Today is (off-year) Election Day in the US, coincidentally NSA's birthday, and, of course, Guy Fawkes Day. Anonymous is marking this last holiday with various protests, but so far with limited hacking success.
The National offers a post mortem on the Syrian Electronic Army's October campaign against Qatar: it was a "low-risk" operation.
In the UK, fears of bugging have led HM Government to exclude iPads from cabinet meetings.
Cisco warns customers that it detected a big spike in port-zero reconnaissance traffic over the weekend. CryptoLocker continues to spread, and Russian criminals are distributing NSA-themed ransomware. Dr. Web thinks Trojan.ibank's scanning for SAP applications foreshadows a campaign against ERP and business-critical software. Fake LinkedIn profiles are being used to gather information for social engineering (cf. Emily Williams and Robin Sage).
Skeptical analysts keep an eye out for BadBios. The recent Adobe hack attracts more scrutiny of poor practices. Unusually cynical criminals replace the familiar Nigerian 419 scam with Syrian-themed fraud exploiting trusting solicitude for that unfortunate country's misery.
In industry news, Dell is now private. BlackBerry struggles with its ongoing attempts at a fire sale; its customers turn to Apple, Samsung, and Microsoft. Fishnet Security buys TorreyPoint. Congratulations to the SINET 16 (see the link for a full list).
It appears that Brazil itself has engaged in Brasilia-based electronic surveillance of US, Russian, Iranian, and Iraqi diplomats. South Korea's Defense Minister may be on the way out over allegations of his Cyber Command's misconduct. US debate over NSA's future continues.
Today's issue includes events affecting Australia, Brazil, Canada, China, France, Germany, Indonesia, Iran, Iraq, Republic of Korea, Morocco, Nigeria, Philippines, Qatar, Russia, Seychelles, Singapore, South Africa, Syria, Taiwan, Turkey, United Kingdom, United States..
Anonymous Philippines Pledge More Cyber Attacks(SecurityWeek) Some 100 masked members of the hacking group Anonymous Philippines marched on parliament Tuesday, denouncing corruption and pledging more cyber attacks, a week after 30 government websites were paralyzed
Singapore Govt on alert after Anonymous cyber attack(Technology Spectator) Singapore's government has been put on heightened alert for cyber attacks after people claiming to be from international hacking collective Anonymous defaced several web sites in the city-state and threatened further action
Govt websites down due to routing issue, hardware failure: IDA(Channel NewsAsia) IDA explained that maintenance work on government websites last weekend took longer than usual due to a technical glitch -- a combination of a routing issue and a hardware failure. It is believed the downtime was not due to cyber attacks or hacking
Why Syria's cyber attack on Qatar was relatively low–risk(The National) The disruption to most of Qatar's online presence last month deserves attention, especially in terms of internet governance and cyber security. Unleashing an army, albeit a digital one, against another country's infrastructure is no minor incident
Fear of bugging prompts iPad ban in UK Cabinet meetings(Naked Security) Fast on the heels of reports that Russia allegedly passed out boobytrapped USB sticks at the G20 summit, iPads were plucked from users' hands at a UK Cabinet meeting out of fear that they might be bugged by foreign intelligence agencies
CryptoLocker Ransomware Spreading Rapidly(CIO Today) If you are especially worried about CryptoLocker ransomware, the best thing you can do, aside from not getting infected, is to create hard backups of important files. It's also important to keep antivirus software up to date. Many CryptoLocker ransomware infections are happening to computers that were already infected with another malware
On BadBIOS and Bad Behavior(I am Security) So, unless you are in the security industry and have been living under a rock in the last couple of weeks, you probably know what this #BadBIOS thing refers to
Is your vacuum cleaner sending spam?(Internet Storm Center) Past week, a story in a Saint Petersburg (the icy one, not the beach) newspaper caught quite some attention, and was picked up by The Register. The story claimed that appliances like tea kettles, vacuum cleaners and iron(y|ing) irons shipped from China and sold in Russia were discovered to contain rogue, WiFi enabled chip sets. As soon as power was applied, the vacuum cleaner began trolling for open WiFi access points, and if it found one, it would hook up to a spam relay and start…probably a sales pitch spam campaign for cheap vacuum cleaners from China
Syria becomes the next Nigeria for online spam scams(BGR) Remember the Nigerian 419 scam about a lost fortune and how someone representing a bank wants to share the bounty with you? Now Nigerian spammers are taking advantage of the political disturbance in Syria and are now trying to scam people by using some kind of reference to Syria in spam mails sent worldwide. The spammers used reference of Syrian and UK banks and sent messages in the names of representatives from banks, humanitarian organizations and private individuals, Kaspersky Labs' September report on worldwide spam mails suggests
Dark–Side Services Continue To Grow And Prosper(Dark Reading) Criminals have expanded their use of the cloud-service model to make their illegal enterprises more efficient and accessible. In 2005, police in Morocco and Turkey arrested two men connected with the Zotob worm: The 18-year-old creator of the worm and the 21-year-old man who paid him to develop the code
25 Years After: The Legacy Of The Morris Internet Worm(Dark Reading) A look at how worms have evolved from the infamous — and relatively benign — Internet worm of 1988 to targeted, destructive attacks. Stuart McClure was an undergraduate student at the University of Colorado in Boulder 25 years ago when dozens of the university's servers suddenly began crashing. The university, like other universities, government agencies, and organizations, had been hit with a historic computer worm that crippled thousands of machines around the Internet in an apparent informal research project gone wrong
Security Patches, Mitigations, and Software Updates
1 million cyber crime victims in SA(BusinessTech) South Africans are getting hard hit by cyber crime, collectively costing victims billions of rands over the past 12 months, according to a new report by Symantec
Big data blues: The dangers of data mining(ComputerWorld) Big data might be big business, but overzealous data mining can seriously destroy your brand. Will new ethical codes be enough to allay consumers' fears
One Quarter of Data Breach Victims Go on to Suffer ID Theft(InfoSecurity Magazine) ID thieves are getting more successful at leveraging stolen data for ill-gotten gains. Of the 16 million victims notified in 2012 that their payment card information was compromised in a data breach, more than 25% of them also suffered identity theft, according to a new study
Private military, security firms to earn $244B by 2016, UN says(Associated Press) The private military and security business is growing by 7.4 percent a year and on track to become a $244 billion global industry by 2016, the U.N.'s expert on mercenaries reported Monday. The United States is the biggest single spender on private security
Dell Goes Private: 8 Things To Expect(InformationWeek) Dell CEO Michael Dell took the company private to gain more independence from Wall Street investors. Now that the buyout's cleared, what moves can customers expect
FishNet Security Buys Solutions Provider TorreyPoint(SecurityWeek) FishNet Security, a provider of information security solutions, announced on Monday that it has acquired of TorreyPoint, a full-service network and infrastructure consultancy based in Sunnyvale, California
Cracking up: a brief history of BlackBerry's fall from smartphone dominance(Engadget) BlackBerry is in dire straits. The smartphone maker was riding high in market share and profits just a few years ago, but it's now having trouble securing rescue money. It's yet again pinning its hopes on a new CEO who's tasked with saving a struggling industry giant. How did BlackBerry decline so quickly, though? And what might happen to the company when seemingly every option is on the table? As it turns out, BlackBerry's descent into trivial market share figures and sustained losses stems from a mixture of hubris, sluggishness and misplaced effort -- and there's no clear solution in sight
How Vocative mines the "Deep Web" for Storytelling(Fast Company) Back in 2012, a group of digital journalists went hunting for Ugandan warlord Joseph Kony. They tried to track him using a trove of data--like mercenary chatter found on an obscure corner of the web. In the end, they weren't exactly able to string together enough information to triangulate his position. But Kony wasn't the only signal they were tracking
11 sure signs you've been hacked(InfoWorld) In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable
Google's dreaded 'blacklist'(CNN Money) Small businesses are reeling from an increase in cybercrime, but a hacked website can have even greater consequences if Google lists you as "infected"
Beyond breach prevention: The need for adequate response(ComputerWorld) If there's been any lesson learned in the past decade, it's that despite tens of billions having been spent on anti-malware, firewalls, intrusion–detection and prevention systems, and other defensive technologies — it's just not realistic for enterprise security teams to expect to be able to stop every attack
How to address the main concerns with ISO 27001 implementation(Help Net Security) Recently I delivered two webinars on the topic of ISO 27001, and I have asked the attendees to send me their top concerns regarding ISO 27001 implementation before those webinars. I've summarized most common concerns into the following five areas and here's a detailed explanation on how I feel they should be addressed
Security Tip (ST13-003): Handling Destructive Malware(US-CERT) Destructive malware presents a direct threat to an organization's daily operations, directly impacting the availability of critical assets and data. Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event. This publication is focused on the threat of enterprise-scale distributed propagation methods for malware and provides recommended guidance and considerations for an organization to address as part of their network architecture, security baseline, continuous monitoring, and Incident Response practices
It's Time to Secure Mobile Devices, Not Just Manage Them(SecurityWeek) As part of my job, I spend a good deal of my waking hours thinking about information security and sharing my findings with IT security practitioners. What are the latest techniques we see from attackers, and what sorts of techniques or policies work best to mitigate them? And as attacks have become more sophisticated, it has also become increasingly clear that security technologies and solutions absolutely must benefit from one another and work together as a platform. In isolation, any single technology is no match for sophisticated attackers
Quantum 'sealed envelope' system enables 'perfectly secure' information storage(Phys.org) A breakthrough in quantum cryptography demonstrates that information can be encrypted and then decrypted with complete security using the combined power of quantum theory and relativity - allowing the sender to dictate the unveiling of coded information without any possibility of intrusion or manipulation
Chinese professor builds Li–Fi system with retail parts(IT World) The equipment is big and expensive, with the research costs at almost US$500,000. But by just using retail components, Chinese professor Chi Nan has built her own Li-Fi wireless system that can use LED lights to send and receive Internet data
DARPA Kicks Off Cyber Grand Challenge(SIGNAL) A new government-run competition seeks to advance the boundaries of computer network analysis and defense by developing autonomous cyberdefense capabilities
Report: Brazil spied on embassy personnel(SFGate) The Brazilian government confirmed Monday that its intelligence service targeted U.S., Russian, Iranian and Iraqi diplomats and property during spy activities carried out about a decade ago in the capital Brasilia
Will defense minister stay?(Korea Times) Defense Minister Kim Kwan-jin is in the hot seat because of recent scandals within the military
As U.S. weighs spying changes, officials say data sweeps must continue(New York Times) The Obama administration has told allies and lawmakers it is considering reining in a variety of National Security Agency practices overseas, including holding White House reviews of the world leaders the agency is monitoring, forging a new accord with Germany for a closer intelligence relationship and minimizing collection on some foreigners
Could General Alexander's retirement curb NSA surveillance powers?(Voice of Russia) The innumerable recent leaks about the extent of the NSA's massive global surveillance programs, gathering intelligence on Europeans' telephone calls and wiretapping the phones of 35 world leaders, including German Chancellor Angela Merkel and the Pope, seem to have prompted President Barack Obama and lawmakers to realize that something needs to be done to rein in the NSA's apparently unchecked spying powers
NSA chief likely to lose cyber war powers(The Hill) Senior military officials are leaning toward removing the National Security Agency director's authority over U.S. Cyber Command, according to a former high-ranking administration official familiar with internal discussions
The downfall of the NSA(Bangor Daily News) Politicians and government officials rarely tell outright lies; the cost of being caught in a lie is too high. Instead, they make carefully worded statements that seem to address the issue but avoid the truth. Like, for example, Caitlin Hayden, the White House spokesperson who replied on Oct. 24 to German Chancellor Angela Merkel's angry protest at the tapping of her mobile phone by the U.S. National Security Agency
IG: DHS cybersecurity tools, training not up to par(Politico) The Department of Homeland Security has struggled to respond to cybersecurity threats and disseminate information about them because of lingering technical, funding and staffing woes, according to the agency's inspector general
Ahn proposes special probe into election meddling scandal(Yonhap) ndependent lawmaker Ahn Cheol-soo called for bipartisan support on Monday to launch a special investigation into several government bodies and the military embroiled in an online campaign scandal in connection with last year's presidential election
Intercontinental Network of Card Fraudsters Dismantled in Canada and Europe(Europol) A major intercontinental network of card fraudsters has been recently dismantled by cooperating Canadian, French and German police authorities, supported by Europol's European Cybercrime Centre (EC3). The operation 'Spyglass' has so far resulted in the arrest of 29 people. The international criminal group was involved in the sophisticated manipulation of point-of-sale (POS) terminals in shopping centres across Europe and North America
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
ICS Summit 2014(Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset...
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
OKTANE 13(San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...
MIRcon 2013(Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
CyberInnovation Briefing(Baltimore, Maryland, USA, November 7, 2013) As cyber attacks plague critical infrastructure, financial institutions, and the federal government, liability and privacy remains a growing concern. With losses mounting and sensitive information being...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.