Israeli hacktivists "IsraeliElite" plan to kick off "opIslam" tomorrow, presumably against the obvious targets. Assad's Syrian Electronic Army phished Viber to gain the limited access it achieved.
Stanford University suffers an apparent breach, and Anonymous releases its final tranche of FEMA data. Apple continues its recovery from a recent developer site hack.
More emerges on banking Trojan KINS: it resembles Zeus and targets Windows machines. Its older black-market competitor Citadel remains an active threat: Trend Micro finds Citadel active on 20,000 Japanese PCs.
Forbes runs a lurid report of automobile system hacking. "Smart homes," another sector of the coming Internet-of-things that's already here, are proving soft cyber targets.
Security experts continue to warn that bad actors retain the advantage. Among the issues the good actors face are too-easy forgetfulness that defenses must be layered and complex (for example, firewalls aren't sufficient, but they surely remain necessary) and the need for automated, intelligent complements to human watchstanding and reverse engineering. Finally, cyber security operators face a problem familiar to the C4ISR community—radar types call it "track management"—how can you recognize, follow, and engage a distinct threat?
Banks may be seeing their business models shift in the direction of providing trusted identity management.
Effective BYOD policies and technologies still struggle to be born.
PRISM leaks and their attendant, growing mythology are clearly affecting US international IT business, particularly in cloud services. Amazon parries an IBM challenge to its CIA business. The US House narrowly declines to de-fund NSA phone-record surveillance.
Today's issue includes events affecting Australia, Canada, China, Iran, Ireland, Israel, Japan, Russia, Saudi Arabia, Syria, Ukraine, United Kingdom, United States..
The CyberWire will provide special coverage of SINET's Innovation Summit, meeting in New York August 6. Dawn Meyerriecks, Deputy Director, Science and Technology, US Central Intelligence Agency, will deliver the closing keynote.
Cyber Attacks, Threats, and Vulnerabilities
Israeli hackers initiate Operation Islam(Cyberwarzone) #opIslam is an operation that has been initiated by the hacking group IsraeliElite. The hackers are going to launch the operation on the 26th of June. The Israeli hackers are asking the world to assist #opIslam in the fight against cyber terrorism
Viber admits to swallowing 'Syrian Electronic Army' phishing bait(Naked Security) The Syrian Electronic Army (SEA) claimed on Tuesday that it had taken over the support page for instant messaging/VoIP service Viber. Viber itself announced that the claims are overblown and that only two minor systems were breached - a customer support panel and a support administration system
Anonymous releases final list of FEMA contacts(SC Magazine) The hacker collective Anonymous has released a third and final round of Federal Emergency Management Agency (FEMA) contacts. The release is said to be the end of a trilogy in an email sent from the presumed hackers to SCMagazine.com. The dispatch from the group goes on to say that the remainder of the information will remain in various encrypted backups awaiting further analysis
Banking trojan KINS resembles architecture of Zeus, targets Windows users(SC Magazine) A new banking trojan designed to steal financial information from Windows users is up for sale, and researchers may be mixing it up with other malware. Dubbed "KINS" by its developers, the trojan is expected to be a long-awaited replacement for other financial malware, like Zeus, SpyEye and the Citadel
Bogus AmEx notification leads to thorough phishing(Help Net Security) American Express-themed phishing emails are never out of circulation, but it pays to know which new (or recycled) angle is being used at the moment. The latest one to hit inboxes is a bogus
Once more into the breach: How hackers compromise websites like Apple's(ComputerWorld) Unless you happen to call the proverbial rock home, you've probably heard that Apple's developer websites were recently hit by a hacking attack. Though the developer site has been inaccessible since last week, the company didn't announce the intrusion until Sunday; as of this writing, the site remains down. That outage has resulted in considerable inconvenience for app developers, not to mention the poor IT people in Cupertino who have been working around the clock to deal with the breach
Hackers Reveal Nasty New Car Attacks—With Me Behind The Wheel(Forbes) Stomping on the brakes of a 3,500-pound Ford Escape that refuses to stop-or even slow down-produces a unique feeling of anxiety. In this case it also produces a deep groaning sound, like an angry water buffalo bellowing somewhere under the SUV's chassis. The more I pound the pedal, the louder the groan gets-along with the delighted cackling of the two hackers sitting behind me in the backseat
Breaking And Entering: Hackers Say "Smart" Homes Are Easy Targets(Security Ledger) In just the last two years, the price of home automation technology has come way down, while variety has exploded. Smart home technology goes way beyond niche products like the Nest IP-enabled thermostat or (save us) the "HAPIfork." A growing list of vendors are selling infrastructure to support a whole network of intelligent "stuff", enabling remote management of home security and surveillance systems, IP-enabled door locks, IP enabled lights, smart home appliances, HVAC (heat and cooling) and more
How Attackers Target And Exploit Critical Business Applications(Dark Reading) Applications such as ERP and CRM make businesses go, yet are often left unpatched and vulnerable. Most enterprises rely on a few critical business applications for their day-to-day operations. Many of these applications are well-known, off-the-shelf or cloud-based products. Because of their critical nature and the value of the data contained within them, they are a prime target for attackers
The rise of TOR-based botnets(WeLiveSecurity) TOR-based botnets are not a new trend and were already being discussed a few years ago at Defcon 18 ("Resilient Botnet Command and Control with Tor"). But in the last year we've been able to confirm some interesting facts concerning the use of these ideas in real-world botnets. This topic was already discussed around the beginning of 2013 in a Rapid7 blog post ("Skynet, a Tor-powered botnet straight from Reddit"). In early July Dancho Danchev also posted information about a TOR-based C&C for a ring-3 rootkit
The Biggest Threat To National Security Is The Thumb Drive(Business Insider Australia) How did we destroy Iranian nuclear facilities? With a thumb drive. And how did Snowden allegedly smuggle out the blueprints to the NSA? With a thumb drive. No, it wasn't by some ultra secretive means of super-complex cyber code writing and cloud encryption by which good ol' Eddy breached America's security in arguably the most secure compound on the planet -- nope -- he simply walked in with a thumb drive, downloaded the NSA, and walked out
US restaurant chain Chipotle admits faking Twitter account hack(Computing) A US restaurant chain called Chipotle has admitted that an apparent hack of its Twitter account was instead a publicity stunt. Over the course of an hour on Sunday, its account, @ChipotleTweets, posted a series of bizarre and random tweets indicative of a cracked account
Security Patches, Mitigations, and Software Updates
Here's some unsettling advice from the former top US cyberspook about protecting humanity(Quartz) As the only person to ever head both the US National Security Agency and the US Central Intelligence Agency, ret'd Air Force General Michael V. Hayden has a lot of experience in seeing around corners. He's now a global security consultant, helping companies and governments to protect themselves against cyber threats and other dangers. Last week, Hayden, also a director of Motorola Solutions and a distinguished visiting professor at the George Mason University School of Public Policy, said in a rare extended interview that Chinese telecommunications giant Huawei Technologies shared sensitive US information with the Beijing government. In a brief aside, he added that he's undecided as to whether corporations should be allowed to go on the cyber-offensive, even in the absence of government intervention and protection
On SANS Forensics Survey(Gartner) SANS just released an interesting survey "The SANS Survey of Digital Forensics and Incident Response" and it is definitely a very worthwhile read
The Myth of the Disappearing Perimeter Is Still Mythical(SANS Security Trends) Two recent items in my inbox: "PENTAGON SPENT MILLIONS TO COUNTER INSIDER THREATS AFTER WIKILEAKS FIASCO" - NextGov piece on how DISA has spent millions buying (and sometimes installing) the old McAfee Host Based Security Subsystem software but not much return on that investment. "DISA ELIMINATING FIREWALLS" - AFCEA Signal piecequotingDISA Director Lt. Gen. Ronnie Hawkins Jr. on the future DISA security architecture that will "designed to protect data rather than networks." So, to summarize: in item (1) we learn that DISA has spent many, many millions over the years trying to make PCs and data secure and it doesn't work; while in item 2 we hear that the future architecture will rely on making hosts and information secure and then perimeters will disappear
Hackers have the advantage in cyber arms race, security expert tells Computing(Computing) The world is involved in a cyber arms race in which professional hackers and cyber criminals are on the front foot. That's the message of Tom Burton, head of cyber security services for BAE Systems Detica, in an interview with Computing at the defence and security company's central London nerve centre
Firms Far From Taming The Tower Of APT Babel(Dark Reading) Threat intelligence firms each continue to have their own lexicon for advanced persistent threats, making information sharing more difficult. Companies looking to learn more about the attackers who are targeting their systems will likely have to translate between reports from different incident-response and security firms
There Will Be Blood: The Era of Engagement Banking(American Banker) Customer behavior is changing. Expectations are shifting. Technology is accelerating this shift as it alters traditional relationships with our customers as well as the banking industry's historical sources of revenue, growth, retention and customer loyalty
A question of trust(Help Net Security) Trust is the foundation for many of our relationships, both in our personal and business life. Trust is one of the strongest elements supporting a relationship and helps it survive the toughest of challenges, but it can also be one of the most brittle parts, easily broken beyond repair. Building up trust can take years, and losing it can sometimes take mere seconds
Cyber Threat is Real and Mobile(Mobile Enterprise) At the end of last season's Homeland, a Showtime drama, a pacemaker was hacked, causing the death of a pivotal character. That's just television, right? A creative unreality where viewers are asked to suspend disbelief in order to enjoy the program? Actually, and scarily, such technological scenarios may be entirely possible in the future, thanks to the Internet of Things
BYOD security: Clueless in the enterprise(FierceMobileIT) The BYOD trend has been the bane of IT managers since it began. And the number one concern about BYOD centers around security of corporate data and networks
RSA Adaptive IAM Goes Mobile with Acquisition of PassBan(RSA) Mobile is fast becoming the default way to access enterprise data and resources. But access to resources is rarely protected on most smart devices. With the advent of cloud apps and mobility, one of the most elusive capabilities for authentication and IAM vendors has been providing support for a variety of authentication technologies that better protect access to resources available on or from mobile devices, as well as back-end policy management - all built within a single solution
Cyber Security Co. Receives $3.5M In Seed Funding(Twin Cities Business) Eden Prairie-based Intensity Analytics Corporation said it will use the funding to expand its technology, increase staff, and strengthen its position in the cyber security industry
Light Point Security ranked 12 of 24 startups(Wall Street Journal) Internet security is a hot area right now: it's also a competitive industry. Watch as the co-founders of Light Point Security explain how they went about choosing their company's name, logo and tagline
Veris Group, LLC Completes AT&T 3PAO Assessment Resulting in FedRAMP JAB Provisional ATO(StreetInsider) Veris Group, LLC recently announced that it served as the Third Party Assessment Organization (3PAO) for global telecommunications leader AT&T. Veris Group performed the 3PAO security assessment of AT&T's Storage as a Service (STaaS) platform. The FedRAMP program requires a 3PAO such as Veris Group to assess a CSP's cloud system and provide a security assessment package for review. The successful AT&T assessment resulted in a Federal Risk Authorization and Management Program (FedRAMP) Provisional Authority to Operate (PATO) from the Joint Authorization Board (JAB) on the STaaS platform as part of the AT&T Infrastructure as a Service (IaaS) solution
CGI to set up cyber security lab in the UK(ComputerworldUK) Prior to the acquisition, Logica was already doing business with the Ministry of Defence on cyber security, and CGI owns a US company called Stanley, which
CACI Wins $45M Navy IT, C2 Systems Contract(GovConWire) CACI International (NYSE: CACI) has won a potential two-year, $45 million contract to supply information technology systems to the U.S. Navy for business activities and command and control operations. The Space and Naval Warfare Systems Center Atlantic awarded the task order to CACI under the Information Technology Enterprise Solutions-2 Services program, the company said Wednesday
Don't Want Trackers Watching Your Web And Smartphone Activity? This Start–up's For You.(Forbes) One hot afternoon in June four software engineers, a lawyer and a miniature pinscher named Lunch were gathered around designer Dan Kwon's computer at Disconnect, a startup in San Francisco. They were watching their new education video, "Unwanted Tracking Is Not Cool." Its star is an octopus puppet that gets sliced and diced while browsing the Web as countless companies secretly take information from him, make inaccurate assumptions and create profiles
BlackBerry Lays Off 250 Employees From Its New Product Testing And R&D Department(TechCrunch) Layoffs at Waterloo-based smartphone industry pioneer BlackBerry cut deep last year, with around 5,000 employees being let go. Those cuts continue into 2013 as BlackBerry undergoes what CEO Thorsten Heins called a "complex transition" earlier this month, and the latest is that 250 employees of its core R&D and new product testing facility have been let go as of earlier this week
Products, Services, and Solutions
Put your passwords in your pocket and take them everywhere you go(PC World) Password managers help you keep more passwords than you can memorize. Eric asked if he could carry one on a flash drive. I discussed password managers recently in Manage passwords, and not just on the Web, but I didn't discuss portability. How do you take your passwords with you when you step away from your computer
There is No Single 'Most Secure' Browser(Infoscecurity Magazine) Reports comparing the major browsers' ability to catch phishing, prevent socially engineered malware and protect the users' privacy show that no one browser stands above all others in protecting its users
Learning the art and practice of cyber-defense(Times of Israel) The Comsimulator does its worst against network protection systems in order to help them do their best. Every single network protection system, even the most sophisticated, has chinks in its armor. The proof, said Comsec CEO Moshe Ishai, is that his company's new security stress testing system, the Comsimulator, was successful in breaching the defenses of 100 percent of systems tested for resistance to DDOS (distributed denial of service) cyber-attacks, in which hackers inundate a site with traffic in order to overload it and shut it down
Emergent and Red Hat Announce Cloud Collaboration Around OpenShift PaaS - BWWGeeksWorld(BWW) Emergent, LLC, an award-winning small business and IT solutions provider, today announced its focus on enabling the use of Red Hat's OpenShift Platform-as-a-Service (PaaS) solution for the Intelligence Community (IC). Utilizing Red Hat's PaaS offering, Emergent delivered a streamlined solution focused on application delivery, scalability and control of the infrastructure
AT&T Cloud Storage Receives FedRAMP Approval(ExecutiveBiz) AT&T has received provisional authorization from a federal government program to offer its storage services to federal, state and local governments, GCN reports Wednesday
Technologies, Techniques, and Standards
Making It Cool to Be a 'Good Digital Citizen'(McAfee) If you are a parent today, you are among the first generation of adults tasked with raising good digital citizens. And while learning to be a "good digital citizen" is a hot topic in education circles have you noticed that it's quickly demoted to "goofy" when you attempt to talk about it at the dinner table with your kids
Key Metrics for Risk-Based Security Management(Tripwire) Tripwire has released the results of an extensive study focused on the state of risk-based security management with the Ponemon Institute. The study examined the key risk-based security metrics IT security managers used most frequently to gauge the effectiveness of their organizations' overall security efforts
How A ZIP Code Can Tell A Marketer Exactly Who You Are(Forbes) How is it that a simple five-digit ZIP code provides any insight into who you are? After reading my recent article on how stores often ask for our ZIP codes to build marketing profiles, Michael Romanovsky wondered how it all works. "There may be more than one person with the same name in a particular ZIP code; thus the store may market to the wrong person," he wrote
Stop Malvertisements from Causing a Click-tastrophe on Your Computer(McAfee) Web ads: sometimes annoying, other times entertaining and useful, but for the most part, harmless. Or so you thought. It seems that cybercriminals are now turning their attention toward pulling you in with a strong sales message, and you may be none the wiser until it's too late
Blueprints Of NSA's Ridiculously Expensive Data Center In Utah Suggest It Holds Less Info Than Thought(Forbes) For the last two months, we've been bombarded with stories about the spying information-collection practices of the NSA thanks to documents leaked by the agency's most regretted contract employee, Edward Snowden. The degree of forced exposure has gotten to the point that the agency -- whose acronym is jokingly said to stand for "No Such Agency" and "Never Say Anything" -- actually issued a press release on Friday announcing that it got the legal sign-off for a fresh batch of "telephony metadata in bulk" from companies such as Verizon and AT&T - despite continuing controversy over that including the call records of millions of Americans who are non-terrorists and non-criminal suspects
8 tips to enhance your online privacy(CSO) Is real online privacy possible? Should it be? Experts say there are ways to make invasive monitoring (including government surveillance) difficult, but not impossible
GSA privatizes 3PAO accreditation under FedRAMP(FierceGovIT) A nonprofit will take control of the process of accrediting companies that certify cloud services' compliance with federal security controls, the General Services Administration announced July 23. The American Association for Laboratory Accreditation, in a "long-planned privatization," will now vet third party assessment organizations (known as "3PAOs") under the GSA-led FedRAMP program, under which private sector cloud providers seeking to sell low- and moderate-risk cloud services to the government must gain certification from a 3PAO that their offerings comply with a set of security controls
The science of guessing: analyzing an anonymized corpus of 70 million passwords(J Bonneau) We report on the largest corpus of user-chosen passwords ever studied, consisting of anonymized password histograms representing almost 70 million Yahoo! users, mitigating privacy concerns while enabling analysis of dozens of subpopulations based on demographic factors and site usage characteristics. This large data set motivates a thorough statistical treatment of estimating guessing difficulty by sampling from a secret distribution. In place of previously used metrics such as Shannon entropy and guessing entropy, which cannot be estimated with any realistically sized sample, we develop partial guessing metrics including a new variant of guesswork
parameterized by an attacker's desired success rate
Patent Issued for Parameterizable Cryptography(Hispanic Business) A patent by the inventor Perlman, Radia J. (Redmond, WA), filed on October 20, 2009, was published online on July 16, 2013, according to news reporting originating from Alexandria, Virginia, by VerticalNews correspondents
MI5 and GCHQ call for FTSE 350 cyber health check(ComputerWeekly) The heads of the UK's intelligence agencies MI5 and GCHQ have called on the country's top 350 listed companies to take part in a cyber governance health check. The call comes a day after a report by business consultancy firm KPMG revealed that cyber leaks at FTSE 350 firms are putting the UK's economic growth and national security at risk and retailer Lakeland revealed it had been targeted by a "sophisticated and sustained" cyber attack
A List Of Congressmen Who Voted For & Against The Amendment To Stop NSA Spying(TechCrunch) Congress narrowly defeated a law to completely cut off funds to the National Security Agency's dragnet spying program. We have a lot of readers who are furious that their representatives didn't stand up for their 4th Amendment rights, so here's a list of everyone who voted for and against Representative Justin Amash's amendment to the Defense Appropriations bill, which
House Attempt To Rein In N.S.A. Narrowly Fails(New York Times) A deeply divided House defeated legislation Wednesday that would have blocked the National Security Agency from collecting vast amounts of phone records, handing the Obama administration a hard-fought victory in the first Congressional showdown over the N.S.A.s surveillance activities since Edward J. Snowdens security breaches last month
New DOJ policies aim to protect journalists in investigations(FierceGovernment) The Justice Department has developed a new set of policies to guide investigations that involve journalists, requiring among other things the attorney general's approval for search warrants and court orders directed at journalists
Did the State Department's William Lay deserve IG criticism?(FCW) Several readers reacted strongly to an article FCW published July 19 covering a State Department Inspector General report on the Bureau of Information Resource Management, Office of Information Assurance (IRM/IA). Some readers were critical of FCW's reporting on the IG's findings, which included criticism against Chief Information Security Officer William Lay, who heads the Bureau
Irish Data Protection Agency Smiles On Apple, Facebook Prism Compliance(TechCrunch) The Irish Office of the Data Protection Commissioner has responded to two of the complaints filed last month by the Europe v Facebook (evf) campaign group against several U.S. technology companies for alleged collaboration with the NSA's Prism data collection program. Responding specifically to complaints against Apple and Facebook, it takes the view that there's no complaint to answer
Snowden Gets Novel And Change Of Clothes, But No Clearance To Exit Airport(New York Times) After a month holed up in the transit zone of Moscows Sheremetyevo airport, Edward J. Snowden, the former intelligence contractor sought by the United States on espionage charges, received a change of clothes and a copy of Crime and Punishment during a meeting with his lawyer on Wednesday, but still no clearance to enter Russia
Cyber Cops(Terrace Standard) The Terrace RCMP deal with a wide variety of cyber complaints on a daily basis - from online scams defrauding residents of their money, to online threats, to inappropriate photographs - and while it's their duty to investigate these instances, the web is deep and there is often not much they can do
EFF: Forced Decryption Violates Fifth Ammendment(Threatpost) If the government would like to force Jeffrey Feldman to decrypt the contents of the hard-drives and Dell computer found in his apartment, then they must offer him immunity and cannot use any of the information found on the devices as part of their case against him
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
AFCEA Global Intelligence Forum(Washington, DC, USA, July 30 - 31, 2013) During this day and one half unclassified conference in the National Press Club in downtown Washington, D.C., leaders from across the government, military, and industry will explore the role that the Intelligence...
International Conference on Cyber Security(New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...
Third Annual SINET™Innovation Summit(New York, New York, USA, August 6, 2013) SINET™, the premiere community builder and innovation catalyst for the Cybersecurity industry hosts their third annual Innovation Summit at Columbia University on August 6th. SINET programs are where the...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
3rd Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...
AFCEA Tinker AFB Information Technology & Cyber Security Expo(Oklahoma City, Oklahoma, USA, August 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information...
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
Security in Government (SIG) (Canberra, Australia, August 12 - 14, 2013) The 25th annual Security in Government (SIG) conference is to be held from 12-14 August 2013 at the National Convention Centre in Canberra. Assistant Director for the National Security Resilience Policy...
A Cloud Computing Introduction for Managers(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.