Mac users cannot validate McAfee apps they wish to install on their devices—a McAfee administrator inadvertently revoked the necessary digital key early last week—and they'll have to wait for McAfee to complete resigning its apps. (Some users report being told to "just allow untrusted certificates," but McAfee brass is quick to disavow such rash advice.)
The Adobe zero-day is implicated in a recent spearphishing campaign against aerospace companies. (One vector was a widely circulated IEEE conference schedule.) Other infected pdfs used a decoy document technique—after infection was complete, the vector replaced itself with an innocent version, thereby covering the attacker's tracks. Adobe's workaround—use Protected View—works for Windows, but Mac and Linux users have no good alternatives yet.
A Trustwave study points out that many attacks take months to detect, and here's an example: the Los Angeles Times' "Offers and Deals" sub-domain began redirecting visitors to the Blackhole exploit kit back on December 23, 2012.
China's Uyghurs—often out-of-favor with the government—experience a spike of spearphishing attacks. Social media, including Twitter and Facebook, are being used elsewhere for phishing. Raytheon's RIOT social media surveillance tool continues to spook international media.
ENISA thinks cloud computing holds great promise for critical infrastructure protection. (For counterpoint, see Bruce Schneier on security's return to a feudal model.)
US President Obama's cyber executive order seems to pass muster with privacy advocates (like the ACLU), but others see it as indefinitely expanding the definition of "critical infrastructure" and misapplying risk analysis.
Today's issue includes events affecting Australia, China, Germany, Iran, Russia, United States..
Cyber Attacks, Threats, and Vulnerabilities
A world of hurt after McAfee mistakenly revokes key for signing Mac apps(Ars Technica) Just allow untrusted certificates, one customer told. A McAfee administrator accidentally revoked the digital key used to certify desktop applications that run on Apple's OS X platform, creating headaches for customers who want to install or upgrade Mac antivirus products. A certificate revocation list [CRL] hosted by Apple Worldwide developer servers lists the reason for the cancellation as a "key compromise," but McAfee officials said they never lost control of the sensitive certificate which is used to prove applications are legitimate releases. The revocation date shows as February 6, meaning that for seven days now, customers have had no means to validate McAfee applications they want to install on Macs
Adobe Zero-Day Attack Bypasses Sandbox(InformationWeek) Adobe fumbles on the security front by not enabling -- by default -- technology built into its PDF Reader and Acrobat that would have blocked the current attacks
Adobe 0-days used for IEEE aerospace spearphishing attacks(CSO) Attackers using the zero day Adobe Flash flaws patched last week delivered the exploits with a spearphishing email aimed at the aerospace sector, according to security researchers. Security firm Alien Vault on Friday published details confirming the exploits underpinned a targeted campaign against US aerospace companies and industry
Phishing campaigns run rampant on social networks(Help Net Security) In January, GFI threat researchers identified a number of social network-based cybercrime attacks, including phishing messages on Twitter and Facebook, as well as malicious spam messages disguised as
LA Times website redirected users to exploit kit for over six weeks(Help Net Security) A sub-domain of Los Angeles Times' website has been redirecting visitors to compromised websites hosting the latest version of the Blackhole exploit kit for over six weeks (since Dec. 23, 2012), says Brian Krebs, and estimates that some 325,000 visitors were exposed to the attack. Alerted to the fact that something was wrong with OffersandDeals.latimes.com by some of its readers, he investigated the matter with the help of Avast's director of threat intelligence Jindrich Kubec, who checked it and confirmed that the tips were, indeed, true and correct
Cyber Attacks Against Journalists Are On The Rise, Says Advocacy Group(TechCrunch) More journalists are now the target of cyber attacks, said the Committee to Protect Journalists. CPJ deputy director Robert Mahoney said cyber attacks on individuals and news organizations have increased notably over the past few years and that the practice serves as easy and inexpensive censorship. In a press conference with reporters, Mahoney cited the recent attacks on The New York Times and
China, Iran cyber attacks on US rising: lawmaker(Sydney Morning Herald) China and Iran are intensifying cyber assaults against the US, the head of the House Intelligence Committee said as he pressed for legislation to encourage companies to share information on hacker threats. China's cyber espionage effort targeting US industrial secrets "has grown exponentially both in terms of its volume and damage it's doing to our economic future," the intelligence panel's chairman, Mike Rogers, said at a hearing Thursday. "We have no practical deterrents in place today"
World In The Net Of Total Spying – OpEd(Eurasia Review) Posting their personal photos with various comments on line, most users do not give a thought to the fact that they willingly place themselves under the control of a large number of interested individuals and organisations. Several companies specializing in software are developing programmes for monitoring people's activities with the help of information posted in open access on the websites of social networks. This kind of work is usually done secretly, so as to avoid unnecessary discussions. The Guardian recently reported about the latest RIOT software (Rapid Information Overlay Technology) developed by the US defence company Raytheon
Security Patches, Mitigations, and Software Updates
Serious data breaches take months to spot, analysis finds(Network World) One in five incidents take years to detect, Trustwave says. More than six out of ten organisations hit by data breaches take longer than three months to notice what has happened with a few not uncovering attacks for years, a comprehensive analysis of global incidents by security firm Trustwave has found
Mobile network infections increase by 67 percent(Net Security) Kindsight released a new report that reveals security threats to home and mobile networks, including a small decline in home network infections and an increase in mobile network infections. Highlights include:The rate of home network infections decreased from 13 to 11 percent in Q4; 6 percent exhibited high-level threats, such as bots, rootkits and banking Trojans. The ZeroAccess botnet continued to be the most common malware threat
Infosec pros don't trust their own networks(Help Net Security) A SafeNet survey of 230 United States security professionals, revealed that, despite continued investments in network perimeter technologies, respondents are not confident that they are employing the
When It Comes to Security, We're Back to Feudalism(Bruce Schneier) Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether…for Facebook
ISACA cyber security survey reveals that one in five enterprises has experienced an APT attack(Business Wire) A global cyber security survey of more than 1 500 security professionals found that more than one in five said their enterprises have experienced an advanced persistent threat (APT) attack. According to the study by global IT association ISACA, 94% say APTs represent a credible threat to national security and economic stability, yet most enterprises are employing ineffective technologies to protect themselves
Telcos begin formal big data push(FierceBigData) For an industry that has long had the means, as well as the historical and real-time data necessary to pull off big data analytics, and has actually dabbled in it, telecom has taken its time jumping on the bandwagon and driving its adoption
Sequestration Furloughs Won't Begin Before April(GovExec.com) Carter said the Pentagon would likely be forced to furlough most civilian employees for one day each week for up to 22 weeks. As a sign of solidarity, Carter said he would cut his own salary by 20 percent if his employees do in fact face furloughs, despite personally being exempt from the sequester
Cabinet Officials Caution Against Automatic Cuts(Washington Post) Already, the Pentagon has taken steps to trim spending in preparation for the possible sequester, including implementing a hiring freeze and slashing operating costs on military bases
Senate Democrats Offer A Proposal To Head Off Automatic Cuts(New York Times) Senate Democratic leaders reached agreement Thursday on a $110 billion mix of tax increases and spending cuts to head off automatic spending cuts through the end of the year. But with even some Democrats tepid on the proposal, the chances of a deal before the March 1 deadline have receded
P&G CIO: There's A Better Way To Create Software(InformationWeek) Procter & Gamble CIO Filippo Passerini thinks cooperation among the likes of Disney, FedEx and Goldman Sachs could push software vendors to build more relevant analytics software --and build it faster
Products, Services, and Solutions
Facebook Blocks Perverts From Graph Searching For Kids(TechCrunch) Facebook has coded some special rules into Graph Search to make sure shady adults can't stalk minors. Today Facebook clarified that searches that could identify kids under 18 by age or location won't return any results for strange adults
Qualys and iViZ partner on cloud-based web application security(Help Net Security) Qualys announced its partnership with iViZ to help companies ensure and validate the security of their web applications and web sites. The partnership combines the automated testing of QualysGuard Web Application Scanning (WAS) with iViZ Penetration Testing Technology, coupled with manual testing to provide organizations with scalable solutions to protect web sites and web applications against possible attacks
HP Eyes Android For Tablets, Smartphones(InformationWeek) HP is getting trounced by competitors in the mobile market and reportedly plans to respond by adopting Google's Android platform for tablets and smartphones
Are Businesses Waiting For Windows 9? (InformationWeek) Analysts don't expect Windows 8 to establish enterprise dominance -- but Microsoft's real problem continues to be lack of enthusiasm from consumers
Technologies, Techniques, and Standards
More Intelligent Services Help Rein In Security Policies(Dark Reading) From managed services to threat intelligence, companies are using security services to create better policies, as well as manage and tune existing ones. Companies are used to buying maintenance service agreements for their networking and security infrastructure. Increasingly, however, companies are relying on an array of services to help them establish better policies and translate those strategic guidelines into technical ones
Modular system development mitigates risk, says Werfel(FierceGovernmentIT) Federal agencies should embrace modular development because it lessens the dangers of information technology project failure, said Daniel Werfel, federal controller for the Office of Management and Budget
Supplementing big data with crowdsourcing(FierceBigData) An image developing of big data is of the lone, but brilliant, data scientist employed as the seer and overlord of all corporate data, creating algorithms that manipulate libraries full of data in an instant and bringing forth remarkable new insights. Yeah, that's not how it happens
New reference architecture from MapR, HP(FierceBigData) MapR Technologies, Inc. and HP have given the big data market something it has been looking for. They collaborated on a new reference architecture for big data workloads. The technology, known as the HP (NYSE: HPQ) Reference Architecture for MapR M5, can be used by customers to accelerate performance and improve efficiency in a broad set of use cases across any industry, according to the announcement
Tech Insight: New CA Group Has Big Names, Small Impact(Dark Reading) The Certificate Authority Security Council will promote new technologies and best practices in the PKI, starting with improving certificate revocation-checking, but any changes that would have a real effect soon are too disruptive to consider
Design and Innovation
Could Smart-Watches Replace Passwords as Authenticators?(Threatpost) Good passwords are hard to remember while passwords that are easily remembered are often just as easily guessed. Therein lies the reason passwords are such a security headache. The race to replace passwords is ever-present in the security industry, and the newest entrant is the smart-watch. "If the [iWatch] would do nothing but free me from having to enter pass codes, I would buy it even if it couldn't tell the right time!" says Bruce Tognazzini, usability engineer and human-computer interaction expert
Legislation, Policy, and Regulation
Australia's National Security Paper: A Case Of Lost Opportunities? – Analysis(Eurasia Review) Australian Prime Minister Julia Gillard delivered a statement about the country's national security policy to a carefully selected crowd of defense, public service, and academic personnel at the Australian National University late last month. The 58-page paper entitled 'Strong and Secure: A Strategy for Australia's National Security' supersedes the last one given by former Prime Minister Kevin Rudd back in 2008 and it is considered a supplement to Australia in the Asian Century, a white paper presented by Premier Gillard last October. The paper outlines the country's assessment of priorities, risks, and capabilities
Putin orders setting up of anti-hacker defence(Hindustan Times) Russian President Vladimir Putin has personally instructed the Federal Security Service (FSB) to promptly set up a unified system to detect and counter computer-hacking attacks on Russia's IT resources. In the near future, we need to set up a unified system for detecting, preventing and defending against computer attacks on Russia's information (technology) resources," Putin said at a meeting of the FSB
DHS and NIST sign cybersecurity agreement(FierceGovermentIT) The Homeland Security Department's National Protection and Programs Directorate and the National Institute of Standards and Technology say they'll work together more closely on cybersecurity issues following a memorandum of agreement the two agencies signed earlier this month
CISPA backers reintroduce bill; privacy advocates quick to reiterate criticism(FierceGovermentIT) Backers of a controversial cybersecurity bill approved by the House in April 2012 reintroduced it again Feb. 13 for consideration by the new Congress. The Cyber Intelligence Sharing and Protection Act (H.R. 624) would create a mechanism for the private sector to share with the federal government cyber threat information--the Homeland Security Department, or another federal agency. Critics such as the Center for Democracy and Technology say the bill language creates an avenue for information on American Internet users to go to the intelligence community, a criticism CDT President Leslie Harris reiterated soon after the bill's reintroduction
PPD 21: Extreme Risk Management Gone Bad(Forbes) On Tuesday, February 12, 2013, President Obama issued Presidential Policy Directive 21: Critical Infrastructure Security and Resilience. PPD 21 represents my worst nightmare: the misguided mantra of management consultants writ large. How large? The entire Federal juggernaut is to be roped into a tangle of coordination, data exchange, R&D, and risk management to address ephemeral threats to critical infrastructure. It even stretches around the world to include governments that may host critical facilities and assets of the United States
Cooperation seen as crucial in facing US cyber threats(Reuters) House Intelligence Committee Chairman Mike Rogers of Michigan reintroduced his cyber-security bill on Wednesday with a pledge there would be no schism with the White House over the issue. Obama threatened to veto the bill in 2012, citing lax safeguards
Cybersecurity framework could be mandatory for some companies(FierceGovermentIT) Adoption of the cybersecurity framework called for by an executive order on cybersecurity signed by President Obama on Feb. 12 might not be voluntary for companies regulated by federal agencies with authority to require adoption--specifically those "agencies with responsibility for regulating the security of critical infrastructure," the executive order says
New High-Tech Warfare Medal Draws Backlash(Army Times) The Pentagon sparked an uproar among troops and veterans when it revealed that a new high-level medal honoring drone pilots will rank above some traditional combat valor medals in the military's "order of precedence."
Litigation, Investigation, and Law Enforcement
Facebook Wins Court Challenge In Germany Against Its Real Names Policy(TechCrunch) Facebook has won a court challenge against its real names policy in Germany. Yesterday an administrative court in the North of Germany granted Facebook's request for "suspensive effect" against a ruling made by Schleswig-Holstein's Data Protection Commissioner that Facebook was violating German and European law
A Chinese Hacker's Identity Unmasked(BusinessWeek) Joe Stewart's day starts at 6:30 a.m. in Myrtle Beach, S.C., with a peanut butter sandwich, a sugar-free Red Bull, and 50,000 or so pieces of malware waiting in his e-mail in-box. Stewart, 42, is the director of malware research at Dell SecureWorks, a unit of Dell (DELL), and he spends his days hunting for Internet spies. Malware is the blanket term for malicious software that lets hackers take over your computer; clients and fellow researchers constantly send Stewart suspicious specimens harvested from networks under attack. His job is to sort through the toxic haul and isolate anything he hasn't seen before: He looks for things like software that can let hackers break into databases, control security cameras, and monitor e-mail
Bush Hacker's Victims Include U.S. Senator(The Smoking Gun) Republican Lisa Murkowski's Yahoo, Flickr accounts breached. As federal agents hunt for the culprit who illegally accessed several Bush family e-mail accounts, The Smoking Gun has learned that the hacker's victim list also includes a U.S. Senator, a senior United Nations official, security contractors in Iraq, two former FBI agents, and a Department of Defense supervisor
Successful ways of undermining cybercrime ecosystems(Help Net Security) Most cybercrime is carried out by a loose confederation of independent contractors who work together when necessary through online forums and "partnerkas" that allow them to pool their resources, but these online criminal networks can be foiled, according to a new report by the Digital Citizens Alliance. The report sheds light on how global organized crime leverages the Internet for scams and other schemes that hurt consumers. It also highlights recent examples in which others have weakened the glue that binds these criminal communities together by undermining trust relationships, isolating and apprehending key members, and making it more difficult for them to receive payment for their crimes
The privacy implications of big data(FierceBigData) Although the term big data is likely one that lawyers and business managers have heard, its impact on privacy is one they still need to understand, says David Navetta, one of the founding partners of the Information Law Group. While its potential uses and benefits are endless, he said, "Big data also poses some risk to both the companies seeking to unlock its potential, and the individuals whose information is now continuously being collected, combined, mined, analyzed, disclosed and acted upon." Even the best definitions of big data are abstract from a legal standpoint, Navetta said
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
NRO Winter Way Forward Conference(Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
CanSecWest 2013(Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
SANS Cyber Threat Intelligence Summit(Washington, DC, USA, March 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful...
AFCEA Belvoir Industry Days 2013(National Harbor, Maryland, USA, April 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Information Tech Expo Series - Hawaii(Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
23rd Annual Government Procurement Conference(Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...
Interop Las Vegas(Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...
Consumerization of IT in the Enterprise Conference and Expo(San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.