Adobe investigates reports of a zero-day exploit targeting its PDF Reader—a very attractive target for criminals. (For more on the crimeware economy, see Dark Reading's reports on Russian cyber mob pricing.)
Twitter warns users by email of account compromises—this email is real. Google suffered an unexplained service outage in much of Asia this morning. Scammers try to spook Internet users with fears of credit card fraud. Other phishers offer (implausibly) a $100 McDonald's gift card to Facebook users via a dodgy survey.
The image-stealing Trojan reported yesterday is uploading files to an Iraqi ftp server. (The exploit appears to be a criminal rather than an espionage operation.) South Carolina's data breach may now affect 200,000 additional taxpayers.
Lawyers are fingered as a source of cyber vulnerability. One criticism (that they inhibit information-sharing by warning clients of legal obstacles) seems unfair, the other (that law practices as a sector tend to be careless about cyber security) better grounded.
Cisco patches a TACACS+ Authentication Bypass vulnerability.
IBM sees service consolidation as a path to better security. Boeing announces layoff plans; other government contractors prepare to retrench as US budget sequestration approaches. Britain's GCHQ rolls out its public-private cyber security partnership: BAE's Detica will be a major contributor. The Air Force extends its NETCENTS I contract and increases the vehicle's ceiling tenfold.
An industry-academic consortium crowdsources Botnet hunting. The SANS Institute honors Australia's DIISRTE for its innovative approach to advanced persistent threats. Sophos tells you how to report a cyber crime.
Today's issue includes events affecting Australia, Azerbaijan, Canada, Ethiopia, Indonesia, Iraq, Kenya, Namibia, Nigeria, Russia, South Africa, Tanzania, Uganda, United Kingdom, United States, and Zambia..
Cyber Attacks, Threats, and Vulnerabilities
Experts Warn of Zero-Day Exploit for Adobe Reader(Krebs on Security) Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground
Google services went down for 30 minutes in Asia this morning, CDN says(CSO) All of Google's service offerings went offline in some parts of the world during an unusual half-hour outage that mainly affected users in Asia, according to content delivery network provider CloudFlare. CloudFlare Network Engineer Tom Paseka wrote in an official blog post that the Google Apps services went down at about 2:30 a.m. UTC, and a quick investigation revealed that the search giant's public DNS server was offline as well
Researchers find Android hole that could affect millions(Fierce Mobile IT) The security of Android devices versus Apple's (NASDAQ: AAPL) iOS devices has been an ongoing issue for chief information officers and IT departments dealing with BYOD at their companies. Android security concerns were heightened last week by North Carolina State University researchers who showed how a vulnerability in Android platforms could be used to send fake SMS messages designed to trick the user into disclosing confidential information or subscribing to bogus premium services
Russia's Bargain-Basement Cybercrime(Dark Reading) How much does it cost to infect 1,000 machines with malware? Russian services will do it for as little as $12. It sounds a little bit like one of those ads on late-night television: Email spamming -- 1 million messages for $10! Malware downloads -- as little as 1,000 downloads for $12! DDoS any website -- only $30! No, it's not an ad for a cheap local electronics shop -- these are actual prices for cybercrime services currently available from hackers in Russia
25 Tips to Prevent Law Firm Data Breaches(Wisconsin Lawyer) Another day, another data breach. Data breaches have proliferated with amazing speed. Here is the roundup of some of the largest victims in 2011 alone: Tricare, Nemours, Epsilon, WordPress, Sony, HB Gary, TripAdvisor, Citigroup, NASA, Lockheed Martin, and RSA Security
Are lawyers getting in the way of cloud-based security?(Network World) At Cloud Security Alliance Congress, some say lawyers too often are hindrance to better security. In an age where enterprises and their employees are being relentlessly targeted with malware-based phishing, denial-of-service and other attacks, the ability of the IT security staff to defend their networks and valuable corporate data faces yet one more obstacle, according to some: their own company lawyers
4 Long-Term Hacks That Rocked 2012(Dark Reading) News of lengthy hacker incursions into enterprise databases and networks has been plentiful over the last year—here's a highlight reel
Security Patches, Mitigations, and Software Updates
Cisco TACACS+ Authentication Bypass(Internet Storm Center) Cisco has released a patch that addresses a TACACS+ Authentication Bypass vulnerability. Exploitation is likely very easy. If you are using Cisco ACS for authentication you should probably take note of this annoucment
Google Implements Do Not Track in Chrome 23(Threatpost) Nearly two years after other browser vendors implemented it, Google on Tuesday finally released a version of Chrome that supports the Do Not Track functionality that helps users prevent Web sites from following their movements around the Web. Google's move to include the technology is a response to discussions with the White House earlier this year around privacy. Chrome 23, released on Tuesday, is the first stable version of the company's browser to include the DNT option, although it's been in the developer channel for a couple of months now
Mobile apps expose personal information(CSO) Mobile devices and applications have become an integral part of our lives but they can also expose personal information. An application privacy report by Juniper Networks' Mobile Threat Center (MTC) indicates that permissions and capabilities in apps could expose sensitive data
How to stay secure in a changing world(Help Net Security) In Sir Isaac Newton's time there were three laws of motion, which dominated the scientific view of the world. While he, and his scientific peers, might have had many different opinions, what they all
Security, IT integration top M2M customer concerns(Fierce Mobile IT) End-to-end security and integration with enterprise IT systems are the top two concerns about machine-to-machine wireless communications for corporate customers, according to a survey of M2M companies conducted by Beecham Research on behalf of enterprise software vendor Oracle
IBM Security Systems Fights Complexity with Consolidation(eSecurity Planet) A year ago, IBM consolidated its security efforts into one omnibus umbrella. Is this approach working? At the end of 2011, IBM embarked on a dramatic re-organization of its security assets in an effort to consolidate strategy and product offerings. The new IBM Security Systems division was formed around
Defense Stocks Tumble On Budget-Cut Fears(Yahoo.com) Defense stocks fell on Wednesday, as analysts predicted after the results of the presidential and congressional elections that military spending will remain tight, and there's no clear path toward avoiding automatic defense spending cuts set to kick in at the beginning of 2013
Boeing Says Cuts Save $1.6 Billion(Wall Street Journal) Boeing Co. announced plans to cut executive jobs and consolidate several divisions at its defense business that the company said would save $1.6 billion over the next two years
GCHQ lines up BAE and pals for 'Cyber Incident Response'(Register) The "Cyber Incident Response" scheme - launched today by CESG, the data security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI) - is targeted at the public sector and firms supporting the UK's key systems and businesses
BAE SYSTEMS PLC : BAE Systems Detica certified by GCHQ and CPNI(4-traders) BAE Systems Detica has been named by GCHQ's Information Assurance arm CESG, and the Centre for the Protection of National Infrastructure (CPNI) as one of only four companies (1.) on an important new scheme that will provide organisations facing cyber
Axway Announces Intent To Acquire Vordel(Dark Reading) Combined platform will provide companies with a consolidated approach to application and data integration needs across on-premise and cloud environments
Gartner: RIM has 'huge challenge ahead' in enterprise(Fierce Mobile IT) Market research firm Gartner predicts that 1.2 billion smartphones and tablets will be purchased next year, up from 821 million this year. By 2016, two-thirds of the mobile workforce will own a smartphone, and 40 percent of the workforce will be mobile, according to the latest research from Gartner
HP bets big on Linux(IT World) HP has long been a contributor to Linux and open source software, but on Monday it ratcheted up its support another notch
Apple Eyes Dumping Intel For ARM(InformationWeek) Is Apple serious about shifting OS X and its computers from Intel's x86 architecture to ARM-based chips? Or is it just trying to win concessions from Intel?
AF NETCENTS I Contract Going Up $1.45B, Ceiling Now $10.4B(Govconwire) The Air Force's electronic systems center plans to increase the value of the branch's original Network-Centric Solutions contract by $1.45 billion, pushing the ceiling value to $10.45 billion, Nextgov reports. According to Bob Brewin's story, this action also extends the NETCENTS vehicle through September 2013. Awardees include: Booz Allen Hamilton (NYSE: BAH) General Dynamics
How to prepare for Google algorithm changes(IT World) In an effort to improve search result quality and punish black-hat SEO, Google has been making big changes to its algorithms, and more updates are likely on the way soon. Here's how to prepare
BlackBerry 10 is FIPS certified in advance of platform's release(Computer World) After several federal agencies said they will stop using BlackBerry devices and switch to iPhones, Research In Motion took the unusual step today of announcing a tough security certification for BlackBerry 10 in advance of the device's launch next quarter. This is the first time that a BlackBerry product has been certified as meeting the Federal Information Processing Standard (FIPS) ahead of launch, RIM said in a statement. The certification means that U.S. government agencies around the globe will be able to deploy BlackBerry 10 smartphones and BlackBerry Enterprise Service 10 from the day of launch, set for sometime in the first quarter, RIM said
Seagate Backup Plus gets USB 3.0(Help Net Security) Seagate introduced SuperSpeed USB 3.0 to Backup Plus storage for Mac. This new interface means faster transfer of data, so you can backup more quickly, up to 10x that of USB 2.0, via TimeMachine
Technologies, Techniques, and Standards
How Secure Is Your Data Center Network?(The Data Center Journal) The Cloud Security Alliance (CSA) recommends that you be aware of the software interfaces (usually called "application programming interfaces," or APIs) that allow your software to communicate and exchange data with the cloud provider
Hunting Botnets In The Cloud(Dark Reading) Combining cloud, crowdsourcing, and big data to find and quash botnets on a larger scale. Comparing botnet command-and-control (C&C) traffic or malware within an organization to activity seen in other parts of the Internet isn't new. It's just that some security analysts are increasingly going there to gather better intelligence that they can use to quell an infection or help take down a botnet
Portrait of a Full-Time Bug Hunter — Abdul-Aziz Hariri(Wired Threat Level) Abdul-Aziz Hariri earned more than enough to live on doing freelance bug hunting, during a period when he couldn't find a job. Hariri, a 27-year-old Lebanese-Canadian, began submitting bugs full-time after he emigrated from Lebanon to Canada in January 2010
Help eliminate unquoted path vulnerabilities(Inernet Storm Center) Metasploit's "Service Trusted Path Privilege Escalation" exploit takes advantage of unquoted service paths vulnerability outline in CVE-2005-1185, CVE=2005-2938 and CVE-2000-1128. The vulnerability takes advantage of the way Windows parses directory paths to execute code
How IT Leaders Can Best Plan for Disaster(CSO) Hurricane Sandy left devastation in its wake, first pounding the Caribbean and then pummeling the Mid-Atlantic and Northeast regions of the U.S. People and businesses are now struggling to get back on their feet. As a CIO or IT leader, you need to ask yourself: Will your organization be prepared for the next disaster
American children to become 'cyber-warriors'(Security Defense Agenda) The National Science Centre (NSC) has launched a new online game called 'Cyber Swarm Defenders' to help train young children to be able to avoid cyber-attack malware when surfing the internet
Town & Gown: JSU continues to lead in cybersecurity(Jacksonville News) Recognized in 2008 by the National Security Agency (NSA) and the Department of Homeland Security (DHS) as a National Center of Academic Excellence in Information Assurance Education, Jacksonville State University has been keeping pace with this
Legislation, Policy, and Regulation
[UK] Government departments get go-ahead to use iPhones for sensitive data(ComputerWeekly) Government departments have been given the go-ahead to use iPhones to send and receive sensitive emails, as part of moves to broaden the number of approved public sector mobile devices beyond BlackBerrys. Under new guidelines, civil servants and ministers could use Apple devices for restricted information deemed to compromise the workings of government if released to third parties
Joining hands against cybercrime in Africa(SecurityAffairs) Concerned over rising threats online, Cyber security agents in Africa are taking a proactive step by collaborating with global network-security experts, to curb cybercriminal activities in the continent where they will share information and technical know how. Cyber security agents in Africa will gain an even better view of emerging cyber threats by working with experts who are mainly drawn from European countries and US. The partnership will also address the shortage of cyber security specialists in the fast growing continent of Africa, through joint seminars and discussions that will involve management teams in companies and other organizations
A Sample Security Agenda for Obama's Second Term(Threatpost) Intelligence agencies, the military and other groups inside the government regularly buy vulnerabilities from security researchers and use them for various purposes. But there are plenty of other buyers as well, including ... Stop trying to put all of
Military gears up to defend US against cyber-attack(abc7news.com) "If a cyber-attack crippled our power grid in this country, took down the financial systems, took down our government systems, that that would constitute an act of war," has Panetta said. Though she may not look like a drill sergeant, Irvine is tasked
Homeland Security Suggests 'Co-op' Approach To Cybersecurity(Mortgageorb) The U.S. Department of Homeland Security (DHS) is recommending that financial companies pool their infrastructure resources and work together to fight the increasing level of cybersecurity threats. According to a report in the technology trade
On cyber defense, U.S. 'stuck at the starting line'(FederalNewsRadio.com) Robert Joyce, NSA's deputy director for information assurance, said the agency has special insights into cyber vulnerabilities from inside the intelligence community, and it's already come a long way toward packaging that information into formats that
Oracle hit with patent lawsuit over WebLogic Server(Computer World) Oracle is finding itself caught up in another Java-related patent lawsuit, but this time it's the one getting sued. Java middleware vendor Thought filed suit against Oracle on Oct. 31, claiming that WebLogic Server and other Oracle products infringe at a "massive scale" on a number of patents it holds. Using the open-source Java programming language, Thought created a "middleware mapping layer for saving object and table information and greatly simplified the task of persisting data," according to its complaint, which was filed in U.S. District Court for the Northern District of California
Pad Hack at Barnes & Noble Draws Lawsuits from Customers(Hot for Security) The point-of-sale keyboard hack at Barnes & Noble bookstores led to three class-action complaints for failure to protect customers personal financial data, including but not limited to credit and debit card information and person identification numbers. With 700 nationwide stores having used tampered devices, Barnes & Noble postponed the public announcement until an FBI investigation was launched in an attempt to pinpoint the cyber crooks. Jonathan Honor and Ray Clutts, from Illinois, filled class-action complaints against the retailer for not protecting their credit card data and not personally contacting and warning affected customers
National Security Wiretaps, or Just Plain Old Snooping?(Courthouse News Service) Aside from monitoring terror threats, the National Security Agency eavesdrops on the private communications of Americans for fun, a class says in the 6-year-old case against the federal wiretap program. The allegation appears in the latest
How to report a computer crime: malware by email(Naked Security) If you have ever unwittingly downloaded malware as a result of opening an attachment in an email, did you report it to the police? Here's why you should, and how you should go about doing it
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
TechExpo Cyber Security Careers(Columbia, Maryland, November 1, 2012) Profit from presentations by leading industry figures and networking opportunities designed for serious job-seekers.
Anatomy of an Attack(New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.
ZeroNights(Moscow, Russia, November 19 - 20, 2012) ZeroNights is an international conference dedicated to the technical side of information security. The mission of the conference is to disseminate information about new attack methods, threats and defense...
Digital Security Summit(Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.
Passwords^12(, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...
CIO Cloud Summit 2012(, January 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.