Quartz takes it as a given that Chinese intelligence services are engaged in general and continuing cyber attacks on international targets. It notes that PLA hackers have turned up in a Trend Micro honeypot that simulated a rural Missouri water utility—nobody's idea of a high-payoff target. The conclusion Quartz draws is that China is making a long-term effort to gain control over foreign physical infrastructure.
Several probes of the financial sector are reported, including a new Android Trojan and a spoofed Bank of America email laden with malware. Banks seem to be coping with denial-of-service attacks, and analysts take a look at the Izz ad-Din al-Qassam Cyber Fighters, among the most prominent and determined DDOS attackers. Their operations bear the marks of state or quasi-state sponsorship, most probably by Iran, with Hamas running a distant second as a suspect.
Wi-Fi routers continue to present attractive attack surfaces. A cross-platform remote-access Trojan is now available on the black market. US Airways warns of a breach in frequent flier accounts.
More reports appear on the means used to breach TOR anonymity in recent law enforcement operations.
In market news, the US Department of Defense urges companies to invest heavily in industrial research and development. California and Maryland continue to lead the cyber job market.
In cyber law enforcement, Florida emerges as a hotbed of identity theft. Interpol identifies an attractive new field for criminal activity: carbon credit trading. In the US, the Drug Enforcement Agency is using cyber intelligence in its investigations.
Today's issue includes events affecting China, European Union, Iran, Ireland, Republic of Korea, Palestinian Territories, United Nations, United States..
Dateline SINET Innovation Summit
NSA Mobility Program(NSA) The NSA Mobility Program was established in response to the substantial and justified urgency for delivering Mobility solutions that securely provide the rich user experience of commercial technology. As clients and partners accelerate towards agile and mobile communications, NSA's Information Assurance Directorate (IAD) has the responsibility for providing mobile capabilities that can evolve at the pace of today's commercial market, and balance security requirements with user experience
The National Counterintelligence Executive(Office of the National Counterintelligence Executive) As the premier counterintelligence and security agency in the US Government, the Office of the National Counterintelligence Executive will provide effective leadership and support to the counterintelligence and security activities of the US Intelligence Community, the US Government, and US private sector entities who are at risk of intelligence collection or attack by foreign adversaries
Transition to Practice(DHS) The Department of Homeland Security Science and Technology Directorate has White House support to assist in transitioning cyber security technologies developed through federally funded research and development (R&D) into broader utilization. The Transition to Practice (TTP) program was identified by the Federal Networking and Information Technology R&D (NITRD) program of the White House as one of a set of interrelated priorities for the United States Government (USG) – and established DHS as the lead for this interagency initiative
About the National Protection and Programs Directorate(DHS) NPPD's vision is a safe, secure, and resilient infrastructure where the American way of life can thrive. NPPD leads the national effort to protect and enhance the resilience of the nation's physical and cyber infrastructure
Analysis: Who's Really Behind DDoS?(Bank Info Security) Now that Izz ad-Din al-Qassam Cyber Fighters has launched its fourth phase of distributed-denial-of-service attacks against U.S. banks, many observers are continuing to ask: Who's behind this group, and what are the real motives
Malicious Bank of America (BofA) ''Statement of Expenses' themed emails lead to client–side exploits and malware(Webroot Threat Blog) Bank of America (BofA) customers, watch what you click on! A currently ongoing malicious spam campaigns is attempting to entice BofA customers into clicking on the client-side exploit serving URLs found in legitimate looking 'Statement of Expenses' themed emails. Once users with outdated third-party applications and browser plugins click on the link, an infection is installed that automatically converts their PC's into zombies under the control of the botnet operated by the cybercriminal/gang of cybercriminals behind the campaign
Researchers find trojanized banking app that exploits critical Android bug(Ars Technica) Google's smartphone app verification tool to the rescue. Researchers have unearthed another malicious app exploiting a critical vulnerability in Google's Android OS that allows attackers to inject malicious code into legitimate programs without invalidating their digital signature. The threat poses as an update for the official Android app available to customers of NH Nonghyup Bank, one of South Korea's biggest financial institutions, according to a blog post published Friday by researchers from antivirus provider Trend Micro
OpenX Ad Server Backdoor(Internet Storm Center) According to a post by Heise Security, a backdoor has been spotted in the popular open source ad software OpenX. Appearantly the backdoor has been present since at least November 2012. I tried to download the source to verify the information, but it appears the files have been removed
Network Security: How Attackers Gain Access from Inside(CircleID) Most people -- mistakenly -- believe that they are perfectly safe behind a firewall, network address translation (NAT) device or proxy. The fact is quite the opposite: if you can get out of your network, someone else can get in. Attackers often seek to compromise the weakest link in a network and then use that access to attack the network from the inside, commonly known as a "pivot-and-attack."
US Airways Dividend Miles Accounts Compromised(eSecurity Planet) Frequent flier program members' names, addresses, e-mail addresses and answers to security questions were accessed. US Airways recently began notifying some members of its Dividend Miles frequent flyer program that a "small number" of Dividend Miles accounts were accessed by unauthorized users, who had obtained the accounts' user names and passwords through "means as yet unknown to us."
Tor Anonymity Cracked; FBI Porn Investigation Role Questioned(InformationWeek) Some security experts ask whether an FBI sting operation exploited a vulnerability in Firefox to disable the anonymity offered by the Tor network. Did an FBI sting operation exploit a vulnerability in Firefox to disable the anonymity offered by the Tor network, for the purposes of cataloging the Internet protocol (IP) addresses of visitors to sites that distribute child pornography? While details are still emerging, that's one thesis being advanced by information security experts, after Freedom Hosting — which offers anonymous Tor software services, but isn't affiliated with The Tor Project itself — went dark, sometime before midnight Sunday. The outage appeared to take numerous hidden Tor services offline, including the HackBB forums and the anonymous Tor Mail service
Black Hat: Lessons For SMBs From The Dark Side Of Security(Dark Reading) Issues affecting large enterprises are the bread and butter of Black Hat, but even smaller firms have something to learn. With presentations on a variety of vulnerability research, malware analysis and new attack techniques, the Black Hat Briefings tends to be a security conference for analysts and managers from large firms and security vendors
Employee missteps among top causes of data theft(Kaspersky Lab) Employee error is one of the main causes of internal IT security incidents which lead to the leakage of confidential corporate data, according to the findings of the Global Corporate IT Security Risks 2013 survey conducted by B2B International in collaboration with Kaspersky Lab this past spring
DISA turns on first Joint IT node(Nextgov) The Defense Information Systems Agency turned on the first node in its new, global Joint Information Environment at a regional Enterprise Operations Center in Stuttgart, Germany, last week
California and Metro Washington D.C. — Top Destinations for Cyber Security Talent(Dark Reading) Semper Secure, a public-private partnership focused on increasing the number and quality of cyber security professionals, today announced the results of its Cyber Security Census. Based on a survey of 500 cyber security professionals from 40 different industries across 43 states, the District of Columbia, and Puerto Rico, and underwritten by Northrop Grumman, NetApp, and MeriTalk's Cyber Security Exchange, the census reveals what motivates today's cyber security professionals as well as how to train and recruit the next generation. According to the report, cyber security professionals earn on average $116,000 annually, but are driven by more than a paycheck - they want to work for an employer with a reputation for honor and integrity
CACI Gets $425M Intelligence Contracts(Zacks) CACI International Inc (CACI - Analyst Report) recently won $425-million worth of previously unannounced contracts to deliver information solutions and services to national-level intelligence organizations protecting the U.S. security
DoD To Industry: Invest In R&D(DefenseNews.com) The Pentagons acquisition chief is calling for defense companies to maintain self-funded research-and-development initiatives, particularly as US Defense Department investment in these technology programs declines
Detect the undetectable: Start with event logs(Detect the undetectable: Start with event logsInfoWorld) Security event monitoring systems are often plagued by signal-to-noise problems. Here's how to ensure they produce meaningful alerts
How to Check if Your Website is Part of the StealRat Botnet(TrendLabs Security Intelligence Blog) For a few months now, we have been actively monitoring a spambot named StealRat, which primarily uses compromised websites and systems in its operations. We have continuously monitored its operations and identified about 195,000 thousand domains and IPs that have been compromised. The common denominator among these compromised sites is that they are running vulnerable CMS software such as WordPress, Joomla and Drupal
Trust the PKI or it's anarchy on the Internet(ZD Net) When Microsoft automatically updates your Windows trusted root certificates, are they inserting secret backdoors for the NSA to spy on you? No, but even if they were, you'd still have to trust them
Intelligence does little to boost image of NSA's database(Washington Times) Even if the weekend's intelligence warnings about the threat of terrorist attacks in the Middle East came from electronic eavesdropping abroad by the National Security Agency, that would not ease congressional opposition to the NSA's mass collection of domestic phone records, lawmakers from both parties said Monday
N.J. Lawmakers Introduce SMART Grid Study Act(Renew Grid) A bipartisan group of U.S. representatives in New Jersey has introduced to Congress the Saving More American Resources Today (SMART) Grid Study Act of 2013, legislation that calls for assessing ways to protect the nation's grid from natural disasters and other threats
Black Hat 2013: Industry Response to General Alexander's Keynote(Infosecurity Magazine) The Black Hat 2013 keynote, presented by General Alexander, director of the NSA, was potentially the most highly-anticipated talks I've been to in my seven years in this industry. I'm not being overly-dramatic when I say you could literally feel the tension in the room as Black Hat's delegates waited -most cynical and some hopeful - for the General to take to the stage
Florida becoming a center for identity theft(Consumer Affairs) The crime of identity theft isn't new. What's new is its increasing frequency and the fact that it tends to be clustered in certain cities and certain states
McAfee CTO to Lead Cybersecurity at Homeland Security(Wall Street Journal) The U.S. Department of Homeland Security is set to tap a top executive at computer security giant McAfee, a unit of Intel, as the next official to head its cybersecurity division, several people familiar with the matter said
Looking For Balance In Handling Leakers(Washington Post) Can something positive come out of the concern over government intelligence operations, the leaks exposing them, and the investigations of the leakers
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
International Conference on Cyber Security(New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
3rd Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...
AFCEA Tinker AFB Information Technology & Cyber Security Expo(Oklahoma City, Oklahoma, USA, August 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information...
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
Security in Government (SIG) (Canberra, Australia, August 12 - 14, 2013) The 25th annual Security in Government (SIG) conference is to be held from 12-14 August 2013 at the National Convention Centre in Canberra. Assistant Director for the National Security Resilience Policy...
A Cloud Computing Introduction for Manager(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Resilience Week 201(San Francisco, California, USA, August 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo(Albuquerque, New Mexico, USA, August 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well...
National SCADA Conference(Melbourne, Victoria, Australia, August 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Defense Logistics Agency Tech Expo(Fort Belvoir, Virginia, USA, August 20, 2013) Industry exhibitors are invited to showcase and discuss the latest information services and technology to the personnel at the McNamara HQ Complex.
Human Cyber Forensics Forum(Washington, DC, USA, August 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.