Several claims of zero-day vulnerabilities cropped up over the past week: a Chrome hole (Google doesn't believe it, and the researcher won't talk until he demos his exploit at an upcoming New Delhi conference), a Yahoo! Mail exploit (for sale on the black market), and SCADA vulnerabilities in systems by Siemens, GE, Kaskad, ABB/Rockwell, Eaton and Schneider Electric.
The US continues to deny charges of cyber espionage against the Elysee Palace, and some expert observers lend credence to the denial.
Symantec reports a database exploit is loose in the Middle East; Iranian security authorities call it old news. Other small hacks and scams surface; they amount to fresh warnings to use caution online. One is worth calling out: PASSTEAL malware is circulating in file-sharing sites where it masquerades as a key generator for paid applications.
The South Carolina breach looks more serious: attackers had at least two months' "unfettered access" to the state's tax system. US banks are warned to expect fallout from the 3.3 million bank accounts compromised in the exploit.
Huawei's reputation in the US Government as a security risk opens a market opportunity for other firms: Nokia and Siemens prepare a joint push for US Federal business. Various countries friendly to the US look to American companies to provide cyber expertise.
Lesser-known US universities—the University of Tulsa being exhibit A—become major sources of Federal cyber talent.
Australia's Defence Signals Directorate gives businesses advice on BYOD policy. Greek and British hackers face trial for cyber crimes.
Today's issue includes events affecting Argentina, Australia, Canada, European Union, Finland, France, Georgia, Germany, Greece, India, Iran, Israel, Kuwait, Malta, New Zealand, Oman, Pakistan, Palestinian Territories, Qatar, Russia, Saudi Arabia, Syria, United Arab Emirates, United Kingdom, United States..
Info about 0-day SCADA flaws offered for sale(Help Net Security) Following in the footsteps of French Vupen Security, Malta-based start-up ReVuln has also decided to sell information about zero-day vulnerabilities to companies and governments instead of sharing it
Researcher Finds Nearly Two Dozen SCADA Bugs in a Few Hours' Time(Threatpost) It is open season on SCADA software right now. Last week, researchers at ReVuln, an Italian security firm, released a video showing off a number of zero-day vulnerabilities in SCADA applications from manufacturers such as Siemens, GE and Schneider Electric. And now a researcher at Exodus Intelligence says he has discovered more than 20 flaws in SCADA packages from some of the same vendors and other manufacturers, all after just a few hours' work
Today's Tech: US accused of cyber-attack on France(ITProPortal) The United States has been accused of playing a part in some of the most significant cyber-attacks recorded in recent years, including the vicious Flame and Stuxnet viruses. But while the victims of these campaigns have been fairly predictable, with
U.S. denies hacking computers in the Elysee Palace(Help Net Security) U.S. cyber spies have allegedly hacked a string of computers inside the official residence of the President of the French Republic during the last days of Sarkozy's tenure and have stolen confidential
Maher center announcement about the 'narilam' malware(certcc) Recently Symantec reported the detection of a new malware called "win32. narilam". regarding that report there were numerous media coverage on the topic, and comparing the threat to the previously reported cyber-attacks on Iran's infrastructure like stuxnet, duqu and flame
W32.Narilam the malware that hit databases in Middle East(infosec island) Recently we have always thought to malware as dangerous agents used to steal information such as banking credentials or to be used in cyber espionage operation. This is one of the different ways to monetize the development of a malicious agent, virus creation to steal information which is associated with an economic value. But we also learned that malware could be developed for destructive purposes, that the case of state-sponsored project or cyber weapon such as Stuxnet, but similar approach could be also persecuted by private companies against competitor business
Pakistan Hacker Explains How Pakistan google and other sites got hacked(E Hacking News) Recently, The news about the Pakistani Google hack spread like a wildfire in the Internet. At the time, Top Level Pakistan Domains displayed the defacement page including Yahoo, MSN, HSBC, EBay,Paypal and more sites. Today, khanisgr8, a hacker from Pakistan hacker collective called "TeamBlackHats" sent an email regarding the security breach
Anonymous Steps Into Gaza Crisis(InformationWeek) Website defacing and Anonymous DDoS campaign pale next to ongoing cyberattacks apparently launched from Iran and Palestine, security experts say
Hannibal account leak proven as false(cyberwarnews) A few days ago we posted an article that made claims that over 1,000,000 account details had been leaked from a hacker using the handle Hannibal who claimed to leak the data in retaliation attack against anonymous hacktivist for operation Israel. IT has come to light today that this attack was never carried out, that the data was leaked months ago and is still currently being hosted online in the exact same format that hannibal leaked it
MeTV Hacked, Affiliates credentials leaked(cyberwarnews) A popular TV broadcasting network MeTV has been hacked by a hacker we follow often @DARWINARE who recently has attacked and leaked data from UNSW, Amazon. uk and other high profile sites
Dreamhost Breached, Server & client information leaked(cyberwarnews) A pastebin user using the handle Syst3mswt who is apart of warriors team SWT has posted a a dump of server information which appears to come from the well known and popular web hosting service Dream Host
Details of 700 Students Leaked from Syrian Virtual University(Softpedia) A hacker group called GreySecurity, or GSec, has hacked into the systems of the Syrian Virtual University (svuonline. org) and has leaked the email addresses of around 700 students. Over the past period, hackers have mostly tried to protect Syrian organizations, but it appears that some collectives dont necessarily care about the agenda of Anonymous and other hacktivists
Anonymous Hackers Take Down School District Site over Student Tracking System(Softpedia) The Northside Independent School District (NISD) in San Antonio made a lot of headlines last week, after threatening to expel a student that refused to participate in their radio frequency identification (RFID) tracking program. At the end of last week, a court delayed the school districts plans to expel the student but, in the meantime, some Anonymous hackers decided to take the matter into their own hands and took down the NISD website. The hacker who took credit for the attack told HotHardware that these 'student locator' programs are ultimately aimed at getting students used to living in a total surveillance state where there will be no privacy, and wherever you go and whatever you text or email will be watched by the government
Bogus Chase Paymentech notification carries malware(Help Net Security) If you receive an email seemingly coming from payment processing company Chase Paymentech, think twice about opening the attachment it carries. The email purportedly delivers an electronic Merchant
Bogus Apple invoice leads to Blackhole, banking malware(Help Net Security) If you receive an invoice seemingly coming from Apple that apparently shows that your credit card has been billed for $699,99 (or a similar preposterously huge amount of money) because you bought post
Digitally signed ransomware lurking in the wild(Help Net Security) Trend Micro researchers have spotted two ransomware variants bearing the same (probably stolen) digital signature in order to fool users into running the files. Other than that, the malware acts
PASSTEAL Malware Lurking on File Sharing Sites(Threatpost) Variants of the PASSTEAL malware are propagating by masquerading as key generators for paid applications, popular e-books, and other software on file sharing services, according Alvin John Nieto, a threat response engineer at TrendMicro's TrendLabs
South Carolina Data Breach Poses Big Risks to Banks(American Banker) After initially deflecting responsibility, South Carolina Governor Nikki Haley has admitted that his government could have done a better job to prevent a data breach that compromised sensitive information for four million individuals and 700,000 businesses that file state taxes. More than 3. 3 million unencrypted bank accounts were stolen, and 5,000 credit card numbers, though most of those were expired
Attackers Had Access for Months in South Carolina Data Breach(Threatpost) Attackers had two months of unfettered access to South Carolina's Department of Revenue systems in a classic targeted attack that began with a phishing email and ended with the loss of electronic tax return data, and payment card and personal information on 3.8 million filers, possibly dating back to 1998
Security Patches, Mitigations, and Software Updates
Mozilla Releases Multiple Updates(US-CERT) The Mozilla Foundation has released updates to address multiple vulnerabilities for the following products: Firefox 17.0, Firefox ESR 10.0.11, Thunderbird 17.0, Thunderbird ESR 10.0.11, [and] SeaMonkey 2.14. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, bypass safety restrictions, or perform a cross-site scripting attack
A Backhanded Thanks(Dark Reading) As we recover from the Thanksgiving weekend, let's give our brand of security thanks for all the good (and not so good) in our world. Around Thanksgiving time in the U.S., I usually take a minute or two between football overload (like that's possible) and binge eating to reflect on the year. It's hard to believe folks are putting holiday decorations up and we're in full fledged planning for 2013. Didn't 2012 just start? Uh, I guess not
Business needs to focus on cyber security threat, says KPMG(hrmagazine) Senior management in British businesses are not taking the threat to cyber security seriously enough, despite increasing publicity about online security breaches in some of the world's largest organisations, according to professional services firm KPMG. The warning comes after cyber security minister, Chloe Smith, last week reiterated the Government's commitment to tackle cyber crime. KPMG's head of information protection and business resilience, Stephen Bonner, said:"The UK's digital economy accounts for 8% of our GDP, so why organisations are yet to develop a mature approach to cyber security is a question that must be answered
Growth of Black Friday online spending slowed despite the iPad's emergence as a major shopping tool(Quartz) US online sales rose 17.4% on Thanksgiving Day and 20.7% on Black Friday from a year earlier, according to estimates by IBM. Mobile web usage increased significantly, with 24% of consumers visiting retailers' sites from a smartphone or tablet, compared to 14.3% last year. Mobile sales represented 16% of the total, up from 9.8% in 2011. Consumers using iPads conducted roughly 10% of total online shopping, blowing away all other tablets. Wal-Mart separately said that mobile devices represented 45% of all Walmart.com traffic on Thanksgiving. But overall online shopping growth rates slowed from last year
Understanding basic honeypot concepts(Help Net Security) The EU cyber security Agency ENISA is launching an in-depth study on 30 different digital traps or honeypots that can be used by CERTs to proactively detect cyber attacks. The study reveals barriers
Battles over online information control to escalate(Help Net Security) The year ahead will feature new and increasingly sophisticated means to capture and exploit user data, escalating battles over the control of online information and continuous threats to the U.S. supply chain
What's the most coveted target for cyber attackers?(Help Net Security) Despite repeated warnings, organizations are still failing to lock down the primary target of most cyber-attacks – privileged access points. Cyber-Ark labs analyzed a string of recent, high-profile
Cloud Security Not the Barrier It's Supposed to Be(Midsize Insider) Groups like the Cloud Security Alliance will continue to perform research and issue documents, as it recently did, according to this Integration Developer News article. These documents are said to serve an important purpose in showing how the industry
Study Hints at the Future of Cloud Computing(BostInno) A recent study by the Cloud Security Alliance (CSA) and the Information Systems Audit and Control Association (ISACA) revealed that changing government regulations, plausible exit strategies, and international data privacy are the most pressing
Nokia Siemens to head stateside to fill Huawei-shaped market gap(ZDNet) After a U.S. House Intelligence Committee found that Huawei and ZTE, which provide telecoms equipment to cellular and wired networks, "cannot be trusted" to be free from foreign state influence and "thus pose a security threat to the United States," it left many networking companies which buy their products up the creek without a paddle. Finland-based Nokia Siemens Networks (NSN) is looking to fill the gap, and what an opportune time: the company is sinking and it needs to expand stateside or face potential collapse
As cyberwarfare heats up, allies turn to U.S. companies for expertise(Washington Post) In the spring of 2010, a sheik in the government of Qatar began talks with the U.S. consulting company Booz Allen Hamilton about developing a plan to build a cyber-operations center. He feared Iran's growing ability to attack its regional foes in cyberspace and wanted Qatar to have the means to respond
Cyber Security Challenge announces new competitions(Engineering and Technology) The Cyber Security Challenge has announced new competitions including malware attacks from hostile states, IP theft in motor racing and 'Stuxnet-like' attacks on high security facilities. Professional cyber teams from Orange, Prodrive, (ISC)2, the SANS Institute, QinetiQ and Sophos will test over 100 qualifiers from the virtual first-round competitions over the coming months to determine the 40 finalists for the Masterclass grand finale in March 2013
Transcom Opens Cyber Center(Executive Gov) U.S. Transportation Command has opened a joint cyber center for securing the command's information networks, American Forces Press Service reports
CMS Awards up to $15B to Upgrade & Manage Data Centers(Govconwire) The Centers for Medicare and Medicaid Services has awarded a number of contracts that could add up to $15 billion in the next 10 years, for the management of its data center operations. According to a NextGov article, contractors for the "virtual data center operation" indefinite-delivery-indefinite-quantity contracts include Accenture Federal Services, HP Enterprise Services, IBM, Lockheed Martin and other vendors
Intel's Next CEO Must End Mobile Neglect(InformationWeek) Intel built an unbeatable infrastructure for PC and server chips -- which gives it zero advantage in meeting fundamentally different requirements for mobile chip design
Mozilla suspends work on 64-bit Firefox for Windows(Computer World) Mozilla this week suspended development of a 64-bit version of Firefox for Windows, citing add-on incompatibilities and low priority for the project. In a message posted to Bugzilla, the company's bug- and change-tracking database, Benjamin Smedberg, a developer with consulting firm Mozdev, and a regular contributor to the open-source browser, said that the organization was suspending, perhaps for some time, the work on a 64-bit version."Please stop building windows 64 builds and tests," Smedberg wrote on Bugzilla Wednesday. In the same message, he told commenters the decision had been made, and not to argue it on Bugzilla, a warning that several people ignored
HP delivers server for Big Data(Help Net Security) HP unveiled a server built to help clients operationalize Big Data, drive new business opportunities and save up to $1 million over three years
Imation releases PC on a Stick mobile workspace(Help Net Security) Imation announced beta availability of its IronKey Workspace, certified for deployment of Windows To Go. The IronKey Workspace lets organisations outfit mobile professionals with a secure, fast USB
ManageEngine updates Password Manager Pro(Help Net Security) ManageEngine announced enhancements to Password Manager Pro, which offers protection to data centres by helping establish access controls to IT infrastructure, and seamlessly record and monitor
Linux file encryption with BestCrypt(Help Net Security) Jetico has announced BestCrypt Container Encryption for Linux 2.0, now with a simple user experience in a new GUI, plus greater stability and security
Netflix Wants You To Adopt Chaos Monkey(InformationWeek) Netflix has made its own automated disaster testing service, Chaos Monkey, available as a free public download. Should you turn it loose on your own systems
Guide to iPad Security in the Enterprise(eSecurity Planet) While iPads and other tablets provide big productivity benefits in the enterprise, they also create some pretty big security challenges. As iPads continue to make their way into the enterprise, security is an increasingly significant concern – a recent study by Context Information Security suggested that the iPad is dangerously vulnerable
Risk Assessment Reloaded (thanks PCI !)(Internet Storm Center) Last month was Cyber-Security Awareness Month, and we had some fun presenting a different security standard each day. One of the standards we discussed was the ISO 27005 standard for Risk Assessment. So when the PCI Council released Risk Assessment Guideance this past week, it immediately caught my attention
What's in Your Change Control Form?(Internet Storm Center) It's surprising how many organizations don't plan well for change. Change Control is a well known process, one that is well defined in many different frameworks (ITIL and the ISO 27000 Series and NIST for starters). Yet many organizations plan changes over coffee and a napkin (or a visio on a good day). This almost always results in figuring out problems during the change (I don't know about you, but the less 1am thinking I need to do, the better off I am!), conflicting changes, or changes that just plain don't work, and need to be backed out in a panic.
Black Friday and Cyber Monday: Trend Micro Canada's Top Tips(Canada NewsWire) With this year's cyber holiday shopping season about to begin, Canadians in record numbers will be online looking for perfect gifts, deals and bargains. Unfortunately shoppers and sellers aren't the only ones who will be busy
Tips for a safe online shopping season(Help Net Security) The holiday season presents the perfect opportunity for cybercriminals to steal consumers' information as shopping is increasingly conducted online. According to a 2011 study from comScore, dollars
Cloud security begins with the contract, says expert(TechTarget) "If I was a business person actually negotiating these deals I would never move forward without those basic, bare bones minimums," Kellermann said in a recent interview with SearchSecurity.com conducted at the 2012 Cloud Security Alliance Congress
Spy Training For The Digital Age(Los Angeles Times) Stalking is part of the curriculum in the Cyber Corps, an unusual two-year program at the University of Tulsa that teaches students how to spy in cyberspace, the latest frontier in espionage. It may sound like a Jason Bourne movie, but the little-known program has funneled most of its graduates to the CIA and the Pentagon's National Security Agency, which conducts America's digital spying
DSD issues advice for executives tackling BYOD(ZDNet) The Australian Defence Signals Directorate (DSD) has issued security advice for executives who are having to tackle the issue of employees bringing their own devices (BYOD) into the workplace. Issued from the DSD's Cyber Security Operations Centre, the notice covers implications of BYOD, including the legal, financial, and security implications
Israel's Investments in Cyber Defense Pay Off(Heritage.org) Sequestration will cut 9.4 percent from every part of the defense budget. These cuts will hit cyber operations, including cybersecurity programs in the Department of Homeland Security. Hollowing out our conventional and strategic forces is bad enough
New web domains face government objections(Fierce Government IT) The government advisory committee to the Internet Corporation for Assigned Names and Numbers released Nov. 20 a list of about 200 proposed new generic top level domains to which various governments object. ICANN began accepting applications for new gTLDs in January and in June unveiled a list of 1,930 possibilities, some of which have attracted controversy--although the usual examples of contentious proposals such as .sex and .gay are in fact missing from the GAC objections list (.sucks does make it, however)
Litigation, Investigation, and Law Enforcement
Anonymous claims Stratfor hacking trial is partial, unfair(ZDNet) Anonymous is demanding that the judge overseeing the trial of a hacker, who is alleged to be responsible for the Stratfor breach, step down from her position. In December last year, hackers stole information from intelligence broker Stratfor and published the information online. The information included over 50,000 credit card numbers, as well as a large number of email addresses, phone numbers, and easily cracked encrypted passwords
Accused Wikileaker To Ask For Dismissal(Baltimore Sun) Army Pfc. Bradley Manning is due back at Fort Meade this week, where lawyers for the alleged WikiLeaker plan to argue that he was punished at a military brig before his case had been heard grounds, they say, to dismiss all charges against him
Govt spies may face court(Otago Daily Times) Any disclosure would allow Mr Dotcom's team to attempt to examine whether the GCSB had passed information to its US partner, the National Security Agency. The NSA works with the FBI on issues of national significance
Feds want Obama's Internet instructions kept quiet(WND.com) The National Security Agency says a special directive from Barack Obama on the organization's reach into private Internet communications will not be made public. The announcement comes in a letter from the NSA's Pamela Phillips to the Electronic
Greek National Arrested on Suspicion of Theft of 9M Records on Fellow Greeks(Internet Storm Center) From the Associated Press via The Washington Post. The report cites a 9 million record value and notes that Greece currently has a population of around 10 million (WolframAlpha tells me that the 2010 estimate is 11.2M.) The WP article also wisely notes that 9M value is from a data-file that hasn't been de-duplicated
Student denies PayPal cyber-attack(TG Daily) Student Christopher Weatherhead was one of four British hackers to attack PayPal in support of Wikileaks, a court heard yesterday. While his three co-defendants - Londoner Ashley Rhodes, 27, Peter Gibson, 24, from Hartlepool and an 18-year-old male who
Lewys Martin of Kent faces Oxbridge cyber attack charges(BBC News) Lewys Martin of Kent faces Oxbridge cyber attack charges. A man has been accused of 17 offences connected to the blocking of the websites of Oxford and Cambridge universities and Kent Police. The charges against Lewys Martin, 20, also relate to the
Petraeus Staff Subject Of Document Probe(Washington Post) Petraeus aides and other high-ranking military officials were often tasked by Petraeus and other top commanders to provide military records and other documents to Paula Broadwell for her work as Petraeus's biographer, former staff members and other officials told The Washington Post
EPA struggles with FISMA compliance(Fierce Government IT) The Environmental Protection Agency fell short of its major cybersecurity responsibilities in fiscal 2012 through poor security log management and not resolving known security failures, writes the agency's office of inspector general
Lab misspent more than $1M on IT purchases, says SEC OIG(Fierce Government IT) A lab at the Securities and Exchange Commission is responsible for some major spending and IT security infractions, according to an SEC Office of Inspector General report released publicly Nov. 19 but dated Aug. 30
Good Technology lawsuits show MDM competition is heating up(Fierce Mobile IT) Good Technology's recent patent infringement lawsuits against competitors MobileIron and AirWatch are an indication that competition is heating up in the mobile device management market, observed Phillip Redman, research vice president for mobile and client computing at Gartner
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Digital Security Summit(Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.
Passwords^12(, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...
CIO Cloud Summit 2012(, January 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
2012 European Community SCADA and Process Control Summit(Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.