Last week's attack on US banks by Islamist hacktivists continues to disrupt financial sector operations, interrupting, for example, payroll services for some PNC clients. Analysts note both the exploits' primitive, mob-like quality and the campaign's sophisticated direction: organizers planned it for weeks.
Criminals in Brazil successfully hacked millions of home routers and DSL modems, stole a lot of money, and then spent it all in low places. Spammers invite Twitter users to change a header image; the change redirects users to drug spam sites. Kaspersky warns Kuwaitis that their networks are significantly more vulnerable than Western Europeans'.
The Canadian government confirms its energy sector has suffered a successful cyber attack, but stops short of accusing China. (The campaign is generally attributed to Chinese intelligence services.) Canada's House of Commons is concerned. Chinese espionage is also reported to have hit US White House networks.
Adobe will fix its certificate breach Thursday. Rapid7 discusses results of a 20-day scan of the Internet for vulnerabilities—"terabytes of sensitive data," the company says, are exposed. US Cyber Command waits quietly to be asked to help fight attacks on private-sector networks. DARPA asks contractors to propose offensive cyber projects.
KeyW's acquisitions and plans to enter commercial markets continue to attract attention. The BAE/EADS merger faces skepticism among shareholders and customers. RIM and Cisco face questions about their future (although RIM earnings beat expectations). Newly introduced Exploitshield gets very positive reviews.
The Indian Army is looking for a way to bring dodgy USB drives under control.
Today's issue includes events affecting Brazil, Bulgaria, Canada, China, European Union, France, India, Iran, Kuwait, New Zealand, Philippines, Russia, United Kingdom, United Nations, United States.
Cyber Attacks, Threats, and Vulnerabilities
Bank attackers more sophisticated than typical hacktivists, expert says(CSO) FireEye researcher says he still believes individual sympathizers involved. The Islamic hackers who said they were behind cyberattacks that disrupted the online operations of several U.S. banks this week had technical firepower that went beyond the typical hacktivist, said one security expert. Experts debated the methods used in cyber-assaults on Wells Fargo, U.S. Bank and PNC Bank, each struck on separate days, were an expression of anger over YouTube video trailers denigrating the Prophet Muhammad
Verizon Official Calls Cyber Attacks on Banks Escalation(Businessweek) Verizon Communications Inc. (VZ) is helping to investigate a series of cyber attacks that have disrupted the websites of the biggest U.S. banks over the past two weeks, a company official said. Verizon is looking into the attacks, which commandeered
Cyber Attack Leaves Comair Employees Without Paycheck(WKRC) A spokesperson with Delta tells Local 12 that hundreds of Comair employees did not get a paycheck today because of a cyber attack. The attack on PNC Bank reportedly originated out of Iran. 400 employees are affected by the attack
Every third HDD in Kuwait has malware(Kuwait Times) Kaspersky Lab, a leading developer of secure content management solutions, participated at the Arabic Conference for Information and Communications Security (ACICS), which was held in Kuwait from September 24- 26. In an interview with the Kuwait Times, Vladimir Zapolyansky, the Head of Technology Positioning of Kaspersky Lab, said that the seminar focused on Internet security with main spotlight on cyber threats and technology to improve protection for IT manufacturers. He revealed that the most vulnerable people in the Arab world are the consumers and even companies arent spared by hackers who steal valuable information from them in order to make a quick buck from it
Canada confirms cyber attack, keeps mum on Chinese connection(Oman Tribune) Canada confirms cyber attack, keeps mum on Chinese connection. OTTAWA Canada said late on Friday it was aware of an attempt by hackers to target a domestic energy company, the second time in 24 hours Ottawa had acknowledged a cyber security
Canada Investigates Cyber Attack(Wall Street Journal) The Canadian government said it is looking into a cyber-attack on the Canadian arm of a company that designs software for the energy industry and helps other firms protect themselves against cyber-attack. A spokesman for the Canadian Cyber Incident
IEEE password compromise was due to proxy "anomaly"(Help Net Security) Romanian researcher Radu Dragusin has revealed last week that he found the usernames and passwords of 100,000 members of the Institute of Electrical and Electronics Engineers (IEEE) unencrypted on a FTP server, available for anyone to stumble upon
White House Military Office breached by Chinese hackers?(Help Net Security) Following the recent confirmation by a senior intelligence officer with the U.S. Cyber Command that the Pentagon systems and networks are constantly under cyber attacks and cyber espionage attempts that can be traced back to China, the news that the (probably) same attackers targeted the White House military office network shouldn't come as a surprise. According to unnamed sources, the attackers managed to get into one of the U.S. government's most sensitive computer networks, but it seems that protective measures allowed the breach to be quickly detected and blocked
What's the Meaning of This: Adobe Certificate Attack(Threatpost) The news yesterday that Adobe had been compromised and that the attackers were able to get valid Adobe signatures on a pair of malware utilities is one of the more worrisome and troubling stories in what has become a year of huge hacks and historic change in the security industry. Adobe was forthcoming with many of the details of the attack, but the ones that were omitted are the ones that really make a difference in this instance
Indian Army Concerned About Unauthorized Use of USB Drives(Softpedia) The unauthorized use of USB drives represents the cause of more than 70% of the security incidents that affect the systems of the Indian Army. Army officials cited by One India News claim that although theyre strictly prohibited from copying sensitive information to such portable storage devices, many employees still rely on them to transfer data. In an attempt to mitigate the threat posed by the misuse of such devices, cyber security guidelines have been issued to ensure that the pieces of malware present on many pen drives will not be able to steal valuable data and send it back to their masters
Security Patches, Mitigations, and Software Updates
Adobe certification revocation for October 4th(Internet Storm Center) Yesterday Adobe came out in a bog post stating an "inappropriate use of an Adobe code signing certificate for Windows". Apparently they discovered a "compromised build server with access to Adobe code signing infrastructure". (Which is corporate speak for "one of our servers was hacked".) They "immediately decommissioned the existing Adobe code signing infrastructure and initiated a forensics investigation to determine how these signatures were created". This apparently only effects "the Windows platform" and "three Adobe AIR applications for both Windows and Macintosh". I found a list of the applications involved, and how to update them on this page…This update revocation will not occur until the 4th of October
Internet scan finds thousands of device flaws, system weaknesses(SearchSecurity) A scan of the Internet during a 20-day period yielded terabytes of sensitive data and also some alarming enterprise security weaknesses, including misconfigured routers, vulnerability-riddled databases and more than 1,000 exposed passwords. "The Internet has gone from this nebulous scary thing that's hard to map to…something that you can gain lot of interesting insight by analyzing information like this," [says] HD Moore, Metasploit creator; CSO, Rapid7. It's a project that Internet security pioneer HD Moore calls his hobby. His Internet-wide survey looked for open TCP ports, SNMP system descriptions, MDNS responders, UPNP endpoints and NetBIOS name queries. At the DerbyCon security conference, Moore told a packed room of hundreds of attendees that the project has resulted in a treasure trove of data that is continually being analyzed
Companies seeking to train employees on cybersecurity(Washington Post) "It is not a matter of playing goalie anymore against cyber threats; it's more about managing them." Falls Church-based Northrop Grumman requires all of its workers to attend cybersecurity training as soon as they start work. They must repeat the
The economy behind ransomware attacks(Help Net Security) First spotted in Russia in 2005, ransomware attacks have since spread to other countries - mainly those of the Western world - by using geo-location to target users with fake notices seemingly coming
Data Markets: The Emerging Data Economy(TechCrunch) The term data market brings to mind a traditional structure in which vendors sell data for money. Indeed, this form of market is on the rise with companies large and small jumping in. Think of Azure Data Marketplace (Microsoft), data.com (Salesforce.com), InfoChimps.com, and DataMarkets.com
Defense Agency Asks Contractors To Take A Look At Waging Cyberwar(Capital Business) The Defense Advanced Research Projects Agency stirred notice when it asked contractors to come up with ideas on how to create systems and platforms that can engage in cyberwarfare. But perhaps what was even more attention-getting has been the response
Military Cybersecurity Gets Closer Scrutiny(Bloomberg Government) Cybersecurity is in the spotlight in Washington, especially after attacks on U.S. banks in the past two weeks crippled their websites, and the military is playing a central role in the debate
The Luddite atop US cybersecurity(CNN) Department of Homeland Security Secretary Janet Napolitano acknowledged Friday her Luddite-like ways, despite the fact her position puts her in a critical leadership role when it comes to defending the nation's infrastructure from cyberattacks
Brussels sees gold lining to cloud computing(Eur Activ) The European Commission released yesterday (27 September) its EU strategy on cloud computing, which promotes off-site data storage in a bid to create new jobs and raise 160 billion per year in information technology savings. Neelie Kroes, commissioner for the digital agenda, said the strategy would translate into savings of around 300 per person each year. Once the strategy is fully underway, the EU executive said it expected gains of some 600 billion between 2015 and 2020 overall
An Analysis Of Market Demand For Web Programming Languages(TechCrunch) A few months ago, I got the idea that one way to get leads for remote freelance gigs was to scour Craigslist. So, after doing the manual work of 'crawling' through at least 100 job postings by hand, I wrote a Ruby script to do the heavy lifting and filtering for me
As demand rises for cybersecurity professionals, so does their pay(Washington Post) The demand for cybersecurity professionals far outstrips the supply of these highly skilled workers in the Washington area, a dynamic which experts and recruiters say is driving up compensation for qualified individuals and fueling fierce competition among employers to land top talent. Pay for cybersecurity analysts in the region jumped 10. 1 percent this year, according to data compiled by consulting firm Akron on behalf of the Human Resource Association of the National Capital Area
Cyber security firm makes rounds(International Financing Review) Cyber security firm KEYW Holding has locked in acquisition-related financing from the upsized sale 7.4m shares at US$11.75. In what has been a rotation of
Lagardere throws cold water on EADS deal(Financial Times) A fresh obstacle was thrown in the path of the 34bn Euro proposal to combine EADS, the European aerospace group, with UK defence operator BAE Systems on Monday when Lagardere, the French media group and key EADS shareholder
BAE Said to Brief Pentagon on EADS Merger to Save Status(Businessweek) BAE Systems Inc., the U.S. unit that has $14.4 billion in defense contracts and provides training to the Central Intelligence Agency, is trying to persuade the Pentagon to let it keep a security arrangement governing involvement by its foreign owners
SAIC CEO John Jumper speaks on company split, sequestration(Washington Business Journal) After the announcement late last month from Science Applications International Corp. that it will split into two publicly traded companies, CEO John Jumper said Thursday that the spinoff "technical services" company will be located in the Washington area, while the second company is likely remain at its corporate headquarters, an 18-acre Tysons Corner campus
SRA to Provide Software Support and Enhancements for U.S. Army's Enterprise Information Systems(BusinessWire) Contract will deliver software support and enhancements for the military organization's human resources, logistics and major range management processes. SRA International, Inc., a leading provider of technology and strategic consulting services and solutions to government organizations, announced it has been selected by the U.S. Army to provide systems software support and enhancements for the Program Executive Office (PEO) Enterprise Information Systems (EIS) Installation Support Modules (ISM) Range Facility Management Support System (RFMSS) project as part of a contract award valued at more than $16 million if all options are exercised
Kathy Ditto Discusses Mobility and Marketing Strategies at Cisco(GovConWire) Kathy Ditto is Cisco Systems senior director for U.S. public sector marketing where her responsibilities include shaping how solutions and products are advertised and shaping strategies for growth. In her Q&A with ExecutiveBiz, Ditto discusses a wide-array of topics beginning with an explanation of her position at Cisco. The senior executive also speaks about mobility, which is a
RIM Beats Earnings With Narrower Loss(Information Week) RIM surprised analysts and investors by reporting a smaller loss than expected for its second fiscal quarter. What saved it? Emerging markets
Products, Services, and Solutions
ExploitShield appears to live up to its name(CNET) A brand-new security program looks like it puts a bullet in the head of many major software exploits, a complicated feat that could turn the world of computer security on its ear. A new company called ZeroVulnerabilityLabs says that it has solved the Gordian knot of exploits, slicing through the complicated, Hydra-headed problem with a single stroke from a software weapon it calls ExploitShield. Available exclusively today from Download.com, the first ExploitShield Browser Edition beta (download) appears to stop all manner of exploits, from those affecting browsers directly to browser plug-ins like PDF readers, Flash, and Java, to Microsoft Office components, to a handful of media players. The potential for raising the level of computer security here is huge, as a vast number of threats are actually mutations of malware, sold in kits like BlackHole, exploiting the same security holes in the same security programs
Two months later, developers (mostly) positive about OS X's GateKeeper(Ars Technica) Most devs support GateKeeper, but some worry about the future of the platform. Remember the wails about Apple turning OS X into a "walled garden" when news of GateKeeper emerged? The tool, which allows OS X users to restrict where their apps come from, was announced in February 2012 and was included with Mountain Lion when it was released in July. The controversy hinged on Apple's attempt to guide users toward installing only those apps downloaded from the Mac App Store, or at least settling for a middle ground wherein users could also install apps "signed" by the developer—an action that still costs the developer $99 per year and pads Apple's bank account
Python 3.3 arrives with new yield expression(Ars Technica) New library modules also make an appearance in the next-gen code. Today the release of Python 3.3.0 was made official, with a couple new syntax features, a handful of library modules, and several other improvements. According to Python.org's site, the next version of the language "includes a range of improvements of the 3.x series, as well as easier porting between 2.x and 3.x"
Steganos Password Manager 14 released(Help Net Security) Steganos Software announced the availability of Steganos Password Manager 14. Designed for individuals who want to want to securely store all of their account log-in information and PIN codes in
Is Windows 8 Too Risky For IT?(InformationWeek) Microsoft's new OS may be just too different for conservative IT departments, Gartner says. But here's why I'm not counting Windows 8 out--even in the near term
Avira launches 2013 antivirus security software line(Help Net Security) Avira announced the arrival of the Avira 2013 product line, which includes Avira Free Antivirus, Avira Antivirus Premium 2013, Avira Internet Security 2013, and Avira Internet Security Plus
The Plural of Data Is Not Analytics(Dark Reading) When it comes to security monitoring, searching and reporting aren't always enough. The added value comes from analytics: turning data into information. One of the terms most recently in danger of becoming a buzzword has been "analytics." Put it together with the words "big" and "data," and it starts reaching critical mass. Everyone claims to be doing it; figuring out what's real is harder
Security Intelligence Starts With Detecting The Weird(Dark Reading) As companies try to make sense of a greater amount of information on their networks, anomaly detection becomes more difficult but more important as well. Companies need to get more focused in their attempts to detect anomalous behavior on their network that may indicate a breach because attackers are quickly adapting to defensive technologies and becoming more stealthy, states a recent report
Nominet proposes more secure, .UK domain for British websites(Engadget) Nominet is considering a . uk internet domain for users who can't bear to type the extra three characters necessary for . co. uk. The body is lobbying for the new domain in time for ICANN's next TLD expansion, which includes new entries like .shop, .play and .home. Nominet has promised tough entry requirements for the system, with only businesses (or persons) that can prove a UK presence being eligible to register
'Replace crypto-couple Alice and Bob with Sita and Rama'(The Register) Even their jobs are being offshored. A computer scientist has come up with a proposal to replace cryptography's Alice and Bob with characters from Hindu mythology. For decades, techniques to encrypt and decrypt communications have been explained using two imaginary characters, Alice and Bob, and potential eavesdropper Eve. Alice sends a message to Bob, and Eve is always trying to intercept it - the little sneak. Alice and Bob first came to light in 1978 in a groundbreaking paper on the RSA algorithm for public-key cryptography. Dr S. Parthasarathy, a part-time lecturer and full-time employee of Indian biz Algologic Research & Solutions, suggests a cast change in the dramatis personae of cryptography with Sita and Rama, two central characters in the Hindu mythological epic Ramayana. The proposed sacking-and-hiring also replaces Eve with Ravana the rogue
US Deputy CIO: Computer Users Must Practice Cyber Security(defpro) The Department of Homeland Security has adopted "Stop. Think. Connect" as the motto for National Cyber Security Awareness Month. Carey said the program asks users to consider their actions and remember that what they do online may affect others
Watch the World Get Attacked By Cyber Criminals in Real Time(Gizmodo) If you're an IT security nerd specialist holed up in some corporation's basement, you probably don't find this real-time visualization of the world's cyber attacks to be beautiful. But the rest of us can sit back and appreciate the eye candy
5 bad things IT administrators do(Help Net Security) Philip Lieberman is the President at Lieberman Software Corporation and in this video talks about five awful things that IT administrators do and offers ways to fix these actions
14 Amazing DARPA Technologies On Tap(InformationWeek) Go inside the labs of the Defense Advanced Research Projects Agency for a look at some of the most intriguing technologies they're developing in computing, electronics, communications, and more
L-3, Virginia Tech open cybersecurity center(Washington Post) Defense contractor L-3 Communications and Virginia Tech are set to formally open a cybersecurity research center in Arlington on Friday. The center, located in Virginia Techs Ballston research center, is meant to give L-3 employees access to the universitys labs and equipment and Virginia Techs faculty and students a chance to collaborate with L-3 on cybersecurity research. Les Rose, president of L-3s national security solutions group, said the company is occupying one of the seven floors in Virginia Techs building
Cybersecurity students get scholarships in US(Times of India) For students seeking to become cyber warriors, the US government has a sweet deal. Full tuition, expenses and a stipend will be paid at any of dozens of universities for students to get specialised cyber security training, in exchange for an equal number of years working for a federal agency
Legislation, Policy, and Regulation
Mikulski joins chorus calling for cybersecurity executive order(The Hill) Sen. Barbara Mikulski (D-Md.) is urging President Obama to issue an executive order on cybersecurity, saying the country can't wait for Congress to act. Mikulski is one of the co-sponsors of the Cybersecurity Act, which failed to attract enough Republican support to clear the Senate last month."I remain a strong advocate for the bill and hope that it will one day be passed by the Senate," she wrote in a letter sent last week and released publicly on Thursday. "However, the need for better protection of our nations critical infrastructure cannot wait for Senate procedures and politics to work themselves out we must act now to safeguard our country from potentially devastating attacks to our power grid, financial systems and other vital infrastructure
Limits Seen in White House Cybersecurity Executive Order(Bloomberg) The White House may have difficulty bolstering U.S. cyber defenses through an executive order unless there's enough public support, according to former National Security Agency director Michael Hayden. If President Barack Obama issues an executive
New cloud data protection guidelines(Help Net Security) The Information Commissioner's Office [United Kingdom] published guidelines that underline organisations' sole responsibility for the protection of data, even if it has been outsourced to third party cloud network providers. The guidelines include tips for businesses, including securing assurances from cloud service providers on how data will be kept safe, as well as suggesting the implementation of a written contract between both parties involved
Armed forces further tightening cyber security, IT usage norms(Economic Times) The [Indian] armed forces are further tightening cyber security and information technology usage norms for all its personnel to prevent the "leaking" of confidential data and information, apart from reiterating strict orders to refrain from posting classified information on social networking websites. The move comes in the backdrop of mounting online espionage attempts -- mainly by China and Pakistan -- as also several cases of officers inadvertently posting classified information on social networking sites like Facebook, Orkut and Twitter
The world of signals intelligence and GCSB in context(National Business Review) The Government Communications Security Bureau is making headlines in New Zealand - for all the wrong reasons. This is not common, and from an intelligence perspective, neither is it good to read. Intelligence agencies appreciate being in the media spotlight about as much most people enjoy hospital waiting rooms. That is to say, not much at all
MP to help stop cyber attacks(ITV News) Norwich North MP Chloe Smith has taken responsibility for helping to co-ordinate Britian's defence against cyber attack. She will be in charge of defending private and public sector organisations against electronic attacks by computer. They range from
Apple Could Face Scrutiny Over Standard Warranty Duration On Products In The EU(TechCrunch) Apple has faced heat in Italy over its standard consumer product warranty, which offers consumers protection against manufacturer-caused defects and failures for one year, and now it looks like that might lead to even more trouble across the European Union, according to a new letter from EU Justice Commissioner Viviane Reding. In the letter, Reding asks member countries to find out whether Apple might be failing to notify customers of their "automatic and free-of-cost entitlement to a minimum two-year guarantee under EU law
How a rogue appeals court wrecked the patent system(Ars Technica) Federal Circuit Appeals Court marks 30 years of spreading the "patent gospel." In 1972, the Court of Customs and Patent Appeals (CCPA) got a new chief judge named Thomas Markey. At Markey's investiture ceremony, patent attorney Donald Dunner spoke of the "anguish of the patent bar about the treatment of patents in various federal courts." The CCPA, a DC-based court that heard appeals from the US Patent & Trademark Office, was considered to be relatively pro-patent—but other federal appeals courts had jurisdiction over actual patent lawsuits and tended to be friendlier to patent defendants. Even worse, in Dunner's view, the Supreme Court itself seemed unfriendly to patent holders
Big Brother, big dogs are looking at you(UPI) The 2012 U.S. Supreme Court term erupts on the First Monday in October, and in this first month the justices once again look at the intimate relationship between powerful authority and private citizens, and how intrusive that authority can become to protect the nation's interests
Cybercrime law violates freedom of speech HRW(Manila Times) International and local pressure against the controversial anti-cybercrime law continued to mount on Friday as the New York City-based Human Rights Watch (HRW) cited the measures incompatibility with international laws. In a statement, the group called on the Philippine government to repeal Republic Act (RA) 10175, or the Cybercrime Prevention Act of 2012, citing that it is not in consonance with the countrys commitments. It violates Filipinos rights to free expression and it is wholly incompatible with the Philippine governments obligations under international law, said Brad Adams, HRW Asia director
#Anonymous Syrian Activist Arrested By Secret Police Merely For Having Livestreaming App Installed On His Phone(Cyberwarzone) Police and security forces around the world -- and that includes in the West -- hate being recorded when they're overstepping the mark in the execution of their duties, since it allows the public to challenge official accounts, and even to use videos to seek redress. But there's one thing worse than being recorded, and that's being livestreamed: even the most nimble authorities can't confiscate the recording from its creator, since it's already been uploaded for the world to see. No wonder, then, that the livestreaming app Bambuser has become one of the most popular -- and potent -- weapons for activists to deploy against heavy-handed policing, allowing them to fight back in a non-violent way against institutional brutality around the world
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Maryland 2012(Baltimore, Maryland, October 16 - 17, 2012) "Designed for information security insiders, business innovators and aspiring professionals, this two-day conference features national thought leaders, showcases business opportunities and provides outstanding...
National Cyber Security Hall of Fame(Baltimore, Maryland, October 17, 2012) Baltimore welcomes the US cyber security community to honor the members of the National Cyber Security Hall of Fame innaugural class.
Cyber Security: A National Imperative(Washington, DC, October 29, 2012) Lockheed Martin is hosting a panel discussion on Cyber Security: A National Imperative – An in-depth view of Cyber Security from the world's leading defense contractor on Monday, Oct. 29, 11:00am at the...
TechExpo Cyber Security Careers(Columbia, Maryland, November 1, 2012) Profit from presentations by leading industry figures and networking opportunities designed for serious job-seekers.
E2 Innovate Conference & Expo(Santa Clara, California, November 14 - 15, 2012) E2 Innovate, formerly Enterprise 2.0, brings strategic business professionals together with industry influencers and next-gen enterprise technologies.
Anatomy of an Attack(New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.