Finland's Foreign Ministry was hacked in an evident case of foreign espionage. Finnish authorities are investigating, but say that Russia and China are the suspects.
Moroccan Ghost hacktivists vandalize Nigerian Defence Ministry sites, apparently over ongoing disputes concerning Sahara territory.
Anonymous protests Singapore Internet censorship by defacing the Straits Times' site and promising "to go to war" if the government fails to apologize and modify its policies. (In this context it's worth noting that Solutionary reports increases in both suspicious traffic and TOR usage. The last such TOR spike presaged Mevade exploits, and this warning appears a week before Anonymous-adopted holiday Guy Fawkes Day.)
Security analysts look into some very large claims for a virus called "BadBIOS," which allegedly does remarkable stuff, including jumping air gaps to compromise firmware. Seems implausible: the jury's still out.
Adobe apparently erred in encrypting passwords compromised in its recent breach: the encryption appears reversible.
You who remember Robin Sage, meet Emily Williams. Penetration testers created the catfish to test an unnamed "U.S. government agency with a high level of cybersecurity awareness." "Emily" built LinkedIn connections, distributed an online Christmas card (with Java applet) to her colleagues, opened a reverse shell, and then launched privilege escalation exploits.
The Atlantic Council warns that "overlapping pools of systemic risk" endanger the cyber sector the way sub-prime risk took down financials in 2008.
Surveillance accusations spread: Australian ambassadors are called onto Asian carpets. US Secretary of State Kerry says NSA surveillance went too far and will be corrected.
Today's issue includes events affecting Australia, Bahrain, Canada, China, European Union, Finland, Germany, Indonesia, Republic of Korea, Morocco, Netherlands, Nigeria, Romania, Russia, Singapore, United Kingdom, United States..
Moroccan Ghosts Defaces Nigerian Ministry of Defence Website over Sahara Dispute(HackRead) The official website of Nigerian Ministry of Defence has been hacked and defaced by world renowned hackers from Moroccan Ghosts hacking group. The site was hacked just few minutes ago, where the home page was left with a deface page along with a message. The page shows that site was defaced for an ongoing Sahara desert dispute between Morocco and Nigeria
'Anonymous' hack puts Singapore on alert(Rappler) Activist group Anonymous hacked a Singapore newspaper website Friday, November 1, and threatened wider cyber attacks over Internet freedom, with government agencies reportedly on alert after the group said it would "wage war" with the city-state
Know Your Enemy: Tracking A Rapidly Evolving APT Actor(FireEye Blog) Between Oct. 24–25 FireEye detected two spear-phishing attacks attributed to a threat actor we have previously dubbed admin@338. The newly discovered attacks targeted a number of organizations and were apparently focused on gathering data related to international trade, finance, and economic policy. These two attacks utilized different malware families and demonstrate an ability to quickly adapt techniques, tactics, and procedures
Eavesdropping near-field contactless payments: a quantitative analysis(Journal of Engineering) This paper presents an assessment of how successful an eavesdropping attack on a contactless payment transaction can be in terms of bit and frame error rates, using an easily concealable antenna and low-cost electronics. Potential success of an eavesdropping attack largely depends on the correct recovery of the data frames used in the ISO 14443 standard. A near-field communication inductive loop antenna was used to emulate an ISO 14443 transmission. For eavesdropping, an identical inductive loop antenna as well as a shopping trolley modified to act like an antenna were used. The authors present and analyse frame error rates obtained with the authors equipment over a range of distances, up to 100 cm, well above the official maximum operating distance depending on the magnetic field strength
How an epic blunder by Adobe could strengthen hand of password crackers(Ars Technica) Engineers flout universal taboo by encrypting 130 million pilfered passwords. Four weeks ago, Adobe disclosed a sustained hack on its corporate network that threatened to spawn a wave of meaner malware attacks by giving criminals access to the raw source code for the company's widely used Acrobat and ColdFusion applications. Now, researchers are warning the same breach could significantly strengthen the password-crackers' collective hand by revealing a staggering 130 million passcodes used over the years by Adobe customers, many of them from the FBI, large corporations, and other sensitive organizations
Hacking a Reporter: Writing Malware For Fun and Profit (Part 1 of 3)(Trustwave SpiderLabs) Pando Daily editor Adam Penenberg recently published a story about my coworkers and I hacking his life entitled "I challenged hackers to investigate me and what they found out is chilling". If you haven't already, I strongly recommend that you read it. Pando Daily also published a follow-up blog post, "A reporter asked us to hack him, and here's how we did it", explaining our perspective on the project this week. We thought that some of our friends and readership might appreciate even more technical details about the infiltration. So we've decided to publish a three-part series of posts on the topic
How do spies bug phones?(The Economist) America's spooks are under attack from all sides. Leaks from Edward Snowden, a systems administrator turned whistleblower at the National Security Agency (NSA), America's signals-intelligence agency, have confirmed what the professionally paranoid long suspected: that the internet is insecure, and that modern spy agencies can—and do, on an industrial scale—tap virtually any form of online communication. But perhaps the most acute embarassment so far has been caused by the revelation that the NSA may have been listening to phone calls made by the leaders of America's allies, most notably those of the German chancellor, Angela Merkel. That it is possible to intercept mobile-phone calls will not surprise anyone who has watched a modern crime drama. But how exactly is it done
Boone Hospital Suffers Data Breach(eSecurity Planet) 125 patients' birthdates, Social Security numbers, medical diagnoses and prescribed treatments may have been inappropriately accessed
Security Patches, Mitigations, and Software Updates
Google Chrome to Automatically Block Malicious Downloads(Threatpost) Google is panning to add a new feature to its Chrome browser that will block malicious downloads automatically, helping to prevent drive-by downloads and the kind of malware that rides along with supposedly legitimate software
Security misconceptions among small businesses(Help Net Security) More than 1,000 SMBs participated in a joint McAfee and Office Depot survey last month, and the majority (66 percent) felt confident that their data and devices are secure and safe from hackers, with 77 percent responding that they haven't been hacked
Romania registers 20 million cyber–attack alerts in first six months(actmedia) Romania registered 20 million cyber-attacks alters in the first six months of 2013, according to the Cert.ro data, the body registering the cyber security complaints and alerts.'The number of alerts is also increasing because the market of Romania also grew very much, because the servers and the other pieces of equipment enhanced very much in number and capacity and that is where this temptation came from,' Information Society Minister
Cyber must avoid a 'sub–prime' situation, says Healey(FierceGovernmentIT) Cyberspace today looks much like the financial sector looked before 2008, said Jay Healey, director of the Atlantic Council's Cyber Statecraft Initiative. It's complex and interconnected but risk has not been fully assessed, said Healey, who spoke Oct. 23 at an event at the Atlantic Council in Washington, D.C
IBM ends legal fight against CIA cloud computing award to AWS(FierceGovernmentIT) IBM has dropped its legal case against the CIA's award of a cloud computing contract to Amazon Web Services, with Court of Federal Claims Judge Thomas Wheeler granting on Oct. 29 the company's motion to withdraw an earlier motion to stay his ruling that the CIA should procede with the AWS contract
Pulsant Awarded STAR Certification(SYS-CON Media) Cloud computing, managed hosting and colocation expert, Pulsant, has achieved the newly launched CSA STAR certification. The CSA STAR certification has been developed especially for cloud providers by Cloud Security Alliance (CSA) and BSI (British Standards Institution) and measures vendor security capability levels
Cybersecurity Skills Gap Beginning to Have Real Effects on Business(InfoSecurity Magazine) The fact that there are not enough skilled cybersecurity workers is becoming an increasing drumbeat for those tasked with improving the security posture of both public and private sector businesses. A new study underscores that while it's essential that organizations continually evolve their security strategies to keep pace with the changing threat ecosystem, resource-strapped IT staffs are more often than not too bogged down by tactical activities to keep up
Cyber Security Executives Raise More Than $327,000 for Children(White Hat) The inaugural White Hat Gala raised more than $327,000 for children treated at Children's National Health System. Approximately 300 guests attended the festive black-tie optional gala at the Ronald Reagan Building in Washington, DC. Cyber security experts, leaders in the field, Government heads of the industry, VIPs, and Federal contractor executives, as well as Children's National friends and staff attended this exciting evening of food, entertainment, casino events, networking and inspiration
Dropbox Not So Spooky After All(Wired) Dropbox seems to be the poster child for all that is bad and scary about the cloud. IT is haunted by Dropbox (and really all file sharing apps for that matter) as it discovers that enterprise employees increasingly upload and share corporate content in the app. By nearly all accounts, Dropbox has the highest penetration into enterprises today
Blue Ridge Networks Launches AppGuard® Zero–Day Malware Protection(Herald Online) Blue Ridge Networks announced the launch of its latest version of AppGuard®, its revolutionary new zero-day malware protection software product for PC users. AppGuard has been a trusted security solution used successfully by discriminating enterprises and security professionals for some years to protect against zero-day malware
Meet The Company That Tracks More Phones Than Google Or Facebook(Forbes) Picture this scenario. A bored woman sits waiting in an airline lounge. She scrolls through her iPhone and taps on a brightly colored square to launch a free mobile game. In the instant before the app loads something extraordinary happens behind the scenes: an auction for her eyeballs, run by a company you've probably never heard of, called Flurry
Technologies, Techniques, and Standards
Forensic Software in Child Protection Cases(Forensic Focus) According to recently released statistics from ICAC, an agency whose aim is to make the internet safer for children, only 2% of reported child protection cases are investigated in the United States each year. Often the media seize every opportunity to disparage forensics organisations, child protection charities and law enforcement agencies for not coming up with more effective solutions to these cases, but the reality is that the investigation of illicit image distribution is a wide-ranging and complex area, fraught with difficulties
ForGe — Computer Forensic Test Image Generator(Forensic FOcus) Creating test material for computer forensic teaching or tool testing purposes has been a known problem. I encountered the issue in my studies of Computer Forensics at the University of Westminster. We were assigned a task to compare computer forensic tools and report results. Having already analysed test images by Brian Carrier over and over again, I found myself creating images manually, which appears to be the best and only way of doing this. One of my lecturers, Sean Tohill, confirmed this is indeed the case and a test image generator is long overdue
The threat within: How SMEs can protect themselves from light–fingered staff(Help Net Security) It hasn't been an easy time for small businesses. Where once cybercriminals shunned SMEs in favour of larger corporates, the threat landscape has changed drastically in recent years. According to the 2013 Information Security Breaches survey, 87 percent of small businesses had a security breach in the past year. However, while the threat from external attacks is undoubtedly rising - and SMEs are growing increasingly aware of it - another equally serious threat is silently lying in wait: the insider threat
ENISA Publishes Crypto Recommendations(InfoSecurity Magazine) In a technical report designed for technologists rather than consumers, the European Network and Information Systems Agency has produced a list of 'appropriate cryptographic protective measures', with recommendations for their use
Once–A–Year Risk Assessments Aren't Enough(Dark Reading) Why experts believe most organizations aren't assessing IT risks often enough. While it may be important that security organizations employ effective methods to walking through an IT risk assessment, the frequency with which they go through that process is almost as important as the means of carrying them out. Unfortunately, even when security organizations cover all of their bases in an IT risk assessment, if they don't assess often enough they could still be keeping themselves open to a great deal of risk
Continuous Monitoring and Mitigation(DataBreachToday) What are some of the unique challenges organizations face when they move into continuous monitoring and risk mitigation? Scott Gordon of ForeScout and Ken Pfeil of Pioneer Investments offer insight
Federal Cybersecurity Champions Honored(InformationWeek) National Institute of Standards and Technology senior scientist Ron Ross honored for creating risk management framework. The federal cybersecurity community on Tuesday honored some of this year's outstanding achievers who have helped improve computer security in the government, including one of its own for his work establishing cybersecurity requirements for federal agencies
Class helps military children be safe, secure online(Belvoir Eagle) Military youth learned how to stay safe in cyberspace during the community's first "Safe and Secure Online" class for children Oct. 22 at the USO Warrior and Family Center. The event was sponsored by Booz Allen Hamilton as part of Holding Down the Homefront, a series of USO programs focused on taking care of military Families
'Centers of excellence' in information assurance education and research(Washington Post) Here are schools in Maryland, Virginia and the District that the National Security Agency and Department of Homeland Security have identified as "national centers of excellence" in information assurance education at the two- or four-year level. Those also identified as centers of excellence in IA research are noted with an R
Legislation, Policy, and Regulation
Australia said to play part in NSA effort(New york Times) Australia, a close ally of the United States, has used its embassies in Asia to collect intelligence as part of the National Security Agency's global surveillance efforts, according to a document leaked by the former agency contractor Edward J. Snowden and published this week in the German newsmagazine Der Spiegel
How Edward Snowden Escalated Cyber War(Newsweek) For more than a decade, a relentless campaign by China to steal valuable, confidential information from United States corporations flourished with barely a peep from Washington. And now it might never be stopped
Lawmakers Head To Europe To Address NSA Concerns(Huffington Post) U.S. lawmakers will head to Europe to help address concerns abroad about alleged U.S. spying and convince the Europeans of the need to continue joint anti-terrorism efforts with the U.S., the chairman of a Senate subcommittee on European affairs said Thursday
Hayden: Obama 'Rebalance' of US Intel Could Harm National Security(Newsmax) The National Security Agency (NSA) is being relentlessly pilloried by resentful detractors abroad -- and strident critics on the left and right at home -- which could force the Obama administration to weaken the intelligence community's ability to protect critical U.S. interests, former CIA head Michael Hayden wrote Thursday in a Wall Street Journal op-ed
Senate panel OKs limited surveillance rollbacks(Deseret News) Leaders of a Senate panel that oversees U.S. intelligence issues said Thursday it has approved a plan to scale back how many American telephone records the National Security Agency can sweep up. But critics of U.S. surveillance programs and privacy rights experts said the bill does little, if anything, to end the daily collection of millions of records that has spurred widespread demands for reform
Feinstein debuts NSA "reform" bill that's really about the status quo(Ars Technica) Senator Dianne Feinstein (D-CA) has been one of the most stalwart defenders of widespread NSA surveillance since leaks with information about the programs started seeping out nearly five months ago. Civil libertarians and reformers have been none too pleased with her rhetoric—and they're not going to get any happier after reading the bill she introduced today
USA Freedom Act Would Leash the National Security Agency(Bloomberg BusinessWeek) Edward Snowden's leaks revealing the National Security Agency's eavesdropping on U.S. citizens and foreign leaders have led members of Congress to demand greater limits on government spying. The USA Freedom Act, introduced on Oct. 29 in the House and Senate, would "rein in" the NSA's ability to gather information about unsuspecting citizens, say its authors, Democratic Senator Patrick Leahy of Vermont and Wisconsin Republican Representative Jim Sensenbrenner
After NSA leaks, Google and others scramble to lock down security(The Verge) Relations between tech companies and law enforcement have frayed after it was revealed this week that the NSA tapped into private networks at Google and Yahoo. But a new report from The New York Times reveals how seriously many companies have taken the revelations, and what they're planning to do about it. Twitter has already moved to encrypt its direct messages, a measure that designers once thought unnecessary, and Google is already scrambling to secure their private network. As one security pro told the Times, "A lot of the things everybody knew they should do but just weren't getting around to are now a much higher priority"
NSA director says he's 'not wedded' to surveillance programs(Baltimore Sun) In a public appearance in Baltimore on Thursday, National Security Agency director Keith Alexander forcefully defended surveillance methods that have come under scrutiny this year but acknowledged that some of them may need adjustments
NSA Director Keith Alexander defends data collection during Baltimore visit(Baltimore Business Journal) Two things worry the director of the National Security Agency more than anything else: terrorism and cyber attacks. Gen. Keith Alexander on Thursday addressed members of the Baltimore Council on Foreign Affairs at the Hyatt Regency Hotel. Throughout his remarks, Alexander emphasized that protecting the United States is the NSA's top priority and insisted concerns over data collection have been overblown. "If you poll Americans, they believe that we are listening to their calls and that we are reading their emails," he said. "But that is not factually correct."
Two options for big data privacy: limit collections, or audit searches(FierceGovernmentIT) The advent of big data leaves federal policymakers with at least two opposite ways to ensure privacy--limit data collection, or allow agencies to store everything and later limit and audit database searches, as the National Security Agency has done with telephony metadata
Security Think Tank: Prism fallout could be worse than security risks(ComputerWeekly) In considering whether the data collected by Prism puts the US government at risk, it is worth considering whether the vulnerability comes as a result of it being apparent that all of this data has been collected and therefore presents a target, or the reaction to the will on the part of the US to collect it
EU Petition Seeks to Restrict Export of 'Digital Arms'(Threatpost) A Dutch member of the European parliament is supporting a grass-roots effort to restrict the export of surveillance software such as FinFisher and others, which are used by some governments and law-enforcement agencies to monitor their citizens' activities
Navy expands 'cyber warrant' program to attract more tech–savvy sailors(Navy Times) The Navy is increasing its ranks of cyberwarfare sailors — about 1,000 more could join Fleet Cyber Command by fiscal 2016. But those sailors need leaders, and a program designed to build the Navy's "cyber warrant" corps stumbled out of the gate. The Navy's not getting enough qualified applicants for designator 7430, cyber warrant officer, to supply the dozen or so cyber warrant billets it wants filled in the next two years
Violators of PII will Have AFNET Accounts Locked(Aurora Sentinel) "Beginning Oct. 24, we began locking out the AFNET account of individuals who were found to be inappropriately transmitting PII data via the AFNET," explained Major General J. Kevin McLaughlin, the Commander of 24th Air Force and Air Forces Cyber
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
TrustED 2013(Berlin, Germany, November 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing...
OKTANE 13(San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...
MIRcon 2013(Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
CyberInnovation Briefing(Baltimore, Maryland, USA, November 7, 2013) As cyber attacks plague critical infrastructure, financial institutions, and the federal government, liability and privacy remains a growing concern. With losses mounting and sensitive information being...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.