Category Archives: [ISN] Infosec News – Email Archive

[ISN] Newly Fired CEO Of Norse Fires Back At Critics

www.darkreading.com/threat-intelligence/newly-fired-ceo-of-norse-fires-back-at-critics-/d/d-id/1324195 By Jai Vijayan DarkReading.com 2/4/2016 Critics maintain that Norse Corp. is peddling threat data as threat intelligence. A massive and potentially company-ending shakeup at security vendor Norse Corp. in recent weeks amid controversy over its practices may be a signal that the threat intelligence industry is finally maturing. KrebsonSecurity last week reported that Norse had fired its CEO Sam Glines after letting go some 30% of its staff less than a month earlier. The blog quoted unnamed sources as saying Norse’s board of directors had asked board member Howard Bain to take over as an interim CEO. The remaining employees at the Foster City, Calif.-based threat intelligence firm were apparently informed they could continue showing up for work, but there would be no guarantee they would be paid, KrebsonSecurity reported. Shortly thereafter, Norse’s website went dark and remained unavailable through the week


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How to secure containers and microservices

www.infoworld.com/article/3029772/cloud-computing/how-to-secure-containers-and-microservices.html By Jim Reno InfoWorld.com Feb 4, 2016 A few weeks ago on a Saturday morning I tried to pay a medical bill online and received the following message: Sorry! In order to serve you better, our website will be down for scheduled maintenance from Friday 6:00 PM to Sunday 6:00 PM. OK, I get it. Stuff happens. However, the following week I was greeted with the same message. Two weekends in a row means 48 hours of downtime over two weeks. Even if that’s the only downtime for the year, that means an availability of 98.9 percent


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] The Former Federal Employee Who Tried to Launch a Cyberattack on Nuclear Scientists

www.nextgov.com/cybersecurity/2016/02/former-federal-employee-who-tried-launch-cyberattack-nuclear-scientists/125694/ By Kaveh Waddell The Atlantic February 4, 2016 A nuclear scientist formerly employed by the federal government admitted Tuesday that he tried to infect the computers of about 80 government employees whom he believed had access to nuclear materials and weapons. According to court documents released by the Justice Department, the scientist, Charles Eccleston, pleaded guilty to one count of attempted unauthorized access to a protected computer. Until he was fired in 2011, Eccleston worked for the Nuclear Regulatory Commission, a federal agency that oversees civilian use of radioactive materials. During his time at the commission, he held a security clearance in order to work on nuclear-energy issues, according to the documents. A year after his federal government job ended, he moved to Manila, the capital of the Philippines. In 2013, Eccleston went to the Manila embassy of an unidentified foreign country, and offered to sell foreign officials a list of thousands of federal employees’ email accounts for $18,800. He said the addresses were “top secret” and used for official communication. As a negotiating ploy, he said he would take the list to China, Venezuela, or Iran if the embassy didn’t want them. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] IoT risks raise concerns among IT specialists in central and eastern Europe

www.computerweekly.com/news/4500272253/IoT-risks-raise-concerns-among-IT-specialists-in-CEE By Krzysztof Polak ComputerWeekly.com 04 Feb 2016 The internet of things (IoT) has gone from an industry buzzword to a highly promising phenomenon in central and eastern Europe – but IT specialists are concerned about how to protect networks from the extra strain of new connected devices. The driving force behind IoT is the desire to gain knowledge and insights about, for example, buildings, cars, industrial installations, healthcare, aviation and civil infrastructure, using smart and connected devices. But according to Sylwester Chojnacki, director, enterprise business group at Huawei CEE, the designers of IoT equipment have not learned the lessons from the early years of internet development. “They do not pay sufficient attention to the safety of devices and applications,” he said. IoT devices are often the first target in cyber attacks, leading to intrusions into computer systems and large databases. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] New centre to help Singapore boost cyber security

www.straitstimes.com/singapore/new-centre-to-help-spore-boost-cyber-security By Lim Yan Liang The Straits Times Feb 4, 2016 Singapore will face more cyber attacks as technology is increasingly used in everyday life, from smart traffic lights and driverless trains to the ubiquitous smartphones. The greater risk, which is inevitable as Singapore pushes to be a Smart Nation, was flagged yesterday by the managing director of the Infocomm Development Authority (IDA), Ms Jacqueline Poh, noting the rise in the United States of such security incidents involving its critical infrastructures. To address the danger, Singapore plans to give existing measures a further boost. One is the introduction of a Cyber Security Bill in Parliament later this year to give the 11-month-old Cyber Security Agency greater powers to secure Singapore’s critical information infrastructure. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NSA Hacker Chief Explains How to Keep Him Out of Your System

www.wired.com/2016/01/nsa-hacker-chief-explains-how-to-keep-him-out-of-your-system/ By Kim Zetter Security Wired.com 1/28/2016 IT WAS THE talk most anticipated at this year’s inaugural Usenix Enigma security conference in San Francisco and one that even the other speakers were eager to hear. Rob Joyce, the nation’s hacker-in-chief, took up the ironic task of telling a roomful of computer security professionals and academics how to keep people like him and his elite corps out of their systems. Joyce is head of the NSA’s Tailored Access Operations—the government’s top hacking team who are responsible for breaking into the systems of its foreign adversaries, and occasionally its allies. He’s been with the NSA for more than 25 years but only became head of the TAO division in April 2013, just weeks before the first leaks from Edward Snowden were published by the Guardian and Washington Post. Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NSA Hacker Chief Explains How to Keep Him Out of Your System

www.wired.com/2016/01/nsa-hacker-chief-explains-how-to-keep-him-out-of-your-system/ By Kim Zetter Security Wired.com 1/28/2016 IT WAS THE talk most anticipated at this year’s inaugural Usenix Enigma security conference in San Francisco and one that even the other speakers were eager to hear. Rob Joyce, the nation’s hacker-in-chief, took up the ironic task of telling a roomful of computer security professionals and academics how to keep people like him and his elite corps out of their systems. Joyce is head of the NSA’s Tailored Access Operations—the government’s top hacking team who are responsible for breaking into the systems of its foreign adversaries, and occasionally its allies. He’s been with the NSA for more than 25 years but only became head of the TAO division in April 2013, just weeks before the first leaks from Edward Snowden were published by the Guardian and Washington Post. Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Word up: BlackEnergy SCADA hackers change tactics

www.theregister.co.uk/2016/01/28/blackenergy_tv_station_attack/ By John Leyden The Register 28 Jan 2016 A new BlackEnergy spear-phishing campaign is targeting more Ukrainian firms, including a television channel. A spear-phishing document found by Kaspersky Lab analysts mentions the far-right Ukrainian nationalist political party “Right Sector” and appears to have been used in an attack against a popular television channel in Ukraine. Ukrainian TV station “STB” was previously named as a victim of the BlackEnergy Wiper attacks in October 2015. The Russian-speaking BlackEnergy APT group are notoriously blamed for malware-based attacks against utilities that led to short power outages in the days before Christmas. The BlackEnergy APT group has been actively using spear-phishing emails carrying malicious Excel documents with macros to infect computers in a targeted network since the middle of last year. However, in January this year, Kaspersky Lab researchers discovered a new malicious document which infects the system with a BlackEnergy Trojan. Unlike the Excel documents used in previous attacks, this was a Microsoft Word document. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail