Security researchers, among them Arbor Networks and Crowdstrike, note that the Izz ad-Din al-Qassam Cyber Fighters' denial-of-service campaign against US banks is too well-funded to be written off as simple hacktivism. The attacks have evolved in sophistication (largely through the addition of automated malware toolkits) and appear to be motivated in part by a desire to demonstrate a cyber attack capability. Crowdstrike speculates that the Cyber Fighters are connected to Hamas, which runs counter to earlier suspicion of Iran.
Australia's Reserve Bank (comparable to the Bank of England or the US Federal Reserve) sustained a cyber attack over the weekend and is currently recovering and locking down security. The Bank says the exploit used "Chinese-developed" malware, although today's reports stop short of attributing the attack to the Chinese government. China meanwhile continues to denounce Mandiant's report of a PLA campaign against Western news services as a smear, complains about US hacking of Chinese systems, and calls for an international regime governing Internet espionage. (The SANS Institute huffs on the other side that Mandiant's report revealed too much, compromising sources and methods.)
The vexed Sino-American relationship in cyberspace—not quite enemies but not fully partners either—comes in for more examination as US Cyber Command and NSA head General Alexander prepares to testify before Congress tomorrow.
Many companies lack a BYOD policy, but Intel not only has one, it's so pleased with it that the company is expanding employees' BYOD options.
Privacy advocates see legislation pending in Texas as a bellwether.
Today's issue includes events affecting Australia, China, European Union, Finland, Germany, India, Iran, Russia, Turkey, Uganda, United Arab Emirates, United States, and Venezuela..
Cyber Attacks, Threats, and Vulnerabilities
Size, Funding of Bank DDoS Attacks Grow in Third Phase(Threatpost) The resumption this week of distributed denial of service attacks against major U.S. banks brought not only more cost and disruption to financial institutions trying keep online services available, but it also raised new questions about the funding and true motives behind the attacks
Australian central bank computers hacked(Emirates 24/7) Computer networks at the Reserve Bank of Australia have been hacked, officials said Monday, some reportedly by Chinese-developed malware searching for sensitive information. The central bank revealed the attacks after investigations by The Australian Financial Review found multiple computers had been compromised by malicious software seeking intelligence
Reserve Bank escapes cyber attack(The World Today) The Reserve Bank is in the midst of a security crackdown over a cyber attack that exposed potentially sensitive internal information. The attack involved a series of emails carrying what's been described as "malicious payload" targeted at senior RBA staff
China calls for global hacking rules(The Age) China issued a new call on Saturday for international "rules and cooperation" on internet espionage issues, while insisting that allegations of Chinese government involvement in recent hacking attacks were falsified as part of an international smear campaign. The remarks, by Foreign Minister Yang Jiechi, were China's highest level response yet to intensifying accusations that the Chinese military may be engaging in cyber espionage
China accuses U.S for hacking 2200 of its Computers in last 2 months(Hack Read) China's Computer Networks Emergency Response Coordination center is the top internet security agency in China. Xinhua on Sunday, reported as, CNCERT says Foreign based hack attempts against the Chinese computer networks in Seriously Increasing. It additionally said that half of the hack-attacks were made by United States which repeatedly blamed for escalating cyber-attacks against US industrial and governments network and security systems
Obama rejected tough options for countering Chinese cyber attacks two years ago(Washington Times) Meanwhile, China recently issued a veiled threat to the United States about U.S. accusations of Chinese military cyber espionage. China told U.S. officials that continued U.S. public accusations of cyber espionage would render future bilateral discussions unproductive during recent U.S.-China talks following the release of a security firms report linking the Chinese military to cyber spying. On plans to deter Chinese cyber attacks, senior administration officials turned down a series of tough options designed to dissuade China from further attacks that were developed over a three-month period beginning in August 2011
Mandiant APT1 report reveals too much information(SC Magazine UK) The Mandiant report on the alleged Chinese state-sponsored hacking group APT1 has revealed too much information about its tactics, according to industry experts. Speaking to SC Magazine, SANS Institute instructor and cyber security expert at Secure
Kaspersky firewall bug can lock up entire OS(FierceCIO: TechWatch) A flaw found in Kaspersky Internet Security 2013 renders it susceptible to a remote attack that can completely freeze the underlying operating system. A specially created IPv6 packet to computers running the security software will trigger the bug. The vulnerability also exists in any Kaspersky product that includes the firewall functionality. In a disclosure on the Full Disclosure mailing list, security researcher Marc Heuse wrote: "A fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system. No log message or warning window is generated, nor is the system able to perform any task
Revenue Department websites come under cyber attack(The New Indian Express) The Kerala Revenue Department has come under the attack of cyber criminals with two of its websites defaced by the hackers. The websites of the Commissionerate of Land Revenue and the Directorate of Survey and Land Records were hacked on Sunday
Pricey crime kit adds 'McRAT' Java zero-day four days after patch(CSO Magazine) In less than one week, the high-priced commercial exploit kit known as "Cool" has added an exploit for the Java zero-day flaw affecting Web browser plugins that Oracle patched last Tuesday. The makers of Cool may have illustrated why it costs $10,000
Malware peddlers exploit death of Hugo Chavez(Help Net Security) As predicted, the death of such a well-known and controversial politician as the Venezuelan President Hugo Chavez has been exploited by cyber criminals to lead users to malware
Meet the men who spy on women through their webcams(Ars Technica) The Remote Administration Tool is the revolver of the Internet's Wild West. "See! That s**t keeps popping up on my f**ing computer!" says a blond woman as she leans back on a couch, bottle-feeding a baby on her lap. The woman is visible from thousands of miles away on a hacker's computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman's screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman's computer
Security Patches, Mitigations, and Software Updates
Mozilla and Google Patch Browser Flaws Used in Pwn2Own(Threatpost) Within less than 24 hours of the vulnerabilities being used and disclosed to them, both Mozilla and Google have issued patches for flaws employed by participants in this week's Pwn2Own contest at CanSecWest here
Apple Finally Fixes App Store Vulnerabilities(Threatpost) Apple has fixed several App Store security issues that first arose last summer, but it hasn't explained why it took so long to start encrypting communications using public Wi-Fi networks. A Google researcher working on his own time discovered in July 2012 that Apple was serving up data over an unencrypted HTTP connection, leaving its Apple App Store customers open to attacks from anyone using the same public network. Six months later, the company finally flipped on the encryption
7 security bulletins for Patch Tuesday next week(FierceCIO: TechWatch) Microsoft (NASDAQ: MSFT) has announced seven security bulletins for the Patch Tuesday for March 2013 next week. The seven vulnerabilities affect all versions of Microsoft Windows, as well as Mac OS X, courtesy of a patch for Visio and Microsoft Office Filter Pack. Four of these bulletins are tagged as "critical," including the one for Office
In Cyberwarfare, What Is An 'Imminent' Threat?(Washington Post) When Gen. Keith Alexander, the head of the Pentagon's Cyber Command, comes to the Hill on Tuesday, he will probably be asked to describe his plans for building a military force to defend the nation against cyberattacks
The Coming Cyber Attack that Could Ruin Your Life(The Fiscal Times) "An adversary looking to cause chaos could pick any part of critical infrastructure, from banking to power to health care," said Jeffrey Carr, chief executive officer of Taia Global, a cyber security firm. "All of those are vulnerable to cyber attack
Why The US Is Not In A Cyber War(Daily Beast) And while the recently relaunched House Intelligence Committee's Cyber Intelligence Sharing and Protection Act CISPA is carefully worded to acknowledge the centrality of the Department of Homeland Security to its information-sharing process, concerns
Sri Lanka ICT Agency to Hold Seminars on Securing State Websites(Softpedia) After the recent series of hacker attacks, which are said to have impacted around 500 sites, Sri Lankan authorities have come to realize the importance of properly securing government websites. According to Colombo Page, the Sri Lanka Information Communication Technology Agency (ICTA) will hold a series of seminars and awareness programs to teach the administrators of government sites how to protect them against cyberattacks. The seminars, conducted by the countrys Computer Emergency Response Team (SLCERT), will focus not only on the protection of state-owned websites, but they will also include the private sector, to teach companies how to protect sensitive information
Forensics lab for computer crime opened in Kampala(Monitor) With computer aided theft now becoming rampant in the country, a private hacking forensics consulting company has opened a laboratory to train Ugandans in cyber security. According to Mr Mustapha Mugisa, one of the consultants at Summit Consulting, their forensics laboratory will give Ugandans world class specialised training that otherwise would have required them to go and get it from the US. They have partnered with the International Council of Electronic Commerce Consultants, the owners and creators of the famous Certified Ethical hacker and Computer Hacking Forensics Investigator
$875M computer center coming to Fort Meade(CapitalGazette.com) With a completion date set for 2015, the National Security Agency is close to starting construction on a new High Performance Computing Center, set to be built on the former golf course at Fort Meade. With a price tag of nearly $875 million, the center
Raytheon, Lockheed to Get U.S. Secrets for Cybersecurity(Bloomberg BusinessWeek) Lockheed Martin Corp. (LMT) and Raytheon Co. (RTN) are vying with telecommunications companies to defend banks and power grids from computer attacks, in a program that gives them access to classified U.S. government data on cyber threats
Verizon Wins BPA to Provide Cloud Services to USDA(The New New Internet) Verizon has won a blanket purchase agreement to provide cloud computing products and services to the Agriculture Department aimed at helping USDA manage resources and meeting federal mandates
Chantilly's TASC, Inc. Appoints Chief Technology Officer(Chantilly Patch) Keith Littlefield, former chief information officer at National Geospatial Intelligence Agency, named to position. TASC, Inc., located at 4805 Stonecroft Blvd., in Chantilly, has appointed Keith Littlefield , former chief information officer at the National Geospatial-Intelligence Agency (NGA), the company's chief technology officer
Cerberus, White Courtesy Phone, Please(Dark Reading) Why you need two opposing styles of monitoring. Remember what I wrote last time about the danger of assumptions and bias in security monitoring? Well, forget what I said. No, not really. But there's another way to look at it. The purposes of monitoring can be many and varied; one of the big ones, of course, is catching the intruder
Building dependencies on free apps and services is bad practice(ZDNet) How many times have you seen free services disappear, switch to non-free, restrict you too much or have no value--even free of charge? I've seen it more than I want to admit to. I came up with the idea for this post when researching information for a post that a reader requested on free and inexpensive VPN services
Helping users make better security decisions by design(Naked Security) As a technically minded individual I fall into the same trap as many others. I obsess over implementation and every tiny detail when designing something, often everything but how users will interact with my creation. Nearly ten years ago I was asked to help design the Sophos Email Appliance
15 percent of companies have no BYOD policy(Help Net Security) ThreatMetrix announced results of a study that surveyed U.S. business managers and IT executives within retail and financial services organizations on their level of cybersecurity planning and fraud
Intel expanding BYOD program(FierceCIO: TechWatch) Intel (NASDAQ: INTC) is apparently having some success with its BYOD, or Bring Your Own Device, program, as reported by Computerworld, Indeed, Intel CIO Kim Stevenson says employees recorded savings of about 57 minutes per employee, per workday with its BYOD program last year. It is unclear how this was recorded, though the company is sufficiently pleased that it is expanding its BYOD program
Bill Gates: Schools are at a 'technology tipping point'(IT World) The growing use of handheld devices and social media among students is creating a technology tipping point for schools that could completely break down the barriers between teaching platforms within five to 10 years, Bill Gates said Thursday
Cyber Defense Competition Trains Next Generation for Cyber Warfare(WCSH6) In today's technological world everything can be done online or on a smartphone. Many of us do not think twice when we log onto our computers, but behind the scenes there is a group of people fighting to make sure our most private information stays private. The annual Northeast Collegiate Cyber Defense Competition puts college students against some of the nation's best hackers to ensure the next generation is ready for anything
NCC crowd learns about cyber security from U.S. Department of Homeland Security(Lehigh Valley Live) Password1 is the most common password in the United States. That's something that makes Kristina Dorville cringe. Dorville, outreach and awareness director for the National Cyber Security Division of the U.S. Department of Homeland Security, is spearheading the department's Stop.Think.Connect campaign aimed at educating people how to surf the Internet without leaving themselves open to cyber attack
Legislation, Policy, and Regulation
Cyber Marines(Marine Corps Times) Buried in an unmarked office, within a nondescript business park just miles from Fort Meade and the National Security Agency, resides what is perhaps the Marine Corps most secretive organization
Two Texas Bills Could Shape Mobile Privacy(Threatpost) Two bills introduced in Texas this week could refine mobile privacy in the state and tweak how law enforcement can request sensitive information from cell phones going forward
Cyber Command Adapts to Understand Cyber Battlespace(Patch.com) Brett T. Williams, director of operations at U.S. Cyber Command, described how Cybercom is using the Internet and other aspects of the cyber environment to execute its mission. "The challenge we have is that the Internet was never designed for military
Janet Napolitano: DHS Prioritizing Future Cyber Attack Prevention(ExecutiveGov) Homeland Security Secretary Janet Napolitano told a Senate committee Thursday that DHS is focusing on preventing future cyber attacks over combating current cyber incidents, Nextgov reports. Aliya Sternstein writes Napolitano was addressing a question
Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai(voiceofgreyhat) Yet again another infamous gang of cyber criminals who were behind the hack of more than $7 Million from exchange companies in Dubai get busted by the Dubai Police. The special Criminal Investigation Department (CID) of Dubai Police were behind these criminals for a long time, and after a certain period they successfully managed to track down and crack the cyber crime ring. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on last Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the countr
Asian network of on-line card fraudsters dismantled(Help Net Security) Finnish law enforcement authorities, working closely with the European Cybercrime Centre (EC3) at Europol, have dismantled an Asian criminal network responsible for illegal internet transactions
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Critical Security Controls International Summit (London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
Google and University of Maryland Cybersecurity Seminar(College Park, Maryland, USA, March 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information...
Department of Homeland Security 6th Annual Industry Day(Washington, DC, USA, March 18, 2013) The Department of Homeland Security (DHS) will be hosting its 6th Annual Industry Day to provide advanced acquisition planning information to industry. DHS Industry Day will consist of two sessions, the...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
SANS Cyber Threat Intelligence Summit(Washington, DC, USA, March 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.