Malware proves increasingly resistant to detection or removal. The Narilam data-annihilation malware mentioned here yesterday continues to circulate in Iranian banks—and has for two to three years. Distributed denial-of-service attacks have gotten bigger and now incorporate application-layer exploits. A Linux rootkit's features make it harder to detect, and increasingly diverse vectors take Internet users to the BlackHole exploit kit. (Greater attack sophistication leads an Imperva-University of Tel Aviv study to suggest antivirus software is, for many businesses, a waste of money.)
Israeli and Palestinian hacktivists seem, more or less, to be respecting a Gaza ceasefire. Saudi oil companies say they're under sustained, continuous cyber attack. A mass attack on Pakistani domains affects major corporations (Google, Apple, Yahoo). Insurance company Nationwide experiences a data breach—South Carolina residents are among the most affected.
Old-school security problems remain with us: shredded police documents from Nassau County (New York) used as confetti in the Macy's Thanksgiving Day Parade are collected and pasted back together, and a classic pump-and-dump stock scam victimizes Google and ICOA with a fake acquisition announcement.
Maryland continues its push to become the US cyber center. Contractors work to sustain US Federal cyber funding: Boeing, Northrop Grumman, Raytheon and SAIC are mentioned in dispatches.
The University of Tulsa's two-year cyber program does seem to be producing operators for the NSA ("the fraternity") and CIA ("the sorority"). Intelligence historians will think it's 1943, with Cyber Command cast as the OSS and Tulsa as Yale. Note Tulsa's concentration on offensive skills.
Today's issue includes events affecting Argentina, Australia, Canada, China, European Union, India, Iran, Israel, Pakistan, Palestinian Territories, Russia, Saudi Arabia, Spain, Taiwan, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Data-Annihilation Malware Still Alive(Dark Reading) 'Narilam' malware has been in circulation for two to three years; Iranian CERT says it targets databases of specific financial software in Iran. Data-annihilation attacks don't typically have a long shelf life: They rely on the element of surprise to incur as much damage as possible before they are discovered and purged. But sometimes they have a long tail and continue to spread, like the recently analyzed Narilam malware
Evolving DDoS Attacks Force Defenders to Adapt(Dark Reading) Distributed denial-of-service attacks get bigger and combine application-layer exploits requiring defenders to be more agile. In the past, attackers using distributed denial-of-service (DDoS) attacks to take down Web sites or network servers typically adopted one of two tactics: Flooding the site with a deluge of data or overwhelming an application server with seemingly valid requests
Security Brief: Israel, Palestine, Malware(Softpedia) This week, Israel and Palestine have signed a ceasefire agreement and most hacktivists stopped launching cyberattacks. However, before the agreement was signed, hackers from both sides launched numerous attacks. Pro-Palestine hackers breached several websites as part of OpIsrael, including ones of Microsoft
Google, Apple victims of cyber-attack in Pakistan(New Europe) Web sites belonging to some of the tech world's biggest names, including Google, Apple and Yahoo, were hacked and damaged over the weekend, following a massive cyber-attack on Pakistani domains. A total number of 258 web pages with 'pk' domain
Cyber threats to energy security, as experienced by Saudi Arabia(Platts) One oil major told me a few days ago: "We're constantly under cyber attack." But there is still a sense of denial hanging over the issue. So while no less a figure than US Defense Secretary Leon Panetta can describe the al-Shamoon virus which assaulted
eBay patches two critical security flaws on US website(Help Net Security) Two critical vulnerabilities in eBay's US website (ebay.com) have been closed by the company, preventing attackers from accessing and modifying one of its databases as well as steal eBay users' login
DIY mass iFrame injecting Apache module sold online(Help Net Security) The wish to automate repetitive and boring tasks is not restricted to those who engage in legal enterprises, so it's no wonder that we have lately witnessed a rise in DIY kits marketed to cyber crooks
Las Vegas Newspaper Recovers From Cyber Attack(CBS Local) Internet websites for the Las Vegas Sun and three related entities are back up and running after a weekend cyberattack overwhelmed servers and blocked access. The newspaper reports that the Greenspun Media Group websites lasvegassun. com, lasvegasweekly.
Nationwide customers notified of breach, PI theft(Help Net Security) Nationwide, one of the largest insurance and financial services companies in the world, has been sending out letters to notify some of its clients about the compromise and potential compromise
Chrome Zero-Day Presentation Gives Way to Mandatory Military Service(Threatpost) The saga of the latest zero-day vulnerability and exploit for the Google Chrome browser took another mysterious turn over the weekend. The 19-year-old Georgian security researcher who found the vulnerability in the browser was called up for compulsory military duty in his country and was unable to deliver his presentation Saturday at the Malcon security conference in India. Conference organizer Rajshekhar Murthy told Threatpost in an email that Ucha Gobejishvili was called in last minute and was not able to travel to New Delhi
Faulty CSS Leads Users to Believe Kaspersky Site Was Hacked(Softpedia) Users who visited Kasperskys Anti-Virus 6. 0 MP3 for Windows Workstations webpage yesterday could see a picture of the symbolic Nyan Cat on top of the normal content. A few hours later, the company addressed the issue and revealed that the defacement was caused by a buggy CSS
Log All The Things(Dark Reading) How the growing granularity in computing is going to affect monitoring. Yes, computers are smaller now. From the behemoths of old to systems on a chip, we've seen a change in the form factor such that these days, you could just about lose millions of SSNs if your USB navel piercing fell down the shower drain. And that's not even counting the sprawl when it comes to virtual machines
Antivirus software a waste of money for businesses, report suggests(TechWorld) Antivirus software is now so ineffective at detecting new malware threats most enterprises are probably wasting their money buying it, an analysis by security firm Imperva has concluded. Reports questioning the protection offered by antivirus suites has become a staple theme among researchers in recent times and the study Assessing the Effectiveness of Anti-Virus Solutions, carried out for Imperva by the University of Tel Aviv, is another addition to that sobering collection. The team ran a collection of 82 new malware files through the VirusTotal system that checks files against around 40 different antivirus products, finding that the initial detection rate was a startling zero
Cybersecurity worries spur fears of cost and regulation(intelligentutility) The long political fight over the security of the nation's computer networks is expected to re-ignite next year -- with the safety and convenience of virtually every American on the table. At stake is the nation's cyberspace, increasingly at risk from playful hackers, thieves, fraudsters, foreign spies and terrorists. Experts insist everything from online gift-buying to transportation systems to the electricity in your home is endangered
Gartner: Industry demand to spur tablet sales in China(Fierce Mobile IT) The increasing use of tablets in the hospitality, insurance, finance, retail, transportation, and education vertical markets is expected to fuel a surge in tablet shipments in China over the next four years, predicted market research firm Gartner
Cyberattacks Cause Considerable Economic Damage to Governments, EP Says(Softpedia) A report recently published by the European Parliament (EP) highlights the fact that recent cyberattacks have caused considerable economic damage to European Union (EU) member states. In the report, Tunne Kelam an Estonian politician and a Member of the European Parliament underscores the fact that member states and the EU in general have become crucially reliant on cyberspace. Cyber challenges, threats and attacks are growing at a dramatic pace and constitute a major threat to the security, defence, stability and competitiveness of the nation states as well as of the private sector; whereas such threats should not therefore be considered future issues, the report reads
Contractors move to save cybersecurity funding(Politico) As new threats emerge, the administration has tried to secure for the Department of Homeland Security and DOD even more cyber aid, and congressional appropriators have mostly fulfilled the requests. While those agencies may lead the way in deterring
Defense Stocks Seen Gyrating Fiscal Cliff Or No(Bloomberg Government) Investors are betting on the biggest price swings for defense stocks in a year, even as U.S. lawmakers and the Obama administration push for a deal to avoid the fiscal cliffs automatic cuts to Pentagon spending
Maryland lawmakers turn state into 'Fort Cyber'(Politico) Make no mistake, the cybersecurity threat is no farce: Hackers have infiltrated U.S. government systems and routinely set their sights on the Pentagon and Department of Homeland Security. Companies around the world are equally appealing targets
A Virtual Battleground For Pentagon's Cyberwarriors(Washington Post) CyberCity has all the makings of a regular town. Theres a bank, a hospital and a power plant. A train station operates near a water tower. The coffee shop offers free WiFi. But only certain people can get in: government hackers preparing for battles in cyberspace
Spy Tech: 10 CIA-Backed Investments(InformationWeek) Check out some of the latest technologies to win funding from In-Q-Tel, the venture investment arm of the CIA and other intelligence agencies. That's the first step toward use by agents and analysts
ManTech Wins Prime Position on $7B Software Engineering Contract(GovConWire) ManTech International Corp. (NASDAQ:MANT) has been awarded a prime position on a $7 billion contract to provide software and systems engineering services to an Army software engineering center. According to a company statement, the indefinite-delivery/indefinite-quantity, multiple-award contract from the Communications-Electronics Command Life Cycle Management Command's Software Engineering Center has a two-year base period, one two-year option and
PRWeb Releases Press Release About Its Fake Press Release, But The Circle Of Trust Is Already Broken(TechCrunch) PRWeb has just put out a press release about the fraudulent press release it released (and we erroneously reported) this morning. Ha. From the press release: "PRWeb transmitted a press release for ICOA that we have since learned was fraudulent. The release was not issued or authorized by ICOA. Vocus reviews all press releases and follows an internal process designed to maintain the integrity
Mile2 Helps Businesses Protect Sensitive Information(investmentunderground) With training courses in IT security, data protection, risk management, and information assurance, Mile2 has a reputation for helping businesses all over the world. Established after 9/11, Mile2 is corporately located in Tampa, Florida and has almost
It's Not Just Indians and Taiwanese Anymore(Slate) A new group may be on the way up in the immigrant-dominated tech world. While Silicon Valley is an immigrant-friendly place--witness Russian-born Sergey Brin's triumph at Google or Hungarian-born Andy Grove's success at Intel--there are signs that immigrants' influence in the tech mecca may be plateauing. A study released last month by AnnaLee Saxenian of Berkeley and Vivek Wadhwa of Duke found that 43.9 percent of Silicon Valley startups launched in the past seven years had at least one key founder who was an immigrant. That's a big number, but it's a drop from 2005, when 52.4 percent of startups were immigrant-founded
Twitter's First Designer, Vitor Lourenco, Leaves The Company After Five Years(TechCrunch) Things change everywhere, especially at startups. Sometimes, the people who start something aren't the ones who end up "finishing" it, and that's the case today with one very important person at Twitter. In a tweet, Twitter's first designer, Vitor Lourenco, announced that he's leaving the company after five years
How to Prevent Spear Phishing Attacks(eSecurity Planet) While security software can help prevent spear phishing attacks, staff training is the best way to avoid phishing losses. An unsuspecting secretary receives an email about a package due for delivery, and clicks on a link or an attachment in the message to track its progress. In that split second, she unknowingly compromises
Approaching Mobile App Security - 4 Areas of Focus Before Developing Apps(Bank Information Security) This is the first in a series of new blogs addressing mobile application security. Future installments by the author will address security threats posed by third-party apps and how to address them. In 1996, my first cellphone provided me with 30 minutes of talk time for $29
Research and Development
The Rising Science Of Social Influence — How Predictable Is Your Online Behaviour?(TechCrunch) Techcrunch recently ran a piece by Michael Wu of Lithium. The following is a response written by Ferenc Huszar, who, prior to jointing Peer Index, was the lead data scientist at the Machine Learning Lab at Cambridge University. Quantifying aspects of human behaviour and social phenomena has never been simple. But in today's world, one thing is inescapable. We are creating a new market and
NSF RFC on Cybersecurity Research Strategic Plan(Cryptome) This Request For Comments (RFC) is issued by the Cyber Security and Information Assurance Research and Development Senior Steering Group (SSG) of the Federal Networking and Information Technology Research and Development (NITRD) Program. The SSG is preparing a report to provide an update on technological developments in Federal cybersecurity research and development since the release of the 2011 Federal Cybersecurity Research and Development Strategic Plan
Q&A with Salman Khan(MIT Technology Review) An amateur teacher who rocketed to fame on the Internet tells us how he'll take his free video tutorials to the next level. What kind of crazy teacher would put high-school math on a site known for cat videos? In his new book, The One World School House: Education Reimagined, Salman Khan recalls how, eight years ago, he uploaded his first mathematics tutorial to YouTube. "I had no preconceived notions about how people learned; I was constrained by no orthodoxy regarding the 'right' way to do things," he writes
Legislation, Policy, and Regulation
Cyber attack reporting will boost defence capability, says Neelie Kroes(Computer Weekly) The European Commission (EC) is considering making it mandatory for companies to report cyber attacks to harness the benefits of open dialogue, says vice-president Neelie Kroes. Despite industry opposition, open discussion about cyber threats is vital to enable organisations to learn and improve understanding of the issue, she told the German publication Sddeutsche Zeitung. Details of the EUs plans are likely to be revealed later this year with the publication of the its cyber security strategy
Pace of US Cyber-Preparedness Accelerating(Forbes) Three recent moves by the Pentagon, State Department and White House indicate that the pace of preparation for engaging in offensive cyber attacks is increasing. The first was the speech given by Leon Panetta, Secretary of Defense on October 12 where
White House Advances Insider Threat Policy(FAS) In a memorandum to agency heads last week, President Obama transmitted formal requirements that agencies must meet in order to deter, detect, and mitigate actions by employees who may represent a threat to national security. Along with espionage and acts of violence, the National Insider Threat Policy notably extends to the unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks. To combat such unauthorized disclosures, agencies are required to monitor employee use of classified networks
India-U.S. Security Relations: Current Engagement(FAS) U.S.-India engagement on shared security interests is a topic of interest to the U.S. Congress, where there is considerable support for a deepened U.S. partnership with the worlds largest democracy. Congressional advocacy of closer relations with India is generally bipartisan and widespread; House and Senate caucuses on India and Indian-Americans are the largest of their kind. Caucus leaders have encouraged the Obama Administration to work toward improving the compatibility of the U.S. and Indian defense acquisitions systems, as well as to seek potential opportunities for co-development or co-production of military weapons systems with India
Litigation, Investigation, and Law Enforcement
Google Responsible For Other Peoples' Lies, Deems Australian Court(TechCrunch) Google is now legally responsible for every crazy thing on the Internet–at least, in Australia. The Supreme Court of Victoria fined Google $200,000 for not removing defamatory rumors linking music promoter, Milorad Trkulja, to organized crime. The court reasoned that Google is a "publisher" because it displays content and links to offending websites
Feds scoop up 132 websites in annual cyber Monday ritual(GigaOM) The Department of Homeland Security celebrated a holiday tradition of its own today by announcing the seizure of dozens of domain names that were allegedly used to sell fake consumer swag like jerseys and jewelry. Once again, the seizures came with
DOT IG critical of recurring FISMA security weaknesses(Fierce Government IT) Despite a series of damning, yearly Federal Information Security Management Act compliance audits, the Transportation Department failed again in fiscal 2012 to remedy recurring weaknesses that expose the department to serious security threats, according to a Nov. 14 Office of Inspector General report. Twenty-one of 35 open recommendations made since 2009 remain open, say report authors
HP's Accounts Bombshell: A Guide for the Perplexed(Slate) Hewlett-Packard claims it was duped into hugely overpaying for Autonomy, prompting an $8.8 billion writedown. It blames at least $5 billion directly on dodgy book-keeping. Autonomy founder Mike Lynch says his company played by the rules. But complicated procedures for categorising sales and recognising revenue are critical to the strength of HP's three central allegations
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Digital Security Summit(Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.
Passwords^12(, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...
CIO Cloud Summit 2012(, January 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
2012 European Community SCADA and Process Control Summit(Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.