Post-coup violence in Egypt is accompanied by hacktivist attacks against government websites. The Syrian Electronic Army resurfaces to compromise the New York Post's social media presence via a breach at SocialFlow. The guttering cyber riot in South Asia continues as Pakistan's "MindCracker" defaces the Indian Railways website in retaliation for Indian hacktivists' assaults on Pakistani Army sites.
More emerges on the campaign against the Dalai Lama and other Tibetan activists—a watering hole attack appears to show an opportunistic convergence of interest between the Chinese government and Chinese criminal organizations.
TeamBerserk claims to have used stolen user data to approach (there's no apparent breach) networks at the US Army's White Sands Missile Range. JPMorgan Chase customers are the targets of what Trend Micro calls "a very thorough" phishing campaign.
BIND DNS software holes may give attackers control over name servers. Bogus Firefox updates are serving adware. Both baby monitors (in an unusually creepy and motiveless hack) and lighting control systems are shown vulnerable to hijacking.
Microsoft's Patch Tuesday receives its customary press reviews. Xerox works to fix a scanner flaw reported last week, and Bitcoin wallets get an upgrade.
IT World predicts that jamming will be the next big thing in do-it-yourself privacy and cyber vigilantism. GPS jamming got a New Jersey man arrested this week. Lavabit reveals more about its decision to shutter its secure email service.
Oracle's Ellison shows government surveillance some scarce love, but in general US President Obama's announced intelligence policy overhaul opens to chilly reviews.
Today's issue includes events affecting China, Egypt, India, Pakistan, Russia, Syria, United Arab Emirates, United Kingdom, United States, and Vietnam..
Official website of Indian Railways Hacked by Pakistan Cyber Army(Hack Read) In reply to Indian hackers for hacking Pakistan Army website, a hacker going with the handle of MindCracker from Pakistan Cyber Army has hacked and defaced the official website of Indian Railways. Hacker left a deface page along with a message on hacked website which explains the reason for hack was to retaliate against Indian hacker who had hacked the official website and Facebook page of Pakistan Army
Cyber criminals target the Dalai Lama website with Java watering hole exploit(V3) Criminals have launched a watering hole attack, using the Dalai Lama's Central Tibetan Administration website to spread data-stealing malware. Kaspersky Labs' principal security researcher Kurt Baumgartner reported discovering the attack in a blog post, confirming that a hacker group has hijacked control of the site and is using it to redirect unaware users to a malicious web page. He said the attack is interesting as the malicious code is written to specifically target Chinese and American visitors
New Mexico ISP Plateau Hacked(eSecurity Planet) TeamBerserk hackers claim to have leveraged the stolen user data to access a network connected to the U.S. Army's White Sands Missile Range
BIND Vulnerability Enables DNS Cache Poisoning Attack(Threatpost) A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today
NHTSA Servers Back Online After Attack(Threatpost) The National Highway Traffic Safety Administration restored its servers yesterday, 10 days after an attack that knocked the agency's website offline
Baby–monitor hacker spies on and swears at sleeping 2–year–old(Naked Security) A hacker took over a baby monitor in a home in the US city of Houston, Texas, to spy on a 2-year-old girl, to broadcast obscenities at the child, to swivel the camera so as to watch her shocked parents as they came in, and to then call the parents insulting names
Hacking a smart lightbulb system(Help Net Security) The phenomenon of the Internet of Things (IoT) is positively influencing our lives by augmenting our spaces with intelligent and connected devices. Examples of these devices include lightbulbs, motion
From Vietnam with tens of millions of harvested emails, spam-ready SMTP servers and DIY spamming tools(Webroot Threat Blog) How would a cybercriminal differentiate his unique value proposition (UVP) in order to attract new customers wanting to purchase commoditized underground market items like, for instance, harvested and segmented email databases? He'd impress them with comprehensiveness and 'vertically integrated' products and services. At least that's what the cybercriminals behind the cybercrime-friendly market proposition I'm about to profile in this post are doing
Cybercrime–friendly underground traffic exchange helps facilitate fraudulent and malicious activity(Webroot Threat Blog) Throughout the last couple of years, the persistent demand for geolocated traffic coming from both legitimate traffic exchanges or purely malicious ones -- think traffic acquisition through illegally embedded iFrames -- has been contributing to the growing market segment where traffic is bought, sold and re-sold, for the sole purpose of monetizing it through illegal means
A new threat: Information integrity attacks(Defense News) As the United States aggressively addresses cyber attack weapons and actors, our adversaries morph their techniques and expand their targets. Several current
Security Patches, Mitigations, and Software Updates
The triumph of Patch Tuesday(ZDNet) And there are still zero-day exploits at times, probably more than we know about, but this too is inevitable. Even "Exploit Wednesday", when an unpatched
Microsoft drops eight patches for 23 bugs, including IE and Exchange fixes(SC Magazine) Microsoft on Tuesday dispatched eight fixes for 23 vulnerabilities as part of its monthly patch update. Three of the fixes, or bulletins, were deemed "critical" because they addressed bugs that all allowed remote code execution (RCE) after a user opened a malicious file or viewed an infected web page
Xerox working to fix scanner bug(FierceCIO: TechWatch) We wrote last week about a bug in Xerox multifunctional copiers, which resulted in numbers being arbitrarily changed on scanned digital images. The problem was discovered by German computer scientist David Kriesel, who tested the issue on two different Xerox machines
Next up: The Jamming wars(IT World) Our public spaces are bristling with surveillance gear, but Washington can't seem to get around to updating its privacy laws. What's next? Look for citizens to take matters into their own hands
Cyber attack danger grows(Boston Herald) Recent revelations about China hacking U.S. computers have raised awareness of cyber espionage, but some of the greatest threats local governments face are cyber attacks that can be used to defraud people or to plunge an entire city or state into chaos, according to one security expert
Exploring critical infrastructure security and government cyber security(Help Net Security) Chris Folk is the Director of National Protection Portfolio, The MITRE Corporation. Folk oversees work program development and delivery to: the DHS National Protection and Programs Directorate (NPPD), including Cybersecurity & Communication (CS&C), Office of Infrastructure Protection (OIP), and Federal Protective Services (FPS), and US VISIT. Folk brings more than 18 years of experience supporting the national and homeland security communities, working in operations, intelligence, infrastructure protection, and cybersecurity programs for the DoD, IC, and DHS. In this interview he discusses the challenges involved in working with several U.S. government agencies, approaching the insider threat, the resilience of the government cyber ecosystem, future threats, and more. How has your background prepared you for your current role as Director of the HS SEDI FFRDC National Protection Division? What are the main challenges involved in working in this position
Rostelecom to Invest in Internet Filter as New 3G Network Comes on Line(Moscow Times) As Rostelecom begins finally to build up its 3G network, the state-controlled telecom company plans to spend $33 million on a system to manage mobile internet traffic, allowing it to block websites flagged by the telecommunications watchdog, Roskomnadzor, Vedomosti reported Tuesday
NSA revelations a mixed bag for private clouds(CSO) Data security fears won't fuel an exodus from public cloud services, experts say. Life in the cloud hasn't been the same since Edward Snowden began leaking secrets about government snooping on the Internet
Lavabit founder, under gag order, speaks out about shut-down decision(Ars Technica) Levison built e-mail "by geeks, for geeks"--and then turned off 410,000 accounts. Ladar Levison took 10 years to build his company--and he's 32, so that's most of his adult life. So when he shut down his encrypted e-mail service, Lavabit, without warning last week, it was like "putting a beloved pet to sleep." "I was faced with the choice of watching it suffer, or putting it to sleep quietly... it was very difficult," he told Democracy Now. "I had to pick between the lesser of two evils." What was that other choice? "Unfortunately, I can't talk about that," Levison said during today's interview
Why did BlackBerry crumble?(The Guardian) One moment it was the hi-tech communication tool of world leaders and the financial elite. The next it had lost its cutting-edge reputation, aspirational appeal - and its customers
Report: Use of Apache Web Server hits new low(FierceCIO: TechWatch) Use of the open-source Apache Web Server has hit a new low, according to the latest figures from research firm Netcraft. Across the 717 million websites that were surveyed this month, Apache was found to serve 46.96 percent of them--or below 50 percent. As reported by eWeek, this is the first time that has happened since December 2009…The Fierce Take: Obviously, the figures count only individual websites, but do not take their size or popularity into consideration. In this context, it could be argued that the resurgence of IIS could be due to its improved security, compared to the complexity of properly securing Apache on Linux
Technologies, Techniques, and Standards
Can We End CSRF With Header-Based Browser Policies?(Dark Reading) As the security community continues to look for easier ways to mitigate the risk of all-too-common Cross-Site Request Forgery (CSRF) attacks, many within the industry have lamented the difficulties that make it tough to do CSRF token deployment just right. With so many moving parts like, CSRF tokens are frequently used insecurely if at all. Which is why a pair of researchers from Qualys are now proposing a new header-based browser policy that they say could affect a much simpler, and therefore more broadly effective means of countering CSRF attack techniques
Steganography: What your eyes don't see(Infosec Institute) Steganography is the art of hiding information to prevent detection of a hidden message. It has been used throughout history by many methods and variation, ancient Greeks shaved heads of messengers and tattooed the secret message, once the heir grew back the message remained undetectable until the head is shaved again. Many ingenious techniques and methods were used by ancient civilizations. Earlier and near World War II invisible inks offered a common form of undetectable writing. An innocent letter could contain a very different message written between their lines
Are You Practicing the Safest ESX You Can?(Trend Micro) Here at Trend Micro, we are definitely looking forward to joining you at VMworld 2013. It's always interesting and exciting to hear about your successes with using virtualization and cloud to drive down costs and open new doors to responsiveness and agility. A key question we have on our minds (and hopefully yours too!) is: Are you confident that your security practices have got you covered across your physical, virtual and cloud environments? Are you practicing the safest ESX you can
How much confidential info is left unprotected in SharePoint?(Help Net Security) A Cryptzone security survey undertaken amongst SharePoint practitioners at the Microsoft conference in Las Vegas, reveals how many organizations have inadequate security and governance measures in place to help prevent data misuse and loss from their SharePoint environments
Start isolating critical XP systems now, experts warn(CSO) Lack of updates after April 8, 2014 adds security complications for companies, retailers running specialty software dependent on XP. Organizations that still need to use Windows XP after Microsoft pulls the support plug in eight months should spend the time they have left isolating software running on the aged OS
Catch Criminals Before the Damage is Done — Mitigating Account Takeovers(Data Breach Today) Online account takeover occurs when an unauthorized party gains access to an existing bank account by stealing the access credentials and is followed almost invariably by the illegal movements of funds. In today's increasingly connected world, the growth in connectivity, convenience, speed, technology adoption, and payment options allows people and businesses to conduct online financial activities more easily and efficiently. Consequently, fraudsters have developed the means to take advantage of this burgeoning attack surface through the increased use of smartphones to access the internet, malicious malware, socially engineered account takeovers, and other means. As we become more connected, attacks are becoming more sophisticated
Research and Development
Multi–service authentication via palm vein images(Help Net Security) Fujitsu has been creating and releasing palm vein biometric authentication and identification systems for over a decade, but have now presented a new one that definitely deserves some special attention
Feds label Big Data 'security threat,' expand data programs anyway(Daily Caller) While the government assures Americans that the mountains of personal data it's amassing are safe from internal abuse and outside tampering, the Pentagon's research wing is raising the alarm over the threat metadata represents to privacy and national security. Foreign Policy writes that the Defense Advanced Research Projects Agency, or DARPA, recently released a request for researchers to examine whether aggregations of public data available online constitute "a national security threat
Obama's Clapper Mistake(New Yorker) Does President Obama understand why what people have learned, thanks to Edward Snowden, about the National Security Agency makes them angry? Maybe not. In a press conference on Friday, Obama said that his Administration would be "forming a high-level group of outside experts to review our entire intelligence and communications technologies
Obama's tepid agenda for NSA reform(Baltimore Sun) Our view: It will take more than half-hearted promises of transparency to make Americans 'comfortable' with domestic surveillance. President Barack Obama says he wants to make Americans more "comfortable" with the massive domestic and foreign electronic surveillance efforts being undertaken by the National Security Agency. But missing from his answers to questions about it at a news conference on Friday or from his proposals for reform was any understanding of what it is that made Americans uncomfortable in the first place. Mr. Obama seems to think it is the manner in which news of the NSA's programs came out, and not the content of them, that has Americans so upset
Reed Seeks Reform Of National Security Agency Data Collection(Olean Times) U.S. Rep. Tom Reed is hoping to gain support from fellow federal lawmakers in reforming National Security Agency data collection regulations. "We need to take a hard look to reform the NSA and its intelligence gathering programs in America," Rep. Reed said during his weekly media call Monday
WH Hopeful on Cyber Legislation Passage(GovInfoSecurity) Hope springs eternal at the White House, at least when it comes to Congress passing meaningful cybersecurity legislation, something it hasn't done in 11 years
The Impact of Cybersecurity Legislation and Policy(Infosecurity Magazine) A panel of critical infrastructure security experts gathered last week to discuss the impact of recent legislative and policy initiatives. According to one Obama Administration official, the industry should expect the first version of the NIST-led cybersecurity framework in early 2014
GCHQ Launches Twin–Track Approach to Cyber Incident Response Scheme(Infosecurity Magazine) Following a pilot project aimed at providing UK government and business with an effective cyber incident response capability, GCHQ (in the form of CESG and CPNI) has launched two schemes: its own to focus on major business and critical infrastructure attacks, and a CREST-led scheme for everyone else
Q. & A.: Edward Snowden Speaks to Peter Maass(New York Times) In the course of reporting his profile of Laura Poitras, Peter Maass conducted an encrypted question-and-answer session, for which Poitras served as intermediary, with Edward J. Snowden. Below is a full transcript of that conversation
London Police Commissioner's cyber-crime open letter laughed at by industry(ComputerWorld) Adrian Leppard may 'control' police in UK's financial heartland but does he get cyber-crime. The City of London's Police Commissioner, Adrian Leppard, has been laughed at by cyber-security experts after writing an open letter to The Times this week, in which he refused to accept that police forces across the UK are struggling to get to grips with this new breed of cyber-criminals
Manning Played Vital Role In Iraq Despite Erratic Behavior, Supervisor Says(New York Times) A former leader of Pfc. Bradley Mannings Army intelligence unit in Iraq allowed him to keep working with classified information despite recurring concerns about his mental health because the unit was understaffed and Private Manning was playing an irreplaceable role in analyzing insurgent threats, according to testimony at his court-martial trial on Tuesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
Security in Government (SIG) (Canberra, Australia, August 12 - 14, 2013) The 25th annual Security in Government (SIG) conference is to be held from 12-14 August 2013 at the National Convention Centre in Canberra. Assistant Director for the National Security Resilience Policy...
A Cloud Computing Introduction for Manager(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Resilience Week 201(San Francisco, California, USA, August 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo(Albuquerque, New Mexico, USA, August 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well...
National SCADA Conference(Melbourne, Victoria, Australia, August 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Defense Logistics Agency Tech Expo(Fort Belvoir, Virginia, USA, August 20, 2013) Industry exhibitors are invited to showcase and discuss the latest information services and technology to the personnel at the McNamara HQ Complex.
Human Cyber Forensics Forum(Washington, DC, USA, August 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.