The Assad regime abruptly shut down Syria's Internet connections yesterday. (Rebels had made heavy and effective use of the Web for command and control. Gaddafi's regime in Libya also disabled the Internet in its last days.) Anonymous' OpIsrael hacks Israeli news agency DEBKAfile and releases user accounts.
A new version of the W32/VBNA-X worm spreads rapidly: it uses Windows Autorun and "clever social engineering" to implant banking Trojans. Western Connecticut University notifies more than 200,000 that a database vulnerability exposed their personal information. Lack of a Chief Information Security Officer probably contributed to the recent hack of South Carolina's unencrypted tax database: the Revenue Department CISO position went unfilled for a year—the state found no takers at a $100k salary. Legislators want an independent investigation.
More enterprises consider adding cyber counteroffensives to their defensive strategies. The malware black market's evolution affects how bug hunters do business, and not in a good way: expect zero day exploits to debut in the black market, then move to legitimate markets as "newly discovered vulnerabilities." Rising threats to the financial sector lead banks to take a leading role in containing criminal cyber campaigns.
NSA's Accumulo becomes a point of contention in US budget debates: the Senate wants it jettisoned for a commercial alternative.
Business schools offer cyber track MBAs; they're now struggling to introduce big data analytics into their curricula.
The EU joins the US and Canada in opposing more restrictive UN management of the Internet. Thailand thinks it's facing a cyber crisis.
Today's issue includes events affecting Albania, Australia, Bermuda, Canada, China, Eurpoean Union, Finland, Germany, Russia, Singapore, Spain, Syria, Thailand, United Arab Emirates, United Kingdom, United Nations, United States..
Cyber Attacks, Threats, and Vulnerabilities
Syria Has Just Been Taken Offline(Wired Danger Room) Syria has been largely cut off from the rest of the internet — just as rebel forces are making some of their biggest advances yet against the Assad regime
Syria has cut itself off from the internet and shut down cellular service(Quartz) Syria has just cut itself off from the internet, reports internet monitoring firm Renesys. (Update at 11:18 a.m. ET: The above chart from Akamai confirms the shutdown.) Telephone service is also down, Syrian activists tell the AP. Previously, the government has cut off access to communications in pockets of the country, usually when commencing a military operation, but this is only the second time that Syria has cut itself off from the internet entirely. Internet and cellular connectivity has been an essential enabler of the distributed communication of Syria's leaderless revolution, leading to fears that the government would eventually cut off communications networks entirely. One of the rebels said on Twitter that they are prepared for a communications shutdown
W32/VBNA-X worm spreads quickly through networks and removable media(Naked Security) A new particularly virulent version of the malware family known as W32/VBNA (also SillyFDC/Autorun) is spreading very quickly. It takes advantage of Windows Autorun and some very clever social engineering techniques to plant banking Trojans on victim computers
NSS Labs Reveals Browsers' Anti-Phishing Progress And Phishers' New Tactics(Dark Reading) NSS Labs today released the latest results and analysis from its web browser security comparative series which evaluated the phishing protection offered by the four leading browsers -- Apple Safari, Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox. During the 10-day test period, the average phishing URL catch rate ranged from 90% for Firefox 15 to 94% for Chrome 21 -- a significant improvement from 2009 testing where the average block rate was 46%. The average time it took the tested browsers to block a phishing URL also improved
Phony T-Mobile, Vodaphone Notifications Duping U.K. Users(Threatpost) Cybercriminals in the United Kingdom this week have launched two separate but similar scams intent on gaining access to users' computers. Both scams impersonate e-mail notifications from popular British cell phone companies and both ultimately open a backdoor on the targeted computers
Shylock Malware Evasion Techniques Now Detect RDP Connections(Threatpost) Plenty of malware samples contain embedded functionality that helps the code avoid detection by security software, or places encryption or packing barriers that keep security researchers from studying changes that would help vendors write detection signatures. The Shylock malware has taken that dynamic a step further
Hacker puts new Java flaw in the window(Web wereld) A hacker offers online a previously discovered vulnerability in Java. The highest bidder can exploit the exclusive use, making it leak longer remains unknown and is not patched. A hacker on the Internet provides a new Java 0-day to
Security Patches, Mitigations, and Software Updates
PayPal Fixes Trio of Remote-Access Vulnerabilities(Threatpost) PayPal has repaired three remote-access vulnerabilities found in different areas of its website, including a cross-site scripting (XSS) flaw on its PayPal Community Forum. All three flaws were submitted to PayPal's Bug Bounty Program. Researcher Benjamin Kunz Mejri of Vulnerability-Lab reported the security vulnerabilities to PayPal in September; patches were released in late October according to an advisory posted this week to the Full Disclosure list
Google fixes Webmaster Tools access flaw(ZDNet) For several hours, people who formerly had formal access to sites' Webmaster Tools accounts were given access again by mistake. There is as yet no evidence of anyone causing damage due to the error. Google has fixed a security flaw in its Webmaster Tools, which gave temporary access to sites' tools to people who previously had official access, but were no longer supposed to
Caution: Not Executing Offensive Actions Against Our Adversaries is High Risk(CSO) I recently read Jody Westby's blog on Forbes (which is a great article) on the subject of "Caution: Active Response to Cyber Attacks Has High Risk." There are several areas I agree with in Jody's blog but there are equally the same number of areas, if not more areas where I disagree. Certainly, cybersecurity will never get better until we are able to curb cybercrime. However, there is much more we need to do to improve cybersecurity. These centers around truly building security into every function of business and IT planning. If we build security into every function and facet of every bit of software and hardware that we create implement and deploy, then our levels of risk will be reduced significantly. This means regardless the level of attempts at cybercrime our data is protected. If we encapsulate our sensitive data upon inception, much like the creators of Gauss encrypted the payload, then we significantly reduce risk. The new approach of that is referred to in the article of "hacking back," "striking back," or "active defense (an oxymoron to begin with)," is described as alarming. I find it to be refreshing and required
How The Sale Of Vulnerabilities Will Change In 2013(Dark Reading) The market for the sale of zero-day vulnerabilities fundamentally shifted this year and heading into 2013 bug hunters will increasingly play by a set of new rules, vulnerability experts say. As the sale of black market zero-day exploits continues to
Can Banks Prevent the Next Cyber Attack?(Wall Street & Technology) Comparing a cyber attack to a natural disaster, Andy Ozment, senior director for Cybersecurity, National Security Staff, The White House, said that private industry, not the government, is usually the first responder to cyber attacks. "We are debating
McConnell Says Cyber Threats on Financials Rising(Bloomberg) Mike McConnell, vice chairman of Booz Allen Hamilton Inc., talks about cyber security threats facing the financial industry. McConnell speaks with Sara Eisen and Scarlet Fu on Bloomberg Television's "Surveillance
Few Invest in Security Awareness Training(The Info Pro) A survey a few years back by SAI found that while the majority of employees had a mostly positive view of information security in the enterprise, this did not translate into actual practical security implementation. In fact, 20% of those responding had no idea to whom within their company they should report a security event. Further, 25% of employees said they had received no security awareness training whatsoever.
Economic espionage - Piece of Cake(YouTube) Economic espionage costs the UK billions every year. It can have a major impact on business and jobs through lost contracts, company failures and redundancies. This film illustrates how easy it is to collect information about people and companies given today's global interconnectivity, the increasing dependencies of companies on IT, the routine use of social networking sites and a general lack of good security practice
White House threatens to veto Senate Defense bill(FederalNewsRadio) The White House also took issue with a measure requiring the DoD chief information officer to discontinue use of the National Security Agency's "Accumulo" open-source software program if a viable commercial alternative can be found. "The provisions
No 'Plan B' For Pentagon In Case Of Big Budget Cut(New York Times) Gen. Dwight D. Eisenhower famously said that plans are nothing, but planning is everything because no war plan survives first contact with the enemy. Therefore, the military should hone its ability for continuous planning
Pentagon Official Hopeful Congress Will Stop January 2 Cuts(Reuters) A top Pentagon official said on Thursday he is "cautiously optimistic" that Congress will avert automatic budget cuts that are due to kick in on January 2, citing some increased willingness among Republicans to consider additional revenue now that the presidential election is over
Pentagon Budget Planners Set For Tough Decisions(Agence France-Presse) No matter how high-stakes budget talks between the White House and Congress end, experts say one thing is certain -- the Pentagon will suffer major cuts. The only question is what will get the ax
Harris exec to take reins at Artel(Washington Technology) Ted Hengst, president of Harris Corp.'s IT business and the corporate chief information officer, is leaving the company to become CEO of Artel LLC. Artel, which was founded in 1986, was acquired in 2011 by the private equity groups Torch Hill Investment Partners and TPG Growth. The company had over $400 million in 2011 revenue
Wayne Lucernoni to Become Acting Harris IT President as Ted Hengst New Artel CEO(GovConExecutive) Harris Corp.'s Ted Hengst, president of IT business and the corporate chief information officer, has been named CEO of Artel LLC, effective Dec. 3, according to a Washington Technology article. Wayne Lucernoni, current vice president and general manager for intelligence, civilian and health care programs will become acting president of Harris IT
CenturyLink Promotes Jeff Von Deylen to Lead Savvis(Govconwire) CenturyLink (NYSE: CTL) has promoted Jeff Von Deylen, current senior vice president of global operations and client services for its Savvis subsidiary, to lead the subsidiary as president, effective Wednesday. CenturyLink said Von Deylen, who joined Savvis in 2003 as chief financial officer and board member, will succeed Bill Fathers, who is leaving the company
FireEye names David DeWalt as CEO(ARNet) DeWalt has had more than 25 years of experience in leading technology companies, with a focus on cyber security. He has also served as FireEye's board
How Much is a Good CISO Worth? - Seeking a Qualified Chief Information Security Officer for $100K(Govenment Information Security) Would you take a job as a chief information security officer for $100,000 a year? It seems no qualified IT security manager wanted the job as CISO at South Carolina's Department of Revenue for that salary. While the CISO post stood vacant this past summer, at least one assailant hacked into the department's tax system, exposing the Social Security numbers and other personally identifiable information of nearly 4 million taxpayers
Cyber security pioneer predicts Apple's closed philosophy will end its dominance(Reuters via BGR) In an interview with Reuters, cyber security expert and Kaspersky Lab CEO Eugene Kaspersky said that Apple (AAPL) won't be able to sustain its growth following its closed philosophy. The Cupertino-based company is known for its tight integration of hardware and software throughout its computer, music, smartphone and tablet line of devices. Despite this, Apple has seen great success and at one point cornered the music, mobile and tablet market. In recent times, however, the iPhone maker has lost market share from increased competition from both Google (GOOG) and Microsoft (MSFT)
Wall Street thinks RIM is back! Just don't count on it to stick around(Quartz) A report by Goldman Sachs just upgraded RIM to a "buy" rating. On its face, at least through the first quarter of next year, this is not an unreasonable recommendation. Before this surge, RIM had been trading at or below the total value of its assets since June. In January, the company will release the BlackBerry 10, which will almost certainly boost the company's revenue as die-hard fans of Blackberrys scoop it up, reversing, at least temporarily, the ongoing contraction in the growth of shipments of BlackBerrys. It could even, as Goldman predicts, return the company to profitability, at least for that quarter
Booz Allen Hamilton: Unsuitable For Investment(Seeking Alpha) Recommendation: I recommend refraining from the purchase of Booz Allen Hamilton (BAH) common stock. The business has historically generated ample excess cash flows and could achieve strong growth in the future. However, the business depends on
LivingSocial Confirms Layoffs: 400, All But A Couple Dozen In The U.S., 10 Percent Of Workforce(TechCrunch) It's not only Groupon that is feeling the crunch among daily deal sites: LivingSocial is laying off 400 employees today. There were reports of the layoffs out yesterday from more than one source; the company confirmed the number to TechCrunch in an email just now. "I can confirm that we notified approximately 400 employees today — all but a couple dozen in the United States
R.I.P. Frothy Times, A Return To Normalcy(TechCrunch) Whatever it is, it is palpable. A sort of buzz in the Valley that all is not well, and a slight nervousness among entrepreneurs, investors and startup employees as they flit about their day-to-day. We may not be in the middle of an outright private market collapse, but there will definitely be fewer tigers and monkeys at this year's holiday parties
Android security and optimization app(Help Net Security) IObit released its Android security and optimization app - Advanced Mobile Care, designed for Android 2.2 and above. The app gives Android users a way to protect their smartphones from Android
Mobile communications hub with embedded encryption(Help Net Security) API Technologies announced the new SST Secure Communications Hub (SCH) with integrated encryption. The SB1500ER Secure Communication Hub is a single, integrated device that replaces case-based solution
What the heck is Windows Blue?(IT World) We're still in the midst of an Internet-wide discussion of Windows 8 and whether it's a success or a stinker, and now we've got another version of Windows to worry about: Windows Blue
AML Analytics launch their free Sanctions Alert Service(AML Analytics) Introducing AML Sanctions Alert Service (AML - SAS)The problems and potential risks associated with the ever changing and hugely complex International sanctions lists represent a well understood challenge to all that work in our industry sector. The risks associated with delayed change implementation are equally established. AML Analytics, as leaders in the forensic analysis and benchmarking of financial crime systems and processes have created solutions to meet these challenges in the delivery of safe testing and report services to our clients across the Global Financial services Industry
Not To Be Outdone By Amazon, Google Reduces Its Cloud Storage Pricing For 2nd Time In A Week(TechCrunch) This is competition at work: earlier this week, Google announced that it would reduce the price of its standard Google Cloud Storage by just a bit over 20%. Then, Amazon announced yesterday that it would reduce the price of its S3 cloud storage service by about 25% across the board. Today, in a somewhat surprising move, Google announced that it would reduce the price of Cloud Storage by yet
Technologies, Techniques, and Standards
'CyberCity' Faces Its First Attacks Next Month(Dark Reading) SANS' model city gives military, government cybersecurity experts a cyberattack reality check. Military cybersecurity experts next month will undertake a mission to protect the six-foot-by-eight-foot NetWars CyberCity scale model just off the Jersey Turnpike that has its own hospital, cybercafe, bank, and power plant from its first round of cyberattacks
ISC Feature of the Week: SSH Scan Reports(Internet Storm Center) Our feature this week introduces Dr. Ullrich's newest system addition addressing wide spread reports of SSH scans. This system collects logs you submit via a special API URL. We keep receiving reports from readers about wide spread ssh scans. This system was setup to get a better handle on these scans. http://isc.sans.edu/sshreports.html Reporting will be released as soon as there is enough information collected
3 Tips for Securing Email Messages (and Avoiding International Scandal)(eSecurity Planet) Former CIA Director General David Petraeus and paramour Paula Broadwell could have made good use of three strategies for keeping private email exchanges private. By now everyone has heard the news about the resignation of former U.S. CIA Director General David Petraeus in light of his extra-marital relationship with biographer Paula Broadwell
Hadoop will be a relic soon, predicts Numenta founder(Fierce Big Data) Numenta is a startup with a cloud-based prediction engine for streaming data. The company launched in 2005 and went into beta earlier this year. It is ready enough now to start making a difference that the New York Times profiled its founder, Jeff Hawkins, this week and called his company a brainy big data company--a play on Hawkins' theories on neuroscience
Ten lies programmers tell themselves(IT World) Sitting alone staring at code all day can lead one to be less than honest with oneself. Here are some of the more common fibs that coders tell themselves
How to Minimize Medical Device Risks - Ethical Hacker Offers Action Items(Healthcare Infomation Security) Malware and hackers present potential security threats to wireless medical devices and safety risks to the patients who use them. But healthcare organizations and device manufacturers can take several steps to curtail those risks, says an ethical hacker who has demonstrated the vulnerability of various devices. Barnaby Jack, director of embedded device security at services firm IOActive, recently demonstrated how an implanted wireless heart defibrillator can be hacked from 50 feet away to deliver a potentially dangerous shock
Virtualization Security: Protecting Virtualized Environments(Net-Security) Virtualization changes the playing field when it comes to security. There are new attack vectors, new operational patterns and complexity, and changes in IT architecture and deployment life cycles. What's more, the technologies, best practices, and strategies used for securing physical environments do not provide sufficient protection for virtual environments
'PandaIT_SOS: Confessions of an IT Professional' Contest Comes to and End(Sacramento Bee) Panda Security, The Cloud Security Company, today revealed unique anecdotes that were gathered from its 'PandaIT SOS: Confessions of an IT Professional' contest. Launched in September, the contest gave IT professionals an opportunity to share hilarious or utterly bizarre moments experienced when dealing with user problems. The story that garnered the most votes was this submission: (Help by phone) Client: - "Oh! I'm seeing the mouse pointer move on its own." IT Professional: "Yes, Sir. It's me. I've already got remote access to your computer. I will solve your problem right away." Client: "Oh, that's nice. Do you want me to turn on the lights? Maybe you'll see better"
Design and Innovation
Infineon Researchers Awarded German Prize(4-traders) Their research project "Cryptographic Protocol with Inherent Side-Channel Resistance" was honored with the 1st prize at this year's awards ceremony. The project describes an innovative encryption scheme that offers data security for price-sensitive
FierceGovernment's Fierce 15(Fierce Government IT) FierceGovernment is proud to announce our first annual Fierce 15--a recognition of federal employees and teams who have done particularly innovative things. Most of the civil servants recognized in the Fierce 15 won't be found keynoting event after event across Washington. Instead, they handle behind-the-scenes orchestration of some of the most progressive projects underway in government and work tirelessly to make government more efficient, mission-oriented and accountable
UK's House Of Lords Summons Facebook And Google To Talk Convergence And Media Power(TechCrunch) The UK's House of Lords has summoned senior figures from Facebook and Google in their ongoing investigation into media convergence, media power and how this should be regulated in the future. The Communications Committee, which is leading the investigation, will be meeting Simon Milner, policy director at Facebook, and Sarah Hunter, Google's head of UK public policy, along with Edward Rousell
Ministries seek to avert cyber security 'crisis'(Bangkok Post) The Ministry of Defence (MoD) and Ministry of Information and Communications Technology (ICT) are ramping up efforts to boost cyber security, with one expert describing the security situation in Thailand as a "crisis". Ministry officials, speaking at a cyber security conference yesterday, said the public sector is at growing risk of cyber attack due to the popular use of social media and inadequate security systems.
The Art of the Deal(Foreign Policy) The proliferation of new intelligence and analysis offices, such as the one within the Department of Homeland Security, created rival (and welcome, some would contend) judgments and estimates. Even inside the White House, the president has appointed
GSA officials discuss nuts and bolts of FedRAMP implementation(Fierce Government IT) The Federal Risk Authorization Management Program, or FedRAMP, is still in the early stages of implementation. In order to address common questions on the process, General Services Administration officials fielded inquiries from industry and agency IT shops during a Nov. 7 DigitalGov University webinar
Do Not Track initiative goes off track(Fierce Big Data) An unlikely and difficult initiative for helping people manage how their activities are tracked across the Internet got a little more difficult this week as Aleecia McDonald stepped down as co-chair of the W3C's Tracking Protection Working Group
Regulators should make breach disclosure compulsory(ZDNet) Organizations attacked by hackers ought to disclose the breaches to affected consumers, but regulators need to strike a balance as revealing system flaws publicly might invite more troubles. Regulators will have to take responsibility and make it compulsory for organizations to report instances of cybersecurity breaches. Without government pressure, companies will not voluntarily disclose such incidents as it would negatively impact their reputations and stir shareholders' concerns
The Pace of US Cyber-Preparedness is Accelerating(Security Bistro) Three recent moves by the Pentagon, State Department and White House indicate that the pace of preparation for engaging in offensive cyber attacks is increasing. The first was the speech given by Leon Panetta, Secretary of Defense on October 12 where he used the term cyber Pearl Harbor. Of course to anyone who follows these developments the term is not at all new as Jason Healey of the Atlantic Council pointed out at the recent FedCyber conference in D.C., credit for being first goes to Winn Schwartau who warned of an Electronic Pearl Harbor waiting to happen in testimony to Congress in 1991
FBI told Canada about spy in their midst(Seattle Times) Canadian police were tipped off by the FBI to a possible security breach by a Canadian navy intelligence officer who later pleaded guilty to espionage, documents made public Thursday say
SC Democrats call for independent hacking probe(SF Gate) The controversy over the hacking of millions of South Carolina tax returns turned political on Thursday as Democrats called for an independent investigation into what happened and tax credits for as long as a decade for those who suffered losses through identity theft
ISPs Delay Monitoring of Illicit File Sharing(Wired Threat Level) The nation's major internet service providers are delaying an initiative backed by the Obama administration and pushed by Hollywood and the major record labels to disrupt and possibly terminate internet access for online copyright scofflaws
Software Speech(Stanford Law Review) When is software speech for purposes of the First Amendment? This issue has taken on new life amid recent accusations that Google used its search rankings to harm its competitors. This spring, Eugene Volokh coauthored a white paper explaining why Google's search results are fully protected speech that lies beyond the reach of the antitrust laws. The paper sparked a firestorm of controversy, and in a matter of weeks, dozens of scholars, lawyers, and technologists had joined the debate
Nokia seeks to block sale of some RIM products(Computerworld) Nokia has asked a California court to enforce an arbitration award that would prevent Research In Motion from selling products with wireless LAN capabilities until the companies can agree on patent royalty rates
tmforum Management World Americas(Orlando, Florida, USA, December 3 - 6, 2012) Management World Americas is the only conference covering end-to-end management of digital services and the challenges of running any service provider business. In addition to a full Cable Summit and Executive...
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
SANS Cyber Defense Initiative(Washington, DC, December 7 - 16, 2012) Specialized courses covering the latest in cyber attacks, including how they work and how to stop them. The event will also feature the Netwars Tournament of Champions.
2012 European Community SCADA and Process Control Summit(Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.