NSA hacked, Kaspersky software at center of investigation. Iran catphished Deloitte. Congress on Equifax: can't outlaw stupid (but may try anyway).

Cyber Attacks, Threats, and Vulnerabilities

Russian Hackers Stole NSA Data on U.S. Cyber Defense (Wall Street Journal) Hackers working for the Russian government stole a vast collection of highly classified material from the home computer of a National Security Agency contractor, said people familiar with the matter. The breach could enable Russia to evade NSA surveillance and more easily infiltrate U.S. networks.

Russian government hackers used antivirus software to steal U.S. cyber capabilities (Washington Post) Employee who took classified material home was running Russian antivirus software on his computer, according to people familiar with the matter.

Investigators say Russian hackers exploited Kaspersky software to steal classified NSA documents (Pittsburgh Post-Gazette) It would be the third time since 2013 that a theft of sensitive information involving an NSA contractor has become publicly known.

Ex-NSA Hackers Are Not Surprised by Bombshell Kaspersky Report (Motherboard) Former NSA hackers respond to the revelation of yet another breach at the spy agency.

Russia reportedly stole NSA secrets with help of Kaspersky—what we know now (Ars Technica) Proven or not, the accusations almost certainly mean the end of Kaspersky as we know it.

More questions than answers after a third data breach at the NSA is revealed (CSO Online) A report in The Wall Street Journal says that hackers working for the Russian government stole sensitive documents from a NSA contractor's home computer. The story goes on to say the contractor was targeted after the files were discovered by Kaspersky's Anti-Virus software, somewhat explaining the U.S. government's push to ban the software on its systems.

Guess Which Software Russian Hackers Targeted to Steal NSA Secrets (Forbes) Just a few months ago, a team of security researchers at SafeBreach showed how several popular antivirus tools could be exploited to act as spying tools.

NSA contractors back in spotlight after reported Russian theft (POLITICO) The Kremlin's spies reportedly uncovered the secret cyber weapons on a personal laptop running software made by Kaspersky Lab.

Another NSA Contractor Stole Documents. Now the Russians Have More U.S. Hacking Tools. (Slate Magazine) The NSA is leaking like a sieve. What does that mean for the private data it holds on you?

The NSA Officially Has a Rogue Contractor Problem (WIRED) After the revelation of the third contractor leak in as many years, the agency has a clear operational security problem.

Smartphones of NATO Soldiers Compromised By Russian Hackers (HackRead) North Atlantic Treaty Organization, which is universally famous as NATO, has been targeted by none other but the country that is a pro at hacking and eaves

John Kelly's personal phone may have been breached (Washington Examiner) Government officials are unsure when or where the phone was initially compromised and what information, if any, was obtained.

Iranian Hackers Targeted Deloitte Via A Seriously Convincing Facebook Fake (Forbes) As America frets over Russians running rampant on Facebook, other adversaries have been exploiting the social network as a way into some of the world's biggest businesses.

Deloitte: would two-factor authentication really have helped? (TEISS) Two-factor authentication will protect you some, but not all of the time. It can deflect your average, opportunistic hackers but not all

FormBook Infostealer Sold on Hacking Forums Is Becoming Quite a Threat (BleepingComputer) During the past few months, malware campaigns distributing a previously unknown infostealer have ramped up, according to reports by Arbor Networks, FireEye, and the Internet Storm Center (ISC SANS).

KnockKnock campaign targets Office 365 corporate email accounts (Help Net Security) The KnockKnock campaign has a focus on precision targeting instead of high volume targeting, attacks averaged five email addresses for each customer.

Why Wannacry Was Just a “Warm-Up” (Infosecurity Magazine) It is only a matter of time before Western economies such as the US and the UK are hit by a massive cyber-attack aimed at taking down critical utilities or financial infrastructure.

When Phishing Starts from the Inside (Trend Micro Simply Security) A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials...

PoC for several Magento vulnerabilities released, update now! (Help Net Security) DefenseCode has published PoC code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento.

Hundreds of Printers Expose Backend Panels and Password Reset Functions Online (BleepingComputer) A security researcher has found nearly 700 Brother printers left exposed online, allowing access to the password reset function to anyone who knows what to look for.

CloudFlare Boots Off Torrent Site For Using Cryptocurrency Miner (HackRead) CloudFlare says sites running mining code without notifying users are considered to be malware. In the last couple of weeks, researchers discovered an incr

Sonic Confirms Malware Breach After Customer Card Data Lands on Carding Shops (BleepingComputer) Sonic Drive-In, a fast food chain with over 3,600 restaurants across the US, has acknowledged a malware breach that affected an yet unidentified number of locations.

Security Patches, Mitigations, and Software Updates

Emergency Apple Patch Fixes High Sierra Password Hint Leak (Threatpost) Apple rushed out an emergency patch that fixed an bug in High Sierra that revealed APFS volume passwords via the password hint feature.

macOS High Sierra Update Patches Keychain Access Flaw (Security Week) An update released on Thursday by Apple for its macOS High Sierra operating system patches two vulnerabilities, including one that allows malicious applications to steal passwords from the Keychain.

‘Mind-Boggling’ Math Could Make Blockchain Work for Wall Street (Bloomberg) A major breakthrough in cryptography may have solved one of the biggest obstacles to using blockchain technology on Wall Street: keeping transaction data private.

Marketplace

Cybersecurity isn't just for the CISOs (Technical.ly Baltimore) At the latest edition of the Waterfront Tech Series, Maryland cybersecurity leaders talked about implications for business and tech.

Beyond GDPR: Data protection as a competitive advantage (Help Net Security) Seventy percent of respondents to a McAfee survey believe the implementation of GDPR will make Europe a world leader in data protection.

Former Intel security researchers launch firmware-targeted startup, land $2M (Portland Business Journal) A pair of former Intel Corp. security engineers and researchers have formed a new security company headquartered in Beaverton.

Broadcom, Brocade Push Back Merger Deadline (Wall Street Journal) Broadcom and Brocade Communication Systems, technology companies that have been trying to complete a $5.5 billion tie-up since last year, have agreed to push back the deal-closing deadline to allow for additional regulatory review.

French group Orange eyes growth from cybersecurity businesses (Reuters) Orange (ORAN.PA) expects growth from cybersecurity services and aims to recruit 1,000 staff in this area by 2020, France's biggest telecoms group said on Thursday.

Can Security Drive The Turnaround At Cisco? (Seeking Alpha) Cisco is attempting to pivot towards the security market as part of an overall product restructuring. Progress is slow, and security still makes up a small prop

Cyber terror boosts Check Point (Globes) The Israeli company's value has been boosted 50% over the past year to nearly $19 billion.

Intercede sees huge growth in revenues as digital security sales soar (Leicester Mercury) Sales at a Lutterworth company are booming

Lawmakers to US Army: If network programs worth $6B are discarded, what’s next? (C4ISRNET) Lawmakers have roasted U.S. Army officials for abruptly scrapping its acquisition strategy months after submitting its fiscal year 2018 budget without a well-defined alternative.

Industry Veteran Thad Dupper Appointed CEO of Secure64 (markets.businessinsider.com) Secure64, the leading provider of Genuinely Secure DNS servers and DNS-based security solutions, today announced that Thad Dupper has been appointed Chief Executive Officer and will join the company's Board of Directors. Joe Gersch, the former CEO, has retired from the company.

Products, Services, and Solutions

New infosec products of the week​: October 6, 2017 (Help Net Security) EclecticIQ Platform 2.0 gets intelligence reporting, new UI, and more To remove one of the biggest bottlenecks in threat investigation, EclecticIQ Platform

Invizbox has announced a new InvizBox 2/2 Pro on Kickstarter for privacy/security (Movies Games and Tech) Irish cybersecurity company Invizbox has a few more days on Kickstarter for its new InvizBox 2 family of privacy and security products: InvizBox 2 and InvizBox 2 Pro. InvizBox 2 and InvizBox 2 Pro …

Introducing the Bugcrowd Researcher Advisory Council (Bugcrowd) The Bugcrowd Researcher Council provides feedback on platform designs for a direct impact on Bugcrowd bug bounty programs.

Zertificons Z1 SecureMail Gateway Release 4.12 brings new convenience features for admins (Zertificon) The Berlin-based email encryption expert Zertificon Solutions has released the Z1 SecureMail Gateway 4.12. Key new features include a policy wizard and LDAP authentication for administrators.

Cavirin Adds the NIST Cybersecurity Framework to its Hybrid Cloud Security Assessment and Remediation Platform (BusinessWire) Cavirin Systems, Inc. offers continuous security assessment and remediation for hybrid clouds, containers, and data centers, via the most comprehensiv

Crypto-Communication is Here with the BitVault (NEWSBTC) Embedded Downloads of Ireland, and VVDN Technologies, India, are set to become the producers of the world’s first crypto-communicator. Known as BitVault, the unit will work on all existing networks and will incorporate advanced blockchain security features. It appears the device will first be available for the fintech and defence market in November. The companies … Continue reading Crypto-Communication is Here with the BitVault

Arxan Named The First Application Security Solution To Receive ISO 13485 Certification (Markets Insider) Arxan Technologies, the trusted provider of application protection and management solutions, today announced that it has received an internationally recognized ISO 13485 Certification from BSI Group America Inc., a quality management systems registrar.

Farsight Security’s Flagship DNSDB Grows to 100B Records, Arming Threat Intelligence Teams with Unprecedented Historical and Real-time Intel to Fight Cybercrime (GlobeNewswire News Room) Farsight Security, Inc. today announced that Farsight’s flagship product, DNSDB, has grown from 35 billion in 2014 to over 100 billion records, each representing a unique observation of global DNS resolutions.

E8 Security gives SOCs a platform to jump into security analytics (451 Research) Security analytics have to be customized to business processes to detect advanced threats. E8 Security provides an analytic platform to help organizations catch attacks and better prioritize response within security operations centers.

Cyber Threat Alliance says it’s good to share (Computerworld) The Cyber Threat Alliance (CTA) formed earlier this year by Fortinet, McAfee, Palo Alto Networks and Symantec is taking cyber threat information sharing to a new level that it hopes will lead to all its members offering better protection against cyber threats.

Keybase launches encryption for git repositories (ZDNet) You can now encrypt repositories to keep them private and secure.

Technologies, Techniques, and Standards

Change management: Equifax highlighted the vulnerability gap between disclosure and patch (CSO Online) The Equifax breach highlighted a gap between the disclosure of a vulnerability and the implementation of a patch as a result of change management process. Adversaries seek out unpatched targets in this period of time which underscores the need for a layered security posture.

Cybersecurity: Lessons from 5 States (Government Technology) With protection from cyberthreats an ever-present concern for IT leaders at all levels, five states presented their approaches at NASCIO's annual conference in Austin.

Holograms for secure authentication still among top document security features (SecureIDNews) The decades-old technology is holding its own even as secure authentication relies more on biometrics and digital methods of ID. In spite of the newer tech, holograms are appearing on more passports and appear poised to command a place in the emerging mobile ID world.

If you use Yahoo Mail, switch to Gmail now (CSO Online) Yahoo suffered the world's biggest hack on 3 billion users. If you still use Yahoo Mail, follow these steps to switch to Gmail — the safest choice for personal email.

Leaving employees to manage their own password security is a mistake (Help Net Security) How do you manage password security in your organization? Are you focusing on the right process and using the right software? Read on to find out.

Design and Innovation

Guest blog: how blockchain can strengthen supply chain links (Loadstar) Blockchain – the technology behind digital asset and payment system Bitcoin – is being mooted as the next big thing for supply chains.

Legislation, Policy, and Regulation

'You Can't Uninvent Encryption', Cybersecurity Experts Tell Amber Rudd (Silicon UK) IP EXPO 2017: Cybersecurity panel aren't impressed with Home Secretary Amber Rudd's renewed calls for an encryption backdoor

U.S. Top Law Enforcement Call Strong Encryption a 'Serious Problem' (Threatpost) U.S. Deputy Attorney General and other top cyber policy makers warn the use of strong encryption hobbles law enforcement’s ability to protect the public and solve crimes and is a serious problem.

White House cybersecurity czar: 'We are certainly not asking for a back door' (CNBC) White House cybersecurity coordinator Rob Joyce says the government supports encryption.

House Cyber Leader Wants to Give Equifax the Kaspersky Treatment (Nextgov) Rep. John Ratcliffe wants DHS to issue a binding operational directive to end a $7 million Equifax contract with IRS.

Former Head of AT&T Had a Top Secret Security Clearance, Like Many Others in the Tech Community (Paleofuture) The former head of AT&T, Robert Eugene Allen, passed away in September 2016 at the age of 81. And while Allen’s 223-page FBI file is relatively unexceptional, it serves as a good reminder that telecommunications companies have been working on sensitive government work for their entire existence.

Litigation, Investigation, and Law Enforcement

Germany drops mass US, UK spying probe (Euronews) The decision comes four years after whistle-blower Edward Snowden accused the US National Security Agency (NSA) of bugging Chancellor Angela Merkel's private cell phone and massively spying on citizens of allied countries.

Judge denies bail for woman accused of leaking US secrets (Military Times) A woman charged with leaking U.S. secrets must remain jailed until her trial, a federal judge ruled Thursday, saying her release would pose an “ongoing risk to national security.”

Mueller's team met with Russia dossier author (CNN) Investigators met with the former British spy whose dossier on alleged Russian efforts to aid the Trump campaign spawned months of investigations, per sources.

Mattis warns DoD against leaks in new memo (Military Times) The Oct. 3 memo was driven in part by leaks after May 2017 Manchester attack.

Police expose group suspected of stealing 240 mil. yen using internet banking malware (The Mainichi) Police have exposed a criminal group using the internet banking malware

Judge: Wells Fargo directors can’t duck claims over fake accounts (Maryland Daily Record) Wells Fargo & Co. executives and directors accused of steering the bank into the worst scandal of its modern history were ordered to defend a lawsuit accusing them of profiting from the creatio…

Parents Calm But Cautious After Johnston Directory Cyber Attack (WHOTV) It's been a week of worry for many as a cyber crime struck the Johnston Community School District publicly releasing the names, addresses and telephone numbers of students and sending them threatening messages.

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, Dec 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive comprehensive guidance and best practices for establishing and managing an Insider Threat Program. Anyone concerned with employee threat identification and mitigation will gain valuable knowledge from attending meetings. This meeting will focus on human resources interaction with an insider threat program and behavioral indicators of insider threat.

Upcoming Events

Federal IT Security Conference (Columbia, Maryland, USA, Nov 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Sector (Toronto, Ontario, Canada, Nov 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Countermeasure (Ottawa, Ontario, Canada, Nov 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees can expect up to three days of professional skills training prior to the two-day main conference. All content will be delivered by some of the world's most knowledgeable and influential IT security experts in private, public, and research sectors.

2017 ICIT Gala & Benefit (Washington, DC, USA, Nov 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This black-tie event will celebrate the accomplishments of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used to help sustain and grow the Institute’s research, publications, and educational activities for the communities it serves.

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, Nov 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for presenting cutting-edge, practical, and balanced training for cyber security lawyers, in-house legal personnel, cyber security service providers, law enforcement, military, members of the bar, bench, and ambassadors and consul generals from all over the world.

CyCon US (Washington, DC, USA, Nov 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information exchange across the cyber community, and includes participation from military, government, academia, and industry from around the world. The conference promotes security initiatives and furthers research on cyber threats and opportunities. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, Nov 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of engaging sessions and intense networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, Nov 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2017 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.

POC 2017 (Seoul, Korea, Nov 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and creative discussion and shows real hacking and security. POC wears both black hat and white hat. POC will share knowledge for the sake of the power of community. POC believes that the power of community will make the world safer. POC has been making a history with sincere staffs, hackers from the world, and sponsors since2006. POC will be a unique conference.

Cyber Security Summit: Boston (Boston, Massachusetts, USA, Nov 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Boston is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

2017 International Information Sharing Conference (Washington, DC, USA, Oct 31 - Nov 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department of Homeland Security and U.S. Chamber of Commerce. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations, and from information sharing newcomers to well-established cybersecurity organizations. This unique conference will go beyond discussing current cyber information sharing topics, and will provide opportunities to see competing approaches and innovations in platforms and services. Conference sessions and panels will focus on automated sharing, analysis, how to build trust in a community of interest, cross-sector sharing, the role of government in information sharing, the value proposition of an ISAO, and much more.

2017 International Information Sharing Conference (Washington, DC, USA, Oct 31 - Nov 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department of Homeland Security and U.S. Chamber of Commerce. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations, and from information sharing newcomers to well-established cybersecurity organizations. This unique conference will go beyond discussing current cyber information sharing topics, and will provide opportunities to see competing approaches and innovations in platforms and services.

2017 Annual Conference: Networking the Future (Tampa, Florida, USA, Oct 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the military, and academia for a comprehensive exploration of emerging threats, best practices, research, workforce development, and today's hottest cyber trends.

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, Oct 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina and beyond. RETR3AT goes beyond the “1s and 0s” approach to cybersecurity training, challenging attendees to think about how to lead in protecting their organization’s information within an ethical framework.

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, Oct 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina and beyond. RETR3AT goes beyond the “1s and 0s” approach to cybersecurity training, challenging attendees to think about how to lead in protecting their organization’s information within an ethical framework

Digital Risk Summit (Washington, DC, USA, Oct 25 - 27, 2017) Hosted by Neustar, the Digital Risk Summit is a forward-looking educational conference packed with actionable intelligence and best practices for all types of organizations. If you interact with consumers, customers, and partners by phone or online, you face digital risk. In today’s world, it’s imperative that you stay on top of rapidly evolving threats. Hear and learn from regulators, FBI, U.S. Secret Service and other experts about the latest risks and how best to manage them now and in 2018. Attendees will also have the opportunity to earn CPE, CRCM and CAMS credits.

European Smart Homes 2017 (London, England, UK, Oct 25 - 26, 2017) ACI’s European Smart Homes 2017 will will bring together key industry stakeholders from the energy industry, IT, telecoms operators, retailers, solution distributors utilities, insurance and property management companies, governments, consultants, solution and technology providers. The key discussions will involve monetisation, customer approach, partnership and interoperability.

PCI Security Standards Council: 2017 Europe Community Meeting (Barcelona, Spain, Oct 24 - 26, 2017) Three days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Europe Community Meeting.

Industrial Control Systems (ICS) Cyber Security Conference USA (Atlanta, Georgia, USA, Oct 23 - 26, 2017) Since 2002, the ICS Cyber Security Conference has gathered ICS cyber security stakeholders across various industries and attracts operations and control engineers, IT, government, vendors and academics. Over the years, the focus of the conference has shifted from raising awareness towards sharing security event histories and discussing solutions and protection strategies. The event will cater to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations.

Cyber Security Summit 2017 (Minneapolis, Minnesota, USA, Oct 23 - 25, 2017) Cyber Security Summit is a public-private collaboration with support from industry, government, and university leaders who gather to discuss security trends and solutions. The 7th Annual Summit will bring together senior executives, risk managers, military representatives, policymakers, lawyers, academics, and technology leaders. Topics, content and speakers are driven by an Advisory Board composed of experts from diverse critical infrastructure operators and commercial market sectors.