CyberWire Daily - The CyberWire 2.1.16
Episode Date: February 1, 2016Learn more about your ad choices. Visit megaphone.fm/adchoices...
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Distributed denial of service attacks are rising.
They're cheap to mount and they can pay off in several ways.
Dr. Webb warns of Trojanized games in the Google Play
Store. Safe harbors no more. And we take a quick look at the sudden decline and strange story of
threat intelligence media darling, Norse Corporation. I'm Dave Bittner in Baltimore with your Cyber Wire summary for Monday, February 1, 2016.
Some of today's more interesting news comes from industry.
Norse Corporation seems to be on its way out.
A threat intelligence shop which even casual cyber watchers have gotten to know for its eye-catching and widely linked threat map,
not to mention its Viking helmet trade show swag, Norse apparently began
winding down operations over the weekend. Its sites are down today, including that famous threat map.
Brian Krebs reports that the company seems to be imploding. CEO Sam Glines was deposed this weekend,
and there's speculation that the company's remaining assets will be folded into SolarFlare,
which shares some investors with Norse. But this remains speculation.
No one in a position to know is offering comment. Norse's threat map, whose look recalled the Whopper's nuclear exchange simulations from the movie War Games, was surely a very compelling
contributor to the company's rise. As a threat intelligence operation, Norse relied on widespread
deployment of Honeynet sensors. Its critics tended to regard its use of such sensors
as uncritical and prone to representing reconnaissance,
and even entirely innocent crawling and searching, as attack traffic.
Krebs traces the company's troubles back through some ventures
its leadership had been involved with through the 1990s.
Norse went through a round of layoffs at the beginning of this January,
and one of the laid-off, former chief architect Jason Belich,
rises to the company's defense in Krebs' comments and elsewhere. Belich disputes what he reads as
Krebs' imputations of a connection between Ancestor Ventures and Norse itself. Krebs stands by his
reporting. Perhaps the last word for now should go to blogger Robert M. Lee, who, while offering
his own opinions concerning Norse's intelligence products, reminds everyone following the story that many of those who worked at Norse were talented and serious professionals.
May those who merit a soft landing receive one as swiftly and softly as possible.
Moving back to threats, a guilty plea in a doxing case against a Kosovar ISIS sympathizer
arouses new concerns that ISIS has acquired personally identifying information
on U.S. military and government personnel.
ISIS has made it known that it has what it calls crusaders on its watch list.
In a different doxing operation, this one by hacktivists evincing animus against U.S.
police departments, emails and other information exchanged by members of police unions are
exposed to inspection.
Patriotic cyber-rioting continues to flare in the Caucasus
as Armenian and Azerbaijani hacktivists strike at their antagonist governments.
Some of the more recent incidents involve Armenian hackers
affiliated with the Montemelkonian Cyber Army
observed their National Army Day last week with a denial-of-service campaign
against multiple government agencies in Azerbaijan.
They followed this up with a doxing operation that pulled information from compromised
Azerbaijani official sites.
The Caucasus is not the only place where DDoS is a problem.
It's a mounting challenge everywhere.
British bank HSBC recovered over the weekend from a distributed denial-of-service attack
that disrupted month-end payrolls and tax filing,
and this incident was no outlier.
DDoS attacks continue to proliferate.
They're relatively inexpensive to mount, they can deliver either a direct extortion payoff or serve as a misdirection for more serious attacks,
and the growing Internet of Things offers opportunities for botnet wranglers.
Hence, as a Chicago Tribune headline puts it,
forget power stations, worry about toasters.
Those who like their games take heed. While Google monitors and controls access to Google Play,
an app's appearance there is no infallible sign that the app is safe. Researchers at Dr. Web warn
that they've found more than 60 Trojanized games in the store. In industry news not connected to Norse's fortunes, Symantec closed the Veritas sale as it continues to refocus on its core security business.
Fortinet's good earnings tied last week lifted the share price boats of CyberArk and Palo Alto Networks, too.
And finally, there was no happy landfall in any Atlantic safe harbor.
The agreement between the U.S. and the EU has lapsed.
National European privacy authorities
are expected to announce their next move this Wednesday.
Blake's so worried about my sister.
You're engaged.
You cannot marry a murderer.
I was sick, but I am healed.
Returning to W Network and Stack TV.
The West Side Ripper is back.
If you're not killing these people, then who is?
That's what I want to know.
Starring Kaley Cuoco and Chris Messina.
The only investigating I'm doing these days is who shit their pants.
Killer messaged you yesterday?
This is so dangerous. I got to get out of this.
Based on a true story.
New season premieres Monday at 9 Eastern and Pacific.
Only on W.
Stream on Stack TV.
Do you know the status of your compliance controls right now? Like, right now? We know that real-time
visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks. But get this, more than 8,000 companies like
Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. Amy Adams stars as a passionate artist who puts her career on hold to stay home with her young son.
But her maternal instincts take a wild and surreal turn as she discovers the best yet fiercest part of herself.
Based on the acclaimed novel, Night Bitch is a thought-provoking and wickedly humorous film from Searchlight Pictures.
Stream Night Bitch January 24 only on Disney+.
Watch January 24 only on Disney+. Cyber threats are evolving every second,
and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions
designed to give you total control,
stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant. I'm joined by Joe Kerrigan.
He's a senior security engineer at the Johns Hopkins Information Security Institute.
They're one of our academic and research partners.
Joe, obviously one of the missions at Johns Hopkins is training our next generation of cybersecurity professionals.
I'm curious, what are the types of opportunities that you all are seeing demand for as people are coming to the university for training?
Well, there's demand for a lot of things.
At the university, we prepare people for leadership positions in the cybersecurity field.
But that doesn't have to be where everybody goes in cybersecurity.
There is actually a lot of demand for a lot of people with skills. And it doesn't take a master's degree.
In a lot of cases, it doesn't even take a bachelor's degree. You get a couple certifications,
like an A plus or security plus certification, and a certification in some security product,
and you can actually start working, managing that product right off the bat.
Now, I remember when the CSI television shows
started coming out,
that there was a flood of people going to universities
to learn to be forensic people,
and then there was a flood of people looking for those jobs,
and the jobs weren't available.
Is that a situation in cyber?
Cyber is certainly hot right now.
Yeah, I don't see any slowdown in the demand for people in cybersecurity.
It's going to be big as long as companies are losing money to cybersecurity events.
So for the person coming out of high school who's maybe considering a career in cybersecurity,
what kinds of things should they be considering as they're looking for
where to get their next round of education? Well, it depends on what their goals are, but let's take someone who's college-bound.
I would recommend that they major in computer science and focus as much as they can on security
during the course of their education at whatever institution it is they're going to.
Joe Kerrigan, thanks for joining us.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
And that's The Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening.
Your business needs AI solutions that are not only ambitious, Thank you. secure AI agents connect, prepare and automate your data workflows helping you gain insights
receive alerts
and act with ease
through guided apps
tailored to your role
data is hard
Domo is easy
learn more at
ai.domo.com