May we ask for your support? As a finalist for this year's Maryland Cybersecurity Industry Resource Award, we're also up for the People's Choice Award. If you're read or listen to the CyberWire, we'd appreciate your support. You can vote here through March 22 (and you don't need to be in Maryland, or even in the US, to do so). Thanks as always for reading and listening.
More Signal. Less Noise.
Twitter bots and influence ops. PetrWare steals and improves Petya ransomware. Credential-stealing apps purged from Google store. Patch notes. Gamification and cyber operations. Advice for prospective whistleblowers?
Announcements
Maryland Cyber People's Choice Award: cast your ballot
Summary
The UK continues to worry about Russian influence operations targeting upcoming elections. In an odd, possibly related development, Russia's embassy to the UK is converting its Twitter followers to newsbots ready to disseminate the Moscow line.
There've been other Twitter issues this week as well. A large number of accounts have been hijacked to spread neo-Nazi symbolism, and there's an ongoing campaign out of Turkey to rope Twitter accounts into a pro-Erdogan net. The Turkish campaign is focused on Europe, especially the Netherlands.
Google has purged a number of credential-stealing apps from its store.
Petya ransomware has been stolen by criminal competitors and transformed into a more dangerous variant, PetrWrap.
Yesterday was Patch Tuesday. Microsoft issued eighteen bulletins, nine critical.
In industry news, rumor has it that Citrix is putting itself on the block.
There's considerable attention being paid by cyber and intelligence operators to gaming: cyber ranges see increased use, the US Department of Defense may be learning lessons from Pokemon-Go, and the CIA likes using old-school board games to train officers.
In the UK, attorneys aren't sure whether the GDPR is legally binding already, in advance of its formal implementation next year.
The Vault 7 story is still developing, but there's little new today. Wired does have an interview on leaks, however, with former CIA whistleblower (and convicted leaker) John Kiriakou about whistleblowing. His surprising advice to prospective leakers? Don't go directly to the media. Take the matter up with your chain of command first; then lawyer up.
Notes.
Today's issue includes events affecting Australia, China, Ethiopia, European Union India, Israel, Netherlands, Russia, Turkey, United Kingdom, United States
On the Podcast
In today's podcast, Emily Wilson from our partners at Terbium Labs talks about how the Dark Web reacts to events like Cloudbleed. We also speak with our guest, Justin Harvey from Accenture, who shares informed speculation about the private sector's interest in attribution.
Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of artificial intelligence as it's applied to security. And see also Cylance's video (taken in partnership with the CyberWire): opinions from the conference floor.
Sponsored Events
Case Study: 6 Lessons Learned Hunting Advanced Cyber Criminals (Webinar, March 16, 2017) What is it like to find out you’re on the trail of an advanced cyber criminal? What are the tools and skills you need to track them? What is the mindset you need to approach the hunt? And what indicators and intelligence can you use to see who the attacker is? In this webinar, our experts will discuss all of these questions and more, based on an actual case study.
Tech Talk: Ethereum & Graph Databases (Laurel, Maryland, USA, March 20, 2017) Join Novetta and Cyberwire at Jailbreak Brewery to learn about Ethereum and Graph databases, forward leaning technology transforming how we relate with our data. Mingle with like-minded techies and enjoy craft beer - See you then!
ThreatConnect Webinar: Threat Intelligence Isn’t One Size (Online, March 22, 2017) Threat intelligence (TI) can help any organization better protect themselves. With TI, you can identify threats and add context to them. Once you understand what you are facing, you can take decisive action to better protect your organization.
Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
The Russian Embassy Is Asking People to Become Twitter Bots (Motherboard) The Embassy to the UK's diplomatic newsletter service involves a suspect third-party Twitter app.
Kremlin seeks to sway British public opinion? (SC Magazine UK) Head of the UK's National Cyber Security Centre has written to political parties, warning of potential Russian-backed hacking to sway British electorate a certain way.
Beware of the app that’s out to empty your bank account (The Standard) Cyber security company ESET has discovered a dangerous new application that is targeting Android devices.
13 Google Play Store Apps Caught Stealing Instagram Credentials (BleepingComputer) Instagram users are once again the targets of malicious Android apps hosted on the Play Store, apps which steal their credentials on false claims of boosting their account's follower numbers.
How 13 apps attempted to steal 1.5M Instagram credentials: ESET (TECHSEEN) ESET has discovered 13 mobile applications on the Google Play Store that were phishing for Instagram credentials and stealing them to a remote server
PetrWrap, the "Almost Flawless" Ransomware (Infosecurity Magazine) Cyber-criminals are stealing from their peers in the latest ransomware family example, dubbed PetrWrap.
New 'PetrWrap' Signals Intensified Rivalry Among Ransomware Gangs (Dark Reading) PetrWrap modifies Petya ransomware so its authors can't control unauthorized use of their malware.
Experts Warn On Rise Of Hacker Ransoms (Information Security Buzz) The National Crime Agency and National Cyber Security Centre have launched a report into ‘The cyber threat to UK businesses’ …
Third-Party App Hack Results in Hijack Twitter Accounts (Infosecurity Magazine) Accounts belonging to BBC, Amnesty and security expert Graham Cluley among those used to send pro-Turkey messages
Prominent Twitter accounts compromised after third-party app Twitter Counter hacked (TechCrunch) A number of prominent Twitter accounts were hacked to tweet Nazi messages after Twitter Counter, a popular tool for analyzing Twitter followers, was hacked...
Sorry for the Nazi spam from my Twitter account (Graham Cluley) It happened to me (and many others). It could happen to you.
New Imeij IoT Malware Targets AVTech Equipment (BleepingComputer) A new malware strain named Imeij has been detected in the wild targeting equipment made by Taiwanese manufacturer AVTech. According to Trend Micro ...
EdgeWave Discovered New Spam Technique Exploiting Ubiquitous URL Shorteners (Marketwired) EdgeWave, Inc.®, a leading provider in cybersecurity and compliance, today revealed a new, malicious exploit embedded in popular URL shorteners, which are being mistaken as legitimate URLs.
Addressing SAP HANA Zero-Day Critical Vulnerabilities (Security Intelligence) SAP HANA customers should invest in an active threat monitoring and detection solution — meaning a SAP-specific threat vector detection.
Vulnerability in WhatsApp and Telegram allowed complete account takeover (Help Net Security) Check Point researchers revealed a new vulnerability on WhatsApp & Telegram’s online platforms – WhatsApp Web & Telegram Web.
Hire a DDoS service to take down your enemies (CSO Online) With the rampant availability of IoT devices, cybercriminals offer denial of service attacks to take advantage of password problems.
AlphaBay: Avenue on the “new” Silk Road? (Wapack Labs) Carding forum AlphaBay’s (AB) rules, posted on Twitter, have sparked debate in the underground that the forum is controlled by malicious ac...
MajikPOS Combines PoS Malware and RATs to Pull Off its Malicious Tricks - TrendLabs Security Intelligence Blog (TrendLabs Security Intelligence Blog) We’ve uncovered a new breed of point-of-sale (PoS) malware currently affecting businesses across North America and Canada: MajikPOS.
Canadian Agency Narrowly Avoids Breach from Zero-Day Flaw (BankInfo Security) Canadian authorities narrowly escaped a data breach by stopping an intrusion at the country's statistics agency. The cyberattack used a zero-day vulnerability in
How a serious Apache vulnerability struts its stuff (Naked Security) Officially it’s CVE-2017-5638, but in practice it’s “the bug in Apache Struts you really should have patched by now”. Here’s why…
Apache Struts 2 bug bites Canada, Cisco, VMware and others (Register) Canuck tax and stats outages revealed as patch pauses
Cisco Systems, Inc. (NASDAQ:CSCO) security team evaluating its products to assess impact (Benchmark Monitor) Cisco Systems, Inc. (NASDAQ:CSCO) security team called the weakness in Apache Struts “critical” and is evaluating many its products to assess the impact.
Where Have All The Exploit Kits Gone? (Threatpost) For a long time, exploit kits were the most prolific malware distribution vehicle available to attackers. Where did they go and what’s replaced them?
How Every Cyber Attack Works - A Full List - Heimdal Security Blog (Heimdal Security Blog) Here's an full list with explanations about (almost) every type of cyber attack out there.
Questions linger after ISP blocks TeamViewer over fraud fears (Naked Security) Data stolen from an ISP after a breach has led to its customers being targeted by scammers – but blocking a widely used tool is not a way to improve security
Tax office and immigration at risk of external cyber-attack, report says (the Guardian) In contrast, audit office says Department of Human Services, which includes Centrelink, is ‘cyber-resilient’
More than 120,000 affected by W-2 Phishing scams this tax season (CSO Online) Tax season doesn't officially end in the United States until April 18. At last count, 110 organizations have reported successful Phishing attacks targeting W-2 records, placing more than 120,000 taxpayers at risk for identity fraud.
March Madness Is A Winning Play For Hackers (Information Security Buzz) For fans of NCAA Men’s Basketball, there may be no greater sign of spring than Selection Sunday.
Security Patches, Mitigations, and Software Updates
Adobe, Microsoft Push Critical Security Fixes (KrebsOnSecurity) Adobe and Microsoft each pushed out security updates for their products today.
Patch Tuesday: Microsoft releases 18 security bulletins, 9 critical (Network World) Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.
Microsoft stays security bulletins' termination (TechWorld) Microsoft today postponed the retirement of the security bulletins it uses to describe in detail each month's slate of vulnerabilities and patches.
SAP Patches Critical HANA Vulnerability That Allowed Full Access (Threatpost) SAP patched a critical vulnerability in its cloud-based business platform HANA today that if exploited, could allow for a full system compromise, without authentication.
Google Eliminates Android Adfraud Botnet Chamois (Threatpost) Google removed a family of malicious apps, Chamois, from its Play marketplace recently that were found manipulating ad traffic.
ZTE releases two-month-old Android security patches for Blade V8 Pro - and still no Nougat (Neowin) ZTE launched the Blade V8 Pro last month with Android 6.0.1 Marshmallow onboard. Its first software update isn't Android 7.0 Nougat, though - it's the Android security patches from January.
Cyber Trends
Online fraudsters' preferred tools and techniques revealed (Help Net Security) A new report has revealed online fraudsters' favorite tools and attack techniques for creating accounts and evading detection.
DataVisor Online Fraud Report (DataVisor) The DataVisor Online Fraud Report provides insight into how bad actors are hiding amongst us inside consumer websites and mobile apps.
MWC 2017: AdaptiveMobile warns operators about IoT risks (Mobile News Online) 5G and network splicing open up new vulnerabilities to the Internet of Things UK mobile operators need to ramp up security to weather eventual attacks from vulnerabilities opened by mass amounts of Internet of Things (IoT) devices.
Mobile workers continually expose organizations to security risks (Help Net Security) 29% of organisations have experienced a data loss or breach as a direct result of mobile working. 48% say employees are one of their biggest security risks.
Marketplace
Worldwide infosec spending to reach $90 billion in 2017 (Help Net Security) Enterprises are transforming their security spending strategy in 2017, moving away from prevention-only approaches to focus more on detection and response.
Citrix up for sale, claims report (Computing) Citrix has hired Goldman Sachs to search for potential buyers, according to insiders
Crossrider buys German co Cyberghost (Globes) Crossrider CEO Ido Erlichman: Expansion in the cyber security arena is strategically very significant.
Changing face of security and Niara acquisition (Computer Business Review) HPE’s purchase of intelligent security provider Niara is evidence of just how profoundly enterprise security is changing.
Verizon originally asked for $925M discount following Yahoo breach disclosures (CIO Dive) Eventually receiving $350 million off its original $4.83 billion purchase price, Verizon sought the discount after Yahoo revealed breaches impacted more than 1 billion users.
Why you need cyber security checks during a merger or acquisition (BetaNews) 2016 was a record setting year for data breaches and hacks.
Cryptography co Dyadic Security raises $12m - Globes English (Globes) Dyadic CEO: We've changed the game for financial institutions and enterprise companies in how they protect sensitive data assets.
Sophos Plots a Course for a Synchronized Security Future (eWeek) Kris Hagerman, CEO of Sophos, discusses his security firm's strategy and technology to keep organizations safe from cyber-threats.
NSA-born Sqrrl to grow staff after finding its big data niche (Boston Business Journal) Cambridge-based Sqrrl has made the transition from one hot segment of the Greater Boston tech scene to another, and now the startup says it's ready to double down on its new market by hiring salespeople and looking for more funding in 2017.
Banks just can't find enough cyber-security talent (eFinancialCareers) Cybersecurity talent continues to be in short supply, especially when it comes to quality hires and in areas like advanced threat management, per Deloitte.
9 out of 10 IT Security Pros Surveyed Favor Experience over Qualifications, FireMon Study shows (Yahoo! Finance) FireMon, the leader in Intelligent Security Management, today announced results from a survey conducted at the recent RSA Conference that gauged the attitudes of 350 IT security professionals towards the ...
Emy Donavan to Lead AGCS Cyber Insurance Business (Yahoo! Finance) Allianz Global Corporate & Specialty SE announced a change in its global cyber leadership team. Effective March 31, 2017, Emy R. Donavan will be promoted to Global Head of Cyber reporting to Bernard Poncin, Global Head of Financial Lines at AGCS.
Forcepoint™ Expands Executive Management Team, Commitment to Customer Success Initiatives (Yahoo! Finance) Global cybersecurity leader Forcepoint™ today announced Brian J. Miller joins the company as senior vice president of customer success and operations. Miller ...
Apple hires security researcher Jonathan Zdziarski (TechCrunch) Jonathan Zdziarski has been a leading expert on Apple and iOS security and forensics for years — and now he's taking his expertise inside the company...
Products, Services, and Solutions
LockPath Partners with BankPolicies.com to Improve Policy Management for Financial Services Companies (Yahoo! Finance) LockPath, a leader in governance, risk management and compliance software, today announced its partnership with BankPolicies.com, a provider of banking policies and procedures. Through the partnership, ...
Digital Shadows Expands Visibility into Evolving Mobile Driven Risks (ResponseSource Press Release Wire) New capability will protect businesses from the threat posed by mobile apps London and San Francisco, March 14, 2017 – Digital Shadows today announced new enhancements to its SearchLight™ digital...
5 Risks Posed by Mobile Applications that Searchlight Helps You Manage (Digital Shadows Blog) Organizations face a wide range of risks online, including cyber threats, data leakage and reputational damage.
NIKSUN Named Industry’s “Most Comprehensive Solution” (Yahoo! Finance) NIKSUN® Inc., the world leader in developing real-time and forensics-based cyber security and network performance monitoring solutions, announced today it has been featured as the cover story for Silicon India’s special Enterprise Security edition.
Technology-Savvy Hospital Outsmarts Cybercriminals With Palo Alto Networks Next-Generation Security Platform (PRNewswire) Palo Alto Networks® (NYSE: PANW), the next-generation security...
Trustonic TEE to Help Protect UK Government Communications - Mobile ID World (Mobile ID World) A new partnership with Armour Communications will see Trustonic Trusted Execution Environment (TEE) technology protecting UK government assets...
Express Logic Introduces First Industrial-Grade IoT Device-to-Cloud Connectivity Platform (Businesswire) Express Logic's new X-Ware IoT Platform provides device-to-cloud connectivity for fast, safe, secure, industrial-grade connectivity of deeply em
TopSpin Makes Intelligent Deception a Hacker's Worst Nightmare (eSecurity Planet) Setting a trap using deceptive techniques may just snare many a hacker.
Austrian Social Services Provider Relies on Android Smartphones Protected by MobileIron to Enhance its Services (Yahoo! Finance) MobileIron (MOBL), the security backbone for the digital enterprise, today announced that Hilfswerk Niederösterreich, an Austrian provider of social services, chose the MobileIron platform to enhance the mobility of its 3,600 staff and 2,800 volunteers. MobileIron
Firm wins cyber security certificate (Bradford Telegraph and Argus) Bradford IT consultancy firm ITWiser is one of the first companies in the North of England to become an accredited Cyber Essentials certification…
LR announces its Cyber Secure programme – a unique, world-class approach to providing cyber security services to the marine and offshore industry (Hellenic Shipping News) Recognising the need to go further than ensuring the safe integration of cyber technology, LR has launched the next stream in its cyber and digitalisation suite of services.
Swimlane Integrates Its Automated Security Platform With Trend Micro Deep Discovery (Yahoo! Finance) Swimlane, a leader in automated incident response and security orchestration, announced today an integration with Trend Micro Deep Discovery. Together, Swimlane and Trend Micro will help customers quickly identify and respond to targeted attacks and
Imagination and Intercede demonstrate the power of the Trust Continuum in securing the IoT (GlobeNewswire News Room) Joint initiative addresses consumer security risk driven by today’s on-demand economy
Prevoty Automatically Protects Against the Latest Struts 2 Vulnerability and Attacks Targeting Remote Code Injection Vulnerabilities (Yahoo! Finance) Prevoty, the runtime application defense and intelligence company, announced today that its customers are automatically protected against popular remote code injection vulnerabilities such as the recent ...
Barracuda and Zscaler Team for Cloud-Delivered User Security (eSecurity Planet) The companies float a new cloud-based security service aimed at helping SMBs keep their users and data safe wherever they roam.
Technologies, Techniques, and Standards
Scratching the Surface: The FTC’s Phishing Tips for Victim Companies Are a Good First Step but Companies Should Not Stop There | JD Supra (JD Supra) In one type of phishing, fraudsters impersonate your business when contacting consumers. Phishing victims think they’re giving information to your...
Debunking 5 Myths About DNS (Dark Reading) From the boardroom to IT and the end user, the Domain Name System is often misunderstood, which can leave organizations vulnerable to attacks.
Data-matching: what happens when firms join the dots about you? (Naked Security) What is data matching, and what can you do to reduce the trail of digital breadcrumbs you leave as you travel around the web?
Why can't AI do more to help with information overload? (Computing) Microsoft, Google and others have spent enough on AI, but Peter Cochrane sees little evidence of it when it comes to email and search
A Guide to Indicator Expiration (ThreatQuotient) There is no shortage of indicator data these days. Large numbers of providers, both commercial and free, have set up shop to help fight the cause.
Verizon’s Data Breach Digest Uses Case Studies as Security Response Teaching Tools (IT Business Edge) Verizon’s annual Data Breach Investigations Report (DBIR) is one of the most respected studies on cybersecurity, cited by security professionals and security writers regularly and throughout the year.
How bad endpoint security can leave IT pros flying blind (IT Pro Portal) Many organisations consider it to be only a matter of time before they fall victim to a cyberattack.
Hackers Take Aim At The Arizona Cyber Warfare Range (KJZZ) Budding hackers huddle in a secure, windowless room as they gulp energy drinks and munch on pizza.
Cyber Resilience Framework: A Must Have for Digital Response (DATAQUEST) By Neeraj Parashar, Senior Manager-Digital Solution Architect, Business Process Services, Wipro Recently, a cyber-hacking team successfully hacked into a driverless car model’s AI system and was able control the car...
Guide to Safe Internet Browsing (Beginner's 101) (TheBestVPN.com) The Internet can be a dangerous place for the careless. Land on the wrong website, and you can infect your computer with malicious software that will steal your data or scramble it and demand a ransom for its return. Fill in a username and password in a bogus form, and your digital life can be …
Design and Innovation
The Autonomous Future of Warfare Looks a Lot Like Pokémon Go (WIRED) The head of the Pentagon's Strategic Capabilities Office explains how apps can help show the future of war.
The CIA uses board games to train officers—and I got to play them (Ars Technica) Also: why the CIA embraces training game cheaters, whether El Chapo hit a fire alarm.
Research and Development
Cyber Supply Chain (Defense Science Board) Modern weapons systems have depended on microelectronics since the inception of integrated circuits over fifty years ago.
BAE tech helps rapidly restore power grid after cyberattack (C4ISRNET) BAE was awarded a contract under a DARPA program aimed at quickly restoring power to the electric grid in the event of a cyberattack.
Academia
Real-world simulation to provide practice during cyber defense competition at Highline College (Auburn Reporter) College students from throughout the Pacific Northwest will have the chance to practice thwarting hackers during the annual Pacific Rim Collegiate Cyber Defense Competition on Friday, Saturday and Sunday at Highline College.
How can cyber security become part of the school curriculum? (Acumin) A new initiative, the Cyber Schools Programme, will teach school children aged between 14 and 18 on cyber security skills.
Legislation, Policy and Regulation
How Australia’s ‘Essential Eight’ sets the standard for sensitive data protection and breach notification (Security Brief) Globally, more and more jurisdictions are releasing mandates that will have a substantial impact on companies regarding breach notification.
Conflicts in cyberspace: a normative approach to preventing cyberwars (Euronews) The Russian cyber attacks that were meant to skew the 2016 US election toward Donald Trump have raised new concerns about conflicts in cyberspace. How might normative taboos, such as those against chemical and biological weapons, be adapted to the cyber realm?
A market-based approach to cyber defense: Buying zero-day vulnerabilities (Bulletin of the Atomic Scientists) It's time to look behind the tropes.
The NSA's foreign surveillance: 5 things to know (CSO Online) A contentious piece of U.S. law giving the National Security Agency broad authority to spy on people overseas expires at the end of the year.
Cybersecurity Collaboration Bill Aims to Help Companies (Bloomberg) A bipartisan Senate bill would give states more resources to help companies combat the growing cybersecurity risk, Sen. John Cornyn (R-Tex.) said March 10 in a statement.
All U.S. Companies Need to Share Cybersecurity Threat Data (Bloomberg) U.S. companies large and small feeling the burn in the aftermath of a data breach are struggling to find resources to bolster their security systems, cybersecurity industry panelists said at a March...
Statement From Advertising Trade Associations Urging Rapid Congressional Action on FCC Broadband Privacy Rule (PRNewswire) The American Association of Advertising Agencies ("4A's), American Advertising Federation ("AAF"), Association of National Advertisers ("ANA"), Data & Marketing Association ("DMA"), Interactive Advertising Bureau ("IAB"), and Network Advertising Initiative ("NAI") issued the following statement in support of Senator Jeff Flake and Congressman Marsha Blackburn's recently introduced Joint Resolutions disapproving of the Federal Communications Commission's ("FCC") broadband privacy regulations.
Trump’s Pick For White House Cyber Post Faces Growing Industry Distrust (MeriTalk) President Donald Trump picked a National Security Agency official to lead White House cybersecurity policy issues during a time when NSA surveillance powers are up for discussion and bad blood exists between the NSA and industry.
Litigation, Investigation, and Enforcement
A CIA Whistleblower Shares His Views on WikiLeaks, Trump, and More (WIRED) How does the Vault 7 leak look to a famous CIA whistleblower? It's complicated.
British security official denies UK spy agency eavesdropped on Trump (Reuters) A UK spy agency did not eavesdrop on Donald Trump during and after last year's U.S. presidential election, a British security official said on Tuesday, denying an allegation by a U.S. television analyst.
U.S. to Charge 4 Hackers Involved in Massive Yahoo Data Breach (HackRead) The U.S. Department of Justice is gearing up to issue indictment orders against four hackers involved in cyber attacks against Yahoo which affected hundred
Facebook—in hate-crime clash with MPs—claims it’s “fixed” abuse review tool (Ars Technica) Lawmaker accuses Twitter, Google, and Facebook of "commercial prostitution."
Court blocks American from suing Ethiopia for infecting his computer (CSO Online) An appeals court has barred an Ethiopian-born U.S citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.
GDPR: Confusion reigns as experts disagree as to whether it's already in force (Computing) Could you be fined in May 2018 for a breach now, if the GDPR is already in force in the UK? Some experts say yes,
FBI’s methods to spy on journalists should remain classified, judge rules (Ars Technica) Reaction: "It is antithetical to a democracy that supposedly values a free press."
DOJ: No, we won't say how much the FBI paid to hack terrorist's iPhone (CSO Online) The Justice Department says it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid.
Pennsylvania sues IBM over troubled $110M IT upgrade (Computerworld) Pennsylvania is suing IBM over a never-finished $110 million IT upgrade to its unemployment compensation system. Such large-scale projects often run into trouble.
University Expels Student After Hacking Professors' Emails (BleepingComputer) A young student at the Technion Institute of Technology in Haifa, Israel was expelled this past week after the University discovered he hacked into the email inboxes of several of his professors.
How The CIA And A Tech Startup Are Arming Police, Intelligence Agencies (MintPress News) Police officers and private security contractors are getting hi-tech help with their surveillance efforts - and the CIA is picking up the tab.
Industry Events
newly Noted Events
cybergamut Tech Tuesday: Software Defined Networking Forensics (Elkridge, Maryland, USA, and online at various local nodes, March 28, 2017) Volatility and Tshark were critical components in Booz Allen Hamilton winning the 2016 Digital Forensics Research Work Shop (DFRWS) international Software Defined Networking (SDN) digital forensics challenge. This was achieved by creating a prototype solution for the extraction of forensics artifacts from SSL/TLS encrypted packets between a software defined networking (SDN) switch and controller as well as a memory dump from the SDN switch. Mr. Bull and Mr. McAlister of Booz Allen Hamilton will articulate the steps which enabled the team to forensically enumerate the SDN network using only open source tools.
cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.
upcoming Events
Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.
BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.
Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.
European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.
Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.
Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, March 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.
SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.
IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.
PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, March 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).
Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.
2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.
Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.
WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.
Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.
SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.
Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.
Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!
SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.
Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.
Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.
Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances
Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.
Sponsor & Support
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.