Washington, DC: the latest from CyCon 2017
Army wants cyber contract times to decrease with acquisition revamp (FederalNewsRadio.com) The Army has its eyes set on closing the gap between technology life cycles and acquisition cycles as it reorganizes its procurement office.
Cyber Brigade Soldiers Excel in All-Army CyberStakes Competition (DVIDS) Soldiers from U.S. Army Cyber Command’s 780th Military Intelligence (MI) Brigade (Cyber) and the Cyber Protection Brigade harvested both individual and unit honors in the All-Army CyberStakes (AACS) award presentation at the 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.), Ronald Reagan Building, Nov. 7.
Cyber Attacks, Threats, and Vulnerabilities
Shadowy cyber-espionage group 'Sowbug' has been hacking diplomatic secrets for years (International Business Times) Mysterious group hits South America and south east Asia with 'Felismus' software.
Vietnam's neighbors, ASEAN, targeted by hackers: report (Reuters) A hacking group previously linked to the Vietnamese government or working on its behalf has broken into the computers of neighboring countries as well as a grouping of Southeast Asian nations, according to cybersecurity company Volexity.
Russia's 'Fancy Bear' Hackers Exploit a Microsoft Office Flaw—and NYC Terrorism Fears (WIRED) Kremlin hackers are adapting their phishing tactics with both the latest software vulnerabilities and the latest news, new McAfee findings show.
Feds have eye on cybersecurity issues Tuesday (CNN) As voters head to the polls on Tuesday, state and local officials are working with the federal government to monitor any potential cybersecurity concerns
Paradise Papers were not an inside job, says leaky offshore law firm (Gears of Biz) Appleby condemns ‘criminal act’ and ‘politically driven’ reporting
The Devious Netflix Phish That Just Won't Die (WIRED) That Netflix phishing scheme has been around for months—and it's clever enough to stick around.
Researcher Details New Windows Code Injection Technique Named PROPagate (BleepingComputer) A security researcher has discovered a new code injection technique that works on all recent Windows versions and allows miscreants to inject malicious code into other applications undetected.
Android security triple-whammy: New attack combines phishing, malware, and data theft | ZDNet (ZDNet) Attacks on three fronts ensure attackers have all the information they need to steal banking details in the latest evolution of the Marcher malware, warn researchers.
Fake WhatsApp app fooled million Android users on Google Play: Did you fall for it? (ZDNet) Fraudsters are managing to get fake WhatsApp apps published on the Play Store.
Linux Has a USB Driver Security Problem (BleepingComputer) USB drivers included in the Linux kernel are rife with security flaws that in some cases can be exploited to run untrusted code and take over users' computers.
Report: New Technologies Raise Cyber Threat for Aviation (Aviation International News) The Atlantic Council calls for a clear vision to address cyber threats, as technologies such as ADS-B and electronic flight bags may be vulnerable.
Unknown User Triggers Bug That Freezes $285Mil Inside Ethereum Wallets (BleepingComputer) On Monday, November 6, an unknown user triggered a bug in the source code of the Parity Ethereum wallet that has permanently locked funds inside users' accounts.
Google’s Halloween lock-out caused by false positive (Naked Security) We now know why Google Docs users started finding themselves blocked from opening or editing files
Cyber security consultancy firm Accenture narrowly avoided a massive data breach (TEISS) Accenture narrowly avoided a massive data breach after it was revealed that the firm stored bundles of sensitive data containing decryption keys and customer information on four cloud servers without protecting them with passwords.
Maersk cuts profit guidance in wake of cyber attack (Financial Times) Danish conglomerate’s shares fall after higher fuel costs weigh on performance
Marketplace
Exclusive: Avast Owners Hire Rothschild for $4 Billion Software IPO-Sources (New York Times) The owners of Avast Software have hired Rothschild to prepare the business for a share sale which could value one of the world's most used providers of computer antivirus software at as much as $4 billion, four sources familiar with the matter told Reuters.
Proofpoint acquires Cloudmark for $110M in cybersecurity consolidation play (TechCrunch) As malicious groups continue to become more sophisticated in their hacking techniques, cybersecurity efforts are attempting to expand in their reach, and that..
Warburg Pincus offers to buy control of cybersecurity co Cyren (Globes) The US private equity firm has invested $19.6 million for a 21.3% stake in the Israeli company and offered to buy a 75% stake.
Container Security Startup NeuVector Raises $7 Million (eSecurity Planet) The container firewall specialist will use the funds to bulk up its engineering and sales operations amid intensifying demand for its solution.
Co-Founder of Surveillance Company NSO Starts New Cyber Startup (CTECH) Omri Lavie unveiled Orchestra, a cybersecurity startup offering a system-wide defense
SnoopWall, Inc. Officially Renamed to NETSHIELD™ Corporation (PRNewswire) NETSHIELD™ Corporation (formerly SnoopWall, Inc.) officially unveiled its...
CyberSeek™ Details Supply and Demand of U.S. Cybersecurity Workers (Business Insider) The demand for cybersecurity professionals remains strong across the United States, new data from CyberSeek™ released here today at the National Initiative for Cybersecurity Education Conference & Expo 2017 reveals.
Why IBM wants to hire employees who don’t have a 4-year college degree (CNBC) The company intends to hire 6,000 employees by the end of 2017.
Department of Homeland Security Awards Leidos $34 Million Task Order (Leidos) Company to provide scientific, engineering and technical assistance under the GSA OASIS vehicle
A look at MobileIron’s Zimperium partnership and IoT plans (BrianMadden.com) MobileIron's earnings call revealed new details about their IoT plans: The company will focus on use cases that can be addressed with EMM technology.
Virtru Expands Data Protection Offerings for Microsoft Office 365, Azure Platform, Joins Microsoft AcceleratorNew Product Offerings Will Bring Surprising Ease of Use and Cross-Platform Control to... (markets.businessinsider.com) Virtru, a trusted provider of data protection and data privacy solutions to more than 7,000 organizations announced today that it is expanding support for the Microsoft ecosystem and that it was selected for the prestigious Microsoft Accelerator.
CrowdStrike outlines expansion plans in APAC (ComputerWeekly.com) The endpoint security expert plans to double its workforce in the region next year on the back of triple-digit growth in sales and bookings since it opened its Sydney regional headquarters last June
CrowdStrike Announces Establishment of the CrowdStrike Foundation (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the establishment of the CrowdStrike Foundation. The CrowdSt
Shift from Security to Civilian Market behind NICE Systems’ Growth (CTECH) Israel-based NICE Systems used to sell surveillance software to governments. Now it provides technology for call centers
Symantec: The Case Of The Disappearing Guide-Down (Seeking Alpha) Symantec reported the results of its fiscal Q2 last week. The results were a beat on revenues and a miss in terms of reported EPS, primarily driven by one-time
Siemens inks deal to help utilities avoid cyberattacks (Orlando Sentinel) Siemens puts focus on helping utilities deter cyberattacks
Big companies bring in the cyber bounty hunters (Financial Times) Carmakers are among the businesses offering payouts to hackers who can discover flaws.
Ann Arbor cements its status as a tech hub to watch with first unicorn (VentureBeat) Last month, Ann Arbor-based startup Duo Security announced that it had raised a new $70 million round, valuing the company at $1.17 billion.
Centrify Bolsters Senior Marketing Leadership Team with Two Industry Veterans to Accelerate Brand and Customer Adoption (BusinessWire) Centrify today announced two prominent technology industry leaders have joined the company's senior marketing leadership team.
MITRE Hires Sam Visner as New Leader for National Cyber Center (WashingtonExec) The MITRE Corp. has named Samuel Visner as the new head of the National Cybersecurity Federally Funded Research and Development Center. Visner, who most re
NetSPI Announces Senior Leadership Appointments to Catapult Growth (Business Insider) NetSPI LLC (NetSPI), the leading provider of enterprise security testing and vulnerability correlation software, announced leadership appointments and restructuring initiatives today to accelerate product innovation and strategic growth.
Worcester firm receives Queen's award (Worcester News) A CYBER security software specialist based in the city has been celebrating being awarded a Queen's Award for Enterprise in Innovation.
Products, Services, and Solutions
AWS bolsters S3 security following massive info leaks (iTnews) Adds five new features.
The 5 Best-Selling Network Security Brands In Q3 2017 (CRN) Cisco, SonicWall and Palo Alto Networks sold the most network security devices through the channel during the third quarter of 2017, according to The NPD Group. See how many units were sold and who else cracked the top five.
Threat intelligence platform adds analyst assessments to machine learning (BetaNews) Companies are increasingly turning to AI and machine learning solutions to combat cyber threats, but sometimes there is no substitute for the insight that comes with human analysis.
ThreatConnect Now Provides One Place to Visualize Your Intelligence and Operations (BusinessWire) In an effort to provide its customers with the most efficient way to gain insight into, and situational awareness of their security and intelligence,
Forcepoint's Human-Centric Security Helps Financial Services Firm Protect Critical Customer and Business Data in Hybrid Clouds (Business Insider) Global cybersecurity leader Forcepoint today announced the company's human-centric, real-time security technology has been deployed by Simplicity Credit Union to protect the financial services firm's 23,000 members...
Forcepoint's Human-Centric Security Helps Financial Services Firm Protect Critical Customer and Business Data in Hybrid Clouds (Business Insider) Global cybersecurity leader Forcepoint today announced the company's human-centric, real-time security technology has been deployed by Simplicity Credit Union to protect the financial services firm's 23,000 members...
Northrop's BluVector spinoff brings DNA approach to cyber defense (Washington Technology) Once part of Northrop Grumman, BluVector's platform uses machine learning and a software genome to attack and adapt to cyber threats.
Akamai tackles bots, web performance in new releases (IPT Net) Company's content delivery network tools to be made available in the IBM Cloud.
A10 Networks Introduces Software Subscription Model for Consumption of Secure App Services Across On-Premise, Cloud and Hybrid Environments (BusinessWire) A10 Networks (NYSE: ATEN), a Secure Application Services™ company, today announced A10 FlexPool, a software subscription model that provides ent
VIPRE® Outperforms Webroot in Head-To-Head Comparison (GlobeNewswire News Room) Endpoint Security Cloud Edition achieves perfect protection rate, while visibility, speed and ease of analysis prove superior in AV-Comparatives’ independent testing
Shape Security introduces Blackfish artificial intelligence system to protect consumers whose passwords have been stolen in data breaches (Business Insider) New technology detects and prevents the use of compromised...
WatchGuard Adds Autotask Integration to Simplify Managed Security Services (PRNewswire) \WatchGuard® Technologies, a leader in advanced network security solutions,...
WatchGuard's New Tabletop UTM Appliances Deliver Speed and Security for Small and Distributed Offices (PRNewswire) WatchGuard® Technologies, a leader in advanced network security solutions,...
Darktrace drafts in machine learning for infrastructure cybersecurity (Computer Business Review) With critical infrastructure increasingly becoming the target of withering cyberattacks, Darktrace launches new machine learning security business unit.
NATO Selects CloudMask as a Supplier to Help Protect Sensitive Information (PRNewswire) CloudMask is honored to be nominated by Canada and approved by NATO's...
Technologies, Techniques, and Standards
Can a new model for cyber come from an existing consumer protection effort? (FederalNewsRadio.com) Here are some of the top takeaways from the Executive Leadership Conference, sponsored by ACT-IAC, which had some interesting discussions and news tidbits.
Charities unprepared for cyber attack risk (Financial Times) Online donations make organisations vulnerable but simple measures can help
Study Says: Most People Aren't Using This Critical Security Feature (Fortune) Don't be the next John Podesta.
The measurability riddle: How much money should you put in cyber security? (The Economic Times) Today, there is much fear-mongering on cyber security. Do you really need it? Not all companies need to have the highest levels of cyber security.
Big Wind Capital Inc.: Hill Top Security to Collaborate with FIX on Cryptocurrency Security Standards (Marketwired) Hill Top Security Inc, ("HTSI" or the "Company") and Big Wind Capital Inc. (CSE:BWC)(CSE:BWC.CN)(CNSX:BWC) announces that Hill Top has agreed to collaborate with the FIX Trading Community, to develop standards for cryptocurrency, particularly related to security
Design and Innovation
How these lava lamps are securing the internet (Boing Boing) How these lava lamps are securing the internet
How the iPhone earned its security record (Financial Times) Facial recognition is the latest in a complex arsenal of defences
Academia
Norwich University Applied Research Institutes announces $2.3M FEMA grant for cybersecurity consortium (Vermont Digger) Norwich University Applied Research Institutes (NUARI) has been awarded a Federal Emergency Management Agency (FEMA) training grant for $2,267,000 for cybersecurity training for first responders.
Top 10 US colleges battle at National Collegiate Penetration Testing Competition (Monroe County Post) The nation’s top cybersecurity college students traveled to Rochester to test their hacking skills in the annual National Collegiate Penetration Testing Competition.
Students learn to 'think like a hacker' in UC Berkeley experimental course (EdScoop) Through a partnership with HackerOne's bug bounty platform, computer science students are gaining real-world cyberwar experience.
Legislation, Policy, and Regulation
Estonia's rise into a digital nation (IT PRO) Former president Toomas Ilves talks about the country's digital roots
Tweeter-in-chief ready to confront China's 'great firewall' (News Tribune) President Donald Trump's arrival in Beijing on Wednesday will serve as a test of reach for his preferred 140-character communications tool: The tweeter-in-chief will face off against China's 'great firewall.'.
Chinese Telecom Threatens U.S. Security (Wall Street Journal) Giving Huawei the green light would allow Beijing to spy on Americans.
Full implementation of DoD's Cyber Excepted Service still a year away (FederalNewsRadio.com) The Defense Department is planning a three-phase rollout of a new personnel system for its cyber workforce, which is still a year away.
Litigation, Investigation, and Law Enforcement
Ex-defense minister grilled over online smear campaign (Korea JoongAng Daily) Former National Defense Minister Kim Kwan-jin appeared at the Seoul Central District Prosecutors’ Office on Tuesday to face questions about his alleged involvement in the military’s illegal cyber operations during the Lee Myung-bak administration...
Book: Hackers pursued Democrats into last days of election (San Francisco Chronicle) Hackers hounded the Democratic Party into the final days of the 2016 election, breaking into a server carrying critical voter data, according to a book published Tuesday.
CIA Director Met Advocate of Disputed DNC Hack Theory — at Trump’s Request (The Intercept) Mike Pompeo sought “facts” from NSA whistleblower William Binney, who says the 2016 theft of DNC emails was an inside job, not a Russian hack.
Top Democrat on House Oversight panel demands answers about latest Hillary Clinton investigation (USA TODAY) Rep. Elijah Cummings wants access to a "confidential informant" that Republicans claim to have.
Devin Patrick Kelley Phone: FBI Having Trouble Accessing Texas Church Shooter's Smartphone (International Business Times) The FBI reportedly cannot yet crack the encrypted phone of Devin Patrick Kelley, the shooter who killed 26 people in a church in Sutherland Springs, Texas.
Former Yahoo CEO Marissa Mayer to testify to Congress on the 2013 security breach (Recode) So she’ll testify at a Tuesday hearing after all!
Canadian police frustration over cyber crime shows at conference (IT World Canada) Police frustration of dealing with the ever-increasing amount cyber crime businesses and citizens face compared with limited law enforcement resources
MHA will have two new units to fight cyber criminals, jihadis (The Times of India) With radicalisation, mostly online, and cyber crimes emerging as major security challenges, the Modi government has decided to create two new divisions in the home ministry to shape up policy and response to these new-age threats.
Feds raid Youngsville business for possible sex, cyber crimes (ABC11 Raleigh-Durham) The U.S. Department of Homeland Security is confirming a daytime raid on a Franklin County-based company on Tuesday, executing a warrant on alleged "cross-border illegal activity."