skip navigation

More signal. Less noise.

Daily briefing.

Cisco researchers warn that an old vulnerability is still being exploited—DarkLeach backdoors continue to be distributed through Web servers running Apache 2.2.2 and above.

The May 6 issue of Forbes is running an unusual ad from Microsoft—a small but fully functional T-Mobile router packaged in a cardboard sleeve. Microsoft says the issue containing the ad was sent to "a limited number of technology and business professionals," which suggests that some of you may have received it. Since a Wi-Fi hotspot like this, however innocent its intent, offers obvious opportunities for compromise and exploitation, one might think twice before bringing that issue of Forbes into any secure area. (And be aware of the possibility of similar ads appearing elsewhere.)

US Air Force Lieutenant General Christopher Bogdan told the Senate Wednesday he wasn't "that confident" of the F-35's ability to withstand cyber attack, and the Pentagon yesterday qualified his comments, saying there's no reason to think the F-35 particularly vulnerable to cyber operations.

Phishers have more success when they compromise legitimate hosting providers. The criminal black market is offering Zeus malware under a fraud-as-a-service (FaaS) model. A Rapid7 study points out the difficulties and risks involved in preserving legacy elements as industrial control systems are upgraded.

CloudTweaks discerns a positive trend: better security emerging though providers' "cloud chivalry."

Cyber jobs remain vacant across the sector as companies and agencies struggle to find candidates. Twenty-somethings are particularly scarce, highlighting a general need to make cyber security careers more attractive to students.

Notes.

Today's issue includes events affecting European Union, Israel, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Cisco sees possible exploit vector for DarkLeech compromises (CSO) Craig Williams, technical leader, threat research at Cisco, writes of another old, well-known flaw being exploited

Microsoft Office Ad Turns 'Forbes' Magazines Into Wi-Fi Hotspots (Mashable) Like other tech companies, Microsoft has advertised some of its products in the past by offering free Wi-Fi in public places like subways and park benches. Now, the company is doing something a little more original and promoting a product by offering free Wi-Fi inside a magazine. Yes, you read that right. In a new promotion, Microsoft is advertising Office 365 by installing a T-Mobile router into the latest issue of Forbes magazine, turning the print publication into a Wi-Fi hotspot for two weeks. The promotion was first reported by Engadget and has since been confirmed to Mashable by a Microsoft rep, who noted that it was only to included in a "limited number" of the magazines. "The custom 4-page insert with WiFi Hotspot capabilities ran in the May 6, 2013 issue of Forbes and was sent to a limited number of technology and business professionals"

Pentagon Downplays Comment On F-35 Fighter Jet Cyber Threat (Reuters) The Pentagon on Thursday downplayed a comment by one of its officials that he is not totally confident in the ability of the $396 billion F-35 Joint Strike Fighter, built by Lockheed Martin Corp, to survive a cyber attack

Southern Baptist Website Blocked By Military Software (Fayetteville (N.C.) Observer/AP) Some military chaplains trying to access the Southern Baptist Convention website this week were surprised to find it blocked with a message that it contained "hostile content"

Phishers Hack Hosting Providers To Launch Mass Attacks (Dark Reading) Spearphishing is hot, especially when it comes to targeted attacks. But for phishing campaigns looking for maximum impact and victims, the most popular method is to compromise legitimate hosting providers, and new data shows that vector on the rise worldwide

Public offer of Zeus FaaS service on social network (Security Affairs) My readers know very well the dynamic of cybercrime enterprise and in particular of the growing interest in monetization malicious codes such as malware, ransomware and more in general botnets

SSA controls for SSN verification services insufficient (FierceGovernmentIT) The controls the Social Security Administration uses to detect whether employers use the Social Security Number Verification Service for non-employment purposes are unreliable, according to an April 18 SSA office of inspector general report

Audit finds state servers vulnerable to cyber attack (Baltimore Sun) Servers that host internet service for more than 30 state agencies are vulnerable to a cyber attack, according to a legislative audit released this week. The Maryland State Archives, which oversees the five servers, did not update the operating systems

Vulnerable terminal servers reflect bigger security problem (CSO) Unsecured ports on industrial control equipment, which could let hackers gain admin access, highlights risk of older equipment on modern technology

The Latest Cyber Warfare Weapon: A Hacked Twitter Account (Bloomberg) For all the concern over cyber warfare and the need to fend off sophisticated state-sponsored hacking attacks, here's a discomforting thought: Apparently all you need to disrupt the world's biggest economy is a stolen Twitter password

Two-factor authentication may have done little to stop the AP Twitter hijack (SC Magazine) Could two-factor authentication have prevented hackers on Tuesday from compromising the Twitter account of the Associated Press to send a bogus tweet that President Obama was injured in White House explosions? Maybe, maybe not

AP Twitter Hack: Lessons Learned (Dark Reading) Would you trust an email that says: "Please read the following article, it's very important: www.washinqtonpost.com/blogs/[…]"? So went a phishing email reportedly sent to multiple employees at the Associated Press, less than an hour before the company's Twitter feed was taken over and used to issue multiple tweets, including a hoax report that President Obama had been injured by explosions at the White House. Cue a temporary stock market tumble

Charles Schwab restores services after cyberattack (Computer Business Review) The cyber attack shut down the company's website and mobile applications for about two hours. American brokerage and banking firm Charles Schwab was hit with a denial of service attack and the company said the problem has been resolved. The cyber

Cyber Trends

How Cybercriminals Attack The Cloud (Dark Reading) What attacks are most likely against cloud computing environments? Here's a look -- and some advice. The adoption of cloud-based computing shows no signs of slowing. Indeed, cloud services are expanding at an incredible rate across all sectors of the economy, with the market for public cloud services expected to grow to $210 billion by 2016, according to Gartner. And it's no wonder: The cloud is a compelling proposition for businesses and government agencies alike, offering easy access to shared, elastically allocated computing resources. The model creates savings on capital expenditures and reduces the running costs of operating a network, allowing enterprises to focus more on their core operations instead of IT

Cloud Chivalry – Provider Pride (CloudTweaks) As cloud deployments gain popularity, increasing attention is paid to provider security strength. The cloud security alliance, for example, releases a yearly list of top threats, covering everything from malicious use, data loss, and service hijacking. Heightened public awareness of the cloud has led to oddly intuitive feelings of insecurity – if data resides off-site, it must surely be less secure. Though it's hard to imagine cloud providers with shield raised against whatever virtual attack might breach a client's peace, there's an increasing need for solid cloud security – cloud chivalry, even – which defends otherwise helpless company data from attack. Public and private providers have responded; in many cases, cloud deployments are now more secure than local servers

Big Data: A Revolution That Will Transform How We Live, Work And Think (The National) Viktor Mayer-Schonberger: 'More data is being collected and stored about each one of us than ever before.' Consider the Stasi, the hated secret police force in the former German Democratic Republic. Officially known as the ministry for state security, the agency was a particularly pernicious force in an already oppressive communist state. Its modus operandi was simple: to intimidate, infiltrate and gather intelligence on East German citizens using the most invasive methods. For four post-war decades, the Stasi ruled everyday life with a clenched fist. Only the collapse of the Berlin Wall and the simultaneous fall of the Iron Curtain derailed its operations

Marketplace

UK govt gives money to SMEs for improving their cyber security (Help Net Security) More small businesses than ever are facing the threat of losing confidential information through cyber attacks, according to research published by the UK Department for Business, Innovation and Skills

DoD Still 3700 Cyber Experts Short of Full Staff (DefenseNews.com) The Department of Defense has added thousands of additional cyber experts since US Cyber Command chief Gen. Keith Alexander created a plan to massively grow the ranks of the work force, but the agency is still thousands of people

Mining for infosec talent: How CISOs can fill security positions (TechTarget) A similar approach is to seek out candidates from federal and state government agencies, such as the National Security Agency (NSA) or Central Intelligence Agency (CIA) where employees have experience and certifications in highly disciplined

Infosec 2013: cyber security sector failing to attract new talent (CSO) Only 7 percent of information security professionals are aged 20-29

Lockheed Martin opens cyber security hub in Anne Arundel (Baltimore Business Journal) The 56,000-square-foot Cyber Center of Excellence will be used for customer support services for Bethesda-based Lockheed's cyber security clients, including Fort Meade, which neighbors the building. The facility has capacity for about 250 workers

Just four companies will produce the microchips on which the global economy depends (Quartz) Making advanced microchips has always been hard. But it's now so difficult that the number of companies with the knowledge and cash to do it is about to shrink to precisely four. The factories in which microchips are made, called fabs, can cost billions of dollars. They're like rocket launch sites or nuclear power plants: Everyone knows where they are and how many are in the works. And they make the microchips on which all nearly all advanced smartphones, PCs, servers, and other critical pieces of IT infrastructure depend

Brad Arkin Named Adobe CSO (Threatpost) Adobe has named Brad Arkin to the newly created position of CSO, a major expansion of responsibilities for Arkin, who has been leading the company's product security and privacy initiatives. Adobe has been in the security spotlight for several years now, as attackers have focused their attention on the company's portfolio of products that enjoy

Products, Services, and Solutions

ViaSat ruggedized encryptor gets NSA certification (FinancialNews.co.uk) The National Security Agency/Central Security Service (NSA/CSS) has certified the KG-200R Hardware Encryptor, a ruggedized inline media encryptor from ViaSat Inc. (NASDAQ: VSAT) that protects classified (TS/SCI and below) Data at Rest (DAR)

File protection in the cloud with DigitalQuick (Help Net Security) Fasoo announced that its new data security solution, DigitalQuick, which allows consumers to keep sensitive information private when shared via email or through cloud storage services

Free tool to identify risks in secure shell environments (Help Net Security) SSH Communications Security, the inventor of the Secure Shell and SFTP protocols, today announced the launch of SSH Risk Assessor (SRA), a free tool that provides users with a clear report on risk and

Ubuntu Server 13.04 released (Help Net Security) Canonical today announced that Ubuntu Server 13.04 is available for download, featuring high-availability (HA) for OpenStack. "Ubuntu is built for hyperscale and is the platform of choice

Technologies, Techniques, and Standards

How Lockheed Martin Phishes Its Own (Dark Reading) On several occasions over the past couple of years employees at Lockheed Martin have flagged suspicious emails that turned out to be previously unknown targeted attack campaigns aimed at the defense contractor

Guest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls (Internet Storm Center) I hope the title of this blog doesn't appear a dry and dull topic because a week in the life of an Internet facing firewall is anything but dull. This is just a short blog detailing an interesting piece of research aimed at promoting situational awareness in relation to the threat from the internet. Perimeter firewalls are the main barriers protecting you from the Internet, should these be misconfigured either maliciously or accidentally, what would you be exposed to

Cybersecurity strikeback will strike out in the private sector (CSO) Between agenda-pushing hactivists, money-grubbing cybercriminals and -- more recently -- spying nation-states, there is no shortage of attackers breaking into our networks, stealing our trade secrets and generally wreaking havoc throughout IT infrastructure

Is your company ready for a big data breach? (Help Net Security) Despite the majority of companies experiencing or anticipating significant cost and business disruption due to a material data breach, they still struggle to take the proper measures to mitigate damage

Secured privileged accounts reduce APT exposure (Help Net Security) Organizations can reduce the threat of targeted attacks by proactively securing privileged accounts, according to CyberSheath. The theft, misuse and exploitation of privileged accounts is a key tactic

Design and Innovation

Cornell Tech to Receive $133 Million from Qualcomm Founder Irwin Jacobs (IEEE Spectrum) Innovation Institute at new university campus to be named after IEEE Medal of Honor Recipient

Research and Development

NSF official stresses importance of government investment in big data (FierceGovernmentIT) Despite a constrained budget environment across government, continued investment in big data is extremely important to the future of the country, said Farnam Jahanian, assistant director for National Science Foundation's computer and information science and engineering directorate. Jahanian spoke during an April 24 hearing of the House Science, Space and Technology subcommittee on technology

Academia

Military Grooms New Officers For War In Cyberspace (Yahoo.com) The U.S. service academies are ramping up efforts to groom a new breed of cyberspace warriors to confront increasing threats to the nation's military and civilian computer networks that control everything from electrical power grids to the banking system

Legislation, Policy, and Regulation

CISPA 'dead' in Senate, privacy concerns cited (ZDNet) CISPA's passing will lead to a second round of debate and amendments in the U.S. Senate

South Africa passes secrets bill; critics say it may hide graft (defenceWeb) The bill spells out a system for classifying information from the military, police and national security agency. It sets up an oversight body and calls for penalties of up to 25 years in jail for illegal possession and distribution of secrets, while

Changing US Code Section Numbers for Key Provisions in Title 50 (Lawfare) In title 50, United States Code, chapter 15 is being reorganized into four new chapters in order to set forth more clearly the provisions of the National Security Act of 1947, the Central Intelligence Agency Act of 1949, the National Security Agency

Put your money on Congress producing a cyber info sharing bill in 2013 (Foreign Policy) Expect to see Congress produce a cybersecurity bill focused on information sharing make its way to the president in 2013, said senior House and Senate staffers involved in drafting the legislation today

US government doesn't need CISPA to monitor communications (Help Net Security) Posted on 26 April 2013. Bookmark and Share. Civil rights and privacy advocates are mobilizing their forces to combat the passing of Cyber Intelligence Sharing and Protection Act (CISPA), but documents obtained by Electronic Privacy Information Center

House Homeland Security Committee Talks Cybersecurity (Multichannel News) He said that the intent of sharing intelligence is to protect cybersecurity "and nothing else." The committee is "not concerned with the Internet habits of ordinary Americans," Meehan said PII (personally identifiable information) "must be protected

SPAWAR Leadership on Information Warfare and the Growing Cyber Threat (DVIDS) "Information Dominance will become a recognized warfare area on par with other traditional warfare areas and is becoming one of our most powerful assets," said Space and Naval Warfare Systems Command (SPAWAR) Chief Engineer Rear Adm. James Rodman during a panel discussion on information and non-kinetic warfare and the growing cyber security threat

Civil rights coalition says EU data protection bill threatens citizens' rights (CSO) Many proposed changes would weaken the legislation, the coalition says

Litigation, Investigation, and Law Enforcement

US child abuse image suspect shielded from decrypting hard drives (Naked Security) The federal magistrate found that forced decryption would violate the computer scientist's Fifth Amendment rights against self-incrimination. It's no triumph for the agents who fight child abuse, but it is a win for privacy and for curtailment of government power over our data

How Obama Makes Phone Companies Spy on Citizens (TechNewsDaily) Rotenberg provided CNET with more than 1,000 pages of government documents that showed that the National Security Agency and the Department of Defense led the way to authorize the clandestine surveillance program. The discussions involved NSA

Report: Obama Officials Authorized New 'Cybersecurity' Warrantless Surveillance Program, Fresh Immunity Given To ISPs (Right Side News) National Security Agency Warrantless Watchdogprogram involving the interception of communications on Internet service providers, including AT&T—one of the key players in the NSA warrantless wiretapping program. Under long-standing federal law

Travelers to Israel can get their emails searched on entry (Help Net Security) Travelers who enter Israel via the international Ben-Gurion Airport, especially those who aren't Israeli citizens, can be asked by Shin Bet (the country's security agency) officers to provide access

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

cybergamut CompTIA Security+Certification Boot Camp Training Program (Baltimore, Maryland, USA, April 29 - May 2, 2013) Security+ certification training delivers a foundational proficiency in the network security arena. Security+ Certified Professionals are better able and positioned to support small and medium-sized organizations...

TechExpo Cyber Security Hiring Event (Columbia, Maryland, USA, April 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will...

INSA Leadership Dinner Featuring Betty Sapp, Director, NRO (Reston, Virginia, USA, April 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community.

Symposium on Cybersecurity & Information Assurance (Teaneck, New Jersey, USA, May 1, 2013) Fairleigh Dickinson University's Center for Cybersecurity and Information Assurance is pleased to announce its inaugural Symposium on Cybersecurity and Information Assurance to be held on May 1, 2013 in...

Critical Security Controls International Summit (London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security...

INSA Leadership Dinner with NGA Director Letitia Long (McLean, Virginia, USA, May 2, 2013) NGA At the Crossroads - Visualizing the Future. Join INSA and NGA Director Letitia Long as she shares her vision for transforming NGA and GeoInt in innovative ways that more effectively put the power of...

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity...

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges...

Software Engineering Institute Invitational Hiring Event (Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on...

Baltimore Tech-Security Conference (Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a...

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations...

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies...

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.