You'll find Recorded Future's new weekly podcast worth subscribing to (it's produced in partnership with the CyberWire). Recorded Future takes you inside the world of cyber threat intelligence. They're sharing stories from the trenches and the operations floor as well as giving you the skinny on established and emerging adversaries. They also talk current events, technical tradecraft, and offer up insights on the big picture issues in our industry. Join the Recorded Future team, special guests, and us, their partners from the CyberWire, to learn everything you want to know (and maybe some things you'd rather not know) about the world of cyber threat intelligence. You'll find this new podcast here.
ISIS recruiting women online. Symantec concludes Vault 7 tools were used in Longhorn campaigns. Tensions rise over Syria and Russia's involvement therein. Germany's cyber first-strike capability. Tough campaign talk on encryption in France. Word bug serves Dridex. Amazon third-party sellers under attack.
Catalan police have discovered online attempts by ISIS to actively recruit women.
Symantec has picked over recent WikiLeaks dumps and concludes that tools Vault 7 revealed were used in the Longhorn campaigns—some forty incursions into networks of sixteen countries.
The latest ShadowBrokers material, seen through the related prisms of cui bono or kto kogo, seems obviously designed to advance Russian interests in Syria, but many continue to regard the Brokers as more mysterious than Muscovite. The US and UK take a joint hardline toward Russia over Syria, to the discomfiture of some in Europe and of those who see Mr. Putin as "insecure," better dealt with therapeutically.
Germany, having formed an independent military cyber force, is said to reserve to itself a right of first strike in cyberspace.
Emmanuel Macron, candidate for the Presidency of France under the banner of the progressive, third-way movement En Marche!, makes some very tough promises to undermine widespread encryption in his proposed EU-wide struggle against terrorism.
FireEye says the Chinese group APT10 is actively hacking Indian companies for intellectual property.
The Wall Street Journal reports that an attack last July on the Union Bank of India closely resembled the phishing that compromised the Bangladesh Bank.
The zero-day vulnerability in Word being exploited in the wild is now being used to distribute the Dridex banking Trojan. (Many hope Microsoft will patch the flaw later today, but Redmond is still tight-lipped.)
Third-party sellers on Amazon are being hit with credential theft that exploits reused passwords.
Today's issue includes events affecting Albania, Australia, Bangladesh, Bosnia-Herzegovina, Canada, Croatia, Czech Republic, Estonia, European Union, France, Georgia, Germany, India, Israel, Kosovo, Latvia, Lithuania, Macedonia, Montenegro, Netherlands, New Zealand, Nigeria, Pakistan, Russia, Serbia, Spain, Syria, United Kingdom, and United States.
In today's podcast, we hear from Ben Yelin, of our partners at the University of Maryland Center for Health and Homeland Security, who discusses the rollback of ISP privacy rules. We also have a guest, Dario Forte from DFLabs, who offers skeptical observations about artificial intelligence.