Threats to Russian banks? US Presidential Cybersecurity Commission reports. Tesco Bank hack could have been a "direct guessing attack." Gooligan's business model. Implications of surveillance law changes in US, UK.
Russia's FSB claimed Friday that it had foiled a plot by "foreign special services" to disrupt Russia's financial sector with a mix of hacking and disinformation aimed at fueling speculative panic. D-day for the operation was supposed to have been today; the FSB says the operation was to have been launched through the Ukrainian ISP BlazingFast's servers in the Netherlands. BlazingFast says that although it's found nothing untoward in its systems, it's ready to cooperate with any legitimate authority (but doubts the FSB needs its help).
Also on Friday the Russian Central Bank says that cybercriminals got away with two-billion rubles (about $31 million) in attacks on corresponding accounts. The Bank thinks the crooks were after five billion rubles.
Russian authorities arrested malware author "Pornpoker" (no other name given) over the weekend. Mr. Poker was attempting to reenter Russia from his Thailand hideout; the police were waiting for him at Domodedovo airport.
British researchers demonstrate a "distributed guessing" method that could enable criminals to determine security details on Visa cards: expiration date and thee-digit security code. Observers speculate the technique might have been used in the Tesco Bank attacks.
Gooligan, the rapidly spreading Android malware strain, apparently uses a business model that generates revenue from ads and "garbage apps."
Tenable releases its annual Global Cybersecurity Assurance Report Card, which warns of the risk of emerging technologies and the "overwhelming threat environment."
The US Presidential Commission on Cybersecurity has reported. It offers six "imperatives" yielding sixteen recommendations and fifty-three action items.
Notes.
Today's issue includes events affecting Australia, China, European Union, Germany, Iceland, India, Iran, Netherlands, Russia, Saudi Arabia, Ukraine, United Kingdom, United States, and and Venezuela.
A quick word to our readers about sponsoring the CyberWire—there are a few sponsor slots available for 2017, but they're unlikely to stay available for long. Learn more here.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Markus Rauschecker discusses the liability issues that arise with IoT botnet attacks.
A special edition of our Podcast up is up as well—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.
As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
Иностранные спецслужбы готовят кибератаки, направленные на дестабилизацию финансовой системы России ()
Russia claims it foiled a cyber attack from a foreign spy service (Network World) The web hosting company used for the alleged attack has found no evidence of unusual activity in its servers
Russian Central Bank Loses $31 Million in Cyber Attack (Reuters via NBC News) Hackers stole more than 2 billion rubles ($31 million) from correspondent accounts at the Russian central bank, the bank said on Friday, the latest example of an escalation of cyber attacks on financial institutions around the globe
Venezuelan Army Website Hacked, Details of 3,000 Accounts Exposed (Softpedia) Kapustkiy breaks into database of Venezuelan army
Disttrack wiper malware hits Saudi Arabia’s aviation agency (Help Net Security) Shamoon attackers with their Disttrack wiper malware have hit Saudi Arabian entities again
New cyberattacks on Saudi computers (National) Saudi authorities have detected fresh attempts by hackers to disrupt government computers after security firm Symantec warned of a revival of malware used in previous cyberattacks
Shamoon 2: Nothing Whets Disttrack’s Appetite Like Destroyed Data (Tripwire: the State of Security) Most families of malware operate on a common assumption: a user’s data is valuable. For instance, some malware samples transmit pieces of a victim’s data to their command-and-control (C&C) server as means of setting up an attack, while others fully embrace the spyware classification and collect as much information about a user as possible. At the same time, ransomware recognizes that users care about their data and that they’re willing to pay large sums of money if they can’t access it
New iOS lockscreen bypass renders Activation Lock useless (Naked Security) We recently reported on a flaw in iOS that would allow someone to bypass the iOS lockscreen by using Siri. Well, Siri’s off the hook this time. The new vulnerability, disclosed yesterday by Benjamin Kunz Mejri of Vulnerability Lab, involves breaking iOS’s Activation Lock feature, which you’d use if your iPhone or iPad were marked as lost via the “Find my iPhone” app
Gooligan Android Malware Infections Spread To More Than 1 Million Devices (Digital Riser) Gooligan Android Malware has emerged as a threat for more than 1 million android devices. From the last few months, Gooligan Android Malware infections are being noticed by Researchers at Checkpoint
Top Android App AirDroid Exposes Phones to Hacks, Dev Ignoring Security Bug (Softpedia) AirDroid recorded between 10 and 50 million downloads
Important data lost due to a software fault (Weissman Report) A vulnerability detected within MacKeeper software resulted in a loss of user data. Kromtech found a weakness within the data storage system of the software which led to user data being compromised
Why has TalkTalk and Post Office internet gone down, what is the Mirai worm cyber-attack and is your data at risk? (Scottish Sun) Thousands of people have been hit by the virus - so what should you do about it?
TalkTalk And Post Office Routers Hit By Cyber-Attack (Information Security Buzz) BBC broke the news that thousands of TalkTalk and Post Office customers had their internet access cut by an attack on certain routers.IT security experts from NSFOCUS, Synopsys, Tenable Network Security, Varonis, NuData Security and Corero Network Security commented below
Did Tesco Bank attackers guess victims’ payment card details? (Help Net Security) A group of researchers from Newcastle University have discovered a practical and easy way for attackers to quickly guess individuals’ Visa payment card info needed to perform fraudulent card-not-present transactions (e.g. when online shopping)
‘Distributed guessing’ attack lets hackers verify Visa card details (CSO) Armed with a card number, researchers tricked websites into helping them guess the expiry date and CVV
Researchers hack Visa cards in six seconds (SC Magazine) A research team from Newcastle University in the U.K. discovered a method to hack credit cards, including dates and security codes, in as little as six seconds
Researchers Warn of Visa Payment Fraud Gaps (Infosecurity Magazine) Researchers have warned that deficiencies in Visa’s e-commerce payment network could allow attackers to brute force credit card details in as little as six seconds
Malware Has Breached Over 1 Million Android Devices (Popular Mechanics) Infected apps reach an estimated 13,000 new devices every day
Aurora is real and has caused damage (Control Global) I have written frequently about the Aurora vulnerability. In preparation for a new book, I was able to find information about an actual Aurora event. The event affected a non-utility facility (no generator involved) where it experienced multiple Aurora events over a multi-day span
Highly Sensitive Data of Explosives-Handling Company Leaked Online (HackRead) The data could have been used for ransom and identity theft on a large scale
Vendor claims to sell millions of Experian and Whois accounts on Dark Web (HackRead) The Dark Web listings show 203 million Experian and 88 million data is being
Where Cybercriminals Go To Buy Your Stolen Data (Dark Reading) What malicious sites provide both free and paid access to stolen credit cards, company databases, malware and more?
Website taking donations for the assassination of Donald Trump and Mike Pence (CSO) Darknet website puts President-Elect Trump and his VP under the gun
Safe Haven: Perfect Money Iceland (Wapack Labs) On 29 Nov 2016 Wapack Labs identified several threat actors signing up for Perfect Money Iceland accounts
Take care copy-and-pasting that code from Stack Overflow (Graham Cluley) Or indeed any other websites
Protecting Powershell Credentials (NOT) (SANS Internet Storm Center) If you're like me, you've worked through at least one Powershell tutorial, class or even a "how-to" blog. And you've likely been advised to use the PSCredential construct to store credentials. The discussion usually covers that this a secure way to collect credentials, then store them in a variable for later use. You can even store them in a file and read them back later. Awesome - this solves a real problem you thought - or does it?
Imperva: beware of automated registration bots, they're great at concealing fraud (SC Magazine) One of Imperva's security researchers has warned of automated registration bots, says "they're great at concealing fraud"
Phishing Websites Stealing Information From 26 Indian Banks, Claims FireEye (Gadgets 360) Researchers from US-based cyber security company FireEye have claimed discovering malicious phishing websites created by cyber criminals that spoof 26 Indian banks to steal personal information from customers
If You Holiday Shop Online, Don't Ignore This Warning About Malware That Targets Holiday Shoppers (Forbes) About two weeks before Black Friday, internet security company Enigma Software released a report showing that malware infections rose precipitously during the month between Thanksgiving and Christmas in 2014 and 2015. The report said there was no reason to think the same thing wouldn't happen this year. The report was right. The increase in malware infections was bad last year - this year it's worse
Phone Text Message Lottery Scams (Hoax-Slayer) Phone text (SMS) messages claim that the recipient has won a substantial sum of money in an online lottery or promotion
Hull Royal Infirmary faces 'daily threat' of cyber attack (Hull Daily Mail) East Yorkshire's two main hospitals are facing the daily threat of a cyber attack after a computer virus forced the cancellation of hundreds of appointments and operations at hospitals on the south bank
Ransomware as a Service fuels explosive growth (CSO) The ease and minimal expense of launching a ransomware “career” means that just about anyone, including those with little or no IT experience, can become a successful cyber criminal
How to break the internet (TechRadar) Just as our dependence on the web is growing, so are the threats
Security Patches, Mitigations, and Software Updates
Exploit Company Exodus Sold Firefox Zero-Day Earlier This Year (Motherboard) This week, an exploit was publicly distributed that could break into the computers of those using the Tor Browser or Firefox. The Tor Project and Mozilla patched the underlying vulnerability on Wednesday
Cyber Trends
Global Cybersecurity 2017 Assurance Report Card (Tenable Network Security) In 2016, Tenable Network Security introduced its groundbreaking Global Cybersecurity Assurance Report Card to measure the attitudes and perception of 504 enterprise IT security practitioners across the globe. The report quantifies how security professionals rate their enterprise’s ability to both assess cybersecurity risks and mitigate threats. These scores were combined to produce a report card score on global cybersecurity status — whether or not the world’s cyber defenses are meeting expectations
Intentional or not, insider threats are real (Help Net Security) Despite the perception that hackers are a company’s biggest cybersecurity threat, insiders, including careless or naive employees, are now viewed as an equally important problem, according to a survey by Dimensional Research
Op-ed: Stop pretending there’s a difference between “online” and “real life” (Ars Technica) Seriously just cut it out. The stakes are too high
The flowering of voice control leads to a crop of security holes (ZDNet) The predicted explosion of voice-enabled apps in 2017 will increase the attack service of mobile devices and the systems they control, and create brand new privacy risks
Verizon: Unknown Assets a Hacker's Playground (Light Reading) Service Provider & Enterprise Security Strategies -- Merger and acquisition activity may be financially rewarding but it can actually create and contribute to enterprise security risks, Verizon Enterprise Solutions' Christopher Novak warned today
Security pros most worried about clouds, mobile (CSO) Confidence levels dropped from 76 percent last year to 70 percent
Most email authentication implementations fail (Help Net Security) Most of the world’s largest businesses fail at attempts to use open industry standards to control which email is sent using their names
65% of social engineering attacks compromised employee credentials (Help Net Security) Social engineering is having a notable impact on organizations across a range of industrial sectors in the US
Former head of Trump national security team says big cyberattack is ‘inevitable’ (CyberScoop) The man once responsible for leading the president-elect’s national security transition team warned this week that a “significant” cyber-event will occur during Donald Trump’s administration. This warning was shared with advisers to and other allies of the incoming commander-in-chief
As India goes digital, hacking targets multiply (The Hindu) Phishing websites created by cybercriminals spoofed 26 Indian banks in order to steal personal information
Marketplace
Regional cyber security group aims to boost economy (UK Authority Cyber Resilience) Chair of Cyber North says such groupings can provide a bridge to national strategy and encourage development of local ecosystems
Socitm president says ‘drop the fear’ from cyber sales (UK Authority Cyber Resilience) Geoff Connell tells Cyber Summit there is a need for a new approach in which security is ‘built in by design’
FireEye CTO Discusses Changes In The Cybersecurity Industry: 'We're Now Responsible For A Customer's Security Infrastructure' (Yahoo!) “The way we deliver security has changed a lot,” FireEye Inc (NASDAQ: FEYE)’s chief technology officer Grady Summers told Benzinga in a recent interview. “It used to be ship an appliance and your responsibility in a sense as far as keeping it up and running was done"
China’s Bid For Aixtron Sunk By U.S. Security Concerns (Barron's Asia) The Obama administration plans to block a Chinese company from buying Germany’s Aixtron (AIXA.Germany/AIXG) on national security grounds because Northrop Grumman (NOC), a major U.S. defense contractor, is among Aixtron’s customers
Exodus Intel -- The Zero-Day Dealer Whose Worrisome Tor Hack Helped Cops Bust Child Porn Site (Forbes) Exodus Intel is one of a handful of companies that develops, buys and sells software vulnerabilities for anything up to and beyond $1 million a pop. On the one hand, governments can use Exodus exploits to hack those it deems criminal, on the other, private customers get to learn about vulnerabilities do before others
Mandatory insider-threat detection program may help Booz Allen and hurt startups (CyberScoop) Newly implemented federal rules that call for the creation of mandatory insider-threat detection programs will make competing for lucrative U.S. intelligence and cybersecurity contracts increasingly difficult for smaller defense firms, experts tell CyberScoop
FireEye Retools for the New Era of Cyber Crime and Security Budgets (The Street) The cyber outfit launches Helix, a new platform that integrates security apps and devices
Growing firm finds security at ‘home’ (Stratford-upon-Avon Herald) Cyber security specialists thriving at new £450,000 business centre
root9B Technologies Announces Reverse Stock Split, Corporate Name Change and Headquarters Relocation (PRNewswire) root9B Technologies, Inc. (OTCQB: RTNB) ("Company") today announced a one-for-fifteen (1:15) reverse split of its issued and outstanding common stock. The one-for-fifteen reverse stock split is expected to become effective prior to the beginning of trading on December 5, 2016, at which time the Company's common stock should begin trading on a split-adjusted basis. The Company's common stock will continue to trade on the OTCQB. The new symbol will be RTNBD. The "D" will be removed in 20 business days and the symbol will revert back to RTNB
Webroot Selected for CRN's Internet of Things 50 List (PRNewswire) Company was recognized for its standout contribution to the emerging Internet of Things in 2016
Datacom wins multimillion-dollar Toyota IT contract, takes over from Fujitsu (CRN) Datacom Australia has been awarded a multimillion-dollar three-year contract with Toyota to supply IT infrastructure and support services, as the car manufacturer looks to streamline its processes
Eugene Kaspersky is now personally defending your feet (Register) Securing you from head to toe! Wait... what?
Ntrepid Appoints Steven Earls as VP of Information Security Strategy (Washington Executive) Ntrepid Corp. announced Nov. 21 the appointment of Steven Earls as vice president of information security strategy
WISeKey Announces the Appointment of Thomas Whayne to Its Global Cybersecurity Advisory Task Force to Assist the Company to Further Expand Its Activities in the USA (Yahoo!) WISeKey International Holding Ltd (WIHN.SW) (“WISeKey”) announced today the appointment of Thomas Whayne to its Global Cybersecurity Advisory Task Force. The committee, chaired by Carlos Moreira, founder of WISeKey, provides advice to the WISeKey board of directors and senior management team regarding matters of strategic business development and future revenue growth. The members of the committee originate from a wide variety of sectors, from Telcos to financial services and IT, areas of critical importance to WISeKey’s growth strategy
Products, Services, and Solutions
Security brawn with the brain to prevent data breaches (Networks Asia) Highly interconnected businesses competing in the digital economy have to be ever more vigilant in protecting their core business assets. They have to spot vulnerabilities and address potential compromises or gaps in their infrastructure that criminals could exploit to cause service disruption or data breach. The emergence of increasingly sophisticated evasion techniques further puts the field of threat detection and forensic investigation to the test
New infosec products of the week: December 2, 2016 (Help Net Security) Trend Micro offers Deep Security as a Service on AWS Marketplace...SwiftStack launches new capability to ease hybrid cloud adoption...Palo Alto Networks automates cloud security deployment on Amazon Web Services...Optiv Security updates its proven SaaS-based third-party risk management platform...Fidelis Cybersecurity shortens response and resolution times for security incident...Seamless, over-the-air IoT connectivity and secure Provisioning for AWS Cloud...Core Security releases Core Mobile Reset and Core Access Insight 9.2...Neurotechnology releases FingerCell 3.0 SDK for fingerprint biometrics...CA Technologies delivers privileged user governance
Best Antivirus for PC and Mac in 2016 (Neurogadget) A lot of Microsoft Windows users have the idea that they do not need to use antivirus software. Meanwhile, Android and Mac users even think that they do not require protection at all. Although the higher profile of Windows makes it a bigger target, it doesn’t mean that Android and OS X/Mac OS are not that vulnerable
TrapX Security Recognized by Best in Biz Awards for Second Consecutive Year (Yahoo!) TrapX™, a global leader in advanced cybersecurity defense, today announced the TrapX DeceptionGrid has been selected as an Enterprise Software Product of the Year by the Best in Biz Awards for a second consecutive year
Technologies, Techniques, and Standards
SIMalliance Publishes Guidelines to Enhance Interoperability and Ease Deployment of SIM-Based Mobile Connect Authentication Services (SIMalliance) SIMalliance has published a set of guidelines which will make it easier for mobile network operators (MNOs), service and solution providers to deploy Mobile Connect services which use an authentication application provisioned on the user’s SIM card
Visa Delays Chip Deadline for Pumps To 2020 (KrebsOnSecurity) Visa this week delayed by three years a deadline for fuel station owners to install payment terminals at the pump that are capable of handling more secure chip-based cards. Experts say the new deadline — extended from 2017 — comes amid a huge spike in fuel pump skimming, and means fraudsters will have another three years to fleece banks and their customers by installing card-skimming devices at the pump
DLP is back, but not as you know it (CSO) The need to become PCI-DSS compliant has driven the internal security agenda in a number of commercial organisations over the last five years in an unforeseen way. It has pushed organisations to focus purely on compliance and consequently Data Loss Prevention (DLP) became a simple tick box must have for most organisations
Design and Innovation
DHS looks to Silicon Valley innovators for bank cyber-tech (FedScoop) Officials from DHS’ Science and Technology Directorate will roll out the latest offering from their $20 million innovation acquisition program Dec. 5
Wine Vault Offers Security in a Digital Age (Wine Searcher) Fraud expert Maureen Downey moves up a gear in the fight against fakes
Facebook’s Walled Wonderland Is Inherently Incompatible With News (Monday Note) Setting aside the need to fix its current PR nightmare, Facebook has no objective interest in fixing its fake stories problem
Academia
CyberPatriot Course Subtitle: National Youth Cyber Education Program (IT Pro TV) Program Overview: This segment highlights information pertaining to the CyberPatriot program. You will also be introduced to our show host Cherokee Boose and special guest Professor Steve Linthicum
Hack the Gap: Close the cybersecurity talent gap with interactive tools and data (CyberSeek) Cybersecurity workers protect our most important and private information, from bank accounts to sensitive military communications. However, there is a dangerous shortage of cybersecurity workers in the United States that puts our digital privacy and infrastructure at risk
Penn State takes first place at national cyber threat competition (Penn State News) Four students from Penn State’s College of Information Sciences and Technology (IST) recently took home first place at the third annual Deloitte Foundation Cyber Threat Competition. The competition, held Nov. 11 and 12 in Westlake, Texas, consisted of two rounds designed to help students develop the skills needed to tackle increasingly complicated cyber risks
Well-renowned Purdue professor receives award for contributions (Purdue Exponent) A professor of 30 years at Purdue was recognized with the Sagamore of the Wabash award for his contributions to cybersecurity for the state of Indiana
Legislation, Policy, and Regulation
Statement by the President on the Report of the Commission on Enhancing National Cybersecurity (The White House) In February of this year, I directed the creation of a nonpartisan Commission on Enhancing National Cybersecurity, charging it with assessing the current state of cybersecurity in our country and recommending bold, actionable steps that the government, private sector, and the nation as a whole can take to bolster cybersecurity in today’s digital world
Report on Securing and Growing the Digital Economy (Commission on Enhancing National Cybersecurity) Recognizing the extraordinary benefit interconnected technologies bring to our digital economy—and equally mindful of the accompanying challenges posed by threats to the security of the cyber landscape—President Obama established this Commission on Enhancing National Cybersecurity. He directed the Commission to assess the state of our nation’s cybersecurity, and he charged this group with developing actionable recommendations for securing the digital economy. The President asked that this enhanced cybersecurity be achieved while at the same time protecting privacy, ensuring public safety and economic and national security, and fostering the discovery and development of new technical solutions
Donald Trump Advised to Train 100,000 Hackers to Protect the US (Softpedia) Commission tells Trump that cybersecurity is critical
Trump National Security Roster Slim On Cybersecurity (NPR) Hacks, email leaks and cyberattacks all clouded this past election season
The Internet Has Officially Become A Domain Of Warfare (Daily Caller) Congress plans on elevating the status of the U.S. Cyber Command, the cyberspace division of the armed forces, by making it its own fully unified department — a move signaling the U.S. military officially considers the internet a battle space, like air, land, space and sea
Key Provisions in the Intelligence Authorization Act (FY'17) (Lawfare) On November 30th, the House passed H.R. 6393, the Intelligence Authorization Act for FY'17. While it remains to be seen what if anything ultimately emerges at the end of the process, I'd like to highlight some items in the current bill that I found particularly interesting
Obscure legal change expands government hacking powers (Christian Science Monitor Passcode) A revision to the Federal Rules of Criminal Procedure allows law enforcement to hack suspects' computers regardless of jurisdiction. Civil liberties groups worry the change will harm individuals' privacy rights
Opinion: Like it or not, government hackers gonna hack (Christian Science Monitor Passcode) Congress just implicitly blessed FBI hacking on a massive scale without any consideration of the privacy rights of innocent people. And even worse, they did it through an obscure process that minimized public debate
New report examines DHS mission hurdles before Trump (Federal Times) Coordination and interagency cooperation are still the ideals that the Department of Homeland Security will be striving for when Donald Trump takes office, a new report has found
Reality Check: Getting Serious About IoT Security (Dark Reading) The Department of Homeland Security is fully justified in urging security standards for the Internet of Things
Should companies be held liable for software flaws? (Christian Science Monitor Passcode) At an Atlantic Council event, cybersecurity experts said software liability laws could help safeguard the emerging Internet of Things
Trump widens Secretary of State search as Petraeus pleads his case (USA Today) President-elect Donald Trump is widening his search for a secretary of State after high-profile meetings with four top candidates failed to yield a decision last week
A senior Atlassian executive will head the Turnbull government's new $32 million cybersecurity centre (Business Insider Australia) The Turnbull government has asked a Atlassian executive to head up its new cybersecurity organisation, announcing the details just a day after recruiting Blackbird Ventures co-founder Bill Bartee to head a $200 million innovation fund
Snoopers’ Charter: Extreme Surveillance Becomes UK Law (Lawfare) Earlier this month, after more than a year of debate and amendments, the British Parliament passed the Investigatory Powers Bill (IP Bill), a law that authorizes surveillance powers virtually unprecedented anywhere else in the Western world
Litigation, Investigation, and Law Enforcement
Enigma Software Group Files Suit Against Malwarebytes (SAT Press Releases) Enigma Software Group USA, LLC (ESG) filed a complaint in federal court in New York today against competing anti-malware provider Malwarebytes Inc. The complaint, available here, alleges false advertising, unfair competition, and tortious interference with contractual relations
EFF Blasts DEA in Ongoing Secret ‘Super Search Engine’ Lawsuit (Threatpost) The Electronic Frontier Foundation is accusing the Drug Enforcement Agency of improperly withholding documents in a court case that hopes to reveal details about the government’s controversial surveillance program known as Hemisphere. The EFF, which is suing the DEA as part of a Freedom of Information Act (FOIA) request, is demanding the agency turn over documents that have been withheld or have been highly redacted
Ransomware Author "Pornopoker" Arrested in Russia (Bleeping Computer) Russian authorities have arrested a man suspected of writing and distributing ransomware. The suspect, whose name hasn't been released yet, goes by the nickname of Pornopoker
Venezuela Arrests Cyber Banking Sabotage Suspects (Telesur) President Maduro branded the attack an act of international aggression against Venezuela, orchestrated to hurt the people in the country
Dorkbot: Life after disruption (We Live Security) A year ago on 2nd December 2015, a collaboration between major cybersecurity firms, law enforcement and software providers – including ESET and Microsoft – successfully managed to disrupt Dorkbot, a malware family that had been infiltrating systems worldwide for over four years
Global Law Enforcers Finally Take Down Avalanche Cybercrime Ring: Here's How They Did It (Tech Times) Federal investigators across the United States, Europe and the UK have successfully executed a concerted takedown against malicious cybercrime platform "Avalanche," responsible for countless malware and phishing attacks
Check if you were hit by the massive 'Avalanche' cybercrime ring (USA Today) The U.S. government has posted links for free scanning programs so companies and individuals can check their computers to make sure they weren't victims of a massive, international cyber criminal operation that was taken down Thursday after a four-year investigation
Phone encryption: Police 'mug' suspect to get data (BBC) Detectives have developed a new tactic to beat criminals using mobile phone encryption - legally "mug" them
Petraeus on His Mishandling of Classified Information: 'I Made a Serious Mistake' (ABC News) David Petraeus, a former general and CIA director, responded to reported concerns of some Republican senators about his possible nomination for secretary of state by acknowledging he "made a serious mistake" in mishandling classified information while he ran the nation's chief spy agency
A Cabinet position for Petraeus; disciplinary actions for Broadwell after affair (The Hill) While former CIA Director David Petraeus is interviewing for a top job in the Trump administration, the woman he had an affair with is facing possible disciplinary actions from the Army
Sysadmin Gets Two Years in Prison for Sabotaging ISP (Bleeping Computer) A judge in New York has sentenced Dariusz J. Prugar, 32, of Syracuse, New York, to two years in prison for hacking his former employee, Pa Online, an internet service provider (ISP) formerly located in Enola, Pennsylvania
Hacker Gets 4 Years in Prison for Selling Stolen Bank Accounts on the Dark Web (Bleeping Computer) A judge in Atlanta, Georgia, has sentenced Aaron James Glende, a hacker known as IcyEagle, to four years and two months in prison, followed by three years of supervised release, for selling access to stolen bank accounts and others, via the AlphaBay Dark Web marketplace
Fort Meade Guard in Top-Secret Job Indicted in $40K Theft (Odenton Patch) A government worker at Fort Meade has been indicted for making false claims that she was working when she wasn't at her top-secret post
Car Dealer Accused of Stealing Pastor’s Nude Pics (Infosecurity Magazine) A Texas pastor has filed a lawsuit against his car dealership alleging nude photos of his wife were sent to a swingers' site by the salesman whilst he was buying a Toyota last year
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Disrupt London (London, England, UK, Dec 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.
US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, Dec 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.
NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, Dec 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.
Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, Dec 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.
Infosecurity Magazine Conference (Boston, Massachusetts, USA, Dec 6 - 7, 2016) Bringing together 100+ information security end-users, analysts, policy-makers, vendors and service providers, the meeting connects the information security community providing actionable information, practical case studies and strategic and tactical insight
Practical Privacy Series 2016 (Washingto, DC, USA, Dec 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!
CISO Southern Cal (Los Angeles, California, USA, Dec 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
SANS Cyber Defense Initiative 2016 (Washington, DC, USA , Dec 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately
Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, Dec 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.