Anonymous hacktivists claim another attack on North Korean Websites. They also announce the beginning of "OpPetrol," a campaign directed initially against the Saudi government but promised to affect a total of twelve countries. OpPetrol appears to have yielded a few Saudi email login credentials, but not much else. Its instigators are exercised over the pricing of oil in dollars as opposed to a "Muslim" currency. Elsewhere in the hacktivist underworld a "jihadi Geek Squad" works to deliver effective crypto to al Qaeda.
Microsoft warns against the Febipos Trojan, first observed in Brazil, that exploits Chrome and Firefox to hijack Facebook profiles. Researchers at Rutgers University discover another threat to Facebook, this one exploiting expired Hotmail accounts.
The US military's reliance on international hardware—notably telecommunications equipment and semiconductors—is said to pose an unacceptably high supply chain risk, both in terms of embedded threats and issues of wartime availability. Huawei again denies engaging in cyber espionage.
The cyber underground economy continues to evolve along lines that parallel legitimate consumer e-commerce. Denial-of-service tools may be purchased via PayPal, and zero-day exploits are freely advertised (the US Government is said to be the largest purchaser of zero-days).
New York State announces formation of a cyber security advisory council; its members include Good Harbor's Richard Clark and CrowdStrike's Shawn Henry. USA Today sees a strong flow of venture capital into cyber start-ups.
Information on last week's ATM bank robbery indictments continues to appear. Observers agree the crime was enabled by weak endpoint security.
Today's issue includes events affecting Bahrain, Brazil, Canada, China, Dominican Republic, France, Germany, Israel, Italy, Japan, Democratic Peoples Republic of Korea, Kuwait, Malaysia, Oman, Philippines, Qatar, Romania, Russia, Saudi Arabia, Taiwan, Turkey, United Arab Emirates, United Kingdom, United States..
SINET has opened a call for presentations to be delivered at August's Innovation Summit—the CyberWire will cover the Summit in a series of special issues. (See the note in Cyber Events, below.)
Cyber Attacks, Threats, and Vulnerabilities
Hacker group attacks North's Web sites again(Korea Joongang Daily) The international hacker collective Anonymous, which previously hacked the pro-Pyongyang propaganda Web site Uriminzokkiri and leaked some 15,000 members personal profiles on the Internet in March, carried out its second cyberattack of the Norths Web sites yesterday.One of the hackers who conducted the attack, identified by the ID @AnonyOpsKorea, stated on Twitter that the attack began at 10 a.m. yesterday Korean time, and that they successfully hacked the official Web sites of the Norths public
Anonymous and Anonghost started #OpPetrol with the leak of Saudi Arabia Govt. Email Login credentials(Hackers News Bulletin) After #OpUSA in which Hackers hacked, defaced many websites, leaked emails and data of govt. websites and financial institutions of USA, we also collected a plethora of hacked stuff under #OpUSA and we also got many fake hacks, defacement from various hackers over the world but after their #OpUSA hackers started #OpPetrol.In the start of #OpPetrol hackers claim to hack 16 Gov Emails login credentials of Saudi Arabia Government, according to hackers this latest operation will target 12 Countries
Can The Jihadi Geek Squad Secure The Web For Al Qaeda?(TPM) "Most cryptography applications today use public-key cryptography. Every web browser has public key cryptography, so when you do your online banking, you go through SSL and that uses pub key cryptography," explained Phil Zimmermann president and
Febipos Malware in the wild that steals your Facebook profile(cyberwarzone) Microsoft has discovered a trojan which hijacks Facebook accounts. The malware penetrates through a Chrome extension or Firefox add-on. Safari and Internet Explorer seem to be safe. Microsoft warns that the malware takes over the Facebook account and then performs various unwanted actions. The malware - now known as Febipos was first found in Brazil. The malware can chat, share content, post messages to other profiles, comment on posts, like pages and join Facebook groups. In the warning report
Tomren Wealth Management Suffers Security Breach(eSecurity Planet) California's Tomren Wealth Management recently notified clients of a server breach that occurred between February 21 and March 6 of this year (h/t DataBreaches.net).The notification letter [PDF file] states that while forensic investigators found that spamming software had been loaded onto the server, it's unclear whether the attacker also accessed any clients' personal information.Still, the letter states, the server did contain clients' names, Social Security numbers, driver's license informat
Android Font Apps Hosted on Google Play Install Spyware(Softpedia) Security researchers from Webroot have come across a couple of shady Android font apps hosted on Google Play. The apps install not only fonts, but also a piece of spyware.The applications in question, Free Galaxy Classic Fonts and Galaxy Fonts, allow users to install additional fonts on their Android smartphones. However, experts found that besides the fonts, an Android spy app called iKno is also installed. iKno monitors SMSs, calls, and the devices location, and sends the information back to a
The U.S. military's supply chain risk called 'frightening'(Computer World) New report from the Alliance for American Manufacturing questions the military's use of foreign semiconductor and telecom equipment. The U.S. military's reliance on foreign-made products, including telecommunications equipment and semiconductors, is putting the nation's security at risk by exposing agencies to faulty parts and to the possibility that producing nations will stop selling vital items, according to a new report from the Alliance for American Manufacturing
Newly launched E-shop for hacked PCs charges based on malware 'executions'(webroot) On the majority of occasions, Cybercrime-as-a-Service vendors will sell access to malware-infected hosts to virtually anyone who pays for them, without bothering to know what happens once the transaction takes place.A newly launched E-shop for malware-infected hosts, however, has introduced a novel approach for calculating the going rate for the hacked PCs. Basically, theyre selling actual malicious binary executions on the hosts that the vendor is managing, instead of just selling access to the
DDoS Services Advertise Openly, Take PayPal(KrebsonSecurity) The past few years have brought a proliferation of online services that can be hired to knock Web sites and individual Internet users offline. Once only found advertised in shadowy underground forums, many of todays so-called booter or stresser services are operated by U.S. citizens who openly advertise their services while hiding behind legally dubious disclaimers. Oh, and they nearly all rely on Paypal to receive payments. Many of these booter sites are based on the same source code, meaning
China: Online predator or hapless host?(The Register) The Peoples Republic of China has been singled out in increasingly unequivocal language by the US and its allies as one of, if not the greatest, source of online attacks, be they perpetrated by criminals or the Chinese state itself. But amid all the anti-Beijing bluster, has China been given an unfairly bad rep
Online payment provider CashU warns Middle East PC users against potential increase in malware threats(Albawaba) Leading regional online payment provider CashU has warned Middle East PC users to remain diligent and protect their PCs with up to date antivirus and antimalware software in light of the recent malicious attacks across the region. The virus prompts users with an onscreen message that their PC is locked and asks users to send a set amount of money via CashU service to have their PC unlocked. While CashU service has not been interrupted nor has the integrity of our customers information been breached
US-Japan foreign ministry files thought leaked(AsiaOne) Last year's cyber-attack on the farm ministry, which is thought to have resulted in the leak of about 3,000 documents overseas, also included documents created jointly by the Foreign Ministry and the US government, sources revealed
City of Mobile Police Hacked & Data Leaked by Turkish Ajan(cyberwar news) Turkish Ajan hacker group has today announced a leak of data from the City of Mobile Police.The City of mobile police is located in the town of Mobile which claims to be the 3rd largest city in the U.S. State of Alabama and is the official police department for the county and surrounding area.The announcement has come from the official twitter account of Turkish Ajan
Washington Court Data Breach Exposes 160K SSNs(Threatpost) Attackers using a vulnerability in Adobe's ColdFusion app server were able to compromise servers belonging to the Washington State court system sometime in the last few months and walked off with data belonging to as many as a million residents of the state. The attackers had access to 160,000 Social Security numbers and the driver's license numbers and names of a million people
Administrative Office of the Courts announces data breach(Chinook Observer) Upon continued investigation, with the assistance of the Multi-State Information Sharing and Analysis Center (the key resource designated by the U.S. Department of Homeland Security for cyber threat prevention response and recovery for state, local and
Bitdefender Warns of 419 Scam Spreading on LinkedIn(eSecurity Planet) Bitdefender researchers recently received a LinkedIn message from a user identifying himself as Aziz Mohammed, a manager at Malaysia's Standard Chartered Bank. The LinkedIn user's profile appeared to have been built using the photo and profile
Patient data at risk after X-ray scam(FierceHealthIT) Protected health information for more than 17,000 patients of an orthopaedic clinic in North Carolina is at risk, thanks to a silver-mining vendor scam
Schnucks CEO Issues Message on Cyber Attack(KMOX.com) "I sincerely apologize for the inconvenience caused by the cyber attack on our card payment system. We were able to block access on March 30th and we increased security." Schnuck said customers can use any new debit and credit cards at the store "with
Security Patches, Mitigations, and Software Updates
Microsoft Security Bulletin Advance Notification for May 2013(Microsoft Security TechCenter) This is an advance notification of security bulletins that Microsoft is intending to release on May 14, 2013. This bulletin advance notification will be replaced with the May bulletin summary on May 14, 2013. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification
Ten Emerging Threats Your Company May Not Know About(Dark Reading) Some new attacks get a lot of attention. Here's a look at 10 that haven't, but ought to be on your radar. Security professionals are certainly not at a loss for things to worry about. Indeed, the list of threats to corporate systems and the data they contain is very long, and IT departments are constantly challenged in their efforts to mitigate these risks. Unfortunately, the security threats you know about are only the proverbial tip of the iceberg. Lying underneath the churning waves of business requirements and technology shifts is the bottom of the berg -- a threat that's scariest because it's largely unknown
US cyberwar strategy stokes fear of blowback(NBCNews.com) "The only people paying are on the offensive side," said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency. A spokesman for the NSA agreed that the proliferation of hacking tools was a major concern
Cyber Insecurity: The 21st Century's Version of Air Pollution(Time) Then-defense secretary Leon Panetta referred to the threat of cyber attacks as a "cyber Pearl Harbor." - A senior Cyber Command official has declared that we are in the middle of a "cyber arms race." - Other experts have used public health as a
Power companies present cybersecurity gaps(USA Today) The U.S. military's top cybercommander said some of the nation's utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nation's critical infrastructure. "The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help," Gen. Keith Alexander, commander of Cyber Command, said Friday
Can collaboration defend US critical infrastructure?(FCW.com) Keith Alexander, National Security Agency director and commander of U.S. Cyber Command. "When you talk about legislation and developing standards, the power companies are really the ones who have the biggest problem, because if you say, 'We want
Nearly two-thirds of organizations do not enforce encryption policies, says analyst(FierceMobileIT) BYOD presents enterprises with a number of security and privacy challenges that must be addressed, Gib Sorebo, chief cybersecurity technologist at research firm SAIC, told an audience here at Interop on Thursday. Sorebo related that nearly two-thirds of organizations do not enforce encryption policies, which opens up corporate data to risk of unauthorized disclosure
ANALYSIS: Why this surge of VC funding is different(USA Today) With companies and governments spending billions to repel cyber threats, a surge of venture capital has begun pouring into companies developing cybersecurity technologies. "Cyber is the front line of the conflict, and there is a tremendous need for solutions which secure the digital frontier," says Bob Ackerman, managing director of Allegis Capital
Jim McAleese: The 2013 Sequester and How GovCon Firms Have Responded so Far(GovConWire) Jim McAleese, founder and principal at McAleese & Associates, recently caught up with Executive Mosaic, parent company of the Potomac Officers Club (P.O.C) and publisher of GovCon Wire, to provide some detailed insight and perspective into the 2013 sequester. McAleese will be speaking on May 14 at the P.O.C's Post-Sequestration Summit with nine other government and industry thought leaders about
Praescient Analytics: Decoding Data for National Security and Defense(Tech Cocktail) Katie Crotty, Yvonne Soto, and Patrick Ryan embarked on a mission when they started Praescient Analytics: revolutionize the way the world understands information with the latest analytics tools. It began as a modest offering, but soon blossomed into a $20-million-dollar business with clients in the Department of Homeland Security, the Department of Defense, and the intelligence community
A new defense contractor opens an office in WestGate Tech Park(Greene County Daily World) WestGate at Crane Technology Park has a new defense contractor that provides engineering and technical services support to a wide range of world-wide clients. Camber Corporation is opening a technology office in the tech park. Camber Corporation's customers span the global and federal market place and include Homeland Security, Department of Defense, and state governments as well as wide ranging international clients from Dubai to Japan, the Philippines, Africa, and Asia
Bloomberg bars reporters from client activity after spying scandal(Sydney Morning Herals) Financial data and news company Bloomberg says it has corrected a "mistake" in its newsgathering policies and cut off its journalists' special access to client log-in activity on the company's ubiquitous trading information terminals after Goldman Sachs complained about the matter last month.A person familiar with the matter said on Friday that Goldman Sachs became concerned about outside access after a Bloomberg reporter, investigating what she thought was the departure of a Goldman employee
Bloomberg's culture is all about omniscience, down to the last keystroke(Quartz) At Bloomberg, omniscience is a feature not a bug. The company's New York City skyscraper unfurls around its courtyard like a panopticon. Inside, the decor is punctuated at every turn with fish tanks. No one has an office to hide in, and the meeting rooms are enclosed in clear glass
Extracting Digital Signatures from Signed Malware(Internet Storm Center) Sometimes attackers digitally sign their malicious software. Examining properties of the signature helps malware analysts understand the context of the incident. Moreover, analysts could use the signature as an indicator of compromise. Here are some tips and tools for determining whether a suspicious Windows executable has been signed and for extracting the embedded signature in a Linux environment. We'll look at Pyew, Disitool and get a bit of help from OpenSSL
How UNSW creates the world's best hackers(Sydney Morning Herald) It's noon on Tuesday and a group of four students are hovering over their laptops having just bunkered down in a room at UNSW's Kensington campus, where they're going to be for the next 24 hours hacking into IT systems. Computer cables, power boards, water bottles and brown paper bags full of food are spread across the table.Looking over the students' shoulders is their admired IT security lecturer and mentor, who likes to distance himself from being called an academic, laughs off the suggestion
Academic institutions urged to improve network and DNS configurations(Help Net Security) The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has issued an alert to IT security staff, and network and DNS administrators urging them to improve their network and DNS configurations to prevent their institution from being an unwitting partner in DoS attacks
Cyber-attacks show PH 'vulnerability' - group(Rappler) The group behind the crowdsourced Magna Carta for Philippine Internet Freedom, which is being pushed by Sen Miriam Defensor Santiago, said that the recent distributed denial of service (DDoS) attacks on government websites showed the "vulnerability" of the country's Internet security
Japan, U.S. conclude 1st dialogue on cyber defense cooperation(GlobalPost) The participants included officials from Japan's Defense Ministry and National Information Security Center as well as the U.S. Department of Homeland Security and the Pentagon. The dialogue followed the decision of Japan and the United States to
Do we already live in a police state?(Examiner.com) However, the National Security Agency has spied on American citizens since at least 2001, according to the Electronic Frontier Foundation. Prior to the September 11 terrorist attacks, the NSA had listened in on several of the hijackers' phone calls
In our opinion: Wiretapping laws(Deseret News) In Utah, the National Security Agency is completing construction of a super-secret data center in Bluffdale that will reportedly have the wherewithal to intercept and monitor the entire daily tsunami of worldwide electronic communications
Litigation, Investigation, and Law Enforcement
Feds Won't Say if NSA Surveilled New York Terror Suspects(Wired) Federal authorities prosecuting two brothers on allegations they plotted to blow up a high-profile target in New York City are refusing to divulge whether they cracked the case by employing a style of warrantless electronic eavesdropping first introduced by President
UK spyware used against Bahraini activists – court witness(RT) UK spy technology was used against British citizen in Bahrain, new evidence filed in a UK high court has claimed. Activists are calling for a judicial review of the UKs failure to hold firms accountable for sales of spy software to repressive regimes.The evidence submitted contains a witness statement from Bahraini activist and writer Ala'a Shehabi, 30. She has both Bahraini and British citizenship, and is one of the founding members of Bahrain Watch, an independent research and advocacy organization
Legal Showdown on Cybersecurity(Wall Street Journal) When hackers broke into computer systems at Wyndham Worldwide Corp. and several of its hotels, they allegedly stole payment-card numbers for hundreds of thousands of consumer accounts.They also sparked a high-stakes legal battle over whether a federal agency can use its consumer-protection powers to police cybersecurity practices at American companies
Bank Muscat mulls options to recover card fraud money(Times Of Oman) Bank Muscat on Sunday said it is examining all options to recover $39 million it lost in a major fraud unveiled by US authorities last week."Bank Muscat is aware from press reports that a number of arrests in different jurisdictions have taken place in relation to the prepaid debit card fraud incident which we disclosed on February 25 and 26," the bank said in a disclosure statement posted on MSM website Sunday
Banks must get serious about cyber security(Gulf News) In the global rush to become part of the growing digital economy, few people seem to be paying much attention to security. Every week there are new stories of computer hackers finding inventive ways of breaking into computers, with the end result usually being the loss of millions of dollars. Last weekend, two local banks became the latest victims of online fraud when hackers found a way to increase the limit of prepaid debit cards, which were then used at ATMs to withdraw cash. Over $40 million
Massive Cyber-Heist Result of Weak Endpoint Security(PC Magazine) A cyber-gang walked off with $45 million in cash in an audacious cyber-attack earlier this year, according to court documents unsealed this week. As PCMag.com reported on Friday, eight individuals living in New York were indicted for their roles in a
Hacking Skills Used to Stop Cyber Attacks(WLBZ) Yesterday, U.S. prosecutors announced the arrest of seven suspects involved in a coordinated cyber attack. The suspects are accused of stealing $45 million from banks using ATMs across the world. This is not the first
Cyber-thieves snatched $45 million via Indian back office(The Hindu) Highlighting the global scale of the crime, Ms. Lynch said the U.S. Secret Service and Department of Homeland Security had worked in concert with law enforcement authorities in Japan, Canada, Germany, Romania the United Arab Emirates, Dominican
TRA denies penalties for using Skype in UAE(Emirates 24/7) The Telecommunication Regulatory Authority (TRA) has denied media report that UAE residents could be fined and imprisoned for using Skype. A report said today that some of the services that Skype offers - like making telephone calls - need a licence from the TRA and the violators could be fined up to Dh1 million and also imprisonment
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CyberSecurity UAE Summit 2013(Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...
GovSec(Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Thriving in the Post-Sequestration GovCon Era(McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...
Second Maryland Cybersecurity Center Symposium (MC2)(College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote...
FOSE(Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...
7th Annual INSA IC Industry Day(Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...
INSA Innovators' Showcase(Springfield, Virginia, USA, May 16, 2013) The INSA Innovators' Showcase is an opportunity for R&D focused companies to present innovative IRAD projects to a panel of government scientists selected by ODNI. Interested companies are asked to submit...
Hack Miami(Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
CEIC 2013(Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.
IEEE Symposium on Security and Privacy(San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...
Maryland/DC Celebration of International Trade(Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...
U.S. Department of State Mobile Computing Forum(Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services...
International Workshop on Cyber Crime (IWCC)(San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.