The Izz ad-Din al-Qassam Cyber Fighters appear to have suspended their denial-of-service campaign against US banks. The group says it's satisfied by the disappearance of "The Innocence of Muslims" from YouTube.
Back in October the New York Times published a story about the wealth questionably accumulated by the family of China's premier. Chinese hackers (possibly under state direction or influence, possibly simply "patriotic") quickly initiated a four-month cyber campaign against the paper. Mandiant, which the Times hired to remediate the attacks, found the malware infestation largely bypassed Symantec tools the Times had relied on for protection. (Symantec points out that it's unwise to rely on signature-based defenses alone.)
Familiar bad actors return to the news. Moroccan Ghosts attack Vietnamese government sites, the Reveton Trojan introduces encryption to make it harder for ransomware victims to remove it, the architects of China's Great Firewall may have been responsible for recent GitHub attacks, and prominent American knuckleheads NullCrew give an interview in which they (sort of) explain what passes for the reasoning behind their attacks ("the system is run by rich ***holes").
Chinese Android users suffer from "Bill Shocker" malware, which induces a phone to send costly messages. Bill Shocker is likely to spread globally.
Firefox, in an effort to deflect drive-by attacks, will now default to refusing plug-ins. Cisco finds legitimate sites serving more malware than traditionally dodgy ones.
IBM introduces a big-data security tool designed to flag and stop insider threats. The FBI's pursuit of Stuxnet leakers arouses press freedom concerns.
Today's issue includes events affecting Antigua and Barbuda, Australia, China, Czech Republic, Estonia, European Union, Iran, Israel, Morocco, NATO, New Zealand, United Kingdom, United States, and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Muslim vid protest hackers turn web-flood hosepipe away from US banks(The Register) Islamist hackers busy blasting bank websites with network traffic have suspended their assault after a controversial anti-Muslim video ceased to be available through YouTube. The Izz ad-Din al-Qassam Cyber Fighters crew launched a series of distributed denial-of-service (DDoS) attacks in September and December, with the stated aim of protesting against extracts of the Innocence of Muslims film appearing on Google's video clip site. The search giant restricted the availability of the video in some countries following a wave of protests across the Middle East.
Moroccan Ghosts Hack and Deface 12 Vietnamese Government Websites(Softpedia) Hackers of the Moroccan Ghosts group have breached and defaced 12 websites belonging to various Vietnamese government institutions. The affected sites include the ones of the CC TH Y Department of Animal Health, the National Committee on Ageing, the Ho Chi Minh Communist Youth Union of the Ninh Binh Province, and the Vinh Ho Chi Minh City Youth Union. Many of the sites are hosted on the main domain of the Ministry of Labour Invalids and Social Affairs
FedEx-themed malicious emails bombarding inboxes(Help Net Security) FedEx customers are constantly targeted with malicious emails supposedly coming from the global courier delivery service, but since the start of the year, FedEx-themed spam has become more plentiful
Malware controls 620,000 phones, sends costly messages(Help Net Security) A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the "Bill Shocker" (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide
God Horses are Floating Clouds: The Story of a Chinese Banker Trojan(Threatpost) In China these days, e-commerce has become an important part of daily life, especially among young people. According to a report from CNNIC (China Internet Network Information Center), the number of Chinese e-commerce users reached 242 million at the end of the December 2012. This is nearly half of all Chinese internet user
Great Firewall architects fingered for GitHub attack(The Register) The Chinese computer scientists who helped build the countrys infamous Great Firewall may have been responsible for a man-in-the-middle attack on users of GitHub after they were named and shamed on the social code sharing site. This is the theory put forward by GreatFire. org, a not-for-profit organisation which monitors and reports on online censorship in China
Hackers unveil latest Apple iOS 6 jailbreak website(CSO) The untethered jailbreak software will go through testing before it is released. Apple software hackers unveiled a website late Wednesday where the latest untethered jailbreak is expected to be released soon. An elite team of hackers has been working for months to develop an untethered jailbreak for iOS 6, Apple's latest operating system, which would allow users to customize their phones and install applications not vetted by Apple
Feds stumbling after Anonymous launches 'Operation Last Resort'(ZDNet) The U.S. Department of Justice still has two Federal websites down since Friday when Anonymous launched 'Operation Last Resort' demanding legal reform. The U.S. Department of Justice still has egg on it face after hacktivist group Anonymous launched 'Operation Last Resort' commandeering Federal websites, threatening to release government information, and demanding legal reform. Late evening Friday, January 25, U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in what the group calls "Operation Last Resort" in response to the recent, tragic suicide of hacktivist Aaron Swartz
E Hacking News Interview with The hacker group NullCrew(E Hacking News) Today, EHN had an interview with the hacktivist group NullCrew who recently leaked the data from UN Wasatch and Wisconsin University site. In the past , the group breached the World Health Organization(Who) , PBS, UNESCO Etxea , Ford, DHS's Study in the States and Sharp Electronics UK, University of North Carolina , Yale University, South Africa's Leading ISP Directory site and more sites. Why did you attack those sites
How Yahoo allowed hackers to hijack my neighbor's e-mail account(Ars Technica) Web bugs can have serious risks, especially when they fester for eight months. When my neighbor called early Wednesday morning, she sounded close to tears. Her Yahoo Mail account had been hijacked and used to send spam to addresses in her contact list. Restrictions had then been placed on her account that prevented her from e-mailing her friends to let them know what happened
Facebook Killed Off 37% Of Spammers Since June 2012(TechCrunch) If you've ever gotten a fake friend request, you know Facebook has spammers. But it's winning the fight against them. Facebook's estimate of the total percentage of monthly users that are "undesirable" or spammer accounts dropped to 0.9 percent from 1.5 percent in June 2012. That means there's only around 9.5 million of these trouble-makers on the site, down 37 percent from 15.1 million in
Security Patches, Mitigations, and Software Updates
PayPal plugs SQL injection hole, tosses $3k to bug-hunter(The Register) PayPal has fixed a security bug that could have allowed hackers to compromise the payment website's databases using an SQL injection attack. Researchers at Vulnerability Laboratory earned a $3,000 reward for discovering and reporting the critical bug to PayPal in August. An advisory sent to the Full Disclosure security mailing list explained the scope of the vulnerability, which was fixed this month
Firefox will block by default nearly all plugins(Help Net Security) Following the recent debacle of the critical Java 0-day that was being actively exploited in the wild, in an attempt to minimize its users' attack surface Mozilla has enabled "Click To Play" for recent
Nearly Half Of IT Staff Fear Unauthorized Access To Virtual Servers(Dark Reading) Varonis research reveals virtualization is still black box for IT security. Research conducted by Varonis, the leading provider of comprehensive data governance software, found that data security in virtualized environments is often neglected by IT organizations, with 48% either reporting or suspecting unauthorized access to files on virtualized servers. The study, conducted at VM World conferences[i], suggests that there is a limited awareness of security matters when it comes to virtualized servers, with 70% of respondents having little or no auditing in place on virtual servers
Legitimate Sites Are Most Likely To Serve Up Malware, Cisco Study Says(Dark Reading) About a third of all malware is encountered in the U.S., Cisco annual security study finds. Legitimate sites and advertisements on the Web are much more likely to deliver malware than "shady" sites, according to a new study released Wednesday. According to the Cisco 2013 Annual Security Report, the highest concentration of online security sites does not come from "risky" sites such as pornography, pharmaceutical, or gambling sites, but from everyday sites
Service Disruption or Destruction: Which is Worse?(Threatpost) Outcomes in security tend to be about data loss; stolen pharmaceutical formulas, jet fighter blueprints, patient records, credit card numbers etc. All of these come with a great cost to the victim and make for sexy headlines. But far too little is dissected and analyzed about service disruptions
BSIA Research Underlines The Strong Demand For The Security Systems In The Middle East Marketplace(Source Security) The results of new research carried out on behalf of the British Security Industry Association's Export Council, to coincide with the recent Intersec 2013 event in Dubai, underlines the strong demand being seen in the Middle East marketplace for the latest security systems from UK businesses, despite increased international competition, and also brings into sharp focus the key technology trends such as HD CCTV, PSIM and hybrid solutions that have been center stage over the past 12 months. The vast majority of the Export Council's member companies (87%), who responded to the survey, confirmed that they are active in this pivotal region. Of those questioned, 40% reported that they had witnessed a notable increase in revenues derived from the Middle East over the past 12 months
Defending Against Defense Cuts(USA Today) As Washington debates "sequestration" -- automatic budget cuts that threaten to slash $600 billion from the Pentagon budget by 2023, beginning March 1 -- the defense industry, and cities relying on it, know sequestration isn't half the problem
Let The Sequesters Begin, Some Republicans Say(Washington Times) Congressional Republicans are preparing to let $85 billion in automatic spending cuts begin to bite March 1, saying they have become convinced that letting the "sequesters" take effect is the only way they will be able to wrangle real spending cuts from President Obama
Contractors Keeping Their Cool As They Close In On Sequester(Washington Post) The next few months could look even scarier than the last few for defense contractors already battered by federal budget cuts, thanks to the threat of automatic reductions looming in March. But industry executives had a surprising message for shareholders this week: Don't worry about it
ManTech, SAIC Vet Terry Ryan Joining VT Group As CEO(Govconwire) VT Group has appointed Terry Ryan, formerly chief operating officer of ManTech International's (NASDAQ: MANT) emerging markets group, to succeed the retiring David Dacquino as CEO. The Arlington, Va.-based defense contractorAny person who enters into a contract with the United States for the production of material or or the performance of services for the national defense. said Ryan will assume the chief executive role Monday
Cisco buys Czech cyber security firm(Biz Journals) Cisco Systems is beefing up its security by picking up Cognitive Security, a Prague-based that uses artificial intelligence to detect cyber threats. Cognitive Security was founded in August 2009 and is led by CEO and founder Martin Rehak, who is also a researcher at the Czech Technical University. The Czech company opened a branch office in Silicon Valley in April 2010
Sierra Wireless to use $100 million from AirCard sale to acquire M2M firms(Fierce Mobile IT) Sierra Wireless plans to put the $100 million it plans to clear from the sale of its AirCard business to NetGear into acquisitions of machine-to-machine communications firms, according to Jason Cohenour, the firm's president and chief executive officer. Cohenour told FierceMobileIT that Sierra Wireless has decided to focus its business solely on the M2M market. The sale of its consumer-focused AirCard mobile broadband device unit to networking firm NetGear is a key step in that effort, he said
Lockheed Helping AF Run Mission Planning Software(Govconwire) Lockheed Martin (NYSE: LMT) has won a $49.6 million contract to help the U.S. Air Force sustain and maintain software applications for mission planning and analysis. The Defense Department said the Air Force received two offers for the indefinite-delivery/indefinite-quantity contract through an open competition. Under the IDIQIndefinite Delivery Indefinite Quantity, the company will help run
Report: Dell Nearing Buyout Deal, Microsoft Involved(Govconwire) Dell (NASDAQ: DELL) is nearing a deal for a buyout led byBudget Year California-based private equity firm Silver Lake Management LLC, Bloomberg reports. Microsoft (NASDAQ: MSFT) could provide some funding and Michael Dell could contribute between $500 million and $1 billion of equity financing for the deal, the report said. Michael Dell currently holds a
Michael Dell needs to make sure he's not getting a sweetheart deal for his own firm(Quartz) Michael Dell is trying to take back control of the company he founded—but he'd better be careful about how he does it. Dell, who is teaming up with private equity firm Silver Lake and Microsoft to take the eponymous PC maker private, is reportedly seeking a majority stake. He owns about 16% of the company now, and is willing to kick in at least $4 billion in equity as part of a deal that could be worth at least $22 billion
IBM security tool can catch insider threats, fraud(CSO) IBM today rolled out a tool it says can cull massive terabytes of data, including email -- to help customers detect external attacks aimed at stealing sensitive information or insider threats that might reveal corporate secrets. The tool, called IBM Security Intelligence with Big Data, is built on top of two core IBM products: the IBM enterprise version of open-source Hadoop database with analytics tools known as InfoSphere BigInsights, plus the IBM QRadar security event and information management (SIEM) product that IBM obtained when it acquired Q1 Labs back in 2011
RSA Security Analytics leverages big data(Help Net Security) RSA released RSA Security Analytics – a transformational security monitoring and investigative solution designed to help organizations defend their digital assets against internal and external threats.
MS Office 2013 Upgrade: 4 Points to Consider(InformationWeek) Microsoft Office 2013 offers some compelling new features, especially for mobile users. But how will buyers respond to the new version's license shake-up and cloud emphasis
Technologies, Techniques, and Standards
Going Green With Your Ones and Zeros(Dark Reading) For better security, use less data. I know what you're thinking. "This is the same person who wrote Log All The Things, right?" And of course everyone wants to Log All The Things, because Big Data. But there's another angle to logging and monitoring, along with all the rest of your enterprise data, and that's what I'm calling the principle of least use
Practical steps to minimize data privacy threats(Help Net Security) Google comes across 9,500 new malicious websites each day and responds by sending notifications to webmasters. Nevertheless, these websites are just one of the many dangers threatening data privacy
How do you protect your phone and your data?(Help Net Security) Given the risks we run in not securing our phones, you'd be forgiven for thinking it must be a task requiring a doctorate in computer science. In reality, however, securing a smart phone can take only
Design and Innovation
Hold The Phone, I Want My Dick Tracy Watch(TechCrunch) A few days ago, I read Nilay Patel's review of the Pebble smartwatch for The Verge. Like many others, I bought a Pebble on Kickstarter, and I can't wait to try it out myself. But one part of Patel's review stuck out at me in particular: Any incoming notification will quietly buzz the Pebble and light up the screen. Frankly, it's great — being able to see who's texting, emailing, or
You can't learn life's most important lessons in an online classroom(Quartz) Would you rather attend a local live concert with music performed by a fine, amateur orchestra, or listen to a masterful rendition of the same music recorded by a world-renowned musician? That was the question a colleague posed to me recently as we were debating the merits of online education
Legislation, Policy, and Regulation
Senators Seek Permanent Extension Of Internet Tax Ban(TechCrunch) Congress is looking to keep popular Internet-only services, such as email and social networks, permanently free of taxes. Sen. Kelly Ayotte and Sen. Dean Heller are seeking a permanent extension of the original 1998 Internet Tax Free Act, which is set to expire in November 2014. "E-commerce is thriving largely because the Internet is free from burdensome tax restrictions. Unfortunately, tax
EU plan to voluntarily remove 'terrorist content' finally concludes(Ars Technica) Lawmaker says after two years CleanIT "won't lead to an acceptable result." If CleanIT has its way, ISPs and web hosts will agree to a voluntary set of guidelines to "reduce terrorist use of the Internet." During the last two years, CleanIT, the European Commission-funded project group to "reduce terrorist use of the Internet," has met on a regular basis trying to come up with a set of voluntary general principles to achieve that vague goal. Earlier this month, the group published its "final report," in which it called for a "flag this as terrorism" content button in your browser
National Security Strategy considers risk management(ethos Corporation) The National Security Strategy which discusses the means of increasing the country's safety over the next ten years, has officially been launched by prime minister Julia Gillard. The document complements the Asian Century white paper and will strive to ensure Australia takes advantage of the opportunities it is presented with, while keeping focused on national security efforts. Gillard emphasised that policies need to be updated as new threats arise, showing how important it is for those in risk management jobs at government level to constantly be aware of external pressures.
Estonias DM Stresses EU-NATO Cyber Cooperation(Defense News) Estonian Defense Minister Urmas Reinsalu strongly supported EU-NATO cyber defense cooperation at the Jan. 30 Global Cyber Security Conference here. Noting that NATO had agreed on a policy in 2011 and the EU is about to come up with a cybersecurity strategy, he said it would be unreasonable to duplicate efforts, and called for a strategic-level vision of goals and measures. Possible actions could include EU-NATO exchanges on standards and regulations plus cyber defense pooling and sharing, for example, in relation to cyber incident management
After leaving Senate, Jon Kyl softens on cyber-defense order(Politico) Former Arizona Sen. Jon Kyl has backed off his staunch objection to a presidential executive order aimed at beefing up the nations cyberdefenses a prospect he only months ago asserted would be unconstitutional overreach. The former GOP whip complained that both Senate Democrats and the U.S. Chamber of Commerce long one of his key allies have been unbending and unreasonable. The government is vulnerable, our information technology infrastructure is vulnerable, the electric grid is obviously vulnerable as is the banking system, Kyl said during an interview with POLITICO in a barren office at the American Enterprise Institute, where he is holding fort as he decides which Washington law firm to join
Litigation, Investigation, and Law Enforcement
Is It Illegal To Unlock a Phone? The Situation is Better - and Worse - Than You Think(EFF) Legal protection for people who unlock their mobile phones to use them on other networks expired last weekend. According to the claims of major U.S. wireless carriers, unlocking a phone bought after January 26 without your carrier's permission violates the Digital Millennium Copyright Act (DMCA) whether the phone is under contract or not. In a way, this is not as bad as it sounds
Activists Flood Government Agencies With FOIA Requests in Tribute to Aaron Swartz(Wired) In honor of the transparency fights that coder and internet activist Aaron Swartz led while alive, an online records processing service has submitted more than 100 public records requests on behalf of members of the public. Muckrock, a site that processes public records requests for a fee on behalf of journalists, lawyers, activists and others, decided to waive its fee (generally $20 for five requests) last week and offer to submit federal Freedom of Information Act requests for free to honor Swartz, who committed suicide earlier this month
Court Upholds Conviction in Dead Sea Scrolls E-Mail Impersonation Case(Wired) A New York appeals panel is upholding the e-mail impersonation conviction of the son of a famous Dead Sea Scrolls scholar setting aside contentions that the e-mails were constitutionally protected satiric hoaxes or pranks. Defendant Raphael Golb, who was sentenced to six months, is the son of historian Norman Golb. The younger Golb, unhappy with scholastic attacks on his fathers research, faked e-mails of his fathers vocal rivals, sent them to New York University and University of California, Los Angeles administrators, faculty and even some students
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
North American ICS & SCADA Summit(Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
CanSecWest 2013(Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
Consumerization of IT in the Enterprise Conference and Expo(San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.