Mike Mimoso and Chris Brook discuss the news of the week, including the latest on the BlackEnergy APT Group, Amazon getting into the SSL certificate game, and government agencies being told to audit their systems for the Juniper backdoor. Download: news_wrap_01-29-16.mp3 Music by Chris Gonsalves

Most U.S. government agencies have until Feb. 4 to audit their IT infrastructure for the use of backdoored Juniper Networks’ Netscreen firewalls. Letters went out late last week from the House Oversight & Government Reform Committee to the leaders of the various agencies asking them to provide the committee with a report on whether the...

Researchers believe a single group is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists. For four years the group has used a cornucopia of spearphishing emails, a watering hole attack, and a backdoor Trojan to carry out espionage. Dubbed Scarlet Mimic, the attacks are primarily spread through...

Twitter’s decision to notify users when their accounts are targeted in state-sponsored attacks earned its share of praise. But Twitter’s silence in terms of specifics about the attacks—whether by choice or gagged by a National Security Letter—has foisted some anxiety upon those who were notified. A few of the estimated 50 recipients happened to be...

The Food and Drug Administration (FDA) issued a new set of draft guidelines on Friday in hopes that medical device manufacturers not only address cybersecurity risks before they design products, but also during the maintenance of those products. FDA outlines cybersecurity recommendations for medical device manufacturers. https://t.co/d58cWW3ecJ — U.S. FDA (@US_FDA) January 15, 2016 The...

Researchers have uncovered a new remote access Trojan (RAT) that can evade sandbox analysis, is adept at carrying out espionage, and is being used in targeted threat operations. Named Trochilus, the malware is part of a multi-pronged malware operation that researchers at Arbor Networks are calling the Seven Pointed Dagger (.PDF). The cluster also includes malware such as PlugX, the 9002...

Juniper Networks announced late Friday it was removing the suspicious Dual_EC_DRBG random number generator from its ScreenOS operating system. And while that’s heralded as a positive move considering Dual_EC’s dubious origins, there remain important and unanswered questions about Juniper’s decision to include what is considered to be a backdoored random number generator in its NetScreen...

European authorities dismantled a cybercrime ring last week responsible for a series of ATM attacks that ultimately led to substantial financial losses across Europe. Authorities apprehended eight Romanian and Moldovan nationals in connection with the ring following a series of house searches in the two countries last week, according to Europol, which announced the news last Thursday via press...

While the “Going Dark” debate over encryption standards rages on here in the ­­United States, government officials in the Netherlands this week released a statement that actually calls for stronger encryption and rejects backdoors entirely. On Monday officials said, citing respect for privacy and confidentiality, they were staunchly opposed to against any legislation that would...

The NSA’s subversion of encryption standards may have come home to roost. As more eyes examine the Juniper backdoor in ScreenOS, the operating system standing up its NetScreen VPNs, it’s becoming clear that someone backdoored the NSA backdoor in Dual_EC_DRBG, opening the door to passive decryption of any VPN traffic moving through a NetScreen gateway....