skip navigation

More signal. Less noise.

Daily briefing.

Threat indicators are invaluable, if you cultivate an awareness of them. Kaspersky and Alien Vault describe Red October's indicators in what amounts to a timely case study.

Pittsburgh's Citizens Bank is the latest victim of a denial-of-service attack. The attack is so far unattributed, but an unrelated note in the Cyberwarzone points out that the Izz ad-Din al Qassam Cyber Fighters remain up and active on Pastebin. Krebs notes that large financial institutions are being "leveraged" to exploit smaller, more vulnerable regional banks and credit unions. The Motley Fool gives voice to small independent investors' views of banking cyber security: in short, it's the banks' fault if they're successfully attacked.

Anonymous continues its campaign to avenge Aaron Swartz, hitting the US Sentencing Commission Website. (Anonymous may also be commemorating Atari as it heads into bankruptcy: some of its webpage defacements are an homage to "Asteroids.")

Website security is a problem not only for the US Department of Justice, but apparently for serious security firms as well. A researcher shows Kaspersky, Panda, and AVG vulnerable to DOM-based cross-site scripting (XSS), showing how difficult it can be to secure a complex Website.

Facebook's Graph search proves even more invasive than first thought. Workforce culture impedes infrastructure security. New Zealanders are warned to be very afraid of their smartphones.

Government commitment to open source may be more aspirational than real. The US Department of Defense expands its cyber capabilities (especially offensive capabilities). Fujitsu designs a smartphone platform for secure BYOD operations.

Notes.

Today's issue includes events affecting China, European Union, India, Iran, Ireland, Israel, New Zealand, Portugal, Russia, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

'Red October' Response Shows Importance Of Threat Indicators (Dark Reading) Researchers provide indicators of compromise for Red October that helps companies check for infections. When Kaspersky Lab published the initial report identifying the Red October cyberespionage campaign early last week, many companies likely searched the publication for ways to detect the malware in their own systems

Citizens Bank Hit By Possible Cyber Attack (CBS Local) Add Citizens Bank to the list of financial institutions whose online banking websites are tough to access, Citizens officials confirmed on Friday. "Our website has experienced temporary disruptions due to an unusually high volume

Big Bank Mules Target Small Bank Businesses (KrebsonSecurity) A $170,000 cyberheist last month against an Illinois nursing home provider starkly illustrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions. I have written about more than 80 organizations that were victims of cyberheists, and a few recurring themes have emerged from nearly all of these breaches. First, a majority of the victim organizations banked at smaller institutions

QassamCyberFighters PasteBin profile (Cyberwarzone) The group that got know for their attacks on the banks in the month December and January are still active on PasteBin. As their profile on Pastebin shows their latest post was posted on the 22nd of january. The profile contains a lot of Pastebins that have messages towards the banks and governments

Big U.S. Banks Unprepared for Growing Wave of Cyber Attacks (The Motley Fool) Distributed Denial of Service attacks. Better known as DDoS attacks. That's geek speak for the kind of cyber assault that hits a web server with so many requests for service that the site becomes unavailable for use by anyone else. Quite literally information overload…As investors, we need to know that the banks we own shares in are taking care of the people they depend on to stay in business. And if JPMorgan, Citi, B of A, or Wells Fargo can't give us proper peace of mind, we'll find some company that can

Anonymous hackers hijack US agency website (Computer Weekly) Hackers have embedded a video statement on the homepage of a US government agency in response to the death of digital activist Aaron Swartz[, who] hanged himself in his Brooklyn apartment. The statement - purportedly from hacktivist collective Anonymous - said Aaron Swartz had died because he "faced an impossible choice" and had been forced into "playing a game he could not win"

Cyber attack shuts down US Justice Department's website (Press TV) The hacker group Anonymous has briefly shut down a website belonging to the US Justice Department, following a warning by the Homeland Security about an imminent 9/11-style cyber attack. The Saturday attack by the group against the US Sentencing

Anonymous Releases 'Warhead' via #OpLastResort (McAfee) There has been a great explosion of chatter in the last day around Anonymous' "Operation Last Resort" (a.k.a. #OpLastResort). The entities behind the various "official" communications around this operation have a sense of humor that we must point out (especially because if you don't catch it, you will end up wiping your disk). In typical fashion with these events, some data suggests that the whole thing (or at least the leak) is a hoax. Regardless of what data resides in the leaked files, it is apparent that someone is having fun, via the embedded scripts in the USSC site. (See the Update section, below, for details on the Konami scripts.) Anonymous has infiltrated specific US government systems in response to the "killing" of Aaron Swartz

Hackers play Asteroids on US government websites (Naked Security) To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness

Expert Finds DOM-Based XSS Vulnerabilities on Kaspersky, Panda and AVG Sites (Softpedia) Web security analyst David Sopas from Portugal has identified DOM-based cross-site scripting (XSS) vulnerabilities on the websites of three world-renowned security solutions providers: Kaspersky Lab, Panda Security and AVG Technologies. Security firms often warn about the importance of properly secured websites. However, these days, websites are so complex that it's hard not to miss a few vulnerabilities

Cutwail botnet on spam rampage, delivers Cridex worm (Help Net Security) Since its inception some six years ago, the Cutwail / Pandex botnet experienced its fair share of setbacks, but it's still going strong. The main reason for its existence is to send out millions of

Alabama Department Homeland Security confirms 'cyber-intrusion' of state (al.com) A spokeswoman said the incident was still under criminal investigation. "The Alabama Department of Homeland Security acknowledges that there has been a cyber-intrusion of state government IT infrastructure. It is currently under criminal investigation

Blocking SSH to Limit Security Exposures (Internet Storm Center) If you look over the ISC diaries from the past few years, you will find a sizable number which discuss some vulnerabilty or another involving SSH. Recently, I have seen a number of security issues involving SSH that has caught my attention. The first two are the recent announcement of the Barracuda backdoor earlier this week, and that malware authors have been targeting Linux with backdoored SSH daemons meant to steal account credentials. The next didn't directly involve SSH, but does shine a light on the lax controls that many organizations have toward resources that should only be accessible inside the corporate network. That Google was able to index a significant number of HP printers seems to indicate that many organizations have been slow to limit the flow of data in and out of the network

New BYOD Threat: Email That Self-Destructs (InformationWeek) Employees who bring apps like Wickr to work could bypass enterprise security systems

Biggest challenge for BYOD is data security not phishing (Gomo news) Responding to a recent opinion piece from SpamTitan here, hospital professional, Trinity Shravner has written in to warn of the security dangers from BYOD, Trinty says, I agree that in 2013 that social media will be the platform of choice for phishing attacks, but I think one of the biggest BYOD challenges will be data security and device control. Trinity continues, We were really struggling with BYOD since we are a hospital and we have HIPAA security issues to deal with, and we are too small to get a large BYOD system

Facebook's Graph Search worries security experts (CSO) Post highlighting embarrassing things raises questions of user privacy with Graph Search, which Facebook users cannot opt out of

Employees put critical infrastructure security at risk (CSO) Sweeping change needed to boost critical infrastructure security handcuffed by lack of cooperation between IT, grid operations workers

NZ smartphone's 'highly vulnerable', says expert (MSN NZ News) NZ staff New Zealand is in the top ten countries most vulnerable to privacy exposure, according to a new report by Trend Micro. Cyber safety

Cyber Trends

Will your future work machine be a tablet? (Fierce CIO: TechWatch) Both Microsoft (NASDAQ: MSFT) and Apple (NASDAQ: AAPL) held calls on their last quarters' earnings this week, and various reports are filtering in with interesting nuggets of analysis and facts. For one, though the launch of Windows 8 did indeed generate an increase in sales, the 24 percent increase that it clocked starkly contrasts the much larger increases seen with the launch of Windows 7 (76 percent) or even the much-derided Windows Vista (65 percent) operating systems

7 Top Business Intelligence Trends For 2013 (InformationWeek) Short list of BI hot buttons includes dashboards, self-service, mobile, in-memory, cloud, collaboration and, of course, big data

Marketplace

Open source policy no guarantee governments will actually use open source (Fierce Government IT) The distance between government policy favoring open source technology and solicitations that don't actively discriminate against it can be great. That's the case found in a sample of 80 solicitations conducted by the Dutch government between January and June 2010. The Dutch government in December 2007 adopted an action plan meant to increase adoption of open source software and open standards in government agencies

Pentagon to create cyber attack wing (Sydney Morning Herald) The Pentagon has approved a major expansion of its cybersecurity force over the next several years, more than quadrupling its size to bolster the nation's ability to defend critical computer systems and conduct offensive computer operations

Pentagon to boost cyber security force (Reuters UK) The plan, which would increase both military and civilian staffing at U.S. Cyber Command, comes as the Pentagon moves toward elevating the new command and putting it on the same level as the major combatant commands. The official said no formal

US Cyber Command gets new teeth for online warfare (SlashGear) The US Cyber Command division, the Pentagon's cybersecurity team established to tackle a new age of digital threats, will be considerably expanded with new specialists in both offensive and defensive technologies, the Defense Department has confirmed

ComSec LLC Appoints Keesling Director of New Healthcare Cyber Defense Initiative (Pharmalive) Healthcare is entering a fight against an opponent that is already armed with advanced tools and techniques that have been field tested against the global financial giants for years. Healthcare data breaches are rapidly outpacing those of the financial services industry Low cybersecurity preparedness in the Healthcare Industry creates challenges for Asymmetric warfare planning ComSec Healthcare Assurance Options provides a preemptive counterespionage compliance plan for C-suite execsComSec LLC's President, J.D. LeaSure announced the appointment of healthcare industry veteran Tom Keesling to lead their newly established Healthcare Cyber Defense initiatives from its world headquarters in Virginia Beach, today

Lenovo Downplays RIM Acquisition Reports, Says It's Looking At M&A Opportunities In General (TechCrunch) Lenovo has denied reports that the company plans to buy Research In Motion, saying that it is instead looking at acquisition opportunities in general, reports Sina Tech (link via Google Translate)

SAIC Targeting Commercial Big Data Portfolio for Energy, Health Sectors (The New New Internet) Science Applications International Corp. has developed a new portfolio of products and services aimed at helping commercial organizations organize large amounts of data in real-time. SAIC intends for its Critical Insight Solutions portfolio to provide commercial entities similar offerings the company provides to U.S. government customers, the company said

Booz Allen Wins 3 SPAWAR Contracts Worth $95M (Govconwire) Booz Allen Hamilton (NYSE: BAH) has been awarded three contracts with a total value of over $95 million by the Space and Naval Warfare Systems Command, according to a company statement. "In today's budget environment, our clients, including the Navy, are looking at the cost of doing business," said David Karp, Booz Allen senior vice president. "We're helping the

Products, Services, and Solutions

Endace Doubles Network Recording Capacity And Introduces Streamlined Network Troubleshooting Workflow (Dark Reading) Version 5.1 of the EndaceProbe Operating Software now available

Facebook Blocks Yandex, the Google of Russia (Wired Business) Facebook has locked out a mobile app from Russian internet powerhouse Yandex. It's the latest examples of how social networks are increasingly hoarding their information and locking out potential competitors

Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste (Ars Technica) Why these apps are awful and what you really need to do about your slow PC. Maybe you've seen the ads on the Internet or on TV in the wee hours of the morning. They make lofty promises: get rid of blue screens and error messages! Increase your speed! Clean up your system! But even when these PC cleanup apps aren't just malware in disguise, the things they're doing for your PC are often dubious. Many either replicate tasks that can be handled by built-in utilities or do things that could cause more problems than they solve

Create a secure browsing session on any Windows computer (Help Net Security) Making online purchases and secure internet browsing is safer and easier than ever with the launch of Kanguru's new Defender DualTrust, a new secure online access and encrypted USB storage device

GitHub's new search reveals passwords and private keys (Help Net Security) GitHub, the popular online source code repository, has unveiled on Wednesday a new search infrastructure that should help coders find specific code within the millions of the individual repositories

Cyber-security services: Identify, respond to and evaluate an attack (TechTarget) Sourcefire, a Columbia, Md.-based cyber-security provider recently launched Incident Response Professional Services, aimed at assisting enterprises with

Google Silent About Wireless Experiment (InformationWeek) Google has applied to the FCC for permission to test an experimental wireless system. Is Google about to offer mobile broadband

Fujitsu develops HTML-5-based smartphone platform to secure corporate data (Fierce Mobile IT) Japan's Fujitsu is developing an HTML-5-based smartphone platform designed to secure corporate data in a BYOD environment, according to a report by Computerworld. The system, developed by engineers at Fujitsu Laboratories, matches an app on the smartphone with a cloud-based server that delivers corporate apps like email, sales databases and customer contacts, all as HTML 5 applications

Technologies, Techniques, and Standards

The Three Worst Words In The English Language: Can't We Just? (Dark Reading) The road to poor identity and access management architecture is paved with "can't we justs." It's 2013: Find a way

3 Ways The Cloud Can Complement Virtualization (InformationWeek) Virtual infrastructures -- what vendors like to call internal clouds -- can benefit from the public cloud in ways beyond data backup

Even 'rogue' clouds can be secured, experts say (CSO) It takes multiple measures layered on top of public cloud services to lock down enterprise data, say security pros

Design and Innovation

In Big Tech, Bet on Companies That Seek a 'Better Way' (Wired Business) Consumer internet companies are notorious for selling us something we don't really need, whether it's Foursquare telling us to check in to the restaurants and shops we enter, or Facebook encouraging us to share every detail of our lives. It's a different story in the enterprise. In the last year we've seen that the most successful business-to-business companies, and the ones that gain the most loyal followings, started when a genuine problem began plaguing their founders

With $1 Trillion at Stake, Enterprise Technology Gets Its Star Turn (Wired Business) But here's why you should care about the latest enterprise software or services outfit knocking on your company's door. Every 10 to 15 years the enterprise market goes through an upheaval where the next generation of technology replaces the old. We're in the early stages of one of those big displacements right now, where huge companies are brought to their knees, and new giants are born

Academia

Countering cyber threat: UGC, AICTE to introduce cyber security courses (Daily Bhaskar) In an attempt to minimise increasing incidents of cyber crimes in state and to raise awareness among the students, the University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) have asked the technical colleges and universities to create and introduce cyber security courses as a part of the syllabus for undergraduate and post-graduate students. The move comes on the advice of the task force of the national security system. The force was set up by the cabinet committee on security and was mandated to review existing process, procedures and practices in the national security and to suggest measures to strengthen the security and to make students aware of such activities

UConn Offers Range of Resources to Promote Data Privacy and Security (UConn Advance) The University has also been named a Data Privacy Champion by the National Cyber Security Alliance for its efforts. One major initiative has been the launch

Legislation, Policy, and Regulation

Unlocking Your Mobile Phone Is No Longer Legal (Wired Threat Level) Mobile phones purchased beginning Saturday can no longer be legally unlocked by consumers to enable them to be used on competing networks

GitHub unblocked in China after former Google head slams its censorship (IT World) Access to software collaboration site GitHub appeared to be restored in China on Wednesday, just as former Google executive Kai-Fu lee criticized its blocking as a senseless move that would harm the nation's developers

Awareness is not enough, says EU Commissioner Kroes days before introducing EU Cybersecurity Strategy (Diplo News) The WEF affirmed that in the next 10 years there is a 10% likelihood of a major Critical Information Infrastructure breakdown with possible economic damages of over $250 billion. Incidents and attacks are on the rise. The big message was that cybersecurity is a matter that cannot be left to the technical people

John Kerry needs to get a clue (CSO) John Kerry, one of my senators and the next secretary of state, calls foreign hackers "21st Century Nuclear Weapons." For a man known for his nuanced language, the word choice is pretty reckless

Minister calls on City to attack cyber-crime (The Independent) The Cabinet Office minister Francis Maude is expected to launch a key part of his cyber-security strategy this week, as the Government attempts to protect big business and Whitehall from mounting digital attacks. Following a successful pilot project called Auburn, government and industry are poised to unveil what it describes as a "permanent information sharing environment"

Israeli Troops Swap Guns for Computers as Cyber Attacks Increase (Bloomberg) "Cyber has three dimensions: intelligence, defense and offense," said Amos…Check Point Software Technologies Ltd., the world's second- largest maker of

A second look at 'Aaron's Law' (CSO) The idea behind Aaron's Law connects with me on an emotional level. But when it comes to justice, we must use our heads instead of our hearts

Litigation, Investigation, and Law Enforcement

Explaining the Kim Dotcom/Megaupload case (IT World) Confused about all the fuss around Kim Dotcom and Megaupload? Wondering what it's all about? Let us explain it so even mom will understand

Microsoft waived hearing in EU browser ballot antitrust case (Computer World) Microsoft waived its right to a hearing before European antitrust regulators to further answer charges that it failed to offer customers a browser choice screen, according to documents filed with the U.S. Securities and Exchange Commission (SEC). The company faces fines in the billions for the blunder. In a Jan. 24 filing with the SEC, Microsoft noted the ongoing investigation by the European Commission, the EU's antitrust arm, and gave a short status update of the case

Ortiz says suicide will not change handling of cases (Forensic Focus) U.S. Attorney Carmen Ortizs office doubled down in defense of its handling of the case against the late Aaron Swartz last night, but his loved ones say she needs to reflect on her official bullying, while legal experts said they believe the Internet activists suicide while facing cyber-theft charges could haunt Ortizs career and change the way her office prosecutes cases. Ortizs spokeswoman, Christina DiIorio-Sterling, said last night the Swartz case wont affect the offices handling of other cases. Absolutely not, she said

Not-so anonymous Anonymouses head off to prison over PayPal DDoS (Naked Security) Four young Englishmen who went on an Anonymous rampage back in 2010 weren't as anonymous as they might have hoped. They were traced, identified and arrested…now two of them are on their not-so-anonymous way to prison

Zero-Day Exploits (Air Force General Counsel) Homeland Security has recently issued a warning for all users to disable their Java plug-ins in their browsers. This warning was spurred on by the discovery of a Java zero-day exploit that puts 850 million computers at risk of malware attacks. Although terrifying, this is just one example of how zero-day exploits are changing the face of cyber warfare

Bullied Cork Teens Died from Suicide (Evening Echo) TWO Cork teenagers who were subjected to online bullying have died by suicide in the past six months. In both instances, the bullying took place on social networking sites over a number of months

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Data Privacy Day (Various locations, January 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy...

North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...

ATMiA US Conference 2013 (Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.

#BSidesBOS (Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

RSA USA 2013 (San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.

Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...

NRO Winter Way Forward Conference (Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will...

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...

IHS CERAWeek 2013 (Houston, Texas, USA, March 4 - 8, 2013) IHS CERAWeek 2013 will offer new insight on the energy future -- and on the strategic and investment responses by producers, consumers and policy-makers. What are the changes ahead in the competitive...

Business Insurance Risk Management Summit (New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...

CanSecWest 2013 (Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...

CTIN Digital Forensics Conference (Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...

Google and University of Maryland Cybersecurity Seminar (College Park, Maryland, USA, March 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.