Four of the five US banks threatened by the Izz ad-Din al-Qassam Cyber Fighters experienced minor disruptions, but on the whole the promised offensive has so far proved a fizzle.
A familiar Windows scam migrates to Macs in the form of VKMusic 4 for Mac, an SMS fraud Trojan. Older versions of Joomla and WordPress are hit by IFrame injection attacks.
In California, Medi-Cal admits it inadvertently posted 14,000 Social Security numbers online last month. Darwinare, the still-at-large hacker who broke into the Australian Defence Force Academy with an SQL injection attack, is back online piously boasting of how shockingly easy his caper was.
Two criminal economy developments are worth noting. "Project Blitzkrieg," the online job board recruiting hackers for financial fraud, appears to be for real, and to be having some success scouting talent. And the Citadel Trojan kit is being withdrawn from many underground markets—its controllers are restricting sales to their "circle of trust."
Dell and FireEye conclude a strategic partnership as FireEye launches a "Certified Service Provider" sales channel. In-Q-Tel, the CIA's venture capital unit, invests in Tyfone, a mobile cloud security start-up. Raytheon, building up its encryption capabilities, buys SafeNet's Government Solutions unit.
Government Security News ponders hacking back, and wonders if "playground justice" has a future in cyberspace. The US National Institute of Standards and Technology invites feedback on its proposed rectification of information security names: contact them by January 15 to comment on their new comprehensive glossary. The EU commits to "digital freedom."
Today's issue includes events affecting Australia, Bosnia and Herzegovina, Canada, Croatia, European Union, Finland, Iran, Israel, Macedonia, Malta, New Zealand, Peru, Russia, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
4 Banks Respond to DDoS Threats(Bank Info Security) The day after Izz ad-Din al-Qassam Cyber Fighters announced plans to launch a second wave of distributed-denial-of-service attacks on five U.S. banks, SunTrust suffered intermittent outages and Bank of America and PNC said small numbers of their customers reported having trouble accessing their sites. But it remained unclear whether the problems were the result of an attack. U.S. Bank, which did not suffer any known outages or access issues, did, however, acknowledge that new attacks could be on the way. On Dec. 11, PNC used social media to warn consumers that site outages should be expected, but that account and online-banking credentials would remain secure. And one expert was advising banks to expect the worst, saying Izz ad-Din al-Qassam Cyber Fighters' second wave of attacks would likely be more fierce than the first
SMS Extortion Trojan Targeting Apple Machines(Threatpost) In yet another blow to the tenuous false sense of security among Apple users, the Russian antivirus firm Dr. Web has uncovered what it claims is a first-of-its-kind fake installer Trojan targeting Mac machines and extorting their users with SMS fraud. Trojan. SMSSend
Internet Explorer tracks cursor even when minimised(The Register) A security researcher has published yet another reason not to use Internet Explorer for anything, under any circumstances: it can track your mouse cursor movements, even when its minimised. Affecting all versions newer than IE 6. 0, and with no plans for a fix by Microsoft, the bug is demonstrated here (not being an IE user, this El Reg hack hasnt tested the game)
14,000 Californians at Risk Following Medi-Cal, DHCS Breach(Threatpost) Medi-Cal, Californias Medicaid welfare program, came clean to customers this week admitting it mistakenly posted almost 14,000 of its users Social Security numbers online last month. Providers of In-Home Supportive Services (IHSS) care in 25 counties are affected by the breach, according to a report from KCRA-TV, a Sacramento-based television station. Users information was posted on a government site for at least nine days, beginning Nov. 8, before being removed on Nov. 14, according to the report
Hacker shocked at ease of entry(Sydney Morning Herald) The hacker who stole the personal details of thousands of Australian military personnel used a simple technique that would fail to breach most modern security systems. Darwinare, who describes himself as ''the first black hacker'' and is linked with online activists Anonymous, used a method called SQL injection last month to access a University of NSW database at the Australian Defence Force Academy. He then dumped the data - the full names, dates of birth and other details of about 12,000 former and current ADFA students and staff - onto a public website
New Findings Lend Credence to Project Blitzkrieg(Krebs on Security) Project Blitzkrieg, a brazen Underweb plan for hiring 100 botmasters to fuel a blaze of ebanking heists against 30 U.S. financial institutions in the Spring of 2013, was met with skepticism from some in the security community after news of the scheme came to light in October. Many assumed it was a law enforcement sting, or merely the ramblings of a wannabe criminal mastermind. But new research suggests the crooks who hatched the plan were serious and have painstakingly built up a formidable crime machine in preparation for the project
Citadel Trojan Kit Gradually Withdrawn from Underground Forums, RSA Says(Softpedia) After learning that the developers of the Citadel Trojan are planning to stop selling their creation to anyone outside their circle of trust, RSA has been continually monitoring the evolution of this topic. Now, they reveal that the Citadel masterminds are keeping their promise. Over the past weeks, Citadel Trojan kits have been gradually withdrawn from many of the underground forums they have been sold on
Did your new laptop come with malware preinstalled?(IT World) How sure are you that your new laptop or that new router for your company didn't come with malicious software already loaded? Could there be an extra hardware component dedicated to spying on you or your colleagues? How would you ever know? If you winced just thinking about that, then you have some appreciation of the complexity of what is often called "supply chain security:" the herculean task of verifying the authenticity and integrity of computer hardware and software
Samsung Smart TV Bug Allows Remote Access, Root Privileges(Threatpost) It turns out that some smart TVs are a little too smart for their own good--and the good of users. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image and eventually gain root access to the device. The issue affects many Samsung TVs, and the researcher who discovered the problem found that he could remotely access the remote control for the TV, retrieve files located on any USB drive attached to the TV and even install malicious software on the TV
Officials unsure of weaknesses in cyber security of state agencies(GreenvilleOnline.com) Nearly two months after publicly disclosing a massive data breach at the Department of Revenue, state officials are unsure just what kind of weaknesses exist in state agencies cyber security. The State Budget and Control Board the five-member board that oversees the states administrative agency as well as state financial decisions took the first step to find out Wednesday when it authorized hiring a consultant to craft a bid for a firm to assess the states security and develop a statewide cyber security firm. The board also approved a $20
Security Patches, Mitigations, and Software Updates
Facebook privacy control overhaul will remove ability to limit who can find us(Naked Security) Facebook's most recent round of changes carry some good privacy tidings, including Privacy shortcuts from the main page drop-down menu, plus a new Request Removal tool for getting untagged (and telling the tagger why) in multiple photos. But it's also a story of missed opportunities and privacy features being taken away
Facebook Streamlines Privacy Controls in Latest Update(Threatpost) In what may be the least surprising news of the day, Facebook is again making changes to its privacy controls. The existing privacy controls, which we explored in depth in our How-To Video on the subject, are a bit convoluted. So it makes sense that product manager Samuel Lessin is rolling out some end-of-the-year privacy feature updates on the world's largest social network that are essentially designed to clarify existing features and seamlessly integrate privacy controls into Facebook's primary interface
Increasing cloud adoption puts enterprises at risk(Help Net Security) Enterprises are running one-third of their mission-critical applications in the cloud today and expect to have half of all critical applications running in the cloud by 2015, according to SailPoint
The 'Intelligent Objects' that surround us(Malta Independent) Technology in the last decade has assumed a fundamental role in our daily lives. We are increasingly surrounded by discrete intelligent components designed to provide us with more sophisticated choices designed to enhance our personal experience and quality of life. From our phones, to our home security system, to the refrigerator in our house, an increasing number of devices are constantly connected to the internet and with each other
Watch Mikko Hyppnen's full talk on cyber warfare from Wired 2012(Wired) According to cyber security expert Mikko Hyppnen, we might not be in a cyber war but we are in a cyber arms race, and the governments involved are the James Bond of the cyberhacking world -- seemingly unstoppable. Speaking at Wired 2012, the chief research officer for Finnish-based F-secure said we are ill-equipped to battle the growing threats coming out of government cyberhacking divisions."We can protect against the everyday criminal threats," he explained, citing banking trojans. These, he says, are the equivalent to petty criminals stopping cars at gunpoint to steal passengers' wallets: "they don't care whose card they steal, as long as they get it.
DoD Officials Hope For Flexibility If Sequestration Occurs(DefenseNews.com) U.S. defense officials are still holding out hope that they might be given some flexibility on how to tailor spending reductions, particularly in weapon buying accounts, should sequestration go into effect next month, according to a senior defense official
Pentagon Said To Face $62 Billion Automatic Spending Reduction(Bloomberg Government) Pentagon budget analysts and attorneys have determined the U.S. military faces spending reductions of about $62.3 billion, $10 billion more than previously estimated, if automatic cuts take effect on Jan. 2, according to a U.S. defense official
Shedding Light On What Sequestration May Bring(Washington Post) Federal employees have a major stake in the debate over whether, and how, the government should back away from the fiscal cliff and potential for automatic sequestration cuts to programs starting in January
'Fiscal Cliff' Talks Appear To Stall(Washington Post) Washington stumbled closer to the fiscal cliff Wednesday as President Obama and congressional Republicans dug in further on their positions on taxes, even as no face-to-face negotiations took place
Dell Looks To FireEye For Zero-Day Protection(TechWeekEurope UK) Tech titan Dell will not be looking to create its own zero-day catching technology, but is instead partnering with security start-up FireEye to provide protection against unknown threats. The Texan firm is currently holding its second ever Dell World
Army Awarding Up to $315M for Security System Support(Govconwire) The U.S. Army has awarded 10 companies positions on a potential $315 million contract to support security and control systems. According to the Defense Department, work under the firm-fixed-price award will occur through Dec. 6, 2017 and the Army will determine location with each order. Awardees include: American Systems BAE Systems M.C. Dean Science Applications
CIA pumps money into mobile security startup(Fierce Mobile IT) The Central Intelligence Agency's investment arm In-Q-Tel is investing an undisclosed amount of money into Tyfone, a Portland, Ore.-based mobile security in the cloud startup. IQT said it was investing in Tyfone because of its patent portfolio and innovations in mobile financial products, secure ID management and near field communications
List of Bug Bounty program for PenTesters and Ethical Hackers(E Hacking News) The Best way to improve Network security is hiring hackers" Unfortunately, companies can't hire all best hackers. So the companies has chosen another best way to improve their system security, "Bug Bounty Programs". Bug Bounty program is the place where Security researchers and Ethical hackers love to find vulnerabilities in target website or app and get rewarded for their findings
GDIT Hiring 30 to Help FBI Run Computer Forensics(Govconwire) General Dynamics will provide information technology services to the FBI to help the bureau operate its computer forensics networks, the company announced Wednesday. The company's information technology unit won a potential five-year, $42.2 million task order under the bureau's Information Technology Supplies and Support Services contract, a $30 billion vehicle awarded in 2010 for eight years
GDIT, SAIC, SRA Among Senate IT Support Contract Competitors(Govconwire) The U.S. Senate's sergeant at arms office has selected seven companies to compete for the opportunity to become the prime contractor for information technology support services. According to a FedBizOpps notice, the Senate is referring vendors interested in subcontracting opportunities to companies listed in the notice. Prime contract competitors include: GBTI Solutions General Dynamics
Raytheon Acquires SafeNet's Government Solutions Business(Govconwire) Raytheon Company (NYSE: RTN) has acquired the government solutions business of SafeNet Inc. for an undisclosed sum. According to a Raytheon release, the deal enhances the Marlborough, Mass. company's encryption capabilities by adding SafeNet's federally-approved solutions which help the U.S. military more securely transmit classified voice and data traffic
CSC Selling Australian IT Staffing Unit for $73M(Govconwire) Computer Sciences Corp. (NYSE: CSC) has agreed to sell its Australia-based information technology staffing unit to a South African employment services firm for $73.5 million cash. The company expects to close its sale of Paxus to Adcorp by the end of January 2013 and CSC will continue working with Paxus to meet IT staffing needs in
Telstra invests $4 million in cloud communications company(Computer World) Telstra completed a $4 million investment in Whispir that will help the cloud-based software company expand into Asia. Telstra currently sells the Whispir platform to its enterprise and government customers. Whispir specialises in mobile, email, voice and digital communications
2012 a Tough Year for Symantec and Norton(Toolbox.com) 2012 is a year that many of the folks at Symantec and their Norton group would like to forget. The year started off bad enough with the revelation in January that a hacker had stolen and posted for the public source code of the 2006 versions of Norton Utilities, PCAnywhere, Norton Antivirus and Norton Utilities. The group known as "Yama Tough" hacked into an Indian Government server to access the code
Exelis Plans $100M Share Repurchase Over Next 4 Years(Govconwire) ITT Exelis' (NYSE: XLS) board of directors has approved a plan to repurchase up to $100 million of its common stock over the next four years, the company announced Wednesday. The company said the primary goal of the buyback initiative is to offset dilution from equity awards made by the company. Purchases can occur between
Vaultive Announces Appointment of Leading Cloud Security Industry Experts to Advisory Board(MarketWire) Vaultive, a provider of cloud data encryption solutions designed to maintain the control, security and compliance of data processed by cloud-based services, today announced the formation of its Advisory Board, which includes notable cloud computing industry luminaries Dave Cullinane, CEO of SecurityStarfish, Jim Reavis, co-founder and executive director of the Cloud Security Alliance, and Dr. Eran Tromer of Tel Aviv University's School of Computer Science
Not all security devices are created equal(Help Net Security) Independent test lab Broadband-Testing released a report on its performance validation of IT network firewall solutions from Cisco Systems, NetPilot, SonicWall and WatchGuard. Using Spirent's
The Russians are coming (with a dual-screen smartphone)(Quartz) Yota Devices, a Russian corporation once tied to state-run defense, plans to start selling a dual-screen smartphone powered by Google's Android software, according to the Wall Street Journal. The phone will have a traditional LCD screen on one side and an electronic-paper display (a technology seen on e-book readers) on the other. "The design will allow users to continuously view all kinds of streaming data in real time—from Twitter feeds to stock market tickers—without having to constantly wake their phones up from sleep mode or quickly drain their batteries
FireEye Launches Certified Service Provider Program to Expand Offerings(MarketWatch) FireEye, Inc., the leader in stopping advanced cyber attacks, today announced the FireEye Certified Service Provider (FCSP) program to expand its channel strategy and develop new markets. The FCSP program supports customers who leverage a service provider model and who have complex, hybrid environments, outsource IT, and limited resources to support sophisticated IT security infrastructures
Google's New Data Highlighter Lets You Add Structured Data To Your Sites Without Touching Any Code(TechCrunch) Google wants website owners to add as much structured data to their sites as possible in order to improve its search results and Knowledge Graph boxes with rich snippets like event listings, reviews and other information. Adding this kind of metadata to a site, however, isn't always trivial and many small businesses don't really have the expertise to add microdata or RDFa markup to their sites
Samsung takes top spot in femtocell market(Fierce Mobile IT) Samsung has overtaken Airvana's top position in global wireless femtocell market, posting an aggressive 45 percent revenue increase in the third quarter compared to the second quarter, according to the latest stats from Infonetics Research
Hack Back: Getting Even with 'Cyber Scum' - Is There a Role for Playground Justice in Cyberspace?(Govenment Information Security) The real world isn't like the online world."This simple sentence - written by Mikko Hypponen in the forward of Christopher E. Elisan's recently published book, Malware, Rootkits & Botnets: A Beginners Guide (McGraw-Hill) - contains a powerful message: Legislators need to be mindful of when they listen to the increasing voices in the cybersecurity community espousing the idea that American corporations and, presumably everyday citizens, should be allowed to "hack back" at the nameless and faceless scum of the earth who disable our networks, attack our computer systems, pilfer our sensitive data (including holding it for ransom) and destroy our credit rating. The idea has certain emotional appeal. There are more than a few nation-state actors, cybercriminals and hacktivist whom I would like nothing more to do than to expose or even deny service to their botnet command and control servers
A Higher Security Standard for EHRs - Testing for Tougher Interoperability, Security Requirements(Healthcare Infomation Security) A new, voluntary, private-sector certification program aims to help assure healthcare organizations that electronic health record and health information exchange software, as well as medical devices, meet tough security and interoperability requirements. ICSA Labs, a unit of Verizon, in January will begin testing health IT products to certify that they meet the security and interoperability standard profiles of IHE USA, a non-profit interoperability standards deployment committee of IHE International, says Amit Trivedi, ICSA Labs' healthcare program manager. IHE includes 575 members that collaborate to improve the way computer systems in healthcare share information
Creating a Culture for Continuous Monitoring - Facing Similar Challenges as Those Posed by ERP Systems(Govenment Information Security) It's as much about people as it is technology for organizations to successfully implement a continuous monitoring program, says George Schu, senior vice president at Booz Allen Hamilton. Schu sees instituting continuous monitoring as the same type of challenge government agencies and businesses faced at the turn of the century when they rolled out enterprise resource planning systems, which many users didn't fancy, at first
Keith Mularski, FBI Cyber Expert, Speaks at CyberPoint on "What Keeps Me Up at Night"(CyberPoint News) Keith Mularski, Supervisory Special Agent of the Cyber Squad, Pittsburgh Division of the Federal Bureau of Investigation (FBI) spoke on December 12, 2012. An expert in cyber crime fighting, Keith Mularski shared his experience and insight into this most modern form of organized crime…Special Agent Mularski also conducted a special session for a group of students from Baltimore-area high schools and colleges. The students were particularly interested in cyberspace's emerging threats. Mularski's short answer: the coming crime wave will exploit mobile devices
Legislation, Policy, and Regulation
Reporting breaches: EU tightens rules(Financial Times) Picture the scene: a European retailer discovers it has fallen prey to hackers. A database holding the personal details of some 5m customers has been compromised, although it is not yet clear what data have been stolen. The retailer now has just 24 hours to report the breach, not just to the data protection agency of the country where it has its main European operations (in the UK, this is the Information Commissioners Office), but also to every customer whose personal data has been exposed
U.S. Terrorism Agency to Tap a Vast Database of Citizens(Wall Street Journal) Top U.S. intelligence officials gathered in the White House Situation Room in March to debate a controversial proposal. Counterterrorism officials wanted to create a government dragnet, sweeping up millions of records about U.S. citizens—even people suspected of no crime
Powerless UK IPv6 Promotion Body 6UK Shuts Down(Tech Week Europe) IPv6 promotion body 6UK has shut down, saying that a lack of government support has left it powerless to promote the next generation of Internet protocols, and warning the UK may become an island of obsolete technology. The board of 6UK - a promotion body set up two years ago all resigned on Friday saying the job of promoting a move to Internet protocol version 6 (IPv6) was impossible. A move to IPv6 is important because it increases the number of Internet addresses, and all the IPv4 addresses have been issued by the global Internet authorities
European Parliament endorses digital freedom strategy(Fierce Government IT) The European Parliament adopted Dec. 11 a first-ever Digital Freedom Strategy to guide European Union foreign policy. As the world's largest trading block, the parliament says it's now put digital freedom on the EU political agenda and that it intends to leverage economic power to promote and protect uncensored access to the web globally
Litigation, Investigation, and Law Enforcement
The Biggest Hacker Busts Of 2012(Dark Reading) It's easy enough to focus on the major breaches of 2012 and feel a certain hopelessness. But this year was a banner one for busting black hat bad guys. Several major international operations reaped a harvest of hackers, from big shot Russian gangsters to bored British teens. This was the year they locked up the world's biggest pirate in Sweden. And the gangly Anonymous guy who probably should have worn the mask but didn't. The thoughtful cyber criminal should be sure to consider some questions in the year ahead
How Aaron Barr correctly identified Commander X(Ars Technica) HBGary Federal's Anonymous-hunting CEO didn't know how right he was. When HBGary Federal CEO Aaron Barr decided to out the leaders of Anonymous, the loose hacker collective, he spent months infiltrating the group under the name "Coganon." By the end of it he had identified three people who appeared to wield the most influence in the group. One of them was "Commander X," the 50-something hacktivist who jumped bail and fled to Canada to avoid federal hacking charges
Spy's Case Offers Rare Glimpse Inside CIA(Spy Talk) A highly decorated former CIA deep cover operatives long quest to nail the spy agency for obliterating his career in retaliation for exposing the security violations of a senior agency official and her State Department husband gets a rare public hearing Friday. Peter B, whose full name and former duties remain classified, contends that he lost his CIA job because he had learned about an affair that the husband of his supervisor, Margaret Peggy Lyons, was carrying on with a Taiwanese spy. Lyons husband, State Department Asia expert Donald Keyes, eventually pleaded guilty to lying to the FBI about his affair with the Taiwan operative and the hoard of secret documents he kept at home
Former UNL senior faces charge in NU computer security breach(Journal Star) The U.S. Attorney's Office has filed a federal charge against a former University of Nebraska-Lincoln senior in connection to a security breach this spring. Daniel Stratman, who is listed as a computer science and mathematics major on UNL's website, made his first court appearance last week on a charge of reckless damage to a protected computer during unauthorized access
US law enforcement busts cybercrime rings with help from Facebook(CSO) U.S. law enforcement agencies with the help of Facebook have arrested 10 persons from various countries in connection with international cybercrime rings that targeted users on the social network. The operation is said to have identified international cybercrime rings that used various variants of a malware called Yahos. The malware has infected more than 11 million computers and caused over US$850 million in losses through a Butterfly botnet, which steals computer users' credit card, bank account, and other personal identifiable information, the Federal Bureau of Investigation said in a statement late Tuesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.