The US Department of Energy sustains a "sophisticated" cyber attack. Just how the attackers got into the Department's servers is unclear, but an official letter admonishes employees and contractors to encrypt files and emails that contain personally identifiable information. Some officials are quoted on background as blaming Chinese espionage services, but no firm attribution has been made. (See also the stories below on the US Administration's views concerning cyber conflict with China, and on its reservation of a right to preemptive cyber attack.)
Several retail exploits are circulating. Anonymous exposes 4000 bankers' personal information (logins, passwords, phone numbers), bogus income tax emails carry a malware payload, a "Lucky Thirteen" exploit recovers plaintext of authentication cookies.
Further investigation of attacks on US newspapers suggests that the perpetrators were politically motivated. A lesson is drawn from the Red October campaign: monitor data, not just endpoints and perimeters. And we might draw some encouragement from Lockheed Martin's successful parry of 2011's RSA hack: the company's security team concludes that it's more important (and affordable) to keep intruders from getting anything of value than it is to keep them out.
Oracle patches fifty Java bugs, and Apple restores patched Java to OS X.
In industry news, Dell's board votes to take the company private. Microsoft and Huawei launch a joint venture to sell smartphones in Africa. Startup Silent Circle offers an advanced peer-to-peer encryption app designed to enable secure ("silent") file sharing. Sophos observes Safe Internet Day by offering tips on protecting children online.
Today's issue includes events affecting Angola, Canada, China, Egypt, Estonia, Finland, Israel, Ivory Coast, Kenya, Morocco, Nigeria, Romania, South Africa, United States..
Cyber Attacks, Threats, and Vulnerabilities
Department of Energy hit by 'sophisticated' cyber-attack(Daily Mail) The U.S. Department of Energy suffered a major security breach after a large cyber-attack that targeted computer networks, it was revealed today. The Washington Free Beacon reported that an unknown group targeted the government organization two weeks
Hackers breach U.S. Energy Department networks(Help Net Security) Notifications sent out to employees and contractors of the U.S. Department of Energy have confirmed that it and its networks have been the latest victim of "sophishicated [sic] hackers" in search of confidential
Department of Energy hack exposes major vulnerabilities(CSO) Security experts say damage probably not serious, but that the implications are. The U.S. Department of Energy (DoE) is the latest federal agency to become the victim of a cyberattack while not immediately being aware of it. Several security experts say the intrusion was unlikely a prelude to what outgoing Secretary of Defense Leon Panetta has warned is a coming "cyber Pearl Harbor" aimed at the U.S. But, they said it is serious all the same, because it shows how vulnerable critical government departments are to espionage
Anonymous posts personal data of 4,000 bankers online(CSO) Logins, passwords, phone numbers included in the info made public. Personal information on some 4,000 people in the banking industry, including bank officers, was posted online Sunday by the hacker collective Anonymous. The list was initially posted to the website for the Alabama Criminal Justice Information Center (ACJIC), then apparently taken down by that site's operators. The ACJIC did not respond to a request for comment about the incident
Malware Strikes With Valid Digital Certificate(CSO) One of the foundational elements of ecommerce is the web of trust enabled by digital certificates. When you go to a web site, you can feel confident that it's legitimate because it has a certificate from a recognized certificate authority that validates it. But the certificates themselves can be vulnerable. Case in point: Security firm Malwarebytes recently discovered some malware in the wild with a valid, signed digital certificate. "One of our security researchers identified this piece of malware," says Jerome Segura, senior security researcher at Malwarebytes. "It's a typical Trojan with one peculiarity: It was signed, and unlike a lot of malware that uses signatures, this one was valid"
An expose of a recent SANS GIAC XSS vulnerability(Internet Storm Center) Last week (30 JAN) Attrition.org (@SecurityErrata) tweeted that the SANS GIAC site was susceptible to cross-site scripting (XSS) via the search field.
XSS is, without question, a vulnerability almost every web application will or has suffered at some point. One need only read Attrition's OSVDB, Secunia Advisories, or Whitehat's website statistics reports to get a feel for how prevalent the issue is. There are many reasons why the vulnerability is #2 on OWASP's Top 10 and SANS, like so many others, is no stranger to the issue as Johannes Ullrich (Dr. J) points out in his ISC Diary entry from 12 JUN 2012
'Lucky Thirteen' attack snarfs cookies protected by SSL encryption(Ars Technica) Exploit is the latest to subvert crypto used to secure Web transactions. Software developers are racing to patch a recently discovered vulnerability that allows attackers to recover the plaintext of authentication cookies and other encrypted data as they travel over the Internet and other unsecured networks
URL detection flaw causes OS X apps to crash(CSO) Over the weekend, reports of a rather curious OS X bug were reported with a mixture of amusement and surprise. Affecting only recent versions of Mountain Lion--including, according to some reports, as-yet unreleased betas of the operating system--the bug manifests itself in the form of a crash every time you type File:/// (with an uppercase F) inside most standard text input controls like those you can find in a Web form or in text editors like TextEdit
Left Behind: Out-Of-Date Androids At Risk(Dark Reading) Researcher calls out mobile providers for not pushing regular updates to many Android devices. Mobile security researchers may be hunting bugs in Android mobile device software, but it doesn't take a zero-day attack to compromise most of those devices today
Red October: The hunt for data(Help Net Security) The recent discovery of the Red October malware has focused a lot on its effects, but inadequate attention has been given to its purpose - which successfully evaded anti-virus and network intrusion detection
The rise of mobile advertising malware toolkits(Help Net Security) In Q4 2012, FortiGuard Labs has highlighted malware samples that show four typical methods cybercriminals are using today to extract money from their victims. In addition, the report shows increasing
How the RSA Attackers Swung and Missed at Lockheed Martin(Threatpost) The attack that resulted in the compromise of RSA's SecurID database in 2011 had a lot of ramifications and sent shockwaves through much of the security industry. But it could have had much broader consequences had the security team at Lockheed Martin not discovered the same attack team on its own network and taken actions to shut them down
Security Patches, Mitigations, and Software Updates
Apple, Oracle restore Java on OS X(CSO) Java browser plug-in functionality restored to Snow Leopard, Lion and Mountain Lion after latest blacklisting. Apple on Friday shipped an update to Java 6 for Mac users running OS X Snow Leopard, matching Oracle's cadence for Java 7, which was patched the same day
Single Sign-On Increasingly Connected In The Cloud(Dark Reading) Behind the scenes, identity and access solution providers continue a broad effort to integrate to cloud services, the biggest hurdle to SSO adoption. The difficulty in integrating single sign-on with service providers almost spelled the end to the ambitions of e-learning firm Edulabs Global Learning Solutions
Why media companies stink at security(CSO) Recent attacks on the New York Times and other papers reveal a security weakness I'm all too familiar with. I've been following the recent attacks on The New York Times and other newspapers with much interest in recent days. It's yet another snapshot of how much trouble China will continue to be in the years to come and elevates the discussion on state-sponsored cyber attacks to new levels. But as someone who has worked in the media for almost 20 years, I'm interested in this story because it exposes an uncomfortable truth I've actually known about for some time
Frost warns M2M roaming challenges pose 'significant obstacle' to enterprise adoption(Fierce Mobile IT) Machine-to-machine connectivity roaming challenges are the "most significant obstacles to enterprise adoption" of M2M technology, said Yiru Zhong, senior industry analyst with Frost & Sullivan. These challenges arise because providing global connectivity for M2M devices relies on partners for communication to the home network. M2M roaming challenges include identity management and security, configuration management, and service layer and connection management for M2M roamers, according to a white paper by the Connected Device Forum
Gartner: Enterprise IT will accept Apple Macs next year the way PCs are accepted today(Fierce Mobile IT) By next year, Apple (NASDAQ: AAPL) Macs will be as accepted by enterprise IT as Microsoft (NASDAQ: MSFT) PCs are today, predicted David Mitchell Smith, vice president and fellow at research firm Gartner. "Apple will continue to benefit from consumerization and will continue to evolve Macs to take on more iOS characteristics, which will contribute to acceptance of Macs in the enterprise," Smith observed
Law enforcement slow to adopt cloud computing(Fierce Government IT) Cloud computing adoption remains low among law enforcement agencies, according to the results of a survey unveiled Jan. 31. According to a Ponemon Institute survey (.pdf) of 272 officials, most of them chief executives of police or sheriff departments, 46 percent of law enforcement agencies are not considering utilizing cloud computing. Thirty-eight percent say they're considering it, or planning for adoption within the next 2 years, and 16 percent say they use it now. Ponemon did the survey at the behest of the International Association of Chiefs of Police and cloud computing promoter SafeGov
Hidden Secrets Of Spending(Wall Street Journal) While the debate rages over the size of government, a funny thing has been happening: Quietly, government has been shrinking
NASIC 'Vital' To U.S., Intelligence Chief Says(Dayton Daily News) The leader of the nation's military intelligence agency toured the National Air and Space Intelligence Center to learn more about the secretive center's missions, and how massive defense cuts might impact capabilities officials said are vital to national security
Accenture CEO Pierre Nanterme Adds Board Chairman Title(Govconwire) Accenture (NYSE: ACN) CEO Pierre Nanterme has succeeded William Green as chairman of the board of directors, effective Friday. Green, whom Nanterme succeeded as CEO in January 2011, retired from the company. "I am honored to take on the additional role of chairman," Nanterme said "I want to thank Bill Green, once again, for his
Cubic Promotes CFO William Boyle To CEO, Bradley Feldmann COO(Govconwire) Cubic Corp.'s (NYSE: CUB) board of directors has promoted Chief Financial Officer William Boyle to president and CEO in a series of executive moves, Cubic announced Friday. Boyle, who also held the executive vice president title, has served as interim president and CEO of the San Diego-based firm since the death of founder and former
Dell Goes Private In $24.4 Billion Leveraged Buyout Deal By Michael Dell And Partners(TechCrunch) Dell has indeed made the decision to go private, according to reports today from The AP and other sources. The deal reportedly involves a leveraged buyout worth $24.4 billion by company founder Michael Dell and partners. Talks about Dell going private have been growing this year, with reports last week saying that Michael Dell was offering up to $1 billion of his own funds to take control of the
VMware Vs. Microsoft: The Next Chapter(InformationWeek) Microsoft has already some stolen some VMware customers and there will be more to come. But some watchers missed the early success of software-defined data center buried in VMware's Q4 numbers
Nokia 'looking closely' at tablets, with 'first focus' on Microsoft's platform(Ars Techica) Nokia CEO says Samsung's rise vindicated his decision to use Windows Phone. A Nokia-built, Windows-powered tablet has been rumored before, and it's being rumored again. Speaking in Sydney, Nokia CEO Stephen Elop said the company planned to "broaden its portfolio," and tablets were something Nokia was "clearly looking at very closely," reports the Australian Financial Review
Autonomic Resources Unveils Federal Cloud Stack Portfolio(The New New Internet) Autonomic Resources will offer agencies private cloud stacks as part of the company's cloud platform offering for U.S. government customers, the company announced Friday. The company's ARC-P cloud provides U.S. agencies a government community infrastructure-as-a-service cloud offering, designed to provide agencies both managed and unmanaged virtual machine
OpenDNS Offers Security Researchers Free Service For Tracking Cybercrime, Cyberespionage(Dark Reading) Red October, PayPal phishing campaign connection discovered via new OpenDNS service for researchers. An OpenDNS executive here today will announce that the DNS and security service provider is offering security researchers free access to its Internet and DNS traffic data and analysis: the idea is to provide researchers with a more global view of malware, botnets, and advanced threats rather than just a snapshot or slice of the activity
Facebook may create a passive location-logging app(Ars Technica) A new app is in the works to track users' whereabouts. Facebook is planning an app that tracks the location of users, according to a report from Bloomberg. The feature would be able to run on a handset even when the app isn't open, and it may be used to help the company target ads based on location
iOS 6 untethered jailbreak released, Cydia app store flooded(CSO) The latest jailbreak works for the iPhone, iPod touch, iPad and iPad mini models on iOS 6.0 through 6.1. Apple modders can rejoice: The latest jailbreak software for iOS 6 was released on Monday. The jailbreak is the result of months of work by a four-man computer security research team called the "Evad3rs." They probed Apple's latest OS to find a string of vulnerabilities that would allow an untethered jailbreak, or one that can be installed without the device being connected to a computer
Windows 8 Outlook: Murky At Best(InformationWeek) Based on the latest numbers, Microsoft should slash prices on both Surface RT and Windows 8 to motivate sales, some analysts say
Sophos updates mobile device management for Android(Help Net Security) Sophos announced Sophos Mobile Control 3.0, which is offered both on-premise and as-a-service. It includes support for Samsung SAFE devices, granting control over how devices are used and making BYOD
Canada Joins The DNSSEC Party(Dark Reading) Implementing DNSSEC will take some effort, but it plays an important role in securing the future Internet. So what is the big deal about Canada signing its .ca ccTLD? To Canada, it is a big deal to configure its DNS (domain name system) server to respond to DNSSEC lookups because it is the 99th country to do so. Ninety-nine is also the hockey jersey number of the immortal Wayne Gretzky. Not to mention, DNSSEC signing the .ca ccTLD adds another layer of protection from cybercriminals looking to steal data or send spam. Clearly there is a lot to be excited about and a mysterious numerological connection
Securing your website: A tough job, but someone's got to do it(Ars Technica) Website breaches can be devastating to your business—here's how to prevent them. In 2006, members of a notorious crime gang cased the online storefronts belonging to 7-Eleven, Hannaford Brothers, and other retailers. Their objective: to find an opening that would allow their payment card fraud ring to gather enough data to pull off a major haul. In the waning days of that year they hit the mother lode, thanks to Russian hackers identified by federal investigators as Hacker 1 and Hacker 2
Top 10 tips to keep your kids and teens safe online(Naked Security) Today is Safer Internet Day. And with 86% of 7-11 year olds and 96% of 11-19 year olds communicating online it's important everyone knows how to stay safe. So here are some tips for you to pass on to youngsters to make sure they're clued up about their online safety
Design and Innovation
The Next Global Smartphone Revolution: Made in Taiwan(Wired) MediaTek chips will drive a wave of global smartphone sales. There are almost 7 billion people on the planet, only 1 billion or so of whom have a smartphone. That means 6 billion people do not have one. The biggest tech company you've never heard of wants to flip that statistic, and in so doing make 2013 the year it brings the world online
The Threat of Silence(Slate) Meet the groundbreaking new encryption app set to revolutionize privacy and freak out the feds. For the past few months, some of the world's leading cryptographers have been keeping a closely guarded secret about a pioneering new invention. Today, they've decided it's time to tell all
Harvard will just be 'a dating service' when robots rule the US(Quartz) The FT's Edward Luce penned a piece opining on what the inevitable conflict between the US economy and Skynet will mean for working stiffs across the globe's biggest economy. But in an interesting aside he spotlights how technology is already turning the world of US higher education upside down
Legislation, Policy, and Regulation
Who protects the Israeli civilian home front from cyber attack?(Haaretz) Gil Sharon, the CEO of cellular operator Pelephone, on Monday rushed to rule out the possibility that the failure of his company's cellular network on Sunday was caused by hacking or another form of cyber attack. Sharon made his comments even though he
US in Growing Cyber War With China?(Fox Business) To defend against it so defense cuts across the board maybe not such a good idea we are doing things not may be enough cyber command
Obama can 'order pre-emptive cyber-attack' if US faces threat(ZDNet) At a time where the U.S. continues to work on its cyber-warfare strategy, a 'secret legal review' of the use of America's cyber-arsenal has concluded that the U.S. government can launch a cyber-attack against a threatening nation if the country needs
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
North American ICS & SCADA Summit(Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
NRO Winter Way Forward Conference(Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
CanSecWest 2013(Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
AFCEA Belvoir Industry Days 2013(National Harbor, Maryland, USA, April 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Information Tech Expo Series - Hawaii(Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
23rd Annual Government Procurement Conference(Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...
Consumerization of IT in the Enterprise Conference and Expo(San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.