The Southwest Asian cyber riots continue to accompany unrest in Turkey and civil war in Syria. The Syrian Electronic Army (agent of the Assad regime) supports Turkish dissidents by hacking Turkish government sites. Ottoman revanchists expand their North American campaign from Ohio to Michigan, hacking sites in Lansing.
More interesting than rioters nostalgic for the Sultanate, however, is evidence that a US citizen critical of Turkey's Gülen movement and its involvement in US charter schools was phished with RCS spyware. RCS is a Hacking Team lawful intercept tool; Gülen is widely influential within Turkish judicial and security agencies. Arsenal Consulting found email carrying the RCS payload launched from a Turkish server. While stopping short of attributing cyber attacks against US citizens to the Turkish government, Arsenal invites you to do the math.
Kaspersky reports discovery of a new Chinese cyber espionage campaign, "NetTraveler," targeting "high-profile victims," mostly in sensitive technology industries. This report complicates the coming Sino-American summit, which seems to be developing into a diplomatic showdown over cyber conflict. US grievances are independently echoed in the United Kingdom and New Zealand, both of whose governments fear that Chinese-manufactured hardware contains embedded espionage capabilities.
Another DNS amplification campaign is underway, this one with an Australian focus, as DNSimple, easyDNS, and TPP Wholesale report denial-of-service attacks.
Corporate counsel may reflect with profit on two emerging ambivalent trends: the degree to which businesses might know that their sites are infecting customers with malware, and growing business sentiment in favor of hacking back.
Today's issue includes events affecting Afghanistan, Australia, China, France, Germany, Iraq, Italy, Japan, Myanmar, NATO, New Zealand, Palestine, Singapore, Syria, Turkey, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
#OpTurkey: Turkish Prime Minister and Government Websites Hacked by Hacktivists(Hack Read) Online hackavists from Syrian Electronic Army (SEA) and Anonymous hackers have conducted a massive cyber attack on high profile Turkish government websites against police brutality on peaceful protesters. It has been reported that Syrian Electronic Army (SEA) and a Turkish hacker going with the handle of @AnonsTurkey on Twitter has compromised sensitive data by breaching the server of official Turkish Prime
Lansing City Michigan Website Hacked, Financial Details Leaked by Turkish Ajan Hacking Group(Hack Read) The world renowned hackers from Turkish Ajan hacking group have hacked and defaced the official website of State of Michigan's City of Lansing, as a result financial details have been leaked online for #FredoomOperation and #usaOPERATION2. The hack was announced by the group few hours ago on their official Twitter account, according to which the site has been defaced and left with a deface message against Israel and in favor of free Palestine, Afghanistan, Iraq and Myanmar
Hacker St0rmyw0rm Hits Turkish Hospital(eSecurity Planet) 28 admin user names and encrypted passwords were published online. Hacker st0rmyw0rm recently breached the Web site for Turkey's Beypazari State Hospital and published user credentials online (h/t Cyber War News)
Chinese Hacking Group Linked to NetTraveler Espionage Campaign(SecurityWeek) Kaspersky Lab researchers have uncovered yet another cyber-espionage campaign targeting unnamed "high profile" businesses and government agencies around the world, and are laying the blame at the door of a Chinese-based hacking crew. Led by a group researchers have codenamed Red Star, the campaign is focused on stealing information related to aerospace, nanotechnology, nuclear power cells, lasers, drilling, manufacturing in extreme conditions, and radio wave weapons
FIC Breach a Broader Network Hack(Threatpost) A previously reported attack against Fidelity National Information Services (FIS) two years ago was actually much more widespread than initially reported according to a document released to banks from the FDIC late last month and recently uncovered
Compromised Japanese Sites Lead to Malware(TrendLabs Security Intelligence) When it comes to cybercriminal targets, it truly is a popularity contest. Multiple sites were found compromised, including those popular with Japanese users. There were 40 compromised domains identified using feedback provided by Trend Micro Deep Discovery; since yesterday almost 60,000 hits have been recorded on these sites
The rise of the Koobface social networking worm(Help Net Security) A new McAfee Labs report shows a significant spike in instances of the Koobface social networking worm and a dramatic increase in spam. McAfee Labs also saw continued increases in the number and compl
Hackers Exploiting Old Ruby on Rails Vulnerability to Compromise Web Servers and Create Botnet(Voice of Grey Hat) A critical vulnerability on Ruby on Rails spotted in January this year which was deemed "critical" at the same time yet again found in the wild. The vulnerability known as CVE-2013-0156 that affected versions 3.0.20 and 2.3.16 again rises it's hand. Though a security patch was released by the Rails developers. But as we all know that many server administrator used to be unaware of these events have not patched their systems. As a result hackers and cyber criminals are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a dangerous botnet
Web developer devises new phishing trick(Help Net Security) A British web developer has devised a proof-of-concept phishing attack that could be way more successful than the standard fake login page with the wrong URL. Jack Shepherd created a fake browser
E-voting system used in French election is flawed(Help Net Security) A recent electronic election in France has proved electronic some voting systems still cannot be trusted not to include fraudulent votes. The town hall primary election which ended on Monday saw
FBI warns car buyers against scammy online deals(Help Net Security) If you are looking to buy a car or other vehicle online, be careful not to fall for a scam that has lately had a resurgence and that will leave you without money and possibly with an infected computer
Trend Micro Study: Mobile Malware on the Rise(Fox Business) or the cyber crooks according to consumer reports nearly 40%. Of customers did not take even minimal steps to protect their devices cyber security firm Trend Micro tracking the growth of malware. At high risk apps showing 350000. For android alone by
Malware targeting Android devices(NEWS.com.au) Security companies, including Juniper Networks and Bitdefender, report an explosion in Android malware, with Trend Micro predicting Android malware cases will hit 1 million by the end of the year. But there are those, such as Google engineer
Nato suffered 2500 cyber attacks in 2012(Telegraph) The disclosure came as defence ministers including Philip Hammond gathered at Nato headquarters in Brussels to discuss setting up "rapid reaction teams" to help alliance members under cyber attack. Anders Fogh Rasmussen said: "This is a serious
Security Patches, Mitigations, and Software Updates
Apple releases OS 10.8.4(Internet Storm Center) Apple released the next update for OS X, 10.8.4. Eventually, we should learn more about the security content of the update, but at this point, the security page has not been updated yet
Changes to the Java security model(Help Net Security) The upcoming security changes in Oracle Java address three long-standing issues with the Java security model. The most significant change is how signed applets are handled. In the past Oracle has
Are Businesses Knowingly Infecting Their Web Visitors?(Dark Reading) Even after being informed of infrastructure serving up malware, some organizations still don't act to clean up their online messes. As cybercriminals have shifted their techniques to get the most efficiency out of their attack campaigns, some of their favorite methods involve two-pronged attacks to first compromise legitimate Web servers and then use them to, in turn, infect unsuspecting visitors to seemingly innocuous sites. While much of this illicit malicious activity occurs behind the backs of these organizations, there are increasing number of businesses that upon being informed that their IPs are engaging in bad behavior stall indefinitely or wait months to remediate the situation
Businesses Consider Going Offense Against Cyberattackers(CNBC) Companies may soon choose to hack cyberthieves to retrieve stolen data, Retired Gen. Michael Hayden, a former director of the Central Intelligence Agency, said at the Kaspersky Government Cybersecurity Forum in Washington
The enterprise security time bomb(Help Net Security) Companies are at serious risk of data security breaches as 38 percent of U.S. office workers admit to storing work documents on personal cloud tools and services, according to Huddle
DoD proposes anti-counterfeit IT measures(FierceGovernmentIT) The Defense Department has proposed updating its regulations to require that major contractors subject to cost accounting standards – and their large subcontractors – have anti-counterfeit avoidance and detection systems in place for electronic parts
New Orders On Army's Battlefield Processor(Washington Times) Congress is set to intervene for the first time in how the Army is developing its prized battlefield intelligence processor, which soldiers and the Pentagon's top operational tester have deemed ineffective
Security software market grew 7.9% in 2012(Help Net Security) Worldwide security software revenue totaled $19.2 billion in 2012, a 7.9 percent increase from 2011 revenue of $17.7 billion, according to Gartner, Inc. Gartner said that the evolution of new threats
Fortinet Inc (FTNT), Sourcefire, Inc. (FIRE): Protecting Ourselves From China's Hackers(Insider Monkey) China's government-backed hackers are reportedly back at it again after a brief period of keeping a low profile. Clearly, the cyber war is only just getting started. Three companies that look set for years of growth by protecting us from hackers are Radware Ltd. (NASDAQ:RDWR), Sourcefire, Inc. (NASDAQ:FIRE), and Fortinet Inc (NASDAQ:FTNT)
KEYW: Spinning A Broken Record For Fans Awaiting A Dubious Encore?(Seeking Alpha) As a fanatical "ParrotHead" with an encyclopedic knowledge of Jimmy Buffett songs, KEYW (KEYW) Chief Executive Officer Leonard Moodispaw often seems more inclined to share catchy lyrics penned by his idol than useful details about the actual business conducted by his glorified rollup company. While Moodispaw likes to present snippets from those upbeat tunes as metaphors for noteworthy developments at his tightlipped cyber-security firm, however, he has somehow managed to overlook the very title that perhaps delivers the most fitting message of all: "Math Suks"
DOD Retirees: From 4-Star General to 7-Figure Income(Fiscal Times) Last week, retired four-star Army General David Petraeus announced he was joining the New York-based investment firm KKR & Co. to run the firm's new Global Institute, a group dedicated to studying how government policies impact investments
Products, Services, and Solutions
Exclusive: Pwnie Express Evolves The Role Of The Pen Tester(Dark Reading) Pwnie Express recently released Citadel PX, which will expand the role of the pen tester. The new offering will enable greater marketability while improving quality of life. Pwnie Express is well-known for its penetration testing drop box, the Pwn Plug. Since the creation of the Pwn Plug there have been many evolutions including the Pwn Phone, the Pwn Pad, and the Enterprise Pentesting Appliance (EPA). All of which are amazing products but all required a serious amount of expertise and manual effort to fully utilize
Windows RT 8.1 Update Will Bring Full Outlook 2013 Desktop App To RT Tablets(TechCrunch) This has long been rumored, but Microsoft just announced that Windows RT, its operating system for ARM-based tablets and other small touch-enabled devices, will get Outlook 2013 once the free Windows 8.1 update arrives. Until now, Windows RT featured the desktop versions of Word, Excel, OneNote and PowerPoint, but ever since it launched, business users have been complaining about the lack of
Google won't allow facial recognition on Glass(Help Net Security) Whether Google Glass ships out to regular users later this year or the next, one things is sure: it won't make use of facial recognition software - for now. The speculation on whether or not Google
Managed services for web, cloud and mobile app security(Help Net Security) Cenzic has expanded its Cenzic Managed Services for Enterprise Application Security which now includes four levels of service including a special compliance-ready assessment available for all types of
Solution for Active Directory-based single sign-on(Help Net Security) Centrify announced Centrify for Office 365, a solution for Active Directory-based single sign-on, user provisioning and mobile management for Office 365. The Azure-based service, delivers full
Online password manager for business(Help Net Security) Zoho launched Zoho Vault, the secure online password manager for teams and businesses. It establishes a central repository that offers unmatched security and complete data privacy for companies that
Damballa now detects malicious P2P communications(Help Net Security) Damballa Failsafe can now discover malicious P2P communications. It uses behavioral detection techniques to identify malicious P2P communication attempts from malware trying to evade detection
Apple releases OS X 10.8.4(Help Net Security) The OS X Mountain Lion 10.8.4 Update is recommended for all OS X Mountain Lion users and includes features and fixes that improve the stability, compatibility, and security of your Mac
Etisalat launches 'cloud' service(Emirates 24/7) First such service could reduce IT costs of SMBs by 60%. Etisalat on Tuesday announced the launch of 'Cloud Compute': the first "cloud" data storage service offering in the UAE for SMBs and enterprises, providing a pay-as-you-go model, reducing IT costs by up to 60 per cent and speeding up time-to-market by up to 90 per cent
Technologies, Techniques, and Standards
Can't Fix What You Hide(Dark Reading) Willful ignorance may be bliss, but rarely is it compliant. The CEO I was talking with didn't understand his own company's compliance requirements. And he didn't want to understand them. He had delegated this, as many in business do, to his IT director. "Technology will fix this problem" is a common approach
Building An Effective Security Architecture: No Piece Of Cake(Dark Reading) Enterprises need to put more thought, fewer products into their cyberdefense strategies. For years, IT security has been a "one problem, one solution" proposition. We needed a way to verify that users are who they say they are, so we invented authentication. We needed to stop viruses, so we invented antivirus technology. Intrusion prevention systems, Web application firewalls, data leak prevention -- almost all of our security technologies were created to protect the enterprise from one specific threat
Moving Safely From Detection To Automated Action(Dark Reading) Companies that fail to make the most use of automation put themselves at risk, yet doing it wrong can lead to business disruptions. Many companies remain cautious of automating their security systems, leery of the possible business interruptions that could happen when a mistake gets propagated across their systems
How to Find and Track Mobile Devices(eSecurity Planet) Mobile devices are great for productivity. For security, not so much. Enterprises can minimize security concerns by using location features and handy apps
Berlin's Network Effect Will Make It A Global Startup Center(TechCrunch) Throw a dart at a map. There's a pretty good chance it'll hit near someplace hoping to become the "next Silicon Valley." I'd bet on Berlin. I believe Berlin has the best shot in the Western world outside of Silicon Valley at becoming a place with a true tech
How smart developers generate lousy code(IT World) Most experienced developers can think of a time when they worked on a team with other accomplished programmers. Yet the code quality was anywhere from "eh" to "oh god you didn't actually ship that did you?!" Here's how this can happen, and what to do to minimize the chances
Northrop Grumman and USC Energy Institute collaborate to improve oil and gas industry security(Phys.org) Northrop Grumman and the USC Energy Institute (USCEI), located in the USC Viterbi School of Engineering, have agreed to work together in developing capabilities to support the application of integrated cyber and physical security systems to the critical infrastructure of the oil and gas industry. This collaboration expands the breadth and depth of the long-standing relationship between Northrop Grumman and USC. The program uniquely combines Northrop Grumman's world-class capabilities, experience, and linkages in defense, physical and cyber security, and information systems, with USC's leading strengths in petroleum engineering and operations, advanced information systems, and cyber security technology development. To enable the program's development and the engagement with the oil and gas industry, Northrop Grumman will provide a grant to USCEI
Legislation, Policy, and Regulation
Tom Donilon resigning as national security adviser; Susan Rice to replace him(Washington Post) National security adviser Thomas E. Donilon will resign his post, White House officials said Wednesday, and will be replaced by U.N. Ambassador Susan E. Rice, a close confidant of President Obama with deep foreign policy experience who is disliked by Republicans but had been widely expected to move into the job
Labour questions security fears over Huawei(TVNZ) There are claims tonight that fears of a cyber attack are behind a Chinese company missing out on a big broadband contract. To build the bulk of the country's ultra fast broadband network, local telco Chorus needs international partners, and Huawei was
Telecoms made in China put Britain 'at risk of cyber-attack'(The Times (subscription)) Telecoms equipment made by Chinese companies should be independently tested by the Government to guard against cyber-attacks, an intelligence report will say. The Commons Intelligence and Security Committee, which is chaired by Sir Malcolm Rifkind
Cybersecurity Looms Large For Summit(USA Today) President Obama has no time to lose as he tries to build a relationship with Xi Jinping, China's new president and the man who will lead the world's most significant rising power for the next decad
US Cyber Commander Offers Radical Changes(The Herald) Keith B. Alexander, director of the National Security Agency and commander of the U.S. Cyber Command, wants to combine forces from the military communications and intelligence communities to combat a broad cyber threat that he describes as "only going
NATO members agree on quick-response cyber attack teams(Deutsche Welle) Defense ministers present for the talks in Brussels on Tuesday agreed that NATO should continue to seek coordinated plans to protect against cyber attack. However, they failed to decide how to help individual member states whose computer systems come
White-hat hacker fights cyber intrusions on NATO systems(NATO) Cyber attacks around the world are becoming more frequent, alarming and complex. Our interconnected societies depend on new technologies, which are constantly being probed for vulnerabilities to exploit. NATO calls on the skills of cyber-security experts to assess its computer networks and takes measures to avert and defend against cyber attacks
Litigation, Investigation, and Law Enforcement
UK Police Launch Campaign to Shut Down Torrent Sites(TorrentFreak) City of London Police inform TorrentFreak that they have begun targeting sites that provide access to unauthorized content for "criminal gain." The initiative is part of a collaboration with Hollywood studios represented by FACT and the major recording labels of the BPI. In letters being sent out now, police accuse site operators of committing offenses under the Serious Crime Act. The National Fraud Intelligence Bureau further warns that the crimes carry a jail sentence of 10 years
Cybercriminals Take Loss Of Liberty Reserve Poorly(TrendLabs Security Intelligence) Last week, the US government shut down Liberty Reserve, a digital currency service operating out of Costa Rica. Its founder, Arthur Budovsky, was arrested at the Madrid airport as he tried to return to Costa Rica. Other arrests were made in Spain, Costa Rica, and the United States. The company is accused of laundering over 6 billion dollars in illegal funds, with more than a million users globally - 200,000 of these being in the United States. The company's site now sports a notice that it has been seized by US law enforcement
Hacker Testifies During Manning Court-Martial(Washington Post) The hacker who alerted federal authorities to the alleged leak of classified documents by Pfc. Bradley E. Manning testified Tuesday that the young Army analyst never indicated any desire to help U.S. adversaries by releasing the material
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Pen Test Berlin 2013(Berlin, Germany, June 3 - 9, 2013) SANS Pen Test Berlin 2013 takes place from June 3rd to June 8th in the Radisson Blu Hotel on the bank of Berlin's River Spree. SANS will offer penetration testing courses as well as a series of presentations...
CyCon 2013: 5th International Conference on Cyber Conflict(Tallinn, Estonia, June 4 - 7, 2013) CyCon 2013 is an annual NATO Cooperative Cyber Defence Centre of Excellence conference that is conducted with the technical cooperation of the IEEE Estonia Section. CyCon 2013 will focus on the technical,...
NSA SIGINT Development Conference 2013(Fort Meade, Maryland, USA, June 4 - 5, 2013) The National Security Agency is responsible for providing foreign Signals Intelligence (SIGINT) to our nation's policy-makers and military forces. SIGINT plays a vital role in our national security by...
U.S. Census IT Security Conference and Exposition(Suitland, Maryland, USA, June 5, 2013) The Census Bureau's Information Technology Security Office (ITSO) and the Census Bureau's Data Stewardship Office is putting together a series of workshops on 'Information Security' and 'protecting your...
Capital Connection 2013(Washington, DC, USA, June 5 - 6, 2013) Capital Connection™, a MAVA premier event, is designed for seasoned executives, entrepreneurs, and investors at all stages to come together under one roof to expand their innovations, create industry connections,...
RSA Conference Asia Pacific 2013(Singapore, June 5 - 6, 2013) Join your fellow information security professionals at the inaugural RSA Conference Asia Pacific, where we'll be discussing security issues from both a global and Asia Pacific perspective. Delegates will...
29th Annual INSA William Oliver Baker Award Dinner(Washington, DC, USA, June 7, 2013) his year's awardee is General Michael V. Hayden, former Director of the Central Intelligence Agency and the National Security Agency. Registration is now open and tables are available for purchase.
2013 Cybersecurity Innovation Expo(Baltimore, Maryland, USA, June 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and...
CISSE 17th Annual Colloquium(Mobile, Alabama, USA, June 10 - 13, 2013) The Colloquium for Information Systems Security Education will meed in Mobile to discuss topics of great interest to our community, including cyber security education, certification, and accreditation.
3rd annual Cyber Security Summit(, January 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year,...
NovaSec!(McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with...
Suits and Spooks La Jolla 2013(LaJolla, California, USA, June 15 - 16, 2013) Exploring Cyber Warfighting and Threat Mitigation for Corporations and Governments. The original concept for this event was to look at what special operations forces and corporate CERTs or SOCs have in...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
Hack in Paris(Paris, France, June 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted...
2013 ICAM Information Day and Expo(Washington, DC, USA, June 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.
Buzzword Forensics: Mobile is the Future…and the Future is Now(Laurel, Maryland, Sioux Falls, June 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium.
NASA National Capital Region Industry Days(Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in...
AFCEA International Cyber Symposium 2013(Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government,...
ShakaCon(Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better...
American Technology Awards Technology and Government Dinner(Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.