Reports from the region indicate that eleven private banks in Israel have been hit by a denial-of-service campaign mounted by Tunisian hacktivists. The cause is, as usual, support of Palestine.
Cyber criminals are selling counterfeit (and risky) versions of popular Android and iOS apps.
Network Time Protocol (NTP) attacks spiked last week, but seem now to have trailed off. The threat is nonetheless worth considering: the NTP version of a distributed denial-of-service attack abuses the monlist command in older versions of NTP, sending a small, spoofed query that requests a large amount of data. Symantec recommends either disabling monlist or upgrading NTP implementations to current versions.
Thieves in Europe are compromising ATMs by physically drilling into them, installing malware, patching the hole, then returning at some later time to withdraw cash illicitly from the terminal. The hack withdraws whatever cash a particular machine holds rather than draining customer accounts.
Scammers posing as recruiters infest LinkedIn at increasing rates. Hackers have shut down League of Legends and other massively multiplayer online game sites; in some cases they may have swatted players (that is, summoned police to a residence with a spoofed distress call—a very dangerous prank).
In industry news, disappointed vendors are swamping the US Department of Homeland Security's EAGLE II contract with protests. Midsized firms are showing an increased need (and appetite) for encryption technology.
US military services reduce their cyber attack surface by consolidating network access points: the Air Force has fused 120 such points into 16 gateways.
Today's issue includes events affecting Australia, India, Indonesia, Israel, Japan, Taiwan, Tunisia, United Kingdom, United States..
The CyberWire will take a holiday tomorrow on New Year's Day. We'll resume normal publication Thursday. A happy new year to all our readers.
Cyber Attacks, Threats, and Vulnerabilities
11 Israeli Bank Websites Taken Down by Anonymous Tunisia and AnonGhost(Hack Read) Hacktivists going with the handles of Anonymous Tunisia and AnonGhost have taken down websites of 11 private Israeli banks in a DDoS attack. Anonymous Tunisia left a list of websites belonging to 11 different Israeli banks which were taken down few hours ago in support of Palestine. In a Tweet by Anonymous Tunisia, it was claimed that: This is just a just a beginning, this is just phase 1
Beware of counterfeit versions of top Android, iOS apps(Tech Hive) Cybercriminals are using third-party app sites to peddle reverse–engineered versions—essentially counterfeit or pirated—of almost all the most popular paid apps available on the Google Play and Apple App Stores, software firm Arxan has discovered
Attackers Wage Network Time Protocol–Based DDoS Attacks(Dark Reading) Attackers have begun exploiting an oft–forgotten network protocol in a new spin on distributed denial–of–service (DDoS) attacks, as researchers spotted a spike in so–called NTP reflection attacks this month
BBB warns job seekers of LinkedIn scams(Daily Journal) With many job seekers using LinkedIn to market themselves to potential employers, scammers also are finding ways to exploit the site by posing as recruiters, Better Business Bureau (BBB) warns
Even tiny microSD cards have chips that can be hacked(BGR) Andrew "bunnie" Huang and Sean "xobs" Cross have discovered a way to hack even the small microSD cards that go inside current smartphones and tablets to increase their storage, as well as other flash–based memory solutions, presenting their findings at the Chaos Computer Congress (30C3). In a detailed blog post on bunnie:studios, Huang explained how the hack works, and why many flash cards are susceptible to being hacked and used for malicious purposes by people who are aware of this particular potentially serious security vulnerability
Another look at a cross–platform DDoS botnet(Semper Securus) I learned from a recent "Malware Must Die" post about a Linux malware sample that is associated with DNS amplification attacks. As mentioned in the MMD post, several researchers have posted on this, or similar malware. Since I'm particularly interested in Linux malware, especially if it has a DDoS component, I thought I'd also take a look
Mannix Marketing Acknowledges Data Breach(eSecurity Planet) Personal and credit card information for customers of Saratoga Sweets, Barkeater Chocolates, Olde Bryan Inn and Coffee Planet may have been exposed
UK CPNI Releases Spear Phishing Paper(US–CERT) The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has recently released a paper titled "Spear Phishing — Understanding the Threat;" this document provides guidance on how spear phishing attacks work, whether you are likely to be a target, and the steps organizations can take to manage the risks. CPNI is the UK's government authority for providing physical, personnel and information security advice to critical national infrastructure. US–CERT encourages users and administrators to review the CPNI document as well as US–CERT ST04-014, "Avoiding Social Engineering and Phishing Attacks"
Cyber Threats 2013: From Snowden to the Hunt for Red October(International Business Times) The last 12 months have seen the rise of mobile malware, the pernicious CryptoLocker ransomware and the emergence of Stuxnet's little sister. We look at 10 stories which encapsulate the turbulent and dramatic year that 2013 was in cyber security
9 Notorious Hackers Of 2013(InformationWeek) This year's hacking hall of shame includes members of Anonymous and the Blackhole cybercrime gang, plus state–sponsored groups
More companies file EAGLE II protests(Federal Times) The Department of Homeland Security's seven–year, $22 billion Eagle 2 information technology contract is getting buried under vendor protests, according to the Government Accountability Office
David Wolf, Fiona Barshow Named DNC Federal Civilian VPs(GovConWire) David Wolf, a 20-year project management veteran, has been appointed to serve as vice president of federal civilian programs at Data Networks Corp. Wolf will be responsible for executing business programs and growth strategies and overseeing customer satisfaction in federal civilian markets, DNC said
Beginners' Guide To PGP(Bitcoin not Bombs) If you are new to Bitcoin it's likely you've heard some terms thrown around by Bitcoiners that you have no idea what they mean—PGP, Tor, VPN, OTR, etc. In most cases these are referring to various technologies that people use to protect their data and communications
Ex–NSA chief calls for Obama to reject recommendations(USA Today) Retired general Michael Hayden, former director of the National Security Agency and the Central Intelligence Agency, called on President Obama Monday to show "some political courage" and reject many of the recommendations of the commission he appointed to rein in NSA surveillance operations
Cyber spying? China points finger at US(The Hill) Congress is doubling down on its criticism of alleged Chinese cyber attacks despite recent revelations that the U.S. is engaged in massive spying of its own
U.S. Senator Issues Letter To Top 5 Wireless Carriers Urging Kill Switch Adoption(TechCrunch) U.S. Senator Amy Klobuchar of Minnesota has today taken up the battle cry of numerous legislators before her, calling for wireless carriers to enable new anti–theft technology on handsets. According to the Senator, one–third of robberies involve cell phone theft, resulting in an estimated $30 billion in lost or stolen phones. That said, Klobuchar has written a letter to the heads of the
Target Breach: Senators Seek Hearing(BankInfoSecurity) Three Democratic senators are calling on the Senate Banking Committee to examine whether stronger cybersecurity standards are needed to protect consumer data following a breach at Target stores that affected as many as 40 million debit and credit cards
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
FloCon2014(Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...
NASA Langley Cyber Expo(Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
Cyber Training Forum at NGA(Springfield, Virginia, USA, February 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence...
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
The Insider Threat: Protecting Data and Managing Risk(Online, February 11, 2014) As recent events have demonstrated, the threats from inside government have the potential to be more harmful than the hacking activities of our enemies. Protecting sensitive government information from...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.