Cyber-rioting flares up across South Asia and Oceania. An incipient clash between patriotic hacktivists of Australia and Indonesia bears watching: Anonymous Indonesia gets in the first punch with an alleged hack of the Australian Secret Intelligence Service's public website. The Syrian Electronic Army hits a site that posted a list of alleged SEA members.
Der Spiegel reports that Britain's GCHQ used LinkedIn and other social media to engineer intrusion into Belgacom. The operation allegedly extended to other Global Roaming Exchange (GRX) providers.
The European Union mulls what recent compromise of Finland's diplomatic traffic might mean for the EU (either Russia or China are suspected).
A new Internet Explorer zero-day, this one a memory-resident exploit distributed by watering hole, is found in the wild. (The "Deputy Dog Gang" is implicated.) Microsoft is expected to patch this vulnerability sometime today.
Google Drive is being used for malicious redirects. Smartphone cameras and microphones can be exploited to reveal PINs.
FireEye sees a common hand behind several apparently unrelated APT campaigns (and that hand writes a lot of dialogues and menu options in Chinese).
Eugene Kaspersky makes flesh creep in Melbourne with lurid Stuxnet yarns.
A study finding how much malware goes undisclosed (often because of executive shame) highlights the value of anonymous reporting.
Corporate data collection receives hostile scrutiny. Deutsche Telekom announces the coming launch of secure business email services.
Three cyber exercises get coverage this week: a NATO cyberwar game, Britain's financial sector test, and the North American power grid's cyber exercise.
Today's issue includes events affecting Australia, Belgium, Brazil, Cambodia, Canada, China, Estonia, European Union, Finland, Germany, India, Indonesia, Italy, Japan, Pakistan, Palestinian Territories, Philippines, Russia, Singapore, Syria, Thailand, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
BLOG: Anonymous targeting Asian government sites(ComputerWorld) Guy Fawkes Day was November 5th, and a variety of loosely affiliated movements from Occupy to Anonymous joined to commemorate the day with a Million Mask March. However, it seems that Anonymous or at least Anonymous affiliated hackers in Asia decided to get an early start on the festivities with a variety of attacks against government websites in Australia, Singapore, and the Philippines
ASIS website attacked by Indonesian hackers(Sydney Morning Herald) Indonesian hackers have crashed the website of Australian intelligence agency ASIS, according to hackers and cyber experts, dramatically stepping up the revenge attacks in response to the spying affair
Palestinian Broadcasting Corporation Website Hacked, Left with Bible Verses(HackRead) The official website of Palestinian Broadcasting Corporation (PBS) has been hacked and defaced by a hacker going with the handle of gOx. The website of PBC was hacked on 1st November, left with a deface page along with a Verse of Bible. The deface message was expressed in following words: John 3:16
BMPoC Hacking Group Hacks and Defaces 21 Brazilian Military Domains(HackRead) The hackers behind NASA hack from BMPoC hacking group have now hacked and defaced total 21 sub-domains of Brazilian Military. The domains are hacked by Baader Meinhof hacker from BMPoC hacking group who left a deface page along with a message on all hacked military domains
GCHQ Used Fake LinkedIn Pages to Target Engineers(Spiegel OnLine) Elite GCHQ teams targeted employees of mobile communications companies and billing companies to gain access to their company networks. The spies used fake copies of LinkedIn profiles as one of their tools
How GCHQ hacked Belgacom(InfoSecurity Magazine) In September Der Spiegel published details from Snowden leaks indicating that GCHQ had been behind the hacking of Belgian telcommunications company Belgacom, in an operation codenamed Op Socialist. On Friday it published further details indicating how the breach had been effected
DeputyDog Gang Exploits a New IE Zero-Day Vulnerability with an AVT(InfoSecurity Magazine) Security researchers reported Friday that a zero-day Internet Explorer vulnerability was being exploited as a drive-by attack from a breached website based in the US. By Sunday the researchers had analyzed the payload and tied it to the Operation DeputyDog gang
Popular French torrent portal tricks users into installing the BubbleDock/Downware/DownloadWare PUA (Potentially Unwanted Application)(Webroot Threat Blog) A typical campaign attempting to trick users into installing Potentially Unwanted Software (PUA), would usually consist of a single social engineering vector, which on the majority of cases would represent something in the lines of a catchy "Play Now/Missing Video Plugin" type of advertisement. Not the one we'll discuss in this blog post. Relying on deceptive "visual social engineering" practices, a popular French torrent portal is knowingly — the actual directory structure explicitly says /fakeplayer — enticing users into installing the BubbleDock/Downware/DownloadWare PUA. What kind of social engineering tactics is the portal relying on
Interview: Hacker OPSEC with The Grugq(Blogs of War) The Grugq is an world renowned information security researcher with 15 years of industry experience. Grugq started his career at a Fortune 100 company, before transitioning to @stake, where he was forced to resign for publishing a Phrack article on anti-forensics…The Grugq's research has always been heavily biased towards counterintelligence aspects of information security…Currently an independent researcher, the grugq is actively engaged in exploring the intersection of traditional tradecraft and the hacker skillset, learning the techniques that covert organisations use to operate clandestinely and applying them to the Internet
Stuxnet infected Russian nuclear plant(SC Magazine) Stuxnet had 'badly infected' the internal network of a Russian nuclear plant after the sophisticated malware caused chaos in Iran's uranium facilities in Natanz
Android Malware Continues March Toward Commoditization: F–Secure(SecurityWeek) F-Secure Labs announced that it discovered 259 new mobile threat families and variants of existing families in the third quarter of 2013, according to the new Mobile Threat Report for July-September 2013. Two hundred fifty two of these were Android threats and the remaining seven were Symbian. The number is an increase from the 205 threat families and variants found in the second quarter
Rapid7 Outlines SAP Attack Vectors for Pen Testers(SecurityWeek) Just recently, reports of a banking Trojan modified to look for SAP GUI (graphical user interface) installations reignited discussion about vulnerabilities impacting SAP ERP (enterprise resource planning) systems
Data Breach Roundup: October 2013(eSecurity Planet) Data loss related to theft and loss is on the rise, says security expert Ryan Kalember, thanks to the huge popularity of smartphones and tablets
Has the cyber war begun?(The Star) Anonymous hackers have declared war on Singapore with a pledge to hit at official infrastructure. This has left Singaporeans with a sense of foreboding about what is to come
Bitcoin wallet service hacked, 4,100 Bitcoins stolen(Help Net Security) A daring hack and heist targeting online Bitcoin wallet service Inputs.io has resulted in the theft of 4,100 Bitcoins (currently over $1.3 million) and has left some of the users extremely disgruntled
Selfish Miners Could Exploit P2P Nature of Bitcoin Network(Threatpost) While researchers and academics are just at the beginning of the process of trying to judge the value of a recent paper on a vulnerability in the Bitcoin protocol, some are arguing that there is a smaller point that's being missed in all of the back and forth: There is a problem with the peer-to-peer
Security Patches, Mitigations, and Software Updates
MS13–090 will address Zero–Day delivering diskless malware(CSO) On Monday, Microsoft promised a patch for the Zero-Day flaw in Internet Explorer disclosed by researchers at FireEye last Friday, which is being used to deliver diskless malware. As it turns out, FireEye disclosed a rare vulnerability in Internet Explorer. Rare as in Microsoft already knew about it, and was planning to patch it
OpenSSH fixes potential remote code execution hole(Naked Security) Potential remote code execution bugs in OpenSSH, probably the most widely-used remote access security system on the internet, are the stuff of nightmares for system administrators. Paul Ducklin takes a look at the bug and the patch
Malware analysts regularly investigate undisclosed data breaches(Help Net Security) ThreatTrack Security published a study that reveals mounting cybersecurity challenges within U.S. enterprises. Nearly 6 in 10 malware analysts reported they have investigated or addressed a data breach that was never disclosed by their company
From phishing to adult content, many CEOs benefit from analyst cover–ups(FierceCIO) Call it one of IT's dirty little secrets. One of the biggest threats to security in most organizations is the behavior of senior executives, a new study by ThreatTrack Security reveals. The sins include installing malicious applications, allowing family members to use corporate devices and surfing for adult content. And in a majority of cases, the incidents go unreported
Why cybercriminals want your personal data(Help Net Security) Over the past few years, the personal data theft landscape has changed as online behaviors and activities evolve. Online shopping is more popular than ever, businesses are storing sensitive information in the cloud and 16 minutes out of every hour spent online is spent on a social network
1 in 5 employees succumb to phishing emails, says new study(FierceCIO:TechWatch) According to a recent study by security training firm ThreatSim, an average of 18 percent of messages in a phishing campaign succeed in tricking recipients into clicking on a malicious link. One extremely successful campaign, according to ThreatSim, induced a staggering 72 percent of users to click on a link
For the sake of privacy it's time to ditch the expression "Mass Surveillance"(Privacy Surgeon) For more than forty years privacy scholars have made a core distinction between targeted surveillance (directed at individuals and small groups) and mass surveillance (directed against large populations). Experts agreed that the world was moving toward an era of mass surveillance in which there was a reversal of the onus of proof, turning entire nations into suspects
Who is to blame for hacker-phobia?(Naked Security) With phone hacking and NSA leaks making the front pages, cyber security is getting more attention from the mass media than ever before. But is the public becoming more informed — or misinformed
Cybersecurity Threats Are Rising — EY(Forbes) Cyber security has moved from operations to a concern of the C-suite and the board, EY (formerly known as Ernst & Young before getting carried away with hip rebranding), the consultancy, has found in its work across industries
Another NSA strike against USA tech biz(ComputerWorld) In July, I wrote a blog post quoting a CSA (Cloud Security Alliance) survey which found that 10% of 207 officials at non-US companies have canceled contracts with US service providers following the revelation of the NSA spy program in June
Retailers go all TSA, NSA on shoppers to get more data(FierceBigData) It's no secret that retailers are using cameras to track how long customers look at specific merchandise and in-store displays and signage. It's also widely known that some retailers track shopper behavior in-store via shoppers' cell phones. Shoppers do not take kindly to such spying but they are doubly upset with the emerging practice of retailers studying their person and not just their shopping behaviors
Panda Security Answer to Bits of Freedom Open Letter(PandaLabs) Bits of Freedom is an international coalition of civil rights organizations and security experts who has recently published an open letter where they ask antivirus companies for transparency and ask 4 direct questions. To address their concern, which we believe is also shared by many citizens, we want to answer this questions here
Trustwave acquires Application Security, Inc.(Help Net Security) Trustwave announced the acquisition of data security provider Application Security, Inc. The company's automated database security scanning technologies strengthen Trustwave's ability to help organizations protect data, reduce security risks and achieve compliance with mandates and regulations
Symantec shares fall; top exec departing(MarketWatch) Shares of Symantec Corp. SYMC -3.79% fell sharply Tuesday morning, a day after it annoucned that Francis deSouza, the firm's president of products and services, is leaving the security software systems company
With Blackberry's Future Uncertain, Pentagon Readies a Contingency Plan(Nextgov) The Defense Department, owner of 470,000 BlackBerrys, is distancing itself from the struggling vendor while moving ahead with construction of a departmentwide app store and a system for securing all mobile devices, including the latest iPhones, iPads, and Samsung smartphones and tablets
DBT–Data Repurchases Virginia Site From Harris(Data Center Knowledge) Data center developer DBT-DATA has repurchased a data center in Harrisonburg, Virginia that it sold to IT contractor Harris Corp. in 2010, and has apparently gotten a bargain in the process. The acquisition of the Cyber Integration Center provides DBT-DATA with an operational high-security data center that has been optimized for government IT outsourcing
Procera Courts More Policy Partners(Light Reading) The deep packet inspection (DPI) specialist Procera Networks added another partner to its growing roster Monday. It has teamed up with Avvasi to blend quality of experience (QoE) management with network analytics
Android KitKat Blocks Rootkits, But At What Cost?(PC Magazine) Google has beefed up security in Android 4.4, KitKat to block malware from taking over user devices, but some of these changes may pose challenges for users who like to take control of their own security destiny
Google to allow only Windows Chrome extensions from official Web Store(FierceCIO:TechWatch) Starting in January, users of the Chrome browser on Windows will no longer be able to load extensions from sources other than the official Chrome Web Store. The move was made in order to protect Windows users, wrote Erik Kay, the tech lead for Google Chrome extensions and apps in a blog entry yesterday
App permissions exposed with Clueful Privacy Advisor(Android Authority) App permissions are very important in the world of Android. They tell you what your applications are doing and what they need from you in order to function. For instance, an SMS app needs permission to access your SMS messages in order to function. An app by Bitdefender Antivirus called Clueful Privacy Advisor that'll help you learn about permissions and which apps use which permissions
Group to test power grid preparedness(Foster's Daily Herald) Will you be ready if the world goes dark? Power companies throughout the United States and Canada will be put to the test this week by participating in a mock power emergency scenario
IETF to improve the security of Internet protocols(Help Net Security) Internet security has been a focus this week for the more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF)
Cloud data security outside the vacuum: Find 'acceptable' levels of risk(Search Security) Even a suggestion of security problems is enough to scuttle a cloud project and discredit the whole cloud planning process — and the planners. To avoid this, enterprises must start with a relativistic view of security, focus on managing new risks and understand the notion of "acceptable" levels of risk
How big data can make the Internet safer(FierceBigData) The word "big" in front of the word "data" rarely conjures a strong mental image in the way "big" would before the words hair, boss or league. So it's understandable that most people can't fathom data so big that it is comparable to all the content on the Internet. It's even harder to wrap minds around the fact that one day in the not so distant future big data tools will be able to churn and analyze all of the content on the Internet--possibly without ever moving it from where it sits. And when that happens, the Internet itself should become a much safer place
IT Culture of Caution in Governments Crucial for Security(FutureGov) Cyber security attacks are evolving to get more sophisticated and targeted. Currently, 250,000 malware alerts are created a day and 30,000 websites are compromised a day, globally, according to Sophos Labs. Targeted cyber attacks looking to steal personal identity information (PII) are on the rise as criminals target employees as their gateway to the organisation
The 80–20 Rule of Cyber Security(FutureGov) 80 per cent of cyber attacks are opportunistic threats which can be tackled by cyber hygiene and best practices, according to Arnold Shimo, Chief Technologist, Innovation and Technology Centers at Lockheed Martin. The remaining 20 per cent, however, consists of Advanced Persistent Threats (APTs) - unknown, predetermined, intentional and well-equipped attacks that anti-viruses cannot mitigate
Don't forget forgotten passwords(SC Magazine) Highly publicized breaches of password systems are bringing attention to the need for better authentication. Many online sites, including Google, Facebook and Twitter, have responded by implementing some form of multifactor authentication (MFA), where in addition to a password, authentication requires an additional factor. The second factor can be anything from a hardware token to an email message to an SMS sent to a phone
Estonian Startup Plumbr Raises $1M To Make Memory Leaks A Thing Of The Past(TechCrunch) Chalk this up as another Estonian startup to watch. Founded in late 2011 off the back of a PhD research project, Plumbr has developed a memory optimising tool that it claims can predict and avoid software failures. It already boasts paying customers such as HBO, Dell, NATO, TeliaSonera, and Ericsson
Italy pledges to improve data privacy protection(Missoulian) The Italian government says it is taking steps to better protect the privacy of its citizens' data in the wake of revelations about the U.S. National Security Agency's surveillance work
European NSA is not a solution(Help Net Security) The European Parliament should use its powers to reconsider EU-US data transfer deals and push for the creation of a European privacy cloud, EU-level protection for whistleblowers and a strong judicial authorisation of surveillance activities, data protection and intelligence experts told MEPs at the eighth Civil Liberties Committee hearing on surveillance of EU citizens. Creating a European Intelligence Service is not a solution, they added
Intelligence rebuff poses political dilemma for White House(Financial Times) US intelligence officials are mounting a strong internal defence of some of their most controversial electronic surveillance programmes, creating a political dilemma for the White House as it tries to dampen the furore over the National Security Agency
Is Edward Snowden a hero?(Globe and Mail) Earlier this week, Britain's spy chiefs testified before Parliament. American intelligence contractor turned leaker Edward Snowden, they told MPs, has undermined the security of the United States, the United Kingdom and their allies. Iain Lobban, head of the eavesdropping agency GCHQ, said that some of his organization targets now engage in "near-daily discussion" of Mr. Snowden's revelations. "Our adversaries are rubbing their hands in glee," said John Sawers, who heads Britain's foreign spy agency MI6. "Al-Qaeda is lapping it up"
National Security Whistleblowers Could Win New Protections(Government Executive) One of the many government responses to this summer's leaks from fugitive National Security Agency contractor Edward Snowden could be a new set of tools to allow defense and intelligence agency whistleblowers to make controversial disclosures through official channels
Congress considers Senate confirmation for NSA chief(CBS News) The Senate Intelligence Committee last week advanced a plan to make the next National Security Agency chief subject to Senate confirmation, a move designed to increase transparency and accountability within the NSA in the wake of the Edward Snowden leaks
GOP lawmaker: Europe can help curb NSA(The Hill) Rep. James Sensenbrenner Jr. (R-Wis.) on Monday asked the European Parliament to work with the United States on finding a balance between liberty and security
Kerry: Obama didn't order all NSA spying(KFOXTV) Secretary of State John Kerry says his counterparts in other nations know President Barack Obama didn't order up all the snooping that the National Security Agency conducted abroad
Feinstein NSA bill competes with Freedom Act(Digital Journal) Although Congress members have introduced almost 30 different bills to reform and restrict National Security Agency spying, there are two bills that have the most momentum
Other Views: Time to get serious over U.S. spying(Sheboygan Press) The Obama administration and some members of Congress appear to have been taken aback by the reaction of foreign leaders who apparently learned recently that the United States has been monitoring their private phone communications
US spooks playing into Russia and China's hands(Dawn) NO wonder Vladimir Putin and Xi Jinping are smiling: they are closer than they have ever been to mastering who is saying and doing what online. They and other authoritarian leaders are watching with glee as US intelligence agencies destroy what is left of the original utopian vision of a cyberspace free of government control
House Committee Concerned Over Obamacare Cyber Security Deficiencies?(Albany Tribune) The House of Representatives' GOP-led Homeland Security Committee will hold a hearing on Wednesday, Nov. 13, 2013, in order to thoroughly examine the cyber security deficiencies of President Barack Obama's healthcare web site, the committee's chairman, Michael McCaul, R-Texas, announced on Friday
Have Heads Begun to Roll Over Obamacare Imbroglio?(IEEE Spectrum) Wednesday morning, as U.S. Health and Human Services (HHS) Secretary Kathleen Sebelius testified about the ongoing problems with healthcare.gov at a Senate Finance Committee hearing, the first head rolled as a result of the Obamacare website debacle
FTC wading into 'Internet of things'(Politico) As an array of everyday objects such as thermostats, toasters and even sneakers gets connected to the Internet, the FTC is taking a first stab at examining this vast and emerging area of technology, sparking concern from trade groups that fear regulation could harm innovation
Data Spying & Data Complying(Big Data Republic) The changing landscape and widening of legal powers requires a different approach to risk and compliance for global businesses to ensure that it is complying with its obligations both locally and internationally. This article examines the issues and practical implications of achieving compliance with privacy laws where the lines between borders are becoming increasingly blurred
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.