Washington, DC: Cybersecurity Executive Order
Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (The White House) EXECUTIVE ORDER - - - - - - - STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
US Executive Order on Cybersecurity (with industry reactions) (The CyberWire) US President Trump yesterday signed his long-anticipated Executive Order on cyber security. Its sections address "Cybersecurity of Federal Networks," "Cybersecurity of Critical Infrastructure," and "Cybersecurity for the Nation." It's a Federal-Government-centric order whose recurring themes are IT modernization and rationalization (including more shared services and use of the cloud), an emphasis on resilience, and an assertion that henceforth agency heads will be held accountable for the security of the organizations they lead. It mandates use of the NIST Framework across the Federal Government and places a strong emphasis on implementing sound risk management practices. It also calls for increased cyber deterrent capability. We cover a selection of industry reaction to the Executive Order.
President’s Executive Order Will Strengthen Cybersecurity for Federal Networks and Critical Infrastructure (US Department of Homeland Security) The Executive Order signed by the president today, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, follows through on a key campaign promise made to the American people. It reaffirms the important role the Department of Homeland Security (DHS) plays in strengthening the security and resilience of federal networks and the nation’s critical infrastructure.
A Summary of the Cybersecurity Executive Order (Lawfare) This afternoon, President Trump signed a long-awaited executive order on cybersecurity, titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” This post will walk through the three substantive sections of the order.
Trump signs cyber EO promoting IT modernization, shared services (FederalNewsRadio.com) The much anticipated executive order refocuses agencies' cybersecurity efforts and further details the new American Technology Council’s role.
Trump signs cybersecurity order to create an 'executive branch enterprise' (Washington Examiner) The order has three major components: protecting federal networks, cybersecurity of critical infrastructure and promoting cybersecurity work...
Trump signs long-delayed executive order on cybersecurity (TechCrunch) President Trump signed a executive order today commanding a review of the United States' cybersecurity capabilities. Trump was initially set to sign the order..
Trump's cybersecurity order: Out with 'antiquated systems' (CNET) The executive order aims to improve US systems by protecting federal networks, critical infrastructure and Americans online.
Trump's cyber order pushes for modernized IT shared services (Fedscoop) President Donald Trump wants agencies to begin buying more modernized shared IT services where feasible. As part of the cybersecurity executive order released Thursday, agency heads are required to “show preference in their procurement for shared IT services,” such as email, cloud and cybersecurity services. “Effective immediately, it is the policy of the executive branch to …
'Keep America safe in cyberspace': Trump signs cybersecurity executive order (RT International) President Donald Trump has signed a long-awaited executive order designed to strengthen the cybersecurity of critical infrastructure and the federal government’s computer networks. It is the White House’s first action at defending the US against hackers.
Trump’s signed cybersecurity EO emphasizes risk management, resilience (Fifth Domain | Cyber) President Donald Trump on Thursday released the long-awaited presidential executive order on cybersecurity. The EO is similar in substance to the draft EO released last week and covered in depth by Fifth Domain.
Industry reactions to Trump's executive order on cybersecurity (Help Net Security) Here are some industry reactions to President Trump's executive order on cybersecurity, which requires reviews across agencies of the federal government.
Trump's cybersecurity executive order met with mixed reviews (ZDNet) The order asks for a full review of all cyber capabilities in an effort to strengthen federal systems, but that might be tough — if not impossible — given the timeline.
Trump Administration Cybersecurity Order Is “Plan for a Government Plan,” Not the Private Sector-Led, Actionable Agenda the Country Needs (ITIF) We are disappointed to see that this executive order is mostly a plan for the government to make a plan, not the private sector-led, actionable agenda that the country actually needs to address its most pressing cyber threats.
HITRUST Applauds the Presidential Executive Order on Cybersecurity (BusinessWire) HITRUST Applauds the Presidential Executive Order on Cybersecurity
Mixed reviews for Trump’s Executive Order on cybersecurity (CSO Online) Experts generally agree that President Trump’s cybersecurity Executive Order is well intended and a good start. But several of them have specific suggestions on how it could be improved.
Some notes on Trump's cybersecurity Executive Order (Errata Security) President Trump has finally signed an executive order on "cybersecurity" . The first draft during his first weeks in power were hilariously ...
McCain on Trump cyber order: 'We do not need more reviews' (Washington Examiner) Trump signed an executive order Thursday ordering federal agencies including the Defense Department to conduct reviews of cyber vulnerabilit...
Cyber Attacks, Threats, and Vulnerabilities
Russia-linked hackers impersonate NATO in attempt to hack Romanian government - Cyberscoop (Cyberscoop) An elite hacking group linked to the Russian government masqueraded as a NATO representative to send a barrage of phishing emails to diplomatic organizations in Europe, including Romania’s Foreign Ministry of Affairs, documents show. CyberScoop obtained a copy of one such phishing email that researchers have attributed to the hacking group, which is known as APT28 or Fancy Bear.
Macron's campaign proactive after hack, mitigated damage (SC Magazine US) Hackers' efforts against Macron didn't have the same yield as Russian attacks on the Democratic National Committee (DNC) and other Democrat-affiliated persons and organizations during the U.S. presidential election.
MacronLeaks – A Timeline of Events (Alien Vault) It's been a very familiar feeling reading about the documents leaked to impact the elections in France tomorrow.Often the best defence is to have a proper understanding of what has happened. A quick draft timeline of events from an analysis of document meta-data and forum posts is below.Attacks in March and AprilA number of domains, identified by Trend Micro as linked to a group of attackers known as APT28, were registered for use in attacks against Emmanuel Macron's campaign.It
The great British Brexit robbery: how our democracy was hijacked (Guardian) A shadowy operation involving big data, billionaire friends of Trump and the disparate forces of the Leave campaign heavily influenced the result of the EU referendum. Is our electoral process still fit for purpose?
Intelligence Officials Warn of Continued Russia Cyberthreats (New York Times) Dan Coats, the director of national intelligence, and Mike Pompeo, the C.I.A. director, offer a dire view of Russian meddling, one that differs starkly from the president.
Russia has 'upped its game' in cyberwarfare and the threat isn't going away, US intel officials say (CNBC) Russian political interference is spreading to more countries around the world, according to senior U.S. intelligence officials.
NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet (The Intercept) IBM's confidential "WindsorGreen" was detailed in documents exposed via an apparent backup drive.
PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores (TrendLabs Security Intelligence Blog) One of the most popular ways to make money online is through pornography—whether through legitimate distribution or different online scams. Last year we detected a new variant of the Marcher Trojan targeting users through porn sites, and the year before that popular porn apps were used as lures to compromise millions of mobile users in...
An NSA Cyber Weapon Is Behind A Massive Global Ransomware Outbreak (Forbes) It's been a matter of weeks since a shady hacker crew called Shadow Brokers dumped a load of tools believed to belong to the National Security Agency (NSA). It now appears one NSA tool, an exploit of Microsoft Windows called EternalBlue, is being used as one method of spreading a ransomware variant called WannaCry across the world.
'Jaff' Enters the Ransomware Scene, Locky-style (Forcepoint) Forcepoint Security Labs™ have observed today a major malicious email campaign from the Necurs botnet spreading a new ransomware which appears to call itself 'Jaff', peaking within our telemetry at nearly 5m emails per hour.
Jaff Ransomware Distributed via Necurs MALSPAM and asking for a $3,700 Ransom (BleepingComputer) A new ransomware was discovered today called Jaff ransomware. This ransomware will encrypt your files and append the .jaff extension to encrypted files. It also joins the ranks of other ransomware that steal payment site templates from Locky.
SLocker: Android ransomware threat returns in undetectable form (Computing) Wandera claims to have uncovered 400 variants of malware
Up to 40 percent of Android devices at risk of screen hijack exploit (CRN Australia) But Google doesn't plan to fix it until winter.
Google won’t fix Android ‘contentjacking’ flaw for months (Naked Security) Google Play is a bit like a happening nightclub: the faster you let people in, the less time you have to spend keeping troublemakers out.
Keylogger Found in Audio Driver of HP Laptops (BleepingComputer) The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user's keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look.
Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability (Threatpost) Vanilla Forums open source software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbit…
Avast blocks the entire internet – again (Register) Now that's cast-iron antivirus
Edge Security Flaw Allows Theft of Facebook and Twitter Credentials (BleepingComputer) Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information.
When Bad Guys are Pwning Bad Guys... (SANS Internet Storm Center) A few months ago, I wrote a diary about webshells[1] and the numerous interesting features they offer. They’re plenty of web shells available, there are easy to find and install. They are usually delivered as one big obfuscated (read: Base64, ROT13 encoded and gzip'd) PHP file that can be simply dropped on a compromised computer. Some of them are looking nice and professional like the RC-Shell...
DDOS attacks in Q1 2017 (Exploit This) Although the first quarter of 2017 was rather quiet compared to the previous reporting period, there were a few interesting developments. Despite the growing popularity of IoT botnets, Windows-base…
Unhappy 39th birthday, spam, and many unhappy returns (Naked Security) As computing reaches middle age, expect to see more of these kinds of anniversaries
Pro-net neutrality group skeptical of FCC cyber attack claim (TheHill) A pro-net neutrality group says the Federal Communications Commission (FCC) is hiding something in regard to the cyberattacks that brought the agency's website down this week.
Security Patches, Mitigations, and Software Updates
Latest firmware updates for Asus routers fix CSRF security flaws (CSO Online) Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router settings.
Microsoft’s New Security Update Guides Get Mixed Reviews (Threatpost) Microsoft gets a lukewarm response with its new Microsoft Security Guides that replaced Security Bulletins.
Anglophiles: Hang up your VPN; iPlayer isn’t for you anymore (Ars Technica) BBC collects IP address, location, e-mail address in fight against online cheats.
Cyber Trends
181 Third-Party Vendors Access the Average Company's Network Each Week (eSecurity Planet) And 67 percent of companies have already experienced a data breach that was either definitely or possibly linked to a third-party vendor.
Anti Public Combo List Analysis Reveals Password Habits Improving (Threatpost) Researchers take a deep dive analysis on a recently discovered database of more than 500 million username and password pairs.
Marketplace
Do you need hacker insurance? (High Tech Bridge) Touted as the next big thing by the insurance industry, cyber insurance is coming to your peers – but should you take the plunge?...
CyberArk Snaps Up Conjur for $42M to Secure Software Development | Xconomy (Xconomy) CyberArk Software said Thursday it has acquired Conjur for $42 million in cash, a tie-up that unites two cybersecurity firms with offices in the Boston are
Electromagnetics, cyber warfare systems contract awarded to Raytheon (UPI) Raytheon has been awarded a $10 million contract by the Department of Defense for high power electromagnetics systems and cyber electronic warfare systems.
SAIC Awarded $61 Million Task Order by SSC Atlantic (BusinessWire) The Space and Naval Warfare Systems Center (SSC) Atlantic awarded Science Applications International Corp. (NYSE: SAIC) a task order to perform comman
Federal Agencies Pay Cyber Security Personnel $7,000 Less Than the Private Sector (eSecurity Planet) Still, federal information security personnel say hiring and retaining qualified professionals is key to securing their infrastructure.
VMware reveals partnerships with AWS, Google, Pivotal and Dell EMC (CRN Australia) Including AWS, Google, Pivotal and Dell EMC.
Whistic Joins Cloud Security Alliance to Extend the Reach of the Consensus Assessments Initiative Questionnaire (CAIQ) | HostReview.com (HostReview.com) Whistic, a leading third-party security assessment platform, today announced that it has joined the Cloud Security Alliance (CSA), the world’s l
Darktrace the new Stevie wonders (Business Weekly) Cambridge cyber security specialist Darktrace scooped four accolades at The Stevie’s 15th Annual American Business Awards.
Products, Services, and Solutions
New infosec products of the week: May 12, 2017 (Help Net Security) New information security products of the week include interesting releases from Bomgar, FinalCode, Seclore, Versive, and Waterfall Security.
Seclore Announces the Industry’s First Agent-less Data-Centric Security Solution (Seclore) New innovations make rights management seamless by eliminating the barriers preventing widescale adoption
Cybernance Prepares Federal Agencies for Trump’s Cybersecurity of Federal Networks Executive Order (Sys-Con Media) Cybernance Corporation, a provider of cyber risk governance technology solutions, today announced availability of the Cybernance Platform for federal agencies that must comply with President Trump’s Cybersecurity of Federal Networks executive order.
Exabeam and Crowdstrike Partner to Improve Cyber Security (Marketwired) Leaders in behavioral analytics and endpoint protection provide comprehensive protection
SageNet Deploys Cryptzone Security App to Reduce Cost of PCI Compliance (BusinessWire) Tulsa-based SageNet has leveraged an authentication gateway security app to help large, multi-site retailers better meet Payment Card Industry complia
Experian outlines the benefits of biometrics (Planet Biometrics) Credit identity firm Experian has revealed plans to offer multiple biometric security option through partnering with biometric companies on its CrossCore platform.
Shinobi Defense System Arrives in the U.S. (eSecurity Planet) Already "big in Japan," Shinobi Cyber's API and kernel-level monitoring security solution hits the states.
Tests according to the EMC Standard IEC 60601-1-2 (4th edition) for medical electrical devices (Pressebox) CETECOM is expanding its service portfolio for testing and certification of medical technology products. After a successful audit by the ZLG (Zentralstelle der Länder...
Technologies, Techniques, and Standards
What Developers Don't Know About Security Can Hurt You (Dark Reading) Developers won't start writing secure code just because you tell them it's part of their job. You need to give them the right training, support, and tools to instill a security mindset.
Understanding the human behaviour is key to enterprise security: Forcepoint (ETCIO.com) Behaviour of humans or employees in organisations is a very important aspect of enterprise security, according to Forcepoint experts
Q&A Citrix CSO: How to deal with security across multiple generations of employees (CSO Online) Citrix’s CSO Stan Black has been in the cybersecurity field for 20 years. He talks about how security has changed among employees in each generation.
Simple Ways To Make Your Twitter Safer (Panda Security Mediacenter) Anyone can fall victim to a twitter hack. What Can We Do To Keep Our Twitter Accounts Safe? Check out our Panda's tips...
Design and Innovation
FASTR Automotive Security Consortium Adds Uber Security Lead as Technical Committee Chair (BusinessWire) The FASTR consortium—Future of Automotive Security Technology Research—has added Uber security lead as technical committee chair; adds new
Good to Great: Innovation in the Industrial Base (War on the Rocks) “Thoughtless reliance on technology is a liability.” This quote did not come from a disgruntled acquisition professional in the Pentagon, but from noted au
Advantages of quantum processing shown in head-to-head race (Help Net Security) A prototype quantum processor beat a traditional, classical processor in a race to solve a puzzle, figuring out a secret combination up to 100x faster.
Creativity is overrated (TechCrunch) Today’s creative workplaces work hard to obscure the uncreative labor that makes them run. While “creativity” is presented as the panacea for our overly..
Legislation, Policy, and Regulation
How Trump’s N.S.A. Came to End a Disputed Type of Surveillance (New York Times) The move increased the risk of missing something important, but removed a privacy issue at a time when the law on which the program is based will expire unless Congress extends it.
Andrew McCabe New FBI Director And His Views On national security (ValueWalk) Until Andrew McCabe is replaced, he’s likely to have an influence on the agency’s encryption stance going forward as the deputy under comey FBI
The Real Problem With Our Government? It’s Tech-Illiterate (WIRED) Drafting sane tech policy is hard. But that's no excuse for not doing it, as Comey's tenure as FBI director proves.
The True Costs of Selling Out Our Privacy (Infosecurity Magazine) Weakened encryption standards will hurt the US where it can least afford it – in its wallet.
USCG Makes 'Significant' Move to Operationalize Cyber (SIGNAL Magazine) Technological development has transformed U.S. Coast Guard networks into warfighting platforms as the service operates in a dramatically different realm.
It’s Time For A Dedicated Military Cyber Force, Says Former NATO Commander (The Daily Caller) It is time for the U.S. defense community to consider creating a dedicated cyber force in the U.S. military, unique from the other branches, retired Adm. James Stavridis told the Senate Thursday.
Litigation, Investigation, and Law Enforcement
Acting FBI Chief Defends Ousted Comey, Vows Independent Russia Investigation (Foreign Policy) Andrew McCabe shoots down Trump’s rationale for firing Comey, and defends the agency’s "significant" Russian counterintelligence investigation before a Senate panel.
Five takeaways from FBI Director Andrew McCabe's testimony on Comey, Trump, Russia (Washington Examiner) McCabe said Trump's firing of Comey has not measurably slowed down the bureau's investigation into Russian meddling in the 2016 elections.
Why James Comey Had to Go (Wall Street Journal) The FBI head’s sense of perfect virtue led him to ignore his own enormous conflicts.
Deputy attorney general asked to brief senators after Comey firing (TheHill) Senate Majority Leader Mitch McConnell has asked him to meet with all senators.
White House’s FBI story unravels (TheHill) Key portions of the White House’s explanation of how President Trump decided to fire FBI Director James Comey came into question on Thursday, underlining a growing credibility crisis for the administration.
US intel chiefs are reviewing use of Kaspersky software (CRN Australia) Following reports of links to Kremlin.
Russian firm under FBI scrutiny offers to help any federal investigation (ABC News) A world-renowned software company -- the Moscow-based Kaspersky Lab -- says it wants to dispel security concerns about its products by helping any government probe of the company.
Kaspersky Lab Hits Back at US Spy Bosses (Infosecurity Magazine) Kaspersky Lab Hits Back at US Spy Bosses. Intelligence chiefs raise concerns over AV vendor
Release of the FISC Opinion Approving the 2016 Section 702 Certifications and Other Related Documents (IC on the Record) Today the ODNI, in consultation with the Department of Justice, is releasing three sets of Foreign Intelligence Surveillance Act (FISA) Section 702 documents in redacted form.
This Is the Secret Court Order That Forced the NSA to Delete the Data It Collected About You (Motherboard) The court found an "institutional lack of candor on NSA's part and emphasized that this is a very serious Fourth Amendment issue."
Canadian spies mobilized after Montreal airport terrorism scare (National Observer) Over 160,000 people have security clearances at Canadian airports, says Transport Canada.
IPCC Probes Claims Met Police Outsourced Email Hacking to India (Infosecurity Magazine) IPCC Probes Claims Met Police Outsourced Email Hacking to India. Whistleblower’s allegations claim police spied on journalists and activists for years
The Guy Who Saved Your iPhone From Hackers Is Stuck in a UAE Jail (Motherboard) 'Million dollar dissident' Ahmed Mansoor’s actions protected millions of iPhone users from sophisticated spyware. If you care about your privacy and security, you should be fighting for his release.
One more way to get busted on the Dark Web (Naked Security) Tor users suspected of child abuse imagery may have visited an outside file-sharing service – simply because Tor is so slow at routing traffic