Malware coders respond to advances in automated detection with what observers call a "low-tech" approach—their malicious packages wait for human input (like a mouse-click) before executing. This latest trend succeeds previous approaches that relied on sheer volume, obfuscation, or detection of virtual machines.
Iran's CERT says (with righteous dudgeon) that it's discovered a new targeted malware campaign, but Sophos for one is unimpressed: the code is primitive, easily thwarted, and not apparently targeted at anyone at all. Wired runs a summary of the ways in which Russian surveillance technology continues to dominate domestic collection in former Soviet republics.
Al Qaeda's networks continue to suffer from a crippling attack: they've been impaired for the last couple of weeks. India reveals details of a July exploit that exploited 10,000 official email addresses. Excel-based Sudoku proves infected with a form of malware spread by macros, and researchers wonder why such a retro approach has resurfaced.
Threatpost offers an interesting look at the crimeware black market and the ways in which its structure mirrors that of legitimate businesses. In that black market a new exploit kit—"Sweet Orange"—seems poised to surpass Blackhole as the sector leader.
In the US, Defense budget austerity inches closer to reality, and Secretary Panetta tells Department employees not to worry about unpaid furloughs—yet. The US Army's DCGS/Palantir controversy heats up as senior generals are rolled out to defend investment in DCGS. Observers see the Benghazi consulate attack as auguring a boom in private security contracts.
Today's issue includes events affecting Armenia, Belarus, Canada, China, European Union, Finland, India, Iran, Kazakhstan, Kyrgyzstan, Russia, Tajikistan, Ukraine, United States, and Uzbekistan..
Malware-Infested Sudoku Puzzles Researchers(Threatpost) A "blast from the past" surfaced recently among those who play Microsoft Excel-based Sudoku puzzles: malware spread by macros. Spreading malicious code via macros was the rage among the digital underground in the late 1990s, so much so that Microsoft eventually disabled them by default
Samsung Acknowledges Exynos Root Exploit(Threatpost) Samsung downplayed a root exploit vulnerability in some of its Exynos processors, and promised a patch for the flaw, according to a company statement acquired by AndroidCentral.
Over 10,000 email IDs hit in 'worst' cyber attack(Financial Express) New Delhi: In what is being termed as the biggest cyber attack on the country's official computer networks, over 10,000 email addresses of top government officials were hacked in a single day on July 12 this year. The IDs included those of officials
Al-Qaida hit by cyber attack(WTOP) Key al-Qaida websites were knocked offline more than two weeks ago and are still dark, according to U.S. intelligence sources. This is one of the longest disruptions the organization has experienced since it set up its online distribution
Crimeware Enterprises Mirror Legitimate Businesses(Threatpost) Not too long ago, it would have been extremely far-fetched to imagine buying crime services a la carte. But that's the dynamic that emerged in 2012 to plague cybercrime victims on both the consumer and corporate end of the spectrum. The black-market infrastructure that supports cybercriminals is increasingly backboned by packaged malware, exploit kits, as well as hacks and fraud as a service. Expect that to continue and evolve in 2013, experts say
Will the Sweet Orange exploit kit dethrone Blackhole?(Help Net Security) There's a new exploit kit being offered for sale and it seems to be slowly but surely gaining in popularity. Dubbed Sweet Orange, the kit uses exploits for Java, PDF, IE and Firefox vulnerabilities
Cyber arms race set to heat up in 2013(BCS) Panda Security has also identified software vulnerabilities in programs such as Java and Adobe products as the "preferred method" of infection for malware
The 'January Effect' for cyberattacks is real, say experts(SCO) It's the most wonderful -- and dangerous -- time of the year, most information security experts agree. If you're reading this, then the world hasn't ended per the Mayan calendar. But it still might be a good idea for those in the information security business to be wary of this time of year. Jeffrey Carr, an author on cyberwarfare and founder and CEO of Taia Global, noted in a post on Infosec Island this week that he has noticed a major breach or act of cyber warfare that kicks off the New Year -- every year since 2009
Security Patches, Mitigations, and Software Updates
Java 7 update 10 introduces important new security controls(Naked Security) Last week Oracle released Java 7 update 10 to the world without fixing a single vulnerability. That doesn't mean there aren't serious security improvements though. New settings could make Java users much safer from here forward
Army greenlights controversial intelligence system(FCW) A critical intelligence-sharing system used in combat recently received a green light for full deployment, marking a turning point for a program that earlier this year was embroiled in controversy over its effectiveness versus a competing system. The Army's Distributed Common Ground System, or DCGS-A, is a tool the military uses for processing, exploiting and disseminating intelligence between troops and their mission partners, including intelligence community organizations. It is part of the service's broader modernization strategy, according to Army officials
Army Rolls Out Brass To Defend Anti-IED Software(Washington Times) The Army presented two two-star generals and three intelligence specialists Thursday to defend its $2.5 billion battlefield intelligence processor, which has failed operational tests and has been criticized by soldiers as being too slow to analyze the enemy and help find buried bombs in Afghanistan
Panetta Reassures Pentagon Civilians On Looming Budget Cuts(Reuters.com) U.S. Defense Secretary Leon Panetta sought to reassure civilian Pentagon employees on Thursday about the impact of looming budget cuts, saying no workers would face immediate unpaid leave after Jan. 2, but warning that furloughs might ultimately be necessary
WatchGuard enhances XCS security appliances(Help Net Security) WatchGuard Technologies announced the availability of its enhanced Extensible Content Security (XCS) solutions for SMBs. The XCS 580 and XCS 280 provide the same trusted content protection
Software Security: BSIMM's Holistic Approach(eSecurity Planet) BSIMM 4 adds new practices for improving software security. The path to building a secure enterprise begins with building secure software. One of the many ways that developers can build secure software is by following the tenets of the Building Security in Maturity
Online reputation management tips(Help Net Security) AVG announces twelve tips for individuals to safeguard their reputations while engaging in heightened e-commerce and social media activities during the holidays. "It's only natural that our times
Forge.mil requirement stripped from conference fiscal 2013 defense authorization(Fierce Government IT) The compromise fiscal 2013 national defense authorization bill unveiled by conferees Dec. 18 excludes language from the Senate version that would have required the use of a repository for all software code owned by the government or to which it has use rights and an official designation of DoD collaborative software development environments, "such as Forge.mil managed by the Defense Information Systems Agency
White House strategy on security information sharing and safeguarding(Internet Storm Center) Today, the White House published its new national strategy for information sharing and safeguarding. The document touches a key point that has in the past often stymied cooperation and information sharing between the government and the private sector. In my experience, the gov organizations were always very open to receive and soak up information shared with them by private enterprise, but were far less forthcoming with returning the favor. Very rarely did I ever receive intel from government contacts that wasn't either mostly public knowledge, or that I hadn't received already anyway from peers in the industry
FTC expands Children's Online Privacy Protection Act(CSO) New provisions in the Children's Online Privacy Protection Act cover apps, exempts 'platforms' like App Store and Google Play and requires parental approval before companies can gather kids' photos, videos or geographic location
Nokia And RIM Bury The Patent Hatchet, Nokia Wins Payment Award From RIM(TechCrunch) Perhaps because there is not really any use in wasting energy fighting down rather than up the competition chain, today the beleaguered handset maker Nokia announced that it has settled all of its patent disputes with the equally challenged BlackBerry maker RIM. Nokia had different claims against RIM, and it looks like RIM is coming out the net loser here: Nokia says that it is getting a one-off
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.