Singapore's presidential site suffered search function abuse, not defacement, Trend Micro reports.
Ecuador's telecommunications minister claims an unknown but "first-world" country attempted to sabotage this past February's presidential elections.
At least two hacker groups exploit the Microsoft Office TIFF vulnerability. (Mitigations are available, but there's no fix ready for Patch Tuesday.)
Nginix ("a lightweight Apache alternative") access and error logs default to world-readable—change this during installation, and in general be aware (and beware) of default settings in any product or system. Note also what independent researcher Paul McMillan reports he found after crawling the IPv4 address space: all manner of industrial control and supply chain systems are exposed to the Internet without so much as a password to protect them.
Effects of the recent Adobe hack appear to be spreading, as is an unrelated malicious iframe campaign first spotted in India back in May. In the US, Healthcare.gov has more issues than are easily summarized, but HHS can rest easier on at least one of them: Kaspersky reports the targeted denial-of-service tool found this week is unlikely to work.
Gartner warns cyber attack jitters lead enterprises to depart from proven risk-based security tactics. Cyber defenses remain over-reliant on expensive engineering labor.
Two big cyber drills are scheduled for next week: the British financial sector will be tested on Tuesday, the North American power grid on Wednesday.
Fear of surveillance leads to fears of market headwinds for British and US tech companies.
Researchers get to work on TrueCrypt and Gotcha authentication.
Today's issue includes events affecting Ecuador, France, Germany, India, Iran, Ireland, Israel, Pakistan, Russia, Singapore, Spain, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Singapore PMO Website Not Hacked, Despite Reports(TrendLabs Security Intelligence Blog) Further analysis by Trend Micro researchers on the reported defacement of the Singapore Prime Minister Office website revealed that the website was not actually defaced — attackers abused the search function of the Singapore PMO website to display an image that looks like a hacked version of the site
Ecuador minister decries "first world" cyber attack in presidential elections(BNAmericas) A large processing center located in a "first world" country attempted to sabotage the Ecuadorian electoral IT system during presidential elections held in February of this year, in which President Rafael Correa won a further four-year term in a landslide victory, according to telecoms minister Jaime Guerrero
Vicious malware appears on campus(UDail) University of Delaware Information Technologies (IT) reports that at least one computer on campus has been infected by CryptoLocker, a particularly vicious form of "ransomware," malware that encrypts your computer's files so you cannot use them. The software then tries to extort a payment from you in order to receive the decryption key and program
Researchers Debate Value of New Bitcoin Attack(Threatpost) Researchers are debating the potential value of a Bitcoin attack that could allow a small cartel of participants to become powerful enough that it could take over the mining process and whether it's actually practical in the real world
Power Plants and Other Vital Systems Are Totally Exposed on the Internet(Wired) What do the controls for two hydroelectric plants in New York, a generator at a Los Angeles foundry, and an automated feed system at a Pennsylvania pig farm all have in common? What about a Los Angeles pharmacy's prescription system and the surveillance cameras at a casino in Czechoslovakia? They're all exposed on the internet, without so much as a password to block intruders from accessing them
Father–Daughter Hacking Team Finds Valuable Facebook Bug(Threatpost) The Wysopal name has been on vulnerability advisories for better than 20 years now, and it doesn't look like that is going to end anytime soon. But the name on those advisories in the future may be Renee rather than Chris Wysopal. Chris, one of the founding member of the L0pht hacking collective and now
From Event Gatherers To Network Hunters(Dark Reading) Passive, wait-for-an-event defenses are no longer enough — companies need to move to a more proactive strategy of hunting down the bad actors in their network, say experts
Rise in cyberattacks means firms must develop security skills and mindset(SiliconRepublic) Rise in cyberattacks means firms must develop security skills and mindsetRise in cyberattacks means firms must develop security skills and mindset. The recent spate of data breaches that saw 43,000 Irish people's credit and debit card details fall into the hands of hackers are a stark warning to public and private-sector organisations to be on their guard
SMEs ignore big data as skills demand rockets(V3) The UK's small and medium-sized businesses are making almost no use of big data analytics, a new IT skills report has found. However, among larger businesses, demand for big data specialists is expected to triple, increasing competition for staff in the business intelligence sector
Defining cyberwarfare…in hopes of preventing it — Daniel Garrie(TEDed) Can you imagine a future where wars are fought not with bombs and bullets but computer viruses and pacemaker shutdowns? Cyberware is unique in that it is not covered by existing legal framework and it often inspires more questions than we are yet capable of answering. Daniel Garrie ponders some of the practical and ethical dilemmas that may pop up as we progress towards our uncertain future
Reflections on the One Million Mark: A Threat Beyond the Android Platform(Trend Micro Simply Security) We recently reported that the number of malicious and high risk apps on the Android platform crossed the one million mark. It's important to note that this beats by a full quarter our CTO Raimund Genes' prediction from November 2012 that we would cross this mark by the end of 2013
HyTrust acquires HighCloud Security(Help Net Security) HyTrust has acquired HighCloud Security, a provider of cloud encryption and key management software. By combining HyTrust's administrative visibility and control with HighCloud's strengths in encryption and key management, the acquisition offers customers flexibility in addressing security, compliance and data privacy requirements in all cloud environments—private, public and hybrid
Trend Micro's Response to Bits of Freedom(Trend Micro Simply Security) Recently, Trend Micro received a request for information from Bits of Freedom that was sent to us and fourteen other security companies. Bits of Freedom asked four specific questions around our interactions with governments in regard to our detections of surveillance software
CIA Said to Pay AT&T for Customer Data in Terrorist Hunt(Bloomberg) The Central Intelligence Agency has negotiated contracts with AT&T (T) Inc. and other U.S. companies to mine their databases for records of communications, including financial transactions, of suspected terrorists overseas
CACI Supports DISA Info Sharing Program(Zacks) CACI International Inc (CACI - Analyst Report) announced that it had secured a $45 million order in first quarter fiscal 2014 to support Defense Information Systems Agency's (DISA) Multinational Information Sharing (MNIS) Program Management Office (PMO)
Booz Allen Hamilton STILL Looks Cheap(Seeking Alpha) One year after paying a $7.50 per share dividend, Booz Allen Hamilton Holdings (BAH) still looks cheap. The risks facing the company have increased, given the uncertainties still surrounding the federal debt and deficit and the sequester, but they appear to be manageable
Mikko Hypponen: How the NSA betrayed the world's trust(Help Net Security) Recent events have highlighted, underlined and bolded the fact that the United States is performing blanket surveillance on any foreigner whose data passes through an American entity — whether they are suspected of wrongdoing or not
Internet Bug Bounty Pays for Bugs in Core Technologies(Threatpost) A bounty program begun by a bevy of industry heavyweights, including Microsoft and Facebook, will pay good money to white hats, researchers and even aspiring young hackers who find bugs in any of a dozen technologies central to the vitality and trustworthiness of the Internet
Brivo Systems Achieves GSA Approved Products List Status(PRWeb) Brivo Systems LLC, leader in cloud applications for security management, today announced that as of October 30, 2013 its pre-cloud end-to-end physical access control system with high assurance readers and certificate path validation software has been approved as a fully-compliant FICAM solution by the General Services Administration
GFI MAX Mobile Device Management launched(Help Net Security) GFI MAX announced GFI MAX Mobile Device Management (MDM), a new offering for managed services providers looking to create new revenue opportunities as increasing numbers of employees use mobile devices in the office for work and personal activities
PCI Council Strengthens Security Standard(InformationWeek) Payment card industry's latest information security standard adds penetration testing, malware, authentication, physical security and other requirements
How to manage the deluge of information security threat reports(Search Security) You've no doubt noticed an increasing number of vendors, researchers, consultants and others issuing reports detailing information security threats, promising new insights about the latest attacks, vulnerabilities and exploits. While many are valuable, the sheer amount of available information can be difficult to manage and digest. More importantly, the information may not even be applicable to your company's environment
Whistleblower policy: Preventing insider information leak incidents(Search Security) Edward Snowden, now of universal fame (or infamy) due to his disclosure of U.S. National Security Agency classified information, has been charged with a number of crimes, including espionage. The case will prove to be a long and difficult one, and its adjudication, whatever the outcome, promises to be as complex as it is uncertain
Arming yourself with a cloud security checklist that covers your apps and data(Trend Micro Simply Security) In my last blog, I walked through the shared responsibility model for security in the cloud and the importance of host-based firewalls to both inbound and outbound communication; intrusion prevention capabilities to protect against vulnerabilities even before you patch; integrity monitoring to catch system changes; and anti-malware with web reputation to protect against viruses and malicious URLs
How to Spot a Twitter Spambot(Mashable) Twitter has spam issue. The social network's "follow anyone" model allows a steady influx of spammers to reach out to many people in a short amount of time, hoping at least one of them will click on a sketchy link
Design and Innovation
How Biz Stone's Biggest Mistake Spawned Twitter(TechCrunch) "The first, second, third company I went to work for, somehow I screwed them all up. Doing startups is all about making mistakes," Biz Stone nervously admitted onstage at the New Context Conference in San Francisco. He'd just confessed that he didn't prepare anything so will talk about his biggest screw-ups, including one that could earn him many millions of dollars when Twitter IPOs
Big Data is a Good Place for Hackers to Hide(Nextgov) As departments increasingly try parsing mammoth streams of Web activity to detect cyber threats, expect attackers to fight back by gaming the big data analytics, according to a new cybersecurity report by Georgia Tech researchers
Cyber security threats expanding, expert says(The Ranger) Cyber security is transitioning from small, local problems to global issues affecting nations, Arne Saustrup, senior manager of network and operations for the Alamo Colleges, said during a presentation "Network Security and the Alamo Colleges: Think Globally, Act Locally" Oct. 28 in the nursing complex
GCHQ — General Chit-chat, Hazy Questions?(Trend Micro Countermeasures) Yesterday's questioning of intelligence chiefs by Members of Parliament is a first in British history. The momentous occasion was preceded by anticipation that the three big authorities, MI5, MI6 and GCHQ, would offer an open and transparent account of the extent of their surveillance operations, in particular GCHQ
Snowden leaks damage Obama foreign–policy agenda(NBC News) The latest stream of revelations from former National Security Agency contractor Edward Snowden – that the United States has been spying on at least 35 foreign leaders – sparked a firestorm abroad and at home and have boxed in President Barack Obama, who finds himself struggling a year into his second term. They have damaged America's relationship with some of its closest allies more so than any foreign-policy decision Obama has made, analysts say
Al Gore: NSA spying 'unacceptable'(Politico) Former Vice President Al Gore slammed the National Security Agency tactics revealed by Edward Snowden as "outrageous" and "completely unacceptable" at a speaking event in Canada
The Folly of the Data Chase(Huffington Post) When I prepared to retire from the U.S. Army after 35 years of continuous service, there were a few people here and there "mentioning" my name as a potential candidate to lead the National Security Agency (NSA). I was the senior officer of the Signal Corps and I knew a thing or two about acquiring and handling sensitive information
Why the Government Should Help Leakers(Schneier on Security) In the Information Age, it's easier than ever to steal and publish data. Corporations and governments have to adjust to their secrets being exposed, regularly
Litigation, Investigation, and Law Enforcement
Snowden persuaded other NSA workers to give up passwords(Reuters) Former U.S. National Security Agency contractor Edward Snowden used login credentials and passwords provided unwittingly by colleagues at a spy base in Hawaii to access some of the classified material he leaked to the media, sources said
Silk Road reboots: for real, or just a honeypot?(Naked Security) Trusted old-timers from the original site are staffing the relaunched site, and now it's offering PGP encryption. Is the site a sticky trap for luring more drug aficionados or is it enough to save users from the fate that's befallen all those arrested in connection with the original site
FBI seeking "Loverspy" hacker who helped jealous lovers plant spyware(Naked Security) In yet another "don't open that e-birthday card" saga, 33-year-old Carlos Enrique Perez-Melara, now on the FBI's 10 most wanted cybercriminals list, allegedly sold malware that planted a keylogger, as well as remotely controlling a victim's computer and webcam
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
CyberInnovation Briefing(Baltimore, Maryland, USA, November 7, 2013) As cyber attacks plague critical infrastructure, financial institutions, and the federal government, liability and privacy remains a growing concern. With losses mounting and sensitive information being...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.