current issue – 1.18.17

E8 Security - DETECT. HUNT. RESPOND. Find out how.

Greetings!

THE CYBERWIRE (Wednesday, January 18, 2017) — French security agencies warn that country's politicians to expect unwelcome attention in cyberspace. Eugene Kaspersky is delivering a similar message in Davos, telling the World Economic Forum to expect a range of cyberattacks during Europe's 2017 elections. The prime animal-of-interest, of course, according to ThreatConnect, CrowdStrike, and FireEye, remains Fancy Bear, of DNC hack fame.

Bleeping Computer has an interesting account of how malware authors are trolling security researchers on VirusTotal. In addition to conventional abusive trolling and defamation, they're also voting malware samples "harmless."

The Carbanak financial fraud gang is back, and according to Dark Reading quietly hiding its command-and-control within Google services.

Oracle releases its first quarterly security update of the year, and it's large—some 270 patches, ensuring continued employment for Oracle admins.

In M&A news, Bitdefender buys Profil, and Kudelski buys M&S Technologies. Microsoft acquires natural language processing shop Maluuba; Hewlett Packard Enterprise buys SimpliVity.

Australia's Prime Minister Turnbull opens an inquiry into the effects of the Yahoo! breaches on his government.

US President Obama, in his last week in office, pardons former Marine general Cartwright for his conviction of lying to investigators looking into Stuxnet leaks. He also commutes the sentence of Private Manning, convicted of giving classified information to WikiLeaks—Manning will leave prison in May after serving seven years of a thirty-year sentence. The pardon and commutation receive decidedly mixed reviews. It's unclear whether WikiLeaks' Julian Assange will honor his pledge to accept extradition to the US in the event of Manning's release.

[250]

Today's edition of the CyberWire reports events affecting Australia, Estonia, France, the Holy See, Iran, Iraq, Ireland, Italy, Russia, Sweden, Syria, the United Kingdom, and the United States.

On the Podcast

In today's CyberWire podcast we hear from our partners at Palo Alto Networks, as Rick Howard discusses the very notion of a unified theory of security. And our guest, David Bianco of Sqrrl tells us about threat hunting.

If you've been enjoying the podcasts, please consider giving us an iTunes review.

A special edition of our Podcast is currently available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Sponsored Events

Cyber Security Lunch & Learn (Norfolk, VA, USA, February 2, 2017) Learn how to build a better security incident response program in 2017 from a SANS instructor and enterprise CISO! Earn CPE Credits.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Selected Reading

Cyber Events (14)

Cyber Attacks, Emerging Threats, and New Vulnerabilities

French spies warn politicians of hack risk as election draws near (Register) Authorities uneasy in wake of alleged Russian interference in US presidential race…

Kaspersky CEO: Expect Cyber Attacks During European Elections (Wall Street Journal) European governments shouldn't be surprised if they come under highly sophisticated cyber attacks during this year’s high-profile elections on the continent, warns Eugene Kaspersky, CEO of cyber security firm Kaspersky Labs, at the World Economic Forum in Davos…

Why the DNC hackers will continue to wreak havoc (CyberScoop) Private sector cybersecurity researchers are closely monitoring ongoing digital intrusions to see if any share similarities with cyberattacks conducted by the infamous hacking group known as APT28, or Fancy Bear — which is best known for breaching the Democratic National Committee…

BBC launches probe into leak of Russian-dubbed Sherlock finale (Naked Security) Damn you, Russia, we wish we knew how to quit you!…

The Fine Art of Trolling a Security Researcher (Bleeping Computer) Malware authors are trolling security researchers on VirusTotal by posting abusing comments, marking their websites as dangerous sites, and voting recently discovered malicious files as "harmless"…

WhatApps scams spread widely thanks to trust between friends (Naked Security) Earlier this year we wrote about a fast-spreading WhatsApp scam that promised free Wi-Fi access…

Dangerous New Gmail Phishing Attack Gaining Steam (Dark Reading) None of the usual browser indicators of fraudulent websites are present in this method of phishing…

118 out of 121 Oracle E-Business suite vulnerabilities "remotely exploitable" (Computing) Oracle: Can't break it, can't break in - these 270 security vulnerabilities notwithstanding…

Carbanak's Back And Using Google Services For Command-and-Control (Dark Reading) Cybercrime gang employs common cloud services to hide in plain sight…

Tor users at risk of being unmasked by ultrasound tracking (Naked Security) A new type of attack should make Tor users – and countless dogs around the world – prick up their ears. The attack, revealed at BlackHat Europe in November and at the 33rd Chaos Computer Congress the following month, uses ultrasounds to track users, even if they are communicating over anonymous networks…

Router Vulnerabilities Disclosed in July Remain Unpatched (Threatpost) Details on serious vulnerabilities in a number of routers freely distributed by a major Thai ISP were published on Monday after private disclosures made to the vendors in July went unanswered…

VUlnerabilities Leave iTunes, App Store Open to Script Injection (Threatpost) Apple is reportedly aware of and is in the middle of fixing a pair of vulnerabilities that exist in iTunes and the App Store. If exploited, researchers claim an attacker could inject malicious script into the application side of the vulnerable module or function…

New RCE Flaws Found in Samsung Smartcam (Threatpost) At DEFCON 22 in 2014, researchers demonstrated hacks against the Samsung Smartcam that allowed an attacker to remotely take over the device. Samsung’s reaction at the time was to remove the web interface enabling the attack rather than patch the code in question…

Credential-Stuffing Attacks Take Enterprise Systems By Storm (Dark Reading) Automated credential-stuffing attempts makes up 90% of enterprise login traffic…

Locky Ransomware Activity Goes Down by 81% (Bleeping Computer) For more than four weeks, the only source of Locky ransomware infections has been through spam campaigns that distributed the Kovter click-fraud malware, as the primary source of Locky infections, the Necurs botnet, has been offline for the Christmas and New Year holidays…

ATM Malware Retooled to Strike More Machines (BankInfo Security) Upgraded Ploutus-D malware designed to drain ATMs from any manufacturer…

NHS Trusts a magnet for ransomware, FOI disclosures reveal (Computing) Just under one-third of all NHS Trusts report ransomware infections…

Clash of Clans’ Developer “Supercell” Hacked; 1.1 Million Accounts Stolen (HackRead) Supercell was using an outdated version of vBulletin software…

Hacker claims our private cell number on Facebook may not be so private (HackRead) Hacker says he can identify phone numbers of Facebook users – Facebook says it’s a feature…

KnowBe4 Warns Organizations of False Sense of Security (Benzinga) KnowBe4 Alert notifies IT managers of substantial drop in antivirus detection rates…

The unseemly world of Darkweb marketplaces (CIO) Underground markets offer a variety of services for cyber criminals to profit from…

Top 4 Malware Fails (The Merkle) Even though malware, ransomware, and other types of malicious software continue to pose a significant threat to consumers and enterprises worldwide, not all of these “projects” are successful. In most cases, this is due to sloppy work by the developers who aim to wreak havoc with their malicious code. In fact, most of these issues revolve around a lackluster understanding of cryptography…

Security Patches, Mitigations, and Software Updates

Oracle Admins Faced with 270 Fixes this Quarter (Infosecurity Magazine) Oracle has released its first quarterly security advisory for the year and it’s one of the biggest ever, fixing a whopping 270 vulnerabilities…

SHA-1 End Times Have Arrived (Threatpost) For the past couple of years, browser makers have raced to migrate from SHA-1 to SHA-2 as researchers have intensified warnings about collision attacks moving from theoretical to practical. In just weeks, a transition deadline set by Google, Mozilla and Microsoft for the deprecation of SHA-1 is up…

Microsoft Replacing Old Security Bulletins Portal Next Month (Redmond Magazine) Microsoft's venerable "Security Bulletins" portal, which lists monthly software patch releases, will get replaced next month as Microsoft goes live with its new "Security Updates Guide" portal…

Cyber Trends

2017 IT Forecast: Cloudy With A Chance Of Security Concerns (Dark Reading) Public cloud adoption and security concerns are expected to grow as more businesses transition to the cloud…

WatchGuard's global reseller survey finds ransomware top customer fear for 2017 (Security Brief AU) A global survey by WatchGuard has shown that more than 80% of resellers believe their customers are most worried about ransomware and the effects it could have on their business…

Cyber Security Survey: More than 80 Percent of Resellers Think Customers Are Most Concerned with New Ransomware Threats (PRNewswire) New survey reveals what resellers think about threats to customers, their ability to manage alerts, and their understanding of security technologies…

Consumers are passing off security responsibility to others: Gemalto (ZDNet) A report from Gemalto has found that consumers are increasingly aware of online security risks but hold businesses responsible for the security of their data…

Consumers increasingly aware of online security risks, but hold businesses responsible for data breaches, finds Gemalto study (Gemalto) Only 30% of consumers believe companies are taking their personal data protection very seriously. 58% of consumers fear they will be victims of an online data breach. 66% would be unlikely to do business with organizations responsible for exposing financial and sensitive information…

Why most of us still stand a good chance of getting hacked (Consumer Affairs) Survey finds many consumers still use incredibly weak passwords…

Endpoint security in 2017 (Network World) Comprehensive suites, machine learning, EDR and vendor attrition will be highlighted at the RSA Conference and throughout the entire year…

Marketplace

Why Security-as-a-Service is Poised to Take Off (CIO) Cost, management and expertise driving adoption…

Cyber (in)security: Can insurance solutions keep pace with threats? (Property Casualty 360) The evolution of cyber perils calls for extreme diligence by insurers willing to underwrite the exposures. Here's a look at what's next…

Cyber Insurance: Coming of Age in 2017? (Infosecurity Magazine) 2016 was definitely the year of cyber insurance emergence. As large-scale attacks and disclosures of massive data-breaches were reoccurring along the year, we realized once again that allocating tremendous efforts and resources to your cybersecurity defense does not provide any guarantee you won’t experience an incident…

How to get fired in 2017: Have a security breach (CSO) There are many reasons why IT pros can be fired, but a majority of them are related to security…

Bitdefender's Landmark Acquisition of French Partner Profil Technology to Further Accelerate Enterprise Growth (Yahoo! Finance) Bitdefender, the innovative security software solutions provider, has acquired Profil Technology of France to rapidly bolster its global presence. The acquisition will be the largest in Bitdefender's 15-year history and it will boost the company's enterprise revenue and strengthen its position in the European and global markets…

Swiss Security Giant Kudelski Buys SP500 Superstar M&S Technologies, Eyes More Acquisitions In U.S. As Part Of Global Buildout (CRN) Kudelski Group, a $1 billion Swiss security conglomerate, has acquired M&S Technologies, No. 33 on the CRN Solution Provider 500, one of the top security solution providers in the country…

Microsoft acquires Maluuba, a startup focused on general artificial intelligence (TechCrunch) Microsoft has acquired Canadian startup Maluuba, a company founded by University of Waterloo grads Kaheer Suleman and Sam Pasupalak that also participated in TechCrunch’s 2012 San Francisco Startup Battlefield competition. Maluuba focuses on natural language processing, in service of pursuing general artificial intelligence, or building computers that can think like people…

Hewlett Packard Enterprise to buy Nutanix rival for $650 million (MarketWatch) Hewlett Packard Enterprise Co. HPE, +1.10% announced Tuesday it has agreed to acquire SimpliVity for $650 million in cash, giving it a stronger offering in the growing market for tech infrastructure that combines data-storage and computing…

OPAQ Networks Launches Security-as-a-Service Platform, Raises $21M (eWeek) Former CEO of Xceedium and NetSec, helps to launch new cloud security-as-a-service company with Series A funding and technology from Bat Blue Networks…

Collibra nabs $50M at reported $650M valuation led by ICONIQ (TechCrunch) Data governance and management startup Collibra — originally founded in Belgium but now based out of New York to help businesses in sectors like finance and healthcare to manage and comply with data retention policies — has raised $50 million in its latest round of funding…

Cloud security startup ProtectWise raises another $25 million (TechCrunch) ProtectWise, a security startup that records all your network traffic DVR-style, and saves it in the cloud, announced a $25 million round today…

Ixia Helps Partners Achieve Greater Profitability (Yahoo! Finance) Ixia (XXIA), a leading provider of network testing, visibility, and security solutions, has launched its new worldwide Xcelerate™ Distribution Partner Program, as well a new pricing structure for reselling Ixia’s global product support to help drive new revenue opportunities and greater profitability for partners…

Palo Alto Looks Well-Positioned For Cloud Era (Seeking Alpha) The cloud is rapidly expanding. Palo Alto has multiple products that are geared to securing the cloud. Palo Alto has a close partnership with leading cloud infrastructure vendor Amazon Web Services. Palo Alto's cloud security products appear to be gaining ground, and PANW stock is well off its peak levels…

Core Security Strengthens its Position as Global Industry Leader in Vulnerability, Access Risk Management and Network Detection with inTechnology Partnership (Yahoo! Finance) Core Security®, a leader in Vulnerability, Access Risk Management and Network Detection and Response, today announced its partnership with inTechnology Distribution, one of Asia Pacific's fastest growing Value Added Distributors (VAD) headquartered in Australia. The new partnership expands Core Security's global presence, particularly in the Asia Pacific region, and is the first distribution of the company's products in Australia, with inTechnology selling Core Security's products in both Australia and New Zealand…

Frost & Sullivan Names Skycure as 2016 Company of the Year for Mobile Enterprise Security (Yahoo! Finance) Based on its recent analysis of the mobile enterprise security industry, Frost & Sullivan recognizes Skycure with the 2016 Global Frost & Sullivan Company of the Year Award. Skycure distinguished itself in the mobile security market by focusing on securing iOS devices using a public API right from the time of its inception, instead of developing security detection and protection solutions for the more open and customizable Android OS. This R&D path helped Skycure develop technology that better protects both platforms while simplifying the app upgrade process through the official app stores. Skycure also developed the first active honeypot technology in the mobile security industry, which the company has since patented…

CrowdStrike Named One of the Best Workplaces in Technology by Great Place to Work® and Fortune Magazine (Yahoo! Finance) CrowdStrike Inc., the leader in cloud-delivered next-generation endpoint protection, today announced that it has been named a 2017 Best Workplace in Technology, according to global research and consulting firm Great Place to Work® and Fortune Magazine…

Veteran Technology Marketing Executive Nimmy Reichenberg Joins eSentire as CMO (PRNewswire) As Chief Marketing Officer, Nimmy will lead the development and execution of eSentire’s marketing efforts as it cements its position as a leader in the Managed Detection and Response (MDR) market…

Financial industry veterans strengthen leadership team at RedOwl (Finextra) RedOwl, the leading provider of insider risk solutions, today announced the expansion of its senior leadership team…

Lexumo Names Daniel McCall as Chief Executive Officer (PRNewswire) Tech veteran returns to cyber security to accelerate growth in burgeoning IoT security industry…

NSFOCUS Appoints Lin Xu to Vice President of Engineering (Yahoo! Finance) NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the appointment of Lin Xu, to the position of Vice President of Engineering. In this new position, Xu will run dedicated engineering teams in Santa Clara, CA, as well as teams in China to further expand the capabilities of NSFOCUS’ enterprise-class set of security offerings…

Products, Services, and Solutions

Acronis True Image 2017 New Generation Personal Backup Solution Offers Must Have Groundbreaking Anti-Ransomware and Blockchain-Based Capabilities (WLNE ABC 6 News) Acronis True Image 2017 New Generation solves the multi-billion dollar cyber-threat nightmare with real-time protection against ransomware attacks targeting data and delivers the industry's first blockchain-based certification and electronic signature technology…

RedOwl to Deliver Next-Generation Insider Risk Management Platform to BT Customers (Yahoo! Finance) RedOwl, the leading provider of insider risk management solutions, today announced a global agreement with BT, one of the world's leading providers of communications services and solutions. The agreement enables BT to offer its customers the RedOwl analytics platform to uncover insider threats as well as meet compliance requirements for regulatory surveillance…

Cryptzone’s Security Sheriff Takes Top Spot In DLP Solution Category at Computing’s Security Excellence Awards 2016 (Crytpzone) Cryptzone, a provider of user-centric content security solutions, has been crowned Best DLP Solution in Computing’s 2016 Security Excellence Awards for Security Sheriff…

Vanguard Integrity Professionals Announce Enhanced Multifactor Authentication Solution (PRNewswire) The most cost effective way to secure corporate enterprise access…

Security audit of Dovecot mailserver reveals good security practices (Help Net Security) Dovecot – a popular open source IMAP and POP3 server for Linux/UNIX-like systems – is as secure as its developers claim it is. A security audit performed by German security outfit Cure 53 revealed only three minor security issues, and they’ve all already been fixed…

Comodo Internet Security 10 Now Available with Powerful, Seamless Protection for Online Banking and Shopping (Yahoo! Finance) Comodo, a global innovator and developer of cybersecurity solutions and the worldwide leader in digital certificates, has released its latest free protection option, Comodo Internet Security (CIS) 10, upgraded to offer a powerful shield that serves as a buffer against malware attacks…

PKWARE Announces Partnership with Tevora (Yahoo! Finance) PKWARE, a global leader in encryption software, and California-based Tevora announced a new partnership. Under the agreement Tevora will resell the Smartcrypt product suite, and PKWARE will leverage their professional services for assessments, design, configuration and implementation…

Dell-EMC Cyber Solutions Group to Integrate Comilion’s Technology as Part of Its SOC/CERT Solutions (BusinessWire) Comilion, the cybersecurity collaboration company, today announced Dell-EMC cyber solutions group will integrate the Comilion sharing and collaboration platform as part of its offering for national Computer Emergency Readiness Teams (CERT) and cyber security operations centers (SOC)…

EiQ Networks SOCVue Security-as-a-Service Achieves SSAE16 SOC 2 Compliance; Announces Addition of Continuous Threat Intelligence (IT Business Net) EiQ Networks, a pioneer in hybrid security as a service, today announced that its' SOCVue® Security Operations and Analytics Platform (SOAP) is now SSAE-16 SOC 2 Type 1 compliant…

Dome9 offers multi-cloud security, adds native support for Azure (Network World) Organizations use multiple vendors, so it’s a smart move to provide fabrics than span different providers…

Fortinet says its Security Fabric lays foundation for Intent-based network security (The Nation) Fortinet has announced enhanced offerings that provide the building blocks for future’s self-provisioning, self-operating and self-correcting, Intent-Based Network Security in its latest innovations in the Security Fabric include the release of FortiOS 5.6 and Fortinet’s new Security Operations Solution…

Technologies, Techniques, and Standards

The Weird World of Attribution (Duo Labs Blog) It seems like everywhere you go online, you run into stories about hacking and how some nation state is behind it. A year ago, it was China. Now Russia's getting all of the headlines…

Petition for Rulemaking to Require an Enhanced Reliability Standard to Detect, Report, Mitigate, and Remove Malware from the Bulk Power System Docket No. RM17-xx-000 (United States of Amercia before the Federal Energy Regulatory Commission) Under procedures set forth in 18 CFR 385.207 – Petitions (Rule 207), the Foundation for Resilient Societies (“Resilient Societies”) respectfully submits a Petition for Rulemaking for a rule of general applicability, consistent with Commission authority for electric reliability under Section 215 of the Federal Power Act…

RBI Sets Deadline for Migrating to EMV Cards (InfoRisk Today) Security experts discuss the challenges involved in making the transition…

How information security professionals can help business understand cyber risk (Computer Weekly) Information security is continually moving up business and board agendas, but information security professionals find it challenging to help business leaders to understand fully the cyber risks across increasingly digital businesses…

Defending Against Cyber Threats During M&As (InfoRisk Today) FireEye's Bryce Boland explains the escalating risks and how to mitigate them…

Health Data Exchange: 3 Key Security Steps (Healthcare Info Security) DirectTrust CEO David Kibbe identifies critical issues for 2017 and beyond…

Why healthcare is a vulnerable sector for cyber attack – and what can be done about it (Enterprise Apps Tech) 2017 is set to feature greater attacks on internet security; the broad adoption of IoT seen to be easily compromised coupled with data often held on legacy systems is likely to capture attention…

Making Windows 10 a bit less "Creepy" - Common Privacy Settings (SANS Internet Storm Center) Microsoft regards Windows 10 is the most secure version of Windows out of the box, and I do have to agree that's the case…

How to Outsource Security Services: Tips for Small Businesses (Infosecurity Magazine) All the companies that actively use the internet are vulnerable to cyber-attacks and may face considerable risks and losses due to the frequent use of digital files and reliance on digital data. According to a Statista report, the number of data breaches in the USA increased from 157 million in 2005 to 781 million in 2015…

Design and Innovation

Security automation isn't AI security (Vectra Networks Blog) In many spheres of employment, the application of Artificial Intelligence (AI) technology is creating a growing fear. Kevin Maney of Newsweek vividly summarized the pending transformation of employment and the concerns it raises in his recent article "How artificial intelligence and robots will radically transform the economy"…

Keeping AI Well Behaved: How Do We Engineer An Artificial System That Has Values? (Futurism) It is estimated that some 10 million self-driving cars will be on the road by the close of 2020, which raises questions about how an AI will respond in lethal situations…

Gemalto wins Privacy Design Award for its Identity Verification solution (Yahoo! Finance) Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announces that it has won the ACT Canada IVIE Award in the “Privacy by Design” category for its ID Verification solution…

Research and Development

Irish Teen Introduces New Encryption System Resistant to Quantum Computers (The Merkle) Shane Curran, fifth year student at Terenure College introduced a project called “qCrypt,” a quantum-encrypted data storage solution that is resistant to quantum computers…

DarkMatter signs agreements for greater research (CPI Financial) DarkMatter has inaugurated its research and development programme with the signing of a series of agreements with institutions around the world, and the engagement of PhD-level researchers…

Legislation, Policy, and Regulation

Secret details emerge on Iran’s Cyber Army (Al Arabiya) A report by Al Arabiya has revealed the secrets of the Iranian electronic army and its intelligence and cyber activities against states and institutions…

Estonian MoD outlines plans for cyber range (IHS Jane's 360) Developing a state-of-the-art cyber range and improving the level of automation in a number of aspects of its functionalities are amongst the Estonian Defence Forces' (EDF's) plans to enhance this capability…

Amnesty: Snoopers’ Charter Violates Basic Human Rights (Infosecurity Magazine) Amnesty International has launched another broadside on the UK government, claiming that when it comes into force the Investigatory Powers Act (IPA) could have “devastating consequences” for human rights…

Senators: U.S. Cybersecurity Is Too Weak (Time) Increasingly complex and frequent attacks require a streamlined Congressional committee…

Advice for Trump: think about your security infrastructure (Naked Security) The US government’s track record for managing its own internet security is what some would consider subpar. Examples of failure include the breach of systems at The White House and State Department, and incursions affecting myriad other agencies…

The Intelligence Community Does Need a Shake-Up (Huffington Post) Originating from the dispute over whether the Russians hacked the U.S. election and tried to influence it, rumblings have come from the Trump transition team about reorganizing the intelligence community or parts thereof. That’s not a bad idea at all…

The US intelligence community is made up of 17 agencies. Here’s what each one does (Virgin Islands Daily) The U.S. intelligence community recently reaffirmed its conclusion that senior officials in Russia were behind hacks during the 2016 presidential campaign into the Democratic National Committee and emails belonging to associates of Hillary Clinton…

Litigation, Investigation, and Law Enforcement

GOP rep: DNC hacking 'most successful covert action' in Russian history (The Hill) Russia's alleged hacking campaign during the 2016 election “will be considered the most successful covert action operation in the history of Mother Russia," Rep. Will Hurd (R-Texas) wrote in an op-ed Sunday…

CIA's Brennan rejects Donald Trump's criticism, says dossier didn't come from intel community (Fox News) John Brennan, the outgoing Central Intelligence Agency director, rejected President-elect Donald Trump’s suggestion that he may have leaked the unsubstantiated dossier that claimed Russia had compromising allegations about Trump…

Putin Accuses Obama Administration Of Trying To Undermine Trump (Radio Free Europe / Radio Liberty) Russian President Vladimir Putin has accused U.S. President Barack Obama's administration of trying to undermine President-elect Donald Trump's legitimacy by spreading what Putin said were false allegations…

Graham Won’t Chair Cyber Subpanel After All (Fifth Domain Cyber) Sen. Lindsey Graham, one of the senators who once led the call for a select committee to investigate Russian interference in U.S. elections, will not chair a new Armed Services Cyber Subcommittee expected to investigate the matter…

Malcolm Turnbull to launch cyber security probe after MPs affected by global Yahoo data breach (Sydney Morning Herald) Prime Minister Malcolm Turnbull will ask his cyber security adviser to investigate how senior Australian politicians were caught up in a massive global data breach affecting Yahoo internet services…

Italian pair arrested over alleged hack of cardinals and masons (Naked Security) An Italian brother and sister have been arrested for spearphishing and planting a remote-access trojan/keylogger on to the computers of a veritable who’s who list of their countrymen…

Noor Salman, Wife of Orlando Shooter Omar Mateen, Arrested (NBC News) The wife of Orlando nightclub gunman Omar Mateen was arrested by the FBI on Monday in connection with the mass shooting, officials said…

Orlando nightclub attacker's wife could face life in prison on new charges (Fox News) Noor Salman, the wife of the Orlando nightclub gunman Omar Mateen, could face life in prison on charges against her in a federal indictment unsealed Tuesday, as prosecutors said she deliberately helped her husband's terror plans while trying to keep police and the FBI off their trail…

Obama commutes Chelsea Manning's prison sentence, pardons Gen. James Cartwright (Military Times) President Barack Obama commuted the sentences of a pair of high-profile military prisoners and pardoned a controversial former Marine Corps general on Tuesday as one of his last acts before leaving the Oval Office…

President Obama Lets Alleged Source of Stuxnet Leak Walk Free (Motherboard) President Obama pardoned retired General James Cartwright, who is believed to be the source who told a New York Times reporter that the United States and Israel were behind the famous “Stuxnet” cyberattack…

President Obama pardons James Cartwright (CNN Wire via KDVR) President Barack Obama pardoned James Cartwright on Tuesday…

Obama commutes sentence of Chelsea Manning, soldier convicted for leaking classified information (Washington Post) President Obama commuted the 35-year prison sentence of Chelsea Manning, an Army private convicted of taking troves of secret diplomatic and military documents and disclosing them to WikiLeaks, after deciding that Manning had served enough time…

Obama shows clemency to Chelsea Manning, intelligence analyst behind WikiLeaks (Financial Review) In one of his final acts before leaving office, President Barack Obama on Tuesday commuted the prison sentence of Chelsea Manning, the former US military intelligence analyst behind the biggest breach of classified materials in US history, the White House said…

Chelsea Manning to Be Released Early as Obama Commutes Sentence (New York Times) President Obama on Tuesday commuted all but four months of the remaining prison sentence of Chelsea Manning, the army intelligence analyst convicted of a 2010 leak that revealed American military and diplomatic activities across the world, disrupted his administration and brought global prominence to WikiLeaks, the recipient of those disclosures…

After Years of Inhumane Treatment, Chelsea Manning Will Be Freed From Prison (Motherboard) President Obama has commuted the sentence of Chelsea Manning, who leaked American military and diplomatic cables in 2010, putting an end to one of the bleaker domestic human rights situations under his presidency…

Assange “stands by” US extradition “deal,” Swedes still want to quiz him (Ars Technica) Likely to be arrested by London cops after skipping bail over sexual assault case…

WikiLeaks’ Assange confident of winning 'any fair trial' in the US (CSO) Assange had earlier promised to face US extradition if Chelsea Manning was granted clemency…

WikiLeaks Founder Waffles On Pledge To Accept U.S. Extradition (Radio Free Europe / Radio Liberty) WikiLeaks founder Julian Assange on January 17 appeared to waffle on his pledge to accept U.S. extradition now that President Barack Obama has pardoned former Army intelligence analyst Chelsea Manning…

Russia extends Snowden’s temporary residency for ‘few more years’ (TechCrunch) NSA whistleblower Edward Snowden has had his temporary right to remain in Russia extended, according to a Russian foreign ministry spokeswoman…

FTC charges Qualcomm with anticompetitive chip tactics (CSO) The company dictated licensing terms by threatening phone makers' access to chips, the agency says…

Can a DDoS attack on Whitehouse.gov be a valid protest? (CSO) A software engineer wants to take down the Whitehouse.gov site to oppose Trump's inauguration…

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Cyber Security Lunch & Learn (2.2.17)
Women in Cyber Security (3.31.17-4.1.17)

Remaining This Month:

SANS Las Vegas 2017 (Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks.

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community! Protecting the Credit Union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.

Coming Next Month:

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks often get in the way. Join us for lunch and an action-oriented discussion about ways you can improve your security incident response program in 2017. The conversation will be led by certified SANS instructor Alissa Torres, and Rsam CISO Bryan Timmerman. Attend and earn CPE credits towards your ISACA and (ISC)2 certifications.

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, New Jersey, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media.

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response, threat hunting, ethical hacking, IT management and ICS/SCADA security. Some of our courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications, and most courses have GIAC Certification attempts available. Take advantage of this opportunity to sharpen your skills and advance your career.

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively focused on workplace violence and responding to an active shooter event. Presenters include experts from the Occupational Safety and Health Administration (OSHA), and the Maryland State Police. It's free to attend. Prominent among the topics to be discussed will be threats directed from the Internet.

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources. RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow. At RSA Conference 2017, you will learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, California, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

the cyberwire
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire or Pratt Street Media, LLC.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.