It's pleasant to open with good news. OpUSA has clearly failed to achieve results beyond nuisance-level (and most of that nuisance was experienced outside the US). US banks, which Anonymous called out as particular targets, were notably exempt from disruption ("US Banks 1, Cyberhacktivists 0," as American Banker puts it). Ironically China may have suffered more in the campaign than the US. Anonymous itself shows symptoms of disruption: many adherents viewed the call to action as a provocation, and sat it out.
Sound encryption practices appear to have contained a data breach at Name.com, and Bank Austria also seems to have successfully mitigated an intrusion.
Other, smaller campaigns continue. Victims include Bangladesh's military academy, Malaysian opposition parties, the Netherlands' government, and New York motorists.
eBay customers are subjected to bogus help-chat that redirects to malware. A ransomware campaign appears in Germany. The Apache backdoor discovered last week continues to spread, and to redirect traffic to Blackhole and other exploit kits.
Lessons are drawn from recent attacks. The Onion (seriously) describes how the Syrian Electronic Army hijacked its Twitter account. The Department of Labor attack shows the threat of waterholing. The control system vulnerability Google researchers exposed in their own facility again points out the difficulty of patching such systems. Virtualization, important as it is, is no panacea, and treating it as such leads to lax security.
Singapore and India join the list of countries releasing cyber policy statements. It's noteworthy that both see labor force development as central to security.
Today's issue includes events affecting Australia, Austria, Argentina, Bangladesh, Brazil, Canada, China, Colombia, France, Germany, India, Indonesia, Israel, Kenya, Maylasia, Netherlands, Peru, Romania, Russia, Singapore, Spain, Syria, Taiwan, Ukraine, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
'OpUSA' Cyber-Attacks Fail to Gather Momentum During First Day(eWeek) A few breaches and some Website defacements are the sum total of the first day of Operation USA, which aimed to "wipe you (America) off the cyber map." Hacktivists' threat to wreak digital havoc on U.S. government sites and financial institutions fell well short of the mark on May 7, the first day of the so-called "OpUSA" attack
DDoS Score: U.S. Banks 1, Cyberhacktivists 0(American Banker) The online sites of the nation's biggest banks seem to be functioning without interruption following a hacktivist threat to launch a series of cyberattacks on financial institutions and government agencies. JPMorgan Chase (JPM), Bank of America (BAC), Citigroup (NYSE:C), Wells Fargo (WFC) and dozens of others ran mostly without digital delays on Tuesday, according to Sitedown.co, which tracks online outages
Thousands of Sites Hacked for OpUSA, but Not All Hacktivists Support the Campaign(Softpedia) Today, on May 7, several hacktivist groups from all around the world have launched OpUSA, an operation that represents a form of protest against the United States. The campaign, inspired by the recent OpIsrael, started a few hours ago and thousands of sites have already been hacked…According to a report published a few days ago by the US Department of Homeland Security (DHS), the agency is not really concerned with OpUSA either. The DHS believes the campaign will mostly consist of nuisance-level attacks. So far, it appears it is right. Of the thousands of sites hacked for OpUSA, most of them have nothing to do with the United States. Instead, they're commercial sites from Israel, Brazil, Argentina, Ukraine, the UK and other countries…Also, judging by the large number of Chinese government sites defaced as part of OpUSA, it's as if the hackers are doing the US a favor. Another noteworthy thing is that not all Anonymous hackers support OpUSA. Some hacktivists believe this operation is part of a conspiracy
Massive Coordinated Cyberattack "Hit List"(Market Oracle) Diane Alter writes: A group of mostly Middle East and North Africa based criminal hackers launched a cyber-attack campaign Tuesday that tested the cybersecurity of U.S. government agencies, financial institutions and commercial businesses. Dubbed OpUSA, the effort is the latest in a string of cyber-attacks on crucial U.S. entities aimed at slowing down or blocking these heavily trafficked sites
Homemade Browser Targeting "Banco do Brasil" Users(TrendLabs Security Intelligence Blog) Cybercriminals in Brazil appear to have come up with a new tactic to lure users into giving up their login information. A few days ago, we found a post on a Brazilian forum offering a browser that could access the website of the Banco do Brasil without using the needed security plugin
Malaysian election sparks web blocking/DDoS claims(The Register) Opposition leaders and human rights activists have warned that Malaysia's recent elections were tarnished with widespread web blocking and DDoS attacks designed to deprive voters of information about opposition coalition Pakatan Rakyat (PR) before going to the polls
Cyber attack targets Dutch government websites(AFP) Dutch government websites were paralysed for several hours overnight after a mass cyber attack which targeted several ministerial sites, a spokesman said on Wednesday. "The government's sites have been the target of a DDoS attack since
Phishers target eBay customers via live chat support(Help Net Security) U.K.-based ISP Netcraft is warning users about phishers impersonating eBay's live chat support feature in the hopes of getting their hands on eBay users' login, personal and financial information
Porn-downloading ransomware targets German users(Help Net Security) The German Anti-Botnet Advisory Centre is warning (in German) users about a new ransomware / BKA Trojan variant that accuses users of being involved in the reproduction of pornographic material involving minors
Hackers Steal Cash from Bank ATMs(The Commercial Appeal) The hackers often struck late on Fridays, starting about a year ago, sending skeleton crews at more than a dozen European banks rushing to keep bombardments of digital gibberish from crashing their websites. Damaging as the bandwidth-choking attacks were, they were merely smokescreens. Once employees dropped their guard to fight one attack, hackers struck again, exploiting the openings to steal account information and create counterfeit debit cards
A closer look at the malicious Redkit exploit kit(Naked Security) In the second technical article of this series, Fraser Howard investigates deeper into the workings of Redkit exploit kit. Learn more about the internals of this kit; bypassing of security mechanisms within Java, the use of file encryption, and delivery of multiple payloads
Department Of Labor Attack Points To Industry Weaknesses(Dark Reading) Security pros say latest watering hole attack patterns expose the 'ecosystem of mediocrity' set out by today's baseline of protection. As researchers dig deeper into a Department of Labor (DOL) attack that some say was the front end of a watering hole attack designed to infect sensitive targets within the Department of Energy, the industry is learning more about the advanced patterns of attack that black hats are using to strike out at very specific targets
Organizations failing to secure primary attack target(Help Net Security) Despite repeated warnings, a majority of organizations are failing to enact recommended best practice security policies around one of the primary targets of advanced attacks – privileged accounts. According to the results of Cyber-Ark Software's global IT security survey, 86 percent of large enterprise organizations either do not know or have grossly underestimated the magnitude of their privileged account security problem, while more than half of them share privileged passwords internally
CIOs fail to protect mainframe customer testing data(CSO) A fifth of CIOs (20 per cent) admit to not masking or protecting their customer data before providing it to outsourcers for mainframe application testing purposes. On the other end of the spectrum, 82 percent of companies that do mask their customer data before providing it to outsourcers describe the process as "being difficult"
Security practices wanting in virtual machine world, survey finds(CSO) While organizations have been hot to virtualize their machine operations, that zeal hasn't been transferred to their adoption of good security practices, according to a survey released on Wednesday. Nearly half (42 percent) of the 346 administrators participating in the security vendor BeyondTrust's survey said they don't use any security tools regularly as part of operating their virtual systems, and more than half (57 percent) acknowledged that they used existing image templates for producing new virtual images
"De Flashing" the ISC Web Site and Flash XSS issues(Internet Storm Center) You may have noticed that earlier today, I removed the flash player that we use to play audio files on our site. The trigger for this was a report that the particular flash player we use (an open source player usually used with Wordpress) is suscepible to cross site scripting . Instead of upgrading to the newer (patched) version, we instead decided to remove the player
China isn't wrong to call the US "the real hacking empire"(Quartz) The cyberwar between China and the US has spread from computers into the halls of diplomacy. In a report this week, the Pentagon said for the first time that the Chinese government and military have been launching cyber attacks against the US. Today, Chinese state media called the US "the real hacking empire" and said the country has "an extensive espionage network."
Security Patches, Mitigations, and Software Updates
Spotify Fixes Security Hole that Allowed Free Song Downloads(Threatpost) One of the largest online music streaming services was briefly singing a different tune after learning a new Google Chrome plug-in allowed users to download copies of songs for free. Google this week pulled from its Chrome Web Store the browser extension known as Downloadify, which exploited a vulnerability in Spotify's web player to allow
Cyberwar is breaking out all over(MSN Money) Costly and dangerous attacks on government and corporate computer systems are soaring. The Pentagon alone wants $4.7 billion to combat them. History may remember this week as the moment when the shadowy concept of cyberwar between countries went public
Lack of standards, interoperability problems holding M2M back(FierceMobileIT) A full 86 percent of wireless industry executives surveyed by IHS Research identified lack of standards, diverse architectures and interoperability problems as the top challenges to mass machine-to-machine communications adoption
Mobile devices, M2M flooding enterprises with unstructured data(FierceMobileIT) As a result of the flood of data generated by mobile devices and machine-to-machine communications, enterprises are struggling to keep up with data collection and analysis. However, unless the data is collected and analyzed, it is useless for senior executives to make decisions. That is where big data projects come in
New Tool Focused On Removing The Overhead And Complexity Of Code Reviews(Dark Reading) Klocwork Cahoots simplifies the code review process. Klocwork Inc, the global leader in automated source code analysis (SCA) solutions for developing more secure software, today announced Klocwork Cahoots, a flexible and easy-to-use peer code review tool that simplifies the code review process. Language-agnostic and designed for development teams of all sizes, Klocwork Cahoots fits into the developer workflow to ensure code reviews are both effective and fast
Qosmos Integrates Cavium Chips(Light Reading) Qosmos, the market leader in embedded Deep Packet Inspection (DPI) and Network Intelligence (NI) technology, today announced full integration with the latest generation of Cavium OCTEON II processors. This results in a best-of-breed
6 Super Security Freebies(PCWorld) Secunia PSI examines your system for programs that need security updates, and points you to the required patches. Software updater: Now that almost every PC
Procera Beefs Up Network Analytics(Light Reading) Procera Networks, Inc. (NASDAQ: PKT), the global network intelligence company, today announced the availability of Dynamic LiveView, the industry's first real-time, dynamic query capability for network analytics. Procera's first-to-market capability
Technologies, Techniques, and Standards
Five Questions To Ask When Choosing A Threat Intelligence Service(Dark Reading) Threat intelligence services are becoming an essential weapon in the enterprise security arsenal. Do you know how to choose one? Today's emerging threat intelligence services have the potential to change the way enterprises measure security risk and prepare their defenses for the next wave of attacks. If you subscribe to the Art of War's mantra, "know your enemy," threat intelligence is a key weapon in any IT security arsenal. As they hit the market, however, it's becoming painfully clear that there is a huge disparity between the offerings that vendors are calling "threat intelligence service." Some of them are single-source RSS feeds, not too much different than what you might get from CERT (or even Dark Reading). Others are in-depth analytical services that can not only report and analyze the threats, but also tell you how they might affect your specific IT environment
Panic Now(Dark Reading) "The auditors are coming! The auditors are coming!" If your organization is prepared for an audit with little notice, you have my congratulations and highest regard, because you are a person of rare foresight
How Not To Look Stupid On Twitter(TechCrunch) When the AP Twitter stream was hacked a few weeks ago leading to a massive drop in the equities market, I went off. I found the fact that the AP – a news organization staffed by intelligent people and with a long history of adapting to new media – could be hacked through a phishing attack was unconscionable. It would be like Bank of America being hacked by a group of script kiddies
You're doing passwords wrong. Here's how to make them uncrackable.(IT World) For years now I've harangued relatives about their shoddy password practices. Either they use easily-hacked passwords or forget the passwords they've created--sometimes both. If you won't take it from me, beloved family, consider this Password Day (yes, apparently it's a thing) statement from McAfee's Robert Siciliano: "74% of Internet users use the same password across multiple websites, so if a hacker gets your password, they now have access to all your accounts. Reusing passwords for email, banking, and social media accounts can lead to identity theft and financial loss."
Three Reasons Why a One-Size-Fits-All Secure SDLC Solution Won't Work(infosec island) When we ask security contacts at our enterprise clients What software development methodology does your company use? - they usually pause for a moment and answer everything.Individual development teams tend to adopt processes that work best for them. Heterogeneous development processes wreak havoc on plans for adopting enterprise-wide secure SDLC efforts. There are at least three reasons why development teams within the same company have different development styles, including
Do You Have a Vendor Security Check List? You Should!(infosec island) So a vendor calls you and wants to sell you a new application for your organization that will help you to be more secure and increase productivity they claim. Good thing you have that vendor security checklist so that you can see if this new application and vendor conforms to the security controls that your organization has put in place. Wait, you don't have a checklist or know what one is? Let me help you with that. A security check list is a list of security controls that a vendor or application
Cyber Security Challenge(Swinburne University Media Centre) The Swinburne B team was the best of the Victorian teams in the Cyber ... Dr James Hamlyn-Harris, said Swinburne, which entered three teams in CySCA 2013
UNSW wins Cyber Security Challenge Australia(ComputerWorld) Forty-three teams tested the networks and hardware of a fake company over 24 hours. A team of students from the University of New South Wales will be off to the US Black Hat Security conference in July after winning the annual Cyber Security Challenge Australia (CySCA)
'Fresh proposals' planned over cyber-monitoring(BBC) Fresh proposals to investigate crime in cyberspace are being promised, after the so-called "snoopers' charter" was dropped from the Queen's Speech. The measures to be brought forward would help protect "the public and the investigation of crime in cyberspace". The main plan is to find a way to more closely match internet protocol (IP) addresses to individuals, to identify who has sent an email or made a call
New Zealand isn't exactly outlawing software patents—it's doing something more interesting(Quartz) Despite what you may have read, New Zealand is not "banning" software patents. Indeed, the country has never explicitly allowed the patenting of software in the first place, and excluding software from patentability would violate New Zealand's international patent obligations. Instead, today's amendment to the country's in-progress patents bill skirts international law in a creative way: the country's government will instead declare that software is simply not an invention in the first place
Government approves National Cyber Security Policy(Times of India) The government approved the National Cyber Security Policy that aims to create a secure computing environment in the country and build capacities to strengthen the current set up with focus on manpower training. The Cabinet Committee on Security (CCS) approved the policy which stresses on augmenting India's indigenous capabilities in terms of developing the cyber security set up
Advanced Cyber Attack Tools Seen Available to Hackers(Bloomberg) Advanced cyber attack tools have become readily available for use by foreign governments and terrorists to infiltrate or cripple U.S. computer networks, two federal law enforcement officials told a congressional panel. Dozens of countries now have
Symantec advises Senate on complexity of cyber threats(USA Today) Symantec's government policy vice president Cheri McGuire brought a summary of the antivirus giant's rich metrics showing the intensity and pervasive nature of daily cyber attacks to a U.S. Senate hearing today. Sen. Sheldon Whitehouse (D-R.I.)
How to end content piracy right now(FierceContentManagement) The key to stopping content piracy isn't tougher laws or other over-the-top government intervention. It's actually pretty simple. If you provide a reasonably priced, legal alternative, most people will use it and traffic to sites that typically host pirated content goes down
Dutchman appears for 'biggest ever' cyber attack(Sydney Morning Herald) A Dutchman arrested in Spain in connection with an unprecedented cyber attack has been extradited to the Netherlands where he appeared before a judge, Dutch prosecutors say. The attack has been
Head Of PCeU British Cyber Police To Quit Force(TechWeek) Charlie McMurdie tells TechWeek it is the right time to go, ahead of PCeU's merger with SOCA. The chief of the Police Central e-Crime Unit (PCeU), the division of the Metropolitan Police dealing with national digital threats, is to leave the force ahead of a major shake up of British cyber policing, TechWeekEurope has learned
Few businesses appear ready to defend themselves from cybercrime, report finds(Calgary Herald) Few companies may be ready to handle an attack from criminals lurking in cyberspace, and fewer know about the government's three-year-old cyber-security efforts, according to a national study. The study's authors concluded that results, while only a small snapshot of the millions of businesses big and small in Canada, point to gaps in how companies protect themselves from cybercrime, a finding that could be chalked up to little monetary damage to companies that fall victim to hackers
Testifying on cybersecurity before the Senate Judiciary Committee(Volokh Conspiracy) I'll be testifying this morning before the Senate Judiciary Committee's subcommittee on crime and terrorism. My testimony will touch on the Attribution Revolution in cybersecurity, the need to move from attribution to creative forms of retribution, and the need to give victims more leeway to investigate the hackers who attack them
Justice Dept. position on ECPA warrant requirement unclear, says ACLU(FierceGovernmentIT) Justice Department documents obtained through the Freedom of Information Act suggest that some U.S. attorneys may continue to authorize law enforcement access to opened emails less than 180 days old without first obtaining a warrant, says the American Civil Liberties Union
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Interop Las Vegas(Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...
ITWeb Security Summit 2013(Sandton, South Africa, May 7 - 9, 2013) A conference devoted to cyber security, with a particular emphasis on countering the latest attack vectors. The gathering creates an opportunity for senior security professionals and business decision-makers...
The Computer Forensics Show(New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity...
ASIS 23rd New York City Security Conference and Expo(New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges...
Software Engineering Institute Invitational Hiring Event(Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on...
Baltimore Tech-Security Conference(Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
CyberSecurity UAE Summit 2013(Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...
GovSec(Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Thriving in the Post-Sequestration GovCon Era(McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...
Second Maryland Cybersecurity Center Symposium (MC2)(College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote...
FOSE(Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...
7th Annual INSA IC Industry Day(Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...
Hack Miami(Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
CEIC 2013(Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.
IEEE Symposium on Security and Privacy(San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...
U.S. Department of State Mobile Computing Forum(Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services...
International Workshop on Cyber Crime (IWCC)(San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...
Web 2.0 Security and Privacy(San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations...
Maryland/DC Celebration of International Trade(Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...
IEEE-Cyber 2013(Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT(Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...
Cyber Security for the Chemical Industry(Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...
DGI Cyber Security Conference & Expo(Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.