Tag Archives: Trend

[ISN] Russian cyberspies targeted the MH17 crash investigation

www.networkworld.com/article/2996762/russian-cyberspies-targeted-the-mh17-crash-investigation.html By Lucian Constantin IDG News Service Oct 23, 2015 A Russian cyberespionage group that frequently targets government institutions from NATO member countries tried to infiltrate the international investigation into the crash of Malaysia Airlines Flight 17 (MH17). MH17 was a passenger flight from Amsterdam to Kuala Lumpur that crashed in eastern Ukraine close to the Russian border on 17 July, 2014. All 283 passengers and 15 crew members lost their lives. The Dutch Safety Board led an international investigation into the incident and released a final report on Oct. 13, concluding that the Boeing 777-200 aircraft was shot down by a warhead launched from a Russian-built Buk missile system. Security researchers from Trend Micro have found evidence that a cyberespionage group dubbed Pawn Storm, which has long been suspected to have ties to the Russian intelligence services, has targeted the Dutch Safety Board before and after the MH17 report was finalized. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Salted Hash: Live from DerbyCon 5.0 (Day 2)

http://www.csoonline.com/article/2986800/security-awareness/salted-hash-live-from-derbycon-5-0-day-2.html By Steve Ragan Salted Hash CSO Online Sept 26, 2015 It’s Day two at DerbyCon, which is actually the day that most of the action takes place. This weekend has already seen some impressive talks, but today promises to be interesting with talks running the full spectrum of InfoSec, from medical device research, AppSec, and social engineering. This post is being written at 0900, which is early for a hacker conference, but people are slowly starting to gather, as the picture shows. So far this weekend, Salted Hash has posted various conversation starters along with general updates, so today’s post will continue that slight trend. The idea for the topic came out of a technical failure on your faithful reporter’s part yesterday. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FBI director: Ability to unlock encryption is not a ‘fatal’ security flaw

https://www.washingtonpost.com/world/national-security/fbi-director-ability-to-unlock-encryption-is-not-a-fatal-security-flaw/2015/09/10/6dd0ac8e-57fc-11e5-8bb1-b488d231bba2_story.html By Ellen Nakashima The Washington Post September 10, 2015 In the tug of war between the government and U.S. companies over whether firms should hold a key to unlock encrypted communications, a frequent argument of technologists and privacy experts is that maintaining such a key poses a security threat. But on Thursday, FBI Director James B. Comey pointed out that a number of major Internet companies do just that “so they can read our e-mails and send us ads.” And, he said: “I’ve never heard anybody say those companies are fundamentally insecure and fatally flawed from a security perspective.” Comey was airing a new line of government argument in the year-old public debate over the desirability of compelling Internet companies to provide a way for law enforcement to have access to decrypted communications. Although he didn’t name names, he was alluding to major e-mail providers Google and Yahoo, which both encrypt customers’ e-mails as they fly between servers, but decrypt them once they land in order to scan them and serve customers relevant ads. Comey, who spoke at a cyberthreats hearing held by the House Intelligence Committee, has been a leading voice advancing the concerns of law enforcement that the growing trend of strong encryption — where devices and some communications are encrypted and companies do not hold the keys to decode them — will increasingly leave criminal investigators in the dark. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Fake EFF site serving espionage malware was likely active for 3+ weeks

http://arstechnica.com/security/2015/08/fake-eff-site-serving-espionage-malware-was-likely-active-for-3-weeks/ By Dan Goodin Ars Technica Aug 28, 2015 A spear-phishing campaign some researchers say is linked to the Russian government masqueraded as the Electronic Frontier Foundation in an attempt to infect targets with malware that collects passwords and other sensitive data. The targeted e-mails, which link to the fraudulent domain electronicfrontierfoundation.org, appear to be part of a larger campaign known as Pawn Storm. Last October, researchers at security firm Trend Micro brought the campaign to light and said it was targeting US military, embassy, and defense contractor personnel, dissidents of the Russian government, and international media organizations. Last month, Trend Micro said the espionage malware campaign entered a new phase by exploiting what then was a zero-day vulnerability in Oracle’s widely used Java browser plugin. Separate security firm FireEye has said the group behind the attacks has ties to Russia’s government and has been active since at least 2007. EFF staff technologist Cooper Quintin wrote in a blog post published Thursday that the round of attacks involving the electronicfrontierfoundation.org site may have the ability to infect Mac and Linux machines, as well as the normal Windows fare. On Windows, the campaign downloads a payload known as Sednit that ultimately installs a keylogger and other malicious modules. Its use of the same path names, Java payloads, and Java exploits found in last month’s campaign mean it’s almost certainly the work of the same Pawn Storm actors that struck last month. Quintin wrote: […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cybercom: Big Data Theft at OPM, Private Networks is New Trend in Cyber Attacks

http://freebeacon.com/national-security/cybercom-big-data-theft-at-opm-private-networks-is-new-trend-in-cyber-attacks/ By Bill Gertz Washington Free Beacon July 27, 2015 The commander of U.S. Cyber Command said last week that the Office of Personnel Management hack of millions of records of federal workers shows a new trend toward using Big Data analytics for both nation-state and criminal cyber attacks. “One of the lessons from OPM for me is we need to recognize that increasingly data has a value all its own and that there are people actively out there interested in acquiring data in volumes and numbers that we didn’t see before,” said Adm. Mike Rogers, the Cyber Command commander and also director of the National Security Agency. The theft of 22.1 million federal records, including sensitive background information on millions of security clearance holders, will assist foreign nations in conducting future cyber attacks through so-called “spear-phishing,” Rogers said, declining to name China as the nation state behind the OPM hacks. Additionally, China is suspected in the hack uncovered in February of 80 million medical records of the health care provider Anthem, which would have given it access to valuable personal intelligence that can be used to identify foreign spies and conduct additional cyber attacks. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Cool Vendors in Security Intelligence, 2015

Cool Vendors in security intelligence offer highly innovative technologies that address an organization’s demand for data-driven analytics, techniques in obfuscation and deception, and advanced detection solutions. CISOs should use this research when evaluating technology trends for planning. … illusivenetworks.com ) Analysis by Avivah Litan and Lawrence Pingree Why Cool: Illusive networks offers advanced attack deception … California ( trapx.com ) Analysis by Craig Lawson, Lawrence Pingree and Oliver Rochford Why Cool: TrapX Security is …

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Premera Blue Cross hack exposes 11M

http://www.healthcareitnews.com/news/premera-blue-cross-hack-exposes-data-11m By Mike Miliard Healthcare IT News March 18, 2015 In what looks to be becoming a trend, another health plan has been targeted with a “sophisticated cyberattack,” with hackers gaining access to the financial and medical information of 11 million members. Washington state-based Premera Blue Cross, a not-for-profit plan whose corporate clients include Pacific Northwest giants Microsoft and Starbucks, announced the breach, which was detected in January, on March 17. The attackers – who some have suggested may be the same Chinese spies suspected in the massive Anthem breach revealed this past month, gained access to to a plethora of personal data. The Anthem breach compromised the information of nearly 80 million people. “That information could include names, dates of birth, addresses, telephone numbers, email addresses, Social Security numbers, member identification number, medical claims information and financial information,” according to Premera. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] CFP: IEEE/ACM ASONAM 2015 — Paris, France, August 25-28, 2015 IEEE/ACM ASONAM 2015

Forwarded from: Sarah Sumarland The 2015 IEEE/ACM International Conference on Advances in Social Network Analysis and Mining Paris, France, August 25-28, 2015 http://asonam.cpsc.ucalgary.ca/2015/ Dear Colleague, You are invited and highly encouraged to consider submitting your high quality original manuscripts to the flagship venue and premier conference in the area of social network analysis and mining (ASONAM 2015) or one of the co-located events on health informatics and bioinformatics, open source intelligence and security informatics, big data analytics, in addition to a number of tracks and workshops. See below for the detailed links. All types of submissions are welcome, including full papers, short papers, extended abstracts, posters, demos. You may consider one of the following options: Main Research Papers Track: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/ Industrial Track: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/CFPInd.php http://asonam.cpsc.ucalgary.ca/2015/CPFP.php PhD Forum and Posters Track: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/CPFP.php Multidisciplinary Track: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/CFPMulti.php Exhibitions and Demos Track: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/CPED.php Tutorials: For more information visit: http://asonam.cpsc.ucalgary.ca/2015/CFT.php FOSINT-SI 2015: The 2015 International Symposium on Foundations of Open Source Intelligence and Security Informatics; Paris, France, August 26-27, 2015. For more information visit: http://fosint-si.cpsc.ucalgary.ca/2015/ HI-BI-BI 2015: The 2015 International Symposium on Network Enabled Health Informatics, Biomedicine and Bioinformatics, Paris, France, August 26-27, 2015. For more information visit: http://hi-bi-bi.cpsc.ucalgary.ca/2015/ FAB 2015: The 2015 International Symposium on Foundations and Applications of Big Data Analytics, Paris, France, August 27-28, 2015. For more information visit: http://fab.cpsc.ucalgary.ca/2015/index.php All accepted papers will be published in the proceedings which will be included in the digital libraries of both sponsors: ACM and IEEE Computer Society. Following the trend from previous years, extended versions of accepted papers from ASONAM 2015 will be invited for publication in one of the following prestigious venues by Springer: 1. Social Networks Analysis and Mining Journal http://link.springer.com/journal/13278 2. Network Modeling Analysis in Health Informatics and Bioinformatics Journal http://link.springer.com/journal/volumesAndIssues/13721 3. Edited book in the Lecture Notes in Social Networks Series http://www.springer.com/series/8768


Facebooktwittergoogle_plusredditpinterestlinkedinmail