The Guardian investigates the Syrian Electronic Army (SEA). The UK newspaper, itself a victim of SEA Twitter account hijacking, reports the SEA is directed by the Assad regime, that it works to disrupt Syrian rebels' online activities, and that it both spreads the regime's "alternative narrative" of the civil war and punishes media outlets that won't. The SEA is said to operate principally from "secret locations" in Dubai, covered by Rami Makhlouf's business operations.
Twitter says the SEA's recent account hacks were accomplished through social engineering, and warns media companies to expect more.
Effects of the LivingSocial breach continue to expand, courtesy of careless password sharing and reuse. Banks in particular regard the breach as a threat to customers' security.
British bank Ramnit undergoes an attack Trusteer describes as sophisticated—HTML injection carefully crafted to mimic legitimate webpages with unusual plausibility.
Gaming software site SourceForge continues to be spoofed by sites that deliver crimeware payloads.
A firmware backdoor is found in D-Link and Vivotek IP cameras. Malicious pdfs are on the rise, and McAfee finds a vulnerability in Adobe Reader. Authorities in Mecklenburg Vorpommern decide it's easier to replace infected computers than clean them of the Conficker worm.
Peripherals are increasingly exploited in denial-of-service attacks. Tools to execute such attacks have become a staple of the crimeware black market. There are some indications that market is adopting Bitcoin as a difficult-to-trace currency.
Australia plans to upgrade cyber defenses. Mozilla tells Gamma International to cease and desist spoofing Firefox with FinSpy.
Today's issue includes events affecting Australia, China, Germany, Japan, People's Democratic Republic of Korea, Russia, Switzerland, Syria, Ukraine, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Syrian Electronic Army: Assad's cyber warriors(The Guardian) Phishing attack is latest by pro-Assad hackers operating out of Dubai, who target sites with views opposed to their own. In recent weeks, the self-styled Syrian Electronic Army (SEA) has launched hacking attacks on the BBC, the Associated Press (AP) and most recently the Guardian. Last week the group succeeded in hijacking AP's main Twitter account, with 1.9 million followers. It falsely claimed that President Obama had been injured in an explosion. AP corrected the message, but not before $130bn had been briefly wiped off the value of stocks
Cyber-criminals Target UK Banks with Sophisticated Malware(IB Times) Customers of a UK bank are being targeted by sophisticated cyber-criminals who go to great lengths to avoid detection. Awareness levels regarding potential threats online are growing among the public, but according to security firm Trusteer, this is only spurring cyber-criminals to be more innovative in creating sophisticated malware which targets online banking services
More Malware Showing Up on Fake SourceForge Web Sites(Threatpost) Malware developers continue to clone SourceForge Web sites that appear to offer the source code for popular gaming software but are actually peddling malicious code tied to the ZeroAccess Trojan. Julien Sobrier, a security researcher for San Jose-based cloud security provider Zscaler, on Tuesday outlined several more malicious versions of the popular file-sharing sites, some
Backdoor found in firmware of IP cameras(FierceCIO: TechWatch) Security researchers from Core Security have discovered critical security vulnerabilities in the firmware powering IP cameras made by D-Link and Vivotek. In the case of D-Link, the researchers found multiple flaws that include the ability to inject arbitrary commands into the camera from its administrative web interface
Washington Hospital Hit By $1.03 Million Cyberheist(Krebs on Security) Organized hackers in Ukraine and Russia stole more than $1 million from a public hospital in Washington state earlier this month. The costly cyberheist was carried out with the help of nearly 100 different accomplices in the United States who were hired through work-at-home job scams run by a crime gang that has been fleecing businesses for the past five years
Texas Hospice Acknowledges Security Breach(eSecurity Planet) Information on 818 patients may have been exposed. Hope Hospice of New Braunfels, Texas recently announced that a routine audit on February 25 found that an employee had e-mailed a report of recent referrals and admissions to themselves on December 27, 2012 and February 22, 2013
Google Glass Cracked(Threatpost) On Friday, Jay Freeman announced on Twitter that he exploited a known vulnerability and subsequently achieved root access to his developer-model of Google Glass - Google's highly anticipated, wearable, head-mounted computer
Malicious PDFs On The Rise(TrendLabs Security Intelligence Blog) Throughout 2012, we saw a wide variety of APT campaigns leverage an exploit in Microsoft Word (CVE-2012-0158). This represented a shift, as previously CVE-2010-3333 was the most commonly used Word vulnerability. While we continue to see CVE-2012-0158 in heavy use, we have noticed increasing use of an exploit for Adobe Reader (CVE-2013-0640) that was made infamous by the "MiniDuke" campaign. The malware dropped by these malicious PDFs is not associated with MiniDuke, but it is associated with ongoing APT campaigns
McAfee Warns of Adobe Reader Security Flaw(eSecurity Planet) The vulnerability can be exploited to determine where and when a PDF was opened. Researchers at McAfee Labs recently came across some PDF samples that exploited an unpatched vulnerability affecting every version of Adobe Reader, including Adobe Reader XI
Cheap and Accessible--1-Day DDoS Attacks Gain Traction, Expert Warns(Virtual-Strategy Magazine) Researchers at Nexusguard have found that many tools on the market are developed specifically for zero-day vulnerabilities, but a new type of exploit is also gaining traction--one-day exploits. Speaking at Info Security 2013, Nexusguard researcher
Hacking Pacemakers(IEEE Spectrum) Manufacturers are still not putting security first when designing implantable medical devices. Steven Cherry: Hi, this is Steven Cherry for IEEE Spectrum's "Techwise Conversations." A few million people probably first thought about the security of pacemakers and other implantable medical devices last December when watching the TV show "Homeland." The character of Nick Brody contributes to an electronic attack on the pacemaker of the U.S. vice president. The pacemaker is made to fail once the attackers get some key security information from Brody
APT1: Exposing One of China's Cyber Espionage Units(PC Fórum) This video shows actual attacker sessions and intrusion activities conducted by one specific Advanced Persistent Threat (APT) group, which Mandiant has named APT1. This group has systematically stolen confidential data from at least 141 organizations
20 Years On, the Open Web Faces Challenges(Threatpost) For people of a certain age in the technology industry, one of the ways of establishing a connection with someone is by asking some version of the following question: How long have you been online? Depending upon how you define "online", the answer can vary from 15 to 25 or even 30 years
New [USAF] Cyber Command HQ Opens(Fox 29) We are already Military City U.S.A., but you could also call us Cyber City U.S.A. The Air Force opened a new cyber headquarters at Port San Antonio
Army Secretary: Congressman 'Was Not Correct'(DoD Buzz) The U.S. lawmaker who accused Army officials of not acting on a commanders request for commercial software to gather battlefield intelligence was not correct, the services top civilian said
Army Interested in New Office Close to Fort Meade(ExecutiveGov) Kevin Litten writes the Army wants 125,00o to 165,000 more square feet of space within 10 miles of Fort Meade. Litten writes there are no existing vacant buildings that meet the Army's request but the Corporate Office Properties Trust occupies 137,322
General Dynamics Picked To Patch Network Attack System(NextGov) General Dynamics is rolling out upgrades and logistics support for a classified Air Force network attack system, federal databases indicate. General Dynamics, the defense firm tapped for the contract from August 2012 to February 2013, is expected to continue servicing the system through the year's end, as part of a follow-on to its original contract. The Air Force estimates that it will spend an additional $233,800 on patches, upgrades and fixes for the system, according to a justification and approval document
LBMC Security And Risk Services Claims Top Prize At Cyber Readiness Challenge(The Chattanoogan) LBMC Security & Risk Services, a division of Lattimore Black Morgan & Cain, PC, earned first place in the Symantec Nashville Cyber Readiness Challenge held at the Franklin Marriott Cool Springs in Franklin, Tn. LBMC Security & Risk Services, one of LBMC's fastest growing service lines, provides a wide range of services including penetration testing, web application assessments and compliance services to numerous domestic and international companies and government entities
Peter Sherlock Promoted to MITRE SVP, Director of Bedford Operations(GovConWire) MITRE Corp. has promoted Peter Sherlock, former executive director for integration at its National Security Engineering Center, to senior vice president and director for the company's Bedford operations. Sherlock will oversee MITRE's research in cybersecurity
Skills shortage 'hindering' businesses cyber security efforts(Acumin) LivingSocial confirmed that over 50 million accounts were potentially affected by the cyber attack, with the possibility of names, email addresses, dates of birth and encrypted passwords being compromised. The company did confirm, however, that the
Save The Mom Puts A Family-Only Social Network On Your iPhone(TechCrunch) Italian company and TechCrunch Startup Alley participant at TechCrunch Disrupt NY 2013 Save The Mom has created an iPhone app that's designed to bring families closer together, with social networking tools designed specifically for private use. It's not only about being social, however, as it includes shared productivity and task management tools to make managing a family easier, too
Bond-style app could help UK spies(Perth Now) The company has already offered its Secure Messenger service for free to MPs and submitted the technology to CESG, the Government's National Technical Authority for Information Assurance, which provides advice on the security of communications and
Scammy Profile Viewer app is now "offered" by Facebook(Help Net Security) Once users become too familiar with a type of scam and stop falling for it, scammers tend to move on to new ones. But every now and then they go back to using old ones for a while in the hopes that
New Splunk App for Enterprise Security released(Help Net Security) Splunk announced the Splunk App for Enterprise Security 2.4. Splunk Enterprise and the Splunk App for Enterprise Security are a security intelligence platform that helps organizations discover unknown
Early Wave of Cyber Security Outsourcing Proving Successful(MarketWatch) Businesses looking to effectively address today's most pressing technology threats - computer viruses and data theft, lost productivity and corporate espionage - have traditionally had few satisfying opportunities to mitigate their risk. Off-the-shelf software from security vendors like Symantec SYMC -1.18% and Trend Micro TMICF +5.66% provide a certain degree of assurance, and on-staff IT personnel allocate at least a portion of their energies to cyber security, but few companies have the means or expertise to implement a dedicated, professionally staffed security program
New Amazon Blog Tackles Web Services Security Concerns(CRN) Enterprise IT security professionals have been looking for additional resources to protect sensitive data being migrated to the cloud, according to the Cloud Security Alliance, a nonprofit organization that promotes cloud security assurance best practices
Secunia SmallBusiness(PC Magazine) IT administrators in small businesses have a tough job keeping up with all the software updates for every single application installed on every computer in the organization. Software vendors either have their own patching schedule (Oracle CPU, Microsoft Patch Tuesday, Adobe updates, to name just a few) or don't release updates regularly. Administrators have to stay on top of all the update news, and push out updates or encourage users to not wait "for later" to install the security fixes. Enter Secunia SmallBusiness, a Web-based console wrapped around the company's Secunia Personal Software Inspector (PSI) 3.0 for small business networks
Emsisoft Anti-Malware 7.0(PC Magazine) Emsisoft Anti-Malware 7.0 now includes technology licensed from Bitdefender, but you'd be much, much better off just buying Bitdefender's antivirus, or any of the other PCMag's Editors' Choice products. By Neil J. Rubenking. I try my best to keep up
Q&A: NIST's Ron Ross on the fourth revision of SP 800-53(FierceGovernmentIT) The National Institute of Standards and Technology released April 30 its fourth version of Special Publication 800-53, the catalog of controls most agencies utilize in their cybersecurity programs. We spoke that day with Ron Ross, NIST Federal Information Security Management Act implementation and leader of the joint task force that put together the new revision
Don't Sign that Applet!(CERT/CC Blog) Hi, it's Will. I've recently been looking into the state of signed Java applet security. This investigation was triggered by the Oracle blog post IMP: Your Java Applets and Web Start Applications Should Be Signed, which as the title implies, suggests that all Java developers sign their applets, regardless of the privileges required. In this blog entry, I explain why this practice is a bad idea
Why you should access online banking on your smartphone rather than your computer(Quartz) 74% of US adults with bank accounts might want to change their behavior. Clay Calvert, the director of cybersecurity for MetroStar Systems, has a strategy for banking online designed to increase its security. MetroStar is a consultancy that has worked with government agencies--from the Federal Reserve Bank of Philadelphia to the FBI--to create systems that protect highly sensitive data from cyber attacks. Calvert banks online, but with one caveat: he only does it on his phone or tablet
How to rate a comparative anti-virus test - a six-step guide(Naked Security) It sometimes seems like anyone with a computer feels qualified to do comparative anti-virus testing. There are a lot of pitfalls to look out for, which often trip up unwary would-be testers and regularly lead to wonky data and odd conclusions. So how do you know which tests are any good
Why we need security awareness training programs(Help Net Security) Lately, some of the smartest people in infosec decided that security awareness trainings are a waste of time. Last out is Bruce Schneier, who decided to speak up against awareness training
Design and Innovation
CERN Geneva celebrates 20 years of the World Wide Web(Naked Security) It was twenty years ago today/That the World Wide Web came out to play…On 30 April 1993, CERN Geneva officially put the Web, and the early client and server side software that made it work, into the public domain
Big IT Firms Apply Talents to Fed Cybersecurity Research(E-Commerce Times) "Cyberthreats cut across networks, borders and sectors, and leaders in government and industry must work together to help protect the nation's critical infrastructure and information," said National Security Agency Director Gen. Keith Alexander at the
Data encryption solution shows promise for mHealth apps(FierceMobileHealthCare) A data encryption solution for mHealth apps, called DE4MHA, has successfully demonstrated that it can safely obtain health information with the data carried securely, according to an article in the Journal of Medical Internet Research
Obama To Reportedly Nominate Former Telecom Lobbyist Tom Wheeler As FCC Chair(TechCrunch) The White House will reportedly confirm that former telecommunications lobbyist Tom Wheeler will be nominated to chair the Federal Communications Commission. Current FCC Commissioner Mignon Clyburn will act as interim chairman while outgoing Chair Julius Genachowski enjoys his luxurious new life as a fellow at the Aspen Institute policy think tank. A decade ago, before he was a venture capitalist
Is UK any safer from cyber attack today than in 2010?(BBC News) In 2010 the British government designated the protection of computer networks as one of the country's most important national security priorities. In its Strategic Defence and Security Review (SDSR) it pledged, "the National Cyber Security Programme
UK consumers fear cyber attacks on smart meters, survey reveals(ComputerWeekly.com) UK consumers believe smart meters will capture too much personal information and will be vulnerable to cyber attack, a survey has revealed. Smart meters record consumption of electric energy in intervals of an hour or less and transmit that data to
White House Responds to CISPA Petition, Concerned About Privacy(PC Magazine) The White House today formally replied to an online petition calling for the demise of CISPA, reiterating that while it supports information sharing in order to stop a cyber attack, it does not believe the bill goes far enough on privacy. "Even though
Cyber warfare boost in defence plan(The Australian Financial Review) The white paper sets out a 20-year vision for defence spending, making more provision for cyber warfare. The government is tipped to commit to building
Litigation, Investigation, and Law Enforcement
Mozilla moves to stop spyware company from spoofing Firefox(CSO) Gamma International disguised its FinSpy program as the web browser, according to a new report. Mozilla sent a cease-and-desist letter on Tuesday to a European company that created a piece of spyware masquerading itself as the Firefox browser. The move comes after computer security researchers said on Tuesday that they discovered that a well-known spyware program called FinSpy was spoofing Firefox. Mozilla was alerted by the researchers, who are with Citizen Lab, a research project that is part of the University of Toronto's Munk School of Global Affairs
Man Charged with $2.5 Million Fraud Scheme Using Prisoners' Identities(eSecurity Planet) Harvey James allegedly obtained stolen identities from people with access to inmate information from the Alabama Department of Corrections. The U.S. Department of Justice and the IRS recently announced that Harvey James of Montgomery, Ala., has been charged with participating in a scheme in which stolen identities were used to file more than 2,000 false tax returns claiming more than $2.5 million in fraudulent refunds between 2010 and 2012
U.S. Court Rules For Facebook In Its Case Against Typosquatters On 105 Domains; $2.8M In Damages(TechCrunchc) A victory for Facebook in its case against typosquatters -- those who own domain names that are similar to those of a popular site, which they use to confuse people and potentially capitalize on that. The U.S. District Court for Northern California has ruled in favor of the social network in an action it took against several squatters, recommending the turnover of 105 domains and statutory damages
As cyberthreats mount, hacker's conviction underscores criticism of government overreach(Washington Post) Their guns drawn, a dozen federal agents, police and forensics experts kicked in the door of a run-down two-story home in Arkansas shortly after dawn, barged inside and ordered the occupants to put their hands on their heads. The target of the raid was neither terrorist nor bank robber. He was a 24-year-old computer hacker suspected of handing off stolen e-mail addresses to the media
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Symposium on Cybersecurity & Information Assurance(Teaneck, New Jersey, USA, May 1, 2013) Fairleigh Dickinson University's Center for Cybersecurity and Information Assurance is pleased to announce its inaugural Symposium on Cybersecurity and Information Assurance to be held on May 1, 2013 in...
Critical Security Controls International Summit(London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security...
INSA Leadership Dinner with NGA Director Letitia Long(McLean, Virginia, USA, May 2, 2013) NGA At the Crossroads - Visualizing the Future. Join INSA and NGA Director Letitia Long as she shares her vision for transforming NGA and GeoInt in innovative ways that more effectively put the power of...
Interop Las Vegas(Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...
ITWeb Security Summit 2013(Sandton, South Africa, May 7 - 9, 2013) A conference devoted to cyber security, with a particular emphasis on countering the latest attack vectors. The gathering creates an opportunity for senior security professionals and business decision-makers...
The Computer Forensics Show(New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity...
ASIS 23rd New York City Security Conference and Expo(New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges...
Software Engineering Institute Invitational Hiring Event(Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on...
Baltimore Tech-Security Conference(Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
CyberSecurity UAE Summit 2013(Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...
GovSec(Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Thriving in the Post-Sequestration GovCon Era(McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...
Second Maryland Cybersecurity Center Symposium (MC2)(College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote...
FOSE(Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...
7th Annual INSA IC Industry Day(Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...
Hack Miami(Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
CEIC 2013(Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.
IEEE Symposium on Security and Privacy(San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...
International Workshop on Cyber Crime (IWCC)(San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...
Web 2.0 Security and Privacy(San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations...
Maryland/DC Celebration of International Trade(Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...
IEEE-Cyber 2013(Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT(Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...
Cyber Security for the Chemical Industry(Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...
DGI Cyber Security Conference & Expo(Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.