Zero Day Weekly: New OPM cyber-advisor, FireEye revenue facepalm, ProtonMail attacked

Welcome to Zero Day's Week In Security, ZDNet's roundup of notable security news items for the week ending November 6, 2015.

From ZDNet: Hacker claims $1 million iOS 9 exploit bounty "Premium exploit platform Zerodium has announced the payout of a seven-figure prize to a team which has provided a remote exploit for Apple's latest mobile operating system, iOS 9. Announced on Monday, Zerodium said a team has managed to provide an exclusive exploit for use against iPhone users running iOS 9, leading to an award of $1 million."

From We Live Security: UK and US banks to face transatlantic cyberattack test "Financial institutions in the UK and US will participate in a major, transatlantic exercise this month, which will assess the industry's ability to respond to a cyberattack. Operation Resilient Shield, which is being led by CERT-UK, the UK's national computer emergency response team, was described by the Telegraph as "the most sophisticated test of communications and coordination to date."

From The Street: FireEye's Revenue Miss Will Weigh on Cyber Security Industry "Shares of FireEye (FEYE - Get Report) plunged nearly 24% Thursday after beating on earnings per share estimates but missing analysts' revenue expectations. Worse, FireEye provided weaker-than-expected revenue guidance." See also: FireEye Has 'Darker Days' Ahead, Dan Ives Warns (Benzinga)

From ZDNet: Security vendor roundup: Symantec Q2 mostly flat, FireEye billings fall short "Security giant Symantec reported second quarter earnings and revenue Thursday, with results generally in line with expectations. The Mountain View, Calif.-based company reported a net income of $156 million, or 23 cents per share (statement). Non-GAAP earnings were 44 cents per share on a revenue of $1.5 billion."

From Reuters UK: U.S. OPM, victim of large scale data hack, hires new cyber adviser "The Office of Personnel Management appointed a new cyber and information technology adviser on Wednesday, part of its plan to strengthen cybersecurity after hackers compromised the personal information of 21 million federal workers. Clifton Triplett, who has advised Fortune 200 companies in a range of industries and has a military background, will help coordinate the agency's response to cyberattacks and complete its plan to mitigate future incidents, OPM said in a statement."

From ZDNet: XcodeGhost iOS malware leaves China, strikes US enterprises "A new variant of XcodeGhost has been discovered in the wild, leaving China behind to tackle US companies. In September this year, researchers discovered malware able to infect legitimate Apple iOS applications. The malicious code, known as XcodeGhost, lurked within at least 4000 legitimate iOS apps offered to the Chinese market, placing millions of users at risk."

From ZDNet: WA agencies failing to secure sensitive data "Western Australian government agencies are not adequately protecting sensitive information from attackers to prevent unauthorised access and data loss, according to Western Australian Auditor General Colin Murphy. In his latest two-part audit report into the Western Australia government's information systems [PDF], Murphy looked at how seven government agencies - Murdoch University, Legal Aid, Department of Health, Curtin University, Department of Local Government and Communities (DLGC), Drug and Alcohol Office, and Department of the Attorney General - were managing the security of their databases. He said 115 weaknesses were identified in all seven key areas that were examined. These seven areas included attack surface, account security, system hardening, patching, data protection, auditing and monitoring, and backdoors and misconfiguration."

From SC Magazine: Thousands of legitimate iOS apps discovered containing ad library backdoors "More than 2,000 iOS apps stocked in Apple's legitimate App Store reportedly contained backdoored versions of an ad library, which could have allowed for surveillance without users' knowledge. iBackDoor, as FireEye researchers call their findings, could have allowed impacted apps to remotely capture audio and screenshots; monitor and upload device locations; post encrypted data to remote servers; and read, delete, and modify files in the app's data container, among other actions."

From ZDNet: BlackBerry promises monthly Android patches; can override carriers for critical hotfixes "BlackBerry has joined other Android phone makers by promising timely security fixes. The smartphone maker said Wednesday it will join other device makers by rolling out security patches within about a month of their initial disclosure. BlackBerry, now an Android phone maker following the debut of its first phone running the software, said in a blog post that it was "critical" to fix Android flaws in a timely fashion."

From Security Week: Powerful DDoS Attack Cripples ProtonMail Service For Days "Geneva-based encrypted email service ProtonMail has been offline for most of the past two days after being targeted by what the company is calling an "extremely powerful DDoS attack." The email service, developed by CERN scientists, was knocked offline on Nov. 3 when attackers started flooding their IP addresses with bogus traffic. In a blog post, the company explained that the attack took down several other tech companies as well, along with some banks."

From SC Magazine: Goldman invests 35 million in iboss "Iboss Cybersecurity raised $35 million from Goldman Sachs' Private Capital Investing group, in a Series A transaction that values the company in excess of $500 million. The San Diego, California-based cyberanalytics firm provides threat monitoring and response services for clients that include Xerox, Sears and the U.S. Department of the Interior."