South Carolina's Department of Revenue has been hacked, with personal information of 3.6M exposed. The breach occurred in August and September, but was disclosed over the weekend. East European and Russian cyber gangs are believed responsible.
Islamist hacktivists take down France's Euromillions lottery site. Anonymous goes after the Italian police (retaliating for Antisec arrests) and game manufacturer Zynga (for laying off programmers). Iran and the US continue to swap accusations of cyber aggression. The US Department of Homeland Security warns of a possible wave of hacktivist SCADA attacks on maritime systems via a recently discovered software backdoor. Media in Japan, Denmark, and Nigeria raise concerns about those nations' cyber vulnerability.
Broadcom mobile firmware and Firefox both get security patches this week.
Gartner points out that a lost laptop can cost a company seventy times the expense of encrypting all of its devices. About half of all enterprises are expected to increase IT security spending in 2013. NATO briefs industry on more than $2B in potential C4ISR spending. KEYW continues its push into commercial security, and Boeing expands its supply chain security offerings. (Boeing also partners with Tennessee State for research into avionic cyber security.)
Reviewers seem to agree that Windows 8 represents a step forward in security. After discussions with the Intelligence Community, the US Department of Defense plans to make the National Information Exchange Model the basis for its data exchange strategy. US Senator Mary Landrieu (Democrat, Louisiana) strongly dissents from her colleagues' criticism of Homeland Security fusion centers.
Today's issue includes events affecting Brazil, Canada, China, Denmark, European Union, France, Germany, Iran, Ireland, Italy, Japan, Kenya, Netherlands, Nigeria, Oman, Russia, Saudi Arabia, United Kingdom, United States..
We hope those of you affected by Hurricane Sandy are riding wind and water out safely. The storm may interrupt the CyberWire tomorrow, but we'll be back as soon as the elements permit.
Who Hacked South Carolina's Revenue Department?(FITSNews) The Palmetto State has received millions of dollars in cyber security grants from the U.S. Department of Homeland Security (USDHS) in recent years. Not only that, the state reportedly paid "a boatload of money" to Carnegie Mellon's internationally
Help added to SC cyber attack hotline(WACH) "South Carolina has come under attack, but South Carolina will fight back," says Governor Nikki Haley. It's this statement by the Governor that's causing many across the Palmetto State to be on high alert
France Euromillions site hit by religious hackers(BBC) The French site of the Euromillions lottery has been hacked, with the homepage replaced by a passage from the Koran condemning gambling. The hackers, calling themselves "Moroccanghosts", posted the message in Arabic and French. The Koranic verses call games of chance and alcohol "works of the devil" intended to turn people away from God
Anonymous Operation Payback(Cyberwarzone) Anonymous has hacked the servers of the Italian State Police. He claimed the same group on the page Facebook around 2 last night and on Twitter with the announcement invitation-users: more than 1 GB of data from the servers of the State Police released, check the booty
Official Calls for Iran's Smart Confrontation with Enemy's Cyber Threats(Farsnews) The enemy is developing, mastering and using the hi-tech to strike at Iran and Tehran should adopt a smart civil and cyber defense strategy against this approach, Head of Iran's Civil Defense Organization Brigadier General Gholam Reza Jalali said. Addressing a ceremony in Tehran on Sunday, Jalali said his organization aims to harness and reduce threats against Iran, "so, threats determine the direction of our movement". Noting that the threats in the cyber space are changing qualitatively and quantitatively, he said that the enemy is enhancing its technologies using smart systems to have their control wherever these technologies are used
Frankenstory: Attack Of The Iranian Cyber Warriors(InformationWeek) On the cyber-attack front, however, where's the hard evidence that ties Iran to all of these attacks? Well, that's classified. Furthermore, at least in the case of Shamoon, this week anonymous government officials admitted to Bloomberg that the
DHS Warns of 'Hacktivist' Threat Against Industrial Control Systems(Krebs on Security) The U.S. Department of Homeland Security is warning that a witches brew of recent events make it increasingly likely that politically or ideologically motivated hackers may launch digital attacks against industrial control systems. The alert was issued the same day that security researchers published information about an undocumented software backdoor in industrial control systems sold by hundreds different manufacturers and widely used in power plants, military environments and nautical ships
Most U.S. Drones Openly Broadcast Secret Video Feeds(Wired) our years after discovering that militants were tapping into drone video feeds, the U.S. military still hasnt secured the transmissions of more than half of its fleet of Predator and Reaper drones, Danger Room has learned
Hackers can turn data into cash(Greenville News) "There is a lot of spoofing and head fakes going on to make it seem like an attack is originating from a different region," says Kurt Baumgartner, senior security researcher at Kaspersky Lab. Generally speaking, the more sophisticated cyber attacks
Misconfigured open DNS resolvers used in DDoS attacks(Fierce CIO TechWatch) Hackers are increasingly using open DNS resolvers as a means to perform DDoS, or Distributed denial-of-service, attacks against their targets, says a new report by HostExploit, a voluntary organization that tracks and promotes awareness of cyber crime activities
Cyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant(Internet Storm Center) Here on Day 26 of Cyber Security Awareness Month, as the ISC focuses on standards, we received a very interesting email from David at Lamp Post Group, the IT provider for Access America Transport. Per David: "Access America owns a US Trademark and the domain accessamericatransport.com. On Tuesday, October 23, a malicious user registered the domain accessamericatransport.net and immediately began sending phishing emails under the domain. Purporting to be Access America Transport, some emails were sent to several of our carriers with a link to a fake "Rate Confirmation" ("rate confirmations" is a normal term in the 3PL industry) or carrier "Claim" which in fact linked to an executable containing a virus"
Japan woefully vulnerable to cyber-attack(The Japan Times) Some locked themselves in a room and spent six hours analyzing a malware worm called Gumbler that had tampered with the websites of Japanese companies like Honda in 2009. Others spent hours writing code to check the vulnerability of websites
[Denmark] 'increasingly vulnerable' to cyber-attack(The Copenhagen Post) Cyberwarfare is now the greatest single threat to national security, according to a new threat assessment Forsvarets Efterretningstjeneste (FE), the military intelligence agency's. Speaking in conjunction with the release of the 2012 Intelligence Risk
Nigeria easy target for cyber criminals(BusinessDay) Symantec Corporation on Thursday said Nigeria is becoming a huge attraction for cyber criminals. The steady growth of the economy and increased bandwidth capacity emanating from the increasing number of submarine cable systems
Security Patches, Mitigations, and Software Updates
Patch Available for Broadcom Mobile Device Firmware DoS Vulnerability(Threatpost) Older versions of Broadcom firmware found in a number of mobile devices from major vendors including the Apple iPhone, iPad, Samsung Galaxy S and HTC Droid Incredible are vulnerable to a denial of service attack. Researchers Andres Blanco and Matias Eissler of Core Security Technologies reported the vulnerability in August, and this week published details on proof-of-concept exploit code
Firefox 16.02 Released(Internet Storm Center) Just a quick note today to say thank you to one of our readers, Paul, for the note that Firefox 16.02 has been released. Firefox classifies this fixes addressed in this release as 'Critical'
Half of PC's have malicious programs, says Kaspersky(The Standard Digital News) He pointed out that growing economies like Kenya are often tracked by cyber-criminals for potential targeting. According to statistics carried out by Kaspersky Lab, Kenya falls within the countries where users run the most serious risk of infection via
US Fighting Cyber Warfare(Moneynews) The Army is interested in leading the cyber war effort through its new Army Cyber Command, according to Defense Tech, a military technology website. The command's ranks now include 21,000 soldiers, civilian employees and contractors. Developing cyber
NATO Briefs Industry on Potential $2.58B C4ISR Investments(Govconwire) More than 600 senior North American and European industry representatives attended a NATO conference in Rome this week to discuss potential opportunities in C4ISR (command, control, communications, computers, intelligence, surveillance and reconnaissance)
KEYW lasers in on private-sector security(Baltimore Business Journal) KEYW Holding Corp. made its name selling cyber security systems to government intelligence and counterterrorism agencies. Now, the 4-year-old Hanover cyber
CSC to Sell its Italian Consulting Business to Dedagroup(Govconwire) CSC (NYSE: CSC) has entered into an agreement to sell its consulting and systems integration services business to Dedagroup ICT Network for an undisclosed amount. Dedagroup will acquire CSC's pan-Italian consulting and systems integration projects and fashion industry software products and services. CSC will retain its corporate financial services products, solutions and services for international accounts
Boeing Acquires Supply Chain Specialist Miro Technologies(Govconwire) Boeing Co.'s (NYSE: BA) defense, space and security business has acquired Miro Technologies for an undisclosed amount and added the firm to its global services and support operations. La Jolla, Calif.-based Miro specializes in managing enterprise assets, supply chains and performance-based logistics for government and commercial customers and has offices in Saudi Arabia, Oman and the U.K
Products, Services, and Solutions
Privilege Guard 3.6 released(Help Net Security) Avecto released Privilege Guard 3.6, which introduces a number of new features, including a challenge/response capability to easily authorize applications for remote users and an application control
Real user monitoring for web developers(Help Net Security) AppNeta announced Real User Monitoring (RUM) capabilities designed for web development and application performance. As a key feature of AppNeta's TraceView application performance management (APM) solution
No widespread deployment of Windows 8 by enterprises until 2014, says Gartner(Fierce CIO TechWatch) For all the appeal of Windows 8 in the consumer market, "there are no compelling business imperatives to drive legacy devices in business toward Windows 8," says Gartner Senior Vice President of Research Peter Sondergaard. He spoke at Gartner's Symposium/ITexpo conference held this week in Orlando, Florida, where the research firm said it predicts that 90 percent of enterprises will bypass broad deployments of Windows 8 until 2014, at least
8 reasons to upgrade to Windows 8(Fierce CIO TechWatch) After years in the making, Windows 8 was launched around the world on Thursday and goes on sale today. I was invited down to the regional launch in Singapore on Thursday evening where I had the opportunity to get some hands-on time with dozens of devices hours before they went on sale
Windows 8: A Win For Enterprise Security(InformationWeek) Windows 8 makes securing enterprise PCs and tablets easier--and shows that the future of enterprise Windows security is proper control of applications
DoD adopts NIEM, will no longer support UCore development(Fierce Government IT) Following an Oct. 16 meeting with the intelligence community's Information Sharing Environment program office, the Defense Department is drafting a memo specifying the National Information Exchange Model as the basis for its data exchange strategy
Ten Ways To Secure Web Data Under PCI(Dark Reading) PCI compliance can create headaches for companies that do online commerce. Is your e-business ready? Download the Dark Reading November 2012 special issue on securing Web data Download Dark Reading's special November issue securing Web data. Whether they're brick-and-mortar or online, merchants find the Payment Card Industry's requirements for protecting credit card data challenging and confusing
Prevent Web Attacks Using Input Sanitization(eSecurity Planet) What do three of the five most common website attacks have in common? Yes, a lack of input sanitization. Find out why it's important and what to do about it. Three of the top five most common website attacks – SQL injection, cross-site scripting (XSS), and remote file inclusion (RFI) – share a root cause in common: input sanitization
The Security Reality of Road Warriors(Infosec Island) Sales and marketing are often considered to be two sides of the same coin. While those who have worked on either side of the proverbial coin can attest to their vast differences, one fact remains -- both professionals typically require substantial working from the road. And while accessing corporate documents from outside of the firewall always raises some security flags, a recent survey that we conducted of 1,900 sales and marketing professionals shows those who work in sales and marketing are particularly at risk
The anatomy of cyber security exercises(Help Net Security) In its new report, the EU's 'cyber-security agency' ENISA (the European Network and Information Security Agency) examines 85 national and international cyber-exercises between 2002 and 2012
Latest Amazon outage shows the importance of a Multiple Zone strategy(Fierce CIO TechWatch) Amazon (NASDAQ: AMZN) Web Services experienced an outage that started with some Elastic Block Storage volumes in an availability zone in the US-East-1 region, and snowballed into a larger issue that was felt throughout the day. Sites such as Reddit, Netflix, Github, Minecraft, Airbnb, FastCompany, and FourSquare were all affected to some extent, according to InformationWeek. This latest outage once again highlights the importance of using multiple availability zones
Research and Development
ST's experts win cryptography competition by NIST(EE Herald) Three cryptography experts from STMicroelectronics' Secure Microcontroller Division and Advanced System Technology Group won an international competition to develop a new global industry standard for digital security, the Secure Hash Algorithm SHA-3
Training cyber defenders(Buffalo News) The Department of Homeland Security in 2011 received 198 reports of attacks on the companies that control this country's critical infrastructure, up from nine such incidents in 2009, according to CNN's Security Clearance blog. "These attacks keep
California State University ditches Cisco, saves $100 million(Fierce CIO TechWatch) California State University's decision to replace its 23-campus network with Alcatel-Lucent will save the university a whopping $100 million over eight years, according to a report by Network World early this week. The largest four-year university in the United States, it spans 23 campuses and its network is used by almost 430,000 students and 44,000 faculty and staff
Legislation, Policy, and Regulation
Cleansing the Internet of Terrorism(Infosec Island) A new project aimed at countering illegal use of the Internet is making headlines. The project, dubbed CleanIT, is funded by the European Commission (EC) to the tune of more than $400,000 and, it would appear, aims to eradicate the Internet of terrorism. European Digital Rights, a Brussels-based organization consisting of 32 NGOs throughout Europe (and of which EFF is a member), has recently published a leaked draft document from CleanIT
Obama has yet to review cybersecurity executive order, Napolitano says(Fierce Government IT) A draft of the executive order on cybersecurity has circulated in the Obama administration, but President Barack Obama himself has yet to review it, Homeland Security Secretary Janet Napolitano said Oct. 25. In the meantime, she said, the administration has reached out to the private sector and other stakeholders for their feedback about what the order should look like if Obama does choose to issue one
Obama order would beef up cyber security, a former aide says(Los Angeles Times) He says it will clarify the relationship between the Department of Homeland Security and agencies that deal with technology, including those that contract with private companies. It will also spell out the level of DHS involvement with infrastructure
Cybersecurity bill likely dead(The Hill) After Panetta warned in a speech last month that the cyber threat facing the United States represents a "pre-9/11 moment," Senate Majority Leader Harry Reid (D-Nev.) said he planned to bring cybersecurity legislation to the…The timing is bad
US, Canada launch joint cyber-security plan(NDTV) The action plan, under the auspices of the US Department of Homeland Security and Public Safety Canada, aims to better protect critical digital infrastructure and improve the response to cyber incidents
Industry, government find common ground in cyber realm(FederalNewsRadio.com) Some examples could be found at the National Security Agency or the U.S. Cyber Command, he said. "I think the government sometimes gets a bad rap, but they're the ones developing [or funding] a lot of the cutting-edge technology
Defending Critical Infrastructure(GovInfoSecurity) Low Visibility into Privately Owned Systems A Concern. Defending Delaware's critical infrastructure is a top challenge since a large part is owned by the private sector, says State Homeland Security Adviser Kurt Reuther, who details the challenges
The Netherlands Wants the Power To 'Render Inaccessible' Data on Foreign Servers(Slate) Evading online surveillance is becoming easier as more tools offering anonymous encrypted storage and communication become available. But the trend is starting to worry authorities. Last week, the government in the Netherlands proposed a new law that would help it circumvent encryption by hacking into computers and infiltrating servers
Litigation, Investigation, and Law Enforcement
Washington Briefs: Landrieu criticizes report(The Advocate) Mary Landrieu, D-La., is blasting a recent Senate subcommittee report that was strongly critical of the Department of Homeland Security's fusion centers that are meant to coordinate counterterrorism efforts with local officials
As of today, the FBI is working 24/7 to investigate hackers and network attacks(The Next Web) The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7. You're not the only one who was under the impression that the FBI was already doing this. Yet only today, the agency announced that it has been working on this new initiative for the past year. Its goal is to "uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers' digital signatures from mountains of malicious code"
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Security: A National Imperative(Washington, DC, October 29, 2012) Lockheed Martin is hosting a panel discussion on Cyber Security: A National Imperative – An in-depth view of Cyber Security from the world's leading defense contractor on Monday, Oct. 29, 11:00am at the...
TechExpo Cyber Security Careers(Columbia, Maryland, November 1, 2012) Profit from presentations by leading industry figures and networking opportunities designed for serious job-seekers.
E2 Innovate Conference & Expo(Santa Clara, California, November 14 - 15, 2012) E2 Innovate, formerly Enterprise 2.0, brings strategic business professionals together with industry influencers and next-gen enterprise technologies.
Anatomy of an Attack(New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.
ZeroNights(Moscow, Russia, November 19 - 20, 2012) ZeroNights is an international conference dedicated to the technical side of information security. The mission of the conference is to disseminate information about new attack methods, threats and defense...
IRISSCERT Cyber Crime Conference(Dublin, Ireland, November 22, 2012) The IRISSCERT Cyber Crime Conference will be held this year on Thursday the 22nd of November 2012 in the D4Berkley Court Hotel, in Ballsbridge Dublin. This is an all day conference which focuses on providing...
Digital Security Summit(Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.
tmforum Management World Americas(Orlando, Florida, USA, December 3 - 6, 2012) Management World Americas is the only conference covering end-to-end management of digital services and the challenges of running any service provider business. In addition to a full Cable Summit and Executive...
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
SANS Cyber Defense Initiative(Washington, DC, December 7 - 16, 2012) Specialized courses covering the latest in cyber attacks, including how they work and how to stop them. The event will also feature the Netwars Tournament of Champions.
2012 European Community SCADA and Process Control Summit(Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.