skip navigation

More signal. Less noise.

Daily briefing.

Only a few stories break on a very quiet post-Christmas morning. Iranian officials continue to talk about a cyber attack on its power grid, with central authorities denying a local civil defense organization's claim to have thwarted a recent exploit. Beyond that little new information is available.

Anonymous defaces the official Website of Kuwait's Crown Prince with an unusually childish North Pole motif. Israelis are warned that Backdoor.LV has returned; exploits using it appear to originate with hackers in Kuwait.

Researchers expect Java and Adobe vulnerabilities to remain prime hacking targets into 2013.

The cleared labor market drives security professionals who ought to know better toward over-sharing on Facebook and (especially) LinkedIn. Australian authorities are noticing the problem: present and former employees of the Defence Signals Directorate and the Defence Intelligence Organisation are advertising details of their careers online. The intent is innocent, but still, it's a problem.

A young British developer scores very well in the US Defense Department's 2012 Digital Forensics Challenge. It took, crows the Daily Mail patriotically, "Defense Giant Northrop Grumman" to defeat him.

Crowdsourced private crime fighting appears simultaneously in California and Mexico. Nextdoor and Nixle are enabling Californians to tip off one another and the police to criminal activity. In Mexico, Ret.io's Twitter feed, which began as a way of alerting people to police checkpoints, it emerging as a tool against small-scale but irritating official corruption. And data scientists at Harvard are tracking drug cartel activity online and providing police useful open source intelligence.

Notes.

Today's issue includes events affecting India, Iran, Israel, Kuwait, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Iran denies foiling cyber attack on industrial units (India Times) A local civil defence official denied an earlier account that a fresh cyber attack on industrial units in the southern province of Hormuzgan had been repelled, Iran's state broadcaster website reported on Tuesday."At a press conference we announced readiness to confront cyber attacks against Hormuzgan installations, which was mistakenly reported by the agencies as a cyber attack having been foiled," Ali Akbar Akhavan said. Earlier on Tuesday, ISNA news agency quoted him as saying: "A virus had penetrated some manufacturing industries in Hormuzgan province, but its progress was halted with ... the cooperation of skilled hackers." According to ISNA, Akhavan said one of the targets of the latest foiled attack was the Bandar Abbas Tavanir Co, which oversees electricity production and distribution in Hormuzgan and adjacent provinces. He had said the malware was "Stuxnet-like" but did not elaborate and that the attack had occurred over the "past few months

Iran says defeats cyber attack on industrial sites (Yahoo! News) An Internet virus attacked computers at industrial sites in southern Iran, in an apparent extension of a covert cyber war that initially targeted the country's nuclear facilities, an Iranian official said. Iran, the world's No. 5 oil

Christmas Hack from Anonymous : Kuwaiti Crown Prince official site hacked (E Hacking News) While Everyone is enjoying Christmas , the Anonymous hacktivist celebrates the Christmas in their own way. They have send Merry Xmas card by hacking into the official website of Diwan Of The Crown Prince

Cyber Attack From Kuwait (Israel Defense) Jonathan Gad, chairman and joint CEO of InnoCom of the Aman Group, warned yesterday (Monday) of a new wave of dangerous cyber attacks originating from Kuwait. According to Gad, a malware named Backdoor.LV, which was previously discovered in May, is behind the attack. The malware was identified via a tool by the company FireEye, which is represented by InnoCom in Israel

Wells Fargo hammered by web outages; banks warned to guard against cyberattacks (Biz Journals) Wells Fargo & Co. customers were frustrated for much of last week as they had difficulty at times accessing the bank's website to handle online banking and other matters. Wells Fargo's site had intermittent problems for four days. A spokesman for Wells (NYSE: WFC) -- Colorado's largest bank -- said on Friday: "We sincerely apologize for the inconvenience and thank our customers for their continued patience

Revealing some of the tactics behind a spear phishing attack (IT Proportal) Marketing tactics have changed. Gone are the days of mass mailings, marketers now target each individual customer think of Amazons recommendations page. Criminals have learnt the same lesson, as phishing emails are no longer sent to thousands of people

Cybercriminals are just businessmen at heart (CSO) Cybercrime today is a full-fledged business with executives, middle managers and workers who depend on a variety of service providers to keep the illicit operations humming, a new study shows. Supporting these criminal enterprises that mirror legitimate commercial enterprises is a shadow underground of chat rooms, Web portals and marketplaces for finding and hiring people and buying or leasing malware, exploit code and botnet-building tools, says the 2013 Cybercrime Report from Fortinet. Also ready to lend a hand are tech consultants and hosting providers ready to turn a blind eye in return for payment

Interview with Kaspersky Chief Malware Expert Alex Gostev (Threatpost) The last year has seen a lot of changes in the threat landscape, with the emergence of a number of new cyber espionage tools such as Gauss and Flame, as well as an increase in the volume of malware targeting mobile platforms such as Android. Recently, Alex Gostev, the chief malware expert at Kaspersky Lab, answered questions submitted by users on Facebook, discussing the evolution of antimalware solutions, the threats to mobile devices and how governments around the world are handling the cybercrime explosion

Cyber Trends

Java and Abobe Highly Targeted By Cyber Bad Guys and Malware (Hot Hardware) Software vulnerabilities will be the main target of cyber criminals in 2013, according to research by Panda Security's malware laboratory, PandaLabs

Marketplace

Spooks use internet and social media to advertise their skills (Mudgee Guardian) Hundreds of former and some present Australian spies have posted information about their employment with intelligence agencies on the internet in what security experts have called "a gift for foreign espionage". A survey by Fairfax Media has discovered more than 200 intelligence officers have disclosed their classified employment in profiles on professional networking sites such as LinkedIn, and social media including Facebook and Twitter. While many have disclosed only the fact of their employment by agencies such as the Defence Signals Directorate and the Defence Intelligence Organisation, some have revealed significant details about their work

British amateur named world's top civilian cyber defender in hacking challenge staged by the U.S. military (Daily Mail) Chris Doman from Essex lost out only to a professionals team from U.S. defence giant Northrop Grumman. He is one of three UK competitors who placed in the top 12 of the global competition held by U.S. Department of Defense. Now he is eligible to take part in the next round of face to face competitions held by Cyber Security Challenge UK

Technologies, Techniques, and Standards

Monitoring a la Borg (Dark Reading) What would a true infrastructure collective look like? Imagine there's no console. It's easy if you try. No central server, no admin tty. Imagine all the endpoints, living all the same

Design and Innovation

CloudByte Wins the 2012 Tech Trailblazer Award (MarketWatch) We're thrilled to announce that CloudByte, the technology leader in enterprise storage, has won the 2012 Tech Trailblazer award from emerging markets. We thank all our delighted customers and the judging panel - including eminent technologists from enterprises such as VMWare and Colt, and thought leaders from standard bodies such as SNIA and Cloud Security Alliance - for this honor

Litigation, Investigation, and Law Enforcement

Become a Crime-Fighting Superhero in Your Spare Time (Wired) Chris Goodroe doesn't do Facebook, and he doesn't do Twitter. Online socializing isn't his thing. But after watching his neighbors use the internet to bust a pair of burglars earlier this year, the Oakland attorney decided to make an exception for Nextdoor, a neighborhood social network that is increasingly being used to fight crime

Ret.io, A Crowdsourced Answer To Corruption In Mexico (TechCrunch) Three years ago Mario Romero Zavala and Jose Antonio Bolio decided to create a Twitter account in Mexico City to alert people to cumbersome police checkpoints that too often resulted in various forms of harassment to locals. This was the beginning of Ret.io, which has since changed tremendously

In Mexico, Tech Is Used To Help Combat Narco Violence, Insecurity (TechCrunch) Google has been used for many ends, but in the hands of researcher Viridiana Rios, the search engine has become a tool to fight Mexican drug cartels and help the government organize to prevent violence. Rios is a researcher at Harvard University who recently published a paper about a tool she created to track publicly available cartel data and how it can inform Mexican security officials' work

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

tmforum Big Data Analytics Summit (Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...

ATMiA US Conference 2013 (Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.

#BSidesBOS (Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...

IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...

The Future of Cyber Security 2013 (London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

Cloud Connect Silicon Valley (Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...

InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.