skip navigation

More signal. Less noise.

Daily briefing.

Chinese government spokesmen indignantly deny allegations China spied on G20 foreign ministries because, well, who believes those FireEye guys anyway? Actually quite a few do: see especially the "Attribution Analysis" section of FireEye's report on "Operation Ke3chang." Their evidence is admittedly circumstantial, but nonetheless suggestive.

Hacktivists of varying stripes (Islamist, nationalist, anarchist) surface to hit targets in Spain, Mexico, and the US. An Anonymous denial-of-service attack against Mexico's Congress is particularly noteworthy.

Consumers are advised to add keyloggers to their cyber worries over the holidays. Social media also continue to be a channel of retail cybercrime.

An audit warns of cyber vulnerabilities in Australia's State of Victoria's water distribution infrastructure.

Gamers in the UK sustained 11.7M attacks in 2013. F-Secure coins a new term, "sharking," to describe cybercrimes against cardplayers. A Las Vegas casino and hotel visitors' guide Vegastripping.com is breached, with user credentials posted to Pastebin.

Researchers find a banking Trojan using database-as-a-service platforms for its command-and-control traffic.

Amid more reports of tighter IT (and cyber) labor markets, the US Navy and Air Force both move to increase the number of uniformed cyber operators in their ranks.

The UK is announcing today a new requirement for cyber-security certification of government contractors.

Palantir raises $107.5M and is now valued at $9B. Mocana receives significant funding from GE Ventures. Adobe faces investor scrutiny over privacy. BlackBerry pegs its future to enterprise mobility.

Members of the US House introduce the "National Cybersecurity and Critical Infrastructure Protection Act of 2013" with bipartisan sponsorship.

Notes.

Today's issue includes events affecting Australia, China, European Union, Finland, Ireland, Mexico, Morocco, New Zealand, Spain, Sweden, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Beijing rejects latest US hacking accusations (Want China Times) China on Tuesday rejected the accusation by a US computer security firm that Chinese hackers were involved in a cyber attack against European countries before the G20 Summit in September

Operation "Ke3chang": Targeted Attacks Against Ministries of Foreign Affairs (FireEye) Diplomatic missions, including ministries of foreign affairs (MFA), are high–priority targets for today's cyber spies. Large-scale cyber espionage campaigns such as "GhostNet" have demonstrated that government agencies around the world, including embassies, are vulnerable to targeted cyber attacks

Mexico's House of Representatives and Congress Attacked by Anonymous (Softpedia) Hackers of the Anonymous movement have launched distributed denial-of-service (DDOS) attacks against the websites of the Mexico's House of representatives and Congress

TeamBerserk hacktivists use US judge's credit card to buy sex toys for him (Naked Security) TeamBerserk hackers are back. They've sided with a sheriff in the US state of Texas in a dispute over a teacher picking thrown-away school furniture out of the trash, have leaked 23 documents stolen from the judge's computer

Spanish Socialist Workers Party of Murcia gets hacked by Moroccan Islamic Union-Mail (Hackers Post) The online hacktivist group 'Moroccan Islamic Union-Mail' (MIUM) have hacked Partido Socialista Obrero Español de murcia

Consumers Are Warned to Be Wary of Keyloggers to Prevent Identity Theft Over the Holidays and Beyond (Virtual-Strategy) The Identity Theft Council is warning consumers and businesses to be aware of the menace of keyloggers, over the Christmas holidays and beyond. In the aftermath of the recent discovery of more than two million stolen passwords on a hacker server, the prime suspect in the incident was initially a keylogger

Facebook Phishing and Malware via Tumblr Redirects (Internet Storm Center) We got a couple reports of pretty convincing Facebook spam redirecting users to malware and a Facebook phishing site

How cybercriminals efficiently violate YouTube, Facebook, Twitter, Instagram, SoundCloud and Google+'s ToS (Webroot Threat Blog) With social media, now an inseparable part of the marketing expenditures for every modern organization, cybercriminals quickly adapted to the ongoing buzz, and over the last couple of years, have been persistently supplying the market segment with social media metrics performance boosts, in the the form of bogus likes, dislikes, comments, favorites, subscribers, and video/music plays. This process, largely made possible by the massively undermined CAPTCHA bot vs human verification practice, results in automatically registered accounts, or the persistent data mining of malware-infected hosts for accounting data for social media accounts, continues to scale, allowing both individuals and organizations to

Crypto weakness in Web comment system exposes hate–mongering politicians (Ars Technica) Journalists exploit weakness in Gravatar to identify extremist forum members

ENISA Threat Landscape 2013 — Overview of current and emerging cyber–threats (ENISA) ENISA releases the 2013's ENISA Threat Landscape (ETL 2013). The ENISA Threat Landscape is a collection of top cyber-threats that have been assessed in the reporting period, ie. end 2012-end 2013. ENISA has collected over 250 reports regarding cyber-threats, risks and threat agents. ETL 2013 is a comprehensive compilation of the top 15 cyber-threats assessed

Credit card data stolen from hundreds of attendees at Boston conventions (Naked Security) The Boston Convention & Exhibition Center denies the security breach happened inside its building, while many convention-goers said they used their credit cards at shops, hotels and restaurants in the Seaport area of the city

Vic water authorities vulnerable to cyber attack (IT News) A state government audit into Victoria's water authorities has revealed much of the critical infrastructure towns and cities rely upon remains vulnerable to electronic attack

How cyber squatters and phishers target antivirus vendors (Help Net Security) Illegal online activities such as phishing and typosquatting are growing at an alarming rate. To understand the issue in detail High-Tech Bridge analyzed 946 domains that may visually look like a legitimate domain (for example replacement of "t" character by "l" character, or mutated domain names such as "kasperski.com" or "mcaffee.com") or that contain typos (e.g. "symanrec.com" or "dymantec.com")

Gamers attacked 11.7m times in 2013 (The Telegraph) UK gamers were hit with with 27,049 hacking attempts between 1 January and November 2013

Finnish Computer Security Company F–Secure Confirms "Sharking" Attacks at EPT Barcelona (Poker News) On Tuesday, F-Secure, an anti-virus, cloud content, and computer security company based in Helsinki, Finland, confirmed that Jens Kyllönen and his friend Henri Jaakkola were the victims of a "Sharking" attack at EPT Barcelona. After performing some tests on the high-stakes pro's laptop, F-Secure discovered that it was infected by a Remote Access Trojan (RAT), allowing the attacker to access Kyllönen's hole cards remotely

Las Vegas Casinos and Hotels guide site hacked, User Accounts Leaked (Hackers Post) Vegastripping.com, a LasVegas casinos and hotels guide site has been hacked. The hacker with the handle @zVapor claimed the responsibility of the hack and published the users credentials on Pastebin

Houston Methodist Hospital Acknowledges Data Breach (eSecurity Planet) 1,300 transplant patients' names, Social Security numbers, birthdates and medical information may have been exposed

Cybercriminals Now Elisting Database Cloud Services (Dark Reading) Database-as-a-service supports a new Trojan-based attack that steals businesses' online banking credentials

Catphishing is a loveless nightmare (Hacksurfer) What is catphishing? This recently coined term refers to false online identities created by Internet scammers to deceive people into a long-term romantic or emotional relationship

Cyber Trends

The Threat Landscape is Like the Curate's Egg, Suggests ENISA (InfoSecurity Magazine) The European Network and Information Security Agency (ENISA) takes an uncommon approach for its Threat Landscape 2013 report. Rather than undertaking or commissioning fresh research, it analyzes the existing reports published through the year: crowdsourcing. And as often proven, crowdsourcing can be remarkably effective

Young professionals exposing workplaces to cyber attack (Help Net Security) Low cyber-threat awareness amongst Gen-Y professionals coupled with blasé attitudes towards cyber security are leaving organizations across the country exposed to attack and data leaks according to ESET

What do people want to hide on their smartphone? (Help Net Security) More than half of Americans (52%) would be embarrassed about friends or family seeing certain files or documents on their smartphone, according to Clean Master

Marketplace

A Future of Failure? (Ford Foundation) The rapid pace of technology innovation and development has had a profound and undeniable impact on all corners of contemporary society. It has changed many of the day-to-day transactions that characterize personal and home life; it has radically reshaped and influenced domestic and global markets; and it has offered the potential to revolutionize how government works at the same time that it challenges the ways in which government protects consumers. A few wellworn statistics only confirm these trends

Navy expands 'cyber warrant' program to attract more tech–savvy sailors (C4ISR & Networks) The Navy is increasing its ranks of cyberwarfare sailors — about 1,000 more could join Fleet Cyber Command by fiscal 2016

AF Cyber Command bulks up, slims down (Defense Systems) The Air Force Cyber Command is bulking up and slimming down at the same time, planning to add a couple thousand airmen to its workforce by 2016 while simplifying its architecture as part of the military's move to the Joint Information Environment (JIE)

Firms will need cyber "badge" to win some British government business (Reuters) Britain will announce on Thursday that firms wishing to bid for certain areas of government procurement will have to meet a new standard demonstrating basic levels of cyber security

Executive Spotlight: Rick Nadeau on How SRA Became a Private Company and the Role of a GovCon CFO (ExecutiveBiz) Rick Nadeau serves as chief financial officer at SRA International where he is responsible for the long-term financial picture of the company

Exelis to Spin Off Military and Government Services Business (Defense News) McLean, Va.-based contractor Exelis, itself a 2011 spin off from ITT, announced Wednesday that it would be spinning off its military and government services business focused on facilities management, logistics and network communications

CIA–backed Palantir Technologies raises $107.5 million (Reuters) Palantir Technologies, the data-mining company that is partly backed by the Central Intelligence Agency, has raised another $107.5 million, according to a filing

Mocana Receives Strategic Investment from GE Ventures (Security Week) Mocana, a provider of security solutions for embedded and mobile devices, today announced that it has received a strategic investment from GE Ventures

BlackBerry's future could lie in enterprise mobility services (V3) This year has been something of a rollercoaster ride for BlackBerry, as the smartphone maker launched its next-generation handsets based on a brand new operating system in a bid to reclaim market share it has lost to Apple and Android devices over the past couple of years

Can Adobe 'photoshop out' privacy concerns? (Marketplace) Adobe releases its fourth-quarter earnings Thursday after the market close. The company's earnings slightly beat the consensus of analysts' estimates in the third quarter

Juniper exec Muglia abruptly quits (InfoWorld) Executive vice president Bob Muglia leaves the networking company shortly after new a CEO is named

Products, Services, and Solutions

NetFort Introduces LANGuardian V12 (Consumer Electronics Net) NetFort Technologies, a leading developer of innovative software for monitoring activity on computer networks, today announced the availability of LANGuardian version 12, a significant new release of its flagship network monitoring software product

Technologies, Techniques, and Standards

November Data Breaches: Learn from Others' Mistakes (eSecurity Planet) In this first of two parts, we look at what security professionals can learn from data breaches that occurred in November 2013

Banks shouldn't rely on mobile SMS passcodes, security firm says (ComputerWorld) As mobile banking grows, malicious Android applications are increasingly intercepting one-time passcodes

Browser Fingerprinting via SSL Client Hello Messages (Internet Storm Center) Encrypted traffic has long been a challenge for network monitoring. But even if traffic is encrypted, there is still plenty of information that can be extracted. In this little example, we are looking at "SSL Hello" messages. These messages are sent by the client to initiate the SSL connection. They include a number of parameters that may vary depending on the SSL library used or the SSL clients preference

Firms Eliminate Embedded Code To Foil Targeted Attacks (Dark Reading) Security providers are developing technology to strip out, or render unusable, any potential code in popular file formats

7 Habits Of Highly Secure Database Administrators (Dark Reading) Most organizations could still stand for improvement in database security best practices, according to IOUG survey

What Is Homomorphic Encryption? (NoVASec) I was listening to an older episode of Risky Biz (282) where they were discussing the concept of homomorphic encryption and how it can be applied to secure cloud computing. Basically, this type of operation involves performing computing operations on data while its encrypted rather than having to decrypt it first. It's obvious to see the application of this technology for use in the cloud

Energy–efficient bcrypt cracking (Help Net Security) Bcrypt is a password hashing scheme based on the Blowfish block cipher. It was designed to be resistant to brute force attacks and to remain secure despite of hardware improvements

Survey: Hadoop still isn't reliable or secure enough (VentureBeat) Hadoop, that ecosystem of open-source tools for storing and analyzing large quantities and many kinds of data, is spawning more and more companies. Some offer commercial support or consulting assistance for Hadoop. Others provide analytics software for understanding data sitting in Hadoop. But Hadoop itself is free

Legislation, Policy, and Regulation

Bill to safeguard critical infrastructure introduced in House (GSN) Members of both political parties introduced on December 11 a bipartisan piece of legislation, H.R. 3696, the "National Cybersecurity and Critical Infrastructure Protection Act of 2013" (NCCIP Act)

Advisory Panel Offers Suggestions To Strengthen US Cybersecurity, But Is The Government Capable Of Change? (TechDirt) The President's Council of Advisors on Science and Technology (abbreviated unfortunately as PCAST) has just released a report dealing with the nation's hottest topic since terrorism: cybersecurity. The report's writers include a host of professors from a variety of scientific pursuits, along with a few corporate figures from the tech world, including Google's Eric Schmidt and Microsoft's Craig Mundie

Sweden's Intelligence Agency has Access to NSA's XKeyscore system (InfoSecurity Magazine) Sweden has sometimes been called the 'Sixth Eye' - referring to the English-speaking Five Eyes SIGINT alliance — suggesting a close working relationship between Sweden's FRA and the NSA and GCHQ. New documents suggest that it has access to the XKeyscore tool, and has helped in the Quantum hacking program

Exactly What the State Says to Deceive You About Surveillance (The Atlantic) Remember when multiple Obama Administration figures said the NSA doesn't collect cell-phone location data? It turns out that wasn't true

NSA director defends surveillance programs as necessary (USA Today) National Security Agency Director Keith Alexander said Wednesday that "there isn't a better way'' to help defend the country from potential terror threats than the ongoing and controversial bulk collection of telephone records involving millions of Americans

Will NSA cut it out if Congress passes no–bulk-spying bill? "Depends" (Ars Technica) DOJ lawyer says they'll wait for a court interpretation of any new law

The NSA is out of control and must be stopped (The Verge) The National Security Agency is breaking trust in democracy by breaking trust in the internet. Every day, the NSA records the lives of millions of Americans and countless foreigners, collecting staggering amounts of information about who they know, where they've been, and what they've done. Its surveillance programs have been kept secret from the public they allegedly serve and protect. The agency operates the most sophisticated, effective, and secretive surveillance apparatus in history

A spat over Justice Department national security job (CNN) President Barack Obama's pick for the Justice Department's national security prosecutor is expected to be among several nominations to move in the coming weeks as Senate Democrats start wading through the presidential appointments backlog built up amid partisan fights

Litigation, Investigation, and Law Enforcement

NZ judge: Kim Dotcom is likely still being spied upon (Ars Technica) Dotcom heard a conversation with his attorney played back over a phone call

Backpacker stripped of tech gear at Auckland Airport (New Zealand Herald) A backpacker coming home for Christmas had every bit of electronic equipment stripped from him at the airport

German prosecutor: still weighing NSA probe (AP via Imperial Valley Press) Germany's chief federal prosecutor says he hasn't decided whether to open an investigation into alleged surveillance by the U.S. National Security Agency but is suggesting that he's skeptical

A UK citizen has sued Microsoft for leaking Prism private data to the NSA (Hack Read) A UK citizen has sued Microsoft for leaking PRISM private data to the NSA. A UK court will be carrying out an action trail for a case that has been filed by a British Citizen. The reason is that the private data of a UK citizen has been leaked or given to NSA by Microsoft. Now the court will test whether Microsoft has the right of disclosing such private information to the intelligence agency

Man Who Hacked US Government Systems Sentenced to 18 Months (Softpedia) 24-year-old Andrew James Miller, who admitted earlier this year to hacking and selling access to the systems of various US government and other high-profile organizations, has been sentenced to 18 months in prison. He will also have to pay a $25,000 (€18,000) fine

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ACSAC 2013 (New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...

2013 ASE International Conference on Cyber Security (Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...

Cyber Defense Initiative 2013 (Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...

FloCon2014 (Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...

NASA Langley Cyber Expo (Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...

cybergamut Tech Tuesday: Malware Reverse Engineering - An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (Columbia, Maryland, USA, January 21, 2014) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer...

Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.