In-brief: what’s a good password? According to new guidelines from NIST: one that hasn’t already been stolen by hackers.
Government
FBI: Business Email Compromise is a $5 Billion Industry
In-brief: the FBI is warning the public to beware of business email compromise attacks, saying that they have cost U.S. businesses more than $1.6 billion in losses since 2013.
Updated: Intel Fixes ‘Nightmarish’ Firmware Flaw But Nobody’s Safe
In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)
Estonia 10 Years Later: Lessons learned from the World’s First Internet War
In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there were many lessons in that incident – some of which the U.S. and its allies are still struggling to learn.
Update: Emboldened, Fancy Bear hacking crew targets French, German Politicians
In-brief: emboldened by media attention for its escapades in the U.S. Presidential election, the hacking crew known as “Fancy Bear” is targeting political parties in France as well as Germany, the firm Trend Micro reported on Tuesday – the latest evidence of meddling in foreign affairs. (Editor’s note: updated to add comment by Michael Sulmeyer, Director of the Cyber Security Project at Harvard University’s Belfer Center. PFR Apr 25 2017.)
