Learn more about your ad choices. Visit megaphone.fm/adchoices
CyberWire Daily
The CyberWire 2.1.16
- You're listening to the Cyberwire network, powered by N2K. - With the Lulu Lemon, the real gift happens when they're living in it. When you give the fan favorite everywhere belt bag, the real gift is... - When the ultra soothing rest feel slides are the gift, you're really giving them... - This holiday, Lulu Lemon makes it easy to give a little luxuries that go beyond. Open the moment, shop now at lululemon.com. - Hey everybody, Dave here. I want to talk about our sponsor, LegalZoom. You know, I started my first business back in the early 90s, and oh, what I would have done to have been able to have the services of an organization like LegalZoom back then. Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff, the registrations of the business, so the taxes, all of those things that you need to go through when you're starting a business, the hard stuff, the stuff that sucks up your time when you just want to get that business launched and out there. Well, LegalZoom has everything you need to launch, run, and protect your business all in one place. And they save you from wasting hours making sense of all that legal stuff. Launch, run, and protect your business to make it official today at legalzoom.com. You can use promo code cyber10 to get 10% off any LegalZoom business information product excluding subscriptions and renewals that expires at the end of this year. Get everything you need from set up to success at legalzoom.com and use promo code cyber10 that's legalzoom.com and promo code cyber10. LegalZoom provides access to independent attorneys and self-service tools. LegalZoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm, LegalZ Legal Services LLC. Distributed denial of service attacks are rising, they're cheap to mount and they can pay off in several ways. Dr. Webb warns of trojanized games in the Google Play Store, save harbors no more, and we take a quick look at the sudden decline and strange story of Threat Intelligence Media Darling Norse Corporation. I'm Dave Bittner in Baltimore with your Cyberwire summary for Monday, February 1st, 2016. Some of today's more interesting news comes from industry. Norse Corporation seems to be on its way out. A threat intelligence shop which even casual cyber watchers have gotten to know for its eye-catching and widely linked threat map, not to mention its Viking helmet trade show swag, Norse apparently began winding down operations over the weekend. Its sites are down today including that famous threat map. Brian Krebs reports that the company seems to be imploding. CEO Sam Glines was deposed this weekend and their speculation that the company's remaining assets will be folded into solar flare which shares some investors with Norse. But this remains speculation. No one in a position to know is offering comment. Norse's threat map whose look recalled the Whopper's nuclear exchange simulations from the movie War Games was surely a very compelling contributor to the company's rise. As a threat intelligence operation Norse relied on widespread deployment of honey net sensors. Its critics tended to regard its use of such sensors as uncritical and prone to representing reconnaissance and even entirely innocent crawling and searching as attack traffic. Krebs traces the company's troubles back through some ventures its leadership had been involved with through the 1990s. Norse went through a round of layoffs at the beginning of this January and one of the laid-off former chief architect Jason Bellich rises to the company's defense in Krebs' comments and elsewhere. Bellich disputes what he reads as Krebs' imputations of a connection between ancestor ventures and Norse itself. Krebs stands by his reporting. Perhaps the last word for now should go to blogger Robert M. Lee who while offering his own opinions concerning Norse's intelligence products reminds everyone following the story that many of those who worked at Norse were talented and serious professionals. May those who merit a soft landing receive one as swiftly and softly as possible. Moving back to threats, a guilty plea in a doxing case against a Kosovar ISIS sympathizer arouses new concerns that ISIS has acquired personally identifying information on US military and government personnel. ISIS has made it known that it has what it calls "crusaders" on its watch list. In a different doxing operation, this one by hacktivist Stephen Singh animus against US police departments, emails and other information exchanged by members of police unions are exposed to inspection. Patriotic cyber rioting continues to flare in the Caucasus as Armenian and Azerbaijani hacktivists strike at their antagonist governments. Some of the more recent incidents involve Armenian hackers affiliated with the Montemel Konyan Cyber Army, observed their National Army Day last week with a denial of service campaign against multiple government agencies in Azerbaijan. They followed this up with a doxing operation that pulled information from compromise Azerbaijani official sites. Likocuses is not the only place where DDoS is a problem. It's a mounting challenge everywhere. British Bank HSBC recovered over the weekend from a distributed denial of service attack that disrupted month-end payrolls and tax filing, and this incident was no outlier. DDoS attacks continue to proliferate. They're relatively inexpensive to mount. They can deliver either a direct extortion payoff or serve as a misdirection for more serious attacks, and the growing Internet of Things offers opportunities for botnet wranglers. Hence, as a Chicago Tribune headline puts it, "Forget power stations, worry about toasters." Those who like their games take heed, while Google monitors and controls access to Google Play, an app's appearance there is no infallible sign that the app is safe. Researchers at Dr. Webb warned that they've found more than 60 Trojanized games in the store. In industry news not connected to Norse's fortunes, Symantec closed the Veritas sale as it continues to refocus on its core security business. Fortinet's good earnings tied last week lifted the share price boats of Cyberarc and Palo Alto Networks, too. And finally, there was no happy landfall in any Atlantic safe harbor. The agreement between the U.S. and the EU has lapsed. National European privacy authorities are expected to announce their next move this Wednesday. So, you want to be a marketer. It's easy. You just have to score a ton of leads and figure out a way to turn them all into customers. Plus, manage a dozen channels, write a million blogs and launch 100 campaigns all at once. When that's done, simply make your socials go viral and bring in record profits. No sweat. Okay, fine. It's a lot of sweat. But with HubSpot's AI-powered marketing tools, launching benchmark breaking campaigns is easier than ever. Get started at HubSpot.com/marketers. And now, a word from our sponsor, No Before. It's all connected, and we're not talking conspiracy theories. When it comes to InfoSec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. No Before, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. No Before's Security Coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike, and Cisco, 35 vendor integrations, and counting. Security Coach analyzes your security stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real-time coaching campaigns targeting risky users based on those events from your network, endpoint identity, or web security vendors. Then, coach your users at the moment the risky behavior occurs, with contextual security tips delivered via Microsoft Teams, Slack, or email. Learn more at nobefore.com/securitycoach, that's nobefore.com/securitycoach. And we thank No Before for sponsoring our show. Imagine this, your primary identity provider goes down, whether it's a cloud outage, network issue, or even a cyber attack. Suddenly, your business grinds to a halt. But what if it didn't have to? Meet identity continuity from Strata, the game-changing solution that keeps your business running smoothly no matter what. Whether your cloud IDP crashes or your on-prem system faces a hiccup, identity continuity seamlessly shifts authentication to a secondary or even tertiary IDP, automatically and without disruption. Powered by the Mavericks Identity Orchestration Platform, identity continuity uses smart health checks to monitor your IDPs availability and instantly activates failover strategies tailored to your needs. When the coast is clear, it's a seamless switchback. No more downtime, no lost revenue, no frustrated customers, just continuous secure access to your critical applications every single time. Protect your business from the high costs of IDP outages, with identity continuity from Strata, downtime is a thing of the past. At strata.io/cyberwire to learn how Strata's identity continuity can provide seamless enhanced capabilities to your existing identity fabric, and receive a free set of AirPods Pro. I'm joined by Joe Carrigan, he's a senior security engineer at the Johns Hopkins Information Security Institute. They're one of our academic and research partners, Joe, obviously, one of the missions at Johns Hopkins is training our next generation of cybersecurity professionals. I'm curious, what are the types of opportunities that you all are seeing demand for as people are coming to the university for training? Well, there's demand for a lot of things. At the university, we prepare people for leadership positions in cybersecurity field, but that doesn't have to be where everybody goes in cybersecurity. There's actually a lot of demand for a lot of people with skills, and it doesn't take a master's degree, and in a lot of cases, it doesn't even take a bachelor's degree. Really? You get a couple of certifications, like a security plus certification, and a certification in some security product, and you can actually start managing that product right off the bat. Now, I remember when the CSI television shows started coming out, that there was a flood of people going to universities to learn to be forensic people, and then there was a flood of people looking for those jobs, and the jobs weren't available. Is that the situation in cyber? Cyber is certainly hot right now. Yeah, I don't see any slowdown in the demand for people in cybersecurity. It's going to be as long as companies are losing money to cybersecurity events. So for the person coming out of high school who's maybe considering a career in cybersecurity, what kinds of things should they be considering as they're looking for where to get their next round of education? Well, it depends on what their goals are, but let's take someone who's college bound. I would recommend that they major in computer science, and focus as much as they can on security during the course of their education at whatever institution it is they're going to. And thanks for joining us. The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now employees, apps, and networks are everywhere. This means poor visibility, security gaps, and added risk. That's why CloudFlare created the first-ever connectivity cloud. Visit cloudflare.com to protect your business everywhere you do business. And that's the CyberWire. We are proudly produced in Maryland by our talented team of editors and producers. I'm Dave Vittner. Thanks for listening. And now a word from our sponsor NordPass. NordPass is an advanced password manager from the team behind NordVPN. Designed to help keep your business safe from data leaks and cyber threats. It gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords. Right now you can go to www.nordpass.com/cyberwire for 35% off the NordPass business yearly plan. Don't miss out on that. [MUSIC]