Israeli authorities continue to prepare for Sunday's threatened "OpIsrael" attacks by Anonymous, and security experts offer security measures users can take themselves.
North Korea engages in more brinksmanship; the South prepares for cyber (and kinetic) war. US Forces Korea experienced a website outage whose cause remains undetermined (technical problems are as likely as cyber attack). And Anonymous resurfaces on the peninsula with denial-of-service attacks on North Korean networks—the hacktivist collective tells the Hermit Kingdom's inmates the "Anons are here to set you free." It's unclear whether this intervention will be helpful.
The denial-of-service attack on Spamhaus was as big as initially reported, but also less significant to the Internet as a whole than smaller targeted attacks. More lessons about DNS security are drawn from the incident.
Recently discovered malware adds mouse-click tracking to its obfuscation features.
Last week's renewed denial-of-service campaign on US banks by the Izz ad-Din al-Qassam Cyber Fighters appears to have been well funded. One apparent victim, however, JPMorgan Chase, in fact suffered a bug, not an attack.
China's Global Times responds to US anti-cyber espionage measures with a tu quoque—the Americans are worse than we are. Meanwhile, the Chinese government upgrades its malware arsenal for use against Tibetan activists.
Firefox issues an update to good Sophos security reviews: "no known vices."
The US FTC announces the winners of its anti-robocall challenge.
Australian, Canadian, and British media worry about the adequacy of their respective nations' cyber policies: do they go far enough for public safety?
Today's issue includes events affecting Australia, China, Canada, Egypt, European Union, Iran, Israel, Republic of Korea, People's Democratic Republic of Korea, Malysia, NATO, Netherlands, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Hackers Threatening Organized Cyber Attack(The Jewish Press) Anti-Semitic hackers are threatening to "Erase Israel from the Internet" on Sunday, April 7 in an organized campaign to take down Israeli web sites. Israel is a favorite cyber target of hackers and anti-Semites worldwide, and Israel, for the most part
US Forces Korea website down for hours(Fox News) A senior Defense Department official told Fox News the military is not currently blaming a cyber attack for the failure, but that scenario has not been ruled out either. Pentagon spokesman George Little later said there are no indications at the moment
Anonymous Hits North Korea Via DDoS(InformationWeek) Hacktivists disrupt government and airline websites after North Korean government threatens to restart nuclear reactor, invade South Kore
North Korea cyber warfare unit 3,000 elite hackers(Cyberwarzone) South Korea's defense ministry had earlier said it plans to gradually increase the size of Cyber Command to over 1,000 people. The South Korean military launched the Cyber Command in early 2010 to handle cyber security issues along with different military and intelligence organizations, but there is no control tower to integrate the policies and strategies that defend military networks
Malware Arsenal Targets Tibetan Activists(Threatpost) Tibetan activists in China as well as those living in exile around the world are being targeted by dangerous malware that not only steals data from infected computers, but also has graduated to reporting location data from mobile devices for surveillance purposes
Security Experts Confirm One Of The Largest Cyber Attacks In History(Social Barrel) Experts have confirmed the Internet is in the midst of the biggest Distributed Denial of Service (DDoS) attacks in cyber history. These recent cyber attacks affect key parts of the Internet's infrastructure and messes up Internet speeds in several European countries
Spamhaus DDoS Spotlights DNS Server Security Challenge(Dark Reading) Spamhaus DDoS attack puts renews talk of DNS server security. When the Spamhaus Project was recently hit with a tsunami of distributed denial-of-service attack traffic, the impact of the incident caused a stir in the world of network security
The cyber-fighters of Izz ad-Din al-Qassam well-funded(Cyberwarzone) Operation Ababil from Izz ad-Din al-Qassam a large targeted DDoS attacks during working hours on last Tuesday, Wednesday and Thursday on U. S Banks. Among the targets were the websites of Bank of America, Capital One, Citibank, PNC Bank, Union Bank and Wells Fargo, as well as that of American Express. In a statement, an American Express spokesperson said, "Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon
JPMorgan Chase website outage linked to server, not cyber attack(Los Angeles Times) American Banker reported that American Express was hit Thursday by a cyber attack that left some customers unable to access their accounts. The trade newspaper said TD Bank as well as Wells Fargo Bank suffered similar attacks in the last two weeks
How anyone can be a bank-robbing hacker(ZDNet) Hackers have claimed to have broken into the Commonwealth Bank of Australia's UK site, but with the bank denying any attack, is this just another case of putting one and one together and getting three? There's an old adage that on the internet, nobody knows you're a dog. It's been previously used to demonstrate that it's hard, if not impossible at times, to determine whether someone really is who they say they are -- be it man, woman, or dog -- but it equally applies to hackers
United HomeCare Admits Security Breach(eSecurity Planet) Florida's United HomeCare (UHC) recently notified its clients that the theft of an employee's laptop on January 8, 2013 may have resulted in the exposure of clients' personal health information, including names, Social Security numbers, birthdates, home addresses, service dates, health plan numbers, services received, and/or health status
University's email blacklisted after spammers hijack student accounts(TechWorld) The University of Illinois has had its email domain blacklisted after phishing scammers managed to compromise the email accounts of a many dozens of students and staff in a short period of time, the institution has said. According to a warning posted to the Campus Information Technologies and Educational Services (CITES) website, the initial assessment was that the accounts of at least 36 people had been hacked during the attacks but that the true number was probably much higher. The phishers used the common tactic of warning users that they should enter their account details on a bogus site to avoid having email blocked, snaring many unwary users
Spammers dodge junk filters with Google Translate(CSO) Spammers are using Google's good reputation to dodge mail filters deliver their irritable spew to inboxes across the Internet. The junkster tactic was discovered by Barracuda Labs after examining the messages from a variety of large-volume spam campaigns showing up in the company's honeypots
Aggressive Android adware and malware on the rise(Help Net Security) With adware gleaning more user data from people devices than they would normally need too and developers bundle more than one adware framework into their apps, user privacy is increasingly taking a backseat to profit for developers and advertisers. More and more unknown third parties now have access to user browsing history, phone numbers, email address and everything they need to compile comprehensive and personalized user profiles
Card skimmers targeting more than ATMs, says EU(The Register) Crooks are branching out beyond bank ATMs by installing card skimming devices on a payment terminals ranging from train ticket kiosks to parking meters, according to European anti-fraud experts
Most browsers running old, vulnerable versions of Java(FierceCIO: TechWatch) Security vendor Websense believes it has uncovered the core problem behind the recent spate of high-profile attacks that exploited Java within browsers. To better understand what users have installed on their machines, the company recently added Java version detection capability into its threat engine
Cyber witch hunt ignores mote in West's own eye(Global Times) Recently, a report by Mandiant, an US cyber security firm, stirred up a lot of China-bashing brouhaha. Mandiant's far-fetched accusations were not only denied by the Chinese government, but also challenged by many US cyber security experts. While the dust was settling down, Reuters suddenly jumped into the muddy pond by publishing an article entitled "Top China college in focus with ties to army's cyber-spying unit" by Melanie Lee, a Reuters tech correspondent based in Shanghai
Security Patches, Mitigations, and Software Updates
The Driving Forces in Cyberspace are Changing the Reality of Security(infosec island) We are already living in an interconnected "online world", where we - as individuals, society, the military, and the global economy - rely on both the functionality and security of this "World of Bytes". Every second the cyber domain expands and becomes more complex. This means that there is an incredible scope of possibilities and the means develop new things. The integration of the online world with the physical world brings a new dimension to human life. It is vital to understand that cyberspace should not be treated as a separate domain but as one that is entwined with the physical space
Security incident response below par at most firms, says Guidance Software(ComputerWeekly) Most firms are not as prepared as they should be for responding to cyber attacks, says e-discovery firm Guidance Software. But with sensible reviews of processes and communications strategies, up to 70% of firms could put themselves on a much better footing, said Nick Pollard, the firm's senior director of professional services
BYOD practices by healthcare workers pose security risks(FierceMobileHealthCare) Nearly 89 percent of U.S. healthcare workers use their personal smartphones for work purposes, finds a Cisco partner network study. However, when it comes to security, the study found that 41 percent of healthcare employees' personal devices are not password protected, and that 53 percent of healthcare employees access unsecured WiFi networks with their smartphones
Smartronix to Continue Hosting Treasury Cloud(The New New Internet) Smartronix has won a contract from a blanket purchase agreement and an initial task order to continue providing web hosting services to the U.S. Treasury Department for a cloud computing environment
Gary Slack Promoted to QinetiQ NA President, COO(GovConWire) Gary Slack, formerly executive vice president and chief financial officer for QinetiQ North America, has been promoted to president and chief operating officer at the Reston, VaDepartment of Veterans Affairs.-based defense technology maker. Slack's promotion is effective April 2013, according to his biography on QNA's website, which also says he currently holds the interim CFO
Deconstructing Defensible - Defensible is not the Same as Secure(infosec island) In my previous post, The Castle has no Walls, I introduced the concept of 'defensible' as a goal for enterprises to replace the notion of secure which I fully believe is an outdated and broken descriptor for anything in today's hyper-connected, modern world. This post and the few that follow go through the five basic ideas behind defensibility and why defensible is a state we should be striving for as enterprise security professionals
Why SIEM alone is not enough(Tripwire) Studies have been cited in attempts to claim that SIEM is deadthe same claims made a few years ago about some other controls, yet these security tools too are alive and well. Although many organizations are still purchasing SIEM solutions, they tend to be hard to deploy, complex to manage over time, and limited in their ability to detect security events. The best solution is to combine SIEM information with data derived from other controls in order to add context to the suspicious activity detected, and allow for achieving a more complete state of security
FTC Announces Winners of Death-to-Robocalls Challenge(Wired Threat Level) The Federal Trade Commission gets about 200,000 calls monthly from consumers complaining about robocalls, those illegal prerecorded messages hawking everything from timeshares in the Bahamas to free money. Because the commission's "do-not-call" registry was simply not able to handle the
Fujitsu addresses big data from a different angle(Fierce Big Data) While each week brings a new startup in the big data arena, some larger, long-time players in networking have been quietly working on their big data strategies. Fujitsu Laboratories is one of them. This week, Fujitsu introduced advancements in high-speed data processing, which it says increase its capacity by a factor of five
Beware of hidden biases(Fierce Big Data) Is there a danger that minus some disciplines, the embrace of big data and acceptance of its hype will lead to a data fundamentalism where the ideas that correlate always indicate causation, and massive data sets and predictive analytics always reflect the truth and go unquestioned? Kate Crawford is a principal researcher at Microsoft (NASDAQ: MSFT) Research and a visiting professor at the MIT Center for Civic Media, and she thinks there is one
Wrestling for success(University of Delaware) The second installment of the President's Leadership Series featuring David G. DeWalt, chairman and CEO of FireEye, was held March 21 at the Roselle Center for the Arts. DeWalt, who graduated from UD in 1986 with a bachelor's degree in computer science, is a leading expert in the fields of technology, cyber security and mergers and acquisitions. In his lecture, titled "Numbers: Transformational Stories of Success and Failure from the East Coast to the Silicon Valley," DeWalt used numbers to illustrate the important life lessons he was able to cull from his greatest achievements and most trying losses
Legislation, Policy, and Regulation
California Considers Pushing Data Disclosure Envelope Again(Threatpost) California, which set the standard for data breach notifications nationwide, is again seeking to set a precedent by becoming the first state in the nation to require companies upon request disclose to California consumers the data they've collected and to whom it was shared during the past year. They would be required to respond within 30 days and provide the report for free
Recalibrate U.S. Cyber Efforts to Better Meet the High-end Threat From Nation-states(Huffington Post) In the discussions about cyber threats that continue and expand daily, there is a tendency to lump together all types of threat regardless of where they fall on the spectrum. This lack of precision entails consequences, one of which is that it prevents us from focusing on the highest-end threats that should command our greatest attention. To move forward smartly, the United States needs a way of thinking about the various threat actors that parses and differentiates between and among them, according to the significant ways in which they may differ. Such a typology would help U.S. policy-makers better rack and stack the threat, and respond accordingly. Keep in mind that not all hacks or hackers, nor all actors, are the same
Cyber security is a team sport(Sydney Morning Herald) Securing Australia's cyber space is a shared responsibility, argues Raymond Choo. Malicious cyber activities are no longer a matter of if but of when, and in our increasingly interconnected world, threats to our national sovereignty can come from unexpected sources and directions. It is an undeniable global, 360-degree challenge for both developed and developing countries. The difficult task of securing our cyber future is defined not only by the need for human, process and technical perfection but also by our ability to manage the imperfections
South Korea to set up cyberpolicy unit(ZDNet) New department will oversee cyberdeterrence policies and prepare information security measures, and its top priority will be developing cyberwarfare weapons to protect military networks. South Korea will establish a cyberpolicy department to oversee policies and prepare information security measures. The new unit's top priority is to develop defensive cyberwarfare weapons. This follows the launch of the country's cybercommand division in early 2010 to handle cybersecurity issues along with different military and intelligence organizations, said a report Tuesday by Yonhap news. It noted there was so far no control tower to integrate the policies and strategies to protect military networks
Cyberwars call for new rules of engagement(ZDNet) The specter of cyberwar is beginning to rear its head, so do the rules of engagement need updating? Cyberwar is beginning to take root. Even before nations go to war, the hackers are already at it. And even as nations are not at war, such as what happened in Malaysia's dealing with the Sulu incursions, the hackers are quick to begin attacking government assets
Cyberwar is here(Cyberwarzone) Last year, hackers hit Saudi Aramco, the world's largest oil producer. They erased data on 30,000 computers, jammed the company's email for months and plastered screens with a burning American flag. Security experts believe the attack was organized by Iran
Is the UK really prepared for cyber attack mitigation?(SC Magazine UK) The claims in the National Audit Office's (NAO) report are made in spite of recent action taken by the government to develop a robust cyber strategy - including GCHQ's formation of the UK's first academic research institute set up to arm the nation
Aaron Swartz's Prosecutors Were Threatened and Hacked, DOJ Says(Wired Threat Level) Massachusetts federal authorities involved in the prosecution of Aaron Swartz have received threatening e-mail and snail mail, the Justice Department said in a court filing, and the lead prosecutor in the case had his Facebook page hacked
Donald Trump is Suing a Brooklyn man for Cyber squatting(The Hacker News) J. Taikwok Yung is 33, lives with his mom in Brooklyn, and bought domain names that criticize billionaire Donald Trump and cybersquatting him. Cybersquatting is a legitimate crime that's defined by the Anticybersquatting Consumer Protection Act
Cyber Threats Concerns in State Intelligence Report To Texas(Cyberwarzone) While organized crime is seen as the most significant public safety threat in Texas, drunk driving, natural disasters, terrorism, industrial accidents and cyber security also are among the major threats that keep lawmakers up at night. The Department of Public Safety (DPS) recently released its 2013 Texas Public Safety Threat Overview, a state intelligence estimate that offers a review of current public safety threats to Texas
UK Police Charged with Inappropriately Accessing Data(eSecurity Planet) Nineteen members of the Derbyshire Police apparently violated data protection rules in the past three years. The Derby Telegraph reports that 19 staff members of the UK's Derbyshire Police have inappropriately accessed information in violation of data protection rules over the past three years
3 divers blamed for Egyptian submarine cable cut(FierceCIO: TechWatch) Three divers were caught by the Egyptian Coast Guard while attempting to cut through an important undersea fiber optic cable near the port at Alexandria. The link that the divers were allegedly severing is believed to be the 12,500 mile-long South East Asia-Middle East-West Europe 4 (SEA-ME-WE 4) cable that runs from France to Singapore
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
HITBSecConf2013(Amsterdam, the Netherlands, April 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team,...
SANS Northern Virginia 2013(Reston, Virginia, USA, April 8 - 13, 2013) This event features comprehensive hands-on technical training fand includes several courses that will prepare attendees for DoD 8570 and GIAC approved certification exams. Four of the courses can apply...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Software Engineering Institute Invitational Career Fair(Pittsburgh, Pennsylvania, USA, April 11 - 12, 2013) Attention software engineers and cyber security professionals, the Carnegie Mellon Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing...
Information Tech Expo Series - Hawaii(Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Cyber Guardian 2013(Baltimore, Maryland, USA, April 15 - 20, 2013) Cyber Guardian is the SANS Institute's annual, interactive training session for cyber security professionals. All courses are associated with a GIAC Certification, and cover topics like intrusion detection,...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
Mobile Device Security for Defense and Government(Alexandria, Virginia, USA, April 23 - 24, 2013) This Defense Strategies Institute conference addresses the challenges of operating mobile devices in networks whose security is mission critical. The symposium's overall theme will focus on DOD's plan...
Infosecurity Europe(London, England, UK, April 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every...
INSA Leadership Dinner Featuring Betty Sapp, Director, NRO(Reston, Virginia, USA, April 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community.
23rd Annual Government Procurement Conference(Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...
TechExpo Cyber Security Hiring Event(Columbia, Maryland, USA, April 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.