The CyberWire Daily Briefing 03.03.16

San Francisco: the latest from RSA

Photo gallery: RSA Conference 2016 Expo – Moscone North (Help Net Security) The RSA Conference 2016 is underway at the Moscone Center in San Francisco

Attorney general and NSA director pitch cyber-security industry for cooperation (Network World) U.S. Cyber Command chief and NSA director Admiral Michael Rogers and United States Attorney General Loretta Lynch both took the stage at the RSA Security Conference in San Francisco yesterday to appeal for cooperation with the cyber-security industry

Defense Secretary Says He Is For Encryption And Against Back Doors (Fortune) Statements made amid a legal battle between Apple and the Justice Department

Pentagon needs data security, strong encryption: U.S. defense chief (Reuters) Defense Secretary Ash Carter on Tuesday underscored the U.S. military's support for data security and strong encryption as he asked top U.S. technology sector entrepreneurs and innovators to play a larger role in national security

At RSA, Carter Calls for Help with Data Security (Defense News) US Secretary of Defense Ash Carter said Wednesday that the Pentagon understands it is lagging behind the commercial sector when it comes to best practices for protecting its data

Hack the Pentagon: Hackers asked to help secure public-facing systems (Help Net Security) The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the Department’s websites

At Silicon Valley Outpost, Carter Hears Pitches from Small Firms (Defense News) Secretary of Defense Ash Carter may not be a millionaire, but he got to play one Tuesday during a visit to the Pentagon’s Defense Innovation Unit-Experimental (DIUX) outpost

OPM hack might not have been illegal (Federal TImes) Last year, President Barack Obama and Chinese President Xi Jinping signed an agreement to prevent hacking between the countries focused on the theft of intellectual property, otherwise known as economic espionage. During a panel at the 2016 RSA Conference in San Francisco, current and former federal officials made a distinction between hacking for economic purposes as opposed to more traditional espionage between nations

RSA 2016: Cryptographers enter cyber security debate (Jane's) Cryptographers debated the future of mobile device security at the 2016 RSA Conference in San Francisco, California, on 1 March, as the US Department of Justice pushes mobile and software manufacturer Apple to unlock an iPhone for national security authorities

RSA: Geolocation shows just how dead privacy is (CSO) Where you are says a lot about what you do, what you think, what you believe and how you live. And data about all of that is being collected from our mobile devices

Only one in five orgs set up to securely manage user identities (Help Net Security) As organizations seek to capitalize on digital opportunities through rapidly developing and hosting new services online, they frequently under-invest in adequate cybersecurity measures creating significant risks, in particular governing user access

Unmanaged Wearables Infiltrating the Enterprise, According to Centrify RSA Survey (BusinessWire) Identity management for wearables should be a top priority for IT managers

Which passwords to avoid for Internet-facing systems? (Help Net Security) For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login attempts by random, opportunistic actors

Redundant cloud security controls creating headaches (TechTarget) Trend Micro's Mark Nunnikhoven said enterprises are often forced to deploy distinct cloud security controls for each type of service they deploy, making security unmanageable

#RSAC: How to Get Company Buy-in for Security Initiatives (Infosecurity Magazine) Keeping your company safe from online threats requires tech savvy but it also requires business savvy. Security officers need great analytical skills, but they also need great communications skills

Tenable debuts new cybersecurity tools at RSA Conference (Baltimore Business Journal) Tenable Network Security Inc. has launched three new cybersecurity products intended to position the Columbia company on the forefront of emerging cyber challenges among commercial companies

Kaspersky Lab Moves into IT Security Services (IT Business Edge) At the RSA 2016 conference this week, Kaspersky Lab made it clear that its ambition lies well beyond simply providing IT security products

Gone in 12 minutes: CyberArk announces real-time detection, automatic containment of cyber attacks targeting active directory (IT Web) New targeted analytics and network monitoring improve effectiveness of incident response teams by focusing on the data that matters to stop in-progress attacks

Open source risk management tool for Android application packages (Help Net Security) Are there any security vulnerabilities in the open source you use?

Balabit’s Blindspotter extends behavior analysis with biometrics (Help Net Security) Balabit, best known as “the creator of syslog-ng,” announced the release of Blindspotter version 2016.03 at the RSA Conference in San Francisco

Barracuda showcases new firewall for IoT applications and deployments (Help Net Security) At RSA Conference, Barracuda announced it has expanded its next-generation firewall product family with the addition of the new Barracuda NextGen Firewall S-Series, which is designed to empower customers to connect thousands of machine endpoints, such as ATM machines or other remote devices, enabling new ‘Internet of Things’ applications and deployments

Qualys delivers scalable, cloud-based patching (Help Net Security) Qualys announced at RSA Conference an OEM partnership with HEAT Software to deliver a cloud-based patch management offering to its global customers

Votiro's Zero Day Exploit Technology Honored as Silver Winner in the 12th Annual 2016 Info Security PG's Global Excellence Awards® Under the Category of 'Tomorrow's Technology Today' (PRNewswire) The Security Industry's Coveted Global Excellence Awards Winners and Finalists from all over the world were honored by Info Security Products Guide in San Francisco on February 29, 2016

Zimperium honored as Best of Breed winner in 2016 Cyber Defense Magazine Infosec Awards in Mobile Endpoint Security Solutions (PRNewswire) Zimperium is recognized for its innovation in mobile security during the RSA® Conference 2016

Safe-T Data Named Gold Winner in Info Security Products Guide's 12th Annual 2016 Global Excellence Awards (PRNewswire) Safe-T Data announced today that Info Security Products Guide, the industry's leading information security research and advisory guide, has named Safe-T Cloud Access Security Broker, a winner for the 12th Annual 2016 Global Excellence Awards

Intel and Intercede aim to end passwords in the workplace (ITProPortal) Digital identity and credentials company Intercede announced today that it has partnered up with Intel to bring a whole new way to authenticate in the workplace, which eliminates the dreaded password

Cyber Attacks, Threats, and Vulnerabilities

Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid (Wired) It was 3:30 p.m. last December 23, and residents of the Ivano-Frankivsk region of Western Ukraine were preparing to end their workday and head home through the cold winter streets. Inside the Prykarpattyaoblenergo control center, which distributes power to the region’s residents, operators too were nearing the end of their shift. But just as one worker was organizing papers at his desk that day, the cursor on his computer suddenly skittered across the screen of its own accord

Joe Weiss on Industrial Control Systems (National Academies of Sciences, Engineering, and Medicine) Keynote Presentation by Joe Weiss, Managing Partner at Applied Control Solutions, LLC

Weak default credentials, command injection bug found in building operation software (Help Net Security) A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to the servers and make changes that could affect a building’s security

SSL's DROWN not as bad as Heartbleed, still a security ship wreck (Register) Just set SSLv2 on fire

Researchers discover major security breach in 3D printing technology (Neowin) Researchers from the University of California, Irvine have discovered what may amount to a major security breach in the 3D printing process: the source code of any 3D printer can be easily recorded and reverse engineered, allowing hackers to reverse-engineer 3D-printed objects and potentially engage in corporate espionage

Now it's Ashley Madison wives who are receiving blackmail letters (Graham Cluley) "I am afraid this letter contains bad news"

Credit Unions Feeling Pinch in Wendy’s Breach (KrebsOnSecurity) A number of credit unions say they have experienced an unusually high level of debit card fraud from the breach at nationwide fast food chain Wendy’s, and that the losses so far eclipse those that came in the wake of huge card breaches at Target and Home Depot

10 reasons why phishing attacks are nastier than ever (CSO) Forget Nigerian princes -- today’s spearphishing is sophisticated business, fooling even the most seasoned security pros

Dark Web drugs, data dumps and death: Which countries specialize in what services? (ZDNet) An interesting study on the global underground company shows that money can get you anything -- wherever you are

You know how we're all supposed to automate now? Dark web devs were listening (Register) Crafted tool to brute-force, take over accounts, buy stuff

How Hackers Recruit New Talent (Atlantic) It involves job postings on the dark web, Skype interviews, and digital voice-changing technology

The 'Hacker' Talent Shortage: What Organizations Can Learn from the Recruitment Efforts of their Adversaries (DIgital Shadows) The seventh annual (ISC)² Global Workforce Survey estimates that there will be a shortage of information security professionals by 2020

Pirates, Ships, And A Hacked CMS: Inside Verizon's Breach Investigations (Dark Reading) New Verizon Data Breach Digest report shares in-the-trenches scenarios of actual cyberattack investigations by the company's RISK team

Security Patches, Mitigations, and Software Updates

Stable Channel Update (Chrome Releases) The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux

Microsoft Touts Timely Patching To Address Security Woes (Remond Magazine) Organizations should keep up to date with Windows updates and they should patch their line-of-business applications, too

Cyber Trends

75 Percent of Execs, Board Members Don't Prioritize Recruiting Skilled Security Pros (eSecurity Planet) And 35 percent don't know or aren't sure what legally constitutes a data breach in their state, a recent survey found

Marketplace

Investing In The Network Security Space: Palo Alto, Fortinet And Their Less Enabled Competitors (Seeking Alpha) Network security continues to be a priority investment for most companies in 2016 and beyond. The space is probably growing 3X faster than overall IT and that should continue for the foreseeable future. While there are many vendors in the space, the two standouts are clearly Fortinet and Palo Alto

The Great Divide: Cyber Security in the Corporate Boardroom (Radius) Not a day seems to go by without news about a new data breach or some other threat to a company’s cyber security

Why FireEye's Stock Is Rallying (DCInno) Acquisitions, partnerships and a new direction

Cisco 2.0: What does Cisco look like in a post-Chambers world? (MicroScope) Approximately four days after Cisco Partner Summit 2015 in Montreal, the industry’s longest serving CEO stood down

Kaspersky Lab Denies Being a Threat to US Security (Prensa Latina) The Kaspersky computer security laboratory denied today that its products might serve the hackers to damage large networks of industrial computers in the United States, according to US media

Security Fears Drive Big Companies to Cloud, Box CEO Says (Fortune) The upstart is benefiting from ties to Microsoft, IBM, and Salesforce

NATO brings two more players into its cyber partnership with industry (Jane's) The NATO Communications and Information Agency (NCIA) has formally placed two more cyber industry players under the umbrella of its NATO Industry Cyber Partnership (NICP)

Fortinet to Share Cyber Threat Intelligence With NATO (GovConWire) Fortinet (Nasdaq: FTNT) has partnered with NATO’s Communications and Information Agency to pursue information-sharing efforts to boost cybersecurity

Products, Services, and Solutions

Lockheed Martin Commercial Cyber, Cybereason release advanced endpoint solution (Financial News) Lockheed Martin (NYSE: LMT) has released Wisdom EDR, an endpoint solution that combines Lockheed Martin Threat intelligence with Cybereason´s Endpoint Detection and Response (EDR) platform, the company said

Technologies, Techniques, and Standards

Is your security awareness program culturally sensitive? Does it matter? (Infosec Institute) A security awareness program is probably the first line of defense against modern threats to IT systems and company data

3 Signs Your Information Security Team Needs Threat Intelligence (Recorded Future) Be honest, sometimes you aren’t sure

Academia

No Transparency in Administrative Delay to Inform Students of Cyber Attack (Guardian (UCSD)) In late December, the UC Berkeley Financial System was breached and the personal information of approximately 80,000 students, faculty staff and vendors was accessed

Legislation, Policy, and Regulation

Pentagon Cyber Campaign Against ISIS Signals A New Era In Warfare (Forbes) Secretary of Defense Ashton Carter and Joint Chiefs Chairman Joseph Dunford revealed on Monday that the military has launched a cyber campaign against the ISIS terrorist group aimed at disrupting its communications and impeding the extremist organization’s ability to coordinate operations. Although few details of the campaign were disclosed, Secretary Carter acknowledged that using digital weapons to disrupt enemy operations is “something new in warfare” that could not have occurred a generation ago

America's silent warriors look to up their game on social media (Military Times) The Navy SEALs' next mission could be on Twitter

‘Democratization’ of Technology Rattles U.S. National Security Agencies (National Defense) The information revolution has reached the far corners of the Earth, and for United States, that has created a whole slew of national security challenge

Hacked U.S. companies have more options, departing cybersecurity official says (Washington Post) The Obama administration’s power to impose economic sanctions in response to malicious cyberspace acts gives companies that have been hacked by foreign governments a new way to deter adversaries and prevent them from reaping the rewards of their intrusions, a former senior U.S. official said

What the Cybersecurity National Action Plan gets right (Federal Times) On Feb. 9, President Barack Obama released his Cybersecurity National Action Plan, which many accurately described as the culmination of seven years of this administration’s work on a dynamic and critical topic

Cybersecurity Information Sharing Act (CISA) Guidelines: Privacy and Civil Liberties Interim Guidelines for Federal Agencies (National Law Review) Last week, we discussed the Federal government’s first steps toward implementing the Cybersecurity Information Sharing Act (CISA). Among the guidance documents released by the Department of Homeland Security and the Department of Justice were the Privacy and Civil Liberties Interim Guidelines. This guidance is designed to apply Fair Information Practice Principles (FIPPs) to Federal agency receipt, use and dissemination of cyber threat indicators consistent with CISA’s goal of protecting networks from cybersecurity threats

Litigation, Investigation, and Law Enforcement

The OTHER iPhone unlocking case – Judge sides with Apple (Naked Security) A New York judge ruled earlier this week that the government can not force Apple to assist the FBI in unlocking an encrypted iPhone

ACLU: You can kiss trust in software updates goodbye if Apple's forced to help the FBI (Computerworld) American Civil Liberties Union files amicus brief with federal court in support of Apple

San Bernardino police officers honored by Thomson Reuters for response to Dec. 2 terrorist attack (San Bernerdino Sun) Police officers here were honored Tuesday with the Thomson Reuters Everyday Heroes award for their work on Dec. 2

FBI Agent Testifies About Undercover Role in Terror Probe (ABC News) A Los Angeles undercover FBI agent posing as an Islamic State sympathizer testified Wednesday at a terrorism trial that a U.S. Air Force veteran revealed that he expected to be arrested when he returned to the United States from a trip to the Middle East

Justice Dept. grants immunity to staffer who set up Clinton email server (Washington Post) The Justice Department has granted immunity to a former State Department staffer, who worked on Hillary Clinton’s private email server, as part of a criminal investigation into the possible mishandling of classified information, according to a senior law enforcement official

Turkish Hacker Pleads Guilty to Stealing $55M from ATMs Around the World (Softpedia) Hacker "Segate" pleads guilty, faces 57.5 years in jail

Cyberstalker sentenced to 10 years in prison (Help Net Security) Michael Daniel Rubens, 31, formerly of Tallahassee, was sentenced today to 10 years in prison, a $15,000 fine, and $1,550 in restitution for cyberstalking, unauthorized access to a protected computer, and aggravated identity theft

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

RSA Conference 2016 (San Francisco, California, USA, Feb 29 - Mar 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

International Academic Business Conference (New Orleans, Louisiana, USA, Mar 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are welcome to make presentations and/or to only attend sessions. The Clute Institute also seeks manuscripts for possible publication in our recently launched Journal of Cybersecurity Research

CISO Chicago Summit (Chicago, Illinois, USA, Mar 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

Navigating Summit 2016 (Canberra, Australia, Mar 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy and cyber-security are the cornerstones of this strategy. The Summit will examine the implications of privacy and security in a ubiquitously connected, data driven world. Key areas of focus will include digital identity, open data and data sharing, the implications of technologies such as cloud computing, data analytics and the Internet of Things and perceived tensions between privacy and security and innovation.

CISO Atlanta Summit (Atlanta, Georgia, USA, Mar 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data

The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, Mar 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests

SANS 2016 (Orlando, Florida, USA, Mar 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 with cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. We invite you to take this amazing opportunity to meet with other cyber security professionals at one of the largest SANS events and learn actionable steps that will make an impact on security. Our event campus and lodging will once again be the magnificent Walt Disney World Dolphin Resort.

CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, Mar 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM), and Operation/Exercise lessons learned during Joint/Allied operations. The event will support all levels of organizations that manage deployed forces, or the local community. ISKMI will address rapidly changing security strategies, technologies and methodologies that make accounting of safeguarding and securing equipment more complex than ever before.

Pwn2Own 2016 (Vancouver, British Columbia, Canada, Mar 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets, the Windows-based targets will be running on a VMware Workstation virtual machine. A $75K bonus will be given to those who can escape the VMware virtual machine. This is our first year including VMware as a target, and we look forward to seeing what researchers will do with it

Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, Mar 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents to businesses. The Insider Threat Symposium & Expo is a MUST ATTEND event for individuals working for the U.S. Government, State Governments, Department of Defense, Intelligence Community Agencies, Critical Infrastructure Providers, Defense Industrial Base Contractors, Airport / Aviation Security, large and small businesses

ICCWS 2016 (Boston, Massachusetts, USA, Mar 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security

CISO Summit France (Paris, France, Mar 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming years. But even with enterprises tacking notice of new technologies capable of driving revenue and lowering costs, IT departments aren't yet in the clear. The role of the CISO is more important than ever as financial turmoil continues to alter the world's economy, making it difficult to put your organisation in a position to achieve success. The business goals have changed and CISOs are now tasked with trying to find emerging opportunities to drive value throughout the enterprise

Risk Management Summit (New York, New York, USA, Mar 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the largest US and global companies. Now in it its seventh year, provides attendees with focused insights into key risk management concerns via expert panels and strategic, thought-provoking discussions with peers and industry leaders

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, Mar 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that have only limited functionality — have become viable. While this potentially will provide great opportunities, the development of AI is likely to impact upon the very functioning of society. In this context, the specialized training on AI and autonomous robotics aims to provide media and public relations professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, Mar 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce. Despite the increasing demand for cybersecurity professionals globally it remains an area where there is a significant shortage of skilled security professionals. The conference will facilitate a national dialogue toward enhancing opportunities in cybersecurity education and increase employment opportunities for minorities

Commonwealth Cybersecurity Forum 2016 (London, England, UK, Mar 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together cybersecurity stakeholders from across the Commonwealth; from policy makers, regulators and implementing agencies to private sector and civil society. The Forum is a place to showcase expertise, build capacity, present new technologies and develop relationships. Importantly it will map out the future cooperation among Commonwealth countries in Cybersecurity

Black Hat Asia 2016 (Singapore, Mar 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings

SecureWorld Boston (Boston, Massachussetts, USA, Mar 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Summit (Monterey, California, USA, Mar 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: to better understand security challenges in order to better defend against insider threats

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, Mar 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem. The conference unites players from research labs, automakers, tier 1's, security researchers, and the complete supply chain to plan for the imminent future

Women in Cyber Security 2016 (Dallas, Texas, USA, Mar 31 - Apr 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional Development), WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate