South Korea provides more information on its attribution of the Dark Seoul cyber campaign to the North Korean regime.
Another Android vulnerability is discovered. Android's success in the consumer market is also stoking a thriving criminal black market in exploits.
Marriott Rewards members are advised to change their passwords after Marriott detects a spike in attempts to hack into user accounts. Kaspersky offers some timely advice on cyber safety for vacation travel (start by being less forthcoming in social media).
Waterholing appears to be displacing spearphishing in state-sponsored cyber attacks.
Mandiant reminds people that "Unit 61398" is part of China's People's Liberation Army, not "just a collection of some guys working in someone's basement."
Oracle's July patches closed eighty vulnerabilities in the firm's products.
Quantum Dawn, Wall Street's cyber defense exercise, starts tomorrow. In the meantime the financial sector worries about vulnerability to cyber attack, and works to come to grips with an emerging cyber risk regulatory regime.
Booz Allen, CACI, SAIC, Honeywell, and General Dynamics are among thirteen winners of a US Navy cyber IDIQ contract worth up to $900M.
US universities, particularly research universities, are increasingly becoming targets of industrial espionage. (Coincidentally or not, more universities are partnering with cyber companies—General Dynamics and Rensselaer Polytechnic, for example, announce a new research arrangement.)
Cyber cooperation among the US, UK, Australia, Canada, and New Zealand is unlikely to be impeded by public reaction to leaks, observers note.
Snowden has requested asylum in Russia. The Manning trial nears its conclusion.
Today's issue includes events affecting Afghanistan, China, European Union, Germany, Israel, Republic of Korea, Democratic People's Republic of Korea, Malaysia, Russia, Switzerland, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Seoul blames North Korea for June cyber attack(Globe and Mail) South Korean investigators on Tuesday blamed rival North Korea for a cyber attack last month on dozens of South Korean media and government websites, including those of the president and prime minister. The biggest piece of evidence linking Pyongyang to the attacks on June 25, which marked the 63rd anniversary of the beginning of the Korean War, was a North Korean Internet protocol address found in some of the websites and malicious codes, South Korea's Ministry of Science said
CSRF Still Armed And Dangerous(Dark Reading) Cross-site request forgery may not get the same attention as SQLi or XSS, but it still poses considerable risk to Web apps. While they may not pack the same punch or crop up at the same frequency as injection or cross site scripting attacks, cross site request forgery (CSRF) attacks should still be very much on the radar of application developers. This year, CSRF may have gotten bumped down a few notches on the OWASP top Web app vulnerability rankings, but it still remains on the top ten and, according to some, CSRF attacks may well be accelerating
I Know Where you Checked in Last Summer(Kaspersky Lab Daily) It's summer, that time of year where we go on vacation, take lots of pictures — and, of course, upload them to Facebook, Instagram and Twitter. And because we want people to know where we are taking this beautiful picture of the fabulous time we're having, we also like to 'check in' at various locations, or to tag the geographic locations in the pictures we took, right down to the exact address of the restaurant or hotel we're at right that moment
A look at Point of Sale RAM scraper malware and how it works(Naked Security) A special kind of malware has been hitting the headlines recently - that which attacks the RAM of Point of Sale (PoS) systems.. In this article, Numaan Huq from SophosLabs takes a step back from the technical details and looks at the evolution of these PoS RAM scrapers
Water Hole Replacing Spear-Phishing as State-Sponsored Weapon of Choice(Infosecurity Magazine) Spear-phishing is an attack that attempts to ensnare a specific individual or group of victims via email; water hole attacks wait for the victim to come to the trap. Attackers - especially state-sponsored attackers - are increasingly turning to the latter as their weapon of choice
Unpatched Vulnerabilities Disclosed in Asus Home Routers(Threatpost) Asus home routers are open to a number of potential remote attacks because of vulnerabilities in the AiCloud service bundled with the hardware. Security researcher Kyle Lovett posted on Sunday to the Full Disclosure mailing list today a follow up to a June disclosure of a directory traversal bug in the RT-N66U routers
Chinese hackers identified(Federal News Radio) Earlier this year information security firm Mandiant identified a previously unknown group hackers thought to be in China. "People referred to China or Chinese hackers, but there was plenty of wiggle room there to assume it could be a collection of guys working in someone's basement without a tie to the government," Richard Behtlich chief security officer for Mandiant. The group the identified is called Unit 61398. Bejtlich says, "we showed pretty conclusively that at least this one group is part of the PLA" AKA The Chinese People's Liberation Army
Post Liberty Reserve Shutdown — What's Next?(TrendLabs Security Intelligence Blog) After Liberty Reserve's shutdown, small or big–time cybercriminals had to scurry for an alternative currency. Some cybercriminals exclusively used Liberty Reserve (LR) as an e-currency to fuel their businesses, but its sudden shutdown took the underground scene by surprise. While many of them had a hard time believing this was indeed happening, others thought that LR would be back any time soon
Security Patches, Mitigations, and Software Updates
Oracle Critical Patch Update Advisory — July 2013(Oracle) A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes
Oracle plugs 90 security holes in hundreds of products(FierceITSecurity) Oracle is releasing security patches on Tuesday for 90 new vulnerabilities across hundreds of Oracle products, the software giant said in a pre-release announcement for its quarterly critical patch update
Cyber security threat to US ports(Port Strategy) Low cyber-security awareness and culture in US port facilities leave the nation's key hubs vulnerable to crippling cyber attacks, according to a new report
Regulators Cite Cyberattack Risks for Financial Firms(Wall Street Journal) The report, by staff of the International Organization of Securities Commissions, warns that cyber-crime has become significantly more sophisticated, making it more challenging to defend against. Hackers are increasingly focusing on destabilizing
Cyber Attack Should Be Deemed Systemic Risk, Exchange Study Says(Businessweek) About 53 percent of exchanges surveyed have been hit by a cyber-attack in the last year. American venues were most likely, with 67 percent saying they had to fight them off, the joint study by the International Organization of Securities Commissions
Cybersecurity Exercise: Quantum Dawn 2(SIFMA) Quantum Dawn 2 is a cybersecurity exercise to test incident response, resolution and coordination processes for the financial services sector and the individual member firms to a street-wide cyber attack
Chrome, Linux users more likely to ignore browser security warnings(FierceCIO: TechWatch) Chrome users are far more likely to ignore security warnings than users of the Firefox browser. The findings were outlined in a new study titled "Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness" that can be downloaded here
The cyber arms race is already in full swing(FierceCIO: TechWatch) The New York Times last Friday ran a report titled "Nations buying as hackers sell flaws in computer code" that detailed a new arms race that looks to be in full swing. In a nutshell, these hackers and security researchers have a single-minded focus to find novel security bugs and weaknesses--or "zero days"--and then develop a way to exploit them
NSA Surveillance: IT Pro Survey Says What?(InformationWeek) To understand the relationship between security and privacy, we should pay more attention to IT professionals and spend less time asking loaded questions
Big Brother in our health and fitness apps(FierceMobileHealthCare) This week, the Privacy Rights Clearinghouse, a California nonprofit dedicated to empowering individuals to protect their privacy, issued a study on mobile health and fitness apps based on a technical risk assessment they performed to determine what data the apps collected, stored, and transmitted. After studying 43 popular apps (both free and paid) from a consumer and technical perspective, the group found "considerable privacy risks for users" and that the privacy policies for those apps that have policies do not describe those risks
NEC calls it quits on smartphones after Lenovo deal falls through—is Huawei/HTC next?(Quartz) There was a time when NEC was the 500 lb. gorilla in Japan's cellphone market with a 27% market share—then came smartphones. Faced with competition from the likes of Apple and Samsung, NEC's share quickly shrunk to a measly 5%; after spending six months unsuccessfully trying to negotiate a partnership with China's Lenovo, the company has decided to exit the smartphone business entirely, according to a report by the Nikkei newspaper
Air Force 'carving out' more AF members for cyber(Air Force Times) Space Command announced earlier this year they would be standing up additional cyber mission teams between 2014 and 2016 in support of U.S. Cyber Command. "I think the future is very bright in space and cyber…there are challenges in budgets, there
After Snowden, Booz Allen Wins Navy Cyber Work(Wall Street Journal) Booz Allen Hamilton Inc. was one of 13 companies to win part of a $900 million contract to provide the U.S. military with support for its expanding cyber operations, the Defense Department announced Tuesday. The award comes as Booz Allen is facing
Dell committee mulls delaying vote(FierceFinance) Is this a bad omen for Michael Dell's attempt to buy his own company? The board's special committee, tasked with overseeing the bidding process, has let it be known that it is considering a delay to the scheduled July 18 vote on the founder's $13.65 a share offer, which so far has been supported by the committee, which also evaluated a leveraged recap proposal from Carl Icahn
SCADA Vendor Offers Store Credit for Vulnerabilities(Threatpost) IntegraXor, a manufacturer of supervisory control and data acquisition (SCADA) equipment, announced last week that it would implement a bug bounty program offering points redeemable for company services to researchers that disclose security vulnerabilities in their IGX SCADA system
Lockheed Selected for Israel's $279M Military IT Upgrade(GovConWire) Lockheed Martin (NYSE: LMT) has partnered with Bynet Data Communications for a potential $279 million multiple-award contract to modernize the Israeli Defense Ministry's military intelligence headquarters, the World Tribune reported Sunday
Deltek Buys Project Mgmt Software Maker Acumen(GovConWire) Deltek has bought project management software and services provider Acumen for an undisclosed sum in a move aimed at growing Deltek's enterprise-class offerings. Texas-based Acumen adds analytics, project planning and risk management products to Deltek's portfolio for government contracting and professional services organizations, the companies said in a joint statement
Viewfinity launches a new application control solution(Help Net Security) Viewfinity announced the availability of the Viewfinity Application Control solution, a homogeneous software solution that includes application whitelisting, managing trusted sources, forensic analysis
Trustlook Introduces the First APT Mobile Security Solution(Wall Street Journal) Unlike the traditional intrusion-prevention, anti-malware and anti-virus products, Trustlook provides the first APT (advanced persistent threat) mobile security solution to detect and address zero-day and advanced malware. While the mobile industry is
SafeNet Partners with Senetas to Protect Data in Motion(CSO) SafeNet, Inc., a global leader in data protection, today announced an extended global distribution agreement with Senetas Security Pty Ltd., in which SafeNet will add Senetas's high-speed network encryption solutions, including the new CN6000 family, to its portfolio of products distributed around the globe. Senetas complements SafeNet's data protection solutions to provide persistent protection of sensitive information at critical points in its lifecycle, wherever and however that information is used. Government agencies and business organisations can reduce risk, improve compliance posture, and enhance governance and ownership of sensitive data across their business
Mobile security from Norton leads the stress test for Android(QR Code Press) There were 21 different apps tested on three separate occasions since January 2013. Among them, the highest detection rates were achieved by Bitdefender Mobile Security and Antiy AVL, achieving 99.8 percent. Norton's mobile security detection rate
How to Secure Social Media Accounts(eSecurity Planet) While there is much debate over social media's impact on productivity, it clearly creates security risks. These simple practices should keep employees' social media use from endangering the enterprise
SMB Insider Threat: Don't Hire a Hacker(Dark Reading) Last month, Edward Snowden reminded us that the greatest threat to our critical systems and sensitive data is not the external hacker but the trusted insider. While leaks pertaining to large government agencies capture the headlines, the SMB insider silently threatens our organizations with devastating impact
Petition calls for an end to passwords(CSO) A public advocacy campaign called Petition Against Passwords claims passwords are a thing of the past, and that new methods of authentication are necessary to secure the future
Don't Ignore the Warnings(Symantec) Be honest. Do you really read the warning messages that your browser displays to you? Or do you blindly click the phishing site warnings or the SSL mismatch dialog away? Apparently most users don't seem to care too much about those warnings and click through them quickly. And I doubt that they have memorized the meaning of the warnings and reflect on the consequences each time
"Oh no, the suspect ran CCleaner to get rid of the evidence!"(Magnet Forensics) I recently received a few questions about the effects of running Internet history sanitation tools such as CCleaner, when examining a computer looking for internet related artifacts. CCleaner is a product from a company identified as Piriform (www.piriform.com), and a version is freely available online and commonly used to 'sanitize' user activity. From the online documentation, CCleaner is said to protect privacy by cleaning out Internet browsing history and temporary internet files
If A Network Is Broken, Break It More(Inside Science) From the World Wide Web to the electrical grid, networks are notoriously difficult to control. A disturbance to just one part of the system can spread quickly and affect the whole thing. But this problem is its own solution: by selectively damaging part of the network, we can bring the entire system to a better state
Campuses Face Rising Threat From Hackers(New York Times) Americas research universities, among the most open and robust centers of information exchange in the world, are increasingly coming under cyberattack, most of it thought to be from China, with millions of hacking attempts weekly. Campuses are being forced to tighten security, constrict their culture of openness and try to determine what has been stolen
Students, Start-Up Team to Create Android "Master Key" Patch(Slashdot) The saga of the application-signing flaw affecting Google's Android mobile phones took another turn Tuesday when a Silicon Valley startup teamed with graduate students from Northeastern University in Boston to offer their own fix-it tool for hundreds of millions of Android phones that have been left without access to Google's official patch
The Tech Geeks Are Israel's War Heroes(Huffington Post) The Israel Defense Forces, the IDF, is making significant hardware cuts. The story was reported on the front page of the Wall Street Journal and in other papers around the country
German Military Knew About PRISM: Report(SecurityWeek) The German military has known for years of the sweeping US online surveillance program PRISM, a newspaper reported Wednesday, citing a NATO document from the Afghanistan mission
Government secrecy undermines the good of federal programs(FierceGovernment) The federal government, I've argued before, is mostly a force for good in American society. It played vital roles in desegregation. Its social net programs ensure that the United States is more than a market of consumers, but a society that protects its vulnerable (something that's vital for the long-term survival of that market, as well, although those who would support poverty alleviation for utilitarian purposes only lack a soul). Its ability to regulate across the nation ensures modicums of basic safety and health standards at home and at work
Microsoft Asks Attorney General To Release Gag Order On NSA Spying(TechCrunch) Microsoft is tired of getting pummeled in the press over reports that it hands over emails and Skype conversations to the National Security Agency. Unfortunately, the federal gag order related to the NSA is so strict that companies can't even talk about the existence of the program. Today, Microsoft begged issued a strongly worded letter to Attorney General Eric Holder to release the gag
Meet the Snowden of Swiss Banking(Bloomberg Businessweek) Hervé Falciani blew a gaping hole in Swiss banking secrecy. The former systems engineer at HSBC (HBC)'s private bank in Geneva leaked details on thousands of client accounts to tax authorities in other countries, who say the data has helped them uncover some €200 billion ($260 billion) in tax fraud
Snowden's latest problem is that Putin despises turncoats(Quartz) Given Russian president Vladimir Putin's regular tirades against the US, you would think he'd be thrilled to be hosting Edward Snowden, the fugitive US intelligence contractor who on July 16 officially requested Russian asylum. But at least publicly, Putin is not restraining himself in this opportunity to goad Washington. Instead, he says he prefers that the American leave Moscow as soon as possible
Leaker Files For Asylum To Remain In Russia(New York Times) Edward J. Snowden, the former intelligence contractor on the run from the American authorities, on Tuesday formally requested temporary asylum in Russia, submitting an application that seemed aimed at insulating President Vladimir V. Putin from United States pressure and blame
Why It Doesn't Matter If Edward Snowden Is A Hypocrite(TechCrunch) Anti-authoritarian data leaker Edward Snowden is officially seeking the warm embrace of Russia, a country known for disappearing journalists and running a propaganda arm in the guise of a public media station. He's also deliberately withheld the most damning information about how the National Security Agency actually operates. Yet, even if Snowden joined the Russian KGB, his exposé of highly
19 Groups Sue NSA Over Data Collection(SecurityWeek) Nineteen US organizations filed suit Tuesday against the National Security Agency claiming their constitutional rights were violated by the secret spy agency's data collection programs. The Electronic Freedom Foundation filed the action on behalf of a variety of groups including the First Unitarian Church of Los Angeles, the gun rights group Calguns Foundation, Greenpeace and Human Rights Watch
British Border Police use Anti-Terror Laws to Seize Any Phone(Infosecurity Magazine) The parallels between US and UK intelligence grow. Snowden revealed the NSA's Prism project, then GCHQ's Tempora. The US border is well-known as a constitution-free zone for mobile device seizures; now the Telegraph reveals similar practices in the UK
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
AFCEA Global Intelligence Forum(Washington, DC, USA, July 30 - 31, 2013) During this day and one half unclassified conference in the National Press Club in downtown Washington, D.C., leaders from across the government, military, and industry will explore the role that the Intelligence...
2013 World Comp(Las Vegas, Nevada, USA, July 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields...
EAGB Summer Quarterly Webinar(Webinar, July 24, 2013) Join us Wednesday, July 24 from 10:00-11:00 AM as Patrick Dougherty discusses the EAGB's two newest reports: the Summer 2013 Quarterly Regional Economic Update and Cyber Security in Greater Baltimore:...
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
International Conference on Cyber Security(New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
3rd Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
A Cloud Computing Introduction for Manager(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Resilience Week 201(San Francisco, California, USA, August 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo(Albuquerque, New Mexico, USA, August 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well...
National SCADA Conference(Melbourne, Victoria, Australia, August 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Human Cyber Forensics Forum(Washington, DC, USA, August 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.