Attribution of responsibility for recent exchanges of cyber attacks in the Middle East remains difficult and controversial. The Aramco attack remains under investigation, and Israeli police reveal that they took their systems offline last week because of a RAT infestation ("Iranian coordinated" hacktivists are suspected).
South Carolina's governor defends the state's unencrypted tax database as consistent with common banking practice, but security analysts aren't buying that as an acceptable government standard.
Last week's DKIM security issue resurfaces: those who moved to a stronger key remain vulnerable if they use a third-party e-mailer with a weak one. Kaspersky warns that many new viruses are VM-aware: they can determine whether they're running on a virtual machine. Ubuntu appears vulnerable to privacy leaks. Poor monitoring in clouds exposes them to exploitation as botnets.
Yesterday central bankers complained about Bitcoin; today the ZeroAccess botnet is reported to be cashing in on click-fraud and Bitcoin-mining. Several other reports detail the burgeoning global malware and cyber crime black markets. PC Advisor offers obligatory Halloween "terrifying but true" cyber scare stories. Hacker chatter shows that CSOs aren't focusing on the most popular attack techniques (like SQL injection).
Analysts think Sino-American squabbling over industrial espionage unlikely to have more than a short-term effect on Huawei and other Chinese firms. The US Department of Homeland Security prepares a cyber tool solicitation. Government and industry face a cyber labor force issue: the talent is hard to vet, both for security and formal credentials. Georgia's police hack back at Russian hackers.
Today's issue includes events affecting Australia, Canada, China, Georgia, Germany, India, Iran, Israel, Nigeria, Qatar, Romania, Russia, Saudi Arabia, United Arab Emirates, United Kingdom, United Nations, United States..
Israeli cops penetrated by army of fake generals with trojans(The Register) Israeli police departments were pulled offline last Thursday following the discovery of a Trojan especially targeted at law enforcement networks in the Jewish state. The malware was distributed using spammed messages, spoofed so that they appeared to come from the head of the Israel Defense Forces, Benny Gantz. The malicious emails contained the subject line "IDF strikes militants in Gaza Strip following rocket barrage", and a compressed .RAR file was attached
Who let the cyber attack happen?(Post and Courier) The frustration in Judith Goldsmith's voice builds the more she talks about the South Carolina computer hacking crisis that's affected 3. 6 million in the Palmetto State. I was wondering if we'll ever really know who hacked or what the repercussions are going to mean, the 72-year-old West Ashley resident said Monday
Security breach prompts county to examine cyber-security(IslandPacket) News of a massive security breach affecting more than 3. 5 million S.C. taxpayers prompted Beaufort County officials to examine their own cyber-security. They said Tuesday that county taxpayer information -- including Social Security numbers and other personal data -- is safe from similar cyber attacks
S.C. governor's post-breach data encryption claims are off-base, analysts say(Computer World) Security analysts this week challenged South Carolina Governor Nikki Haley's defense of the state's information security practices in the wake of a data breach at the S.C. Department of Revenue that exposed the Social Security Numbers (SSNs) of 3. 6 million people. In a news conference Monday, Haley insisted that the state was following industry practices when it decided not to encrypt SSNs and other personal taxpayer information stored on state computers."The industry standard is that most SSNs are not encrypted," Haley said in response to a question from a reporter
VM-aware viruses on the rise(Computer Weekly) Viruses targeting virtual machines (VM) are growing in numbers and will soon be the dominant force in the world of cyber crime. Speaking at this week's SNW Europe conference in Frankfurt, Joe Llewelyn, head of global sales training at Kaspersky Lab, warned of the increase and the trouble they could cause. A lot of the viruses we are now seeing are virtual machine aware, meaning they will work out if they are running on a VM, he said
EFF Raises Questions on Privacy Leaks in Ubuntu(Threatpost) EFF UbuntuThe EFF is warning users of Ubuntu's latest release that the open-source operating system sends their search queries to third parties, including Amazon, by default, and that some of their search results may be viewable by other users on the same network. The privacy leaks are present in Ubuntu 12.10 and the group says that Canonical, which runs the Ubuntu project, should disable the inclusion of online search results by default and make it clearer to users what is being done with their search queries and IP addresses
Lack of Abuse Detection Allows Cloud Computing Instances to Be Used Like Botnets, Study Says(CIO) Some cloud providers fail to detect and block malicious traffic originating from their networks, which provides cybercriminals with an opportunity to launch attacks in a botnet-like fashion, according to a report from Australian security consultancy firm Stratsec. Researchers from Stratsec, a subsidiary of British defense and aerospace giant BAE Systems, reached this conclusion after performing a series of experiments on the infrastructure of five "common," but unnamed, cloud providers. The experiments involved sending different types of malicious traffic from remotely controlled cloud instances (virtual machines) to a number of test servers running common services such as HTTP, FTP and SMTP.
ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining(Threatpost) A mid-year switch in communication protocol and distribution strategy is behind a spike in activity from the ZeroAccess botnet, a prolific and malicious ad click fraud network. Researchers at Kindsight Security Lab reported today that ZeroAccess accounts for 29 percent of home network infections in the third quarter, up significantly from previous measurements, said Kevin McNamee, security architect and Kindsight Security Labs director. At the middle of the year it changed from a TCP-based peer-to-peer botnet to one that uses UDP, McNamee said
Security researchers warn of flourishing cyber crime kit 'supermarkets'(v3) Cybercriminals are being given access to an increasingly diverse range of attack and infection tools and services, say researchers. Security firm Trend Micro said that a recent analysis of Russian crimeware markets has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. The study noted that a number of components, including malware packages, rootkits, and exploits along with hacking services including account thefts, denial-of-service (DDoS) attacks and botnet rentals are available to cyber criminals looking to carry out attacks
Shopping The Russian Cybercrime Underground(Dark Reading) Inside look at the wide range of hacking and related services being offered in the Russian-speaking cybercrime marketplace illustrates its maturity and popularity
How much is your UAE mobile phone number worth?(Emirates 24/7) 'My Number, My Identity' campaign sets off bidding war for phone numbers; etisalat, du warn of scams. With the Telecommunications Regulatory Authority's (TRA) 'My Number, My Identity' campaign flagging off in the background, many residents are now being offered a price for their mobile number
ICS-CERT warns of increasing threat to industrial control systems(The H) Attacks on industrial control systems are on the rise: the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning, which has been reiterated by the German Federal Office for Information Security (BSI). Special tools and search engines make attacks on systems and devices in infrastructures such as electricity grids simple even for inexperienced attackers
Phishing email hijacks Windows 8 launch(ZDnet) A new round of emails tries to dupe unsuspecting users to "update" to Windows 8 for free. Cybercriminals don't waste much time these days. Keep on top of trends and significant events, whether it is PayPal's changing terms and conditions, an overdue student loan or the launch of a new tech product -- any hook that cybercriminals can use will be exploited. The recent launch of Microsoft's Windows 8 operating system is no exception
More emails hacked as 'revenge' for education cuts(Sydney Morning Herald) Hacker's email raises minister's hackles. The hacking of the email account of the NSW director-general of education was not an isolated case in the department and insiders are apparently conducting a cyber campaign as "revenge" for education cuts and management decisions
Trouble for Borderlands 2 Players(Threatpost) Some XBOX Live users have violated the online gaming platform's code of conduct by using a malicious application that allowed them to permanently kill off the characters of other players in the popular 'Borderlands 2' video game
Hackers Threaten to Expose Anonymous Own3r(Softpedia) The controversial hacker known as Anonymous Own3r – who calls himself the "security leader of Anonymous" – has been threatened by the controversial Anonymous-affiliated Fawkes Security collective
3 terrifying, but true, security tales(PC Advisor) Just in time for Halloween, security expert Dr. Eric Cole shares scary stories about cybersecurity. While Halloween only comes around once a year, organizations are constantly encountering situations that are downright scary. In honor of Halloween we thought readers might get a thrill out of a few frightful, but true, cyber tales as experienced by cyber security expert and SANS Institute Instructor, Dr. Eric Cole.
The SQL Injection Disconnection(Dark Reading) Hackers fixate on SQLi—CSOs, not so much. A new report out this week that examines the most talked-about topics within online hacker forums shows that there may be a huge disconnect between the vulnerabilities that hackers are most keen to exploit and the risk mitigation measures CSOs squirrel away cash to purchase. Most notably, SQL injection attacks this year rose to be tied for first place with DDoS attacks as the most commonly discussed vulnerabilities by hackers
Mobile Device Management Advice from Gartner(eSecurity Planet) Thanks to the BYOD phenomenon, Gartner expects 65 percent of enterprises to adopt a mobile device management (MDM) solution over the next five years. It may be too early to say "the era of the PC is ended," as Phil Redman, a research vice president at Gartner, recently did. Still, there is no question knowledge workers are transferring many of the tasks
THOMAS: Cyber security for the home(NC Times) When we think about cyber security we usually think about big businesses or government agencies, but securing your computers and information is important in your home, too. Hackers and thieves have a number of reasons to break into your computer, but the most common are to steal the information stored there and to use the resources of your computer to do their bidding. One of the things a hacker wants from your computer is information
Q3 malware costs advertisers $900,000 every day(ZDNet) What cyberattack threat levels have risen in Q3? Kindsight's Q3 malware report suggests that 13 percent of household networks were infected in Q3, and 6.5 percent of broadband networks are infected with high-level threats
Increased China-US IT trade tensions likely short-term(ZDNet) The U.S. scrutiny over Huawei could see a spillover impact on other firms, but this is likely to be short-lived and American companies are unlikely to face retaliatory sanctions. The heightened scrutiny over Chinese telecoms equipment maker Huawei Technologies in recently could lead to more obstacles for other technology exports from China. However, any trade obstacles from the United States would likely be short-term and it may be business as usual within a year, according to industry watchers
Centers for Medicare & Medicaid Services Win 2012 National Cybersecurity Innovation Award(Sacramento Bee) The innovation: Deploying continuous automated monitoring to radically reduce the vulnerability of confidential citizen health data, with the added innovation of generating competition among contractors to improve security. The Centers for Medicare & Medicaid Services (CMS) has won a 2012 U.S. National Cybersecurity Innovation Award for using continuous automated monitoring to protect confidential citizen health data against theft and alteration
College Grads Flocking to Contractors(ExecutiveBiz) Government contractors or companies with a significant government contracting business make up more than a quarter of 100 companies that college graduates want to work for, according to a survey by Universum. The consulting company asked 59,643 recent college graduates from 318 universities across the country to pick their most desirable employer
DHS Drafts Solicitation for Cyber Security Tools and Services(govWin) In a draft solicitation issued mid-October 2012, the Department of Homeland Security (DHS) outlines 15 toolsets and 11 services areas for the new Continuous Diagnostic and Mitigation (CDM) program and for continuous monitoring as a service (CMaaS)
Federal Government Lacks Experts To Address Cyber Security Threats(Think Progress) The federal government faces a shortage of cyber security experts. That's according to an article published in FCW, a technology-focused publication. FCW interviewed federal officials regarding the government's ability to effectively beef up its cyber security program and found a unsettling trend: the government needs more tech experts. In some cases, according to a Department of Defense official, the government hasn't even figured out what to hire for
As Cyberthreats Rise, Army And Others Seek A Few Good Hackers(Miami Herald) As about 570 computer hackers and anti-hacking experts gather at a conference in Miami this week, a couple of key themes are emerging: The threat of cyber attacks on corporate and government sites is on an ominous rise. And there is a fortune to be made in battling the bad guys
Intelligence Spending Drop Reverses Trend(Bloomberg) The United States spent $75.4 billion on intelligence agencies and activities in the last fiscal year, down from $78.6 billion the previous year, according to figures released Tuesday by the federal government
SAP India maps India address directory(Fierce Big Data) SAP India has announced a partnership with MapmyIndia, to enhance the capabilities of its SAP Data Quality Solution. Through the partnership, SAP will use MapmyIndia's India Address Directory in order to help enterprises verify precision of data, profile, cleanse and standardize it
EMC to acquire Silver Tail Systems(Fierce Big Data) EMC Corporation (NYSE: EMC) has signed an agreement to acquire privately-held Silver Tail Systems, a leader in real-time web session intelligence and behavioral analysis. Silver Tail's big data approach to fighting cybercrime will help accelerate RSA's strategy to leverage data analytics and adaptive risk-based controls for broader consumer and enterprise security use cases
VMware, the bell tolls for thee, and Microsoft is ringing it(Network World) Survey results from VMworld indicate that Microsoft is becoming a threat to VMware's user base. VMworld is about a month behind us now and I've had a little more time to noodle on the joint survey I did with virtualization management vendor Xangati. There was a tremendous amount of energy at VMworld and the show floor was one of the biggest and busiest I've seen in a long time. This might give one the impression that the VMware franchise is impenetrable, but the survey shows differently
Navy Preparing Counter-Networks and Illicit Trafficking $5B Contracting Program(Govconwire) The Naval Air Warfare Center's new counter-networks and illicit trafficking program office is preparing a $5 billion contracting program that will provide operations support to its mission to stop smugglers and terrorists. According to a Washington Post article, the five-year contract calls for building hardware and software, managing training, conducting studies and analyses and other
General Dynamics IT Wins Contract from CMS Worth Potential $100M(Govconwire) General Dynamics' (NYSE: GD) information technology business unit has won a task order from the U.S. Health and Human Services department's Centers for Medicare and Medicaid Services, to support the medicare secondary payer program. According to General Dynamics, the task order falls under the CMS enterprise system development contract, valued at $100 million for its
Visa Planning to Step Up Credit Card Security For Retailers(switchcommerce) Visa is changing the game in its industry by overhauling credit card security. The current magnetic strip backing on credit cards dates back to the 1960s and 1970s. At that time, the technology was enough to prevent most would-be thieves from stealing someones information
F-Secure keeps your apps, plugins and OS up-to-date(Help Net Security) F-Secure has introduced Software Updater which offers patch management as a business security feature. Over 80% of the top 10 malware detected by F-Secure Labs are targeted against software weaknesses
Splunk Enterprise 5 released(Help Net Security) Splunk announced Splunk Enterprise 5, which includes added features to create a powerful platform for developers building big data applications
Interactive CERT map from ENISA(Help Net Security) ENISA has published a new interactive CERT map and Inventory of CERT's activities in Europe containing publicly listed teams and co-operation, support and standardisation activities
Cirro, Tableau partner and integrate analysis, BI(Fierce Big Data) Cirro and Tableau Software announced a strategic partnership today that will result in the integration of Cirro's big data access and analytics with Tableau's business intelligence software
Rugged Android device with secure communication(Help Net Security) Cummings Engineering, in partnership with Ascent Rugged Mobile, is launching SAIFE Defender, a commercial rugged Android device with secure digital communications. SAIFE Defender, a rugged mobile Android device with interoperable secure communications capabilities, is platform-neutral; field officers can communicate securely with each other even if they are using different devices, such as a BlackBerry, iPhone or Droid. Additionally, agencies dont have to invest in unique radio infrastructure but instead can securely leverage existing commercial carrier networks such as Verizon, AT&T, and others
Mobility management for Windows Phone 8(Help Net Security) AirWatch unveils device and application management support for Windows Phone 8 devices. With the introduction of the Nokia Lumia 920 and Nokia Lumia 820, partnerships with important enterprise players like AirWatch will continue to make Nokia Lumia the most obvious choice for business, said David Mason, Global Head of Business Mobility, Nokia. Nokia Lumia brings innovative experiences that people love like wireless charging - so your phone is always charged - while Windows Phone 8 ensures IT administrators are confident the companys data is secure"
ARM Launches New 64-Bit Processors(PC Magazine) Mobile processor giant ARM announced two new processor designs today, which will bring 64-bit computing power to phones and tablets and try to challenge Intel's dominance in the server space
Calling Foul on the Political Football That is Do Not Track(Threatpost) It looks like it's time for a do-over for DNT. The oft-maligned specification has become—like many other standards efforts before it—a political football. Parties with interests on both sides of the issue have their own agendas, cannot agree on semantics and ignore, in this case, what should be the heart of the issue for users—a clear personal choice about browsing privacy
Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls(Internet Storm Center) Nearing the end of the month it would be remiss not to mention the DSD 35 mitigating strategies. Whilst not strictly a standard it provides guidance and The Defence Signals Directorate or DSD is an Australian government body that deals with many things called Cyber. Amongst other things they are responsible for providing guidance to Australian Government agencies and have produced the Information Security Manual (ISM) for years
ASP.NET Gets Better Cryptography(InfoQ) .NET 4.5 brings a lot of improvements in how Cryptography is handled within ASP.NET, with new APIs Protect and Unprotect and various under-the-hood changes. Levi Broderick explains the motivation, the changes and compatibility in a series of articles. ASP.NET needs two secret hash keys for crypto - decryption key and validation key - this pair is together called a machine key. The machine key is reused between different components. Levi's first article shows how this .NET 4.0 design can lead to security issues in one component have a much bigger impact on other components of the system as well
Research and Development
A surveillance system that can anticipate trouble(Help Net Security) Two researchers from the Psychology Department of the Carnegie Mellon University have managed to create a video surveillance system that not only follows human activity, but is also capable of predict.
DHS Proposes Cybersecurity Education to Begin in Kindergarten(The New American) In an effort to embolden the next generation of cyber professionals, the Department of Homeland Security (DHS) is devising an initiative to encourage and equip young Americans with knowledge and skills in the science of cybersecurity. Writing a blog entitled, "Inspiring the Next Generation of Cyber Professionals" DHS Secretary Janet Napolitano announced a plan to extend "the scope of cyber education" beyond the federal labor force through the National Initiative for Cybersecurity Education, targeting students from kindergarten all the way up to post-graduate school
How a University leveraged BYOD(Fierce CIO TechWatch) InformationWeek has an interesting report about how Long Island University began a pilot program to make use of the Apple (NASDAQ: AAPL) iPad in the fall of 2010. The initiative has reached out to 10,000 students and educators so far, and is worth studying for its parallels to the issues that an enterprise deployment will face
Will the Third Worldwide Cyber Security Summit of Delhi Succeed?(CJNet India) Cyber security, like any other initiative, requires dedicated, actual and ground level work. If the actual work and will is missing, thousands of partnerships and conferences cannot bring any result. Of course, techno legal initiatives like National Cyber Security Database of India (NCSDI) and Cyber Security Research and Development Centre of India (CSRDCI) can be really helpful in bringing ground level and actual cyber security improvement and strengthening efforts in India
Showdown set on bid to give U.N. control of Internet(Al Arabiya) It is expected to be the mother of all cyber diplomatic battles. When delegates gather in Dubai in December for an obscure U.N. agency meeting, fighting is expected to be intense over proposals to rewrite global telecom rules to effectively give the United Nations control over the Internet. Russia, China and other countries back a move to place the Internet under the authority of the International Telecommunications Union, a U.N. agency that sets technical standards for global phone calls.U.S. officials say placing the Internet under U.N. control would undermine the freewheeling nature of cyberspace, which promotes open commerce and free expression, and could give a green light for some countries to crackdown on dissidents
Cyber attacks have changed, but Australia is doing something about it: SANS(ARN) Security group finds that Australian government agencies are proactive in dealing with security threats. Australia knows how to fix things and is doing something about it, at least when it comes to online security. That is according to SANS Institute research director, Alan Paller, after he recently caught up with the Defence Signals Directorate (DSD), an intelligence agency in the Australian Government Department of Defence
Hopes for federal cybersecurity standards fading(CSO) Cybersecurity is clearly on the agenda of both Congress and President Obama. But it is just as clearly not at the top of their list. The prospects this year for federal cybersecurity standards governing private-sector operators of critical infrastructure, either through legislation or presidential executive order, are fading
Obey the law, or else. California cracks down on app developers for privacy(CNet) Attorney General Kamala Harris is notifying mobile-app developers and companies that they must get in line with California law and post privacy notices for users or else face steep fines. Making good on her promise, California Attorney General Kamala Harris has continued her crackdown on mobile-app developers and companies for not doing more to ensure users' privacy. She announced today that she'll be sending letters to 100 app developers and companies to formally notify them that they're violating California's privacy laws."Protecting the privacy of online consumers is a serious law enforcement matter," Harris said in a statement today
Bank phishing gang arrested after hotel swoop(TechWorld) UK police have arrested three men accused of being involved in large-scale Trojan phishing attacks against a range of banks. Picked up in a London hotel after an operation described as intelligence-led, the two unnamed Romanians and a Nigerian were arrested on 29 October on suspicion of money laundering and conspiracy to defraud, police said. The men are alleged to be behind the appearance of 2,000 bogus bank login pages that had been part of a campaign to steal account details
Warrantless Wiretapping and Transparency Uber Alles(The Real News) Shortly after the terrorist attacks of September 11, 2001, President George W. Bush authorized the NSA to secretly wiretap Americans' international communications without any warrant, suspicion of wrongdoing or court oversight at all. The Bush administration managed to keep this secret for years, until July 2008 when - with a perfectly straight face and on the heels of some noisy media attention - the president signed the FISA amendments into law. An hour later, the American Civil Liberties Union went to court on behalf of a large number of human rights groups, journalists and attorneys seeking to have the Supreme Court declare the law unconstitutional.
FBI rolls out round-the-clock cyber crime team(SC Magazine) "A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define the attribution piece of a cyber attack to help determine an appropriate response," McFeely said in the statement. "The attribution piece is: Who is
Georgia turns the tables on Russian hacker(ZDNet) What happens when you're continually the target of cyberattacks? You hack the hacker. The Ministry of Justice of Georgia was fed up. Continual, persist cyberattacks that stole confidential information from various government agencies, parliament, banks and NGOs had carried on for months. The activity warranted an investigation, and so in March 2011, Georgia launched an investigation to find the perpetrators
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
TechExpo Cyber Security Careers(Columbia, Maryland, November 1, 2012) Profit from presentations by leading industry figures and networking opportunities designed for serious job-seekers.
Anatomy of an Attack(New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.
ZeroNights(Moscow, Russia, November 19 - 20, 2012) ZeroNights is an international conference dedicated to the technical side of information security. The mission of the conference is to disseminate information about new attack methods, threats and defense...
Digital Security Summit(Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.
Passwords^12(, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.