As Quantum Dawn begins, Quartz publishes an interesting speculative narrative of what a destabilizing cyber attack on the financial markets might actually look like: APTs slowly corrupting data, with their activity masked by distributed-denial-of-service noise. Analysts try to assess the risk to exchanges; consensus remains that it's large.
The Times of India reports that BlackBerry has granted Indian law enforcement agencies access to emails and chats. A German researcher also claims BlackBerry 10 sends full email account credentials to its corporate home.
The Syrian Electronic Army is back (as Assad's position grows stronger) with a claimed hack of Sweden's Truecaller global phone directory.
Network Solutions is recovering from yesterday's denial-of-service attack. Tumblr warns iOS users to change passwords, and patches the vulnerability that prompted the warning.
The cyber criminal economy grows in sophistication and rapacity. Recent offerings include botnet BitCoin miners, fraudulent identity "Kitz" (sic), and a "binder" for Android exploits. Forum platform vBulletin is apparently becoming a favorite launching point for criminal exploits.
HM Government reveals that it's investigating Huawei involvement with an Oxfordshire cybersecurity center. Staffing, not hardware, is at issue, but the episode highlights, again, the need for Chinese firms and Western governments to reach a sensible security modus vivendi.
Palantir woos New Zealand intelligence services. Symantec opens a center in Ireland. The US Navy awards places on a large cyber contract.
Congressional hearings over NSA surveillance continue, as members receive the Intelligence Community's views. Russia's Putin wants to be sure Snowden doesn't jeopardize US-Russian good relations.
Today's issue includes events affecting China, Estonia, India, Ireland, Japan, Latvia, New Zealand, Romania, Russia, Sweden, Syria, Turkey, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
This is what a destabilizing cyberattack on financial markets would look like(Quartz) Almost 90% of the world's financial exchanges believe that cyber-crime poses a systemic risk to the securities industry, according to a report (pdf) published by the International Organisation of Securities Exchanges (Iosco) and the World Federation of Exchanges this week. More than half of those exchanges have faced cyber attacks in the last year, and financial firms have had to invest huge sums of money to maintain their security. At least so far, they seem to have been mostly effective at warding off hackers
BlackBerry allows Indian government a direct access to emails and Chats(HackRead) Government agencies in India are now allowed to access your blackberry devices directly, allowing them to track conversations, emails and attachments sent between Blackberry devices on a real time basis. Times of India reports that according to a leaked government document, government agencies will be able to track and read every typed word on Blackberry devices This access will allow the agencies to spy on
Blackberry 10 Sends Full Email Account Credentials To RIM(Slashdot) How a phone manufacturer making a somewhat successful come-back can shoot itself in the foot: Marc "van Hauser" Heuse, who works for German technology magazine Heise, has discovered that immediately after setting up an email account on Blackberry 10 OS, full credentials for that account are sent to Research In Motion, the Canadian Blackberry manufacturer. Shortly after performing the set-up, the first successful connections from a server located within the RIM domain appear in the mail server's logs. (Most of the story in English, some comments in German.) At least according to German law, this is completely illegal, as the phone's user does not get a single indication or notice of what is being done. [Links to the original article for those who read German.
KakaoTalk Targeted By Fake and Trojanized Apps(TrendLabs Threat Intelligence Blog) Instant messaging apps are battling it out and trying to become the next popular means of communication that people will use. For example, in Japan, both Line and KakaoTalk – two popular chat apps – both claim to have more than 100 million users in Japan
Mac Ransomware Deviating from the (java)script(Infosecurity Magazine) Jerome Segura has blogged for Malwarebytes about a ransomware attack of sorts that poses a potential problem for OS X users. We've become all too familiar with malware that targets Windows users, telling them they have to pay the FBI or the police a fine for some infraction, often involving pornography. In fact, to some extent this type of malware has replaced fake anti-virus. We're less accustomed to seeing it as a problem for Mac users, though
Botcoin: Bitcoin Mining by Botnet(Krebs on Security) An increasing number of malware samples in the wild are using host systems to secretly mine bitcoins. In this post, I'll look at an affiliate program that pays people for the mass installation of programs that turns host machines into bitcoin mining bots
For about $40, "binder" tool weaponizes Android apps for you(SC Magazine) A tool that "trojanizes" legitimate Android apps may be a dream come true for criminals with ill intent but little skill or patience to craft their own malicious code. According to researchers at Symantec, for just $37, saboteurs can buy the AndroRAT APK Binder, currently being sold on underground forums. Andrea Lelli, a Symantec researcher, wrote in a Tuesday blog post that binders are the "first tools that easily allow users to repackage and trojanize legitimate Android applications with AndroRAT," a remote access trojan (RAT) for Android devices that was made freely available online last November by online crooks
Long Beach Memorial Medical Center announces data breach(Health IT Security) Long Beach Memorial Medical Center alerted 2,864 patients who received treatment from September 2012 to last month that it has experienced a health data breach. PressTelegram.com reports that it was an internal employee who compromised the data, but there are no details as to how they breached the information. The organization only referred to the Long Beach Police Department when asked about the employee
Cloud Security Risks Lurk In Big Data Projects, Auditor Says(CRN) The Cloud Security Alliance and other organizations have outlined the potential risks with cloud computing. Experts told CRN that an abundance of improper cloud deployments offers potential business opportunities to solution providers in the channel
Does NSA know your Wi-Fi password? Android backups may give it to them(Ars Technica) EFF technologist says "back up my data" exposes users' data to government spies. If you're using Google's "back up my data" feature for Android, the passwords to the Wi-Fi networks you access from your smartphone or tablet are available in plaintext to anyone with access to the data. And, as a bug report submitted by an employee of the Electronic Frontier Foundation (EFF) on July 12 suggests, that leaves them wide open to harvesting by agencies like the NSA or the FBI
Security Patches, Mitigations, and Software Updates
Vendors patch security vulnerabilities within 3 weeks(Help Net Security) High-Tech Bridge Security Research Lab released its statistics on web application security for the first half of 2013. The statistics is based on HTB Security Advisories that are released on a weekly
Tumblr Patches its iOS App After Password Vulnerability(Inforsecurity Magazine) A brief statement from Tumblr late on Tuesday confirmed that its iPhone and iPad apps had been updated to patch "an issue that allowed passwords to be compromised [sniffed] in certain circumstances."
One in five UK businesses hit by DDoS attack in 2012(Telegraph) DDoS is a type of cyber attack where multiple compromised systems – which are usually infected with a Trojan – are used to flood a single system with so much traffic that it crashes. In 2010 the technique was famously used by 'hacktivist' group
Cyber Terror Is the New Language of War(Huffington Post) Hardly a day passes without reading or hearing about another cyber attack against some target in the United States. Cyber terror is now the new language of war that we understand only vaguely. We know that more and more of our daily lives revolve
British business under attack by cyber-espionage operations(The Information Daily) The UK is only just beginning to realise how vulnerable our critical IT systems are to cyber attack, with an increase in organisations seeking insurance and security. The United Kingdom confronts an attack from up to 70 sophisticated cyber-espionage
Prolexic's Latest DDoS Attack Report(MarketWatch) Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today announced that the average packet-per-second (pps) rate reached 47.4 Mpps and the average bandwidth reached 49.24 Gbps based on data collected in Q2 2013 from DDoS attacks launched against its global client base. These metrics, representing increases of 1,655 percent and 925 percent respectively compared to Q2 2012, are just two of many findings contained in the company's Quarterly Global DDoS Attack Report, which was published today
Email security: Perception vs. reality(Help Net Security) When it comes to email security in the workplace, 98 percent of employees believe they demonstrate either equally secure or more secure behaviors than their colleagues. SilverSky's study examines
US retains spamming crown(Help Net Security) Sophos has published the latest "Dirty Dozen" of spam relaying countries, covering the second quarter of 2013. As the US retains the top spot among spam-relaying countries, Belarus makes a significant
Where and How am I at Risk in Today's Cyber Environments?(SecurityWeek) Ask a management team if cyber security is important to them and you'll get an immediate affirmative. In fact, many will tell you that security is one of their top priorities as an organization. Most can back up these claims by stating how much they've invested in security solutions in recent years and by what percentage of their IT teams are dedicated to improving cyber awareness and security across the enterprise. Ask them however for specifics on how and where they are at risk and you are likely to get some blank stares coming back at you
Private spying company hosts conference for NZ intelligence community(New Zealand Herald) One of the world's largest private sector spying companies is funding a conference-and-cocktail gathering of the cream of the New Zealand intelligence community. But spy bosses won't say whether they contract the company in case its staff are "targeted by foreign intelligence agencies"
US cyber security firm to create 400 jobs here(Irish Independent) It is also a testament to our talented and flexible workforce," he said, adding that the Government was "committed to working" with companies like Symantec to bring more jobs here. Symantec's senior vice president for its operations in Europe, the
Senate Appropriations subcommittee markup would boost NIST spending(FierceGovIT) A Senate Appropriations subcommittee marked up July 16 a spending bill for the coming fiscal year that would fund the National Institute of Standards and Technology with $948 million, an amount approximately $14 million more than in the White House proposal
Navy NGEN contract under protest(FierceGovIT) Computer Sciences Corp. and Harris Corp. have protested the Navy's $3.45 billion contract award under the Next Generation Enterprise Network to incumbent HP Enterprise Services
Elliott Broidy Offers Homeland Security Experience as Newly Appointed Chairman of Threat Mitigation Company(Sacramento Bee) Threat Deterrence LLC, a recently formed company designed to provide threat mitigation services, has turned to a Homeland Security Council alumnus as its first Chairman. Elliott Broidy, an investment manager and philanthropist based in Los Angeles, has been appointed by Secretary Michael Chertoff. He is the President and founder of Broidy Capital Management. Elliott Broidy has a private industry and national defense background, which cinched the appointment as Threat Deterrence will serve business as well as sovereign nation clients
Products, Services, and Solutions
Defense Information Systems Agency Approves Brocade's 100 GbE(Converge Digest) The Defense Information Systems Agency (DISA) has approved the Brocade MLX and MLXe 100 Gigabit Ethernet (GbE) networking solutions to be added to the Unified Capabilities - Approved Products List (UC-APL), which tracks products that have completed Interoperability (IO) and Information Assurance (IA) certification. The newly certified Brocade networking solutions can be deployed by Department of Defense (DoD) agencies
New Check Point 13500 Appliance Combines Multi-Layer Data Center Security With Market-Leading Performance(MarketWatch) Check Point® Software Technologies Ltd., the worldwide leader in securing the Internet, today announced the launch of its 13500, the first in a new line of 13000 Appliances designed specifically to expand the company's data center network security offerings. The 13500 Appliance delivers blazing-fast security performance with 23.6 Gbps of real-life firewall throughput, 5.7 Gbps of real-life IPS throughput and 3,200 SecurityPower(TM) unit (SPU) rating
Anti-virus Cost Comparison(Opposing Views) In 2012, security firm Panda Security estimated that as many as a third of all computers worldwide are infected with some type of virus or malware
Modulo updates its Risk Manager solution(Help Net Security) New Modulo Risk Manager Version 8.2 features the first release of the new Enterprise Risk Management (ERM) module, as well as delivers over 150 product enhancements to the Business Continuity Management
Rapid7 updates Metasploit, Mobilisafe and Nexpose(Help Net Security) Rapid7 announced new innovations for its risk assessment and management portfolio. This simplifies remediation, testing and communication of security program performance to the organization
BitTorrent Sync is cloud without risk(VentureBeat) In these days of NSA snooping and built-in backdoors, do you really want your entire digital life in the cloud? That's one of the key reasons that BitTorrent has launched BitTorrent Sync, a way to help you manage your personal files in a cloud-like Dropbox-ish way, without the threat of government surveillance
Sitefinity update adds basic DAM capabilities(FierceContentManagement) Sitefinity's latest release includes what they are calling light-weight digital asset management capabilities that they hope will help business users who deal with a lot of digital content
Blog Spam — annoying junk or a source of intelligence?(Internet Storm Center) Can blog spam be of any real use to security teams? Here's my take on turning a piece of what some consider internet background noise in to information ripe to becoming actionable intelligence. I get waves of blog spam – comments that posted to a blog site advertising someone else's wares (including links to malware!), services or attempts to increase search engine rankings – to my small corner of the internet at infrequent cycles. To many of my fellow blog owners this is a source of constant annoyance, but for me I get a little, gleeful smile and promptly dump the user agent , body text (extracting any embedded URLs), and posting IP address in to my pile of "all things to observe and search on"
The Latvians have invaded LinkedIn. Can the NSA be far behind?(IT World) In the new surveillance state, who you know -- or somebody thinks you know -- is more important than who you are. Unlike most sane people, I spend a lot of time fretting over LinkedIn. More specifically, I think about LinkedIn's People You May Know feature. How does LinkedIn know I may know these people? What do my alleged connections say about me? And just where is LinkedIn getting its information? I have deep suspicions, but no proof
Dynamic data analysis trumps static analysis(FierceBigData) Analyzing static data is a lot like looking in a rear-view mirror--you can clearly see where you have been and you can even make an educated guess about what lies ahead. If, for example, you look back and see if the road is curvy or straight, odds are the road ahead is much the same. However, that is only a guess and if that guess is wrong or simply off a bit, you can crash your car
Quantum Dawn 2 will test Wall Street's cyber readiness(Computerworld) The exercise, being coordinated by the Securities Industry and Financial Markets Association (SIFMA), will involve about 50 organizations, including large financial firms, exchanges, the U.S. Treasury Department, the Department of Homeland Security and
Major Chain Loses PCI Compliance When Data Center Moves(StoreFrontBacktalk) One of the nation's 15 largest retail chains had done a tremendous job segmenting its network to reduce the scope of its PCI assessment. All of that was thrown away, though, during a simple data center transition, when Networking made a security change but no one ever bothered to tell senior IT management, writes PCI Columnist Jeff Hall. Late last year, the chain decided to move its data center from an in-house facility to a purpose-built data center campus in another part of the United States. The goal is to gain additional raised floor space, energy efficiency and to avoid significant natural disaster risks with the location of the existing data center
How Can We Put an End to the Mass Java Exploit Era?(SecurityWeek) An exploit kit is a framework that automates the exploitation of client-side vulnerabilities, targeting browsers and programs that can be invoked through the browser. These kits can be obtained on the cyber black market, where they are sold or rented
Fragility of entanglement no bar to quantum secrets(New Scientist) Entanglement, a quantum link between disparate objects, can enable ultra-secure cryptography, but even a slight jostle can destroy it, so systems that rely on it are not always useful in practice. Or so it seemed. A few years ago Jeffrey Shapiro, also
NSA and DHS Honor NOVA for Excellence in Cybersecurity Education(Virginia Connection Newspapers) Local students interested in a career in cyber security now have an academic option that has been lauded by the National Security Agency and the Department of Homeland Security. The agencies designated Northern Virginia Community College as a
Where are the kid coders? Not in U.S. schools(InfoWorld) United Kingdom becomes latest country to teach programming to kids as young as 5; will United States rise to the challenge? If you plan to help your kids with their homework in the future, better start boning up on your programming skills now. (And you thought new math was hard!
Legislation, Policy, and Regulation
Everything is relevant to terrorism, argues intelligence community(FierceGovIT) To find a needle in a haystack, you need an exact copy of the haystack, was the essential argument presented by intelligence community officials during a July 17 House Judiciary Committee hearing about National Security Agency collection of telephone metadata records. James Cole, a deputy attorney general, said that all metadata records are relevant "to the extent to that you need all of that information in order to do the query"
We need to develop cyber weapons fast – before our enemies turn them on us(Telegraph) I praised Edward Snowden when he first came forward. It was necessary to reveal the level of overreach at the NSA and our own GCHQ. Prism and the tentacles of the state are creeping into every aspect of our personal communications; that's something we should be worried about. As is the level of collusion between the security services and Silicon Valley. But as Snowden yoked himself to Putin's Russia and prostrated himself before any authoritarian regime that might take him, my enthusiasm cooled
How the US government uses information from spying on foreign companies(Quartz) There's no longer doubt that the US government spies on foreign multinational corporations as well as governments, thanks to the disclosures by former National Security Agency contractor turned international fugitive Edward Snowden. The NSA vacuums up mountains of classified information from a rich array of sources. The CIA assists by launching digital "black bag" operations aimed at manually penetrating the computer systems of some of the world's largest foreign multinationals
Trust me with your secrets(Help Net Security) For little over a month, revelations about NSA wiretapping schemes have been hitting the news and and rattling the world
Congressional Picks for DHS Head Include Backers of Mass Surveillance(NextGov) To fill the top job running the Homeland Security Department after Secretary Janet Napolitano steps down, lawmakers on the House Homeland Security Committee are suggesting individuals who have supported programs similar to National Security Agency digital surveillance initiatives. Napolitano is leaving DHS in September to lead the University of California
Putin: Snowden must not damage relations with US(The Seattle Times) Putin: Snowden must not damage relations with US. National Security Agency leaker Edward Snowden could leave the transit zone of a Moscow airport after Russian authorities review his asylum request, his lawyer said Wednesday. The Associated Press
DHS Puts its Head in the Sand(Schneier on Security) On the subject of the recent Washington Post Snowden document, the DHS sent this e-mail out to at least some of its employees
Admiral Calls To Bolster Sub Commanders' Autonomy(Lexington Herald-Leader) It sounds like the premise of a Tom Clancy novel: A cyberbattle is fought to a draw, leaving U.S. submarines to continue fighting with limited contact to headquarters. But the three-star admiral in charge of the Navy's submarine force says the scenario is all too possible, and he is calling for a renewed emphasis on the independence ingrained in skippers during days of more primitive technology
California Attorney General releases breach report(CSO) In the first report of its kind, California's Attorney General, Kamala D. Harris, had revealed that 2.5 million people — roughly 6.5 percent of the state's population — were exposed by data breaches in 2012
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
AFCEA Tinker AFB Information Technology & Cyber Security Expo(Oklahoma City, Oklahoma, USA, August 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
2013 World Comp(Las Vegas, Nevada, USA, July 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields...
EAGB Summer Quarterly Webinar(Webinar, July 24, 2013) Join us Wednesday, July 24 from 10:00-11:00 AM as Patrick Dougherty discusses the EAGB's two newest reports: the Summer 2013 Quarterly Regional Economic Update and Cyber Security in Greater Baltimore:...
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
AFCEA Global Intelligence Forum(Washington, DC, USA, July 30 - 31, 2013) During this day and one half unclassified conference in the National Press Club in downtown Washington, D.C., leaders from across the government, military, and industry will explore the role that the Intelligence...
International Conference on Cyber Security(New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
3rd Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
A Cloud Computing Introduction for Manager(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Resilience Week 201(San Francisco, California, USA, August 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo(Albuquerque, New Mexico, USA, August 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well...
National SCADA Conference(Melbourne, Victoria, Australia, August 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Human Cyber Forensics Forum(Washington, DC, USA, August 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.