Learn more about your ad choices. Visit megaphone.fm/adchoices
you're listening to the cyberwire network powered by N2k this is the energy of electrification available type S high performance variant nearly 500 horsepower and 278 mile EPA range range choose from our complimentary charging packages so you can charge how you want the all-electric Acura ZDX this is the energy of innovation Acura precision crafted performance this your local accurate dealer to lease the all-electric ZDX for three hundred eighty nine dollars a month hey everybody Dave here I want to talk about our sponsor legal zoom you know I started my first business back in the early 90s and oh what I would have done to have been able to have the services of an organization like legal zoom back then just getting all of those business ducks in a row all of that technical stuff the legal stuff the registrations of the business so the taxes all of those things that you need to go through when you're starting a business the hard stuff the stuff that sucks up your time when you just want to get that business launched and out there well legal zoom has everything you need to launch run and protect your business all in one place and they save you from wasting hours making sense of all that legal stuff launch run and protect your business to make it official today at legal zoom calm you can use promo code cyber 10 to get 10% off any legal zoom business information product excluding subscriptions and renewals that expires at the end of this year get everything you need from set up to success at legal zoom calm and use promo code cyber 10 that's legal zoom calm and promo code cyber 10 legal zoom provides access to independent attorneys and self-service tools legal zoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ legal services LLC troquillism malware cluster hits southeast Asian NGOs post mortems on the cyber attack against Ukraine's grid continue with worries for the future and another warning about squirrels western governments look for technical and messaging responses to ISIS cyber tension rises between Saudi Arabia and Iraq common-sense lessons from recent law enforcement actions and Vassanar comes under U.S. congressional scrutiny today I'm Dave Bittner in Baltimore with your cyberwire summary for Tuesday January 12th 2016. Arbor Networks describes a multi-pronged malware campaign targeting sites most of them belonging to non-governmental organizations in Southeast Asia there's no formal attribution of the malware cluster yet which Arbor is calling troquillis but the campaign sophistication and choice of targets suggests to some observers that it was mounted by China's government the internet storm center has published an account of the XLS dropper that seems implicated in the black energy attack on Ukraine's power grid ESET which was early to the investigation summarizes what's known and what remains unknown about the attack observers Glamli agree that the incident is a bellwether not an outlier and warn that utilities should expect more attacks in 2016 some like the foundation for resilient societies note that the attack in western Ukraine seems to have operated by striking substations and that regulatory regimes for the power distribution industry tend to neglect substations for all the warnings however were reminded again today by Sophos's naked security blog that squirrels have a far greater track record of success against the grid than hackers increasing sectarian and political tensions between Saudi Arabia and Iran inflamed a guttural regional cyber riot in which many expect to see the governments themselves join if they haven't already Proclamations of fealty to ISIS emerge from the Philippines European governments continue to work toward closer cooperation against extremism and its resultant terror the US departments of state and defense show signs of looking beyond technical approaches to fighting ISIS and toward more aggressive counter messaging but some American watchers think the new style of information operations even if it gets its messaging right will soon find itself entangled with legal and organizational obstacles Akamai warns that a malicious search engine optimization scheme is using sequel injection to goose search hits a flaw in eBay is reported to have rendered user credentials vulnerable to compromise fake login pages may have enabled hackers to steal usernames and passwords European data center services provider interzion discloses a breach in its CRM system that may have exposed sensitive customer information the Russian hacker worm associated in recent years with attacks on the BBC the Bank of America and Adobe claims to have successfully broken into Citrix worms identity remains unknown it's not even known if worm is a single individual or a group some Dell customers report being contacted by unusually plausible scammers who know a lot about their Dell accounts the calls aren't from Dell and Dell which is investigating says it hasn't been hacked so where the data came from remains a mystery trend micro has patched a remote execution bug in its antivirus software a Google researcher discovered and disclosed the vulnerability today is the day Microsoft and support for Windows 8 and for versions 7 through 10 of Internet Explorer from which Redmond is transitioning to edge Drupal moves to improve the security of its update process and analysts take stock of Juniper's announcement that it's ending use of the backdoor dual EC DR BG pseudo random number generator security experts draw some familiar lessons from this week's takedown of a Romanian ATM hacking gang and the recent guilty plea by a former baseball executive who intruded into the rival club system first old unpatched software is inherently risky take note users of Windows 8 and Internet Explorer and second pay close attention to common sense cyber hygiene especially when employees transition in or out of your organization industry continues to dislike proposals by various governments to mandate week encryption or installation of back doors while experts differ the emerging consensus is that the effect of doing so would be to increase the vulnerability of Internet users without realizing any compensatory gains in security industry is also leery of cyber arms control agreements which some see is tending toward the criminalization of legitimate security research the U.S. House of Representatives Committee on Oversight and Government Reform is holding hearings this afternoon on proposed the U.S. implementation of the Vossner cyber arms control regime Symantec VMware and Microsoft will be testifying and from what we've heard from Symantec their testimony isn't exactly going to be a mash note to the Department of Commerce and State various cyber story stocks including perennial market darling fire eye experience a sell-off but investment analysts remain generally bullish on the sector nice systems agreed yesterday to purchase analytics shop next Zidia for 135 million dollars Bloomberg speculates about 2016 tech IPOs their list of IPO candidates includes two cyber security firms tenable network solutions and tanium this episode is brought to you by Amazon the holidays are here and you know what that means it's time to get your friends and family the gifts they deserve take the stress out of shopping with Amazon's great deals and low prices on a huge range of items from toys to tech and much more whoever you're gifting for Amazon has great prices on everything you need this holiday season shop Black Friday week deals now and now a word from our sponsor know before it's all connected and we're not talking conspiracy theories when it comes to InfoSec tools effective integrations can make or break your security stack the same should be true for security awareness training no before provider of the world's largest library of security awareness training provides a way to integrate your existing security stack tools to help you strengthen your organization security culture no before's security coach uses standard API's to quickly and easily integrate with your existing security products from vendors like Microsoft CrowdStrike and Cisco 35 vendor integrations and counting security coach analyzes your security stack alerts to identify events related to any risky security behavior from your users use this information to set up real-time coaching campaigns targeting risky users based on those events from your network endpoint identity or web security vendors then coach your users at the moment the risky behavior occurs with contextual security tips delivered via Microsoft teams slack or email learn more at know before calm slash security coach that's know before calm security coach and we thank know before for sponsoring our show the holidays are coming and everything's a glow give your loved one a reason to sparkle with jewelry from blue Nile right now blue Nile is offering special Black Friday and Cyber Monday deals save up to 50 percent on the season's most stunning trends or keep it classic with an endless selection of bold gold styles gemstone jewelry and eternally stylish diamond pieces shop now for up to 50 percent off jewelry at blue Nile calm the original online jeweler that's blue Nile calm blue Nile calm imagine this your primary identity provider goes down whether it's a cloud outage network issue or even a cyber attack suddenly your business grinds to a halt but what if it didn't have to meet identity continuity from strata the game-changing solution that keeps your business running smoothly no matter what whether your cloud IDP crashes or your on-prem system faces a hiccup identity continuity seamlessly shifts authentication to a secondary or even tertiary IDP automatically and without disruption powered by the Mavericks identity orchestration platform identity continuity uses smart health checks to monitor your IDP's availability and instantly activates failover strategies tailored to your needs when the coast is clear it's a seamless switchback no more downtime no lost revenue no frustrated customers just continuous secure access to your critical applications every single time protect your business from the high costs of IDP outages with identity continuity from strata downtime is a thing of the past visit strata.io/cyberwire to learn how Strata's identity continuity can provide seamless enhanced capabilities to your existing identity fabric and receive a free set of AirPods Pro Joining me is John Patrick editor the cyberware John today the US House of Representatives are holding hearings on the implementation of Vassanar start us off here what is Vassanar? Vassanar is an arms control agreement its formal name is the Vassanar arrangement on export controls for conventional arms and dual use goods and technologies and right now some 40 countries are parties to Vassanar so is this a treaty no it isn't it isn't a treaty it's an export control regime and what that means is that all the important action with respect to Vassanar lies in how the parties do the arrangement decide to implement it so what do you have to do to be a part of Vassanar to be admitted to the Vassanar arrangement a state has to meet several requirements first it must produce or export arms or sensitive industrial equipment it should follow non-proliferation policies and it should especially adhere to the policies of the nuclear suppliers group the missile technology control regime the nuclear non-proliferation treaty the biological weapons convention the chemical weapons convention and the like and it must maintain fully effective export controls here in the U.S. who is in charge of implementing it in the U.S. the Department of Commerce and specifically its Bureau of Industry and Security so why is Vassanar so controversial it's controversial it's been around for a while the agreement itself has been around since 1996 and it became important to cybersecurity only in the last few years as cyberspace has increasingly become a domain of conflict and various cyber tools have increasingly been seen as and used as weapons and so in December of 2013 there were plenary meetings at Vassanar that reached an agreement on controlling what they call intrusion and surveillance items so the Commerce Department of Bureau of Industry and Security has published a proposed implementation of the new arrangement and they did that just this past summer and that implementation effectively proposes requiring a license to export re-export or transfer in country cybersecurity items all right well who could possibly object to all that yeah a lot of people object to it the proposed implementation has been to say the least coldly received by industry and industry regards the perspective rule is effectively restricting and in some cases even criminalizing what it hitherto been considered perfectly legitimate kinds of research and the objections haven't just come from industry that the electronic frontier foundation which is not generally seen it's just a shill for the IT biz has called the proposed rule an unworkably broad set of controls then the Facebook would prohibit for example sharing vulnerability research without a license so the US House of Representatives Committee on Oversight and Government perform is the outfit holding the hearings this afternoon and I'm sure they will receive some interesting and vigorous testimony all right John thanks again for joining us the IT world used to be simpler you only had to secure and manage environments that you controlled then came new technologies and new ways to work now employees apps and networks are everywhere this means poor visibility security gaps and added risk that's why cloudflare created the first ever connectivity cloud visit cloudflare.com to protect your business everywhere you do business so you want to be a marketer it's easy you just have to score a ton of leads and figure out a way to turn them all into customers plus manage a dozen channels write a million blogs and launch a hundred campaigns all at once when that stunt simply make your socials go viral and bring in record profits no sweat okay fine it's a lot of sweat but with HubSpot's AI powered marketing tools launching benchmark breaking campaigns is easier than ever get started at HubSpot.com/marketers and that's the cyberwire we are proudly produced in Maryland by our talented team of editors and producers. I'm Dave Bittner thanks for listening and now a word from our sponsor NordPass. NordPass is an advanced password manager from the team behind NordVPN designed to help keep your business safe from data leaks and cyber threats it gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords right now you can go to www.nordpass.com/cyberwire for 35% off the NordPass business yearly plan don't miss out on that (gentle music) [BLANK_AUDIO]