"Parastoo's" recent attacks on the International Atomic Energy Agency looks more like an Iranian government operation than pure hacktivism. Actual hacktivists, however, stay busy: DARWINARE (prominent in OpIsrael) compromises a Michigan State University database and Anonymous chatter indicates a forthcoming attack on the International Telecommunications Union.
Swiss intelligence services catch one of their own leaking sensitive US and British intelligence data. Visitors to Trading Forex risk infection by a malicious Java applet. Gameover Zeus is spreading via the Cutwail botnet. Insurance companies Nationwide and Allied suffer major data breaches affecting more than a million users.
People answering the phone are still too trusting. Fake "tech support" calls remain effective, and the Duchess of Cambridge's pregnancy was revealed by social engineering. (Her hospital spilled to Australian shock jocks pretending to be Queen Elizabeth.)
Booz Allen predicts the top financial cyber trends for 2013. More BYOD and burgeoning Android malware combine into a serious problem for businesses.
US agencies are told to prepare for budget sequestration. SRA buys MorganFranklin's national security business and Emulex makes an offer for Endace. Citigroup announces 11,000 layoffs, many of them technology workers. The Daily Record publishes a guide for cyber security entrepreneurs, focused on Maryland but of interest to the industry as a whole.
US Customs and Border Protection says software legally originates where it was converted to object code. The US Congress, German and Canadian governments, Google, Mozilla, Facebook, and many others find themselves agreeing with Anonymous that the ITU's proposed Internet regime is problematic.
Today's issue includes events affecting Australia, Belize, Canada, European Union, Germany, Guatemala, Iran, Israel, Italy, Kyrgyzstan, Netherlands, New Zealand, Russia, Saudi Arabia, Spain, Switzerland, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
U.S. Cyberwar escalates(Daily Beast) Amateur hackers or Iranian pros? Clues suggest the most recent cyber-attack on the International Atomic Energy Agency may be more than a prank. The latest hack against the computer servers of the International Atomic Energy Agency (IAEA)
Michigan State University Hacked(eSecurity Planet) Hacker DARWINARE recently published approximately 1,500 names, e-mail addresses, encrypted passwords, user IDs and mailing addresses stolen from Michigan State University."The hack was announced by the hacker on the Twitter with a link to [an] AnonPaste [page]," writes E Hacking News' Sabari Selvan. "According to the hacker's statement, he…extracted the database by [a] MySQL Oracle Database Backdoor.""@Darwinare has been leaking [the databases] of many high profile companies and universities, including the database of [the] University of Colorado," HackRead reports. "The hacker also played a vital role during #OpIsrael"
Swiss spy agency warns U.S., Britain about huge data leak(Reuters) Intelligence agencies in the United States and Britain are among those who were warned by Swiss authorities that their data could have been put in jeopardy, said one of the sources, who asked for anonymity when discussing sensitive information. Swiss authorities arrested the technician suspected in the data theft last summer amid signs he was acting suspiciously. He later was released from prison while a criminal investigation by the office of Switzerland's Federal Attorney General continues, according to two sources familiar with the case
Spoofed RapidFax alert carries hard-to-detect Trojan(Help Net Security) Malicious email alerts purportedly being sent by RapidFax, a service that allows users to send faxes online without the need for a fax machine, have been hitting inboxes in the last few days
FOREX Web Site Pushes Malware(eSecurity Planet) Websense researchers recently found that the Web site Trading Forex, at tradingforex. com, has been injected with a malicious Java applet designed to install malware on visitors' systems."The company has raised the prospect that such an attack may constitute a shift in the way some cyber criminals work, suggesting they may now be looking to attack easier targets with online systems and less mature security systems, compared to banks and stock exchanges," writes IT PRO's Jane McCallion."The Java applet planted on the website attempts to install a malicious executable written in Visual Basic. Net and requires
Gameover Zeus Variant Sends Malicious Email Via Cutwail Botnet(Threatpost) The crew responsible for operating the Gameover variant of the infamous Zeus banking trojan is soliciting the enormous Cutwail botnet's spamming capacity as an engine to fire off millions of malicious emails that seemingly originate from a number of recognizable U.S. banks
Zeus Botnet Eurograbber Steals $47 Million(InformaitonWeek) Sophisticated, targeted attack campaign enabled criminals to steal an estimated $47 million from more than 30,000 corporate and private banking customers
Nationwide, Allied Insurance Breach Hits 1.1 Million Users(Threatpost) An estimated 1.1 million consumers are at risk of identity theft after theives broke into servers belonging to Nationwide and Allied insurance companies. Victims include current policyholders and those who sought insurance quotes. The breach took place Oct. 3 and was discovered the same day. Nationwide immediately contacted authorities, but it waited to inform consumers directly. Earlier news accounts offered some hints at the scope of the breach, including some 30,000 victims in Florida and Ohio and 90,000 in Iowa
Hackers Hit Ex-Military Head(Wall Street Journal) Federal Bureau of Investigation is pursuing foreign hackers who targeted the computers of retired Adm. Mike Mullen, the former chairman of the Joint Chiefs of Staff, in the latest example of what current and former officials call a pattern of attacks on computers of former high-ranking U.S. officials
Lost mobile device impacts 1,800 home infusion patients(Clinical-Innovation) The loss of an unencrypted handheld Palm device in the Continuum Home Infusion unit of the University of Virginia Medical Center has resulted in a data breach of protected health information. More than 1,800 patients or potential patients were affected. The device had information on patients who received home infusion services during September or who were referred to Continuum for services from August 2007 through September 2012
Abuse of .EU domains by malware gangs continues despite Registrar notification(Naked Security) What do you do when attackers are abusing legitimate domain Registration services? How do you stop or at least disrupt the malicious attacks? Reporting the incident to the appropriate Registrar is the correct course of action, but as you can read, doing so does not necessarily guarantee results
WCSU Admits Major Security Lapse(eSecurity Planet) Western Connecticut State University recently began notifying students and their families that their personal information, including their Social Security numbers, may have been exposed due to an unidentified "computer system vulnerability." The university says it has no evidence at this point that the records were ever accessed inappropriately. The vulnerability, which existed from April 2009 to September 2012, affects 233,880 people whose records had been collected beginning in 1999, including students, their families, and others, including high school students whose SAT scores had been purchased in lists
Fake tech support calls - revisited(Internet Storm Center) Back when this scam started to become "popular", the caller usually claimed to be from Microsoft or any other large well known techie company, and tried to talk the person answering into running some commands or programs on the PC "in order to fix a critical problem". But the latest twist of this scam seems to get more targeted: We have had two reports of fake tech support calls where the caller claimed to be representing the firm to which the called company had in fact outsourced its IT Support
Small Medical Offices Biggest Risk to Patient Data Security, Privacy(Threatpost) Small physician practices, much like their small commercial business counterparts, have been the primary source of health care related data breaches, according to an analysis of breaches from 2009 to October 2012 released today by the Health Information Trust Alliance (HITRUST)
Know Thy Attackers(Bank Info Security) Why Information Sharing is Key to Security. Everyone is coming out with year-end predictions, but here's a list that caught my attention. Booz Allen Hamilton issued a list of the top 10 cyberthreat trends for financial services in 2013
Trusteer: More Chrome, 64-bit Windows Malware to Come in 2013(Threatpost) Tis the season for predictions and security firm Trusteer checks in today with a handful for the upcoming New Year. In a post on the company's blog, CTO Amit Klein distills Trusteer's top ideas into an infographic,. The company predicts the security landscape will see more exploits, specifically Man-in-the-Browser malware, targeting Google's Chrome browser, the further emergence of native 64-bit Windows malware and what the firm claims will be a more drawn out malware lifecycle
Mobile security concerns soar among IT managers(Fierce Mobile IT) Security concerns about mobile devices in the enterprise have soared among IT managers over the last three years, according to an annual endpoint security survey of IT managers conducted by the Ponemon Institute and security firm Lumension
BYOD security concerns are mounting(Fierce Mobile IT) As can be seen in two of the stories in today's newsletter, security concerns about BYOD are mounting as attacks against popular devices, such as Android, also mount. According to a survey by the Ponemon Institute, close to one-quarter of IT managers see mobile devices as a rising security threat to the enterprise. And security firm Sophos is warning about the explosive growth of malware targeting Android devices
Mobile traffic jams set to continue as users soar(Sydney Morning Herald) You're at a major sporting or music event, or at a train station during peak hour, and try to post about it on Facebook but it fails. Welcome to the 21st century, where 30. 2 million mobile voice and data services operate in Australia according to a new report by the communications regulator and mobile networks struggle to keep up
Death by software?(CSO) A Cyber Attack Results in a Human Death: WatchGuard hopes it is wrong in this prediction. But with more computing devices embedded in cars, phones, TVs and even medical devices, digitally dealt death is not only possible, it's plausible
Agencies Are Advised To Prepare For Cuts(New York Times) The White House sent a notice to federal agencies this week telling them to prepare for the possibility of deep automatic spending cuts at the end of the year, but President Obamas spokesman said he remained confident he can reach a deal with Congress to avoid that
Defense Department Prepares Plans for Sequestration(American Forces Press Service) The Defense Department has received guidance from the Office of Management and Budget and is now planning for sequestration, Pentagon Press Secretary George Little said today. Speaking during a press availability, Little stressed the department still hopes Congress will be able to avoid sequestration that would take effect Jan. 2, 2013
Federal Contract Spending Falls 4%(Washington Post) The Defense Department accounted for slightly more than half of the reduction in contract spending for 2012, trimming about $13 billion compared with the previous year. All other agencies cut about $11 billion combined. Jennings said a decrease in war spending probably helped the Defense Department's numbers
Better Spies, Not More(Los Angeles Times) The Defense Intelligence Agency is planning to dramatically expand the ranks of its covert "collectors" -- a.k.a. case officers or, more popularly, spies. It has 500 or so and hopes to double that number
TAPE, ARINC, MC Dean Teaming for Navy C5ISR Services IDIQ(Govconwire) TAPE LLC, ARINC and M.C. Dean are partnering to provide the U.S. Navy support services for the branch's C5ISR missions (command, control, communications, computers, combat systems, intelligence, surveillance and reconnaissance). TAPE said it won a position on a potential $98.7 million contract and the team will compete for task orders to support missions within cyber
SRA to Buy MorganFranklin's Natl Security Business(Govconwire) SRA International has agreed to acquire MorganFranklin's national security business in an effort to grow its defense, national security and health portfolios. SRA did not disclose terms of the deal and said the company expects to close the transaction by December. Approximately 180 MorganFranklin employees, many of whom are based at client sites in the
Endace gets takeover approach; kiwi gains(Yahoo Business Desk) Emulex, the NYSE-listed data storage maker, offered to buy Endace, at a 69 percent premium to its last trading price, winning over the target company's independent directors. A subsidiary of Emulex, El Dorado Research Venture, plans to offer 5 pounds a share cash for Endace, the New Zealand-based, London Stock Exchange listed company that commercialised cyber-security research done by Waikato University. The offer values Endace at 80.7 million pounds
Former GTSI CEO Sterling Phillips Joins USIS as Chief Executive, President(Govconwire) Altegrity has appointed former GTSI CEO Sterling Phillips to serve as chief executive and president for its US Investigations Services subsidiary, effective Jan. 1, 2013. USIS said Phillips will report to Altegrity CEO Sharon Rowlands and hold overall responsibility for USIS' investigative services division and global security solutions division, comprised of nearly 6,000 employees worldwide
85% of top IT executives consider abandoning Oracle's pricey contracts(Quartz) Oracle is a $156 billion corporate IT company with a big problem on its hands: in a recent survey of senior information-technology executives in charge of IT budgets greater than $50 million, 85% are trying to figure out how to get out of expensive license agreements with Oracle, reports the Register
Endgame Appoints New CEO(Dark Reading) Nathaniel Fick was most recently CEO of the Center for a New American Security (CNAS). Endgame, a provider of cybersecurity solutions that meet the most demanding challenges of the US Government's defense and intelligence organizations, today announced the appointment of Nathaniel Fick as Chief Executive Officer
Apple to Invest in Manufacturing Macs in US: CEO Cook(Businessweek) Apple Inc. (AAPL) plans to spend more than $100 million next year on building Mac computers in the U.S., shifting a small portion of manufacturing away from China, the country that has handled assembly of its products for years
Cybersecurity in Maryland(The Daily Record) A cottage industry is springing up to help cybersecurity entrepreneurs navigate the tricky waters of commerce in a culture that prizes stealth and secrecy
FireMon updates Security Manager platform(Help Net Security) FireMon announced an update to the Security Manager platform that provides more visibility and insight into the behavior of traffic on the network, and expanded analysis/reporting through a Web-based
Damballa Failsafe 5.1 Delivers Industry's First 'Breach Confirmation' and 'Instant Replay' Capabilities(BusinessWire) Advanced Threat Protection Inventions Reduce the Workload of Incident Response Teams While Vastly Improving Time-to-Remediation. Damballa Inc., the recognized experts in advanced threat protection, today unveiled Damballa Failsafe 5.1, the most advanced cyber threat solution for corporate networks. Damballa Failsafe 5.1 includes features that reduce the workload of over-tasked incident response teams, while vastly improving the time it takes to confirm and remediate a breach.
The Internet Giveth, And Taketh Away: Sometimes, Business Decisions Are Bad For Users(TechCrunch) Just when you thought everything on the Internet was shiny and happy, things like today's Instagram decision to pull support for Twitter cards happens. Instagram Co-Founder said at Le Web that it was purely a business decision and that the company feels like people should be able to see photos in their full glory...on Instagram's (updated) site, with profiles. That's cool, because well, it's
Red Hat releases new Enterprise Linux beta(IT World) Red Hat has released Enterprise Linux 6.4, a beta that deploys a number of new features, many of which are focused on interoperability with the Microsoft ecosystem
5 Steps For Good Database Hygiene(Dark Reading) Reduce risk to data through these database and web app good 'grooming' habits. Some of the most important ways to reduce risk boil down to the fundamentals of security. Keep systems well patched, prevent data from spreading around, make sure systems are properly segmented and watch where you store valuable log-in data. Much like flossing, these good habits require day-to-day maintenance that will reap long-term benefits. Here are what the experts say about the kinds of actions necessary to keep up on good database hygiene
Attack Intelligence-Sharing Goes 'Wire-Speed'(Dark Reading) And the project has some heavy-duty players behind it: The U.S. Department of Homeland Security (DHS), U.S. Computer Emergency Readiness Team (US-CERT), National Institute of Standards and Technology (NIST), Financial Services Information
Cloud Security Alliance Lays Out Mobile Device Guidance(Virtualization Review) The Cloud Security Alliance (CSA) recently released an assessment and threat report on the state of mobile computing. Titled "Security Guidance for Critical Areas of Mobile Computing," the 60-page document created by more than 60 participating CSA
NIST: No uniform approach to identity management(Fierce Government IT) Identity management is a major cybersecurity consideration for agencies but there is no standard approach to federated identity management, according to the National Institute of Standards and Technolog
Innovative CIOs show how to make money with IT(IT World) A select few CIOs are generating cold hard cash through innovation and collaboration. We rounded up examples of CIOs who generate revenue with IT, either by boosting sales or developing a product or service sold externally
Life really is a game--with a lot of clicks--and then you die(Quartz) A mindless game called Curiosity, the brainchild of the former creative director of Microsoft Game Studios Peter Molyneux, debuted early last month. This is a free app for iOS and Android users to deconstruct a giant cube that holds an even bigger secret, only to be revealed to the first person to reach the center. And to get there, you just tap on your screen. It's been exactly a month since launch, and we're still tapping. And tapping. Nobody knows what this prize is
CyberCop system, a Russian project against cybercrime(SecurityAffairs) This time I desire to speak about an interesting initiative of Group-IB company, a resident of the Moscow-based Skolkovo Foundation, that has received a grant in the amount of 30m rubles (approximately $966,000) for the development of a global counter-cybercrime system. The funds is co-financed by the Skolkovo Foundation which has provided 21m rubles ($676,000), and LETA Group also the Group-IBs controlling company. Im following the company since the pubblication of an interesting report on cybercrime activities conduced by the Russian mafia and other criminal organizations, the numbers are impressive, the figures are doubled in 2011
Auburn University unveils new cyber security facility(oanow) From protecting residents from the latest online phishing scams to safeguarding the nations security online, these guys have got you covered. Auburn University officially opened the doors to its Cyber and Security Center at the Auburn Regional Airport Wednesday, tapping retired Lt. Gen. Ronald Burgess to lead the universitys cyber initiative. I cant tell everybody how excited I am to be here, said Burgess, former director of the U.S. Defense Intelligence Agency and AU alumnus, as he addressed an audience that filled the Cyber Centers open source intelligence lab
Stanford names 2012 engineering heroes(EE Times) Stanford University has released its annual list of engineering heroes, with 2012's picks including both Yahoo founders, a former U.S. secretary of defense, an earthquake engineering pioneer and the inventor of cryptography. The seven, chosen from
Legislation, Policy, and Regulation
Software comes from the place where it's converted into object code, says CBP(Fierce Government IT) A software application's country of origin for purposes of government procurement depends on the location where the software build occurs and not on where the source code was written, Customs and Border Protection says in an advisory ruling issued earlier this year. CBP cites a landmark 1982 court case in which U.S. Court of International Trade ruled that the country of origin of a programmable read-only memory chip depends on where it is programmed and not on where the chip itself is made
Kyrgyz discuss cyber-security(Central Asia Online) Kyrgyz officials December 4-5 discussed their countrys efforts to fight cyber-terrorism at a conference sponsored by the OSCE and the NGO Civil Initiative on Internet Policy (CIIP). Kyrgyzstan doesnt have any cyber-security specialists, CIIP IT co-ordinator Artem Goryaynov said. "We need to apply a single state standard for protecting the confidential data of all government agencies and create an agency responsible for cyber-security."The Interior Ministry (MVD) has been fighting online terrorism and extremism for two years, MVD representative Rustam Aibashev said
Companies not investing enough on cyber-security: Ottawa(Montreal Gazette) Canadian companies may be skimping on IT security, leaving themselves and Canadians vulnerable to attacks from hackers, newly released records suggest. The documents from Public Safety Canada show that the scale of cyber-security threats is significant and many companies dont invest the required money or time in good IT security. How to solve this problem is something the Harper government has been investigating, according to records released to Postmedia News under access to information laws
The Dutch, the Yanks, the Cloud and YOU(Security Bistro) Recently a research project by the Amsterdam University [PDF Alert] revealed that US law allows for the US government to access information stored in the Cloud, by (ab)using the PATRIOT act. Multiple Dutch politicians have started asking questions from state secretary Teeven of the Justice Department as to whether he knew about this before the research project, and whether he did anything to prevent this or to warn Dutch citizens about this potential breach of privacy. He has since sent in an official answer
Physical and Cyber Infrastructure Protection Working Together(FederalNewsRadio.com) Jane, the NPPD leads the Department of Homeland Security's mission to enhance the protection and resilience of our nation's critical infrastructure - you know, the energy, transportation, communications, water, financial services - those things which
Australian privacy commissioner calls for mandatory data breach notification(Computer World) The Australian privacy commissioner and a consumer group supported mandatory data breach notifications, in comments submitted today to the Attorney General. Last week, the Australian Parliament passed a bill containing several amendments to privacy law. Among other things, the law gives Privacy Commissioner Timothy Pilgrim more powers, including the right to seek civil penalties for serious privacy breaches
Issa open source language comes under criticism(Fierce Government IT) Draft legislation proposed by Rep. Darrell Issa (R-Calif.) to overhaul federal information technology has drawn opposition for its section on open source software adoption
ITU's DPI standard leaks after email SNAFU(Register) Updated - vote approves DPI standard A moment of inattention has allowed the ITU's proposed deep packet inspection (DPI) standard to escape. The slip-up happened when an Australian CryptoParty activist Asher Wolf put out a public call on Twitter asking
The UN's ITU and the Internet: A Cautionary Tale(PJ Media) As the United Nations heads deeper into its Internet grab, a.k.a its 11-day telecom treaty conference, in Dubai, things aren't going so well for America and the friends of freedom. The Hill reports that "A joint proposal from the United States and Canada aimed at keeping Internet regulations out of a global telecommunications treaty failed to secure early approval from other countries on Tuesday" -- though talks may continue along these lines
Huawei rejects U.S. threat to national security claims(Homeland Security Newswire) In October the United States House Intelligence Committeeissued a report warning U.S. companies against using two Chinese companies, Huawei and ZTE, for their telecommunication technology needs. The report implied that the firms may be too close to Chinas Communist Party and its military. The report also suggested their products and services could pose a threat to the security of the United States
FTC Settles With Ad Network Over Browser History Sniffing(Threatpost) The FTC has reached a settlement with Epic Marketplace, a large online ad network, related to what the FTC says is the company's practice of sniffing users' browser history for the purpose of serving them targeted ads related to a variety of sensitive topics. The settlement bars Epic from performing history sniffing and requires the company to destroy all of the data it's collected from consumers up to this point through history sniffing
South Carolina Inspector General: Centralize Security(Healthcare Infomation Security) As a result of a breach of the state's tax IT system that exposed Social Security numbers and other personal information of nearly 4 million people, South Carolina's inspector general calls for the state to centralize the way it governs information security. The existing approach creates a statewide IT security posture that's inadequate, Inspector General Patrick Malley writes in the 18-page interim report issued Dec. 3. The report points out that no state entity has the authority or responsibility to provide IT security standards, policy and oversight statewide
Software Giant John McAfee Arrested in Guatemala(Fox News) Guatemalan police arrested software company founder John McAfee Wednesday for entering the country illegally, ending a bizarre journey and search for the anti-virus guru by authorities in Belize
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
2012 European Community SCADA and Process Control Summit(Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.