Yahoo discloses record breach. The ShadowBrokers abandon auctions for retail. "FinFisher-like" APT found in Europe, Turkey. US investigations of Russian influence operations continue.
Late yesterday Yahoo disclosed that the company was breached in August 2013, with a billion customer accounts compromised. This incident is said to be distinct from the breach disclosed in September of this year that affected 500 million customers. “The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said.
The company doesn't know how the breach was accomplished, but thinks the culprits were "state-sponsored." Who the sponsoring state might be remains unspecified, but Yahoo says it's the same one responsible for the breach disclosed earlier. Other observers who've looked into the matter (notably InfoArmor) take issue with that conclusion, saying the breaches look like the work of criminals, albeit criminals who may have had nation-states among their customers. Yahoo! says it's working with appropriate law enforcement agencies, and that it's notifying affected customers. Observers expect this latest breach disclosure to affect Verizon's planned acquisition of Yahoo's core assets.
The ShadowBrokers, who've been trying with small success to auction Equation Group code are changing their sales model, now offering it for retail. They chew syllables in improbable broken-English with Motherboard, explaining (sort of) "TheShadowBrokers is giving 'responsible parties' opportunity to making things right.”
Microsoft reports finding "FinFisher-like" spyware in APTs on European and Turkish systems.
US investigation of Russian election hacking continues. Homeland Security says the vote wasn't manipulated, but that's consistent with doxing to influence public opinion.
Notes.
Today's issue includes events affecting China, European Union, India, New Zealand, Russia, Turkey, United Kingdom, and United States.
A note to our readers: The new Star Wars film, Rogue One, is out this week. It's billed as "the epic tale of a scrappy group of rebels and their daring mission to steal the plans for the Death Star." Given what's generally known about information security, however, one wonders if perhaps the plans might actually have been compromised in a different way.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day.
A special edition of our Podcast up is up as well—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.
As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
Important Security Information for Yahoo Users (Yahoo!) Following a recent investigation, we’ve identified data security issues concerning certain Yahoo user accounts. We’ve taken steps to secure those user accounts and we’re working closely with law enforcement
Yahoo's Record-Setting Breach Disclosure (The CyberWire) Yesterday Yahoo disclosed that more than a billion customer accounts were compromised in August 2013. This incident is distinct from the breach of 500 million accounts the company disclosed on September 22, 2016. Yahoo! said in its announcement that how the breach was accomplished is not yet known, and that the company is working with law enforcement to investigate. Security industry experts have weighed in with their views on what happened and how such attacks might be prevented or mitigated
Yahoo: One Billion More Accounts Hacked (KrebsOnSecurity) Just months after disclosing a breach that compromised the passwords for a half billion of its users, Yahoo now says a separate incident has jeopardized data from at least a billion more user accounts. The company also warned attackers have figured out a way to log into targeted Yahoo accounts without even supplying the victim’s password
Hack Brief: Hackers Breach a Billion Yahoo Accounts. A Billion (Wired) IIn September, Yahoo had the unfortunate distinction of disclosing an enormous 500 million-account breach. Tough stuff. Somehow, though, the company seems to have topped even that staggering figure. Yahoo announced on Wednesday that hackers, in what’s likely a separate attack, compromised one billion of the company’s user accounts in August 2013. One billion. That makes this the biggest known hack of user data ever, and it’s not really close
Stolen Yahoo Data Includes Government Employee Information (Bloomberg Technology) FBI, CIA, NSA, White House workers among hacking victims. Former intelligence officers say leak could aid foreign spies
Yahoo Admits to Second Data Breach That Exposed Over 1 Billion User Records (Bleeping Computer) Yahoo Chief Information Security Officer (CISO) Bob Lord admitted today that Yahoo suffered a second data breach during which an unknown third-party had stolen information on more than one billion Yahoo users
Hackers stole data from 1 billion users accounts from Yahoo, company says (CBS News) Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013
Yahoo discloses hack of 1 billion accounts (TechCrunch) The company disclosed today that it has discovered a breach of more than one billion user accounts that occurred in August 2013. The breach is believed to be separate and distinct from the theft of data from 500 million accounts that Yahoo reported this September
Yahoo sets hack record at 1 billion accounts (C|Net) A new breach revealed Wednesday by troubled internet pioneer compromised twice as many user accounts as the record hack it disclosed in September
Yahoo breach means hackers had three years to abuse user accounts (PC World) Elite hackers-for-hire or state-sponsored actors may have been involved, according to experts
Yahoo hack: Tech industry responds (Computing) Yahoo has discovered an even larger breach whilst investigating another. Here's what the tech industry makes of the farce
Newly Uncovered Site Suggests NSA Exploits for Direct Sale (Motherboard) The Shadow Brokers—a hacker or group of hackers that stole computer exploits from the National Security Agency—has been quiet for some time. After their auction and crowd-funded approach for selling the exploits met a lukewarm reception, the group seemingly stopped posting new messages in October
A Brief Interview with The Shadow Brokers, The Hackers Selling NSA Exploits (Motherboard) In August, a group calling themselves The Shadow Brokers publicly released a cache of NSA hacking tools, and promised to sell more. After a failed crowd-funding and auction attempt, the group now appears to be offering a wealth of trojans, exploits, and implants directly to potential customers
Hacktivists vs Faketivists: Fancy Bears in Disguise (ThreatConnect) What is a faketivist?
FinFisher-like government spyware found in APT attacks (IT News) Specific users targeted in Europe and Turkey
Malvertising campaign targets routers and every device connected to router (Computerworld) Researchers warned that cyber-savvy crooks are using a malvertising campaign that infects routers and Android devices. Any devices connected to an infected router will also be infected
DDoS attacks via WordPress now come with encryption (Help Net Security) Kaspersky Lab experts have noted an emerging trend – a growth in the number of attacks using encryption. Such attacks are highly effective due to the difficulty in identifying them amongst the overall flow of clean requests. Recently, the company encountered yet more evidence of this trend – an attack exploiting vulnerabilities in WordPress via an encrypted channel
Developer raises concerns about MD5 hashing algorithm in Wordpress (SC Magazine) As Wordpress plugin developer Wordfence raises concerns about security, Davey Winder asks if there isn't a bigger problem with the continued use of MD5 hashing
The State of Wordpress Security (Ripstech) Does Wordpress really need an introduction? It is by far the most popular blogging software on the planet and it is also abused for other tasks frequently. A large percentage of the World Wide Web is Wordpress
Mirai Giving DDoS-as-a-Service Industry a Boost (Threatpost) The availability of the Mirai malware source code online isn’t a guarantee that just anyone can quickly convert it into a money-making IoT-based DDoS botnet
Crowdsourced DDoS Extortion – A Worrying Development? (Digital Shadows) We all know about DDoS extortion – the process is straightforward. Contact the company, threaten to launch a crippling DDoS attack that will happen unless the company pays a ransom. But what if the actors do not target the company itself to pay the ransom, but its customers? That’s one of the wildcard scenarios outlined in our latest paper, Mirai and the Future: Forecasting the DDoS Landscape in 2017.
Cerber Ransomware Spreads via Fake Credit Card Email Reports (Bleeping Computer) Just in time for the Christmas holiday shopping spree, the group behind the Cerber ransomware has launched a spam campaign that uses fake credit card reports to trick users into opening a Word file that under certain circumstances will download and install the deadly Cerber ransomware
Corporate Office 365 users hit with clever phishing attack (Help Net Security) Corporate Office 365 users are being targeted by phishers using a clever new trick to bypass email filters and the default security protections of the Microsoft service
Flash Bug Allows Attackers to Spy on Users via Camera, Microphone (Bleeping Computer) In yesterday's monthly security patch, Adobe fixed a bug in Flash Player that would have allowed an attacker to hijack permissions granted to other Flash applets and spy on users via their camera or microphone
Netgear router remote control bug – what you need to know (Naked Security) On Monday, we wrote about a Netgear router bug that opened up a gaping remote access hole
Code Reuse a Peril for Secure Software Development (Threatpost) The amount of insecure software tied to reused third-party libraries and lingering in applications long after patches have been deployed is staggering. It’s a habitual problem perpetuated by developers failing to vet third-party code for vulnerabilities, and some repositories taking a hands-off approach with the code they host
New 'Giveaways' Target Shoppers Searching For Hatchimals And Other Hot Toys (Forbes) During the holiday season, parents scrambling at the last minute to purchase toys at the top of their children’s wish lists will often go to great lengths to deliver
Sailors’ personally identifiable information stolen by Ricky Ninja (SOFREP News) On October 27, 2016, an unknown person or persons of interest stole 134,386 names and social security numbers of US Navy sailors from a laptop of a contractor working for Hewlett Packard and under contract by the Navy. The exfiltrated data derives from the Career Waypoints database (C-WAY). The C-WAY database is used to for re-enlistment submission and request for Navy Occupational Specialties. The last time the Navy suffered a breach of this scale was when the Iranians hacked into unclassified Navy systems in 2014
How Secure Is the Technology Protecting Your Home? (Insurance Quotes) What if burglars could break into your home without ever smashing a window or picking the lock? Say the front door swung wide open to let them in, but the only one there to greet them was your jewelry box?
Risky sites have never been easier to exploit (Help Net Security) 46% of the Internet’s top 1 million web sites, as ranked by Alexa, are risky. This is largely due to vulnerable software running on web servers and on underlying ad network domains, according to Menlo Security
Bye, privacy: Evernote will let its employees read your notes (Network World) Consumers can't opt out of being snooped on for the purpose of training algorithms
Security Patches, Mitigations, and Software Updates
Joomla vulnerability can be exploited to hijack sites, so patch now! (Help Net Security) If you’re running a website on Joomla, you should update to the newly released 3.6.5 version as soon as possible – or risk your site being hijacked
Macs get critical updates, including patches against drive-by malware (Naked Security) Apple followed up its recent iOS 10.2 update with a related slew of security fixes for macOS, bringing the current laptop and desktop flavour of its operating system up to 10.12.2
Blue-Screen-of-Death occurs when installing Deep Security Agent and OfficeScan Agent on the same host (Trend Micro Business Support) Installing both Deep Security Agent (DSA) and OfficeScan (OSCE) agent on the same host triggers a Blue-Screen-of-Death (BSoD). This causes driver conflict and crash
Cyber Trends
Gemalto study reveals security concerns over convergence of personal and workplace identities (Gemalto) 90% of IT professionals are concerned about employees using their personal credentials for work purposes. 62% of enterprises feel increasing pressure to match consumer authentication methods in the workplace.The use of two-factor authentication is on the rise, with 40% of organizations’ employees using it
Centrify And Rapid7 Trends And Predictions (Information Security Buzz) It’s that time of year again. The festive season is upon us and with it, online shopping will no doubt take another bite out of traditional bricks-and-mortar sales. With a colourful new president taking office shortly, 2017 promises to be an interesting year. But before we get to predictions, let’s take a look at the year that was
Health Data Security: A Tipping Point (HealthcareInfo Security) Finally, protecting patient data Is on list of priorities
Healthcare IT professionals are overconfident (Help Net Security) A Dimensional Research study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 101 participants from the healthcare sector
Security Scorecard: Where Are Consumers Most Engaged? (BankInfo Security) Aite's Julie Conroy on latest research into how far consumers will go to protect themselves
Smart devices abandoned on the road to nowhere (Naked Security) Contrast and compare these two scenarios
On the Ninth Day of Christmas, the Industry Predicted…GDPR Compliance (Infosecurity Magazine) Deck the halls with boughs of money, tra la la. Why boughs of money? If you suffer a data breach after June 2018 you could face a fine of up to €20 million or 4% of your global annual turnover for the preceding financial year, whichever is the greater. So if data security is not your thing, best enjoy the cash while it is still in your possession
What are NZ’s cybersecurity threats? – Expert Q&A (Science Media Centre) With the 14th annual Privacy, Security and Trust conference held in Auckland this week, the Science Media Centre asked cybersecurity experts about the biggest threats facing New Zealand. Please feel free to use these comments in your reporting
Marketplace
Yahoo Discloses New Breach of 1 Billion User Accounts (Wall Street Journal) Verizon, which has struck a deal to buy company’s core business, will review impact of new breach
Yahoo Security Breach Adds Element of Insecurity to Its Purchase offer from Verizon (Inquisitr) Yahoo released a statement Wednesday confirming a massive security breach in August of 2013, which likely compromised the private user data of over 1 billion account holders. In a statement about the breach on its website, Yahoo, who in September of this year reported a separate breach of its systems in 2014, which affected 500 million users, explains that in November of this year it received data files from law enforcement that an unnamed third party claimed were Yahoo user data files
Vendor Accountability & The Security Supply Chain (Dark Reading) A large majority of security leaders say they would switch to suppliers that offer product and service guarantees, according to a new survey
Bug Hunters Prefer Communication Over Compensation (Threatpost) Unlike their criminal counterparts, it turns out that white hats aren’t necessarily as financially motivated when it comes to bug hunting
Why FireEye Is An Excellent Bargain Right Now (Seeking Alpha) The Company is operating and free cash flow positive, which suggests a successful completion of the restructuring phase. Previous takeover bids give the stock a conservative value of $19 per share. The market for security products is growing and I believe FEYE will benefit from this
TopSpin Security Gaining Traction in Financial Services Market (CIO Today) Financial services organizations select TopSpin Security Intelligent Deception Solutions to protect private data from cyber attackers -- Chicago trading company and other financial firms leverage DECOYnet™ intelligent deception and detection platform to meet compliance and protect private financial data
Marine Corps awards cyber, IT contracts to three firms (C4ISRNET) The Marine Corps has awarded cyber and IT contracts to three companies
New DIA acquisition process invites tech firms to show their stuff to senior leaders (Federal News Radio) For the past three years, the Defense Intelligence Agency has been experimenting with a rapid technology acquisition project called “Needipedia,” in which it publishes the technology gaps it wants to fill, lets industry respond with short white papers, then buys new capabilities in as little as a month. This week, DIA plans to take the concept a step further
DoD Battles to Train Enough Cyber Practitioners (GovTechWorks) A new report from the Presidential Commission on Enhancing National Cybersecurity calls for national workforce programs to train 100,000 cyber practitioners by 2020 and a national cybersecuirty apprenticeship program to train 50,000 more
Checkmarx Joins German Cyber Security Council (BusinessWire) The German Cyber Security Council and Checkmarx, a global leader in cyber and application security testing, announced today the induction of Checkmarx into the German Cyber Security Council. This exciting new membership approval was delivered by key council member, General Secretary of the Council Mr. Hans-Wilhelm Dünn, at the 2016 HLS & Cyber Conference, which took place mid-November in Tel Aviv, Israel
Promisec Appoints New CEO Simo Kamppari (PRNewswire) Promisec, a pioneer in Endpoint Detection and Response, today announced that its Board of Directors has appointed Simo Kamppari as CEO and President, effective immediately
Products, Services, and Solutions
Online Clothing Retailer N Brown Chooses Website Protection from Imperva (GlobeNewswire) N Brown deploys Imperva Incapsula for improved website security with DDoS Protection and Web Application Firewall
OPSWAT Releases Complimentary Technology to Strip Common Documents Of Potential Cyber Threats (IT Business Net) OPSWAT today released data sanitization (CDR) for all web and API users of their cloud-based threat intelligence platform, Metadefender Cloud, allowing them to sanitize common document types to remove potential threats
Virtual StrongBox's 4th Patent Protects File Transfer Between Devices (PRNewswire) Virtual StrongBox, Inc. has received a fourth patent for its state-of-the-art software, which safeguards clients' data (and that of their customers) at all times. Whether consumers are dealing with their financial institution, healthcare provider or insurance agent, they demand convenience – but not at the expense of security. For these and other high-risk enterprises, ensuring safety and positive customer experiences can be challenging
NSS Labs Expands Research Offerings with new Breach Prevention System (BPS) Test (Yahoo! Finance) NSS Labs, Inc., the world's leading cyber security product research, testing, and advisory company, today released a new technology overview and a "Call-to-Test" for Breach Prevention Systems. Breach Detection Systems (BDS) have been deployed to provide enhanced detection of advanced malware, zero-day attacks, and targeted attacks to combat more skilled threat actors who are capable of evading traditional security technologies
Hexadite Teams With Carbon Black and Others to Automate Cybersecurity (Xconomy) A new alliance between cybersecurity companies from across the U.S. aims to more tightly integrate their products and advance efforts to automate key security processes
University of San Diego Chooses Thycotic to Protect Student Data From Cyberattacks (PRNewswire) Secret Server Cloud solution supports university's efforts surrounding cloud-first mentality
During Cybercriminals’ Most Wonderful Time of Year, Varonis Offers Free Course on Personal Internet Security (Econotimes) While consumers are online shopping for presents and new connected gadgets this season, cybercriminals are online stealing their information and hijacking their Internet of Things (IoT) devices
Kaspersky Lab presents new version of its flagship consumer security solution with enhanced data protection features (Tempo) Kaspersky Lab has presented the new version of its flagship security solution Kaspersky Internet Security, which provides users with additional opportunities to manage their Internet protection and to ensure their data safety
Technologies, Techniques, and Standards
The Invisible Costs of Cyber Weapons (Defense One) For kinetic weapons like tanks, production costs generally outweigh research and development. For cyber weapons, R&D is almost everything
ThreatConnect CEO: Cybersecurity's Only Way Forward in 2017 is Collaboration (DCInno) DNC hack fallout highlights importance of cyber attack info sharing
Protecting Utilities from Cyber Security Risks Introduced By Smart Meters (Industry Today) Most utilities understand and recognise the potential cyber security risks smart meters present, but not all have the infrastructure in place to detect and respond to cyber security incidents effectively
Panopticon Labs Urges Video Game Industry to Self-Regulate on Cybersecurity Before Government Intervenes (PRWeb) New whitepaper from first and only cybersecurity company for video game publishers explains why and how cyber criminals attack games and explores the unintended consequences of regulation
New PCI Guidance on Simplifying Network Segmentation (InfoRisk Today) Troy Leach of PCI Security Standards Council discusses steps to protect card data
Contactless Payments: Addressing the Security Issues (InfoRisk Today) PCI Council's Jeremy King on authenticating mobile payments with biometrics
RBI Eases Some Card-Not-Present Authentication Requirements (InfoRisk Today) But some critics fear the move could increase fraud
How to Make Sure Your Business's Social Media and Collaboration Tools Are Secure (BizTech) Businesses are increasingly embracing social media and in-office collaboration tools, but they need to educate users on social engineering and bake in several layers of security protections
Design and Innovation
150 Filmmakers Ask Nikon and Canon to Sell Encrypted Cameras (Wired) In the summer of 2013, when documentary filmmaker Laura Poitras was shooting a still-secret NSA leaker named Edward Snowden in a Hong Kong hotel room, she took security seriously. She’d periodically transfer her footage to encrypted hard drives, and would later go so far as to destroy the SD cards onto which her camera recorded. But as she watched Snowden through her lens, she was haunted by the possibility that security agents might barge through the door at any moment to seize her camera. And the memory card inside of it remained dangerously unencrypted, full of unedited confessions of a whistleblower who hadn’t yet gotten his secrets out to the world
New York exhibition puts us – and our data – on display (Naked Security) Ever get that feeling, walking down a busy city street, that somebody’s following you?
Legislation, Policy, and Regulation
Turkey: Silencing the Media (Human Rights Watch) Ruthless assault on press freedom shields state from scrutiny
ENISA says crypto backdoors are a bad idea (Help Net Security) “History has shown that technology beats legislation, and criminals are best placed to capitalise on this opportunity,” the European Network and Information Security Agency (ENISA) noted in a recently released opinion paper on encryption
The Folly of Encryption Backdoors (Digital Guardian) In the aftermath of the election, many people in the security and privacy communities have expressed renewed concerns about the possibility the federal government might again try to implement backdoors or otherwise weaken encryption. It will likely be months before we see any movement on that front, but for now, a new report from the European Union’s information security agency says in no uncertain terms that backdoored encryption is bad for users and undermines the security of the network for everyone
Trump, tech leaders avoided encryption and surveillance talk at summit (CSO) Similar summits could take place as often as once per quarter
Snowden sends strong anti-surveillance message to Donald Trump (Business Standard) In a clear message to US President-elect Donald Trump, the famed National Security Agency (NSA) whistleblower Edward Snowden has said that government surveillance programmes will create "vulnerabilities" for social media users
Opinion: Congress needs to check government hacking powers (Christian Science Monitor Passcode) Now that law enforcement has more leeway to hack computers and surveil suspects due to changes in criminal procedure, Congress needs oversee these powers to protect Americans' civil liberties and privacy
New Law's Impact on IT Security and Privacy Protections (GovInfo Security) Audio report: ISMG editors analyze the latest developments
Air Force: Cyber security extends beyond IT (Defense Systems) The Air Force is working to “operationalize” cybersecurity initiatives by widening the aperture regarding what systems and platforms need to be examined and protected, service leaders said
CYBERCOM evaluating cyber mission force (C4ISRNET) The Defense Department and Cyber Command continue to evaluate the effectiveness and construct of the newly established cyber force
FCC Chairman Tom Wheeler, Net Neutrality Champion, Says He’ll Step Down (Motherboard) Tom Wheeler, the former telecom industry lobbyist who became an unlikely internet hero by passing the Federal Communications Commission’s landmark net neutrality policy, announced plans to step down from the agency in January
California DMV Calls Uber’s Autonomous Autos ‘Illegal’ (Wall Street Journal) Company rolled out the self-driving vehicles in San Francisco on Wednesday
California DMV orders Uber to stop self-driving car tests on SF roads [Updated] (Ars Technica) After smaller test in Pittsburgh, the ride-hailing company takes to Silicon Valley
Social media sites may need to apply age checks under UK anti-porn law (TechCrunch) Social media sites such as Twitter face being regulated in the UK under anti-porn proposals, as part of the government’s Digital Economy bill proposal
Litigation, Investigation, and Law Enforcement
Intelligence Community Statement on Review of Foreign Influence on U.S. Elections (IC on the Record) Senior Administration Officials have regularly provided extensive, detailed classified and unclassified briefings to members and staff from both parties on Capitol Hill since this past summer and have continued to do so after Election Day
DHS Chief: 'No Evidence' Hacking Affected Ballot Count on Election Night (Townhall) Contrary to the CIA’s assessment that Russian cyberattacks helped Donald Trump win the election, the head of the Department of Homeland Security said there was no evidence to indicate anything of the sort happened
Here's the Public Evidence Russia Hacked the DNC – It's Not Enough (Intercept) There are some good reasons to believe Russians had something to do with the breaches into email accounts belonging to members of the Democratic party, which proved varyingly embarrassing or disruptive for Hillary Clinton’s presidential campaign. But “good” doesn’t necessarily mean good enough to indict Russia’s head of state for sabotaging our democracy
Hurd to lawmakers on Russian hacking intel: ‘We need to be really careful’ (CyberScoop) The only sitting member in the House of Representatives to have served in the CIA is advising fellow lawmakers to tread carefully with the information they collect during ongoing investigations focused on Russian hacking related to the recent presidential campaign
Here's some questions Congress should ask about the election-related hacks (CSO) President-elect Donald Trump remains skeptical Russia was involved, despite U.S. intelligence findings
NBC News: Intelligence officials say Putin personally involved in election hack (USA Today) Russian President Vladimir Putin was personally involved in efforts to intervene in the 2016 U.S. presidential election, NBC News reported, citing two unnamed "senior U.S. intelligence officials"
Donald Trump 'obviously aware' Russia was involved in US election hacking, White House says (Independent) Mr Trump is facing growing pressure to respond to the alleged hack
Obama’s Deep Dive Into Putin’s Intent (Geopolitical Futures) Was Russia meddling in U.S. elections, or is it just politics?
Minister reassures MPs over Scottish independence referendum cyber attack concern (Herald Scotland) Ministers have been asked by a Labour MP if the UK's security services have considered whether the Scottish independence referendum was affected by a cyber attack
Google Discloses Contents of Eight National Security Letters (Threatpost) Google on Tuesday disclosed the contents of eight National Security Letters it received between 2010 and 2015, becoming the latest company under reforms afforded by the USA Freedom Act to do so. The requests made by United States Federal Bureau of Investigation were made to Google to identify 21 customer accounts and related account data
Flynn investigated by Army for wrongly sharing intelligence (AP via KLTV) The retired Army general chosen by Donald Trump to be national security adviser was investigated for inappropriately sharing classified information with foreign military officers while he was serving as an intelligence commander in Afghanistan
Michael Flynn Called Hillary Unfit, but Spilled Classified Info Himself (Daily Beast) Michael Flynn loved to chant ‘Lock Her Up’ at Trump rallies. But during his tenure in the Army, he mishandled classified information—just like Hillary
University Professor and Co-Defendants Respond to Defamation Charge From Medical Device Maker (Chicago Maroon) His warning about the devices was sent on University letterhead
American Hacker Arrested For 2014 JP Morgan Chase Breach (Dark Reading) Joshua Aaron and his two accomplices are charged with massive hacking of US financial organizations, securities fraud and money laundering
Ashley Madison settles charges over its massive data breach (Engadget) The payout is small, but the reforms could make a big difference for the infidelity service
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
SANS Cyber Defense Initiative 2016 (Washington, DC, USA , Dec 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately
CES® CyberSecurity Forum (Las Vegas, Nevada, USA, Jan 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in the cybersecurity arena. The IoT, connected cars, new payment systems, VR and AR, wearables and our mobile devices all add new levels of concern to protecting our personal and corporate data. In this day-long conference, we’ll tackle the world of cybersecurity that demands we go far beyond the simple passwords and anti-virus protection of yesterday.
SANS Security East 2017 (New Orleans, Louisiana, USA, Jan 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!
Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, Jan 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations. For Chief Security Information Officers, Chief Information Officers, and Chief Risk Officers, by invitation only (apply to attend).
Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, Jan 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats to critical infrastructures. This summit will focus on two sectors that are among those at greatest risk, the energy and manufacturing sectors. Highlighting emerging technologies and policy initiatives, this event will foster the development of high impact strategies to address the many interrelated cybersecurity challenges we face in the protection of our nation’s critical infrastructures.
ShmooCon 2017 (Washington, DC, USA, Jan 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
BlueHat IL (Tel Aviv, Israel, Jan 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, Jan 25 - Feb 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks
Blockchain Protocol and Security Engineering (Stanford, California, USA, Jan 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.