You'll find Recorded Future's new weekly podcast worth subscribing to (it's produced in partnership with the CyberWire). Recorded Future takes you inside the world of cyber threat intelligence. They're sharing stories from the trenches and the operations floor as well as giving you the skinny on established and emerging adversaries. They also talk current events, technical tradecraft, and offer up insights on the big picture issues in our industry. Join the Recorded Future team, special guests, and us, their partners from the CyberWire, to learn everything you want to know (and maybe some things you'd rather not know) about the world of cyber threat intelligence. You'll find this new podcast here.
More Signal. Less Noise.
ISIS recruiting women online. Symantec concludes Vault 7 tools were used in Longhorn campaigns. Tensions rise over Syria and Russia's involvement therein. Germany's cyber first-strike capability. Tough campaign talk on encryption in France. Word bug serves Dridex. Amazon third-party sellers under attack.
Announcements
"Inside Threat Intelligence for Cyber Security," Recorded Future's new weekly podcast
Summary
Catalan police have discovered online attempts by ISIS to actively recruit women.
Symantec has picked over recent WikiLeaks dumps and concludes that tools Vault 7 revealed were used in the Longhorn campaigns—some forty incursions into networks of sixteen countries.
The latest ShadowBrokers material, seen through the related prisms of cui bono or kto kogo, seems obviously designed to advance Russian interests in Syria, but many continue to regard the Brokers as more mysterious than Muscovite. The US and UK take a joint hardline toward Russia over Syria, to the discomfiture of some in Europe and of those who see Mr. Putin as "insecure," better dealt with therapeutically.
Germany, having formed an independent military cyber force, is said to reserve to itself a right of first strike in cyberspace.
Emmanuel Macron, candidate for the Presidency of France under the banner of the progressive, third-way movement En Marche!, makes some very tough promises to undermine widespread encryption in his proposed EU-wide struggle against terrorism.
FireEye says the Chinese group APT10 is actively hacking Indian companies for intellectual property.
The Wall Street Journal reports that an attack last July on the Union Bank of India closely resembled the phishing that compromised the Bangladesh Bank.
The zero-day vulnerability in Word being exploited in the wild is now being used to distribute the Dridex banking Trojan. (Many hope Microsoft will patch the flaw later today, but Redmond is still tight-lipped.)
Third-party sellers on Amazon are being hit with credential theft that exploits reused passwords.
Notes.
Today's issue includes events affecting Albania, Australia, Bangladesh, Bosnia-Herzegovina, Canada, Croatia, Czech Republic, Estonia, European Union, France, Georgia, Germany, India, Israel, Kosovo, Latvia, Lithuania, Macedonia, Montenegro, Netherlands, New Zealand, Nigeria, Pakistan, Russia, Serbia, Spain, Syria, United Kingdom, and United States.
On the Podcast
In today's podcast, we hear from Ben Yelin, of our partners at the University of Maryland Center for Health and Homeland Security, who discusses the rollback of ISP privacy rules. We also have a guest, Dario Forte from DFLabs, who offers skeptical observations about artificial intelligence.
Sponsored Events
Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, Apr 19, 2017) Hear stories of triumph and tribulation, advice and inspiration from some of Maryland’s diverse and dynamic female cybersecurity professionals. Join us in-person for this free event or register to view the live stream online.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
Islamic State Network Focusing On The Recruitment Of Women Detected In Catalonia (Deep Dot Web) Catalonian authorities detected a network of the Islamic State focusing on the recruitment of women ...
Symantec attributes 40 cyber attacks to CIA-linked hacking tools (Reuters) Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp (SYMC.O) said on Monday.
Longhorn: Tools used by cyberespionage group linked to Vault 7 (Symantec Security Response) First evidence linking Vault 7 tools to known cyberattacks.
Longhorn Cyber-Espionage Group Is Actually the CIA (BleepingComputer) Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries.
WikiLeaks: CIA used 'Grasshopper' framework to infect Windows users (SC Magazine US) The agency can use custom installers tailored to the version of Windows and antivirus software a user is running.
U.S. Govt. Hackers Get Burned by Online Vigilantes, Researchers (Foreign Policy) Or is Russia retaliating for President Donald Trump’s Syria strikes through one of its cyber-proxies?
Shadow Brokers return with a password and message for Trump (Naked Security) Tools offered by the group ‘apparently date back to the 1990s’
ShadowBrokers Dump More Equation Group Hacks, Auction File Password (Threatpost) The ShadowBrokers’ latest dump of Equation Group hacks focuses on UNIX systems and GSM networks, and was accompanied by an open letter to President Trump.
Shadow Brokers Release More NSA Exploits (Security Week) The hacker group calling itself “Shadow Brokers” has released another round of exploits and tools allegedly used by the NSA-linked threat actor “Equation Group,” along with a message to U.S. President Donald Trump.
US spy agency hacked Pakistani cellular networks, shows leaked data (Geo TV) Leaked arsenal of hacking tools was allegedly used by NSA
Latest Shadow Brokers exploit dump poses little threat (CSO Online) None of the new alleged NSA exploits leaked by the Shadow Brokers hacking group poses an immediate threat to users.
China-based hacker group targeting Indian firms: FireEye (The Hindu Business Line) China-based cyber espionage group APT10 has targeted a number of manufacturing companies...
Cyber attack on Union Bank of India similar to Bangladesh heist: WSJ (Reuters) A cyber attack on Union Bank of India last July began after an employee opened an email attachment releasing malware that allowed hackers to steal the state-run bank's data, the Wall Street Journal reported on Monday.
Nigeria: CBN Asks Banks to Report Cyber Crimes (allAfrica.com) Meanwhile, following a recent report that North Korean hacking operations were growing and getting bolder and increasingly targeting financial institutions in Nigeria and 17 other countries, the central bank has advised financial institutions under its regulation to always report incidents of cybercrime to the CBN.
Amazon’s Third-Party Sellers Hit By Hackers (Wall Street Journal) In recent weeks, hackers have changed the bank-deposit information on Amazon.com accounts of active third-party sellers to steal tens of thousands of dollars from each, according to several sellers and advisers.
Hackers Count on Password Reuse in Amazon Third-Party Seller Campaign (Infosecurity Magazine) Amazon’s ever-growing community of third-party sellers is being targeted by hackers, who are using stolen credentials to steal tens of thousands of dollars from the victims.
Microsoft Word 0-day used to push dangerous Dridex malware on millions (Ars Technica) Blast could give a boost to Dridex, one of the Internet's worst bank fraud threats.
Dridex malspam seen on Monday 2017-04-10 (SANS Internet Storm Center) Malicious spam (malspam) pushing the Dridex banking Trojan disappeared in mid-2016, but it reappeared in January 2017 starting with a small campaign targeting UK financial institutions [1]. Since then, we've seen a handful of reporting about Dridex, but I hadn't noticed the same large-scale distribution like we saw in 2015 and 2016. At least not until recently.
Digital Defense, Inc. Discovers Zero-Day Vulnerabilities in Riverbed Technology Performance Monitoring Platform (Yahoo! Finance) Digital Defense, Inc., a leading provider of Vulnerability Management as a Service , disclosed the discovery of four zero-day security vulnerabilities found in the Riverbed Technology SteelCentral Portal ...
Analysis of the Godzilla Botnet Loader’s Evasive Techniques (Netskope) Netskope Threat Research Labs has recently observed a spam campaign using multi-vector attack methodology. The malicious files are zipped and sent in an email as an attachment.
Breaking Signal: A Six-Month Journey (Threatpost) Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.
IBM Discovers Mirai IoT Botnet Deploying Bitcoin Mining Payload (eWEEK) IBM security researchers discover a variant of the Mirai IoT botnet that is being used as a bitcoin mining operation.
Mirai, The Infamous Internet of Things Army, Can Now Mine Bitcoin (CoinDesk) A new version of an infamous botnet has been detected – and this version is equipped to mine bitcoin.
Epic Fail: TP-Link 3G Router Spews Admin Password via SMS (BleepingComputer) A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router's SIM card with a particular script inside, according to German security researcher Jan Hörsch.
Sicherheitsforscher: IoT-Hersteller machen es Bugjägern unnötig schwer (Heise online) Ein Sicherheitsexperte hat nicht nur diverse Bugs in Kameras, NAS-Laufwerken, mobilen Routern oder einem Retinascanner gefunden, sondern auch dokumentiert, wie wenig die betroffenen Hersteller mit solchen Meldungen anfangen können.
BrickerBot malware zeroes in on Linux-based IoT devices (Naked Security) BrickerBot is a reminder that the frequency and complexity of Linux malware is on the rise
Hard-coded passwords put industrial systems at risk (Naked Security) Schneider Electric held up its hands to the revelation that it was hardcoding passwords into its equipment, but the problem goes beyond one vendor
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks (Talos Intelligence Blog) Industrial Control Systems provide stability to civilization. They clean our water, deliver our power, and enable the physical infrastructure that we have learnt to rely on. Industrial Control Systems are also highly prevalent in manufacturing. They're the robots who build your cars and assemble T.V's, they're the forklifts that ship your e-commerce purchases. As factories, utilities, and other industrial companies shift to a modern industrial infrastructure, it's vital that those processes and devices remain safe from attackers.
FDA, industry fear wave of medical-device hacks (TheHill) Regulators and medical-device-makers are bracing for an expected barrage of hacking attacks even as legal and technical uncertainties leave them in uncharted territory.
Hospitals put your data at risk, study finds (MSUToday) Lying in a hospital bed, the last thing you should have to worry about is a personal data breach. Yet recent research co-authored by an MSU business scholar found nearly 1,800 occurrences of large data breaches in patient information over a seven-year period.
Rise in hospital cyber attack reports (BBC News) Ransomware attacks on hospitals have become more common, according to internet security experts.
270,000 customers affected in UK loan firm Wonga data breach (Help Net Security) Personal and financial data of some 270,000 customers of UK payday loan firm Wonga have likely been pilfered in a data breach.
WONGA: Response Needed To Protect Longevity Of Company (Information Security Buzz) Following the news that Wonga, the payday lender has experienced a data breach that may affect up to ‘245,000 UK customers’, IT security experts from SailPoint, McAfee, ViaSat Europe, Tenable Network Security, ESET, Micro Focus and Netskope commented below.
Cyber Attack 101: Criminals Go After U.S. Universities (SIGNAL Magazine) Cyber criminals are hacking and sharing millions of U.S. university email addresses and passwords on the dark web.
Hack of emergency siren system kept Dallas citizens up for hours (Help Net Security) When 156 emergency sirens in Dallas started wailing around midnight last Friday, the city's 911 line was flooded with calls by panicked citizens.
That Dallas Siren Hack Wasn’t Novel—It Was Just Really Loud (WIRED) Emergency alert systems get hacked all the time. Consider this one a wake-up call.
Smart cities are going to need to overcome their dumb security (MIT Technology Review) A hack that activated hurricane sirens in Dallas is a harmless warning about a far more serious problem.
Cyber Trends
Network teams spend more time on data security amidst new threats (Help Net Security) Enterprise network teams are expending more time and resources than ever before to battle security threats, according to Viavi Solutions.
Cyber insecurity is pervasive, citizens feeling concerned and vulnerable (Help Net Security) More than three-quarters of U.S. citizens (79 percent) are concerned about the privacy and security of their personal digital data.
Takeaways From the EWI Cyberspace Cooperation Summit (Council on Foreign Relations) On March 14-16, the EastWest Institute (EWI), in partnership with the University of California, Berkeley Center for Long-Term Cybersecurity, hosted a summit featuring over 200 government officials, industry experts, academics, and activists from 30 countries.
Staff complacency among biggest risks to organisations (Misco) Staff complacency is among the biggest threats to an organisation's cyber-security, a new study has found.
Marketplace
John McAfee kicked off NYSE stage at Cyber Investing Summit due to security concerns (CSO Online) John McAfee told he’s a “security risk” and won’t be allowed to keynote an event at The New York Stock Exchange.
Cloud security vendor Okta hits $2bn valuation after IPO (CRN) Vendor expected to see greater success in Europe as GDPR approaches,Security ,Okta
PAS Announces $40 Million Investment to Fuel Its Industrial Control System Cybersecurity Business (PAS) Record ICS cybersecurity investment by Tinicum will accelerate corporate growth
Security startup Synack scores $21 M investment from Microsoft, HPE and Singtel (TechCrunch) Synack, a startup that combines software security tools with a network of white-hat hackers to help keep its customers secure, announced a $21.25 million..
Revenue Growth Prospects And The Residual Income Model Suggest IBM's Rally Will Continue (Seeking Alpha) IBM's stock has gained momentum over the last year. The case for growing revenues through strategic imperatives is strengthening.
Intel Trims Business, Sells Majority Stake in Security Unit (ARC) Intel is spinning off its McAfee cybersecurity unit in a deal worth $4.2 billion, just six years after acquiring the company for $7.6 billion. Intel Corp INTC has finally completed the divestiture of its majority stake in Intel Security division to alternative asset fund manager TPG. The newly spun-off unit has been renamed McAfee, with TPG holding 51 percent stake.
Huawei to spin off cloud business into separate unit - Mobile World Live (Mobile World Live) Huawei stepped up its already strong commitment to the ...
Following visit, Dutch cyber companies want to expand business to Maryland (Baltimore Business Journal) Five cybersecurity companies from the Netherlands "soft landed" in the state as part of a cooperative temporary exchange program through the Maryland Department of Commerce.
Ken Ferderer, Managing Partner of InnoVacient, Selected to Judge Inaugural Maryland Cyber Event (PRNewswire) Ken Ferderer, InnoVacient's Managing Partner, was selected by the...
Malvern company looking to grow and expand with launch of new cyber security product (Worcester News) A Malvern company is hoping to grow and expand with the launch of its latest ground-breaking cyber security product.
HackerOne Strengthens Presence in Europe Amid Growing Demand for Hacker-Powered Security (Businesswire) HackerOne, the world’s leading bug bounty and vulnerability disclosure platform, today announced the expansion of its presence in Europe amid ac
Secure Data Technologies Grows Cisco Practice, Establishes Largest CCIE Delivery Team in St. Louis (Yahoo! Finance) Secure Data Technologies, Inc. (Secure Data) continues its growth in St. Louis, to now include the area's largest and most decorated Cisco delivery team.
QuintessenceLabs Selected as One of 20 High-Potential Businesses of Tomorrow by Westpac (Yahoo! Finance) QuintessenceLabs announced it was selected as one of the top 20 high-potential businesses as part of the Westpac Businesses of Tomorrow program, which selects 200 Australian businesses shaping Australia's ...
National Technical Information Service Names Booz Allen Hamilton among Initial Partners for Joint Venture Program (BusinessWire) The National Technical Information Service (NTIS) has named Booz Allen Hamilton among initial partners for its new Joint Venture Program.
Gary Hayslip Joins Webroot as Chief Information Security Officer (Webroot) Hayslip Brings Expert Focus on Securing the “Internet of Everything” to Webroot’s Portfolio of Security
Farsight Security Expands Executive Team to Accelerate Company Growth (Yahoo! Finance) Following a record-breaking Q1 2017, Farsight Security, Inc., provider of the world’ s largest real-time DNS threat intelligence, today announced the company has expanded ...
Products, Services, and Solutions
Announcement: New Threat Intelligence Podcast Series (Recorded Future) Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence with our new podcast series.
LookingGlass Cyber Solutions Receives Coveted 5-Star Rating in CRN’s 2017 Partner Program Guide (Yahoo! Finance) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that CRN®, a brand of The Channel Company, has given LookingGlass a 5-Star rating in its 2017 Partner Program Guide.
Malwarebytes Receives CRN 2017 Partner Program Guide 5-Star Rating (Yahoo! Finance) Malwarebytes™, the leading advanced malware prevention and remediation solution, announced today that CRN, a brand of The Channel Company, gave Malwarebytes a 5-Star rating in its 2017 Partner Program Guide.
Distil Networks Launches Free Calculator to Quantify Risk of Bad Bots (Yahoo! Finance) Distil Networks, the global leader in bot detection and mitigation, today announced the availability of The Bad Bot Risk Calculator, an interactive tool designed to help organizations understand and quantify ...
VergX Partners with Versa Networks to offer Network-as-a-Service (NaaS) to MSPs and Resellers (Yahoo! Finance) VergX today announced that it has partnered with Versa Networks to create a turnkey software-defined WAN and security solution for managed service providers and resellers. Leveraging Versa's cloud-native ...
OneStream Chooses Versa Networks for SD-WAN, Security (Channel Partners) OneStream Networks is using Versa Networks to power its SD-WAN and security solutions.
Travelers Offers Customers Cybersecurity Services from Symantec™ (Yahoo! Finance) The Travelers Companies, Inc. today announced that it is making pre-breach cybersecurity services from Symantec Corp. available to eligible Travelers cyber policyholders.
Zurich Insurance signs deal with BAE to target fraud (The Irish Times) NetReveal system uses data analytics to uncover hidden links and potential fraud
Experian to Leverage BioCatch Behavioral Biometrics in Anti-Fraud Platform (FindBiometrics) Credit information specialist Experian will integrate BioCatch's behavioral biometrics technology into its CrossCore identity security platform...
Authentic8 wants to protect users from bad websites (Network World) Authentic8's secure web gateway for Silo lets organizations selectively redirect URLs for safe rendering within an isolated browser.
PlanetRisk and SurfWatch Labs Partner to Help Organizations Manage Their Expanding Digital Risk Footprint (Newswire) Combining strategic and operational cyber threat intelligence with enterprise risk analytics to provide holistic view of threats to digital and physical assets
Security provider Zenedge launches mega-POPs in Equinix data centers (Data Center News) Cloud-based security provider ZENEDGE has invested mega points-of-presence (Mega POPs) in data centers across Asia, Europe, the US and Canada.
Microsoft ignores ransomware in Windows 10 push (iTWire) A new study commissioned by Microsoft and carried out by Forrester Research claims that deploying Windows 10 in a hypothetical organisation will lead...
ESET adds Anyware Corporation to its Australian distributors lineup (CRN Australia) Harris Technology subsidiary gets broad access to licensing and support.
Use Email to Manage Threat Intelligence Collections (Security Intelligence) The IBM X-Force Exchange includes an email inbox feature that cuts down on information overload and enables analysts to easily share threat intelligence.
Canadian Web Hosting Deploys Imunify360 to Protect and Secure Linux Servers (Yahoo! Finance) With Imunify360, Canadian Web Hosting customers will immediately benefit from Imunify360's enhanced threat detection capabilities, including an advanced self-learning firewall, as well as integrated malware scanning engine for detecting and removing malware from websites before they get blacklisted
New Guide Details How to Prevent Cyberattacks (Yahoo! Finance) The digital Cybersecurity Guide 2017 produced by OnCourse Learning Financial Services offers insider knowledge from various leading cybersecurity experts ...
Technologies, Techniques, and Standards
HTTPS Certificate Issuance Becomes More Secure Thanks to New CAA Standard (BleepingComputer) Last week, the CA/Browser Forum voted to implement CAA mandatory checks before the issuance of new SSL/TLS certificates, as a measure to prevent the misissuance of HTTPS certificates.
ICAO stresses need for cyber resilience (Air Transport World) The president of the ICAO Council, Olumuyiwa Benard Aliu, has welcomed a declaration restating the air transport sector’s commitment and unity toward achieving resilience against cyber attacks.
Assessing the Mind of the Malicious Insider: Using Behavioral Model and Data Analytics to Improve Continuous Evaluation (INSA) The model in this paper assumes that an initially loyal employee does not suddenly transform into a malicious insider.
RiskSec NY speaker: More than threat intel (SC Magazine US) LCRA's Dax Streater asks: Isn't there more to sharing than threat intel feeds?
Advanced Malware Detection - Signatures vs. Behavior Analysis (Infosecurity Magazine) Both signature and behavior-based malware detection are important and have advantages.
Setting Up Security as a Business: 3 Best Practices for Security Execs (Dark Reading) Security leaders need to show they provide more than stop-the-bad guys services. Here's how.
Tax Scams Are Absurdly Common. Here’s How to Protect Yourself (WIRED) Tax fraud is a free-for-all, it's time to take back some control.
Research and Development
Computer scientist Adam Smith wins 2017 Gödel Prize (Penn State News) Adam Smith, a computer science and engineering professor for the School of Electrical Engineering and Computer Science at Penn State, has been awarded the 2017 Gödel Prize for his 2006 paper, “Calibrating noise to sensitivity in private data analysis,” which introduced the concept of differential privacy. Smith shares the award with co-authors Cynthia Dwork, Frank McSherry and Kobi Nissim.
Researchers demonstrate how PINs and other info can be gathered through phone movement (TechCrunch) A team of researchers at Newcastle University in the UK has published a paper highlighting some troubling findings linking on-board sensors with privacy..
Similarities in partial fingerprints may trick biometric security systems (Help Net Security) Researchers have found that partial similarities between prints are common enough that the fingerprint-based security systems can be vulnerable.
Academia
CyberPatriot National Winners Receive Northrop Grumman Scholarships (SIGNAL Magazine) The Northrop Grumman Foundation awarded $50,000 in scholarships to high school teams that excelled at the CyberPatriot IX National Finals competition this week in Baltimore.
NSA awards UWF Center for Cybersecurity with designation (Pensacola News Journal) The university's Center for Cybersecurity has been selected as the NSA's regional resource center for the Southeast.
Fortinet Promotes Local Cybersecurity Education to Address Skills Gap in ANZ (CSO) Jon McGettigan, Senior Director, Australia, New Zealand and the Pacific Islands at Fortinet “Offering cybersecurity education to the public for free has significant importance for countries like Australia and New Zealand, where there's a high adoption of new technologies and IT security awareness in everyday life has become an essential skill.
MIT, Manipal and MITE, Moodbidri emerge winners in Unisys technical contest (Nyooz) In addition to the cash prize, Unisys will also offer the finalists internship and job opportunities, subject to winners' eligibility and open positions within the company.
Israeli cyberspace needs more women (Haaretz) Israel needs women to join the high-tech workforce, and the recruitment stage starts in schools
Legislation, Policy and Regulation
French presidential candidate Macron talks tough on tech firms over terrorism (TechCrunch) French presidential candidate Emmanuel Macron has become the latest high profile European politician to threaten U.S. tech companies over their use of..
Make Encryption Ubiquitous, Says Internet Society (Infosecurity Magazine) Make Encryption Ubiquitous, Says Internet Society. Non-profit responds to political backlash against privacy-enhancing tech
McMaster Urges Russia to Rethink Syria (Real Clear Defense) President Donald Trump's national security adviser is calling on Russia to re-evaluate its support for Syrian President Bashar Assad, leaving open the possibility of additional...
The Balkans Will Be America and Russia's Next (Virtual) Battlefield (The National Interest) If Putin wants to stir up trouble anywhere else, it’s the obvious place to start.
Squaring up leaves Putin no way to save face (Times (London)) A superbly sinister Reagan campaign ad from 1984 shows a bear stalking through undergrowth. Over the drum of a heartbeat a gravelly voice warns: “There is a bear in the woods. For some people the...
Germany Considers First-Strike Cyber-Attacks (Infosecurity Magazine) The capability would be used against those targeting critical infrastructure, said minister Thomas de Maiziere
First round of email records reporting holds mirror to agencies' management practices (FederalNewsRadio.com) Agencies were scored for how easy it is to find and use email records, established email policies, and employee training.
Rollback of FCC privacy requirements could have broad repercussions (CSO Online) Last week's roll-back of FCC privacy regulations was good news for ISPs and marketers and bad news for privacy advocates. But the decision could also have an impact on enterprise cybersecurity, experts say
FCC nixes proposal that would’ve allowed cellphone calls on planes (TechCrunch) The Federal Communications Commission doesn't want to hear you gabbing on your smartphone while on commercial flights. FCC Chairman Ajit Pai wants some quiet..
Litigation, Investigation, and Enforcement
C.I.A. Had Evidence of Russian Effort to Help Trump Earlier Than Believed (New York Times) Former government officials said the agency told senior lawmakers last summer that it had information indicating that Russia was working to help get President Trump elected.
Mounties admit to using cellphone-snooping ‘stingrays’ (Naked Security) But other spying devices placed at Montreal’s Trudeau airport and near Parliament in Ottawa nothing to do with government, says minister
Detailing the Adaptive Defense Model for Cyber Security (FireEye) FireEye and the European Law Enforcement Agency (Europol) offer an Adaptive Defense approach to help organizations prevent, protect against and remediate cyber attacks in a diverse, coordinated and agile manner.
US dismantles Kelihos botnet after Russian hacker's arrest (CSO Online) The arrest last week of a Russian man in Spain was apparently for his role in a massive spam botnet and not related to an ongoing investigation into foreign tampering with last year's U.S. election.
Arrest of Russian national in Spain NOT linked to US election hacking (Computing) The only elections Levashov may have tried to 'hack' are Russian ones
Extradition Hearing Expected Soon for Alleged LinkedIn, DropBox Hacker (Dark Reading) Yevgeniy Nikulin is wanted in the US for breaches involving LinkedIn Corp, Dropbox, and Formspring.
Top tip for botnet overlords: Don't vacation in countries that can extradite you to the United States (WeLiveSecurity) There's no doubt that a life of cybercrime can earn its most successful overlords a considerable amount of money, but you will always have to live with the fear that you could be apprehended and - if convicted - spend years in prison.
Twitter Wins Free Speech Battle After DHS Backs Down (Infosecurity Magazine) Twitter Wins Free Speech Battle After DHS Backs Down. Government had requested info on Trump critic
Qualcomm says Apple broke contract, hindered performance of its chipsets (Ars Technica) Chipmaker demands "fair value for our technological contributions to the industry."
Schoolboy cyber criminal aged just 13 tracked down by police (Birmingham Mail) Specialist team has investigated 24 cases - involving 300,000 offenders
Industry Events
upcoming Events
cybergamut Technical Tuesday – 18 April 2017 – Operationalizing Deception for Advanced Breach Detection by Joe Carson of TrapX Security (Elkridge, Maryland, USA, Apr 18, 2017) Organizations continue to struggle with visibility of lateral movement inside their networks. When prevention technologies fail to stop the initial breach, an independent network based technology is needed to provide this visibility. Operationalizing deception as part of an organization’s overall cyber defense provides exemplary early breach detection when preventative controls fail. It is a well-known adage that the defender must be right 100% of the time and the attacker must be right only once. When deception is deployed throughout an organization, now the attacker must be right 100% of the time. This session will discuss the different aspects of deception, and how they are applied. It will show the value of establishing a deception strategy that approaches it holistically. The event will be available at Elkridge and Calverton, Maryland, Middletown, New Jersey, and other cybergamut nodes.
Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, Apr 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.
ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, Apr 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.
International Conference on Cyber Engagement 2017 (Washington, DC, USA, Apr 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.
SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, Apr 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.
(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, Apr 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.
Defence Information 2017 (Cranfield, England, UK, Apr 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.
Defence Information 2017 (Cranfield, England, UK, Apr 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.
Crimestoppers Conference (Eden Project, Bodelva, St Austell , Apr 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances
Atlantic Security Conference (Halifax, Nova Scotia, Canada, Apr 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.
SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.
cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.
Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)
OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.
SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.
OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.
EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.
K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.
Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.
Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.
PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.
2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.
Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.
SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.
Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.
Sponsor & Support
Grow your brand, generate leads, and fill your funnel.
With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.