China appears to have stepped up attacks on Tibetan and Uyghur activists. Kaspersky says the attacks rely on Android malware that facilitates spearphishing—a new development in mobile exploits.
Iranian-sympathizing Izz ad-Din al-Qassam Cyber Fighters resurface in denial-of-service attacks against Wells Fargo.
A dispute between Netherlands web-hosting service CyberBunker and the Spamhaus Project is jamming networks around the world. CloudFlare first reported the attacks last week. CyberBunker, which assiduously cultivates a bad-boy image (we'll host almost anything; Dutch SWAT teams tried but couldn't break into our headquarters, etc.), is retaliating against Spamhaus' blacklisting them as spammers through a very widespread DNS-based denial-of-service campaign. (Data streams have reached 300 billion bits per second.) The Sydney Morning Herald quotes Akamai Networks on CyberBunker: "These guys are just mad. To be frank, they got caught. They think they should be allowed to spam."
Anonymous claims of a successful attack on the Mossad appear inflated, but the hacktivist collective announces its next target: Facebook censorship.
IOActive finds new industrial control system vulnerabilities at monitoring systems' backend interfaces.
Failure to update software enables many Java exploits to thrive in the wild.
Three data breaches are disclosed, two of them in US university healthcare systems, the third, more embarrassingly, in Britain's GCHQ, which sent jobseekers plaintext password reminders.
Raytheon reorganizes and cuts jobs. A Pell Center study finds that US universities are poorly preparing students for cyber careers.
A honeypot researcher offers insight into the controversial technique: he thinks it most useful for "awareness testing."
Today's issue includes events affecting Australia, China, Iran, Israel, Japan, Netherlands, Russia, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Android Trojan Used in Attacks Against Tibetan and Uyghur Activists(Softpedia) Kaspersky experts have identified a new attack that relies on a malicious Android application. The attack was discovered after the email account of an important Tibetan activist was compromised and abused to send out spear phishing emails to individuals from his contact list. The malicious notifications contained details regarding the World Uyghur Congress, but they also carried an Android package file called WUCs Conference
Another cyber attack targets Wells Fargo website(Los Angeles Times) Wells Fargo & Co.'s online banking operations have been knocked out intermittently by a cyber attack, the latest in a series of assaults since September on the websites of major U.S. banks. The website sitedown.co, which enables customers to report
GCHQ attempts to downplay amazing plaintext password blunder(The Register) Red-faced crypto and intercept intelligence agency GCHQ has admitted emailing plain text password reminders to people who register on its careers micro-site. The issue came to light after prospective job applicant Dan Farrall blogged about his experience of receiving a plain text reminder of his GCHQ recruitment site password by email after filling out its forgotten password form. Farrall only got round to blogging about the issue this week, two months after the offending email
Spam dispute becomes 'largest cyber attack' in history of the internet'(Sydney Morning Herald) A squabble between a group fighting spam and a Dutch company that hosts websites said to be sending spam has escalated into one of the largest computer attacks on the internet, causing widespread congestion and jamming crucial infrastructure around the world. Millions of ordinary internet users have experienced delays in services like Netflix or could not reach a particular website for a short time
Anonymous to protest against Facebook censorship(CSO) A post at Anonnews.org, a website associated with hacktivist movement Anonymous, has called for a new 'Op', this time calling on Facebook users to protest against the social networking giant's alleged censorship
ICS Vulnerabilities Surface as Monitoring Systems Integrate with Digital Backends(Threatpost) Draped across the automobile's front license plate is a printout, attached like it came off a roll of Scotch Tape. On the printout is a SQL statement; probably the last thing anyone would expect to see as a hood ornament. No one knows where the photograph came from or whether someone was trying to be funny, or legitimately trying to compromise the backend system controlling the traffic camera in the same photo. But one thing is for sure, this clever stunt has helped shed light on the insecurity of control systems
Dirty smartphones: Devices keep traces of files sent to the cloud(NetworkWorld) Research shows Android devices, iPhones could be at risk; though cloud service encryption updates could help. When smartphone users upload files to cloud-based services, remnants of those files often remain on their handheld device, even if the data is meant to be stored only in the cloud, researchers have found
Java-based attacks remain at large, researchers say(ZDNet) According to security researchers at Websense, it's not just zero-day attacks which remain a persistent threat. Instead, Java exploits are now a popular tool for cybercriminals. With so many vulnerabilities, keeping browsers up-to-date can become an
The Scope Of The Java Problem(Dark Reading) New Websense data highlights why Java is attackers' favorite target: most end users run outdated versions of the app. Nearly 95 percent of endpoints actively running Java are vulnerable to at least a single Java exploit, according to new data from Websense
How your Webhosting Account is Getting Abused(Internet Storm Center) Following up on Kevin Liston's earlier post [How your Webhosting Account is Getting Hacked], there are some forms of abuse that can affect your hosted web site without anyone actually getting shell access. ISC reader Mark contacted us after he noticed a significant load on his Apache web server. Closer investigation revealed that his box was sending email like crazy. Even closer investigation revealed that the email being sent was one of those fake "Wedding Invitation" phishes that have been quite frequent this week
Share via e-mail(Boston Globe) Allston's Blanchard's Liquors has apologized to its customers, saying a "cyber attack" compromised customers' financial information, and said it would know more about the extent of the attack at the end of the week. In a message posted on the store's
Texas Tech University Health Sciences Center Admits Data Breach(eSecurity Planet) Approximately 700 patient billing statements were mistakenly sent to other patients' mailing addresses. Tech Texas University Health Sciences Center (TTUHSC) recently posted a notice on its Web site announcing that an error had occurred on February 18 while processing billing statements for approximately 700 patients, as a result of which patient billing statements were mistakenly sent to other patients' mailing addresses
University of Mississippi Medical Center Admits Security Breach(eSecurity Planet) The University of Mississippi Medical Center (UMMC) recently posted a notice on its Web site warning of a recent data breach that may have exposed patient health and personal information (h/t PHIprivacy. net). The medical center was apparently notified on January 22 that a password-protected laptop used by UMMC clinicians was missing
Experts doubt Anonymous Mossad spy outing claims are kosher(The Register) Hacktivists claim to have published leaked data on more than 30,000 Israeli officials, including members of Israel's Mossad secret service agency. The boast by members of Anonymous follows a denial of service attack against the Mossad website
Security Patches, Mitigations, and Software Updates
LinkedIn Patches XSS and CSRF Vulnerabilities(Threatpost) LinkedIn has patched a number of exploitable vulnerabilities that could have led to phishing attacks, malware infections and the loss of credentials for users of the social network for business professionals
Google Fixes 11 Flaws in Chrome(Threatpost) Google Chrome 26, the latest version of the company's browser, is out and it contains a number of security patches, most notably a fix for a high-priority use-after-free vulnerability in the Web Audio component of the browser
Follow the Dumb Security Money(Dark Reading) When security companies raise big funding rounds and spend big bucks at security conferences, be afraid. Very afraid. It was amazing to see how excited folks were at the recent RSA Conference. Things were great! Every company was doing great! It was like hanging out with Tony the Tiger for a week. When things seem too good, they usually are and the contrarian in me goes into overdrive. I'm constantly looking for chinks in the armor, and over the past weekend I found it. I read two articles over the past week all excited that venture capital money is flowing back into security. We are now seeing security companies raising huge rounds of funding at what must be huge valuations. Being an analyst, I'm approached by lots of new security companies overflowing with VC cash, trying to get my attention. Having seen this cycle more than once, I know what time it is. It's the time when the dumb money returns to security
The state of data breaches(ComputerWorld) Security breaches can mean loss of custom and affect share prices, warns expert. The implications of data breaches can be severe for companies with potential financial losses and loss of customer trust. One of the most well known examples was the Sony PlayStation Network hack from 2011 where an estimated 100 million online accounts were compromised. According to Sony, costs from the PlayStation Network data breach totalled US$171 million
Zero-Day Java Attacks Pose Risk for Businesses, Security Expert Says(DigitalJournal.com) Businesses will be vulnerable to viruses and other forms of cyber-attack if they fail to plan strategies to help minimise and respond to zero-day attacks on their systems, an IT expert has said. Adrian Spink, CEO at Company85, has used a new article on
An Education In Cyber Security(Automation World) For many in manufacturing, the age of cyber-innocence ended with Stuxnet. Since then there has been steady progress on the industrial cyber security front. Meanwhile, the speed with which new worms, viruses and other exploits arrive continues to increase. The answer lie in applying practical security measures, and making a commitment to continually educating yourself on the topic
Increase in wireless systems, cost benefits drive remote monitoring market(FierceMobileHealthcare) The market for advanced remote patient monitoring has been growing steadily as healthcare systems increasingly move to all-wireless systems, integrate data processing and transfer EMRs. The market clocked in at $10.6 billion in 2012--up 19 percent from 2011, according to a new report from market research firm Kalorama Information
Health, wellness wireless sensor networks worth $16B by 2017(FierceMobileHealthcare) By 2017, more than 18 million health and wellness cloud-connected wireless sensor network (WSN) systems--excluding sports/fitness devices--will be shipped globally with annual revenues exceeding $16 billion, according to a report from San Diego-based technology research firm ON World
U.S. Nuclear Agency Enhances Cybersecurity With Cloud Computing(SIGNAL) Officials at the National Nuclear Security Administration are implementing a cloud computing solution known as Yourcloud that will improve security, cut costs and provide an anytime, anywhere, from any device networking capability. Officials aim to have a solution in place by year's end. The U.S. agency responsible for the management and security of the nation's nuclear weapons, nuclear proliferation and naval nuclear reactor programs is racing to put unclassified data on the cloud this year. Cloud computing is expected to provide a wide range of benefits, including greater cybersecurity, lower costs and networking at any time and from anywhere
DISA Lays Groundwork for Commercial Cloud Computing Contract(SIGNAL) One of the U.S. Defense Department's top information technology officials says work is beginning on a multiaward contract for commercial cloud computing services, but the official says he has no timeline or total value for the business
Raytheon To Merge Units, Cut 200 Jobs(Los Angeles Times) At a time when the aerospace industry is fretful about cuts in federal spending, military contractor Raytheon Co. announced that it plans to eliminate one of its business units and slash 200 jobs
Thomas Kennedy Named Raytheon COO In Realignment(GovConWire) Dr. Thomas Kennedy, a former Raytheon (NYSE: RTN) company vice president and president of the integrated defense systems business, has been promoted to executive vice president and chief operating officer
FireEye has disrupted the security landscape for protection against next-gen threats: Ashar Aziz(ComputerWorld) Ashar Aziz is the "new kid on the block" when it comes to the IT security industry. Aziz is the founder of California-headquartered FireEye, one of the fastest growing security companies of today. Last year, Forbes recognized FireEye as "Silicon Valley's Hottest Security Start-up." Aziz is also vice chairman of the board, CTO and chief strategy officer of FireEye which was established in 2005. During his recent visit to India, Aziz spoke extensively to CIO Magazine on why it has now become imperative for Indian CISOs to align with their company's vision to fight next-generation threats. FireEye has been in the technology limelight over the past couple of years. What is the company up to?
Malware-detecting sandboxing tech no silver bullet(CSO) The security technology called "sandboxing" aims at detecting malware code by subjecting it to run in a computer-based system of one type of another to analyze it for behavior and traits indicative of malware. Sandboxing -- one alternative to traditional signature-based malware defense -- is seen as a way to spot zero-day malware and stealthy attacks in particular. While this technique often effective, it's hardly foolproof, warns a security researcher who helped establish the sandboxing technology used by startup Lastline
Design and Innovation
At 17, App Builder Rockets to Riches From Yahoo Deal(Wall Street Journal) Seventeen-year-old Nick D'Aloisio is taking some time off from school in London, where he lives with his parents. He will let mom and dad help manage his money. Those are the decisions of a newly minted teenage millionaire
Device and Application Data from iOS Devices(4:Mag) People in mobile device forensics often ask, "How can I tell where the phone was at a given time?" Most people in our field know that most mobile devices have services running that allow applications to determine the device's location
Research and Development
Honeypot Stings Attackers With Counterattacks(Dark Reading) Researchers test the controversial concept of hacking back and gathering intelligence on attackers. A Russian researcher who built an aggressive honeypot to test the ability to hack back at attackers mostly ensnared fellow white hat researchers, script kiddies, and some of his friends in his experiment—but he discovered that he had also counterattacked the desktop of an intelligence agency in a nation formerly part of the Soviet Union
Services join forces to fight cyber crime(Financial Times) For years, the work of Britain's security services has been largely concentrated on the threat to the UK from jihadist terrorism. But increasingly, the security chiefs at MI5 and GCHQ are paying attention to another risk: the huge wave of state-sponsored cyber attacks by China and Russia on UK companies
Activists decry computer crime proposal(CSO) A proposal to expand computer crime law moves in the wrong direction, activists say. A proposal in the U.S. Congress to strengthen the penalties in the Computer Fraud and Abuse Act is a "giant leap in the wrong direction" for digital rights activists calling for changes in the law after the suicide of hacktivist Aaron Swartz earlier this year
US Computer Law Used Against Swartz Could Become Even Harsher(Eurasia Review) The most controversial computer law in the United States could finally be updated and its the exact opposite of what activists like Aaron Swartz have been fighting for. Advocates have urged Congress to reform the Computer Fraud and Abuse Act since way before 26-year-old hacker Aaron Swartz committed suicide in January while awaiting trial for a CFAA case that could have sent him to prison for decades and since then petitions to push for a new CFAA have come and gone. Members of both the US Senate and the House of Representatives have said that the legislation is too strict and needs adjustment, and meanwhile hackers like Andrew Auernheimer have had their lives turned upside down thanks to the governments arguably asinine interpretations of the CFAA
Former City of Hoboken IT Manager Admits Accessing Mayor's E-mails(eSecurity Planet) Patrick Ricciardi faces up to 15 years in prison and a fine of up to $750,000. Patrick Ricciardi, 46, the former chief information technology officer for the City of Hoboken, N.J., has admitted intercepting e-mails sent to city mayor Dawn Zimmer and other top officials, then forwarding those communications to other e-mails
Gangbangers' online M.O. remarkably normal(CSO) While not your typical cyberattacker, however, they're more likely to engage in criminal online behavior than non-gang peers, researchers note. Street gang members act much like other young adults online -- although they do have a higher tendency to engage in deviant behavior, say criminal justice researchers. "Much of what they do is age appropriate," one of the researchers, David Pyrooz, an assistant professor at the College of Criminal Justice at Sam Houston State University in Huntsville, Texas told CSO
Alleged cyber-riddler who issued Japan Airlines bomb threat to be indicted(Japan Daily Press) Yusuke Katayama, the alleged cyber-riddler who used a virus to issue online threats from other peoples PCs, is set to be indicted over the Japan Airlines bomb threat from August 2012. He is also believed to have been involved in several other incidents which led to four false arrests in 2012. The Tokyo District Public Prosecutors Office will charge Katayama, a 30 year old information technology employee, with violating the hijack prevention law, among other violations
A Sirious matter: Apple hit with patent lawsuit in China while media bay for blood(Quartz) Apple is appearing in a Shanghai court today to face China's Zhi Zhen Internet Technology, which says that Apple's dulcet-toned voice interface violates its patent. Zhizhen started developing the Xiao i—or "small i"—robot, a "voice-activated personal assistant", in 2003 and was granted a patent in 2006. Xiao is remarkably similar to Siri, down to the tones it uses on activation and the icon design—and it's the latest in a very long list of intellectual property lawsuits filed by Chinese firms against Apple
Wisconsin Man Charged In Cyber Attack On Koch Industries(KAKE) Wisconsin Man Charged In Cyber Attack On Koch Industries. March 26, 2013. A Wisconsin man has been charged with taking part in a cyber-attack on Koch Industries that was organized by a group called Anonymous, the U.S. Attorney's office said today
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
HITBSecConf2013(Amsterdam, the Netherlands, April 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team,...
SANS Northern Virginia 2013(Reston, Virginia, USA, April 8 - 13, 2013) This event features comprehensive hands-on technical training fand includes several courses that will prepare attendees for DoD 8570 and GIAC approved certification exams. Four of the courses can apply...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Software Engineering Institute Invitational Career Fair(Pittsburgh, Pennsylvania, USA, April 11 - 12, 2013) Attention software engineers and cyber security professionals, the Carnegie Mellon Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing...
Information Tech Expo Series - Hawaii(Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness...
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Cyber Guardian 2013(Baltimore, Maryland, USA, April 15 - 20, 2013) Cyber Guardian is the SANS Institute's annual, interactive training session for cyber security professionals. All courses are associated with a GIAC Certification, and cover topics like intrusion detection,...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
Mobile Device Security for Defense and Government(Alexandria, Virginia, USA, April 23 - 24, 2013) This Defense Strategies Institute conference addresses the challenges of operating mobile devices in networks whose security is mission critical. The symposium's overall theme will focus on DOD's plan...
Infosecurity Europe(London, England, UK, April 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every...
INSA Leadership Dinner Featuring Betty Sapp, Director, NRO(Reston, Virginia, USA, April 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community.
23rd Annual Government Procurement Conference(Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.