Nuisance-level cyber vandalism appears in South Asia, the Middle East, and North America. Some defaced Israeli websites promise a "cyber war" on July 7 (anniversary of the Peel Commission's 1937 recommendation to partition Palestine). In the US, NASA sees some of its websites defaced.
Seculert sees Chinese fingerprints on current cyber attacks against South Korea.
Opera browser software sustains an infrastructure attack enabled by a stolen cert. HP finds, and works to fix, a backdoor in older versions of its StoreOnce backup products. German researchers find vulnerabilities in web content management systems.
Facebook's problem with shadow profiles remains unresolved, as researchers claim the social network has been less than fully forthcoming about risks to personal information.
British government austerity will not extend to cyber: that portion of the budget will rise 3.4%.
Those interested in attribution may find Dark Reading's "CSI: Cyberattack" a good non-specialist overview.
Slate attempts to untangle fact from fiction in the PRISM affair. There's a great deal of Cold War resonance in recent commentary, from the two-person rule to Russian and Chinese opposition. The diplomatic effect of Snowden's leaks has been significant. They may also have handed al Qaeda valuable opsec pointers—observers see signs of the terrorist organization trimming its digital activities in response to the leaks.
A Chinese lawyer pluckily uses the PRISM affair to call upon China to disclose its own surveillance programs. He's unsuccessful, of course—mutual cyber disarmament has never been part of the Chinese (or Russian, for that matter) game.
Today's issue includes events affecting Australia, Bangladesh, China, Ecuador, Germany, India, Indonesia, Israel, Nepal, Russia, Tunisia, United Kingdom, United States, and Venezuela..
Cyber Attacks, Threats, and Vulnerabilities
#OpIsrael Reloaded:102 Israeli Websites Hacked by Indonesian Hacker SultanHaikal(Hack Read) A well known Indonesian hacker going with the handle of SultanHaikal has hacked and defaced 102 Israeli websites for #OpIsrael yesterday. Hacker left his team's deface page along with a message on all hacked websites, expressing his anti-Israeli views, the deface message was expressed in following words: Hacked by SultanHaika
Website of Embassy of Nepal in Israel Hacked by CapoO_TunisiAnoO(Hack Read) CapoO_TunisiAnoO, Tunisian based hardcore anti-Israeli hacker has hacked and defaced the official website of Embassy of Nepal (nepalembassy-israel.org) in Tel Aviv, Israel yesterday. The website which is hosted on an Israeli server was left with a deface page along with an anti-Israeli message, threatening Israeli government to get ready for another cyber war on 7th July 2013
Bangladesh Ministry of Social Welfare website hacked by Abu Halil501(Hack Read) A hacker going with the handle of Abu Halil501 has hacked and defaced the official website of Department of Social Services (DSS), directly under the Bangladeshi Ministry of Social Welfare. Hacker left a deface page along with a message on the hacked ministry site, yet the reason for attacking Bangladeshi government site was not mentioned anywhere
Official NASA Domains Hacked by Ecuadorian h4x0r Team(Hack Read) National Aeronautics and Space Administration (NASA) which is gaining popularity for its poor cyber security rather then it's actual work is again under attack, this time by hackers from Ecuadorian h4x0r Team who successfully hacked and defaced two official sub-domains of the agency yesterday. The hacked sub-domains belong NASA's Virtual Wave Observatory (VWO), providing uniform and robust access
PRISM 2.0: From 9 to 'thousands' of technology and finance companies(VentureBeat) When Edward Snowden leaked the news about PRISM, we thought it was just 9 U.S. companies that were sharing customers' data with the National Security Agency (NSA). Now it looks like literally thousands of technology, finance, and manufacturing firms are working with the NSA, CIA, FBI, and branches of the U.S. military
Is this PRISM 2.0?(NextGov) IThe U.S. intelligence community has been working with "thousands" of companies in key sectors of the economy to trade sensitive information on cybersecurity, including classified data, in ways that go beyond the revelations dropped by National Security Agency leaker Edward Snowden earlier this month
Facebook leaks are a lot leakier than Facebook is letting on(Naked Security) Remember last week, when Naked Security et al. told you that Facebook leaked email addresses and phone numbers for 6 million users, but that it was really kind of a modest leak, given that it's a billion-user service? OK, scratch the "modest" part
More Questions For Facebook On Extent Of Ghost Profiles(Security Ledger) The security firm that disclosed a security hole in a Facebook feature that allows users to download their own data file says the social network giant still has questions to answer about the extent of the data breach
Researcher To Demo Spy-Phone At Black Hat(Dark Reading) Using the ability to inject malicious code into applications on Android devices, a researcher will demonstrate at Black Hat how to create the infrastructure to spy on mobile users
How DDoS Attackers Turn Mitigation Devices Against You(Sacramento Bee) Backscatter from mitigation devices can cause collateral damage in SYN reflection attacks. Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, today shared information on a popular cyber attack technique, SYN reflection attacks, which can leverage the defense mechanisms of DDoS mitigation devices to increase the strength of the attacks
The Risk with Content Management Systems(Symantec) The federal Office for Information Security in Germany (BSI) together with the "Fraunhofer SIT" and "]init[ AG" released a study on the risk with common content management systems (CMS) for websites. A CMS is typically used to administrate websites and helps to update text and other content in a simple way, making this task doable for non-IT professionals. Unfortunately, it is also often a focus point for attackers who attempt to gain access to the Web server. When an attacker controls the CMS, it is possible for them to modify the website. In the past, many websites have been compromised through vulnerabilities in un-patched CMS and were then turned into drive-by download sites by inserting malicious iFrames into the content. For example, you might remember the Lizamoon case last year that resulted in a few hundred thousand websites being compromised by an SQL injection attack
US CERT: Default passwords make IT systems easy pickings for hackers(FierceGovIT) A new government alert warns computer and mobile device users about the risks of continuing to use default passwords. The warning by the U.S. Computer Emergency Readiness Team notes that hackers can easily attack connected systems such as embedded systems, devices and appliances, through their often publically available factory default passwords
Security Patches, Mitigations, and Software Updates
Multiple Cisco security advisories(Internet Storm Center) Cisco has today released four vulnerability advisories…Affecting Cisco ASA Next-Generation Firewall, Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance
14 Vulnerabilities Fixed in Firefox 22(Threatpost) Mozilla has fixed 14 security vulnerabilities in Firefox, including four critical flaws that could allow remote code execution. There also are six high-severity vulnerabilities fixed in Firefox 22
Top 5 Fake Security Rogues of 2013(Webroot Threat Blog) We see users on the internet getting infected with Rogue Security Malware all the time. In fact, it's one of the most common and obvious type of infections we see. The Rogues lock-down your computer and prevent you from opening any applications so you're forced to read their scam. Although they use various tactics and convincing GUIs to get onto your computer, they all share a common goal: To get your money
A serious security breach could cost large firms $649k(Computer Business Review) Costs of a cyber-attack against small and mid-sized enterprises are less when compared to large organisations. The average cost incurred by large organisations when hit with a serious cyber attack could be about $649k, a new report has suggested
Online Security - Whose Responsibility?(Cyberwarzone) Since the early days, malware has been conditioned by the way we use technology. Until the turn of the century, this meant a threat landscape dominated by cyber-vandalism. Viruses might overwrite huge chunks of data, or slowly corrupt data, or display a message on the screen, or just spread - with no payload at all. Don't misunderstand me. I'm not suggesting that the problem was trivial. Individuals or businesses on the receiving end of an infection could suffer significant losses. But there was no way for malware writers to make money from what they did
U.S. Oil and Gas at Greater Risk for Cyber Attacks(Cyberwarzone) The U.S. energy sector, including oil and gas producers, was hit by more targeted malware attacks from April to September last year than any other industry, says a new Council on Foreign Relations (CFR) report, citing data from a Houston-based security company, Alert Logic
The Top Five IT Security Cyber Threats Are…(Infosecurity Magazine) As cybercrime expands and evolves, a new study categorizes and describes the top five threats: data breaches, malware, DDoS, mobile threats and the industrialization of fraud - and they're all interrelated
British Cyber Defenses Receive Unexpected Boost(InformationWeek) British intelligence services and cybersecurity initiatives get increased investment, even amidst brutal government cuts. iDespite recent widespread concern over the reach of their powers, especially Internet monitoring, Britain's security services scored a financial victory Wednesday concerning the next few years of government spending: Britain's intelligence services left Chancellor George Osborne's 2013 Spending Review with a 3.4% boost in funding
Takai: DoD relies heavily on commercial spectrum(FierceMobileGovernment) Everything the Defense Department does depends on wireless spectrum, DoD Chief Information Officer Teri Takai said during a June 18 panel on spectrum supply and demand hosted by the Washington Post
Oracle announces nine year collaboration with rival Salesforce(Inquirer) Will bring CRM software to its cloud while providing database and Linux support. ENTERPRISE SOFTWARE VENDOR Oracle has announced a nine year partnership with the CRM software vendor Salesforce to use Oracle Linux, Java and Oracle's cloud services
FireEye Uncovers Key Characteristics to Identify Origin of Advanced Cyber Attacks(CMO) FireEye®, Inc., the leader in stopping today's new breed of cyber attacks, today announced the release of "Digital Bread Crumbs: Seven Clues To Identifying Who's Behind Advanced Cyber Attacks," a report which details the most prevalent attack characteristics that can help security professionals identify threat actors and better defend organizations from future advanced cyber attacks. The report also identifies an attack tactic employed by the Chinese military group known as "Comment Crew," previously linked to targeted attacks against the U.S. government
Bitdefender drops the number and goes Photon on your PC(CNET) Bitdefender®, the award-winning provider of innovative antivirus solutions, has launched an even faster and more precise new line of products that form-fits to each computer for top speed, clads private data in iron protection and makes the internet a
Technologies, Techniques, and Standards
CSI: Cyberattack(Dark Reading) The attacker behind the keyboard is human, too: He's a creature of habit, and he sometimes makes mistakes. Identifying telltale patterns used in an attack can provide useful intelligence to help organizations better lock down their information and resources in the bull's-eye
Understanding deep packet inspection (Part 2)(Eetasia.com) Based on the discussion in Part 1, it can be seen that a DPI device must fulfil a variety of functions that are best distributed over several functional units that best support the respective required function. Additionally, it must be possible to
SSL Labs: Deploying forward secrecy(Help Net Security) With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called forward secrecy has suddenly become very interesting. So what is it, and why is it so interesting
Tiller: NS2020 will facilitate ubiquitous IP(FierceGovIT) Federal agencies should in the coming years leave behind their time division multiplexing networks in favor of ubiquitous Internet protocol, urged Frank Tiller, acting director of network services at the General Services Administration, who derided TDM as "older generation networking technology"
Ten Questions Every Business Should Ask Before Developing a Cloud Security Policy(SecurityWeek) Scott Hazdra, principal security consultant for Neohapsis, has posed some interesting questions organizations need to ask when developing a cloud security policy. Given the growing need to protect data, cloud security policy development is a crucial first step in the process, but it isn't as easy as it seems
Backgrounder: Mobile app code of conduct(FierceMobileGovernment) Origins: In February 2012, the White House directed the National Telecommunications and Information Administration to convene stakeholders to develop codes of conduct that would specify how the Consumer Privacy Bill of Rights applies in certain contexts. In June 2012, NTIA announced that the first such process would address transparency in mobile application privacy
Fact and Fiction in the NSA Surveillance Scandal(Slate) The whistle-blower's claims, revisited. For years the National Security Agency has successfully shielded its surveillance programs from any real public scrutiny. But in the past few weeks, its controversial spying efforts have been thrust into the international spotlight following an unprecedented leak of top-secret documents
NSA to implement 'two-man rule' in wake of Snowden leak(Infosecurity Magazine) According to reports, the US National Security Agency (NSA) will be implementing a two-person rule to prevent another leak by a system administrator like Edward Snowden, the contractor who exposed details of the Operation PRISM surveillance program
SASC calls for new oversight of Cyber Command(FierceGovIT) The Senate Armed Services Committee says it has concerns that oversight of Cyber Command and the cyber mission within the Defense Departments "is fragmented and weak," calling for creation of a Senate-confirmed position within the undersecretary of defense for policy to supervise and manage the funds of offensive cyber forces
White House should develop cyberspace deterrence policy, says SASC(FierceGovIT) The president should develop a deterrence policy for cyberspace, says the Senate Armed Services Committee. Current policy documents, the committee says in the legislative report (.pdf) accompanying its June 14 23-3 markup of the fiscal 2014 national defense authorization act (S. 1197), lack depth and breadth and fall short of an "integrated policy to deter adversaries in cyberspace."
Fallout from Snowden's sharing of NSA secrets(Washington Post) Congress and the courts will sort out the big questions about privacy and surveillance posed by Edward Snowden's disclosure of National Security Agency (NSA) monitoring programs. In the meantime, there are some nagging smaller questions raised by this hemorrhage of secrets
Al-Qaida Said To Be Changing Its Ways After Leaks(Yahoo) U.S. intelligence agencies are scrambling to salvage their surveillance of al-Qaida and other terrorists who are working frantically to change how they communicate after a National Security Agency contractor leaked details of two NSA spying programs. It's an electronic game of cat-and-mouse that could have deadly consequences if a plot is missed or a terrorist operative manages to drop out of sight
Former NSA leakers: We told you so(IT World) Recent leaks about surveillance programs at the U.S. National Security Agency show an agency with little regard for the U.S. Constitution and laws on the books, two past NSA leakers said Wednesday
Letters at 3AM: The Patriot Edward Snowden(Austin Chronicle) Edward Snowden is the American equivalent of the man who stood in front of that tank in Tiananmen Square. Disclosures by the patriot Edward Snowden will have at least one penetrating and unpredictable result: Even though Americans may not face what we've enabled two administrations to do to us, and we may go on denying that we've become the nation we've become – now the whole world has seen proof. The world will not forget, and the world will not let us forget
Edward Snowden Steps Into Secret U.S.-Russia Spy Scuffle(ABC News) As NSA leaker Edward Snowden is said to be spending his third day in hiding in a Moscow airport, the 30-year-old contractor may have unwittingly become the newest player in a relentless yet relatively little-known espionage war between the U.S. and Russia
The Cold War Is Back(Slate) Edward Snowden's long layover reminds us that Russia is not an ally. For those who think that Edward Snowden deserves arrest or worse, cheer yourselves with the thought that Sheremetyevo International Airport might possibly be the most soul-destroying, most angst-inducing transport hub in the world. Low ceilings and dim lighting create a sense of impending doom, while overpriced wristwatches glitter in the murk. Sullen salesgirls peddle stale sandwiches; men in bad suits drink silently at the bars. A vague scent of diesel fuel fills the air, and a thin layer of grime covers the backless benches and sticky floor. It's not a place you'd want to spend two hours, let alone 48
Snowden Watch: Why Putin is Loving It(National Journal) The Russian leader loves to humiliate Washington, and he now has the ultimate tool. During his 13 years in power, Vladimir Putin has demonstrated a fondness for detaining all kinds of dissidents: rich ones, like the imprisoned tycoon Mikhail Khodorkovsky; pop culture ones, like the band Pussy Riot. So Putin must be at least somewhat sympathetic to Washington's desire to arrest America's most prominent dissident, Edward Snowden. In remarks on Tuesday, Putin indicated that he didn't want the National Security Agency leaker to remain in a transit zone at a Russian airport, saying "the sooner he chooses his final destination, the better it is for him and Russia"
Cyber guardsmen could defend domestic networks(Army Times) Keith B. Alexander, the head of U.S. Cyber Command and the National Security Agency. A bipartisan Senate bill calls for "Cyber Guards" in every state, trained and prepared to respond to cases of cyber and network attacks. The bill suggests the Guard
Cyberspace is a Team Sport(Signal Magazine) Jennifer Napper, USA, director of plans and policy, U.S. Cyber Command, and other panelists at the AFCEA International Cyber Symposium in Baltimore said that cyber requires cooperation across the U.S. government, with the private sector and with other
Even Breach Notifications Are Bigger In Texas(SecurityWeek) If you lose a database with personal information of residents of different states, what state law or laws apply when it comes to notifying those people of the breach
RBI directs banks to be wary of cyber attacks(Economic Times) The Reserve Bank today directed banks to periodically check their preparedness to prevent any cyber attack. "Considering that cyber attacks could threaten the confidentiality, integrity and availability of data and the systems, it is imperative
Ecuador Hints At Slow Process On Snowden Asylum(New York Times) Ecuador signaled on Wednesday that it may deliberate slowly on the asylum application from Edward J. Snowden, the fugitive former security contractor wanted in the United States, raising the possibility that he could spend weeks in legal limbo as he plots his next steps inside a Moscow airport transit area
State Department Cables Were Unprotected, Witness In Bradley Manning Trial Testifies(Huffington Post) They specify in intense detail, down to the vodka brand, the United States' observations of foreign powers. But the State Department took few steps to protect its classified diplomatic cables once they were handed over to the military, its former Chief Technology Officer Charlie Wisecarver testified in Bradley Manning's trial on Wednesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Resilience Week 2013(San Francisco, California, USA, August 13 - 15, 2013) The 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Shaping the Future of Cybersecurity Education Workshop(Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...
Cloud Connect(Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...
NASA National Capital Region Industry Days(Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in...
AFCEA International Cyber Symposium 2013(Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government,...
ShakaCon(Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better...
American Technology Awards Technology and Government Dinner(Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology...
QUESTnet 2013 Conference(Gold Coast, Queensland, Australia, July 2 - 5, 2013) Queensland Education, Science and Technology Network (QUESTnet) is the Queensland regional component of the Australian Academic and Research Network (AARNet). The QUESTnet conference is an annual event...
Digital Forensics and Incident Response Summit(Austin, Texas, USA, July 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as...
London Summer 2013(London, England, UK, July 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The...
3rd Cybersecurity Framework for Critical Infrastructure Workshop(San Diego, California, USA, July 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations,...
cybergamut Technical Tuesday: Remote Digital Forensics(Columbia, Maryland, USA, July 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information...
Mobility Solutions for the Federal Market(Falls Church, Virginia, USA, July 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents.
2013 World Comp(Las Vegas, Nevada, USA, July 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields...
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.