Turkish hacktivists claiming nationalist and religious motives (and, less plausibly, Turkish Army sanction) deface the UN's Ethiopian website.
Chinese cybercriminals hack CNWisdom, that country's leading provider of hotel Wi-Fi, to steal and release a database of 20 million hotel reservations.
More on intelligence services' interest in online games (World of Warcraft is mentioned in dispatches). (Credit Noah Shachtman with calling this one in Wired five years ago.)
IntelCrawler takes a crawl through the Korovka forum and turns up WebHost, a "bulletproof" hosting service for cybercriminals. WebHost's servers are in Lebanon and Syria, which it hopes will prove proof against Western police.
Obvious Europol scareware is currently emanating from Ukraine. A study of the zero-day black market shows prices running typically from $40k-$160k, but some zero-days go for as much as $1M.
Chinese espionage services join the ranks of G20 hackers: they targeted the foreign ministries of Bulgaria, the Czech Republic, Latvia, Portugal, and Hungary.
The French government hasn't budged from its claim that bogus certificates resulted from innocent human error, but few are buying this. Microsoft, Mozilla, and Opera join Google in revoking the certificates.
It's Patch Tuesday, and Microsoft closes the recently discovered TIFF zero-day vulnerability. Redmond also announces security enhancements intended to go beyond the two-factor authentication adopted this spring.
Denial-of-service attacks have led banks to more comprehensive and effective information sharing.
Security analysts, peering into 2014, foresee shrinkage in genus malware but growth in species ransomware.
In the US, DISA opens "Needipedia" to better address emergent requirements.
Today's issue includes events affecting Australia, Belgium, Bulgaria, Canada, China, Czech Republic, Ethiopia, France, Hungary, Latvia, Lebanon, Portugal, Russia, Saudi Arabia, South Africa, Syria, Turkey, United Kingdom, United Nations, United States..
Chinese hackers leak hotel guest data on WeChat(South China Morning Post) Hackers in China have leaked a database of an estimated 20 million hotel reservations on multiple websites and even WeChat, the wildly popular messaging service, reflecting failed government efforts to prevent massive leaks of personal data
Pentagon Researcher Conjures Warcraft Terror Plot(Wired) The American military and intelligence communities are increasingly worried that would-be bin Ladens might gather in a virtual world, to plan a real-life attack. But the spies haven't given many details, about how it might be done. Now, a Pentagon researcher has laid out how such a terror plot might unfold. The planning ground is World of Warcraft. The main target of this possibly nuclear strike: the White House
Malicious multi–hop iframe campaign affects thousands of Web sites, leads to a cocktail of client-side exploits — part two(Webroot Threat Blog) Ever since we exposed and profiled the evasive, multi-hop, mass iframe campaign that affected thousands of Web sites in November, we continued to monitor it, believing that the cybercriminal(s) behind it, would continue operating it, basically switching to new infrastructure once the one exposed in the post got logically blacklisted, thereby undermining the impact of the campaign internationally. Not surprisingly, we were right. The campaign is not only still proliferating, but the adversaries behind it have also (logically) switched the actual hosting infrastructure. Let's dissect the currently active malicious iframe campaign that continues to serving a cocktail of (patched) client-side
Microsoft Adds New Security Features to Accounts(Threatpost) Microsoft announced yesterday that it will complement the two-factor authentication it enabled for account holders in April with additional security features designed to deny account hijacking and unauthorized access
How Will NIST Framework Affect Banks?(BankInfoSecurity) The NIST cybersecurity framework will help U.S. banking institutions assess their security strategies, but some institutions fear the framework could trigger unnecessary regulations, says Bill Stewart of Booz Allen Hamilton
Myth of 'anonymized' data and rise of 're–identification experts'(FierceBigData) For years now, data crunchers have tried to soothe the public psyche with the promise that individual privacy would be protected through the process of anonymizing the data. It all sounds well and good—at least to the naïve. After all, if all personalized identifying info is scrubbed from the data how could it possibly be traced back to the person to which it applied? It turns out that it's relatively easy to do just that
Expert: Security automation can thwart attacks on cloud computing(SearchCloudSecurity) Aggressive nation-states see the cloud as a juicy target and, according to one expert, security automation represents the best tactic enterprises have to defend cloud implementations against attackers possessing nearly unlimited resources
2014 Security Issues: 'tis the Top 10 Season(CSO) Every year about this time security practitioners awaken to see that the jolly man in the red suit from marketing has jammed their email inboxes across the globe with the proverbial "top ten" lists for the next year
Malware Drop, Ransomware Rise Forecast for 2014(TechNewsWorld) There's a growing contingent advocating a more proactive approach to system security, driven largely by frustration. "We haven't improved the defenses of business organizations in any way," said Andrew Kellett, a principal analyst with Ovum. "We continue to find it difficult to detect security breaches…We're not doing the proactive stuff very well"
Cyber Monday And The Threat Of Economic Espionage(Dark Reading) Based on recent predictions by numerous market analysts, Cyber Monday, the online equivalent of the Black Friday shopping event, is well on its way to overtake physical retail sales numbers in coming years
Report: Risk of an Uncertain Security Strategy(ZDNet) In spite of high-profile data breaches and the potential business impact of cyber attacks and data loss, small and midsize organizations are still not making cyber security a priority. Sophos and the Ponemon Institute recently released a report, Risk of an Uncertain Security Strategy, that highlights the need to make security a key priority
DIA releases technology wish list to solve problems more directly(Federal News Radio) The Defense Intelligence Agency has just launched a project that it thinks can help circumvent some of the ills of the government's notoriously slow procurement process for emerging technology and open the playing field to a much broader set of innovators. The platform, called Needipedia, formally launched in late November. The basic idea is to let front-line DIA users, who have discrete technological needs, communicate them to the companies and institutions that might be able to solve their problems a bit more directly, short circuiting at least some of the steps in the government's ponderous process for procurement and requirements development
6 Ways Tech Companies' 'Reform Government Surveillance' Fails(Tom's Guide) The newly unveiled public-relations campaign by top technology companies urging governments to reform Internet surveillance sounds noble, but other than to reassure foreign customers that American companies aren't the bad guys, it won't achieve much
AT&T resists transparency over NSA snooping(ITWorld) A host of tech companies have asked governments around the world to reform their surveillance laws, but AT&T seems to be taking the opposite approach, resisting shareholder pressure to disclose the information requests it receives from the U.S. and foreign governments
Raytheon BBN, GrammaTech Form Malware Detection Tech Team(GovConWire) A team comprising of a Raytheon (NYSE: RTN) subsidiary and GrammaTech has been awarded a $4.8 million contract from the Defense Advanced Research Projects Agency to develop technologies for protecting information technology devices from malware and other backdoor attacks
CACI losses fight to keep intell contract(Washington Technology) CACI International lost its fight to keep a Defense Intelligence Agency contract after GAO denied its protest. The winner, Mission Essential
Splunk Buys Network Data Capture Firm Cloudmeter(SecurityWeek) San Francisco, California-based Splunk, a provider of software that helps organizations gather and make use of machine data from a diverse set of sources, today announced it has acquired Cloudmeter, a provider of network data capture technologies
Paul Gentile Joins ManTech as Cyber Solutions SVP(GovConWire) Paul Gentile, formerly a senior vice president at Science Applications International Corp. (NYSE: SAI), has joined ManTech International (NASDAQ: MANT) as SVP of the company's cyber solutions business unit
CyanogenMod introduces built–in SMS encryption(Help Net Security) CyanogenMod developers have announced the fruit of several months of labor headed by Open Whisper Systems' Moxie Marlinspike: a seamless implementation of TextSecure, the latter firm's well-known and trusted SMS encryption solution
Technologies, Techniques, and Standards
Web-based malware: Why detection efforts must go beyond antimalware(SearchSecurity) According to reports, users are apparently far more likely to encounter malware when Web browsing as opposed to checking email, and that Web-borne malware is harder for antimalware systems to detect. Why is this? How can organizations shift their tactics to successfully combat Web-based malware
ASA takes on privacy issues in big data, statistical research(FierceBigData) Big data practitioners made privacy an issue to begin with by collecting information on individuals without their knowledge, much less consent, as though they have an unlimited right to know and that right supersedes an individual's right to privacy
How the Bitcoin protocol actually works(Data-driven Intelligence) Many thousands of articles have been written purporting to explain Bitcoin, the online, peer-to-peer currency. Most of those articles give a hand-wavy account of the underlying cryptographic protocol, omitting many details. Even those articles which delve deeper often gloss over crucial points. My aim in this post is to explain the major ideas behind the Bitcoin protocol in a clear, easily comprehensible way. We'll start from first principles, build up to a broad theoretical understanding of how the protocol works, and then dig down into the nitty-gritty, examining the raw data in a Bitcoin transaction
Despite cloud computing security risks, infosec pros know their role(SearchCloudSecurity) Misconceptions abound regarding the approach enterprise information security professionals must take in order to successfully address cloud computing security risks in their organizations. It's unfortunate when those misconceptions are perpetuated, even inadvertently
The DDoS debate: Multi–layered versus single solution(Help Net Security) There is a DDoS debate in the cybersecurity industry about which solution is more effective – multi-layer or single. However, the argument is really more complex and must consider traditional defenses versus dedicated DDoS defenses, multi-provider (device or service) versus single provider (device or service), and layered defense in-depth versus single defender
Those Look Just Like Hashes!(Internet Storm Center) Have you ever during a penetration test collected a list of values that look very much like hashes, and thought "I could maybe start cracking those, if I only knew what algorithm was used to calculate those hash values"
Using firewall rules to migrate business applications to a private cloud(Help Net Security) An increasing number of organizations are already taking advantage or planning to take advantage of the many financial and operational benefits that a private cloud has to offer. However, in order to achieve these benefits, IT must take on complex projects to migrate business applications and/or data centers from the physical to the virtual realm
Why the Belgian Cyber Security Guide Must Be Extended? Example with MySQL!(/dev/random) A few days ago, I attended an event organized by the Chamber of Commerce in Belgium (ICC Belgium) and the Federation of Enterprises (FEB) to announce with great ceremony the release of the first Belgian Cyber Security Guide. Honestly, this is a great initiative! In the audience, many many infosec professionals were present but not many "business owners"
Design and Innovation
Commentary: Every Federal Agency Needs an Innovation Lab(Nextgov) More than five years ago, then-candidate Barack Obama vowed to "make government cool again." Since then, he has advocated vocally for technology and innovation, inspiring advancements that have reduced waste and delivered services more effectively to the American people
Research and Development
The Economics of Personal Data and the Economics of Privacy(OECD) In modern information economies, the reduction of the cost of storing information has made it possible to capture, save, and analyze increasing amounts of information about the individual. Companies record details of each customer transaction. Websites log their visitors‟ behaviour. Data aggregators link information coming from different sources to compose individual profiles
DARPA Plugs Contest for Watson–like System to Deflect Hackers(Nextgov) In the wake of an alleged hack that stole the passwords of two million Facebook, Google and other Internet users, Pentagon officials are plugging a new contest to build a Watson–like system that can find and eradicate Achilles heels in software
DHS starts critical infrastructure R&D plan public process(FierceHomelandSecurity) The Homeland Security Department took first public steps in development of a research and development strategy for strengthening the security and resilience of critical infrastructure in the Dec. 5 solicitation of public comment
Drawing the Line on Government Surveillance(Huff Post Blog) Earlier today, eight of the country's leading technology firms unveiled a website and released five principles for regulating online surveillance by governments worldwide. I applaud AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo for presenting their case on this very important topic
State of Deception(The New Yorker) Why won't the President rein in the intelligence community
Snowden document shows Canada set up spy posts for NSA(CBC) The leaked NSA document being reported exclusively by CBC News reveals Canada is involved with the huge American intelligence agency in clandestine surveillance activities in "approximately 20 high-priority countries"
EU Data Protection Regulation implementation postponed(FierceBigData) According to a Forrester blog post, the implementation of EU Data Protection Regulation, an update to existing European data privacy laws, has been postponed to 2015. Forrester believes that means it won't be actually applicable until 2017
HealthCare.gov and the Threat to Cybersecurity(Rollcall) Even in an era when denial-of-service attacks and cyber-theft are all too common, the security of one particular website — HealthCare.gov — has garnered significant public and congressional scrutiny
Fed police trial new net spying technology(Perth Now) Contorversial new technology capable of collecting and storing emails and other information sent via computer in real time will be rolled out by the Australian Federal Police next year
FBI used spying malware to track down terror suspect(Help Net Security) Court documents related to a recent FBI investigation have revealed that the agency has been permitted to try to compromise with spying malware the computer of a potential terrorist in order to discover his identity and location
Operation Creative: 40 Illegal Websites Shut Down by British Authorities(Softpedia) A total of 40 websites found to be serving copyrighted content have been shut down as part of Operation Creative, a campaign launched by British authorities in the summer of 2013. Many of them are said to have generated serious profit for their owners through advertising programs
Microsoft DCU — Strike Three. Now What?(Damballa: The Day Before Zero) Microsoft DCU recently announced legal actions again the click-fraud component of the ZeroAccess (ZA) botnet. It is common knowledge in the security community that ZA uses a peer-to-peer (P2P) Command and Control (C&C) channel
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
Cylance Talk: Risk Does Not Equal Threat(Arlington, Virginia, USA, December 10, 2013) Attacks, malware and careless users may trigger alarm bells, but that does not mean your business is in danger. Compliance and risk management requirements, while necessary, result in additional work,...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.