The Microsoft Office zero-day, reported and hastily mitigated with workarounds this week, is exploited in the wild, both in Citadel campaigns and targeted attacks.
Google's webcrawler, innocent in itself, is linked to SQL injection attempts. Rapid7 reports seven Super Micro IPMI firmware zero-day vulnerabilities. Cyber criminals embed malware in RTF files distributed as attachments to emails with spoofed sender addresses.
In the US, a denial-of-service tool targeting Healthcare.gov is found. In the UK, National Health Service systems suffered significant outages from "misfiring" anti-virus software.
Forbes notes the a priori dangers involved in USB charging.
The airline industry undertakes steps to secure itself from cyber attack as reservation and boarding systems, with related airport infrastructure, become popular targets.
Gulf States foresee surging attacks on oil and gas companies.
Two broad cyber trends may be summed up: (1) lack of anonymized reporting inhibits intelligence sharing, and (2) reverse-engineering depends on expensive labor; a strategic shift toward automation is needed.
In industry news, CyberPoint announces an agreement to acquire high-end engineering firm Bitmonix. Barracuda's shares surge in their IPO.
BeehiveID promises an end to sockpuppetry. Thales and IBM partner on BYOK (bring-your-own-key).
Estonia's experience in the first cyber war holds lessons for the future. MI-5, MI-6, and GCHQ chiefs answer Parliamentary questions on surveillance. Naming and shaming of Chinese cyber operators seems not to inhibit the PLA. Emerging consensus: NSA didn't evade oversight, but the nature and quality of that oversight may be problematic.
Today's issue includes events affecting Australia, Denmark, Estonia, Germany, India, Iran, Israel, Italy, Japan, Republic of Korea, Nigeria, Pakistan, Singapore, South Africa, Spain, United Arab Emirates, United Kingdom, United States..
Google's web crawler linked to SQL Injection attempts(CIO) In a recent blog post, Daniel Cid, CTO of Securi, a company that provides website security monitoring and related services, published details of a recent SQL Injection attempt. That in itself isn't anything major, SQL Injection attempts happen quite frequently, but the source of the attempt certainly raises some eyebrows – it was Googlebot
Seven IPMI Firmware Zero Days Disclosed(Threatpost) A number of previously unreported vulnerabilities in Super Micro IPMI firmware were disclosed today that could put servers at hosting providers at risk
Malware peddlers testing new infection techniques(Help Net Security) An ongoing malicious spam campaign impersonating UPS has shown that malware peddlers are experimenting with different approaches for infecting hapless users, and additional recent spam campaigns have
Cybercrime gangs seek victims in untapped markets(Help Net Security) A record number of brands were targeted by phishers in the second quarter of 2013, according to APWG. A total of 639 unique brands were targeted by phishing attacks in the period, topping the previous
Power Over USB(Forbes) I've been reading about enhancements to the USB 3.0 standard that would allow a USB cable to provide up to 100 watts of power…But I have one concern that I haven't seen addressed in the press. Of course USB cables carry both data and power. So, when you plug your device into a USB distribution system, whether it's a laptop or phone, you're plugging it into a network
Security Patches, Mitigations, and Software Updates
Cisco Fixes Blank Admin Password Flaw in Telepresence Product(Threatpost) Cisco has patched a number of vulnerabilities in several separate products, including a serious remote code execution flaw in its Wide Area Application Services Mobile software that could allow an attacker to take complete control of a vulnerable device
Twitter Fixes Bug that Enabled Takeover of Any Account(Threatpost) Security researcher Henry Hoggard recently discovered a cross site request forgery (CSRF) vulnerability in Twitter's "add a mobile device" feature, giving him the ability to read direct messages and Tweet from any account
Airline Industry Swooping in to Prevent Cyberattacks(Aviation Pros) Worried that computer hackers attacking banks and media companies could easily shift targets, the airline industry is taking preemptive steps to ensure it doesn't become the next victim…"The aviator guys are getting together because they see what's going on in every other sector," said Paul Kurtz, chief strategy officer for computer security firm CyberPoint International
Cyber war targets Middle East oil companies(Business Recorder) Middle Eastern oil and gas companies have been targeted in massive attacks on their computer networks in an increasingly open cyber war where a new virus was discovered just this past week. The United States and Israel, believed to behind the first cyber sabotage campaign that targeted Iran's nuclear programme, are now worried about becoming targeted themselves
Firms Lack Malware Analysis, Incident Response Expertise: Study(CRN) Targeted attacks that use custom malware and other techniques to dupe traditional security software such as antivirus can be detected with advanced threat detection technologies, but most firms lack the skilled security expertise to follow up with analysis and incident response when a threat is detected
Cyber security losses remain unknown(BusinessTech) Governments and businesses spend $1 trillion a year for global cybersecurity, but unlike wartime casualties or oil spills, there's no clear idea what the total losses are because few will admit they've been compromised
Why has there been so few African companies buying specific cyber insurance cover?(BusinessDay) Nigeria is one of the most technologically advanced countries in Africa, indeed their mobile banking technology is far more advanced than most, with "Mobile Money" set to have an ever increasing use. With such technologies comes increased risks of cyber crime and data thefts. A Nigerian Data Protection Bill is being considered, but at present no relevant legislation is in force
Bruce Schneier wants to make surveillance costly again(PCWorld) The ongoing revelations of governmental electronic spying point to a problem larger than National Security Agency malfeasance, or even of security weaknesses. Rather the controversy arising from Edward Snowden's leaked documents suggest we face unresolved issues around data ownership, argued security expert Bruce Schneier
CyberPoint International Acquires High-End Engineering Firm Bitmonix(Bloomberg Business Week) CyberPoint International, LLC, a global provider of cyber security services, solutions, and products, announced today that it has made an agreement to acquire the high-end engineering firm Bitmonix. Serving customers in the Greater Baltimore Metropolitan region, Bitmonix has developed a reputation for technical and performance excellence in the areas of cryptographic systems engineering, system security, and data analysis. With this acquisition, CyberPoint welcomes a like-minded, passionate, and experienced team of engineering professionals to its ranks. The acquisition also broadens CyberPoint's customer footprint in the government and commercial marketplace
Kaspersky: "We detect and remediate any malware attack," even by NSA(Ars Techica) Firm responds to EFF question about AV cooperation with government surveillance. Antivirus provider Kaspersky has designed its products to detect all malware, even if it's sponsored by the National Security Agency or other government entities under programs espoused to target terrorists or other threats
Terry DiVittorio Appointed KCG Cybersecurity VP(GovConWIre) Terry DiVittorio, formerly a director for Blue Canopy's cybersecurity business unit, has joined Knowledge Consulting Group as vice president of cybersecurity strategy and solutions development. The more than 20-year industry veteran will be charged with developing strategies to grow KCG's portfolio of network defense, incident response and security offerings, KCG said Monday
Introduction: ICANN's Alternative Path to Delegation (Part 1 of 4)(CircleID) As widely discussed recently, observed within the ICANN community several years ago, and anticipated in the broader technical community even earlier, the introduction of a new generic top-level domain (gTLD) at the global DNS root could result in name collisions with previously installed systems
Estonia: To Black Out an Entire Country — part one(Infosec Institute) The cyber-attacks that befell Estonia in 2007 is a case much discussed and underrated at the same time. Many tend to ignore the eloquent fact that this incident represents the first time when an entire country's information defense systems and resources were put to the test. Moreover, according to the rumors, Estonia was attacked by foreign entities, which under some circumstances may qualify this little cyber-offensive as a use of force, or even an armed attack, pursuant to UN Charter
U.S. Government Releases Proposed Cybersecurity Framework(InfoToday) The Obama administration is taking public comments on a proposed framework for improving cybersecurity in communication and other critical industries. In late October, the U.S. Department of Commerce's National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework as a significant element of an administrative-wide directive to respond to cybersecurity threats. The framework is intended to provide government, businesses, and industries with a series of cybersecurity standards, references, and best practices to identify, protect, respond, and recover from cybersecurity attacks
'123456' may be an adequate password to protect nothing(Virus Bulletin) Are we giving users the right kind of advice when it comes to password security? A recent data-breach at Adobe has shown once again that a lot of users choose the most trivial of passwords to protect their online accounts. But is this really what we should be focusing on
US intelligence agencies losing their technological superiority(South China Morning Post) A US congressional panel created long before the recent revelations about government electronic spying operations issued a blistering report charging that the intelligence world's research-and-development efforts are disorganised and unfocused
Cybersecurity Competition's Sixth Season Kicks Off To A Larger Playing Field(Satnews) The Air Force Association announced today that CyberPatriot, the National Youth Cyber Defense Competition, has drawn 1,566 teams for its sixth season of competition, representing a nearly 30 percent growth from last year. This year, teams represent all 50 states, the District of Columbia, Puerto Rico, Canada, and U.S. Department of Defense Dependent Schools in Germany, Italy, The Republic of Korea, and Japan
Spy agency chiefs defend surveillance(THe Guardian) The appearance of MI5's Andrew Parker, MI6's Sir John Sawers and GCHQ's Sr Iain Lobban before the intelligence and security committee has come to an end. Here are the key points
Apple just revealed Germany's conflicted attitude to privacy(Quartz) It's been a strange couple of weeks for Germany. After revelations last week that American spies had been tapping Angela Merkel's phone, news emerged over the weekend that Germany was pushing to have data protection rules included in the Transatlantic Trade and Investment Partnership (TTIP), a trade deal between the United States and the European Union. Even the most ardent supporters of strict data protection rules realize that this is a bad idea…Yet for all Germany's posturing about privacy, it is also one of the leading countries requesting user data from big tech firms
Intelligence officials argue for bulk telephony metadata(FierceGovernmentIT) Intelligence officials pushed back against proposals to end the bulk storage of telephony metadata, telling a Nov. 4 oversight panel that limiting metadata collection to cases when the records can be tied to particular individuals would make counterterrorism efforts more difficult
Obama's Likely Pick for NSA Chief Is a Master Spy. It May Not Be Enough.(Foreign Policy) Vice Admiral Michael S. Rogers, the odds-on favorite to be nominated by President Obama as the next director of the National Security Agency, has all of the intelligence and military credentials for the position. "A walking resume for this job," said retired Admiral James Stavridis, who recently served as NATO's Supreme Allied Commander in Europe and has known Rogers for more than a decade
Singapore vows to hunt down Anonymous hackers(Rappler) Singapore will "spare no effort" to hunt down hackers from activist group Anonymous who last week threatened to wage a cyber war against the government, Prime Minister Lee Hsien Loong said Wednesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
CyberInnovation Briefing(Baltimore, Maryland, USA, November 7, 2013) As cyber attacks plague critical infrastructure, financial institutions, and the federal government, liability and privacy remains a growing concern. With losses mounting and sensitive information being...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.