New York: the latest from the SINET Innovation Summit
SINET Innovation Summit 20 June 2017 in NYC (CTOvision) We have previously written about the Security Innovation Network (SINET), a collective of mission-focused experts led by the highly regarded and widely respected connector Robert Rodriguez. Any SINET event is worth engaging with, they always deliver value for participants. The next major event is just days away. The SINET Innovation Summit will be held 20 …
Cyber Attacks, Threats, and Vulnerabilities
How An Entire Nation Became Russia's Test Lab for Cyberwar (WIRED) The clocks read zero when the lights went out.
‘Our Phones Are Being Monitored’: How a Hacking Story Unfurled (New York Times) A report on government spyware targeting Mexican activists began when a human rights lawyer met with The Times and took all the phones outside the room.
You Can Blame This Guy for the Recent Surge in Android Malware on the Play Store (BleepingComputer) A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in.
Industroyer: ICS were developed decades ago with no security in mind (WeLiveSecurity) Senior ESET malware researcher Robert Lipovsky discusses Industroyer, the biggest threat to Industrial Control Systems (ICS) since Stuxnet.
New Vulnerability Could Give Mirai the Ability to Survive Device Reboots (BleepingComputer) Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.
Deep Root Analytics behind data breach on 198 million US voters: security firm (Deutsche Welle) Anyone with an internet connection was able to access a huge database of personal information on US voters ahead of 2016 elections, a security firm says. The database helped the Republican Party's presidential campaign.
GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters (Gizmodo) Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.
Erebus Resurfaces as Linux Ransomware (TrendLabs Security Intelligence Blog) On June 10, a South Korean web hosting company was hit by Erebus ransomware, infecting 153 Linux servers and over 3,400 business websites the company hosts.
Serious privilege escalation bug in Unix OSes imperils servers everywhere (Ars Technica) “Stack Clash” poses threat to Linux, FreeBSD, OpenBSD, and other OSes.
Pinkslipbot banking Trojan exploiting infected machines as control servers (Security Affairs) Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication.
Privacy, security concerns grow for wearables (Help Net Security) Enterprise wearable camera shipments will reach nearly 24 million in 2022. This should be accompanied with increasing privacy and data protection measures.
Ransomware attacks: Universities back online after 'zero-day' infections (ZDNet) Two university have restored systems to normal following cyberattacks which may have been made more potent with the use of zero-day flaws.
Cyber Trends
Kaspersky: Online banking hacks cost banks nearly $1.8M each (CIO Dive) A banking hack is nearly double the cost banks typically pay to recover from a malware incident.
Majority of surveyed execs have inherited cybersecurity problems after acquiring a software company (SC Media US) With limited timelines to conduct due diligence, cybersecurity weighs heavily on the minds of investors. This survey finds greater dissatisfaction with due
Anything and everything hackable, warns Verizon exec (Mobile World Live) EXCLUSIVE INTERVIEW: Recent network hacks “prove we live in an unsecure world” warned Harm Jan ...
Estonian cyber-security ranks best in Europe, fifth in the world (SC Media UK) The second iteration of the Global Cyber-security Index announced at Information Society Forum 2017 praises the country for its response to the 2007 attack on its infrastructure from Russia.
Marketplace
BlueLine Grid Raises $2.4 Million (NewsCenter.io) Enterprise IT startup BlueLine Grid just closed $2.4 million in financing from an undisclosed investor. BlueLine Grid operates a collaboration network for law enforcement, first responders, security teams, and corporations. The company provides an encrypted suite of messaging, voice, location, conferencing, virtual command, and file-sharing …
MKACyber, Inc. Fuels Growth with Series A Funding; Adds Security Industry Titans to Board (MKA Cyber) MKACyber, a rapidly expanding Managed Security Operations Services Provider (MSSP) and security consulting firm with elite SOC expertise, today announced that it has received $4.1 million in Series A funding.
Is the Palo Alto Networks Inc Turnaround Finally Here? (The Motley Fool) A sales team reorganization should fuel the company's customer growth and sustain its current momentum.
How Safe Is Cisco Systems and Its Dividend? (The Motley Fool) A low P/E and a high yield make this
'Absolutely Necessary': How Blockchain Could Help Tech Giant Cisco Reboot (CoinDesk) As hardware sales fall, Cisco is now pushing even deeper into blockchain, seeking efficiency benefits and improved profits from the tech.
Raytheon CEO: $1B cybersecurity win stateside could lure global government customers (Defense News) Implications of Raytheon's DOMino contract with Homeland Security could go well beyond U.S. agencies with the .gov domain.
Raytheon secures $1B DHS cyber contract after year-and-a-half long battle (Washington BusinessJournal) It took more than a year-and-a-half, but Waltham, Massachusetts-based Raytheon Co. (NYSE: RTN) has finally secured a five-year, $1 billion Department of Homeland Security contract to help defend “.gov” websites from cyber attacks.
Raytheon holds onto $920M DHS cyber contract as protests end -- Washington Technology (Washington Technology) Raytheon keeps the estimated seven-year, $920 million DHS cyber services contract known as 'DOMino' after a long series of protests from rival Northrop Grumman.
General Dynamics Wins $250M Deal for Prophet SIGNIT System (NASDAQ.com) Defense giant General Dynamics Corp. 's GD Mission Systems business unit has won a contract to modify, test, train and sustain the Prophet system. Work related to this deal is scheduled to be over by Jun 15, 2022.
IBM Opens European X-Force Command Center in Poland (finchannel.com) The FINANCIAL, Business News & Multimedia, Global brands, Investments and Personal Finance. Regional focus: United States, Georgia, Ukraine, Turkey, EU
CACI Named a Washington Post Top Workplace for Third Consecutive Year (BusinessWIre) CACI International Inc (NYSE: CACI) announced today that it has been named to The Washington Post’s 2017 Top Workplaces in the Large Company cat
The Washington Post Names Iron Bow Technologies a Winner of the Greater Washington Area 2017 Top Workplaces Award (BusinessWire) Iron Bow Technologies, an information technology solutions provider to the government, commercial and healthcare markets, is proud to announce it has
New Augusta center to be new training ground for cyber warfare (Atlanta Journal-Constitution) Georgia leaders open new cyberwarfare training ground in Augusta.
CRN Exclusive: Dave DeWalt Joins Security Startup Illusive Networks As Vice Chairman (CRN) As it looks to stake its claim in the emerging market for deception technology, Illusive Networks has landed a big executive win, announcing Monday the appointment of well-known security industry executive Dave DeWalt as its vice chairman of its board of directors.
Security Vendor Comodo Hires Former Symantec Veteran To Spearhead IoT Practice (CRN) Comodo has hired Damon Kachur, a former Symantec and Verisign veteran, to lead the charge in the security company's IoT strategy.
Products, Services, and Solutions
LookingGlass Named Gold Winner for Best Enterprise IT Products and Services (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that Network Products Guide, the industry's
Raytheon Offers Cyber Security Safety Net As Threats Escalate (Aviation International News) Raytheon has warned about complacency over cyber security in the aerospace supply chain.
Proofpoint Kicks Off FedRAMP Certification for Cloud Email Protection and Information Security, Coupled with Common Criteria Testing - NASDAQ.com (NASDAQ.com) Leading cybersecurity company's comprehensive email and information protection service achieves in-process FedRAMP status, among the first to adopt the latest Common Criteria Standard
How 4 deception tools deliver truer network security (CSO Online) Deception is becoming increasingly popular as a defensive tool. Here's what we discovered about how deception works and the unique features that deception tools from TrapX Security, Cymmetria, illusive Networks, and TopSpin Security bring to network defenses.
Syniverse and Pinn to Deliver Continuous Attribution (BusinessWIre) Syniverse’s global platform and Pinn’s attribution solution will deliver transaction security and continuous attribution required by PSD2
Microsoft launches new Windows 10 keyboard which includes a hidden security update (Express) Microsoft has quietly unveiled a new, sleek Windows 10 input device which has a hidden security feature.
New Tempered Networks Release Tackles PCI Compliance (Channel Partners) The latest IDN platform release from Tempered Networks is designed to remove PCI systems and assets from scope through cloaking, micro-perimeter segmentation, machine authentication and authorization, and end-to-end encryption. These, and other controls, support Payment Card Industry Data Security Standard (PCI DSS) compliance requirements.
Nerdio brings Kaspersky Anti-Virus into the ITaaS Space (GlobeNewswire News Room) Leading IT-as-a-Service (ITaaS) platform integrates award-winning, cloud-assisted security software
Cisco, Check Point, Sophos Among Major Next-Gen Firewall Vendors (Channel Partners) The global next-generation firewall market is expected to grow from nearly $2.4 billion this year to $4.27 billion by 2022, at a compound annual growth rate of 12.3 percent, driven by the increased adoption of bring your own device (BYOD) and the Internet of Things (IoT), increasing internal and external threats, and high functionalities of next-generation firewall offerings.
Conexys announces cloud-based enterprise-class bot detection, web application firewall with artificial intelligence and DDOS mitigation services, powered by Zenedge (IT Business) Conexsys Communications Limited is pleased to introduce its latest Managed Service offering, Encompass® Cloud, which
Verizon partners with Cisco for cloud-based VNF (The Stack) Verizon will offer Virtualized Network Functions (VNF) through Cisco’s VMS to improve network agility and efficiency of user resources.
FHOOSH Showcases Fastest IoT AES256 Security Solution for Streaming Hi-Def Video at Verizon Emergency Responder Event (FHOOSH) Secure Video Demonstrations During Operation Convergent Response To Include Tactical K9s and Robots SAN DIEGO and PERRY, Ga. — June 7, 2017 — FHOOSH, Inc., a leader in high-speed cybersecurity software, today announced that it has been selected to demonstrate its advanced, Internet of Things (IoT) data protection solutions applied to streaming secure video at …
Technologies, Techniques, and Standards
National Security Agency has now a Github account (TechJuice) Gone are the days when Intelligence agencies worked in the dark or behind the scenes. Agencies around the world are read more
Cyber protection teams need more intelligence, say officials (C4ISRNET) There currently is no plan to change the structure of these teams to marry intelligence-oriented teams or intelligence cells within them, which CYBERCOM calls cyber support teams.
Small Business Cybersecurity: A Guide To Protecting Your Interests Online (Secure Thoughts) Looking to improve the cyber security of your small business? Read this simple to follow guide to improve your online security.
Design and Innovation
Microsoft, Accenture team up to help refugees with blockchain-based digital ID network (CRN Australia) Building a blockchain-based digital ID network for the UN.
Research and Development
SKT develops new quantum repeater (Korea Times) SK Telecom succeeded in long-range telecommunication based on quantum cryptography, making Korea the world’s third nation to achieve the next-generation security technology after China and the United States, the firm said Monday. The nation’s top mobile operator said it has developed a trusted repeater for quantum crypto telecom and demonstrated round-trip transmission of cryptographic key data over 110 kilometer distance in Gyeonggi Provice.
Amazon plans to check up on your price checks (Naked Security) Thinking of shopping in one of Amazon’s new physical stores? Think twice about using their free Wi-Fi to do a price comparison while you’re there as a patent suggests they’ll be s…
Academia
Cybersecurity Experts Attack Imaginary Countries In Cyber 'X Games' At CMU (WESA) Fifty military cybersecurity experts are defending the online infrastructure of their imaginary nations at the Cyber Endeavor X Games this week. Now in its
Legislation, Policy, and Regulation
Qatar Says Will Not Negotiate Until ‘Blockade’ Lifted (VOA) Surrounding countries Bahrain, Saudi Arabia, and the United Arab Emirates cut ties with Qatar two weeks ago, causing worst Gulf Arab crisis in years
Hamas is feeling the pain of Qatar's crisis, and looking to Egypt for help (Los Angeles Times) Hamas' isolation has deepened as a result of pressure on Qatar by Arab neighbors.
EU agrees to joint sanctions on cyberattacks (Deutsche Welle) The EU has agreed to use a "cyber diplomacy toolbox" against hackers targeting member states. The move comes amid concern hackers may seek to influence German elections in September.
EU throws a spanner in London’s encryption backdoor works (Naked Security) A wave of terrorist attacks has led to the UK government calling ever more noisily for ways to access the content of terrorists’ messages – but new rules from Brussels make that demand …
The EU Rolls the Dice and Sides with No Decryption, No Reverse Engineering of Communications, Period (Patently Apple) The European Parliament's Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal for a new Regulation on Privacy and Electronic Communications. The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens’ fundamental privacy rights. The committee also noted that decryption shall be prohibited. This is contrary to what the UK is considering to enforce.
Is the Trump administration poised to take on a new role in the Ukraine conflict? (Deutsche Welle) Reports that Donald Trump will receive Ukrainian President Petro Poroshenko ahead of his first meeting with Vladimir Putin are causing a sensation in Kyiv. Could the move signal a new policy for the US in Ukraine?
Israeli, German experts tackle cyber hate speech at Jerusalem conference (The Jerusalem Post) Delivering opening remarks, Yuval Rotem, director-general of the ministry said youth spend some nine hours a day on social media so there needs to be a coordinated response.
How to Resolve Tangled Relationship Between Congress and Homeland Security (The Daily Signal) Far too many congressional committees claim oversight of the Department of Homeland Security, resulting in waste and inefficiency.
DIA's Stewart tapped to be deputy commander at CYBERCOM (InsideDefense.com) Marine Corps Lt. Gen. Vincent Stewart, director of the Defense Intelligence Agency, has been nominated to become deputy commander at U.S. Cyber Command, according to a Pentagon announcement.
Litigation, Investigation, and Law Enforcement
Paris Champs-Elysees attack: Four relatives arrested (Deutsche Welle) French authorities have detained four relatives of an Islamic extremist who deliberately drove an explosive-laden car into a Gendarmerie van on Paris' Champs-Elysees. The assailant died in the attack.
An Attack From the ISIS Playbook (The Atlantic) The London attack seems to fit with a pattern of growing attacks on Muslims—both in Europe and in the United States.
Watchdog: NSA needs to boost insider-threat protocols (FCW) While the intelligence agency has implemented several of the Secure-the-Net initiatives launched in the wake of the Edward Snowden leak, additional steps are still needed.
The NSA Has Done Little to Prevent the Next Edward Snowden (Motherboard) Maybe this is why there are a bunch of alleged NSA hacking tools floating around the internet.
How Michael Flynn’s Disdain for Limits Led to a Legal Quagmire (New York Times) Fired by the military, Mr. Flynn tried to build a lucrative consulting business. Instead, he sparked a scandal.
Booz Allen Hamilton Hit With Lawsuit Over Alleged Misleading Of Investors (ValueWalk) Booz Allen Hamilton discovery of the foregoing conduct would subject the Company to heightened regulatory action on