A group calling itself the "Portugal Cyber Army" claims to have accessed and leaked data from both the Hong Kong Police and the Dubai Airports.
CBS News Twitter accounts were hijacked over the weekend by a crank conspiracy theorist who's using them to disseminate suspicious links (as well as crank conspiracy theories).
The Internet Storm Center reports discovering a chargen-based denial-of-service attack, unusual both in that chargen is rarely enabled, and that chargen has seldom been used to execute (as opposed to obscure) an attack.
The Chinese government again denies involvement in cyber espionage. The South China Morning Post hopes for an easing of Sino-American cyber tension (and pressure on Huawei and ZTE business) in a US Government Accountability Office report which the paper takes as minimizing the frequency and severity of cyber attacks on telecommunications networks. But the US Administration continues exploring options for retaliation against Chinese cyber operations, and the US Department of Defense plans to increase spending on offensive cyber capabilities.
Oracle delays planned Java updates to give it more time to address security concerns. A faulty security definition update from Malwarebytes inadvertently disables the systems on which it was installed.
Microsoft disputes an anti-virus testing report that claimed Bing delivered risky search results more often than Google. Sophos offers useful suggestions for handling security incidents.
Last week's vile murder of people innocently attending the Boston Marathon prompts reflections on crowdsourcing criminal investigations, social media reliability, the rise of "digilantism," and CISPA's possible effects on all this.
Today's issue includes events affecting Australia, Barbados, China, Denmark, Estonia, Finland, Germany, Israel, NATO, Norway, Portugal, Russia, South Africa, Sweden, Trinidad and Tobago, United Arab Emirates, United Kingdom, United States, and Zambia..
Dubai Airports website 'hit by cyber attack'(ArabianBusiness.com) Dubai Airports' website was hit by an apparent cyber attack that led to the exposure of employees' email addresses and other data. A document posted on the website Pastebin.com by two groups calling themselves The Portugal Cyber Army and HighTech
CBS Twitter Accounts Hacked, Tweeting Suspicious Links(TechCrunch) At least 3 CBS-affiliated news accounts have been hacked, apparently by a rabid conspiracy theorist who wants the world to believe that President Obama is aiding Al-Qaeda. Accounts for @60minutes @48hours, and @CBSDenver have all been hacked, some tweeting suspicious links (don't click on them). Screenshots below. CBS is apparently working with Twitter to get the situation under control
A Chargen-based DDoS? Chargen is still a thing?(Internet Storm Center) In the recent few days there was another denial of service attack launched at financial organizations. (Yeah, I know, DDoS on a bank, that's *totally* never happens). What is newsworthy isn't that it happened, it was the means used to execute the attack. Specifically, the organizations were flooded with UDP port 19 traffic which is the chargen protocol. I am not sure I've ever seen a legitimate use of this protocol or encountered a machine that had it on intentionally before. For review, chargen is basically a character generation protocol that listens on port 19 with TCP or UDP. If you connect to TCP, it continues to stream random characters until you close the connection. With UDP, it will respond with an up to 512 byte response depending on the request. In this particular case, it was another amplification attack using UDP. What makes chargen under UDP so desirable is that you can spoof sources without having to worry about establishing a fake connection and that it responds with packets much larger than the request. In short, if your networks are exposing a service that responds to UDP with packets much larger than the request (DNS in particular is popular these days), take due care that you are doing rate-limiting if those protocols are Internet-accessible. It's not a common attack using chargen and there is some evidence that in a few of the cases in the past few years the attack was used as a smoke screen to hide other attack traffic
Boston Marathon spam targets Australians: SCAMwatch(CSO) The Australian Competition and Consumer Commission's SCAMwatch is warning people not to click on spam emails claiming to contain links to websites with information about the Boston Marathon explosions
China Denies Cyber Spies are Linked to Military Unit(Sacramento Bee) Dr Umbach warns of the increasing cyber attack capabilities of 'rogue states' such as North Korea and Iran, and those of trans-national cyber crime organisations. He warns that the attacks are expected to increase significantly and present highly
LTE: China Hacking into US Computers(Gant Daily) An American computer security firm, Mandiant, completed a study of Unit 61398, and determined most of the attacks on U.S. corporations have emanated from this group. Companies targeted include electric utilities, gas lines and waterworks. The Chinese
Israel contains cyber attack(Oman Tribune) Hackers have launched an assault on Israeli websites, but the damage has been minimal as the Jewish state is prepared to fend off such attacks, one of the country's top cyber experts said on Sunday
Newly Discovered Android Malware Was Downloaded Millions Of Times(TechCrunch) Security firm Lookout has detailed a clever new bit of Android Malware lurking in the Google Play store. The good news: unless you're downloading questionable Russian clone apps, you're probably not affected. The bad news: that hasn't kept it from being downloaded a few million times
Android adware on the rise(GMA News) Bitdefender said its research showed these adware can gather personal data from address book contacts and text messages stored in a mobile phone or tablet, said tech site TechHive, which got a copy of the report. "More and more unknown third parties
Security Patches, Mitigations, and Software Updates
Oracle delays Java 8 release to focus on security(FierceCIO: TechWatch) The original September 2013 target for the release date of Java 8 is no longer achievable, according to Mark Reinhold, chief architect of the Java platform group from Oracle. In a new blog that shed light on Oracle's (NASDAQ: ORCL) efforts to maintain the security of the Java Platform, Reinhold said focusing on security has taken engineers away from working on Java 8. Oracle has been heavily criticized for a string of security flaws discovered in Java recently
Synergistic Challenges Vex Intelligence Community(SIGNAL) When it comes to new geopolitical challenges, the whole is greater than the sum of its parts, and the intelligence community must undertake its own changes to be able to respond to the emerging new world
Expert insights 1: Cyber threats and security in the Caribbean 2013 update(ICT Pulse) We revisit our discussion with network/IT security professionals on cyber intrusion and security in the Caribbean, in the hope to gain new insights in 2013. A few weeks ago, the Guardian Newspaper in Trinidad and Tobago published an article, "Caribbean cyberttacks on the rise?", in which it listed 20 cyber crime stories that were reported between April 2012 and March 2013. Unlike previous years, where they might be just a handful of news reports on unauthorised intrusions, at the very least, more of them are finding their way into the public domain, which hopefully is fostering greater awareness of cyber threats and the need for greater vigilance and security
Cyber Criminals Have Small Businesses In Crosshairs, Says Report(Small Business Trends) A false sense of security is one reason small businesses may take less care. An earlier survey by Symantec discovered many small businesses believe they're "immune" to a cyber attack. They believe no one could possibly stand to gain from cyber attacks
Is cyber war the new cold war?(The Nation) NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) - a unit based, not by accident, in Estonia, which experienced a massive cyber-attack from Russia in 2007 - distinguishes between "cyber crime,""cyber espionage," and "cyber warfare
Military Devotes More Money To Cyber-Attack Capabilities(USA Today) The U.S. military is increasing its budget for cyber-warfare and expanding its offensive capabilities, including the ability to blind an enemy's radar or shut down its command systems in the event of war, according to two defense officials
DoD Request Would Redirect $7.5 Billion(Defense News) The Pentagon is preparing to ask Congress for permission to shift billions of dollars within its already reduced fiscal 2013 budget primarily to pay for increased war costs, but is still looking for ways to fill a $15 billion operating shortfall
Maryland: It's our turn to get a federal agency(Washington Examiner) The state already hosts the U.S. Cyber Command at Fort Meade, the National Security Agency and the Defense Information Systems Agency, he noted. But if the decision to move the FBI is made for reasons other than the need for "equity" in the region
Homeland Security Acts on Cyber Workforce Recommendations(Nextgov) The Homeland Security Department is working to implement 11 recommendations from an advisory council to better develop, recruit and retain sophisticated cybersecurity talent. In a webinar on Thursday sponsored by Government Executive and Northrop Grumman, Dr. Doug Maughan, director of the cybersecurity division at DHS, said the department is moving forward on 11 recommendations released in October by the Homeland Security Advisory Council's Task Force on Cyber Skills to effectively recruit, retain and train mission-critical cybersecurity professionals
IRS Will Close To Public For Five Days Due to Furloughs(Bloomberg) The Internal Revenue Service will close all of its public operations on five days from now through August because of employee furloughs, acting commissioner Steve Miller told employees in a memo today. The tax agency will be closed and almost all employees will be furloughed on May 24, June 14, July 5, July 22 and Aug. 30, Miller wrote. The closing will affect operations such as the IRS toll-free lines and taxpayer assistance centers
As federal dollars shrink, Lockheed fishes for new revenue streams(Washington Post) Bethesda-based Lockheed Martin is known as the largest defense contractor in the world, building military aircraft, satellites and ships. Now it wants to be a power company. As government contractors see pressure on government spending, they're taking another look at the technology and capabilities they have and finding ways to redirect those skills
Q&A: Lockheed Martin exec lauds Springs workforce(Colorado Springs Gazette) Cybersecurity is part of virtually everything Lockheed Martin Corp. does in Colorado Springs, said Robert Smith, vice president of space and cyber for the defense giant's Information Systems and Global Solutions-Defense operations. Those operations
Huawei, ZTE may benefit from US security report(South China Morning Post) Based on an 11-month probe conducted by the House Intelligence Committee, the October study urged US companies to stop doing business with both Huawei and ZTE for fear of possible spying and cyberattacks by China. ... Both the Federal Communications
DISA Awards $404M Small Business Enterprise IT IDIQ(GovConWire) The Defense Information Systems Agency has awarded four small businesses positions on a potential $404 million contract to help the agency run its enterprise information technology environment. DISA awarded the Information Technology Enterprise Support Services vehicle as a 100-percent set-aside for Small Business
Report: Peter Klein to Step Down as Microsoft CFO in June(GovConWire) Peter Klein will leave Microsoft (NASDAQ: MSFT) at the end of June after nearly three years of service as chief financial officer. Klein spent 11 years at Microsoft and the software giant is expected to promote his successor within the coming weeks, Reuters reported Thursday. Before becoming the company's CFO, Klein served as corporate vice
Blackstone Group Cancels Dell Takeover Bid(GovConWire) Blackstone Management Partners LLC has withdrawn its bid to acquire Dell (NASDAQ: DELL) following its due diligence process. Dell's special committee received the notice through Boulder Acquisition Corp., a partner in the Blackstone-led group that submitted a takeover offer in late March, Dell said Friday. Blackstone and its partners offered to buy the computer manufacturer for
The Bitcoin Bubble and a Bad Hypothesis(The National Interest) The sudden drop in the value of Bitcoins, the hot new Internet currency, has added urgency to the question of whether Bitcoin is the way of the future, or just another bubble. Not to keep readers in suspense, the answer is a bubble, but a particularly interesting example of one. In particular, Bitcoin represents what ought to be the final refutation of the efficient-markets hypothesis, which still guides most regulation of financial markets
What you should know before enabling Microsoft's two-factor verification(FierceCIO: TechWatch) Earlier this week, Microsoft announced that two-factor verification would be made available on the 700 million user accounts on its various online services. The new release will apply to entire accounts and include all Microsoft (NASDAQ: MSFT) apps and services--even those designed for competing platforms, such as iOS and Android devices. It will be rolled out over a number of days
8 tips for a security incident handling plan(Naked Security) Most of us know that there is no such thing as 100% security, and that - unfortunately - it's only a matter of time until a security incident occurs. Despite this, it's rare to see a good incident response process and plan in place
Data, Cloud, Government: The Dangers Of Data Sovereignty(IDG Connect) When Obama signed an extension to the Patriot Act, something interesting happened. People became worried the US would be able to access their data, no matter which country they resided in, because it was kept on the Cloud. When questioned, Microsoft couldn't promise that people's data was secure on their Office 365 Cloud service, because though you may be working from the EU, Microsoft is a US company and has to comply with the rules, and doesn't necessarily have to tell you about it. These rules apply to Gmail, Amazon and a host of others, despite various EU laws preventing this kind of thing, because they are all US companies
Design and Innovation
Blunt Talk For Would Be Entrepreneurs from Demo Panelists(IEEE Spectrum) For the past 50 years, Silicon Valley has long been confused about what it takes to start a company. So says Steve Blank, cofounder of E.piphany and other companies and currently a teacher of entrepreneurship at Stanford and other universities. The culture, he explains, demanded that would-be company founders write a business plan, with five-year projections about their proposed company's growth
Machine Learning Susses Out Social-Network Fraud(Dark Reading) Machine learning techniques can be used to detect fraud and spies on social networks based on certain features, such as the number of followers and the number of devices used to access the network. Certain characteristics of social-network accounts have a high correlation with fraud and can be used to differentiate between real and fake accounts, a researcher presenting at the SOURCE Boston Conference said this week
U.S. Air Force cadets win cyber war game with NSA hackers(Reuters) A U.S. Air Force Academy team on Friday beat out rivals from other elite military colleges after a three-day simulated cyber "war" against hackers from the National Security Agency that is meant to teach future officers the importance of cybersecurity
Legislation, Policy, and Regulation
U.S. Eyes Pushback On China Hacking(Wall Street Journal) The Obama administration is considering a raft of options to more aggressively confront China over cyberspying, officials say, a potentially rapid escalation of a conflict the White House has only recently acknowledged
Plugging Cyberdefenses(Washington Post) Congress must authorize the sharing of security data with the private sector
Cybersecurity Fight Moves to Senate(US Banker) The House on Thursday passed the Cyber Intelligence Sharing and Protection Act, or CISPA, by a vote of 288 to 127, which would authorize the National Security Agency and other intelligence agencies to share information about digital threats with owners
House passes cyber security bill despite veto threat(Chicago Tribune) Despite concerns about protections for private information, the House of Representatives on Thursday passed the the Cyber Intelligence Sharing and Protection Act, legislation on Thursday designed to help companies and the government share information
Would CISPA Have Slowed The Boston Bomber Investigation?(Nibletz) In short form CISPA ""authorizes federal agencies to conduct warrantless searches of information they obtain from e-mail and Internet providers," an easy to understand definition from CNET's Declan McCullough. Government agencies and big business are strongly advocating for the bill to pass into law. CISPA was approved on Thursday right during the fury of the Boston Bomber investigation, an investigation that many, like Business Insider, suggest would have been slowed, stalled or thwarted with CISPA in place
Anonymous Calls for Internet Blackout Monday to Protest CISPA(PC Magazine) In the wake of this week's passage of the controversial Cyber Intelligence Sharing and Protection Act (CISPA) by the U.S. House of Representatives, representatives from the hacktivist group Anonymous - if they truly have "representatives" per se - are calling
Dawn Of The Digilante(TechCrunch) It's hard to say with any conviction where we are in the process of, shall we say, crowd-sourcing justice. Like most things, it is a process, not something achieved, and while some question its utility, it's no good to question its existence. Some see the events of this week as a turning point, and in a way, they were, but there are dark days ahead for digilantes
Securities regulators turn gaze to cyber-threat(Financial News) Imagine you are a European futures trader sitting at your desk on a quiet trading day when your phone rings. At the other end of the line someone claims to be from the IT department and requires permission to access your PC remotely to urgently fix a bug. You oblige and pop to the coffee machine in the interim. When you return to your trading terminal a hugely oversized sell order has been sent to the exchange, which subsequently sparks a catastrophic selling frenzy, destabilising the market…"This is not science fiction," said Larry Ponemon, founder of information security think tank the Ponemon Institute. "A cyber-war is happening today
Mobile Device Security for Defense and Government(Alexandria, Virginia, USA, April 23 - 24, 2013) This Defense Strategies Institute conference addresses the challenges of operating mobile devices in networks whose security is mission critical. The symposium's overall theme will focus on DOD's plan...
Infosecurity Europe(London, England, UK, April 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every...
23rd Annual Government Procurement Conference(Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...
TechExpo Cyber Security Hiring Event(Columbia, Maryland, USA, April 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will...
INSA Leadership Dinner Featuring Betty Sapp, Director, NRO(Reston, Virginia, USA, April 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community.
Symposium on Cybersecurity & Information Assurance(Teaneck, New Jersey, USA, May 1, 2013) Fairleigh Dickinson University's Center for Cybersecurity and Information Assurance is pleased to announce its inaugural Symposium on Cybersecurity and Information Assurance to be held on May 1, 2013 in...
Critical Security Controls International Summit(London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security...
INSA Leadership Dinner with NGA Director Letitia Long(McLean, Virginia, USA, May 2, 2013) NGA At the Crossroads - Visualizing the Future. Join INSA and NGA Director Letitia Long as she shares her vision for transforming NGA and GeoInt in innovative ways that more effectively put the power of...
Interop Las Vegas(Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...
CyberSecurity UAE Summit 2013(Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...
Thriving in the Post-Sequestration GovCon Era(McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...
FOSE(Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...
7th Annual INSA IC Industry Day(Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...
CEIC 2013(Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.
Maryland/DC Celebration of International Trade(Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...
IEEE-Cyber 2013(Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT(Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...
Cyber Security for the Chemical Industry(Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...
DGI Cyber Security Conference & Expo(Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.