) Cybercriminals are clever, organized in gangs, well-funded, and very tech savvy. The goal of these criminals is can be explained in two words: make money
More mobile operators in West Africa are targets of SS7 attacks than any other African Region, AdaptiveMobile reveals (BusinessWire) AdaptiveMobile finds Location Tracking and Information Harvesting among top attack types
Security Patches, Mitigations, and Software Updates
With Firefox 50, Mozilla plugs many security holes (Help Net Security) Firefox 50 is out, and it includes security fixes for 3 critical, 12 high, 10 moderate, and 2 low severity issues, as well as many usability improvements
VMware Patches VM Escape Vulnerability (Threatpost) VMware quickly turned around a patch for a critical code execution flaw that was worth $150,000 to the researchers who found it
Microsoft won't provide extended support for Office 2007 products beyond October 2017 deadline (ZDNet) IT administrators take note: Microsoft's Office 2007/Exchange 2007 wave of client and server software is set to exit support in October 2017, and extended custom support agreements are going away
Cyber Trends
The 2017 Forcepoint Security Predictions Report and Webcasts are Here! (Forcepoint) Get advanced knowledge on the most challenging threats we predict for next year with the 2017 Forcepoint Security Predictions Report, which is available now!
Experts Say Internet 'Mega' Attacks Are on the Rise (Fortune) It could be a long 2017
Akamai Releases Third Quarter 2016 State of the Internet / Security Report (PRNewswire) Q3 report highlights a 138 percent YoY increase in total DDoS attacks greater than 100 Gbps with two record DDoS attacks caused by the Mirai Botnet. Web application attacks decreased by 18 percent YoY; 20 percent of all web application attacks in Q3 originated from the United States
Bitglass Report: Cloud Adoption Hits All-Time High; O365 and G Suite Now Deployed in 59 Percent of Organizations Worldwide (Broadway World) Bitglass, the Total Data Protection company, today released its 2016 Cloud Adoption Report, its third annual Cloud Adoption report, which examines the cloud applications used in more than 120,000 organizations around the globe
Mobile pros are addicted to Wi-Fi, connectivity impacts their choices (Help Net Security) iPass surveyed more than 1,700 mobile professionals worldwide about their connectivity habits and preferences, highlighting the ever-increasing influence of Wi-Fi on our daily lives
Ireland 'is in the firing line for a major cyber attack' - security expert (Independent) Dublin Info Sec 2016 conference gets underway
Marketplace
Arlington Capital merges three companies to create $250M government tech contractor (Washington Business Journal) Arlington Capital Partners is at it again
Report: Symantec May Be Close To Spending $2B For LifeLock, An Identity Theft Protection Service (CRN) Following its blockbuster Blue Coat Systems acquisition this summer, Symantec may be looking to make another big buy, according to Bloomberg. Published reports say the security vendor is close to buying LifeLock in a deal that could be worth as much as $2 billion
Threat intelligence firm Apvera raises $1.7Mn from ACP and Spring Seeds Capital (The Tech Portal) Singapore-based Apvera was founded to transform the way organizations detect, prevent and predict real-time behavioural threat anomalies. Given the ever-increasing scope and tenacity of targeted cyber-attacks on businesses, organizations, and governments, it is remodeling the security industry through the application of user and entity behavior analytics, bringing real-time endpoint profiling and anomaly detection leveraging advances in machine learning. It simply diverges from the widely-accepted concept that advanced threat protection alone will be an important aid against advanced threats
Siemplify Closes $10 Million Financing to Accelerate Market Leadership in Security Operations and Incident Response (BusinessWire) Capitalizing on increased demand, ThreatNexus revolutionizes security operations for enterprise and MSSP customers
MACH37 Portfolio Company Atomicorp Raises $1 Million in Seed Funding (IT Business Net) The MACH37 Cyber Accelerator is pleased to announce that Atomicorp, Inc., a developer of industry leading solutions for the protection and support of cloud servers and Internet of Things devices, has closed a $1 million seed investment round led by Blu Venture Investors
Two Accomplished Security Entrepreneurs Invest In RiskRecon (PRNewswire) RiskRecon, an industry forerunner in providing continuous, comprehensive and actionable measurements of third-party security performance, today announced that two highly regarded security and technology experts are investing in the company. Mickey Boodaei and Rakesh Loonkar, serial entrepreneurs and investors with a proven track record of investing in successful security start-up ventures, will provide funding to the emerging leader in third party risk management
BRIEF-Secunet Security Networks increases FY 2016 forecast (Reuters) Secunet Security Networks AG: Has increased its forecast for fiscal year 2016, owing to company's sustainably good business performance, driven particularly by increased demand for products in Sina family in present Q4
Why Shares of FireEye (FEYE) Rallied in the Last 10 Days? (Nasdaq) It has been over 10 days since FireEye Inc. FEYE reported third-quarter 2016 results. Following the release, the stock has been on the rise
Fortinet: Headwinds Will Calm in 2017, Says Morgan Stanley (Barron's) As mentioned this morning, Morgan Stanley’s Melissa Gorham raised her rating on shares of security technology vendor Fortinet (FTNT) to Overweight from Equal Weight, with a $39 price target, up from $33, writing that security remains a top priority for enterprises and is also “a bipartisan priority for governments"
Fortinet, Proofpoint, Barracuda Rise On Upbeat Analyst Views (Investor's Business Daily) Shares in Proofpoint (PFPT), Fortinet (FTNT) and Barracuda Networks (CUDA) rose Tuesday on positive analyst views of the software security sector
Cybersecurity skills “chasm” widening as Trend Micro joins rush to stake its claim (CSO) More Australian cybersecurity job applicants are unqualified than ever before, ISACA figures show
IBM opens new Cambridge, MA security headquarters with massive cyber range (TechCrunch) It was a big day today for IBM today as it opened its shiny new security headquarters in Kendall Square in Cambridge, MA, complete with what the company is calling the first commercial cyber range
Unisys to add 400 new jobs as renovations near completion (WRDW) The IT Company supporting our military is getting ready to put hundreds more people to work. Unisys moved into its new home on Augusta's Riverwalk in February
Skyhigh Networks Recognized as a ‘Leader’ in Cloud Security Gateways by Independent Research Firm (BusinessWire) New report evaluates the Cloud Security Gateway/Cloud Access Security Broker market, citing Skyhigh’s “extensive application support”
eSentire Ranked Number 288 Fastest Growing Company in North America on Deloitte’s 2016 Technology Fast 500™ (eSentire) Attributes revenue growth to accelerated mid-market service demand
eSentire Named one of Deloitte’s Technology Fast 50™ Companies (eSentire) Back to back list ranking validates continued growth and cybersecurity fortes in the Canadian technology sector
Cyber security consultancy firm Dark Matter to expand operations (Gulf News) The company aims to become a major global player
LightCyber Forms Advisory Board of Security Industry Experts (BusinessWire) Former Deputy Director of FBI, SANS analyst and instructor and financial fraud tech executive join to advise company on market opportunities and directions
Products, Services, and Solutions
Best free antivirus software 2016/2017: protect your PCs and laptops (and Android devices) for free (PC Advisor) Here are the best free antivirus programs from companies you probably didn't even know offered security software for free
ThreatQuotient Delivers First Threat Intelligence Platform (TIP) for Threat Operations and Management (ThreatQuotient) ThreatQ v2 empowers security professionals with an open and extensible platform for threat intelligence customization, automation and integration
Versasec, DigiCert Establish Formal Working Relationship (Verasec) Government, manufacturing, healthcare and other joint customers requiring advanced authentication solutions to see significant benefits
Elbit Systems' Subsidiary, Cyberbit, Selected by Samsung SDS to Provide Advanced Cyber Security Solutions (PRNewswire) Cyberbit's SCADAShield solution will be delivered by Samsung SDS to protect its customers' industrial control networks
Cybric helps developers build more secure applications automatically (TechCrunch) These days, application development happens at increasing velocity, and security can be a victim of that speed. Cybric wants to address that issue that by providing an automated security check every time you update the build
TAG Unveils Anti-Malware Certification For Online Ad Industry (Dark Reading) As the ad industry continues its fight against malware, the Trustworthy Accountability Group launches a threat-sharing hub to provide intelligence on attacks
ImageWare Debuts First Ever Multimodal Biometric Authentication Solution for the Microsoft Ecosystem—GoVerifyID® Enterprise Suite (Imageware Systems) Cloud-based solution seamlessly integrates and is backward compatible with Windows 7, 8 and 10
Gemalto advances secure communications for Financial Services industry with Symphony Platform Integration (Gemalto) Gemalto SafeNet HSM delivers highest level of digital trust to secure sensitive communications through the Symphony platform
Ixia Delivers First Multi-Terabit Network Security Test Platform for Hyperscale Data Centers (Ixia) New CloudStorm evaluates reliability, security, and quality of experience at cloud scale
Extending Our Leading Data Protection with Secure, Resilient Gateway-delivered Structured Data Encryption (Netskope) We are pleased to announce that we are extending our industry-leading cloud data protection in the Netskope Active Platform by enhancing our structured data encryption delivered native in the application to also be delivered in a “gateway” model by our cloud access security broker (CASB), for both data at rest and en route to a variety of cloud services
VIPRE® Endpoint Security 9.5 Adds Cloud Services to Strengthen Malware Defense and Simplify Management (ThreatTrack) VIPRE combines cloud-based malware defenses and management services to make it even easier for businesses to deploy the industry’s top-rated endpoint security solution
Cyberbit Launches Channel Program to Create a Profitable Opportunity to Solve Customers' Most Critical Cyberthreats (Yahoo! Finance) Cyberbit, whose cybersecurity solutions protect the world's most sensitive systems, today announced the launch of its Channel Program for North American Partners: MSSPs, VARs, distributors and consultants, who play a critical role in helping companies defend themselves against evolving cyberthreats. The Cyberbit Channel Program will deliver enhanced margins to partners, by providing Cyberbit's suite of solutions, addressing today's most complex cyber security problems for customers
Comodo Launches New Full-lifecycle Digital Certificate Management Platform (PRNewswire) Comodo Certificate Manager automatically discovers all internal and external SSL/TLS certificates in the enterprise and organizes them into one central inventory to simplify SSL/PKI tracking and management
Privatoria Ensures Privacy for Web Users, Preventing Identity Tracking and Hacking (Hacked) With Internet privacy increasingly under attack, web users have to consider ways to ensure they won’t fall victim to a breach or have their online activity exposed to unwanted external parties
Alcatel-Lucent Enterprise Solution Brings Next-Gen UC&C to SMBs Through Simplified Hybrid Cloud Model (Technuter) ALE, operating under the Alcatel-Lucent Enterprise brand, today introduced a new generation of small-medium business (SMB) solutions providing access to advanced cloud services. These new solutions ‘make IT simple’ for SMBs to use and for the channel partners serving them
Lookout Expands Personal Security Offering with Launch of Breach Report and Identity Protection (PRNewswire) Over a third of Americans have had their identity stolen, according to Lookout research
ESET leading the way in anti-malware, report finds (Security Brief) ESET is enjoying a landmark score in the latest Home Anti-Malware Protection test from SE Labs, earing a AAA grade for the ESET Smart Security 9 offering, which garnered a 100% protection score
Avast App Triage Program Hunts for Bugs, Secures Your Apps for Free (PRNewswire) Amid high enterprise demand for mobile apps, Avast's App Triage Program provides a free security assessment on both the front-end and back-end of mobile apps, ensuring vulnerabilities are caught and corrected
New Cybersecurity Password Protection System Launches for Consumers & Businesses (PRNewswire) PasswordWrench™ launches the only truly secure password protector
Improved Cyber Hygiene, Topological Risk Reporting, and Agent Capabilities Now Included in AristotleInsight® (PRNewswire) Sergeant Laboratories is pleased to announce several new features in their core product, AristotleInsight®. AristotleInsight® is a Big Data Security Analytics Platform that implements Sergeant Laboratories' proprietary UDAPE™ Cyber Intelligence Service
Avnet Unveils Managed Security Offering To Help Partners Protect SMB, Midmarket Customers (CRN) Avnet launched a managed security service aimed at boosting partner margins and making solution providers stickier with end users in the health-care and retail verticals
Israeli Tech Last Line of Defense for Power Plant Cyber Attacks (Bloomberg) In Ocean’s Eleven, George Clooney’s gang inserts a recording into a casino security camera system so the guard sees only a video loop from the day before, camouflaging a heist from the safe
Malwarebytes 3.0 will finally replace your traditional antivirus (Neowin) Malwarebytes is a high performance anti-malware application that thoroughly removes even the most advanced malware and spyware
Brocade Ruckus’ Cloudpath launched to ease enterprise-grade security deployment (Voice & Data) NASDAQ-listed network security company Brocade has launched Ruckus Cloudpath ES 5.0 software. This new release by Brocade is expected to build on previous BYOD onboarding capabilities to create a complete integrated security and policy management platform. Cloudpath ES 5.0 software enables IT organizations of any size to easily establish secure, policy-based access for wired and wireless devices
Technologies, Techniques, and Standards
Root of Trust Definitions and Requirements (GlobalPlatform Security Task Force) The aim of this document is to provide definitions and requirements for the trusted computing concept of Root of Trust in the context of GlobalPlatform. The document then proceeds to relate these definitions to existing GlobalPlatform technologies, enabling third parties to better understand those technologies in trusted computing terms
How To Protect Yourself From The Malware Grinch That Wants To Steal Your Christmas (Forbes) The National Retail Federation predicts that 56.5% of American consumers will shop online this holiday season and Adobe predicts they will spend over $90 billion. Online retailers are getting ready to feast. So are online criminals
Will the Office Thermostat be the Achilles of the Internet of Things (IoT) Security Issues? (CSO) September 13, 2016 marked one of the largest attacks the Internet has ever seen. Analysis of the event showed that traffic was approximately 620 Gigabits per second. That volume far exceeds what can knock regular websites offline
Design and Innovation
If hackers cause a blackout, what happens next? (Christian Science Monitor Passcode) An effort is underway to map potential fallout from damaging cyberattacks on US critical infrastructure to aid first responders in the case of a major assault
How IBM's Watson will change cybersecurity (InfoWorld) IBM ventures into cognitive security, where AI systems learn to understand infosec terms and concepts well enough to reduce detection and response time
Academia
This Tandon Scholarship Wants You to Hack It Up (NYU News) To encourage NYU students to enter the world of cyber security, Tandon created a scholarship
Romania, the 2nd in the European Cyber Security Challenge (Act Media) Romania ranked 2nd in the European Cyber Security Challenge, which was organized in Dusseldorf, Germany, in the period 7-11 November 2016, according to the Romanian National Computer Security Incident Response Team (CERT-RO)
Legislation, Policy, and Regulation
Cybersicherheitsstrategie der Regierung: Widersprüchliche Verschlüsselungsdiskussion geht weiter (Netzpolitik) Eine neue Cybersicherheitsstrategie der Bundesregierung ist da. Unternehmen und Staat sollen bei der IT-Sicherheit zusammenarbeiten, die Bevölkerung soll weg von der „digitalen Sorglosigkeit“ und sichere Verschlüsselung nutzen. Sicherheitsbehörden sollen die wiederum knacken können. Ein Widerspruch, der sich nicht auflösen lässt
US Transparency Regarding International Law in Cyberspace (Just Security) Last Thursday, State Department Legal Adviser Brian Egan, delivered an important speech at Berkeley Law School on the relationship between international law and cyber activities
NSA Chief: ‘Uneven’ Cooperation Between Public, Private Sectors Impedes Cyber Defenses (Wall Street Journal) The head of the U.S. National Security Agency said “uneven” cooperation between the government and private sector has hampered the fight against a “literal onslaught” of cyber attacks from criminal and state-supported hackers
NSA Director asks American CEOs to prioritize cybersecurity (FedScoop) The NSA director’s public appearance is the first since President-elect Donald Trump bested his Democratic challenger Hillary Clinton
Lobbyists Press Trump to Support Strong Encryption, Surveillance Reform (Threatpost) A lobbying organization that includes some of the Internet’s most valuable entities made a plea to President-Elect Donald Trump to support the expansion of strong encryption and reform government surveillance activities
Cybercrime and the War on Digital Free Speech (Gregory Evans) The internet is increasingly a target for those who want to silence speech. An Oct. 21 cyberattack rendered social media sites like Twitter and Reddit and news sites like Fox News and CNN inaccessible to millions of users
Internet Of Things 'Pollutants' & The Case For A Cyber EPA (Dark Reading) Recent IoT-executed DDoS attacks have been annoying, not life threatening. Should device makers be held liable if something worse happens?
Litigation, Investigation, and Law Enforcement
Teenage hacker admits £42m cyber attack on TalkTalk which affected 160,000 customers (Daily Record) The 17-year-old told his friend he was 'going to be f*****' and had done enough to go to prison on the day of the offence in October last year
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
Upcoming Events
Versus16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age.
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, Nov 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
CyberCon 2016 (Washington, DC, USA, Nov 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the defining challenge for the foreseeable future and CyberCon 2016 will provide a roadmap for innovation and collaboration that lead to more transparent and secure networks.
Versus 16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age
Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, Nov 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
Internet of Things (IoT) (Elkridge, Maryland, USA, Nov 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.
AlienVault USM Webcast (Online, Dec 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.
Cyber Threats Master Class (Turin, Italy, Dec 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.
Disrupt London (London, England, UK, Dec 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.
US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, Dec 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.
NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, Dec 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.
Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, Dec 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.
Practical Privacy Series 2016 (Washingto, DC, USA, Dec 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!
CISO Southern Cal (Los Angeles, California, USA, Dec 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
SANS Cyber Defense Initiative 2016 (Washington, DC, USA , Dec 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately
Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, Dec 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.