SophosLabs finds a new PlugX malware variant directed against a fresh target: the Japanese word processor Ichitaro. TrustWave uncovers a very large "trove" of credentials—Facebook, Twitter, Google, Yahoo, LinkedIn—as it rummages the Pony botnet.
Banking Trojan Neverquest is identified (by Symantec) as an evolved version of the Snifula family. And ZeuS is now routinely packaged as an anti-virus update.
Visual basic scripting malware, formerly found mostly in targeted attacks, is now spreading widely through Latin America.
Windows XP exploits grow as the obsolescent OS nears the end of its supported life. Some of them are now circumventing sandboxes in unpatched versions of Adobe Reader. The Chinese government wants Microsoft to rethink its decision to stop support of XP, but few think this likely to happen.
The InfoSec Institute offers some advice on coping with CryptoLocker ransomware.
Healthcare.gov continues to draw tepid security reviews. The private sector has its own issues in the form of the iPharmacy Drug Guide & Pill ID app, said to be unpleasantly leaky with personal information.
Bitcoin crooks remain on the cyber-lam.
Sure, it's a stunt, but SkyJack's drone-hacking offers food for thought about hacker R&D.
Webroot's redoubtable Mr. Danchev notes another way in which criminal markets ape legitimate ones—celebrity endorsements: a dodgy Russian VPN service touts itself as "recommended by Edward Snowden."
The US and UK continue to seek a cyber-security modus vivendi with China.
Speaking of Snowden, the Guardian says it has lots more stuff to reveal, and promises it's "shocking."
Today's issue includes events affecting Australia, China, Estonia, France, India, Indonesia, Israel, Japan, Lebanon, New Zealand, United Arab Emirates, United Kingdom, United States..
From the Labs: New PlugX malware variant takes aim at Japan(Naked Security) SophosLabs Principal Researcher Gabor Szappanos takes on a recent PlugX malware sample. He finds a curious mixture of similarities and differences with earlier versions - and a brand new target group: users of the Japanese-language word processor Ichitaro
ZeuS — now packed as an antivirus update(Securelist) Last week, Kaspersky Lab identified a mass mailing of phishing letters sent in the name of leading IT security providers. The messages we detected used the product and service names belonging to Kaspersky Lab, McAfee, ESET NOD32 and many others
Adobe Sandbox Circumvented By Windows XP Zero–Day(Tripwire State of Security) Researchers have determined that a zero-day vulnerability in Windows XP and Windows Server 2003 is being actively exploited in the wild in order to bypass the sandbox in unpatched versions of Adobe Reader
VBS Malware Spreading in Latin America(TrendLabs Security Intelligence Blog) During the past few months, we've been observing increases in the number of systems infected by VBS (visual basic scripting) malware, specifically VBS_SOSYOS, VBS_JENXCUS and VBS_DUNIHI. Most of these systems were found in Latin America, a region typically targeted by the Banker/Bancos Trojan
A taste of the horrible things to come for Windows XP(BGR) Windows XP is now more than 12 years old but according to data from Net Applications, it is still used on more than 31% of desktop and laptop computers around the world. Those tens of millions of PC users could be in for a very rude awakening next year once Microsoft cuts off support for the aged operating system
Thieves Covering Tracks Following $100M Bitcoin Heist(Threatpost) As if Bitcoin malware and Bitcoin mining malware weren't enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace exchange
Security Patches, Mitigations, and Software Updates
Ubuntu 12.04 LTS Receives Major Kernel Update(Softpedia) Once again, Canonical does a good job at protecting its supported Ubuntu Linux distributions by releasing security updates from time to time. On December 3, Ubuntu 12.04 LTS received a major kernel upgrade that fixed twelve vulnerabilities discovered in the upstream Linux 3.2 kernel by various developers
What Would Nostradamus Have Said About Cyber Security in 2014?(SecurityWeek) It's that time of year again when everyone wants to wow you with their insights and predictions about what the next year will bring us in terms of technology and hacks in the security industry. Don't get me wrong, always thinking ahead and applying a predictive approach to security is an idea and practice I fully endorse. However, I would like to ask the security community as a whole to please not waste our time with vagaries and statements that are so broad that they could apply to anything, and/or at the same time, nothing
Over 80% of employees use unauthorized apps at work(Help Net Security) More than 80 percent of employees admit to using non-approved SaaS applications in their jobs, say the results of a McAfee survey. But what's even more interesting is that IT employees use a higher number of non-approved SaaS applications than other company employees
Reported Data Breaches Double in New Zealand(Security Current) Data breach notifications in New Zealand more than doubled in the year ending June 30, 2013 climbing to 107, New Zealand's Office of the Privacy Commissioner stated in its annual report last week. Three quarters of the breaches originated in the public sector
Is Cyber War Around the Corner? Collective Cyber Defense in the Near Future(Brookings) Information technologies and infrastructure—from satellites orbiting the earth to the smart phones in our hands, from undersea cables to wireless networks all around us, and from the global banking system to household appliances—play an increasingly indispensable role in daily life. At the same time, threats to cyber security are becoming both more numerous and more serious
The Network Security Implications of the Internet of Things(Information Security Buzz) The Internet of Things (IoT) has been weaving itself into the fabric of everyday life for some time now, including everything from connected cars to smart home applications, such as lighting and security systems, smart grids, smart meters and more
Snowden picked up hacking skills in India(ZDNet) NSA whistleblower Edward Snowden spent a week in New Delhi, training in advanced ethical hacking, where he earned his certification as an EC-Council Certified Security Analyst
A post–mortem of the Nirvanix shutdown(FierceCIO: TechWatch) You must know about cloud storage provider Nirvanix abruptly announcing that it was closing shop, leaving customers with just weeks to find a new provider and move their data off its cloud storage service. As we wrote at that time, this is all the more shocking as the company has collected some $70 million in funding since its launch in 2007, and has been touted as having "excellent" product viability by Gartner
BlackBerry's Latest Letter Points To The Enterprise Escape Road(Forbes) BlackBerry's interim CEO John Chen has followed in the steps of previous incumbent Thorsten Heins by writing an open letter (available via the Blackberry For Business Blog), reassuring their Enterprise customers of an ongoing commitment to the BlackBerry infrastructure and their activities in the mobile enterprise management department
Happtique tests, certifies inaugural class of mHealth apps(FierceMobileHealthcare) New York-based mobile healthcare provider Happtique announced that it has certified 19 health and medical apps submitted by developers through its Health App Certification Program (HACP), in what the company calls a "first-of-its-kind program to test app privacy, security, and content"
Camber Corporation proves its mettle in the field of Cyber Defense(Sacramento Bee) Using their CENTS®, SLAM-R®, CYNTRS®, RGI®, and HOTSIM® tools, Camber Corporation provides real-time cyber training via scenarios that train and prepare responders to fight cyber-crimes and network attacks resulting in comprehensive network defense
Carmakers grilled over hacking(Stuff) A US senator has asked 20 of the world's biggest automakers for information on how they secure their vehicles from cyber attacks, in light of reports by security experts who say they have identified ways to hack into cars
Google, Bing, Yahoo Ordered by French Court to Block Video Streaming Sites(Search Engine Watch) Typically, Google gets pirated content sites out of the search index when companies file a DMCA — numerous pirate sites have already been removed from the index due to webmaster guideline violations. However, a group of some companies, distributors and producers in France took Google and other search engines to court in order to see the search engines remove a group of pirate sites from the index permanently
Editor Describes Pressure After Leaks by Snowden(New York Times) The top editor of the British newspaper The Guardian told Parliament on Tuesday that since it obtained documents on government surveillance from a former National Security Agency contractor, Edward J. Snowden, it has met with government agencies in Britain and the United States more than 100 times and has been subjected to measures "designed to intimidate"
The Guardian has WAY MORE Snowden stuff left to leak(Daily Caller) Guardian editor Alan Rusbridger told Parliament Tuesday that the UK-based newspaper has only released one percent of the documents leaked by former National Security Agency contractor Edward Snowden
Army Investigates China Spy Incident…That Involves No Secrets(Foreign Policy) No secrets were spilled. And all of the documents in question are publicly available. But the U.S. Army has nonetheless launched an internal review of its administrative practices after members of a Chinese military delegation began asking for U.S. government manuals a bit too aggressively during a September visit to an American base
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
Women in Cybersecurity Conference(Nashville, Tennessee, USA, April 11 - 12, 2014) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
The 2014 Cyber Security Summit (New York)(New York, New York, USA, September 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
Cylance Talk: Risk Does Not Equal Threat(Arlington, Virginia, USA, December 10, 2013) Attacks, malware and careless users may trigger alarm bells, but that does not mean your business is in danger. Compliance and risk management requirements, while necessary, result in additional work,...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
ACG® New York Cyber Security Investor Conference(New York, New York, December 11, 2013) The ACG New York Cyber Security conference will feature experts in Cyber Security that will enable you to understand the opportunities for investment in a number of areas that constitutes Cyber Security.
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.