San Francisco: wrapping up RSA 2017
RSA® Conference 2017 Closes With Record Attendance (Yahoo! Finance) RSA® Conference, the world’s leading information security conferences and expositions, today concluded its 26th annual event in San Francisco. A record number of more than 43,000 attendees experienced keynotes, peer-to-peer sessions, track sessions, tutorials and seminars.
Winners and Losers at RSA (Forutne) So much money - for now
RSA Conference 2017: Hacker Highschool Highlights from the Cyber Village (GovTech) What tips and techniques help parents teach their kids online? Where can cybersecurity professionals turn for resources to train teens about ethical hacking? How can we address cybersafety in new ways moving forward? Here are some answers from the 2017 RSA Conference Cyber Village.
Workforce Development: Ranges, Training, Hiring, and Certifications (The CyberWire) The labor market for cyber security practitioners is famously a sellers' market. Skilled operators are in high demand, and, while estimates of the number of unfilled positions vary, there's widespread agreement (a few outliers in the US Department of Homeland Security aside) that this number is large, and likely to increase over the next few years.
Here’s how the US government can bolster cybersecurity (PCWorld) Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet.
Intent-Based Security Shows Momentum at RSA (SDxCentral) Fortinet, vArmour, and Twistlock are among the companies touting intent-based security at RSA Conference 2017.
Four Disruptive 'Cyber Trends' At RSA (Forbes) As an industry analyst and Forbes contributor who writes about digital transformation, I am always looking for stories of disruption.
RSA Conference 2017: Did our predictions come true? (Sophos) It’s day 4 of RSA Conference 2017 as I write this. For me, the event ends with a flight home in a few hours. Before doing so, a review of the week is in order.
RSA 2017: what are you trying to solve? (CSO Online) This year at the RSA Security Conference some 40,000 people packed the halls of the Moscone center in search of solutions (and light up swords) to solve their problems. Whatever the issue, they were looking for a salve to sooth their wounds in a manner of speaking.
Australian Cyber Roo hops to San Francisco seeking trade (ZDNet) Austrade and the Australian Cyber Security Growth Network have joined forces to promote quality Australian-made cybers to the world -- along with their new mascot, the Cyber Roo.
Mac Malware Getting Much Worse: How to Protect Yourself (Tom's Guide) Limitations in macOS' built-in protections guarantee that we'll see a good amount of Mac malware this year, two security researchers said.
A Corporate Inbox Receives 4.3 Times More Malware Than a Regular Inbox (BleepingComputer) Corporate email addresses are 4.3 more likely to receive malware compared to personal accounts, 6.2 times more likely to receive phishing lures, and 0.4 times less likely to receive spam.
Q&A: Digging into darknet technology with Farsight's Andrew Lewman (SearchSecurity) Farsight Security's Andrew Lewman speaks about how darknet technology could be used for good -- and bad -- in the enterprise.
AI SaaS application for cyber attack detection (Help Net Security) PatternEx announced the first Artificial Intelligence SaaS application for cyber attack detection at RSA Conference 2017.
Zimperium Fuels Advanced Mobile Threat Defense with Next Generation zIPS™ Join our daily free Newsletter (MENAFN) Zimperium, the industry leader in enterprise mobile threat defense (MTD) and the only provider of real-time on-device protection against known and unknown threats, today introduced two new advanced features for its next generation on-device detection solution, zIPS.
Products highlighted by recent infosec awards (Help Net Security) Bitglass was named by Cyber Defense Magazine the winner of the Hot Company award in the Cloud Security Solutions category. Bitglass is a Cloud Access Secur
Cyber Attacks, Threats, and Vulnerabilities
How IDF soldiers' phones got turned into spying devices (Help Net Security) For many months now, an unknown threat actor has been tricking servicemen in the Israel Defense Forces (IDF) into installing Android spyware.
ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar Read more: ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar (https://blog.lookout.com/blog/2017/02/16/viperrat-mobile-apt/) (Lookout Blog) ViperRAT is an active, advanced persistent threat (APT) that sophisticated threat actors are actively using to target and spy on the Israeli Defense Force.
The World Can Expect More Cybercrime From North Korea (Time) The regime is even more deperate for funds following China's boycott of its coal
Cisco Coverage for 'Magic Hound' (Talos Intelligence) A blog about the world class Intelligence Group, Talos, Cisco's Intelligence Group
The Full Shamoon: How the Devastating Malware Was Inserted Into Networks (Security Intelligence) X-Force IRIS researchers found that the Shamoon malware operators relied on weaponized documents that leveraged PowerShell to infiltrate targeted networks.
OSCE unable to identify perpetrators of cyber attacks against it - secretary general (TASS) "We are putting in place better protection, but we are unable to point the finger in any direction based on what we see," Lamberto Zannier said
New Clinton Emails? WikiLeaks Teasing Public With Mysterious 'Vault 7' (Sputnik) WikiLeaks has puzzled the public with a mysterious "Vault 7" riddle. Given several hints dropped by the organization the world may witness a new disclosure. WikiLeaks says it will be big.
Wikileaks is 'very happy' about fake news: Julian Assange (CNET) The Wikileaks founder is scathing about the "weaponised text" of the global news media, but when it comes to fake news and scandal, Julian Assange has a different view.
The Human Interface Device (HID) Attack, aka USB Drive-By (CyberPoint Blog) As a part of our effort to educate, assess and train (EAT), we want to highlight a physical host attack technique that is extremely cheap and simple to pull off, and unfortunately yields a significant return for the attacker if successful. The technique is commonly referred to as a "Human Interface Device (HID) attack" or a "USB drive-by".
'Android for Work' Security Containers Bypassed with Relative Ease (BleepingComputer) Mobile security experts from Skycure have found two methods for bypassing the security containers put around "Android for Work," allowing attackers to access business data saved in this seemingly secure environment.
Phwning the boardroom: hacking an Android conference phone (Context) At Context we’re always on the lookout for interesting devices to play with. Sat in a meeting room one day, we noticed that the menus on the conference phone, a Mitel MiVoice Conference/Video Phone, had a very familiar Android style.
Feds more at risk from clicking on links than from data stolen during OPM breach (FederalNewsRadio.com) Hackers will target current and former federal employees based on a broad set of data, not just personal information stolen during the OPM cyber breach.
Your computer is a cookie that you can’t delete (Naked Security) Browsing the web? You can still be identified even if you switch browser
Magento-based online shops hit with self-healing malware (Help Net Security) Administrators of e-commerce sites running on the open source platform Magento would do well to check their database for triggers with suspicious SQL code.
Yahoo hit by another security breach as its Verizon deal nears a conclusion (WIRED UK) Verizon is expected to buy Yahoo's core internet businesses for up to £280 million less than the agreed £3.6 billion price
Computer crashes may be due to forces beyond our solar system (Computerworld) As our personal electronic devices get more complex, researchers say cosmic rays could put them at a greater risk of operational failure.
A Source Code Typo Allowed an Attacker to Steal 370,000 Zerocoin ($592,000) (BleepingComputer) The Zcoin project announced yesterday that a typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price.
Cyber attacks target 2 East Idaho counties; Bingham County systems still down (Idaho State Journal) Two Eastern Idaho counties fell victim last week to computer-related incidents, with officials in Bingham County still working to rebuild their computer systems.
Airline systems vulnerable to hacking - Kaspersky expert (Myce) In a week when a university team hacked a model of a water supply system and poisoned it by releasing excessive quantities of fluoride, a new report says hackers could target airline booking systems and ruin journeys.
My Friend Cayla Security Concerns - Information Security Buzz (Information Security Buzz) Following the news of security concerns behind My Friend Cayla, David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “My Friend Cayla is hitting the headlines, following a call for parents to destroy the doll by Germany’s Federal Network Agency.
Germany Bans "My Friend Cayla" Toys Over Hacking Fears and Data Collection (BleepingComputer) Germany's telecommunications regulator has issued a ban against a line of smart toys called "My Friend Cayla," calling the toy an espionage device, and recommending that parents destroy all toy instances at once.
Cybersecurity risks in US oil and gas industry (Energy Global) Ponemon Institute suggests that deployment of cybersecurity measures in the oil and gas industry is failing to keep pace with the growth of digitalisation.
The Homeless Homebuyer (NINJIO S2:E2) In this heart wrenching Episode, a young family wires their 650k down payment for their new home to a fraudulent account. Watch to see what happens next...
Security Patches, Mitigations, and Software Updates
After Microsoft Delayed Patch Tuesday, Google Discloses Windows Bug (BleepingComputer) For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement.
Google Project Zero shames Microsoft over security flaws that should have been patched last week (Computing) No company too big, or too small, to be "security shamed" by Google
Microsoft's decision to scrap February security updates unnerves patch experts (Computerworld) Patch experts struggled with Microsoft's decision to cancel this month's updates, pointing out that known vulnerabilities will go unpatched and IT planning was disrupted.
Adobe Issues Critical Security Update for Flash Player on Mac (Mac Rumors) Adobe this week released Flash Player version 24.0.0.221 to "address critical vulnerabilities that could potentially allow an attacker to take control of the affected system," including Mac, Windows, Linux, and Chrome OS.
Gmail now blocks all JavaScript email attachments (Naked Security) Google’s move will help protect your computer, but there are further steps you can take, too
Signal app gets video calling overhaul and a warning for iOS users (Naked Security) If you’re going to share confidential information via Signal’s encrypted video on iOS, make sure you opt out of its integration with Apple’s CallKit features
Cyber Trends
Even More US Enterprises Are Stockpiling Bitcoin To Combat Cyber Attacks (NEWSBTC) Incident response planning in the corporate sector should never include stockpiling bitcoin to meet ransom demands as it sets a very dangerous example.
Mirai and botnets make Akamai very concerned about the state of the internet (Inquirer) Meaaure yourself for a tinfoil suit, you are at serious risk from a whole range of cyber threats, including toasters and bloody toilets.
Familiarity breeds cyber-complacency (The New Paper) They call us 'digital natives' - the generation that has never experienced a world without the Internet. We're at ease with navigating the web, so at ease that we're often tasked with introducing our tech skills and digital knowhow into the workplace. Yet, when it...
25% of healthcare organizations using public cloud do not encrypt data (Help Net Security) A HyTrust survey of 51 healthcare and biotech organizations found that 25 percent of those organizations using the public cloud do not encrypt their data.
Cloud computing: Can hospitals manage security better than Amazon, Google or Microsoft? (Healthcare IT News) Informaticist Nephi Walton challenges health IT professionals to take a hard look at how secure their networks actually are.
Study finds 178 million exposed cyber assets in the U.S. (ConsumerAffairs) Are your cyber assets exposed? If so, you're not alone. A new study by Trend Micro finds that no fewer than 178 million internet-connected devices in the U
Australia's culture of trust is leaving the country vulnerable: Kaspersky Lab (ZDNet) Kaspersky Lab general manager ANZ Peter Brady said it is the laid back, naive culture Australia has that is resulting in such alarming statistics when it comes to mobile banker Trojan penetration.
Top 6 US Government Cyber Assets Prone to Attacks (The Merkle) Cyber security remains a pressing matter, and there is still quite a bit of work to be done. A new report by Trend Micro goes to show US cities are very prone to cyber attacks, with a multitude of ex
Cyber Attacks Threaten Germany's Medium-Sized Companies (Handelsblatt Global Edition) A study by PwC shows that the small- and medium-sized companies in Germany know they are at risk of cyber attack, but have failed to invest in better security.
Cyber crime in travel - no longer just about the money (Tnooz) ThreatMetrix recently analysed more than a billion web transactions taking place in the travel and entertainment industries.
What Needs to Happen with Cybersecurity in Oil, Gas (Rig Zone) Oil and gas leaders discuss the future of cybersecurity as the industry continues to evolve and become more digitized and connected.
Marketplace
Singapore's C-suite and IT decision makers at odds in their approach to cyber defence | Networks Asia (Networks Asia) Research shows board directors and IT leaders believe each other are responsible for managing the response to a cyber-attack, and that board level directors estimate the cost of a successful attack to be dramatically lower than their IT colleagues
Verizon, Yahoo Agree to Reduce Buyout Price to $4.55 Billion (eWeek) Verizon negotiates down to $4.55B for Yahoo transaction; Congressional staffers see Russian hacking, FISA vote as priorities; IBM launches machine learning for z System mainframes; and there's more.
Verizon/Yahoo Acqusition Price Cut ‘Hardly Comes As A Surprise’ - Information Security Buzz (Information Security Buzz) Following the news that Verizon are negotiating a price cut of $250-$350 million in their acquisition of Yahoo following news of two economically damaging cyber-attacks, Nick Pointon, Head of M&A at SQS commented below. Nick Pointon, Head of M&A at SQS...
Why Verizon Decided to Still Buy Yahoo After Big Data Breaches (Wall Street Journal) Verizon Communications Inc. outbid several suitors to buy Yahoo Inc.’s struggling internet business last year. But the phone giant had to scramble to keep the deal from unraveling after Yahoo disclosed two massive data breaches.
Verizon Acquires Skyward (ReadITQuik) Acquisition to help simplify management of drone operations reducing complexities for drone operators
F-Secure acquires Inverse Path (-Voice&Data) Cyber security company F-Secure has acquired privately-held company Inverse Path, an industry leader in providing security services to the avionics, automotive, and industrial control sectors.
The threat is real. That’s why GreyCastle keeps growing (Abany Business Journal) GreyCastle Security is the winner of the Cyber Security Award.
Symantec (symc): Is it safe to buy this stock? (TheStreet) Shares of SYMC have risen a staggering 81% in the past year, and 19% since the start of 2017.
Tiffanny Gates to Become Novetta CEO in March (GovCon Wire) Tiffanny Gates, federal business president at Novetta since January 2016, will elevate to the CEO ro
Products, Services, and Solutions
CompTIA Cybersecurity Analyst certification to include behavioral analytics (Help Net Security) CompTIA Cybersecurity Analyst (CSA+) certification brings behavioral analytics to the forefront of assessing cyber threats.
FireEye Announces Exploit Prevention and Anti-Virus Replacement for the Endpoint (PCQuest) FireEye announced several enhancements to its endpoint security solution designed to offer protection from threats missed by legacy solutions.
Kaspersky launches 'Password Manager' for remote access (Deccan Chronicle) Account security worries Internet users more than any other area of their online lives
eShore Partners With PhishMe To Enhance Security Defence (Channel EMEA) New Partnership Allows Customers To Leverage Human Anti-Phishing Solutions Alongside eShore’s Proven Cloud Security Services In the Caribbean, Bermuda and Latin America
Sumo Logic Delivers Multi-Tenant SaaS Security Analytics Solution with Integrated Threat Intelligence - insideBIGDATA (insideBIGDATA) Sumo Logic, a leading cloud-native, machine data analytics service, announced the availability of the industry’s first multi-tenant SaaS security analytics solution with integrated threat intelligence. This, coupled with new security apps for monitoring and compliance and a milestone certification for PCI DSS 3.2, demonstrates Sumo Logic’s strong momentum and commitment to providing leading-edge security analytics capabilities and compliance standards to customers.
Technologies, Techniques, and Standards
New Guide to Help Electric Utilities Improve Cybersecurity, Situational Awareness (NIST) As part of their current cybersecurity efforts, many electric utilities monitor data from the various systems and devices they rely on to keep the power flowing and to secure both their information technology and facilities. Pulling these data together and correlating events across data streams can be a time-consuming process, so the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology collaborated with a team of experts from industry, academia and government to develop a guide utilities can use to improve situational awareness and better respond to potential cyber attacks.
NIST Cybersecurity Practice Guide, Special Publication 1800-7: “Situational Awareness for Electric Utilities" (NIST) The NCCoE released a draft of the NIST Cybersecurity Practice Guide, SP 1800-7 “Situational Awareness for Electric Utilities” on February 16, 2017. Public comments on the draft will be expected through April 17, 2017. Submit your comments.
The time to fortify your organization against CNP fraud is now (Help Net Security) Countries adopting EMV experienced a corresponding spike in fraud involving digital and online purchases that don’t require a plastic card or CNP fraud.
Where does the buck stop when there’s a security breach? (Naked Security) Is it the IT department’s problem, or does the buck go as far as the C-suite? Opinions are polarised, but it’s more nuanced in the real world
60 Free Ransomware Decryptor Tool To Remove And Unlock Encrypted Files 2017 (GeckoandFly) How to remove ransomware? There is an alarming growing number of cybercriminal organizations using deceptive links and websites to install malicious malwar
What makes for truly independent security product testing? (Naked Security) It seems there’s room for improvement when it comes to independent testing – but what are your thoughts on this?
MITM Part 2 - Scan & Attack (Test Loop) In this part of the series, we’re going to use our Kali based attacker’s machine to scan the local network and find our Windows target. We’ll then carry out an ARP Poisoning based MITM attack against it as we explained in part 1. Once we have obtained a MITM position, we can then passively analyse the targets HTTP traffic to see what they’re up to.
5 Unique Ways to Improve Your Data Security (null) TEMPEST is a Government term that refers to the “unintended emissions from electronic equipment”
Home Instead launches cybersecurity campaign (The Dispatch) Home Instead Senior Care launched a nationwide campaign Friday aimed at better preparing seniors for internet scams and financial fraud attempts.The
Design and Innovation
Pentagon Cyber Spies Seek Better Tools to Sort Intelligence Data (Bloomberg.com) Pentagon spies trying to get ahead of mounting cyberthreats from North Korea to Russia are seeking new technologies to help winnow down the flood of data they receive, according to a senior Defense Department intelligence official.
Academia
The birth of cybersecurity - The Echo News (The Echo News) It’s been created and has a list of classes established, but Taylor’s cybersecurity major doesn’t officially exist—at least, not yet.
Closing The Cybersecurity Skills Gap With STEM (Dark Reading) As a nation, we should be doing more to promote educational programs that prepare today's students for tomorrow's jobs.
Legislation, Policy, and Regulation
Iran bans private drones from skies over Tehran amid security fears - BBC News (BBC News) Military officials act to remove "security threat" of private drones after shooting at two devices.
NATO 'not agile enough' to stop Russian hacking (Sky News) Sir Michael Fallon says NATO has not been fast enough in dealing with the threats posed by terrorism and cyber attacks.
NSA Split From Cyberwar Command Inevitable, Says Former Official (The Intercept) A former senior official at the NSA says the planned split between the nation's digital spying outfit and its offensive cyber military will happen, though likely not for a while.
Expert: Trump Cyber Policy Could Be 'Remarkably Boring' (PCMAG) Bush-era DHS official suggests White House cyber security order could be remarkably pedestrian.
Trump Chooses H.R. McMaster as National Security Adviser (New York Times) The president called him “a man of tremendous talent and tremendous experience.”
Senior Trump appointee fired after critical comments (Military Times) A senior Trump administration official was fired following criticism in a private speech of President Donald Trump's policies and his inner circle of advisers.
Flynn leaks ignite surveillance debate (TheHill) Republicans have expressed outrage over reports that calls to a Russian ambassador were intercepted.
Offensive cyber still in infancy, says Air Force official (C4ISRNET) Outside of CYBERCOM and NSA, offensive cyber capabilities are still being examined by the services.
Army Cyber Mission Force to Utilize Virtual Effects in Fight Against Militant Groups (Executive Gov) The U.S. Army's future cyber mission force teams will use virtual effects in offensive and defensive
General Keith Kellogg ‘In Play’ To Be Trump’s National Security Advisor (The Daily Caller) Retired Army Lt. Gen. Keith Kellogg is on President Donald Trump's short list to take over as national security advisor, the president said in a tweet Friday. Kellogg, a career Army officer, steppe
Getting prepared for a ‘cyber-Pearl Harbor’ (News Tribune) In a world where hackers and other bad actors thrive, a Pierce County congressman wants to provide states with funds to develop cyber-resiliency plans.
Litigation, Investigation, and Law Enforcement
FBI pursuing at least 3 probes of Russian-backed hacking: report (The Hill) The FBI is currently working on at least three separate investigations related to Russian-backed hacking during the U.S. presidential election, Reuters reported Saturday.
Peters Requests Full Homeland Security Committee Investigation (UPMATTERS) Investigation would focus on Russian attempts to hack election infrastructure and influence US elections
Riseup moves to encrypted email in response to legal requests (Indybay) After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization). The first concerned the public contact address for an international DDoS extortion ring. The second concerned an account using ransomware to extort money from people.
Riseup confirms receipt of FBI warrant and gagging order (Computing) Users wondering about the non-renewal of Riseup's warrant canary have their suspicions confirmed
UGNazi Hacker Who Doxed Trump, Clinton, Obama, and Others Gets No Prison Time (BleepingComputer) Eric Taylor, known online under the nickname of Cosmo the God, was sentenced on Friday last week to three years probation for a series of hacks the teenager committed in 2011 and 2012.
Men Who Sent Swat Team, Heroin to My Home Sentenced (KrebsOnSecurity) It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.
Couple can’t store data from camera pointed at next door’s garden (Naked Security) Ruling against Google continuing to track Safari users used to shore up case against couple who pointed cameras at their neighbours’ garden