The CyberWire Daily Briefing 02.29.16

San Francisco: the latest from RSA

A guide to the RSA 2016 conference (CSO) Going to RSA 2016? Failing to plan is planning to fail

RSA Conference 2016: Past Tense and Future Trends (IBM Security Intelligence Blog) 2016 marks the 25th RSA Conference in San Francisco. In two and a half decades, this IT gathering has established itself as a communal space for both digging deep into current threat vectors and taking a hard look at the future: What’s the on the radar, and how can enterprises get prepared?

RSA Conference Opens Feb. 29, Tackling Pervasive Security Crises (NewsFactor) Set to kick-off Monday, the 25th annual RSA Conference on information security in San Francisco will see speakers and attendees focus on an array of fast-evolving and ever-more-pervasive cybersecurity threats. That focus is reflected in the theme of this year's event: "Connect to Protect"

RSA Conference 2016: What's Old Security is New Again (eWeek) Kurt Stammberger, founder of the RSA Conference, sees the same issues in FBI vs. Apple as were brought to the fore in 1993 with Clipper Chip

Apple vs FBI shines spotlight on RSA Conference (CNBC) As our online and offline lives merge, cybersecurity has crept into mainstream consciousness as both a business and personal concern

RSA 2016: Cyber-Insurance (CSO) When I was a kid growing up on Montreal, every now and again a door to door salesman would knock on the door

Cyber Attacks, Threats, and Vulnerabilities

Norway officially accuses China of stealing military secrets (SC Magazine) Threat actors in China have stolen confidential information from Norwegian companies which is now being used in Chinese military technology says General Lt Morten Haga Lunde, head of the Norwegian intelligence

ISIS launch cyber attack… on a tiny East Sussex solar panel company (Express) ISIS computer hackers followed their high-profile attack on the Pentagon's website with an unusual target: a solar panel company in East Sussex

Crypto ransomware hits German hospitals (Help Net Security) At least three hospitals in the German state of North Rhine-Westphalia have been hit with crypto ransomware

Hackers hold German hospital data hostage (Deutsche Welle) Several hospitals in Germany have come under attack by ransomware, a type of virus that locks files and demands cash to free data it maliciously encrypted. It will take weeks until all systems are up and running again

Angler Exploit Kit Learns New Tricks, Finds Home On Popular Website (Threatpost) Researchers report Angler Exploit Kit attacks have become more brazen and are now targeting top websites with new tricks that can evade browser-based antimalware protection

FighterPOS Malware Can Now Spread on Its Own (Softpedia) Brazilian POS malware gets worm-like features

Card “Verification” Now Offered “As a Service” by Brazilian Cybercriminals (TrendLads Security Intelligence Blog) We highlighted in our Brazil underground report how rampant credit card fraud is in Latin America. One key step in this process is card verification – i.e., checking that the cards work. We’ve found a new service called CheckerCC that was meant to help make this easier

Snapchat Employee Data Leaks Out Following Phishing Attack (Tech Crunch) Snapchat is famous for its disappearing messages, but unfortunately not everything in this world is ephemeral when you need it to be

Beware malicious invoices spammed out via email (Hot for Security) It’s been over 20 years since the first Word macro virus reared its ugly head and pulled the carpet from underneath the feet of computer users worldwide

UC Berkeley Alerts 80,000 People After Cyber Attack (Huffington Post) A system that stores social security and bank account numbers was hacked

Total Recall: Troy Hunt Breaks Down his Nissan Hack (Threatpost) Last month, when researcher Troy Hunt argued the dangers of insecure APIs at a security workshop, little did he know hours later he would discover an API vulnerability that allowed remote access to onboard computers of 200,000 Nissan Leaf and eNV200 electric automobiles

IRS: Actually, that breach last year was way worse than we thought (CIO) The 'Get Transcript' cyberattack is now thought to have affected roughly seven times more taxpayers than originally estimated

IRS: 390K More Victims of IRS.Gov Weakness (KrebsOnSecurity) The U.S. Internal Revenue Service (IRS) today sharply revised previous estimates on the number of citizens that had their tax data stolen since 2014 thanks to a security weakness in the IRS’s own Web site

A debut of sorts on ‘60 Minutes’ (Pittsburgh Post-Gazette) My words, but not my name, recently appeared in an odd cameo about Chinese cyber-hacking

2,000 personal photos, emails, and other info found on used smartphones (Graham Cluley) Porn found on phones found at pawn shops

E-filing taxes? Watch out for fraud. (CNBC) If you're planning on filing your taxes online, caution is advised

Ads on websites are dangerous to more than your sanity (Trend Micro: Simply Security) When surfing the Web, there are few instances more annoying than unprovoked ads

Looking for love in all the wrong places: Hackers go after online dating (Trend MIcro: Simply Security) It's been said that hackers will exploit any possible entry point for gain, and this includes the heart

Most software already has a “golden key” backdoor: the system update (Ars Technica) Software updates are just another term for cryptographic single-points-of-failure

Security Patches, Mitigations, and Software Updates

Those software updates are more important than you think (Trend Micro: Simply Security) Microsoft has announced that it will be going forward with its original plans to end support for older versions of Internet Explorer

Cyber Trends

How hackers are making the worst-case security scenario ever worse (ZDNet) Threats, ransom demands and public taunting of executives by hackers are all on the rise, warns report, changing what worst-case scenario really means

Modern Web Apps: Not The Risk They Used To Be (They’re Worse!) (Dark Reading) Even a tiny Web application without a single byte of confidential data can expose your corporate crown jewels to cybercriminals

5 Reasons SAP Security Matters (Dark Reading) New research shows many organizations may not realize the threat posed by vulnerabilities in SAP applications

The rise of polymorphic malware (Help Net Security) 97% of malware is unique to a specific endpoint, rendering signature-based security virtually useless

Can poorly designed embedded devices kill? (Help Net Security) The industry is not taking safety and security seriously enough, according to the Barr Group, who conducted a survey to better understand the state of safety- and security-aware embedded systems design around the world

Threat Intelligence: The hot topic that makes people hesitant (CSO) While the concept is great, actually discussing threat intelligence is a huge roadblock for some firms

Is threat intelligence being devalued by an information overload? (Computer Business Review) Analysis: The comfort blanket of data in threat intelligence is suffocating cyber security analysts

Feds want mobile security, except when they don’t (GCN) Mobile security is assumed to critical to an agency’s overall IT security, but details on the effectiveness of such programs are scarce, making it hard to assess the overall risk from mobile devices

Study: Asia-Pacific’s ‘Cyber Five’ nations more vulnerable to cyberattack (eGovInnovation) The ‘Cyber Five’ nations -- South Korea, Australia, New Zealand, Japan, and Singapore -- appear nine times more vulnerable to cyberattack than other Asian economies, according to the 2016 Asia-Pacific Defense Outlook released by Deloitte Touche Tohmatsu Limited (DTTL)

Marketplace

Playing With Fire: Risk and Reward in a Digital World (Willis Towers Watson Wire) This year is the 350th anniversary of the Great Fire of London, one of the largest urban fires in history. Caused by a flying spark in a bakery, the fire destroyed a third of the city, and made 100,000 people homeless

Why cyber insurance will be the new enterprise necessity in 2016 (Information Age) Financial organisations must find ways to insure themselves against cyber attacks, but with insurance premiums rocketing they face a difficult challenge in evaluating their cyber insurance needs

DHS Says: No Need for $675M Cyber Contract, We've Already Got It Under Control (Nextgov) The Department of Homeland Security says it will not resuscitate a more than half-billion dollar cyber contract it abandoned earlier this month after a 2-year competition

PSC wants answers on cancelled $675M cyber solicitation (FCW) The Department of Homeland Security's sudden cancellation of a two-year-old, $675 million solicitation for a Cyber Centric Mission Support Services contract has the Professional Services Council wondering what happened

Cyberark Software Ltd, FireEye Inc Rally After Palo Alto Networks Inc Earnings (Bidness Etc.) Several cyber-security stocks jumped today, after Palo Alto Networks reported strong quarterly results

Palo Alto Networks CEO: ‘We’re Taking Share From Everyone’ (Investors.com) Investors heaved a collective sigh late Thursday, relieved that a slowdown in network security spending didn’t batter Palo Alto Networks (PANW), which delivered view-crushing fiscal Q2 earnings on its simplified platform approach

Cybersecurity Stocks to Buy Now (Barron's) Three security firms that are poised to benefit as companies bolster defenses against cybercrime

Morgan Stanley slashes value of stakes in Palantir, Dropbox (Silicon Valley Business Journal) Even the highest-flying unicorns are being brought lower amid the market turmoil of recent months

Singtel transforms to answer call of the future (Straits Times) It is investing in new digital businesses to stay ahead after building up strong global presence

So You Want to Be a Security Researcher? (Dark Reading) Security researchers need a broad set of skills to investigate a constantly-changing threat landscape. But specializing in areas such as reverse engineering or network forensics will boost opportunities

CyberCalifornia initiative to facilitate research and innovation (Help Net Security) More than ever, California stands at the forefront of new technologies based on the Internet of Things (IoT)

The Techies 2016 winners - Ticketmaster, Darktrace and Barclays among winners at The Techies (Techworld) Ticketmaster, Darktrace, Barclays and glh.Hotels were among the big winners at The Techies last night, the inaugural edition of the awards to celebrate innovation, disruption and entrepreneurship across the UK technology scene

Products, Services, and Solutions

Comodo Launches New Cloud Delivered Secure Web Platform (IT Business Net) The Comodo organization, a global innovator and developer of cybersecurity solutions, today launched a new Cloud Delivered Secure Web Platform - Comodo Dome, an integrated solution that acts as a series of highly advanced security checkpoints across all incoming and outgoing traffic on a network

CipherCloud Releases New Cloud Security Broker App (CloudWedge) CipherCloud has quietly gained a large following in the enterprise cloud access security broker market by building solutions that are both affordable and easy to implement

Finally: The Solution For Parents On Cyber Safety For Kids (Newsmaker) For most parents in this digital age, tackling the pitfalls of their children’s current or future internet usage is of huge concern, to the point of overwhelm

Technologies, Techniques, and Standards

The ROI Of Infosec: 11 Dos and Don’ts For Management Buy In (Dark Reading) The case for a bigger bottom line depends on how well you argue that the business can't run without a specific level of security infrastructure

Second cyberspace weapon system reaches Full Operational Capability status (AIr Force Space Command) Air Force Space Command achieved a significant milestone February 12 when the Cyberspace Vulnerability Assessment/Hunter (CVA/H) Weapon System reached Full Operational Capability (FOC) status

Microsoft Shores Up Its Cyberattack Defenses (Wall Street Journal) New war room to thwart hackers unites security engineers from various parts of software giant

Design and Innovation

Fixing the Internet's routing security is urgent and requires collaboration (CSO) A volunteer participation program for ISPs to prevent route hijacks and IP spoofing is gaining some traction

Academia

Pulaski County gets grant for cyber camp (Roanoke Times) A state-sponsored cyber security camp is set for Pulaski County this summer

Legislation, Policy, and Regulation

White House moves to expand 'sharing intelligence between NSA, FBI and CIA' (International Business Times) The Obama administration is reportedly moving to broaden the current scope of information sharing between the National Security Agency (NSA) and other US intelligence agencies by stripping away existing restrictions on who exactly has access to communications data scooped up by surveillance programmes

Obama administration closing in on rules to let NSA share more freely with FBI, CIA (Ars Technica) New rules have been in the works since 2008 and may be approved in “months"

Litigation, Investigation, and Law Enforcement

Police chief: There’s a “reasonably good chance” not much is on seized iPhone (Ars Technica) Top San Bernardino cop tells NPR there's "low probability" unlocking it will reveal more

Apple says DoJ’s request for iPhone unlocking is unconstitutional (Help Net Security) Apple has filed a motion to vacate the earlier court order that would force them to help the FBI access the contents of the iPhone of the San Bernardino gunman by creating a new OS that would bypass existing security measures

Forcing Apple to Hack That iPhone Sets a Dangerous Precedent (Wired) Are Apple and other tech companies somehow against America’s national security if they create uncrackable encryption software that government investigators or even the company’s own engineers can’t break into?

Facebook, Google, Microsoft to join tech industry in supporting Apple in court (CSO) The court ordered Apple to assist the FBI to unlock an iPhone 5c

Why It's So Hard For The Government To Hack Your Phone (TestTube) The FBI is currently in a battle with Apple to allow encrypted phones be unlocked, but how does encryption even work?

Apple-FBI Case Has Wide Implications (The Bull) Apple and the US government are squaring off in an epic legal battle with wide-ranging implications for how technology firms must work with law enforcement

Opinion/Editorial: FBI's phone request will lessen safety (Charlottesville Daily Progress) “There’s nothing secure about giving the FBI their way,” says Brian Barrett at Wired.com

RIAA gets $22M default judgment against “brazen and egregious” MP3 website (Ars Technica) RIAA: "The modern Internet landscape has no room for this blatantly illicit site"

Iovation’s Greg Pierson Opens Up (But Only So Far) About UB Scandal Following Nevada Licensing (CardChat) Greg Pierson, CEO of the newly licensed in Nevada Iovation, opened up about his relationship with Russ Hamilton in an exclusive interview with Gaming Intelligence (GI) on Thursday

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

BSides San Francisco (San Francisco, California, USA, Feb 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is no charge to the public to attend BSides SF. Our costs are covered by our generous donors and sponsors, who share our vision of free dissemination of information. The conversations are getting more potent and the "TALK AT YOU" conferences are starting to realize they have to change. BSides SF is making this happen by shaking-up the format

CISO Summit Europe (London, England, UK, Feb 28 - Mar 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

RSA Conference 2016 (San Francisco, California, USA, Feb 29 - Mar 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, Mar 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in support of shaping the defense sector's strategy for "platform" cybersecurity. Multiple "conversation panels" will be focused on how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. Key to the discussion will be synergies and lessons to be learned from connected car initiatives and the commercial sector. The Summit is in partnership with the State of Michigan and its Michigan Economic Development Corporation (MEDC)

International Academic Business Conference (New Orleans, Louisiana, USA, Mar 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are welcome to make presentations and/or to only attend sessions. The Clute Institute also seeks manuscripts for possible publication in our recently launched Journal of Cybersecurity Research

CISO Chicago Summit (Chicago, Illinois, USA, Mar 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

Navigating Summit 2016 (Canberra, Australia, Mar 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy and cyber-security are the cornerstones of this strategy. The Summit will examine the implications of privacy and security in a ubiquitously connected, data driven world. Key areas of focus will include digital identity, open data and data sharing, the implications of technologies such as cloud computing, data analytics and the Internet of Things and perceived tensions between privacy and security and innovation.

CISO Atlanta Summit (Atlanta, Georgia, USA, Mar 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data

The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, Mar 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests

SANS 2016 (Orlando, Florida, USA, Mar 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 with cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. We invite you to take this amazing opportunity to meet with other cyber security professionals at one of the largest SANS events and learn actionable steps that will make an impact on security. Our event campus and lodging will once again be the magnificent Walt Disney World Dolphin Resort.

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, Mar 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM), and Operation/Exercise lessons learned during Joint/Allied operations. The event will support all levels of organizations that manage deployed forces, or the local community. ISKMI will address rapidly changing security strategies, technologies and methodologies that make accounting of safeguarding and securing equipment more complex than ever before.

Pwn2Own 2016 (Vancouver, British Columbia, Canada, Mar 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets, the Windows-based targets will be running on a VMware Workstation virtual machine. A $75K bonus will be given to those who can escape the VMware virtual machine. This is our first year including VMware as a target, and we look forward to seeing what researchers will do with it

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, Mar 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents to businesses. The Insider Threat Symposium & Expo is a MUST ATTEND event for individuals working for the U.S. Government, State Governments, Department of Defense, Intelligence Community Agencies, Critical Infrastructure Providers, Defense Industrial Base Contractors, Airport / Aviation Security, large and small businesses

ICCWS 2016 (Boston, Massachusetts, USA, Mar 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, Mar 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming years. But even with enterprises tacking notice of new technologies capable of driving revenue and lowering costs, IT departments aren't yet in the clear. The role of the CISO is more important than ever as financial turmoil continues to alter the world's economy, making it difficult to put your organisation in a position to achieve success. The business goals have changed and CISOs are now tasked with trying to find emerging opportunities to drive value throughout the enterprise

Risk Management Summit (New York, New York, USA, Mar 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the largest US and global companies. Now in it its seventh year, provides attendees with focused insights into key risk management concerns via expert panels and strategic, thought-provoking discussions with peers and industry leaders

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, Mar 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that have only limited functionality — have become viable. While this potentially will provide great opportunities, the development of AI is likely to impact upon the very functioning of society. In this context, the specialized training on AI and autonomous robotics aims to provide media and public relations professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, Mar 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce. Despite the increasing demand for cybersecurity professionals globally it remains an area where there is a significant shortage of skilled security professionals. The conference will facilitate a national dialogue toward enhancing opportunities in cybersecurity education and increase employment opportunities for minorities

Commonwealth Cybersecurity Forum 2016 (London, England, UK, Mar 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together cybersecurity stakeholders from across the Commonwealth; from policy makers, regulators and implementing agencies to private sector and civil society. The Forum is a place to showcase expertise, build capacity, present new technologies and develop relationships. Importantly it will map out the future cooperation among Commonwealth countries in Cybersecurity

Black Hat Asia 2016 (Singapore, Mar 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings

SecureWorld Boston (Boston, Massachussetts, USA, Mar 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Summit (Monterey, California, USA, Mar 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: to better understand security challenges in order to better defend against insider threats

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, Mar 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem. The conference unites players from research labs, automakers, tier 1's, security researchers, and the complete supply chain to plan for the imminent future

Women in Cyber Security 2016 (Dallas, Texas, USA, Mar 31 - Apr 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional Development), WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate