Iranian hacktivists deface Oregon's Amity and Sutherlin municipal Websites.
Webroot reports finding a currently active malicious campaign that uses compromised legitimate websites to serve malware disguised as bogus "browser updates." The campaign appears centered in Russia.
Current malicious activity suggests the difficulty of building an effective cyber arms control regime. Lawful intercept tools have long circulated outside their intended market, and cyber weapons built by governments have also begun to appear in significant numbers on the black market. Note, for example, analysts' take on the traffic in zero-days. See too legitimate product announcements: how difficult is it to turn a parental control like mSpy to malign purpose?
Siemens patches an authentication bypass flaw in its SINAMICS S/G ICS software. Services victimized by the Pony botnet's theft of credentials reset passwords. Patch Tuesday arrives next week, and Microsoft is expected to issue a large number of fixes.
A SecurityWeek op-ed sees a shift in enterprise network security away from prevention and toward detection. Big data technology faces unresolved encryption and anonymization challenges.
In industry news, the combination of business and technical skill that makes a good CISO proves scarce. Vistronix buys Kimmich Software Systems, and Box acquires dLoop.
Venezuela tries with limited success to crack down on black-market currency trading (President Maduro cries "economic war" as citizens dump the Bolivar), blocking Internet sites that report prevailing rates.
Russian authorities will prosecute "Paunch" for the Blackhole exploit kit. Microsoft and European authorities take down the ZeroAccess botnet (but expect it to return).
Today's issue includes events affecting Bulgaria, China, European Union, Estonia, India, Latvia, Lithuania, Netherlands, Norway, Poland, Romania, Russia, Spain, Sweden, United Kingdom, United States, and Venezuela..
Dateline SINET Showcase
Venture Capital and the Innovation Ecosystem(The CyberWire) The CyberWire interviewed Bob Ackerman, Founder and Managing Director, Allegis Capital. Allegis, based in Palo Alto, California, USA, invests in early stage companies developing enabling technology and software to serve emerging markets. We caught Mr. Ackerman shortly before he went in to moderate his SINET Showcase panel on "Bringing Order out of Chaos"
Cyber Arms Dealers Peddle 85 Worms a Day(Nextgov) Cyberweapons sold to the government that are powered by glitches in popular software have opened a can of worms for citizens who increasingly are being attacked by nongovernment actors buying from the same arsenal of 85 exploits per day, according to new research
Infographic: How Snowden Breached the NSA(Venafi) There's one secret that's still lurking at the NSA: How did Edward Snowden breach the world's most sophisticated IT security organization? This secret has as much to do with the NSA as it does with your organization. In this exclusive infographic, Venafi breaks open how Edward Snowden breached the NSA
Security Patches, Mitigations, and Software Updates
Siemens Patches Authentication Bypass Flaw in SINAMICS ICS Software(Threatpost) Siemens has patched a serious remotely exploitable vulnerability in its SINAMICS S/G ICS software that could enable an attacker to take arbitrary actions on a vulnerable installation without having to authenticate. The vulnerability affects all versions of the Siemens SINAMICS S/G products with firmware versions earlier than 4.6.11. ICS-CERT, a pat of the Department of Homeland Security
Microsoft likely to patch zero–day next week(ZDNet) It looks like a fairly busy Patch Tuesday in December. There are two open zero-day vulnerabilities in Windows. It's likely there will be a patch for one, but not the other
Microsoft's final security push is missing the kitchen sink(CSO) Tripwire's Tyler Reguly says that considering all that's being patched this month, it seems as if Redmond forgot to include the kitchen sink. Next week, Microsoft ends 2013 with 11 bulletins, covering nearly everything that was laying around
How Many Zero–Days Hit You Today?(Krebs on Security) On any given day, nation-states and criminal hackers have access to an entire arsenal of zero-day vulnerabilities — undocumented and unpatched software flaws that can be used to silently slip past most organizations' digital defenses, new research suggests. That sobering conclusion comes amid mounting evidence that thieves and cyberspies are ramping up spending to acquire and stockpile these digital armaments
The biggest malware, security threats in 2013(ZDNet) According to Malwarebytes' 2013 Threat report, "assumed guilt" ransomware tactics, mobile device cyberattacks and Mac-based threats are all gifts we had to cope with this year
The state of targeted attacks(Help Net Security) Trusteer announced the results of a recent study on the State of Targeted Attacks, which took into consideration the feedback from over 750 IT and IT security practitioners who have involvement in defensive efforts against APTs launched at their organisations
Cyber Attacks Up 15 Percent Since 2010, According to Emerson, Ponemon Institute Study(Wall Street Journal) With both cyber attacks and the costs of data center outages rising, there is an immediate need for businesses to secure proper technology and safeguard data. This need was highlighted in a recent study, the "2013 Study on Data Center Outages," in which 34 percent of respondents cited cyber attacks as a cause for data center downtime, compared to just 15 percent in 2010. The Ponemon Institute study — which was sponsored by Emerson Network Power, a business of Emerson (NYSE: EMR) and a global leader in maximizing availability, capacity and efficiency of critical infrastructure — explores the causes and costs of downtime in the United States
Water Utility Sector Works in Partnership to Meet Cyber Security Challenges(Huffington Post) Like most utilities in our country, the drinking water and wastewater sectors rely heavily on automated technologies to track and manage the transport and treatment of water. The evolution of computer-based management systems, or industrial control systems (ICS), has hugely improved the reliability and quality of water service. However, as the use of automated systems increase, so do the possibilities of both targeted and accidental cyber events that can affect our water supply and ultimately threaten public safety
From Prevention to Detection: A Paradigm Shift in Enterprise Network Security(SecurityWeek) While the technology used by enterprises to protect against today's advanced threats is quite complex, understanding the essence of what the technology does shouldn't be complicated at all. Rather, it should be refreshingly simple and easy to grasp- both by CISOs, who are tasked with keeping their network safe, and CFOs, who hold the "purse strings" and need to justify the investment
Big Data Challenge: Encryption(Midsize Insider) One major challenge that midsize firms face when handling big data projects is encryption. During the Cloud Security Alliance's recent CSA Congress event, industry executives called out several challenges that cryptography poses for big data. As smaller firms endeavor to implement solid big data projects, they will need to address this level of encryption security
CIOs lack the vision when it comes to mobility(Help Net Security) Mobile Helix announced the findings of an independent CIO survey of 300 IT decision makers in the UK and US; exploring how enterprises are making use of mobile technology
Vistronix Deepens Cyber Operations and Signals Processing Capabilities with Acquisition of Kimmich Software Systems, Inc. (KSSI)(Virtual-Strategy) Vistronix, a leading provider of intelligence and technology solutions to national security agencies in the federal space, is pleased to announce that the company has completed its acquisition of Kimmich Software Systems, Inc. (KSSI), significantly expanding its technology solutions for the U.S. Intelligence Community. A privately-owned company out of Columbia, MD, KSSI's primary solution offerings are in cyber operations, signals processing, data analytics, software development and systems engineering
Box buys security vendor dLoop(FierceContentManagement) Last week before the Thanksgiving break, Box quietly announced it had purchased dLoop, a small security startup that could help Box enhance its security chops and make it more attractive to the enterprise customers it so craves
If Instagram Isn't Building Private Messaging, It Should Be(TechCrunch) Once upon a time, Instagram was a little app for sharing photos with friends and photography buffs. Its mostly public sharing model worked at that size. But now with over 150 million users, widespread awareness, and years of people following each other, users may be holding back from posting as much because they don't want the whole world to see what they see
Camber Corporation announces the promotion of John Lord to President of the company.(Sacramento Bee) In John's previous position as Camber's Executive Vice President and Chief Operating Officer, John led the realignment of the company to better define and focus on Camber's markets in a resource constrained environment, and has driven the company to increased prime contract bids and awards through an emphasis on cross-Camber collaboration
Products, Services, and Solutions
FireEye Announces Availability of Oculus for Small and Midsize Businesses(MarketWatch) FireEye, Inc., the leader in stopping today's advanced cyber attacks, today announced FireEye's Oculus™ platform for small and midsize businesses (SMB). Oculus for SMB combines technology, services, and threat expertise in a solution specially tailored to small and midsized businesses
New ICS cyber security cert(Help Net Security) Global Information Assurance Certification (GIAC), a leading provider of cyber security certifications and an affiliate of the SANS Institute, announced the release of the new Global Industrial Cyber Security Professional (GICSP) certification exam
Cisco updates CCIE routing and switching certification(Help Net Security) Cisco announced a major revision of the CCIE Routing and Switching (R&S) Certification and expert-level training to meet the increasing challenges of enterprise networks evolving in size, scope and complexity
Twitter rolls out ad retargeting tool(FierceCMO) Twitter unveiled an ad retargeting tool, tailored audiences, which gives marketers the ability to track mobile users who have browsed for specific products and services even outside of its site
NTIA to begin work on facial recognition privacy code of conduct(FierceGovernmentIT) The National Telecommunications and Information Administration announced Dec. 3 it will convene a multistakeholder process focused on privacy to develop a voluntary code of conduct that specifies how the Consumer Privacy Bill of Rights applies to facial recognition technology in a commercial environment
New HIPAA Compliance Help on the Way(Healthcare Info Security) The federal "wall of shame" tally of major health data breaches, and the results of HIPAA compliance audits conducted so far, illustrate that the healthcare sector has a long way to go when it comes to protecting patient privacy and improving information security
Partners HealthCare CISO, CIO Q&A: Security threat awareness(Health IT Security) As the threat environments facing healthcare organizations change and evolve, organizations must be proactive and adjust their security and privacy approaches on the fly. For a sizeable healthcare network such as Boston-based Partners HealthCare, the need to stay on top of these risks is amplified greatly and an "all hands on deck" strategy is needed
Top 20 Critical Security Controls not popular with federal IT pros(Help Net Security) The National Security Agency created a best security practices list for their customers, which was later expanded through a large-scale community project initiated by the SANS Institute and sponsored by the Center for Strategic and International Studies (CSIS)
Planning for 2014: A Guide To Targeted Attack Defense(TrendLabs Security Intelligence Blog) By now, most IT administrators are aware that their networks and systems may require defenses against targeted attacks carried out by well-equipped, knowledgeable attackers. As companies prepare their plans for the upcoming year, some may ask: how does one develop a strategy on how to help defend against these attacks
How to Prevent DNS Attacks(eSecurity Planet) Hackers like the Syrian Electronic Army are finding weaknesses to exploit in the Domain Name System. Here's how to keep your organization from falling victim to a DNS attack
Master's Accreditation Benefits Federal Cyber Pros(Nextgov) Federal information security employees now have one additional option for pursuing a master's degree in information security that could be funded in part through their agency's tuition assistance program
Legislation, Policy, and Regulation
India–US homeland security dialogue: Two–day conference of police chiefs concludes(Odisha Diary) Delivering the valedictory address at the Conference, the Union Home Secretary Shri Anil Goswami said that the movement of people, goods and ideas has always driven with the development of nations and provided opportunities for economic growth and prosperity. He said that the security measures should be designed to facilitate the safe and efficient movement of people and goods while securing the critical infrastructure
British Probe Set to Clear Huawei of Allowing Spying(Bloomberg) Britain's national security adviser is to clear China's Huawei Technologies Co. of leaving its equipment open to Chinese spying, while recommending that British agencies look at how they can tighten procedures
Fighting Joe Biden vs. bowing David Cameron—a lesson from two China trips(Quartz) US vice president Joe Biden spent less than 48 hours in China this week, but managed to criticize its new air defense zone, China's treatment of foreign journalists, and general lack of democracy. In contrast, David Cameron, who was in China for three days this week, played ping pong with school children, opened a Sina Weibo account and publicly avoided controversial topics. When he returned home he even said British schools should start teaching Mandarin. The two visits couldn't have been more different. Still, both approaches reaped scorn from media mouthpieces of the Chinese government as well as the general public, raising the question—What is the right diplomatic way to appeal to China? It appears no one really knows
Obama says he will propose NSA reforms(Reuters) President Barack Obama said on Thursday he intends to propose National Security Agency reforms to reassure Americans that their privacy is not being violated by the agency
Big Transparency for the NSA: Perspectives on Spying and Privacy(Watson Institute via IC on the Record) Brown University's Watson Institute for International Studies hosted an event on December 4, 2013 that included a panel discussion with John DeLong, Chief Compliance Officer for the National Security Agency and Alexander Joel, the Civil Liberties Protection Officer at the Office of the Director of National Intelligence
NSA Surveillance, Snowden, and Freedom (Harvard Magazine) Yochai Benkler, Berkman professor for entrepreneurial legal studies at Harvard Law School, spoke on December 4 about the President's Surveillance Program (PSP, a collection of U.S. secret intelligence activities) and Edward Snowden in a talk entitled "System and Conscience: NSA Bulk Surveillance and the Problem of Freedom"
Is Cyber Command ready to stand on its own?(FCW) Debate about the relationship between the National Security Agency and U.S. Cyber Command has ratcheted up in the wake of damaging leaks about NSA surveillance activities, but no decision on whether to split the two entities is likely before dual-hatted Gen. Keith Alexander steps down in spring 2014
HIPAA burdensome to big data healthcare efforts, BPC says(FierceHealthIT) The Health Insurance Portability and Accountability Act is "misunderstood, misapplied and over-applied" to the point of being burdensome to the sharing of patient information for improved care, according to a report published this week by the Bipartisan Policy Center
OCR not fully enforcing HIPAA(FierceHealthIT) The Office for Civil Rights, the agency that enforces privacy provisions of HIPAA, has not fully enforced the law's requirements, according to a report from the U.S. Department of Health & Human Services Office of Inspector General
FTC: Is native advertising a bait–and–switch?(FierceCMO) Is native advertising fooling consumers into thinking paid sponsorships are pieces of regular editorial content was the question of the day at the Federal Trade Commission's workshop on native advertising held Wednesday
Meet Paunch: The Accused Author of the BlackHole Exploit Kit(Krebs on Security) In early October, news leaked out of Russia that authorities there had arrested and charged the malware kingpin known as "Paunch," the alleged creator and distributor of the Blackhole exploit kit. Today, Russian police and computer security experts released additional details about this individual, revealing a much more vivid picture of the cybercrime underworld today
Microsoft and law enforcement disrupt ZeroAccess botnet(Help Net Security) The Microsoft Digital Crimes Unit announced it has successfully disrupted a rampant botnet in collaboration with Europol's European Cybercrime Centre (EC3), the Federal Bureau of Investigation (FBI) and leaders in the technology industry, including A10 Networks Inc
International payment card fraud ring dismantled(Help Net Security) The European Cybercrime Centre (EC3) at Europol, working with police in Latvia, Estonia, Poland, Bulgaria, Spain, Lithuania, Norway, Sweden and the United Kingdom, have taken down a criminal network of Latvian payment card fraudsters and arrested eight key members of the group
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
Cylance Talk: Risk Does Not Equal Threat(Arlington, Virginia, USA, December 10, 2013) Attacks, malware and careless users may trigger alarm bells, but that does not mean your business is in danger. Compliance and risk management requirements, while necessary, result in additional work,...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.