The Iranian-influenced Izz ad-Din al-Qassam Cyber Fighters failed to bring off Christmas denial-of-service attacks, but they did succeed in hitting Citigroup beginning December 26. (And of course the Cyber Fighters promise more to come.)
The Council on Foreign Relations' wasn't the only site exploited in Internet Explorer watering hole attacks: the Capstone Turbine Group was also used, and other compromised sites will probably turn up. Chinese hackers remain prime suspects. SANS's Internet Storm Center uses the attacks in an interesting case study on looking at vulnerabilities "through an attacker's eyes," and Microsoft publishes an official note on the zero-day exploit.
McAfee declared Anonymous to be in terminal decline, but Anonymous works to prove it has a lot of life left (and CSO agrees).
IT World predicts a major shift in cybercrime from the developed world to Africa, less surprising if one reflects on Africa's tendency to leapfrog technological stages, bypassing for example wired telecommunications for mobile. Sophos reports that 94% of US hospitals experienced a data breach in 2012, while only 45% saw the birth of quintuplets. (Who knew there were so many quintuplets?)
A compromise has temporarily kept the US from the "fiscal cliff," but evolving tax and budgetary policy will have profound consequences for business. RIM sells its cloud unit to focus on BlackBerry.
Scientific American runs an informative piece on SANS's "CyberCity," a material model for testing cyber effects on contemporary infrastructure.
South Korea anticipates minor rapprochement with the North (and Google executives show up in Pyongyang).
Today's issue includes events affecting Angola, Brazil, Burundi, Canada, Congo, Egypt, Greece, India, Indonesia, Iran, Israel, Italy, Japan, Kenya, Korea, Luxembourg, Nigeria, Rwanda, South Africa, Sudan, Tanzania, Uganda, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Post-Holiday DDoS Attack Hits Citi(Technology Banker) Financial organisations were lulled into a false security when no attacks happened on Christmas day, as previously warned by the hacktivist group, Izz ad-Din al-Qassam Cyber Fighter As Christmas day came and went without any report of any attacks, analysts even went as far as saying that financial organisations are now better equipped and therefore managed to counter any attack before it causes any interruption. However, it looks like their optimism is premature as Citigroup experience website interruptions on 26 December 2012 which started late afternoon that day. Commenting on the report, the bank's spokesman, Andrew Brent, refused to confirm that the high volume traffic and website interruptions experienced by its customers were caused by Distributed-Denial-of-Service attack
Number of Banks Targeted by DDoS Attacks May Increase(Security Bistro) The holidays have passed and its time to balance the ol checkbook. But wait Having trouble accessing your banks customer portal yet again? It may be a circumstance that we all need to become accustomed to as the extremist group Izz ad-Din al-Qassam Cyber Fighters are threatening to expand the number of financial institutions being targeted by Distributed Denial of Service (DDoS) attacks
New IE Zero-Day Attack Bypasses Key Microsoft Security Measures(Dark Reading) Aside from the drama of a New Year zero-day attack, the exploits highlight yet another APT-type attack employing drive-by website or so-called "watering hole" techniques. This is not your typical spearphishing APT attack, where the attackers use email
EMET 3.5: The Value of Looking Through an Attacker's Eyes(Internet Storm Center) So it's probably worth talking about the recent IE 8.0 0-day. While the use-after-free exploit specifically targets IE 6 through IE 8 web browsers, its worth of mentioning because of its widespread use in targeted attacks seen in the US, China, and Taiwan. The security company, Fireye found the exploit rigged on a compromised page on the Council on Foreign Relations website among other locations. As a defender, you probably find yourself asking the wrong question when it comes to defending against this exploit. Is there a patch available? What is the Microsoft approved Fixit solution until a patch can be developed? Is there an antivirus signature for it? Don't fret, as previously noted, Microsoft Tech Net has a temporary fix in place. While useful in preventing this specific attack, the fix is the wrong way of thinking about a solution to the bigger problem. As a defender, you need to start understanding that 0-day is out there
Cyber-attack 'stole secret trade info'(The Daily Yomiuri) Highly confidential documents related to sensitive trade negotiations are suspected to have been stolen from computers at the farm ministry, government sources said. The sources said a cyber-attack originating overseas is thought to have obtained more
HighTech Brazil HackTeam Hits Hundreds of Sites Worldwide(eSecurity Planet) Compromised sites included South African satellite TV service TopTV and the Greek National Printing Office. The HighTech Brazil HackTeam today welcomed the new year with a flood of attacks on several hundred Web sites worldwide, compromising the Web sites for the South African satellite TV service TopTV, the Greek National Printing Office, Indian wireless Internet provider Reliance Netconnect, and many other
LulzSec Peru Hackers Hit Argentina's Ministry of Defense(eSecurity Planet) LulzSec Peru recently defaced the Web site for Argentina's Ministry of Defense and published stolen data on AnonPaste. The following statement was posted along with the data dump: "According to statements by the DEPARTMENT OF ARGENTINA DEFENSE the computer systems area say they had a system impossible to hack, thing turned otherwise. The event should not be taken as terrorism, was for the simple fact to prove that the system was totally vulnerable
Anonymous Hackers: Expect Us in 2013(eSecurity Planet) Anonymous recently published a brief statement suggesting ways for new members to join the movement, including connecting on Twitter and IRC."Anonymous also posted a short video bragging of its dealings in 2012, including the temporary shutdown of the U.S. Department of Justice and other sites in protest of the U.S. government targeting MegaUpload," writes Maximum PC's Paul Lilly. "Also in the video are various clippings related to the organization's effort to thwart Westboro Baptist Church members from protesting the funeral of Newtown, Connecticut shooting victim Principal Dawn Hochsprung
APT Targets The Little Guy(Biztech2.com) APT Targets The Little Guy - In 2012, Imperva saw the continuing trend of smaller businesses being hit by cyber criminals
The NYSE's Year of Living Dangerously Ends With Yet Another Glitch(IEEE Spectrum) In an apropos finale, the New York Stock Exchange suffered one last trading glitch on New Year's Eve. According to Dow Jones Business News, the NYSE issued "an alert to traders at 3:19 p.m. EST that its equity market was experiencing an issue with one of its engines that matches 'buy' and 'sell' orders and that 26 issues were affected, including BBX Capital Corp. (BBX), Verso Paper Corp. (VRS) and TransAlta Corp. (TAC)
Security Patches, Mitigations, and Software Updates
Vulnerability in Internet Explorer Could Allow Remote Code Execution(Microsoft Security Tech Center) Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability through Internet Explorer 8. Applying the Microsoft Fix it solution, "MSHTML Shim Workaround," prevents the exploitation of this issue. See the Suggested Actions section of this advisory for more information
Microsoft issues quick fix for critical zero-day hole in IE(Network World) There seems to have been no rest for Microsoft over the 2012 holidays as it issued a quick fix for a zero-day IE vulnerability that attackers were actively exploiting via drive-by download attacks. It may have felt like a flashback for the company as
iPhone Do Not Disturb bug fix coming January 7(TrustedReviews) Apple has responded to a recent iPhone bug that has seen handset's 'Do Not Disturb' features failing to turn off when scheduled, suggesting the issues will continue until January 7. Sparked by the recent jump from 2012 to 2013, the new Do Not Disturb
Growing confidence in cloud security(ComputerWorld) Cloud computing is blowing into 2013 on the winds of confidence, with IT professionals increasingly convinced that the security controls are adequate, but still very, very leery
5 Cloud App Trends To Expect In 2013(InformationWeek) We'll see more mobile options and embedded analytics, of course, but surprises will include growth in financial apps and big-data insights
5 Data Center Trends For 2013(InformationWeek) Energy efficiency will continue to be a major focus of data center operations over the coming year, but that's not all we'll see
Worldwide telehealth market to grow 55% in 2013(Fierce Mobile Health Care) Fueled by healthcare reform aimed at reducing in-patient costs and post-acute care strategies designed to reduce readmissions, the worldwide telehealth (remote patient monitoring) market will grow by 55 percent in 2013 in terms of device and service revenues, according to a recent report from InMedica, the medical technology research division of U.K.-based market research consultancy IMS Research
Increased device adoption will make 2013 a banner year for mHealth(Fierce Mobile Health Care) By any account, 2012 was a breakout year for mobile healthcare. When measuring the progress of mHealth over the past year, the best metrics are perhaps the raw statistics that show physicians, providers and other healthcare professionals are using smartphones, laptops and tablets in their work in unprecedented numbers
4G smartphones will spur rapid rise in semiconductor revenues(Fierce Mobile IT) Demand for semiconductors in smartphones and tablets is expected to offset weak semiconductor demand in other segments and push semiconductor revenues up 4.9 percent to reach $319 billion this year, according to the latest IDC stats
Delay May Increase Pain Of Potential DoD Cuts(Army Times) By delaying, but not preventing, sequestration, the agreement leaves the Defense Department at risk of being forced to cut $57 billion to $63 billion from the 2013 budget while also giving them less time, which means less flexibility, in making the cuts
Many Threats Are Left Intact(Washington Post) The deal to which the House gave final approval late Tuesday will head off the most severe effects of the "fiscal cliff" by averting a dangerous dose of austerity but still leaves the economy vulnerable to both immediate and more distant threats
Panetta Urges Congressional Action On U.S. Deficit(Defense News) The day after Congress passed a bill delaying defense spending cuts for two months, U.S. Defense Secretary Leon Panetta continued to press lawmakers to pass a balanced deal to lower the nations deficit
Federal Agencies Bracing For Cuts After The Accord(Washington Post) Defense Secretary Leon E. Panetta said Congress has "prevented the worst possible outcome by delaying sequestration for two months." But he warned that the "the specter of sequestration" threatens national security
Budget Uncertainty Is Just Around Corner(Washington Post) But "now" is no more than two months. The future remains uncertain for federal employees because the legislation, passed less than 24 hours into 2013, delays the budget reductions known as sequestration only until early March
DISA Hands Down $1B Engineering, IT Services IDIQ(Govconwire) The Defense Information Systems Agency has awarded seven contractors positions on a potential $1.42 billion contract for engineering and information technology services supporting an information systems network. According to the Defense Department, the agency received nine offers for the indefinite-delivery/indefinite-quantity contract via FedBizOpps. This multiple-award contract was set aside for small businesses, the Pentagon said
CACI Buys Health IT, Data Analytics Firm IDL(Govconwire) CACI International (NYSE: CACI) has acquired Wisconsin-based healthcare information technology and analytics firm IDL Solutions for an undisclosed amount, CACI announced Wednesday. CACI said it made the acquisition to grow its presence in the federal healthcare market, which the company values at $33.5 billion, and complement its November acquisition of Emergint Technologies
General Dynamics to strengthen engineering programs with acquisition of Applied Physical Sciences(Military and Aerospace Electronics) General Dynamics (NYSE: GD) has acquired Applied Physical Sciences Corp., a provider of applied research and development services based in Groton, Conn., in a cash transaction for an undisclosed price. Applied Physical Sciences will complement the engineering programs of General Dynamics Electric Boat, a wholly owned subsidiary of General Dynamics. Applied Physical Sciences offers research, development, engineering and prototyping services to government and commercial customers. The company specializes in the areas of acoustics, signal processing, marine hydrodynamics and electromagnetics
6 Things Microsoft Must Do In 2013(InformationWeek) This could be a make or break year as Microsoft looks to establish itself in mobile, cloud and other hot new markets while fending off challenges to its Windows franchise
CIA Vet Jose Rodriguez Joins Novitas Group to Help Lead Strategic Affairs(Govconwire) Jose Rodriguez, former director of the National Clandestine Service at the CIA, has joined strategy and professional services firm Novitas Group LLC as managing director for global strategic affairs. The company said Rodriguez, who also served as deputy director for operations, will help bring the company's capabilities to government, business partners and organizations worldwide
Gary Shankman Joins Serco as CFO for U.S. Operations, Chris Sullivan as CIO(Govconwire) Gary Shankman has joined Reston, Va.-based Serco Inc. as chief financial officer, the same position he previously held within SAIC's defense solutions segment. The more than 30-year government contracting veteran is a certified public accountant and earlier consulted and audited government contractors with Arthur Andersen, focusing on federal acquisition and cost accounting standards compliance
Intel prepares to launch combo cable and streaming TV service(IT World) Could 2013 be the year of the TV for the high-tech industry? With Apple chomping at the bit to revolutionize TV and Google renewing its efforts in the market, now Intel appears to have its ducks in a row to launch its own TV offering
Why Windows To Go is perfect for BYOD(IT World) Is your business still using Windows XP? If so, you're not alone. But, you should also seriously consider moving to a newer operating system. You could just step up to Windows 7, but there's also a pretty strong case to be made for moving to Windows 8--particularly Windows 8 Enterprise
Ubuntu comes to the phone(Help Net Security) Canonical announced a smartphone interface for its operating system, Ubuntu, using all four edges of the screen for a more immersive experience. Ubuntu gives handset OEMs and mobile operators the ability
The Ubuntu Phone OS Doesn't Stand A Chance(TechCrunch) Of course proponents will say that the mobile market is still in its infancy and there is a need for an open OS. While I agree, I am not convinced that Ubuntu will become a winner on the scale of Android, its Linux counterpart. Years will pass before Ubuntu sees developer traction for an Ubuntu phone. The device does not yet have a manufacturer or an operator
Memory acquisition traps(Internet Storm Center) Last week at the CCC conference in Hamburg, my colleague Luka Milkovic presented his work on memory acquisition tools…Since memory acquisition is becoming increasingly popular in any incident forensics, I think it is very important for every incident handler to be aware of deficiencies in this process. So how does the memory acquisition process work? Once executed, all memory acquisition tools install a driver to get kernel access through it and then start reading memory and either dumping it to a file or over the network
Interesting solution to cyber theft problem(Fierce Finance IT) Cyber-attacks against banks remain a huge issue in the industry, as Trojan-oriented attacks on customer accounts continue to proliferate. Unfortunately, in the minds of some, these attacks represent a cost of doing business, as it is assumed that at some point hackers will be able to drain money from accounts. The real goal may be to reduce the success rate of attackers
RIM patent aims to make 'spy cam' shots a thing of the past(ZDNet) RIM has patented a new process that would stop a camera from taking photographs unless it was properly focused on the subject, thereby preventing 'spy cam'-type shots that can be the source of information leaks within a company. The patent filing was granted by the United States Patent and Trademark Office (USPTO) on Tuesday."The camera restriction prevents a user from taking a picture of a subject if the device has not been steadily focused on the subject in question for a predetermined period of time," RIM said in the patent filing
A New Way of Detecting Cybersecurity Attacks (Digital Communities) Rajeev Bhargava is an acknowledged pioneer in the networking and software industry, and CEO of Toronto-based Decision Zone Inc. His career spans more than 30 years within the engineering and IT industry, and he has been closely associated with many of its major developments. Rajeev has advised many of North America's largest organizations within the telecom, financial, high tech, military, retail, aerospace and government industries. He is the inventor of an anomaly detection solution used for applications in network security, data quality, audit, information management and risk functions within organizations around the world
Why hire a hacker?(Help Net Security) I'm not advocating the hiring of computer criminals. If you are being held to ransom by someone claiming to have control of your infrastructure, and demanding payment to prevent further damage or exposure
Quantum measurements on one island determine behavior on another(Ars Technica) A quantum eraser works instantly over 144km. A key feature of quantum physics is the wave-particle duality: the tendency of physical systems to exhibit both wavelike and particle-like behaviors. One particularly striking example of the wave-particle duality is the quantum eraser. In a typical experiment, two photons are entangled in a particular way and sent along different paths. As is usual in entanglement, a measurement performed on one photon reveals the outcome of related measurements on the second. In the specific case of the quantum eraser, however, the measurement dictates whether the second photon will exhibit wave- or particle-like characteristics
Israel preparing Cyber Iron Dome Shield(The Hacker News) Israel's Prime Minister officially opened a new national program to train teenagers in the art of cyberwarfare. The program named "Magshimim Le'umit", is to prepare them for their future role in the military and intelligence community. Israel Prime Minister Binyamin Netanyahu said the country's computer systems are facing attacks from Iran and other countries, and such attacks are set to increase in the digital age
UK to launch public cyber security awareness campaign(ComputerWeekly) The Cabinet Office is to launch a public cyber security awareness programme early this year aimed at improving the online security of consumers and small and medium enterprises (SMEs). The initiative is part of the governments cyber security strategy, aimed at ensuring the UK can manage the risks and harness the benefits of cyberspace. Marking the strategys first anniversary last month, minister for the Cabinet Office, Francis Maude, said business and government needed to continue to educate customers so that everyone using the internet is better informed of the potential risks and how to protect themselves online
South Korea Budgets For Sunnier Ties With Reclusive North(Reuters) South Korea has increased its budget to fund North Korea-related projects this year, government data showed on Thursday, with a new president seeking closer relations due to take office in Seoul and signs of an opening from Pyongyang.
FCC streamlines approval process for in-flight Wi-Fi systems(Fierce Mobile IT) Busy executives view long plane trips as an opportunity to catch up on work using mobile devices that are able to access the Internet on in-plane Wi-Fi systems. The aircraft is able to provide Wi-Fi access by connecting to special wireless towers or through satellite links
Litigation, Investigation, and Law Enforcement
Write Gambling Software, Go to Prison(Wired Threat Level) In a criminal case sure to make programmers nervous, a software maker who licenses a program used by online casinos and bookmakers overseas is being charged with promoting gambling in New York because authorities say his software was used by
Court Backs Obama On Secrecy(Washington Post) The Obama administration acted lawfully in refusing to disclose information about its targeted killings of terrorism suspects, including the 2011 drone strikes that killed three U.S. citizens in Yemen, a federal judge ruled Wednesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.