Washington: news from the 2nd annual Billington International Cybersecurity Summit
Sophisticated threat actors are persistent threat actors (The CyberWire) Nation-states have earned their reputation as the most sophisticated and dangerous threat actors in cyberspace, but they're most distinguished not by their technology, but by their focus, determination, and persistence.
NSA technical director: Sharing hacker information isn't enough, we need a shared response - Cyberscoop (Cyberscoop) The nature of cyberthreats aimed at both the U.S. government and private American companies calls for a dramatic shift in how the larger cybersecurity community shares information about hackers and collectively responds to attacks, said Neal Ziring, technical director for the NSA’s Capabilities Directorate.
Cyber Attacks, Threats, and Vulnerabilities
New: Russian Hackers Targeted Hillary Clinton’s Campaign Email Ahead of the 2016 Election (Motherboard) New evidence shows that during their wide-ranging hacking campaign, Russian hackers tried to hack 6,730 people with 19,315 phishing links.
Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations (Palo Alto Networks Blog) Troichilus and MoonWind RATS used to target utility and other organizations in Thailand.
Jerusalem's municipality digital services under cyber attack (Ynetnews) Jerusalem's municipality revealed that, for the second time this week, the city's digital services, among them the municipality's website, are currently down due to a cyber attack. The services were shut down to prevent harm to the servers and the city's residents.
Dimnie Trojan targeting open source developers publishing on Github (Computing) Trojan targeting developers steals passwords, exfiltrates files, takes screenshots and can even self-destruct when it has served its purpose.
Malware campaign targets open source developers on GitHub (WeLiveSecurity) Be on your guard if you're a developer who uses GitHub - someone could be trying to infect your computer with malware.
Gizmodo found what looks to be FBI Director James Comey’s Twitter account (Ars Technica) Either way, this shows how difficult it is to maintain bulletproof operational security.
This Is Almost Certainly James Comey’s Twitter Account (Gizmodo) Digital security and its discontents—from Hillary Clinton’s emails to ransomware to Tor hacks—is in many ways one of the chief concerns of the contemporary FBI. So it makes sense that the bureau’s director, James Comey, would dip his toe into the digital torrent with a Twitter account. It also makes sense, given Comey’s high profile, that he would want that Twitter account to be a secret from the world, lest his follows and favs be scrubbed for clues about what the feds are up to. What is somewhat surprising, however, is that it only took me about four hours of sleuthing to find Comey’s account, which is not protected.
Here's How Not to Get Doxed Like FBI Director Comey (Motherboard) Separating your pseudonymous Twitter account from your real life identity can be tricky.
Developer Leaks Source Code for Nuclear Bot to Get Avowal From His Peers (Virus Guides) After falling victim to peer pressure, the creator of the Nuclear Bot banking Trojan decided to release its source code. Now everyone who wishes can use th
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers (Help Net Security) CVE-2017-7269 won't be patched by Microsoft, because they stopped supporting Windows Server 2003 a few years ago (IIS 6.0 was included in the OS).
Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server (InfoWorld) A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported
Microsoft Zero Day to Stay Unpatched (ISS Source) Microsoft Internet Information Services (IIS) 6.0 has a Zero Day vulnerability attackers leveraged last summer and is likely undergoing exploitation now, researchers said.
How Mobile Phones Turn Into A Corporate Threat (TrendLabs Security Intelligence Blog) Over the last year, the number of mobile phones overtook the world population. In countries like the United States, mobile subscribers outnumbered traditional landline users and half of Americans shifted to mobile-only to communicate. In modern smart cities, wireless-only buildings are becoming the new construction standard for homes, factories, and organizations in general. Landline phones are going away—sooner rather than later.
Escaping a Python sandbox with a memory corruption bug (Hacker Noon) A few weeks ago I decided to scratch an itch I’ve been having for a while — to participate in some bug bounty programs. Perhaps the most…
Let’s Encrypt issues certs to ‘PayPal’ phishing sites: how to protect yourself (Naked Security) Checking that a website uses HTTPS is one way of checking if it’s legitimate – but what happens when the scammers are buying SSL certificates that include the name of the company they…
Nintendo Switch emulator bait used to spread malware and ransomware, warns Norton (Computing) All bait and no Switch, warn security researchers.
Blizzard's World of Warcraft fans hit by phishing scam (HackRead) Hackers have centered their attention towards a famous game “World of Warcraft, ” and things aren’t looking good for its fans. According to the Graham Clul
7 sexy high-tech enterprise ‘surveillance engineering’ techniques that criminal hackers use (CSO Online) 7 ways criminal hackers use high-tech surveillance—sometimes with a social engineering element—to tap into the enterprise to get the keys to your kingdom, or sensitive information.
Aviation-Related Phishing Campaigns Seeking Credentials (Threatpost) Researchers warn of a wave in aviation-themed phishing attacks that aim to steal credentials and install malware.
UK residents hit with extremely personalized scam emails (Help Net Security) A compelling and potentially very successful email spam campaign is being leveraged against UK residents, urging them to download a malicious attachment.
The scam that knows your name and home address – here’s what to do (Naked Security) The scam that knows your name and home address – here’s what to do
Falling in love online? Don’t get caught out by the Tinder scammers (Naked Security) Don’t join the guys who were daft enough to hand over $5 each to a woman online – here are some tips to avoid falling into a trap
IoT: The blind spots in your network (IT Pro Portal) Connected devices may be easy to use but they come at a security cost.
Cyberspace’s most dangerous places put your personal data at risk (Dayton Daily News) Anyone with a mobile device is at risk of having private personal and financial information stolen. But dangerous software and applications often lurk
Report: Criminals find profit rates of up to 95 percent with DDoS attacks (CSO Online) The emergence of the DDoS-as-a-service industry has lowered the costs for attacks to $25 or less, allowing criminals with no technical expertise to reach profit margins of up to 95 percent, according to a report released last week
Security Patches, Mitigations, and Software Updates
More fun in the sandbox: Experts praise security improvements to Edge (Register) Time will tell if Microsoft's browser is less ez2pwn
Cyber Trends
Gemalto releases findings of 2016 Breach Level Index (Gemalto) Almost 1.4 billion data records compromised in 2016 as hackers targeted large-scale databases across industries
The Business of Security: How your Organization Is Changing beneath You (Dark Reading) And why it's your job to change with it and 'skate where the puck is headed.'
Insider Threat Fear Greater Than Ever, Survey Shows (Dark Reading) More than half of security pros say insider threat incidents have become more frequent in the past 12 months.
49 Percent of Organizations Don't Know if They've Experienced Insider Attacks (eSecurity Planet) And 74 percent feel vulnerable to such attacks, a recent survey found.
Internet's Security Woes are Not All Technical (Dark Reading) Google engineer Halvar Flake told Black Hat Asia attendees that flaws in organizational structure and market power put enterprises at risk.
‘Cyber criminals will prey on future homes’ (The Times of India) With 1.3 billion connected devices and Internet of Things (IoT) devices expected to populate homes in India by 2021, home networks can become easy targets for cyber criminals, said global cyber security agency Fortinet.
Law Firms Face Increase in Attacks (Infosecurity Magazine) One in four of all legal firms have been the subject of a cyber-attack
Marketplace
Worldwide spending on security technology to reach $81.7 billion in 2017 (Help Net Security) IDC forecasts worldwide revenues for security-related hardware, software, and services will reach a whopping $81.7 billion in 2017.
Mastercard acquires NuData Security (Help Net Security) Mastercard has entered into an agreement to acquire NuData Security, a technology company that helps businesses prevent online and mobile fraud.
Extreme Networks to acquire Brocade's networking business (CRN Australia) Expand its assault on Cisco, HPE, others.
ESET-DESlock acquisition pays off in data encryption test (Security Brief) “Given the growing importance of IT and data security, this is the first time AV-Comparatives has conducted a test on business encryption."
Corero Network rises as chairman signals plan to back share placing (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - Chairman Jens Montanana already holds 34.1% of the company but wants to pump more money into Corero, which would take his stake above 50%.
Yes, FireEye Inc (FEYE) Stock Is for Real (InvestorPlace) A few months ago, you couldn't give FireEye away. Now it's a struggle to buy FEYE stock at a price you can live with.
Proofpoint Growing On The Back Of Human Error (Seeking Alpha) Proofpoint continues to gain share in its target markets like email security, advanced threat detection, archiving, and data loss prevention as bigger rivals fo
The 3 Best Firewall Companies to Buy in 2017 (Madison) The total number of data breaches in the U.S. rose 40% in 2016 to hit a record high according to the Identity Theft Resource Center. That's why research firm Markets
Palantir Officials Reject Investor's Request for Records (Bloomberg) The secretive data-analytics company Palantir Technologies Inc. is intent on keeping its information private.
Greystones awarded DIA contract at undisclosed value (C4ISRNET) Greystones Group has been awarded a prime contract for visual media analysis software.
General Dynamics Selected to Provide Enterprise IT and Cloud Services to NATO (General Dynamics) General Dynamics Information Technology, a business unit of General Dynamics (NYSE: GD), was awarded a contract by the NATO Communications and Information Agency (NCI Agency) to deliver the most significant upgrade to the organization’s technical infrastructure in decades.
Lastline Announces Lastline Labs -- Research Team Fuels Innovation (Yahoo! Finance) Lastline Inc., the leader in advanced malware protection, today introduced Lastline Labs, its internal research group and innovative core. Lastline Labs brings together some of the most brilliant minds ...
Ministry of Justice ups salary for CISO role in a bid to flush out qualified candidates (Computing) New job ad with higher salary of up to £117,800 for MoJ CISO.
Products, Services, and Solutions
New infosec products of the week: March 31, 2017 (Help Net Security) Here are some exciting new information security products from ClearSky Data, Core Security, ManageEngine, Qualys, ViaSat and Waterfall Security.
Bricata adds AI to its cybersecurity tools (Technical.ly Baltimore) The Columbia-based startup inked a deal with buzzy cybersecurity company Cylance.
Chain Integrates Blockchain Technology with Thales Hardware Security Modules (Thales) Collaboration allows leading institutions to launch blockchain networks in production
Deloitte announces next generation cyber risk platform enabled by Dragos for Industrial Control Systems and Operational Technologies Security (Deloitte United States) Deloitte and Dragos offer combined services and technology to bolster cybersecurity in Industrial Control Systems (ICS) and Operational Technology (OT) networks.
Deloitte to expand cyber risk platform for industrial control systems, operational technologies security (World Oil) Deloitte has announced plans to expand its cyber risk platform for end-to-end industrial control systems (ICS) and operational technologies (OT) security with next generation technology enabled by Dragos, a cybersecurity company focusing on securing ICS and OT networks.
An AI Startup is About to Make Robbery More Difficult (PRNewswire) We've all watched the movie scene where the bank teller attempts to reach a silent alarm while a robbery takes place. Deep Science AI is about to make that scenario a thing of the past with its AI surveillance (AIS) platform for businesses.
Namecheap Offers Free Comodo SSLs for Symantec Customers (Fox 34) Free SSLs allow continuation of 'trusted site status' on Google
Norton By Symantec Launches Wi-Fi Security Software Starting From ₹2,999 (Huffington Post India) The software works on all the platforms including Android, iOS, Windows and Mac
cStor and Cylance Win Bid to Implement Advanced Cybersecurity and Endpoint Protection Solution for State of Arizona Agencies - Press Release Rocket (Press Release Rocket) cStor and CylancePROTECT® to help advance cybersecurity strategy and secure state agency data, systems and endpoint device (PRWEB) March 30, 2017 cStor, a leading provider of data center, cloud and cybersecurity solutions, today announced that the company and its channel partner, Cylance® Inc., have been selected to implement an advanced endpoint protection and cybersecurity solution …
CylancePROTECT® selected by SANS Community as Best Endpoint Protection Product of 2016 (SAT PR News) Nominees and winners selected by actual product users in SANS community of security specialists
All tech giants fail on security disclosure, but Microsoft and Google do best (CIO New Zealand) A new report ranking of a dozen tech giants finds that all of them could do better at explaining how user data is secured.
Technologies, Techniques, and Standards
US Border Policy Shifts May Drive Changes in Laptop Security (Dark Reading) In-cabin laptop ban and requirements to unlock devices for border patrol could have enterprises revisiting their on-device data policies.
Post-FCC Privacy Rules, Should You VPN? (KrebsOnSecurity) Many readers are understandably concerned about recent moves by the U.S. Congress that would roll back privacy rules barring broadband Internet service providers (ISPs) from sharing or selling customer browsing history, among other personal data.
Payment Card Industry Security Compliance: What You Need to Know (Dark Reading) A quick refresher on all the different PCI SSC security standards that are relevant for organizations that accept electronic payments.
The cost of compromised credentials creeps up (Third Certainty) The most common credentials are a combination of username and password, but those have lost a good bit of their protective powers. Next-generation credentials also are edging toward a precarious place. Here’s what you need to know about the dangers of compromised credentials and how to mitigate those risks. The speed of work these days …
2 Common Barriers to Effective Threat Intelligence (Recorded Future) Creating insight from threat data is easier said than done. There are two main barriers that stand in the way of creating effective threat intelligence.
Smart Whitelisting Using Locality Sensitive Hashing (TrendLabs Security Intelligence Blog) Trend Micro Locality Sensitive Hashing (TLSH) is a kind of fuzzy hashing that can be employed in machine learning extensions of whitelisting.
Ways To Maintain Your Cybersecurity Infrastructure (Anomali) Network security is a great undertaking early on. The benefits to protecting your network are immediate as well as beneficial in the long term. However, the systems and practices which defend your organization and its network are not a “set it and forget it” machine. As threats are continually evolving, so must your defenses. Don’t let complacency set in to the point where you’re relying on an outdated cyber security infrastructure.One component of a security plan that
A strong cyber recipe starts with a base of planning and a dash of creativity (FederalNewsRadio.com) Cyber experts from agencies and industry say the best defense starts with basic "blocking and tackling," and then adding a layer of creativity.
It’s the technology, stupid (The Hindu Business Line) Eleven reasons why the Aadhaar is not just non-smart but also insecure
Design and Innovation
Silicon Valley begins putting cyberbullies in the crosshairs (The Christian Science Monitor Passcode) With the rate of digital bullying increasing, tech firms escalate efforts to build automated tools that can detect and flag online harassment.
Research and Development
A more connected military means new battlefield glitches, too (The Christian Science Monitor Passcode) With its $52 million initiative to vastly expand connectivity and technology on the front lines, the US Army knows it may also give enemies new digital targets to hack or manipulate. Is it up for the challenge?
Vancore Labs to conduct research for DARPA (C4ISRNET) The U.S. Defense Advanced Research Projects Agency (DARPA) has awarded Vencore Labs contracts valuing $17.7 million for research in cyber defense.
AM General, Army to test autonomous vehicle system (UPI) An autonomous vehicle for transporting personnel and equipment within U.S. military facilities is being developed by AM General and the Army.
Army awards deals for autonomous reasoning (C4ISRNET) The contracts are for Charles River's Figaro open-source, probabilistic programming language for probabilistic modeling.
Elon Musk Isn’t the Only One Trying to Computerize Your Brain (WIRED) These companies are applying the Silicon Valley playbook to neuroscience.
Academia
LSU Applied Research Center positions Louisiana as a U.S. Cybersecurity Hub (BRPROUD) An organization at LSU that provides solutions for the defense and intelligence communities has received contracts totaling nearly $5 million from the U.S. Department of Defense for the university's growing cybersecurity expertise. Two large cybersecurity contracts have been awarded to Nascent Technologies Corporation, or NTC.
Coppin State University offers new cyber security program (WMAR) A new cyber security program at Coppin State University will train and employ graduates with the Department of Defense.
Israel teaches cybersecurity skills to its high schoolers (Public Radio International) A program for gifted 10th-graders teaches them coding, encryption and how to defend a computer network against hacking. Many of the students will end up in Israel's equivalent of the NSA.
Legislation, Policy, and Regulation
Now Europe is Looking to Undermine Encryption (Infosecurity Magazine) Now Europe is Looking to Undermine Encryption. Commission may look to force the hand of tech giants
Encryp-xit: Europe will go all in for crypto backdoors in June (Register) App-makers get a choice: Open up voluntarily or we'll pass laws forcing you to
GDPR: What to do with conflicting legislation (Computing) 'GDPR says to delete data after a certain period, while other regulations demand we keep data forever.' An IT leader explains his conundrum.
Privacy Babel: Making Sense of Global Privacy Regulations (Dark Reading) Countries around the world are making their own privacy laws. How can a global company possibly keep up?
German military to unveil new cyber command as threats grow (Reuters) Germany's military will launch a cyber command next week as part of an effort to beef up online defenses at a time when German spy agencies are warning of increasing cyber attacks by Russia.
'It's in our COMMON INTEREST' Germany warns security WILL NOT be used as bargaining chip (Express) The German Defence Minister has warned security will not be used as a bargaining chip during Brexit negotiations and called for greater military cooperation with the UK.
Ukrainian cybersecurity slowed by need to replace Soviet-era tech (C4ISRNET) The effort to upgrade intelligence capabilities and cyber protections is especially complex in Ukraine, as most existing Ukraine systems are, in fact, Russian in origin.
Countering Information War: Lessons Learned from NATO and Partner Countries (Globsec Policy Institute) In 2013, General Valery Gerasimov published an article, now know famously as “Gerasimov’s Doctrine”, which defined information warfare as the combination of electronic warfare, cyberwarfare and psychological operations into a single, coordinated military effort.
DHS issued two more Binding Operational Directives on cyber in final months of Obama term (FederalNewsRadio.com) DHS told Congress it’s seeing dividends from the legal authority to force agencies to take steps to improve their cybersecurity posture.
TRANSCOM worried about cybersecurity gap between DoD and civilian networks (FederalNewsRadio.com) U.S. Transportation Command uses a lot of civilian businesses, but is their difference in cybersecurity standards harming national security?
Confirmation of DHS intelligence head is too important to politicize (TheHill) OPINION | Grilling David Glawe on Trump's travel ban is just for legislators to levy political opinions unrelated to his role.
Lawmakers press budget chief on cybersecurity guidance for federal acquisitions (TheHill) The OMB never finalized the guidance in 2015.
Cyber Command looking to equip its cyber warriors (C4ISRNET) Cyber Command is now looking to equip its cyber warriors with tools and platforms to conduct full spectrum cyber operations.
Privacy activist wants to unveil lawmakers' browser histories (CSO Online) When members of Congress approved a resolution that would toss out significant online privacy protections, one Internet user decided to do something about it.
Litigation, Investigation, and Law Enforcement
Senator: Russia used 'thousands' of internet trolls during US election (CSO Online) The Russian government used "thousands" of internet trolls and bots to spread fake news, in addition to hacking into political campaigns leading up to the 2016 U.S. election, one senator said.
Russian experts paint sinister picture of Russian meddling (WRAL.com) Russian experts painted a sinister picture of Russian meddling in the 2016 election Thursday, telling the Senate intelligence committee about fake news, cyber trolls, smear campaigns and even slayings they say could have ties to the Kremlin.
Opinion | Today’s Russia hearings actually revealed something new and important (Washington Post) Senate Republicans now seem to be taking this story very, very seriously.
White House tells Russia probers: Come see intel yourselves (Military Times) The White House refused to say on Thursday whether it secretly fed intelligence reports to a top Republican investigating possible coordination between Russia and the 2016 Trump campaign. Fending off growing criticism, the administration invited lawmakers from both parties to view classified material it said relates to surveillance of the president's associates.
A Brief Timeline of Devin Nunes’ Odd White House Ties (WIRED) The House Intelligence Committee chair has had himself quite a week.
Mike Flynn Offers to Testify in Exchange for Immunity (Wall Street Journal) Mike Flynn, President Donald Trump’s former national security adviser, has told the FBI and congressional committees investigating the Trump campaign’s potential ties to Russia that he is willing to be interviewed in exchange for a grant of immunity from prosecution, according to officials with knowledge of the matter.
Flynn’s Public Offer to Testify for Immunity Suggests He May Have Nothing to Say (Just Security) The Wall Street Journal is reporting that former National Security Advisor Mike Flynn told the FBI and Congress that he is willing to testify in
Meet the Midwestern Contractor That Appears Hundreds of Times in the CIA WikiLeaks Dump (The Intercept) At Northrop Grumman's Xetron, some employees were suddenly asked to take polygraph tests. The company contracts with the CIA.
