A commercially available tool is found to enable cybercriminals to automatically register Tumblr accounts. (Criminal markets again mimic legitimate ones: where labor is scarce or expensive, automation fills the niche.)
CryptoLocker has a competitor in the ransomware black economy: a new (as yet unnamed) pay-to-install service for cyber gangs relies on Russian peer-to-peer payment services and does without the high-profile command-and-control infrastructure that so often betrays malware users. On the bright side, AV tools detect the ransomware at a high rate.
Security analysts don't think much of Gmail's new image download default: Ars Technica sniffs that "marketers, stalkers, and debt collectors" will welcome the new policy.
Details emerge on how a privilege-escalation exploit currently circulating in the wild breaks out of Adobe sandboxing.
Bitcoin is enjoying a speculative bubble, and therefore attracts corresponding attention from malware developers.
Google patches an Android flaw that has exposed users to SMS-based denial-of-service attacks.
mHealth 13 symposiasts warn of medical system vulnerabilities. Pacemakers are the most lurid example, but other classes of devices also present concerns.
Bots, both good and evil, now drive some 61% of Web traffic, says Incapsula.
The World Federation of Exchanges forms a new cyber group to help protect securities markets; Nasdaq OMX's CISO, Mark Graff, will lead the effort.
European countries push to develop national (not EU) cyber capabilities. The UK and Netherlands seem particularly ambitious.
In the US, Defense R&D lead Reginald Brothers describes cyber research priorities and the cyber industry's role. The CyberWire has the full interview.
Today's issue includes events affecting China, Egypt, European Union, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Netherlands, Nigeria, Romania, Russia, South Africa, Ukraine, United Arab Emirates, United Kingdom, United States..
Tumblr under fire from DIY CAPTCHA–solving, proxies–supporting automatic account registration tools(Webroot Threat Blog) Next to the ubiquitous for the cybercrime ecosystem, traffic acquisition tactics such as, blackhat SEO (search engine optimization), malvertising, embedded/injected redirectors/doorways on legitimate Web sites, establishing purely malicious infrastructure, and social engineering driven spam campaigns, cybercriminals are also masters of utilizing social media for the purpose of attracting traffic to their fraudulent/malicious campaigns. From the efficient abuse of Craigslist, the systematic generation of rogue/bogus/fake Instagram, YouTube, and email accounts, the process of automatic account generation continues to take place, driving a cybercriminal's fraudulent business model, naturally, setting up the foundations for upcoming malicious campaigns that could materialize at any point in time
Bitcoin–Related Malware Continues to Flourish(Threatpost) One good way to measure the popularity of an emerging technology or trend is to see how much attention attackers and malware authors are paying it. Using that as a yardstick, Bitcoin is moving its way up the charts in a hurry. The latest indication is some malware that researchers at Arbor Networks identified that is masquerading as a utility to alert Bitcoin owners of shifts in the currency's value, but is actually marked as a Trojan
LinkedIn invites ranked as the year's most dangerous messages(CSO) Websense published a brief report on the state of Phishing on Wednesday, covering Q1-Q3 2013. According to the numbers, the percentage of Phishing attempts within all email traffic fell .5 percent in 2013, which might seem like a bit of a positive
Despite Arrest, RAT Usage Grows(Industrial Safety and Security Source) Blackshades RAT is still popular among cybercriminals to the point where there has been an increase in its usage, all this despite the fact that police arrested who they feel was the developer, Michael Hogue
DOE didn't heed warning signs that led to July breach(FierceGovIT) The Energy Department had a number of early warning signs that personnel-related systems were at risk, but failed to correct cyber vulnerabilities that led to a major breach of its Management Information System—allowing outside access to the DOE Employee Data Repository database, finds a Dec. 6 office of inspector general report
Castle Cary website hacked in cyber attack(This is Somerset) Web users in Castle Cary were urged not to visit the town's website after it was hacked by a group claiming to be "The Nigerian Cyber Army" earlier this week
Security Patches, Mitigations, and Software Updates
mHealth13: Preventable vulnerabilities often threaten med device security(FierceHealthIT) Several vulnerabilities—some entirely preventable—continue to plague medical devices when it comes to security, according to panelists speaking Wednesday at the mHealth Summit in Washington, D.C. For instance, said Kurt Finke, director of the Office of Healthcare Technology Management for the U.S. Department of Veterans Affairs, many hospitals today tend to attach such tools to their IT networks
Cybercrime: Africa needs a defense system(Security Affairs) Africa 's banking industry, tourism sector and plenty of other businesses are prone to cyber-related crime hence the urgent need to develop a defense system
Infographic: DNS attacks are on the rise(FierceITSecurity) Attacks against the domain name system are on the rise, with a 200 percent rise in DNS attacks in the last year, according to data from Prolexic
EventTracker and Secure Links Partner to Bring Better Network Visibility(Insurance Technology) EventTracker, a leading provider of award-winning SIEM solutions, today announced that Secure Links, a leading IT services company serving the Canadian market, has joined the Managed Security Service Provider (MSSP) Partner Program. Secure Links will provide and manage EventTracker's comprehensive suite of log management and SIEM solutions which offer security, operational, and regulatory compliance monitoring
Tech Pick of the Week: Log anomaly detection tools(Futurice blog) An important part of creating successful digital services is the ability to monitor system's health and to respond to exceptional situations in a timely fashion. Log files contain information that a maintainer needs in figuring out causes for application failures or unexpected behavior. However, it is often difficult for a human to identify the explanations even if all the necessary information is in principle available in the logs because today's applications are so complex and consist of several interconnected software components
Five steps for successful bot removal from enterprise desktops(SearchEnterpriseDesktop) A few years ago, I worked on a project that investigated more than 10,000 computers that had been made into a botnet because of a targeted malware attack. Weak security practices, such as no vulnerability testing and an overreliance on traditional antivirus software, were part of the problem. We also discovered a communications breakdown among the security team, the help desk, IT administrators and other involved parties. It was ugly
Five Deadly Security Venoms — You're Still Doing it Wrong(Inf!ltrated) With all the hype and hooplah surrounding the US government's tapping of everything under the sun, I have seen an influx of articles related to security. "This is how you encrypt!", "this is how you secure!", "this is how…You're doing it wrong"
New cyber bill builds on DHS efforts(FCW) New cybersecurity legislation aimed at protecting critical infrastructure would codify and strengthen a number of the Department of Homeland Security's current programs, including some that are focused on information sharing and cyber incident response
Cyber Security Research and Development in the US Department of Defense(The CyberWire) The CyberWire interviewed Dr. Reginald Brothers, who's served since December 6, 2011 as US Deputy Assistant Secretary of Defense for Research. Dr. Brothers is responsible for policy and oversight of Department of Defense (DoD) Science and Technology (S&T) programs from Basic Research through Advanced Technology Development. He also oversees the Department's laboratories and provides long-term strategic direction of Defense S&T programs. We heard from Dr. Brothers after he spoke at last week's SINET Showcase
IT Reform Stripped from Defense Bill(Nextgov) The compromise version of a defense policy bill that appeared likely to pass the House and Senate on Thursday does not include an amendment that would fundamentally reform how the government buys and manages information technology
NSA leaders split on giving amnesty to Snowden(CBS News) CBS News learned Thursday that the information National Security Agency leaker Edward Snowden has revealed so far is just a fraction of what he has. In fact, he has so much, some think it is worth giving him amnesty to get it back
Snowden invited to testify(Daily Caller) The European Parliament voted Thursday morning to invite Edward Snowden to testify on National Security Agency surveillance programs as early as January of next year
Bulk telephony metadata program rests heavily on 1979 Supreme Court case(FierceGovIT) The legal justification for intelligence community storage of bulk telephone metadata rests heavily on a 1979 court case, a Justice Department official acknowledged to a Senate panel Wednesday--a case that one Supreme Court justice has said may require revisiting in light of technological developments
The Wish List of Money Launderers(TrendLabs Security Intelligence Blog) An iPad with a retina display, a blue iPhone and a Beats by Dr. Dre headphone set, please. This may read like a Christmas wish list of a spoiled child, but there's more: a red dot aimpoint for a rifle, six high-end hard drives from Intel, a GPS rescue device for sailors. These are uncommon requests for Santa Claus to receive, even from adults. This list is real though, and part of a much longer wish list of money launderers who instruct mules to ship expensive goods to Russia
Flashlight App Maker Settles Over FTC Privacy Allegations(Threatpost) The makers of a popular Android flashlight application have settled with the Federal Trade Commission over allegations that they covertly tracked the locations of the "Brightest Flashlight Free" users and sold that information to advertising firms
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
FloCon2014(Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...
NASA Langley Cyber Expo(Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.