Laurel and Baltimore: notes from Novetta's TechTalk and Maryland Cyber's awards night
Novetta TechTalks: New Trust Models and New Analytical Tools (The CyberWire) On Monday, March 20, 2017, Novetta presented a pair of tech talks at the Jailbreak Brewing Company in Laurel, Maryland. Their topics were the blockchain, Ethereum and graph databases. The security use cases of these technologies are likely to be of broad interest. (Of narrower interest at the event itself was Novetta's use of the blockchain to run its raffle for several door prizes, which was a pleasant an interesting way to demonstrate the technology.)
Innovation at the Inner Harbor: the Maryland Cybersecurity Awards (The CyberWire) On Wednesday, March 22, the Cybersecurity Association of Maryland met for its inaugural awards celebration. Convening at Baltimore's Visionary Art Museum in the Inner Harbor at the base of Federal Hill, Maryland Cybersecurity celebrated some of the state's leaders in information security practice and innovation.
Cyber Attacks, Threats, and Vulnerabilities
Wikileaks' latest Vault 7 document dump reveals CIA infection of 'factory fresh' iPhones and Mac firmware (Computing) Documents reveal that the CIA has been infecting iPhones since 2008.
WikiLeaks Reveals How the CIA Can Hack a Mac’s Hidden Code (WIRED) The leak shows how physical access hacks can plant undetectable spying code deep in a Macbook's firmware.
WikiLeaks releases new CIA documents describing Mac exploits (TechCrunch) WikiLeaks just shared a few new documents as part of the CIA Vault 7 data dump. These documents describe hacking methods allegedly used by the agency to..
WikiLeaks Continues 'Vault 7' With New Documents Detailing Mac-Related CIA Exploits (Mac Rumors) WikiLeaks today continued its "Vault 7" series by leaking details concerning CIA-related programs that were built with the intent to infect iMac and MacBook devices. Today's "Dark Matter" installation of Vault 7 follows a few weeks after WikiLeaks debuted "Year Zero," which focused on exploits that the CIA created for iOS devices.
WikiLeaks: CIA tools could infiltrate MacBooks, iPhones (CNET) A new series of leaked documents appears to show tools from as far back as 2009 that could infect Apple products. They required physical access.
WikiLeaks Dump Shows CIA Interdiction of iPhone Supply Chain (Threatpost) Today’s WikiLeaks Vault 7 Dark Matter release shows the CIA’s capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain…
Apple underwhelmed by latest CIA exploits revealed by WikiLeaks (WeLiveSecurity) WikiLeaks's revelations about security vulnerabilities in Apple products appear to be a damp squib.
The Next Must-Watch TV Show Is Russia’s Version of ‘The Americans’ (Foreign Policy) If you really want to understand how Moscow sees U.S. intelligence, turn off the congressional hearings and start watching “Adaptation.”
EUCOM commander: US needs stronger response to Russian disinformation (Defense News) The U.S. has not done enough to reinforce NATO’s nascent efforts to fight Russia’s prolific propaganda against European allies, the top military commander in Europe told lawmakers Thursday.
Estonia's lessons for fighting Russian disinformation (The Christian Science Monitor Passcode) The Baltic nation has long had an adversarial relationship with its Russian neighbor. As a result, its press and public have become adept at recognizing and debunking Kremlin propaganda.
Islamic State Claims London Attacker as Its 'Soldier' (VOA) London authorities name the attacker who killed four people near Parliament as a 52-year-old British-born convert to Islam
London defiant as Islamic State claims responsibility for attack by British ex-con (Chicago Tribune) Islamic State claimed responsibility Thursday for an attack by a man who plowed an SUV into pedestrians on a crowded London bridge, then stabbed a cop.
Network Take: A Lone Lunatic Attack or a Broader Conspiracy? (Cipher Brief) The man who carried out a deadly terrorist attack in London was British-born and had been previously known to authorities, UK Prime Minister Theresa May said on Thursday.
FBI's Comey warns of 'terrorist diaspora' from ISIS territory (Fox News) FBI Director James Comey repeated his concerns Thursday over a terrorist diaspora that he believes will occur once ISIS territory in Iraq and Syria is crushed by coalition forces.
ISIS Will Fail, but What About the Idea of ISIS? (The Atlantic) Despite claiming responsibility for attacks like the one in London, the group is dying. It will retain the ability to inspire.
O Brotherhood, What Art Thou? (Foreign Affairs) What the United States needs is critical engagement with the Brotherhood, through discussions and constructive critique—not an outright ban.
‘Turkish’ hackers threaten to reset millions of iCloud accounts (Naked Security) Apple says it hasn’t been breached, but is facing a ransom demand, payable in cryptocurrency … or iTunes gift cards
Apple Responds to Hacker's Threat to Wipe Millions of iPhones (Fortune) Apple says an "alleged" list of iCloud passwords likely came from breaches elsewhere.
Leaked iCloud credentials obtained from third parties, Apple says (CSO Online) The iCloud credentials that the Turkish Crime Family hacker group claims to have weren't obtained through a breach of the Apple's services.
SAP GUI vulnerability “most dangerous” since 2011: ERPScan - Inside SAP (Inside SAP) Researchers from security firm ERPScan have disclosed a vulnerability in the SAP GUI application which it has described as perhaps the most dangerous SAP issue since 2011, as it affects not only every SAP customer but also every user.
Hizb-ul-Mujahideen’s Twitter handle hacked, messages of peace posted (The Indian Express) The tweets are critical of Yasin Malik, Kashmiri separatist and chairman of Jammu and Kashmir Liberation Front, and Hurriyat leader Syed Ali Shah Geelani.
Minecraft players get scams instead of mods (Help Net Security) Google has recently removed 87 fake Minecraft mods from Google Play, after being notified by researchers about their malicious nature.
Spam mails circulate file-shredding malware: how to protect yourself (Naked Security) Watch out for attacks that start with social engineering and sending convincing-looking emails targeted at companies
BEC Soars Again as Fraudsters Target Employees (Infosecurity Magazine) BEC Soars Again as Fraudsters Target Employees. Proofpoint stats reveal a growth in email fraud
Online scammers are exploiting Bitcoin; Cryptocurrency is tempting, experts say (Blasting News) Cybersecurity firm ZeroFOX says Bitcoin is attracting online scammers to commit online fraud.
Bitcoin rise fuels social media scams (CSO Online) The price of a single Bitcoin passed that of an ounce of gold for the first time this month, and scammers were quick to get in on the action with Ponzi schemes and phishing sites spread via social media.
Malvertising Campaign on Adult Sites Spreads Ramnit Trojan (BleepingComputer) Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK.
Android Forums hacked; password reset notice issued (HackRead) Android Forums, a popular platform for Android users, has announced that its servers were accessed by a third-party resulting in a data breach. In a securi
OPSEC in the Underground: A Look at Insider Trading (SecurityWeek) Like any business, cybercriminals offering their services need to develop and maintain a brand and reputation in order to attract customers.
Adviser support service hit by cyber attack (FT Adviser) The chief executive of advice community website Panacea Adviser has issued a warning after his email account was hacked
Security Patches, Mitigations, and Software Updates
Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates (The Hacker News) Google announced its plans to gradually distrust Symantec's SSL certificates after the company was caught improperly issuing 30,000 certs over the past few years.
Google reports mixed progress on Android security (InfoWorld) Is the glass half full or half empty? The real issue is that it’s at the halfway mark and there's still a significant security road that Android must travel
Google reportedly removing SMS texting from Hangouts on May 22 (Ars Technica) But Google Voice users won't be affected as much.
CVE-2017-0022: Microsoft Patches a Vulnerability Exploited by AdGholas and Neutrino - TrendLabs Security Intelligence Blog (TrendLabs Security Intelligence Blog) Part of this month’s Patch Tuesday is an update for a zero-day information disclosure vulnerability (CVE-2017-0022), which we privately reported to Microsoft in September 2016. This vulnerability was used in the AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
Cyber Trends
Industrial control systems: The holy grail of cyberwar (The Christian Science Monitor Passcode) Regulators and utility industry leaders need to wake up to the risks that could let malicious hackers cause widespread physical damage to the grid and other critical infrastructure.
New Deloitte Study Identifies Cyber Vulnerabilities in Manufacturing Supply Chains (Supply Chain Management Review) The new Deloitte study outlines the strategies that businesses must take to build cybersecurity efforts into their larger business plan and untimely protect their operations and their customers.
IT Security Pros and Network Operators View DDoS Attacks as an Increased Concern in 2017 (Yahoo! Finance) DDoS attacks are a greater security threat to businesses in 2017 than ever before, and Internet Service Providers need to do something about it according to a new survey of IT security professionals and network operators released today from Corero Network Security .
Diverse protections for a diverse ecosystem: Android Security 2016 Year in Review (Google) Today, we’re sharing the third annual Android Security Year In Review, a comprehensive look at our work to protect more than 1.4 billion Android users and their data.
Healthcare IT pros believe data is safer in the cloud (Help Net Security) Healthcare IT pros and executives believe that when facing hardware malfunctions, their organization's data is safer in the cloud than on premises.
Marketplace
Cyber Insurance Underwriting: What Role Do Security Ratings Play? (BitSight) Learn how Security Ratings play an integral role in the cyber insurance underwriting process, including transactions, benchmarking, and risk aggregation.
Column: How to balance IT and cybersecurity in the C-suite (Baltimore Business Journal) No longer just responsible for basic computer maintenance, CIOs drive innovation and implement strategic technology solutions.
Security for Industry 4.0 is a Key Topic at the Hannover Messe Trade Fair (Rhode & Schwarz Cybersecurity) The “Internet of Things” (IoT) or “Industry 4.0” allows companies in the manufacturing industry to make enormous innovative and productive leaps.
No One Has All The Solutions - Why BAE Systems Is Backing A Cyber Security Accelerator (Forbes) We all love to hear about tech startups. We love their innovative technologies and the way they apply new thinking to seemingly intractable problems. We love their disruptive business models and as they grow bigger and more successful, we are gripped by their growth stories. And occasionally, of course, we enjoy the opportunity to nod sagely and say 'I told you so' when they crash and burn.
FireEye’s stock rockets after Goldman swings to bullish from bearish (MarketWatch) FireEye’s stock soared on heavy volume after Goldman Sachs pulled an about-face, upgrading it to a buy from a sell.
Exclusive: FireEye CEO Talks Limits Of Cybersecurity, Company's 'Moat' (Benzinga) The frequency of high-profile cyber attacks have thrust security companies into the spotlight.
Is Kevin Mandia the Right CEO to Turn Around FEYE? (Madison.com) When Kevin Mandia was promoted to the CEO of FireEye (NASDAQ: FEYE) in June 2016, he inherited quite a challenge. His promotion was announced with the 2016 first-quarter earnings report,
Lockheed to continue helping DoD fight cybercrime (C4ISRNET) Lockheed Martin has been awarded a contract to continue helping the Department of Defense fight cybercrime.
Booz Allen Hamilton (BAH) Awarded 5-yr $86M Contract by National Geospatial-Intelligence Agency (StreetInsider) Booz Allen Hamilton (NYSE: BAH) announced that it has been awarded a five-year, $86 million contract by NGA-NGC to lead the Learning Management and Advancement Program (LMAP) that will provide high-quality learning solutions to equip a diverse workforce with the knowledge and skills necessary to meet current and future GEOINT mission requirements.
GSA looks to streamline cyber buying (FCW) As part of a new strategy for Continuous Diagnostics and Mitigation cybersecurity capabilities, GSA is looking to replace the blanket purchase agreement with a better governmentwide IT contract.
Scottish government promises jobs galore with new digital strategy (Computing) 16-point plan also calls for 'rural first' broadband development.
Palo Alto Networks commits to APAC customers by opening new Singapore office (Security Brief) Palo Alto Networks has moved into its brand new Asia Pacific headquarters in Singapore this week, opened by Dr. Yaacob Ibrahim.
Key executive appointment at Digital Shadows – focus on partner eco-system (Security Brief Asia) Digital Shadows has expanded their executive team, with a focus on utilising their partner eco-system.
Carbon Black poaches HPE channel chief to lead sales (Channel Pro) Miles Rippon will lead the company's channel business throughout EMEA
Products, Services, and Solutions
New infosec products of the week: March 24, 2017 (Help Net Security) Here are some exciting new information security products from vendors including: Hearsay, IBM, Lookout, PacketSled, and SecureKey.
OPSWAT and Random Computing Services Announce Partnership (Benzinga) OPSWAT and Random Computing Services are partnering to offer the best cyber security solutions.
Tactical data system almost ready for prime time (C4ISRNET) Link 22, a NATO secure radio system, offers significant improvements over the legacy tool.
Technologies, Techniques, and Standards
Threat Intelligence Feeds: Overview, Best Practices, and Examples (Recorded Future) When designing your security program, knowing how to select the right threat intelligence feeds, and measure their ROI, is essential.
Doing Threat Intel the Hard Way - Part 6: Threat Intelligence Maintenance (Anomali) Once an analyst has decided on the validity of the threat, the output of that decision must be captured and stored, preferably within the system.
Prioritizing Threats: Why Most Companies Get It Wrong (Dark Reading) To stay safer, focus on multiple-threat attack chains rather than on individual threats.
What CISOs Can Learn from ER Doctors (Security Week) By working together and sharing missteps, defenders can gain crucial security insights and prevent the spread of attacks
Can High Speed Training Solve the Skills Gap? (Infosecurity Magazine) Recruiters must prioritize psychometric testing and high-speed training over degrees and ‘career experience
Design and Innovation
Blockchain can help secure medical devices, improve patient privacy (CSO Online) If implemented properly, blockchain can help secure medical devices and improve patient privacy, but the key is proper implementation, according to a top security pro at Partners Healthcare.
This Security Expert Wants to Turn Defunct Online Stores into Malware Honeypots (BleepingComputer) Willem de Groot, a Dutch security expert, is asking owners of defunct or soon-to-be-dead online stores to donate their domains so he can set up honeypots and track credit card stealing malware and other types of cyber-attacks on e-commerce targets.
Sandia Testing New Intrusion Detection Tool That Mimics Human Brain (Dark Reading) Neuromorphic Data Microscope can spot malicious patterns in network traffic 100 times faster than current tool, lab claims.
Microsoft expands connected car push with patent licensing (PCWorld) Microsoft’s push into the connected car market continued Wednesday when it unveiled a new patent licensing program aimed at crafting deals for carmakers and other companies.
Academia
What it’s like at San Quentin’s coding school (TechCrunch) North of San Francisco, there’s a European-like fortress along the water that is "home" to over 3,000 prisoners. The surroundings are beautiful, but the..
Legislation, Policy, and Regulation
US-led coalition vows to crush 'Islamic State' (Deutsche Welle) A US-led 68-nation alliance says it remains "firmly united" in its resolve to wipe out the militant group. A meeting of the coalition in Washington was overshadowed by an attack in London and civilian deaths in Syria.
In Venezuela’s Toxic Brew, Failed Narco-State Meets Iran-Backed Terrorism (Foreign Policy) Venezuela has become a rabidly anti-American failed state that appears to be incubating the convergence of narco-trafficking and jihadism in America’s own backyard.
Canada and Nato attempt to define threshold for cyber-attack response (SC Magazine UK) Amidst a Russian war of intelligence and influence, the Canadian military considers what defines a cyber-attack under the Nato agreement and when it should call in help of other countries.
FBI director floats international framework on access to encrypted data (CSO Online) The FBI director James Comey is suggesting an international approach to solving the encryption debate. He proposes that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.
FBI Adapting To Combat Cyber Threats, Director Comey Tells UT Conference (KUT News) FBI Director James Comey delivered the keynote address at a symposium on national security challenges at the University of Texas at Austin on Thursday.
Comey Says Surveillance Requirements Are Tough, And That's Good (Bloomberg) As claims and counterclaims about surveillance of President Donald Trump’s associates swirl in Washington, FBI Director James Comey struck a defensive tone Thursday about the power and constraints the bureau confronts when it comes to conducting electronic monitoring.
The Laptop Ban and What It Means for Air Travel: QuickTake Q&A (Bloomberg) Middle East airports and passengers are grappling with new U.S. and British rules barring laptops and other electronic gadgets in carry-on luggage. Both governments prohibited large electronic devices in the cabins of flights headed to their countries. In announcing the rules, officials cited security reasons but didn’t supply many specifics.
Airline devices ban: here’s what you need to know (Naked Security) Flying to the US or the UK? We’ve got some tips on how to pack your devices and secure your data if you’re flying out of one of the airports or on a carrier named in the bans
Data center optimization framed in cybersecurity, customer service terms for Trump administration (FederalNewsRadio.com) Advocating data center consolidation and optimization as a priority could be a tough sell to the Donald Trump administration.
Senate votes to kill FCC's broadband privacy rules (Network World) The U.S. Senate has voted to kill broadband provider privacy regulations prohibiting them from selling customers' web-browsing histories and other data without permission.
Microsoft exec gets new cyber job at DHS (Cyberscoop) Krebs started at the Department of Homeland Security this week as a senior counselor, generally working cyber issues.
Chamber of Commerce urges Trump to get business input for cyber strategy (TheHill) Chamber says new admin should 'harmonize' cyber regulations with NIST framework
Want to fix cybersecurity? Think about worst-case scenarios first (The Christian Science Monitor Passcode) Scenario thinking sketches out future cybersecurity problems and helps policymakers begin addressing tomorrow's digital dilemmas.
How to reform the outdated federal anti-hacking law (The Christian Science Monitor Passcode) The more than 30-year-old Computer Fraud and Abuse Act carries overly harsh penalties for trivial digital transgressions – and it needs to be completely overhauled (or abolished altogether).
Litigation, Investigation, and Law Enforcement
Killer was Muslim convert (Times (London)) The terrorist who brought carnage to Westminster was a Muslim convert and violent criminal known to the security services, it emerged last night, as the death toll rose to five. Khalid Masood, 52...
Police search homes linked to criminal with string of aliases (Times (London)) The Westminster killer was wildly itinerant, employed a range of pseudonyms and lied about his profession but had come from humble beginnings in the Home Counties, it has emerged. Khalid Masood, 52...
Copycats still worry Jewish group in Dallas after hacker's arrest in Israel (Dallas News) Israeli police on Thursday arrested a 19-year-old Israeli Jewish man as the primary suspect in a string of bomb threats targeting...
Spying claim by Intel chair renews fight over Russia probe (Military Times) The House intelligence committee chairman privately apologized to his Democratic colleagues on Thursday, yet publicly defended his decision to openly discuss and brief President Trump on typically secret intercepts that he says swept up communications of the president's transition team.
U.S. may accuse North Korea in Bangladesh cyber heist: WSJ (Reuters) U.S. prosecutors are building potential cases that would accuse North Korea of directing the theft of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York last year, and that would charge alleged Chinese middlemen, the Wall Street Journal reported on Wednesday.
SSL sues Orbital ATK over confidential data breach - SpaceNews.com (SpaceNews) Space Systems Loral (SSL) has filed a lawsuit against Orbital ATK, alleging it accessed sensitive information about SSL satellite servicing technologies.
CNO: Cyberstalking and bullying victims should come forward (Navy Times) As Navy leaders continue to grapple with a military-wide scandal involving nude photos of service members, the service is encouraging victims to come forward.
A Multimillion Phishing Scam: Two Tech Giants Scammed into Paying Over $100M (HackRead) Evaldas Rimasauskas, a man from Lithuania, scammed two major US tech companies into wiring over 100 million Dollars several bank accounts. According to the
Ex-IT director accused of accessing his former employer for two years (Naked Security) Case again raises the issue of how organisations can protect themselves against rogue employees
‘I forgot my password’ doesn’t impress judge in a child images case (Naked Security) Is this defendant protected by the Fifth Amendment over revealing his password? Campaigners think he is – and predict that the case might go to the Supreme Court
Man sentenced to 3 years for Facebook threat to kill Obama loses appeal (Ars Technica) He told Secret Service of "biblical and constitutional duty" to assassinate Obama.