Threat indicators are invaluable, if you cultivate an awareness of them. Kaspersky and Alien Vault describe Red October's indicators in what amounts to a timely case study.
Pittsburgh's Citizens Bank is the latest victim of a denial-of-service attack. The attack is so far unattributed, but an unrelated note in the Cyberwarzone points out that the Izz ad-Din al Qassam Cyber Fighters remain up and active on Pastebin. Krebs notes that large financial institutions are being "leveraged" to exploit smaller, more vulnerable regional banks and credit unions. The Motley Fool gives voice to small independent investors' views of banking cyber security: in short, it's the banks' fault if they're successfully attacked.
Anonymous continues its campaign to avenge Aaron Swartz, hitting the US Sentencing Commission Website. (Anonymous may also be commemorating Atari as it heads into bankruptcy: some of its webpage defacements are an homage to "Asteroids.")
Website security is a problem not only for the US Department of Justice, but apparently for serious security firms as well. A researcher shows Kaspersky, Panda, and AVG vulnerable to DOM-based cross-site scripting (XSS), showing how difficult it can be to secure a complex Website.
Facebook's Graph search proves even more invasive than first thought. Workforce culture impedes infrastructure security. New Zealanders are warned to be very afraid of their smartphones.
Government commitment to open source may be more aspirational than real. The US Department of Defense expands its cyber capabilities (especially offensive capabilities). Fujitsu designs a smartphone platform for secure BYOD operations.
Today's issue includes events affecting China, European Union, India, Iran, Ireland, Israel, New Zealand, Portugal, Russia, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
'Red October' Response Shows Importance Of Threat Indicators(Dark Reading) Researchers provide indicators of compromise for Red October that helps companies check for infections. When Kaspersky Lab published the initial report identifying the Red October cyberespionage campaign early last week, many companies likely searched the publication for ways to detect the malware in their own systems
Citizens Bank Hit By Possible Cyber Attack(CBS Local) Add Citizens Bank to the list of financial institutions whose online banking websites are tough to access, Citizens officials confirmed on Friday. "Our website has experienced temporary disruptions due to an unusually high volume
Big Bank Mules Target Small Bank Businesses(KrebsonSecurity) A $170,000 cyberheist last month against an Illinois nursing home provider starkly illustrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions. I have written about more than 80 organizations that were victims of cyberheists, and a few recurring themes have emerged from nearly all of these breaches. First, a majority of the victim organizations banked at smaller institutions
QassamCyberFighters PasteBin profile(Cyberwarzone) The group that got know for their attacks on the banks in the month December and January are still active on PasteBin. As their profile on Pastebin shows their latest post was posted on the 22nd of january. The profile contains a lot of Pastebins that have messages towards the banks and governments
Big U.S. Banks Unprepared for Growing Wave of Cyber Attacks(The Motley Fool) Distributed Denial of Service attacks. Better known as DDoS attacks. That's geek speak for the kind of cyber assault that hits a web server with so many requests for service that the site becomes unavailable for use by anyone else. Quite literally information overload…As investors, we need to know that the banks we own shares in are taking care of the people they depend on to stay in business. And if JPMorgan, Citi, B of A, or Wells Fargo can't give us proper peace of mind, we'll find some company that can
Anonymous hackers hijack US agency website(Computer Weekly) Hackers have embedded a video statement on the homepage of a US government agency in response to the death of digital activist Aaron Swartz[, who] hanged himself in his Brooklyn apartment. The statement - purportedly from hacktivist collective Anonymous - said Aaron Swartz had died because he "faced an impossible choice" and had been forced into "playing a game he could not win"
Cyber attack shuts down US Justice Department's website(Press TV) The hacker group Anonymous has briefly shut down a website belonging to the US Justice Department, following a warning by the Homeland Security about an imminent 9/11-style cyber attack. The Saturday attack by the group against the US Sentencing
Anonymous Releases 'Warhead' via #OpLastResort(McAfee) There has been a great explosion of chatter in the last day around Anonymous' "Operation Last Resort" (a.k.a. #OpLastResort). The entities behind the various "official" communications around this operation have a sense of humor that we must point out (especially because if you don't catch it, you will end up wiping your disk). In typical fashion with these events, some data suggests that the whole thing (or at least the leak) is a hoax. Regardless of what data resides in the leaked files, it is apparent that someone is having fun, via the embedded scripts in the USSC site. (See the Update section, below, for details on the Konami scripts.) Anonymous has infiltrated specific US government systems in response to the "killing" of Aaron Swartz
Expert Finds DOM-Based XSS Vulnerabilities on Kaspersky, Panda and AVG Sites(Softpedia) Web security analyst David Sopas from Portugal has identified DOM-based cross-site scripting (XSS) vulnerabilities on the websites of three world-renowned security solutions providers: Kaspersky Lab, Panda Security and AVG Technologies. Security firms often warn about the importance of properly secured websites. However, these days, websites are so complex that it's hard not to miss a few vulnerabilities
Cutwail botnet on spam rampage, delivers Cridex worm(Help Net Security) Since its inception some six years ago, the Cutwail / Pandex botnet experienced its fair share of setbacks, but it's still going strong. The main reason for its existence is to send out millions of
Blocking SSH to Limit Security Exposures(Internet Storm Center) If you look over the ISC diaries from the past few years, you will find a sizable number which discuss some vulnerabilty or another involving SSH. Recently, I have seen a number of security issues involving SSH that has caught my attention. The first two are the recent announcement of the Barracuda backdoor earlier this week, and that malware authors have been targeting Linux with backdoored SSH daemons meant to steal account credentials. The next didn't directly involve SSH, but does shine a light on the lax controls that many organizations have toward resources that should only be accessible inside the corporate network. That Google was able to index a significant number of HP printers seems to indicate that many organizations have been slow to limit the flow of data in and out of the network
Biggest challenge for BYOD is data security not phishing(Gomo news) Responding to a recent opinion piece from SpamTitan here, hospital professional, Trinity Shravner has written in to warn of the security dangers from BYOD, Trinty says, I agree that in 2013 that social media will be the platform of choice for phishing attacks, but I think one of the biggest BYOD challenges will be data security and device control. Trinity continues, We were really struggling with BYOD since we are a hospital and we have HIPAA security issues to deal with, and we are too small to get a large BYOD system
Will your future work machine be a tablet?(Fierce CIO: TechWatch) Both Microsoft (NASDAQ: MSFT) and Apple (NASDAQ: AAPL) held calls on their last quarters' earnings this week, and various reports are filtering in with interesting nuggets of analysis and facts. For one, though the launch of Windows 8 did indeed generate an increase in sales, the 24 percent increase that it clocked starkly contrasts the much larger increases seen with the launch of Windows 7 (76 percent) or even the much-derided Windows Vista (65 percent) operating systems
Open source policy no guarantee governments will actually use open source(Fierce Government IT) The distance between government policy favoring open source technology and solicitations that don't actively discriminate against it can be great. That's the case found in a sample of 80 solicitations conducted by the Dutch government between January and June 2010. The Dutch government in December 2007 adopted an action plan meant to increase adoption of open source software and open standards in government agencies
Pentagon to create cyber attack wing(Sydney Morning Herald) The Pentagon has approved a major expansion of its cybersecurity force over the next several years, more than quadrupling its size to bolster the nation's ability to defend critical computer systems and conduct offensive computer operations
Pentagon to boost cyber security force(Reuters UK) The plan, which would increase both military and civilian staffing at U.S. Cyber Command, comes as the Pentagon moves toward elevating the new command and putting it on the same level as the major combatant commands. The official said no formal
US Cyber Command gets new teeth for online warfare(SlashGear) The US Cyber Command division, the Pentagon's cybersecurity team established to tackle a new age of digital threats, will be considerably expanded with new specialists in both offensive and defensive technologies, the Defense Department has confirmed
ComSec LLC Appoints Keesling Director of New Healthcare Cyber Defense Initiative(Pharmalive) Healthcare is entering a fight against an opponent that is already armed with advanced tools and techniques that have been field tested against the global financial giants for years. Healthcare data breaches are rapidly outpacing those of the financial services industry Low cybersecurity preparedness in the Healthcare Industry creates challenges for Asymmetric warfare planning ComSec Healthcare Assurance Options provides a preemptive counterespionage compliance plan for C-suite execsComSec LLC's President, J.D. LeaSure announced the appointment of healthcare industry veteran Tom Keesling to lead their newly established Healthcare Cyber Defense initiatives from its world headquarters in Virginia Beach, today
SAIC Targeting Commercial Big Data Portfolio for Energy, Health Sectors(The New New Internet) Science Applications International Corp. has developed a new portfolio of products and services aimed at helping commercial organizations organize large amounts of data in real-time. SAIC intends for its Critical Insight Solutions portfolio to provide commercial entities similar offerings the company provides to U.S. government customers, the company said
Booz Allen Wins 3 SPAWAR Contracts Worth $95M(Govconwire) Booz Allen Hamilton (NYSE: BAH) has been awarded three contracts with a total value of over $95 million by the Space and Naval Warfare Systems Command, according to a company statement. "In today's budget environment, our clients, including the Navy, are looking at the cost of doing business," said David Karp, Booz Allen senior vice president. "We're helping the
Facebook Blocks Yandex, the Google of Russia(Wired Business) Facebook has locked out a mobile app from Russian internet powerhouse Yandex. It's the latest examples of how social networks are increasingly hoarding their information and locking out potential competitors
Yes, that PC cleanup app you saw on TV at 3 a.m. is a waste(Ars Technica) Why these apps are awful and what you really need to do about your slow PC. Maybe you've seen the ads on the Internet or on TV in the wee hours of the morning. They make lofty promises: get rid of blue screens and error messages! Increase your speed! Clean up your system! But even when these PC cleanup apps aren't just malware in disguise, the things they're doing for your PC are often dubious. Many either replicate tasks that can be handled by built-in utilities or do things that could cause more problems than they solve
GitHub's new search reveals passwords and private keys(Help Net Security) GitHub, the popular online source code repository, has unveiled on Wednesday a new search infrastructure that should help coders find specific code within the millions of the individual repositories
Fujitsu develops HTML-5-based smartphone platform to secure corporate data(Fierce Mobile IT) Japan's Fujitsu is developing an HTML-5-based smartphone platform designed to secure corporate data in a BYOD environment, according to a report by Computerworld. The system, developed by engineers at Fujitsu Laboratories, matches an app on the smartphone with a cloud-based server that delivers corporate apps like email, sales databases and customer contacts, all as HTML 5 applications
In Big Tech, Bet on Companies That Seek a 'Better Way'(Wired Business) Consumer internet companies are notorious for selling us something we don't really need, whether it's Foursquare telling us to check in to the restaurants and shops we enter, or Facebook encouraging us to share every detail of our lives. It's a different story in the enterprise. In the last year we've seen that the most successful business-to-business companies, and the ones that gain the most loyal followings, started when a genuine problem began plaguing their founders
With $1 Trillion at Stake, Enterprise Technology Gets Its Star Turn(Wired Business) But here's why you should care about the latest enterprise software or services outfit knocking on your company's door. Every 10 to 15 years the enterprise market goes through an upheaval where the next generation of technology replaces the old. We're in the early stages of one of those big displacements right now, where huge companies are brought to their knees, and new giants are born
Countering cyber threat: UGC, AICTE to introduce cyber security courses(Daily Bhaskar) In an attempt to minimise increasing incidents of cyber crimes in state and to raise awareness among the students, the University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) have asked the technical colleges and universities to create and introduce cyber security courses as a part of the syllabus for undergraduate and post-graduate students. The move comes on the advice of the task force of the national security system. The force was set up by the cabinet committee on security and was mandated to review existing process, procedures and practices in the national security and to suggest measures to strengthen the security and to make students aware of such activities
John Kerry needs to get a clue(CSO) John Kerry, one of my senators and the next secretary of state, calls foreign hackers "21st Century Nuclear Weapons." For a man known for his nuanced language, the word choice is pretty reckless
Minister calls on City to attack cyber-crime(The Independent) The Cabinet Office minister Francis Maude is expected to launch a key part of his cyber-security strategy this week, as the Government attempts to protect big business and Whitehall from mounting digital attacks. Following a successful pilot project called Auburn, government and industry are poised to unveil what it describes as a "permanent information sharing environment"
Microsoft waived hearing in EU browser ballot antitrust case(Computer World) Microsoft waived its right to a hearing before European antitrust regulators to further answer charges that it failed to offer customers a browser choice screen, according to documents filed with the U.S. Securities and Exchange Commission (SEC). The company faces fines in the billions for the blunder. In a Jan. 24 filing with the SEC, Microsoft noted the ongoing investigation by the European Commission, the EU's antitrust arm, and gave a short status update of the case
Ortiz says suicide will not change handling of cases(Forensic Focus) U.S. Attorney Carmen Ortizs office doubled down in defense of its handling of the case against the late Aaron Swartz last night, but his loved ones say she needs to reflect on her official bullying, while legal experts said they believe the Internet activists suicide while facing cyber-theft charges could haunt Ortizs career and change the way her office prosecutes cases. Ortizs spokeswoman, Christina DiIorio-Sterling, said last night the Swartz case wont affect the offices handling of other cases. Absolutely not, she said
Zero-Day Exploits(Air Force General Counsel) Homeland Security has recently issued a warning for all users to disable their Java plug-ins in their browsers. This warning was spurred on by the discovery of a Java zero-day exploit that puts 850 million computers at risk of malware attacks. Although terrifying, this is just one example of how zero-day exploits are changing the face of cyber warfare
Bullied Cork Teens Died from Suicide(Evening Echo) TWO Cork teenagers who were subjected to online bullying have died by suicide in the past six months. In both instances, the bullying took place on social networking sites over a number of months
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Data Privacy Day(Various locations, January 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy...
North American ICS & SCADA Summit(Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
NRO Winter Way Forward Conference(Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
IHS CERAWeek 2013(Houston, Texas, USA, March 4 - 8, 2013) IHS CERAWeek 2013 will offer new insight on the energy future -- and on the strategic and investment responses by producers, consumers and policy-makers. What are the changes ahead in the competitive...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
CanSecWest 2013(Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
Google and University of Maryland Cybersecurity Seminar(College Park, Maryland, USA, March 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.