BB&T and Fifth Third join PNC as victims of Iranian hackers' latest distributed denial-of-service campaign against US banks. Local reports suggest the disruptions may become wider yet. In South Asia, Bangladeshi hacktivists (and defacement specialists) of the "3xp1r3 Cyber Army" hit many Indian sites. Belgium's Federal Police Service suffers a similar but unrelated attack.
An elaborate online hoax attributed to anti-coal activists temporarily cost Australian mining company Whitehaven Coal $314M in market cap. A bogus "Facebook Security Team" is phishing for user credentials. Facebook's Employee Secure Transfer service is also found to be vulnerable to third-party password reset. Windows RT is successfully jailbroken, and Yahoo Mail has an XSS vulnerability that permits account hijacking.
Internet Explorer's recent zero-day exploit is more clearly tied to China's Elderwood, as Tibetan and Uighur autonomy advocates are targeted. Microsoft's patches, expected later today, will not address these vulnerabilities. The company continues to advise users to apply its recently defeated temporary fix pending a permanent solution.
The US Los Alamos National Laboratory, citing security concerns, has divested itself of hardware containing Chinese-manufactured switches.
Symantec says its PGP vulnerability actually amounts to very little. The Omnicell health care IT breach that recently affected the University of Michigan has spread to South Jersey Healthcare and Sentara Healthcare.
Northrop Grumman, SAIC, and ManTech all say they're pursuing the US Department of Homeland Security continuous monitoring contract. The US Secret Service says its use of QinetiQ North America's Cyveillance services poses no real privacy issues.
Today's issue includes events affecting Algeria, Australia, Bangladesh, Belgium, Canada, China, European Union, Greece, India, Iran, Japan, Romania, Singapore, Thailand, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
BB&T, PNC among banks targeted by cyber attack(Charlotte Business Journal) The attacks on banks' websites appear to be coordinated by the same Iranian hacker group that disrupted many major banks' service late last year. Winston-Salem-based BB&T (NYSE:BBT) Pittsburgh-based PNC (NYSE:PNC), both with a major presence in
Fifth Third website suffers cyber attack(Business Courier of Cincinnati) Fifth Third Bank was at least the second big bank with local operations to suffer a major cyber attack last week. Fifth Third (Nasdaq: FITB), Greater Cincinnati's largest locally based bank, had its website attacked Thursday, disrupting online
Iranian cyber attack targets US banks, again(BizPac Review) Republican presidential candidate Mitt Romney believed Iran was the biggest national security threat facing America. Now, a second round of suspected Iranian cyber attacks against U.S. banks is under way, and the Obama administration is
More than 600 Indian websites hacked by rEd X from 3xp1r3 Cyber Army(E Hacking News) More than 630 Sites Defaced by rEd X from 3xp1r3 Cyber Army ! The websites, most likely hosted on a single server, were altered to host the hacktivists message. The hacked sites appears to belong to various organizations, including colleges, small buisnesses. At press time, many administrators appeared to beworking on restoring their websites, but most of the affected sites still displayed the hackers message
Belgian Police Hacked(eSecurity Planet) Hacker SlixMe posted a deface message stating, 'Your log folder does a good job lolz.' Hacker SlixMe recently breached and defaced the official Web site for the Belgian Federal Police Service
Rogue trader: hoax triggers $314m fall(Sydney Morning Herald) One young man sitting in a forest used a laptop and a mobile phone to temporarily wipe more than $314million from the value of Nathan Tinklers Whitehaven Coal on Monday morning. The Australian Securities and Investments Commission is now making inquiries into the elaborate hoax, in which anti-coal campaigners issued a fake media release and impersonated a corporate affairs spokesman from ANZ Bank
Nir Goldshlager found vulnerability in Facebook Employees Secure Files Transfer service(E Hacking News) A Web Application PenTester , Nir Goldshlager, has identified a Security flaw in the Facebook's Employee Secure File Transfer that allowed him to reset the password of accounts. The Secure File Transfer service provider "Acellion" provide service to Facebook's Employee for transferring files. The Acellion had removed the registration page to prevent unauthorized users from creating accounts
3 security things to watch: A Turkish twist, IE's quick fix, Anonymous takes action in high school assault case(IT World) Look for continued fallout from the security lapse at Turkish Certificate Authority TurkTrust this week in security. Also: pressure on Microsoft over IE flaw, and hacktivists take action in high profile high school rape case. The holidays are over, and everyone is plugging back into work - digging through a mountain of unanswered e-mail and otherwise taking the lay of the land. For those of you still emerging from your egg nog fog, here are some of the top security news stories worth following this week
Exclusive: U.S. nuclear lab removes Chinese tech over security fears(Reuters) A leading U.S. nuclear weapons laboratory recently discovered its computer systems contained some Chinese-made network switches and replaced at least two components because of national security concerns, a document shows. A letter from the Los Alamos National Laboratory in New Mexico, dated November 5, 2012, states that the research facility had installed devices made by H3C Technologies Co, based in Hangzhou, China, according to a copy seen by Reuters. H3C began as a joint venture between China's Huawei Technologies Co and 3Com Corp, a U.S. tech firm, and was once called Huawei-3Com
Anonymous Warns Canadians About Bill C-45, Enhanced Drivers Licenses(Softpedia) Anonymous Canada has released a new video statement to warn the countrys citizens about the recently introduced, controversial Bill C-45, also known as the second omnibus budget bill. The hacktivists claim that the Harper government is trying to use the 400-page bill to hide its secret agenda. Omnibus Bill C-45 was passed in Parliament just a few weeks ago and, as you may know, it unprotects hundreds of thousands of lakes and rivers and re-designates aboriginal land rights
Symantec plays down PGP hole(HITB) Symantec has quenched fears about a vulnerability in its PGP technology. According to a Pastebin statement, the pgpwded. sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability in the handling of IOCTL 0x80022058
Omnicell Breach Affects Patients of Sentara Healthcare, South Jersey Healthcare(eSecurity Planet) More than 68,000 patients in total appear to have impacted by the security breach. A recent security breach at medication management vendor Omnicell, which exposed the personal information of 4,000 patients of the University of Michigan Health System, also impacted several thousand patients of both South Jersey Healthcare and Sentara Healthcare
The TURKTRUST SSL certificate fiasco - what really happened, and what happens next?(Naked Security) A few days ago, my colleague Chester wrote an article with the no-punches-pulled headline Turkish Certificate Authority screwup leads to attempted Google impersonation. Since then, an online discussion and dissection of what happened - or, more accurately, what happened so far as one might tell - has unfolded, and seems to have reached a conclusion - or, more accurately, an acceptable hypothesis. Let me try to summarise as briefly as I dare
Security Patches, Mitigations, and Software Updates
Microsoft Security Bulletin Advance Notification for January 2013(Microsoft Security TechCenter) This is an advance notification of security bulletins that Microsoft is intending to release on January 8, 2013. This bulletin advance notification will be replaced with the January bulletin summary on January 8, 2013. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification
When The 'Fix It' Doesn't Fix It(Dark Reading) Microsoft's temporary fix for a new IE zero-day flaw is broken, researchers say, but software giant still recommends applying the fix until patch arrives
Researcher Who Found Nvidia Bug Confirms Security Update Clears Up Driver Zero Day(Threatpost) Nvidia patchNvidia has released a new driver for its graphics cards that includes a security update for a zero-day vulnerability in the Nvidia Display Driver Service that came to light on Christmas day. UK researcher Peter Winter-Smith posted vulnerability details and an exploit to Pastebin describing a stack buffer overflow vulnerability in the service, as well as his exploit, which bypassed DEP and ASLR on Windows machines
Personal Empowerment Worldwide Could Affect U.S. Security and Economics(SIGNAL Magazine) The release of the National Intelligence Council's Global Trends 2030: Alternative Worlds report in early December spawned a wave of media attention and crashed two websites hosting the document. For the first several days, officials tracked approximately 60,000 Tweets pertaining to the information sent out every 20 minutes. "The first thing to say is that the amount of response and amount of attention focused on it came really as a surprise to us…it did really go viral in a way we didn't appreciate beforehand," states Dr. Mathew Burrows, counselor, Office of the Director of National Intelligence, National Intelligence Council, and principal author of the report. But despite all the action surrounding Global Trends, contributors to it feel that certain facets might still need some attention
ENISA Names Drive-By Exploits as Biggest Emerging Threat of 2012(Softpedia) The European Network and Information Security Agency (ENISA) has released its Cyber Threat Landscape analysis of 2012. The study, based on over 120 threat reports, highlights the top threats and their trends. According to the report, drive-by exploits malicious code injects used to exploit web browser vulnerabilities are the number one threat
Tablets will outsell notebooks in 2013, for the first time ever(Quartz) Apple will hold onto its market share, but China will be flush with home-grown tablets. In 2012, tablets outsold notebook computers in the US and China, but 2013 will be the year this trend goes global, according to NPD DisplaySearch. That's three years ahead of analysts' earlier estimates, and reflects a projected 64% growth in tablet purchases in 2013 versus 2012
Like virginity, lost privacy is gone for good -- CES panelist(CNET) Far from the barrage of gadget announcements, a comparatively unsexy discussion on the future of privacy and cloud-stored data unspooled at CES 2013.The future of privacy and the cloud occupied a sidestage at CES 2013 this morning, with one panelist comparing privacy lost to something else that can't be replaced. "Getting your privacy back is like getting your virginity back," said Jim Reavis, Executive Director of the non-profit Cloud Security Alliance, from a room on the second floor of Las Vegas Convention Center North building. The on-stage conversation between Reavis and other privacy experts focused mainly on desired changes to how to make the nebulous concept of online privacy more user-friendly
Staring Down The Sequester Barrel(Washington Times) The 113th Congress' most pressing defense-related concern will be the military's budget, despite the previous Congress having averted the so-called "fiscal cliff"
Obama's Picks Signal Changes At Pentagon, CIA(Washington Post) President Obama is assembling a national security team designed for an era of downsized but enduring conflict, a team that will be asked to preside over the return of exhausted American troops and wield power through the targeted use of sanctions, Special Operations forces and drone strikes
USPS outlines plans for one-year Federal Cloud Credential Exchange pilot(Fierce Government IT) The Postal Service is moving forward with plans to conduct a one-year Federal Cloud Credential Exchange pilot designed to demonstrate next-generation online government applications requiring multi-factor authentication, according to a Federal Business Opportunities posting. As part of the Obama administration's National Strategy for Trusted Identities in Cyberspace, FCCX would enable the acceptance of third-party credentials to facilitate access to online government services
CRGT makes deal for Guident Technologies(Washington Technology) With the acquisitions, CRGT is picking up more capabilities in areas such big data analytics and business intelligence. It is the third acquisition in two
Altamont Buys Investigations Provider, Aiming for Federal Growth(Govconwire) Private equity firm Altamont Capital Partners has acquired background investigations firm Omniplex World Services Corp. for an undisclosed amount, Washington Technology reports. This is Altamont's second acquisition within a month as it bought window maker Cascade Windows in December 2012, according to the report. Altamont made the transaction to pursue growth in the federal market
Vistronix Buys Geospatial Data Software Maker Technology Associates(Govconwire) Vistronix has acquired Stafford, Va.-based Technology Associates International Corp., a maker of geospatial and data visualization software for U.S. military and civilian agencies. Vistronix did not disclose terms of the deal and said 450 Technology Associates employees will join Vistronix. Deepak Hathiramani, chairman and CEO of Vistronix, said the company is aiming to become
Booz Allen, SAIC, URS, WBB Win Navy Program Mgmt, IT Services IDIQ(Govconwire) The U.S. Navy has awarded four companies positions on a contract, where they will compete to provide the branch with program management and information technology programming and governance services. The Defense Department said work under the indefinite-delivery/indefinite-quantity contract will support the energy and environmental readiness division within the Office of the Chief of Naval Operations
Startup Takes Military Approach to Cybersecurity(eSecurity Planet) Former U.S. Defense Department official raises $26 million to fund a new type of cybersecurity technology. Are there enterprise IT lessons to be learned from how the U.S. military approaches cybersecurity? Yes, according to a startup called Shape Security. The co-founder of Shape Security, Sumit Agarwal, spent
Northrop Names Ret. Vice Adm. Stephen Stanley Cyber, C4 VP(Govconwire) Northrop Grumman (NYSE: NOC) has appointed retired Navy Vice Adm. Stephen Stanley vice president of cybersecurity and C4 (command, control, communications and computers). The company said the appointment is effective immediately and he will report to Sid Ashworth, corporate VP of government relations. Stanley, a 37-year Navy veteran, will lead the cybersecurity and C4 portfolio
Qualcomm Revamps Its Snapdragon Line, Unveils The High-End Snapdragon 800 And 600 Chipsets(TechCrunch) Qualcomm's isn't really a brand that figures prominently into the average person's understanding of the mobile space, and that's exactly the issue that the San Diego-based semiconductor company is trying to tackle in its newest and most prominent CES keynote to date. Cringeworthy introduction aside (facepalm material as far as the eye could see), Qualcomm CEO Paul Jacobs took the stage to
Cuckoo 0.5 is out and the world didn't end(Internet Storm Center) This one kind of slipped by unnoticed over the holidays, but Claudio & company released a new version of the Cuckoo sandbox and it has some some nice new features. Some of the more significant ones to me are: full memory dumps of the virtual machines, added packages for jar, java applet, and zip files, support for Windows 7 (yippee!!!)
Yahoo adds HTTPS support to Yahoo mail(H-online) Yahoo has begun to catch up with the other webmail providers and is now offering HTTPS as an option on its service. Support for HTTPS has been requested for a long time by users of the system to help improve their privacy when accessing mail, especially over Wi-Fi connections; logging in with HTTPS previously redirected users to an HTTP based service. Now users can select Options->Mail Options and select "Turn On SSL"; this will ensure that HTTPS is enabled on their connection
3 older technologies that everyone should embrace(IT World) Sometimes the latest isn't the greatest. Technology pundit types like me are always blabbering about bleeding-edge technology. Wow! A holographic wristwatch that lets Princess Leia tell you the time! A browser plug-in that ignores your email so you don't have to! A wireless camera fork that automatically tweets pictures of your lunch! Unfortunately, some bleeding-edge technology you read about never ships. And even if it does ship, most new tech products are never taken up by most people
SkypeHide system, steganography to secure communications on Skype(Security Affairs) In this period there is an intense debate on the wiretapping of every communication channel, governments are increasing the monitoring of internet, of social network platforms and VOIP conversations in many cases with supports of the companies that provide those services. In a recent post I discussed on the control ordered by Indian Governments that ,for homeland security, decided to control every users activity on-line exactly as many other authorities in the world. Skype is one of the most diffused VOIP client used by millions of persons for business such as in the free time, simple and efficiency it has catch a large piece of the market also because in the past it was considered a secure tool to speak avoiding law enforcement interception due its architecture
The importance of data normalization in IPS(Help Net Security) To fully comprehend the importance of data normalization in an Intrusion Prevention System, it is first necessary to understand what data normalization is and what it does, how it accomplishes its goals
Design and Innovation
TEDCO Realigns Core Investment Programs(PE Hub) The Maryland Technology Development Corporation has announced the realignment of two of its core funding and investment programs, the addition of a Patent Assistance Program and that it will be managing four new highly-focused investment funds, or TEDCO affinity funds. The organization's restructuring of existing investment programs and addition of affinity funds will position the public corporation to generate long-term income to further leverage the State's investment in innovation
Witnessing The Rebirth Of The Greek Startup Ecosystem(TechCrunch) Thousands of years ago Greeks plied the waters of the Mediterranean as traders and merchants. They were, perhaps, amongst the first ever entrepreneurs. But somewhere along the line between then and now that history faded. Admittedly, inklings of that spirit remained in the world famous Greek shipping industry – but a reliance on government jobs and European Union subsidies did its best to quell
Singapore Polytechnic Intros Cyber Wargame Center(eSecurity Planet) The center was co-funded by the Infocomm Development Authority of Singapore. Singapore Polytechnic recently announced the launch of its new Cyber Wargame Center, which is part of the school's Diploma in Infocomm Security Management (DISM) program
Iran and India, control and monitoring of networks (Security Affairs) The news is circulating for days, the Iranian head of the national security forces , Esmail Ahmadi Moghadam, declared that law enforcement of the country is developing a software for smart control of social-networking sites, the authorities have understood that the control of the powerful platforms is more important filtering. Moghadam exposed the consideration made by the Supreme Council of Cyberspace, the entity that is controlled by President Mahmoud Ahmadinejad and brings together other top Iranian officials, including the intelligence chief and the head of the Revolutionary Guards
Park: Governmentwide data memo coming 'soon'(Fierce Government IT) The Obama administration will soon issue policy requiring new government data to be open to the public and machine readable as a default, said Todd Park, chief technology officer within the Office of Science and Technology Policy
Study Says Yahoo, Google Help Fund Pirate Sites(Wired Threat Level) Google and Yahoo were among the top advertising networks servicing the most ads on pirate sites, according to a new study unveiled Thursday. The analysis by the Annenberg Innovation Lab at the University of Southern California found that Pasadena, California-based
Algerian Hacker Wanted in the US Arrested by Thai Police(Softpedia) 24-year-old Algerian National Hamza Bendelladj has been arrested by Thai police at Bangkok's Suvarnabhumi Airport while transiting from Malaysia to Egypt. Laptops, a tablet computer, a satellite phone and some external hard drives were found in the suspects possession. According to authorities from Thailand, cited by the Bangkok Post, Bendelladj is wanted by the US Federal Bureau of Investigations on suspicion of hacking into private accounts in over 200 banks and other financial organizations from all around the world
Feds Dismantle Piracy Ring That Stole Super-Expensive Software(Wired) A Chinese national was set to plead guilty Monday for his role in a massive $100 million online software piracy scheme that authorities said was one of the most significant copyright infringement cases ever uncovered. According to Delaware federal court papers, Xiang Li has agreed to plead guilty to two federal charges related to the selling, without authorization, of high-end software programs for a fraction of their retail worth
Kaiser Permanente Case Underscores Due Diligence Requirement(Threatpost) California and U.S. authorities are investigating whether Kaiser Permanente violated some 300,000 patients' privacy when dealing with a Mom and Pop document storage company that kept medical records in a shared warehouse and stored sensitive data on home computers. The investigation, according to the Los Angeles Times, was triggered by a complaint filed last year by Stephen and Liza Dean of Indio, Calif., who claim Kaiser failed to safeguard patients' medical records. The Deans contend Kaiser gave the paper files to them for almost seven months without a contract and that employees routinely e-mailed them for patient records, providing full names, dates of birth and Social Security numbers and treatment dates to ensure the proper folders were pulled
Romanian sentenced for multimillion-dollar payment card hack scheme(Net-Security) A Romanian national was sentenced today to serve 21 months in prison for his role in an international, multimillion-dollar scheme to remotely hack into and steal payment card data from hundreds of U.S. merchants computers, announced the U.S. Department of Justice. Cezar Butu, 27, of Ploiesti, Romania, was sentenced by Judge Steven J. McAuliffe in U.S. District Court in New Hampshire. On Sept. 17, 2012, Butu pleaded guilty to one count of conspiracy to commit access device fraud
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
TED X Baltimore: Baltimore Rewired(Baltimore, Maryland, USA, January 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but...
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.