Hacktivists in Tunisia and Gaza publish Israelis' Facebook login credentials. Anonymous claims it succeeded in compromising Parliamentary Wi-Fi networks in the UK last week during the group's Million Mask March.
FireEye concludes that the recent cyber-espionage campaign exploiting an Internet Explorer zero-day vulnerability was the work of nation-state intent on compromising very specific targets. The security firm also perceives a link among eleven cyber campaigns hitherto believed unrelated: a "cyber arms dealer" that maintains and distributes malware attack kits. The nation-state and the dealer are unnamed, but in both cases signs point in the direction of China.
A London transit app is found to leak personal information. In Saudi Arabia, Android malware targets (or provokes) those in favor of women's right to drive. Over at the Mac Rumors forum, 860,000 users' passwords have been compromised.
Bitcoin capers, respectively embezzlement and hacking, affect exchanges in China and the Czech Republic. Some large losses are reported.
Patch Tuesday is reviewed. Facebook quarantines users incautious enough to reuse Adobe passwords on the social network. Microsoft, recognizing long-standing security issues, moves away from SHA-1 and RC4 algorithms.
Adequate cyber-threat information sharing remains elusive: automation and anonymization seem the big issues. Trend watchers mull the state of mobile and BYOD security. CISOs struggle toward a more dynamic approach to supply-chain security. Actuaries continue to grapple with cyber attack risk.
The North American power grid begins its major cyber exercise today.
Fresh allegations of NSA/GCHQ surveillance operations roil intra-alliance diplomacy. UK authorities plan prosecution of leakers.
Today's issue includes events affecting Australia, Brazil, China, Czech Republic, European Union, Germany, Israel, Japan, Palestinian Territories, Russia, Saudi Arabia, Tunisia, United Kingdom, United States..
The operations of a cyber arms dealer(Help Net Security) FireEye researchers have linked eleven distinct APT cyber espionage campaigns previously believed to be unrelated, leading them to believe that there is a shared operation that supplies and maintains malware tools and weapons used in them
Malicious multi–hop iframe campaign affects thousands of Web sites, leads to a cocktail of client-side exploits(Webroot Threat Blog) Sharing is caring. In this post, I'll put the spotlight on a currently circulating, massive -- thousands of sites affected -- malicious iframe campaign, that attempts to drop malicious software on the hosts of unaware Web site visitors through a cocktail of client-side exploits. The campaign, featuring a variety of evasive tactics making it harder to analyze, continues to efficiently pop up on thousands of legitimate Web sites. Ultimately hijacking the legitimate traffic hitting them and successfully undermining the confidentiality and integrity of the affected users' hosts
Web site of Brazilian 'Prefeitura Municipal de Jaqueira' compromised, leads to fake Adobe Flash player(Webroot Threat Blog) Our sensors just picked up an interesting Web site infection that's primarily targeting Brazilian users. It appears that the Web site of the Brazilian Jaqueira prefecture has been compromised, and is exposing users to a localized (to Portuguese) Web page enticing them into installing a malicious version of Adobe's Flash player. Not surprisingly, we've also managed to identify approximately 63 more Brazilian Web sites that are victims to the same infection
Adobe credentials and the serious insecurity of password hints(Troy Hunt) Adobe had a little issue the other day with the small matter of 150 million accounts being breached and released to the public. Whoops. So what are we talking about? A shed load of records containing an internal ID, username, email, encrypted password and a password hint. Naked Security did a very good write up on Adobe's giant-sized cryptographic blunder in terms of what they got wrong with their password storage so I won't try to replicate that, rather I'd like to take a look at the password hints
Bogus New Outlook Settings Lead to UPTRE Malware(Trend Micro Threat Encyclopedia) Email is the primary means for business and customer communications. As such, cybercriminals typically use spam email as an infection vector in order to infect system and consequently, penetrate an enterprise network
iPhones can be hacked while charging(USA Today via WTSP) Apple's iPhone has won praise over its resistance to hackers, but university researchers have revealed you can still be vulnerable
Mobile Threat Monday: London Transit App and Android Backup App Leak Personal Info(PC Magazine) In the name of design and usability (and sometimes security) the activities of most apps are hidden from the user. We have to trust that developers will keep our personal information safe and our data away from those who would steal it. But as Appthority shows in their analysis this week, that's not always the case
Android malware targets woman drivers in Saudi Arabia(Graham Cluley) Irfan AsrarIrfan Asrar is a security researcher focusing on threats targeting embedded and mobile devices. In this article he explores how hackers attempted to infect the Android devices of users protesting against a Saudi Arabian ban on women drivers
Rotech Healthcare Admits Data Breach(eSecurity Planet) A former employee only recently discovered that she had taken sensitive data with her by mistake when she left the company in 2010
British bank account data is under threat(Help Net Security) Bitdefender warns that 0.5 per cent of all spam sent worldwide is targeting customers of some of the most popular British financial institutions and services, including PayPal, Lloyds Banking Group, HSBC Holdings and Barclays Bank
MongoHQ data breach a cautionary tale for startups(Trend Micro Simply Security) In late October, database-as-a-service provider MongoHQ became the victim of a spear-phishing attack that resulted in spam issues and possible data theft for many of its clients, including social media scheduler Buffer and iPhone calendar application Sunrise. Hackers successfully exploited porous network security, obtaining credentials that happened to be shared between a personal employee account and an internal MongoHQ application
Malicious PDF Analysis Evasion Techniques(TrendLabs Security Intelligence Blog) In many exploit kits, malicious PDF files are some of the most common threats used to try to infect users with various malicious files. Naturally, security vendors invest in efforts to detect these files properly — and their creators invest in efforts to evade those vendors
A Study in Bots: Indonesian Bots(Cylance Technical Blog) In the past year or so, I have seen a large increase in scanning activity coming out of Indonesia. The scans are primarily for HTTP servers running vulnerable web applications, with a heavy focus on CMS applications like WordPress and Joomla
Obamacare Manager Missed Key Memo on Security Risks(Fiscal Times via Yahoo! News) One month before HealthCare.gov went live, a memo was circulated within the agency responsible for building it, revealing that the website central to Obamacare's implementation contained "limitless" security flaws that could lead to identity theft and breaches of consumers' health data
Security Patches, Mitigations, and Software Updates
Microsoft warns customers away from SHA-1 and RC4(Threatpost) The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors begin phasing the two out, and Microsoft on Tuesday said that is now recommending to developers that they deprecate RC4 and stop using the SHA-1 hash algorithm
Sharing cybersecurity data—while protecting privacy(FierceITSecurity) I am here at the annual conference of the Advanced Cyber Security Center, a non-profit consortium of New England-based industry, university and government organizations set up to encourage sharing of cyber threat information, as well as conduct cybersecurity research and development
The Impact of Social Media on Information Security(Cyveillance) Social media continues to presents challenges for security professionals as more platforms emerge and more employees and customers than ever interact with them every day. Data leakage via social media platforms and user-generated content websites can compromise customer data, intellectual property, and confidential business operations
Cyber crime: the latest big threat to insurers on the rise(Actuarial Post) The prophets of doom are doing a roaring trade. The latest subject of apocalyptic predictions for the western way of life is cyber security. It seems that everyone is interested in the contents of your computer systems, and increasingly, in damaging these systems to make your life and your business harder than it already is. The evidence from government and security services as well as numerous industry surveys and studies is that cyber risk is on the up. Many attempts have been made to estimate the cost of cyber crime to the global economy, with the result being an estimated impact of somewhere between $100bn and $1tn. Organisations need to act fast
Energy companies can't stop cyberattacks, expert says(Fuel Fix) Energy companies are on the front lines of the cyberthreats facing the nation, with all of them likely to be infiltrated by hackers no matter what precautions they take, an expert said during the API Cybersecurity Conference & Expo in Houston on Tuesday
Lockheed Martin Emerging As Dominant Player In Federal Cybersecurity Market(Forbes) Six years after President George W. Bush signed dual directives spawning a sustained increase in federal spending on cybersecurity, a clear leader has begun to emerge from the scores of tech companies that surged into the field. Lockheed Martin, the nation's biggest military contractor, has gradually consolidated its dominance in the government market for network defenses, and is moving to leverage its expertise in dealing with "advanced persistent threats" in the commercial world
Simplify SIEM With EventTracker 7.5(Yahoo! Finance) EventTracker, a leading provider of comprehensive SIEM solutions, announced today the general availability of the newest version of its flagship EventTracker SIEM solution
Adallom unveils SaaS enterprise security solution(Help Net Security) Adallom announced its complete security solution for SaaS applications, which delivers cloud-based security that audits all SaaS activities and provides real-time mitigation through user activity heuristics
Cryptography Research and Tiempo SAS Sign License Agreement for DPA Countermeasures(Wall Street Journal) Cryptography Research, Inc., a division of Rambus Inc. (NASDAQ:RMBS), and Tiempo SAS (Tiempo), experts in designing and qualifying secure smart card chips, today announced they have signed an architecture license agreement allowing for the use of Cryptography Research's patented security inventions in Tiempo's integrated circuits. By incorporating Cryptography Research's countermeasures onto their devices, Tiempo's products will be protected against differential power analysis (DPA) and related side channel attacks
Simulated attack on the US power grid planned for Wednesday – Thursday(Kurzweil Accelerating Intelligence) The North American Electric Reliability Corporation (NERC) is quietly planning to launch a simulated attack on the U.S. power grid on Wednesday and Thursday (Nov. 13-14) called GridEx II, according to an unpublished document obtained by KurzweilAI from NERC
Internet Security Alliance to propose beta testing cybersecurity framework(FedScoop) The Internet Security Alliance is calling on the Obama administration to take a lesson from the botched rollout of the federal health care website and establish a "beta-testing phase" for the voluntary cybersecurity framework currently under development by the National Institute of Standards and Technology
The ultimate guide to MDM in the Middle East(ComputerWorld) "Remember when IT planned corporate-wide end-user technology roll-outs? Distributing company-owned, IT-managed devices was a very controlled process. Employees had to get IT approval to use an unauthorised device, even if it was useful and increased productivity. IT was the gatekeeper of everything enterprise and it ruled the network with a combination of strict policies, purpose-built technologies, and a fully contained ecosystem. Those days are long gone"
Orange Fab Accelerator Opens In France, Plans More Around The World(TechCrunch) Telecommunication giant Orange unveiled its plan for its startup accelerator named Orange Fab. In addition to announcing that the program is now taking applications for French startups, the company said that it just opened another branch of its accelerator in Japan, and will open another one in Poland in the first half of 2014. Back in March, Orange Fab first launched its accelerator program in
Students protest NSA session(The Poly Post) A group of students protested the National Security Agency's presence on campus on Wednesday afternoon in the Bronco Student Center by recording an information session on their phones while wearing black tape over their mouths
China to Revamp Security Amid Threats at Home and Abroad(Voice of America) China will set up a new "state security committee'' as it seeks to tackle growing social unrest and unify the powers of a disparate security apparatus in the face of growing challenges at home and abroad, the government said on Tuesday
Spying Scandal Alters U.S. Ties with Allies and Raises Talk of Policy Shift(New York Times) Just as European and American negotiators resumed work on a groundbreaking trade accord meant to tie their two continents closer together, René Obermann, the chief executive of Deutsche Telekom, the German telecommunications giant, told a cybersecurity conference in Germany on Monday that his company was working to keep electronic message traffic from "unnecessarily" crossing the Atlantic, where it could fall into the hands of the National Security Agency
Contentious issues loom over upcoming defense bill(CBS News) The Senate has a full plate of legislation Majority Leader Harry Reid, D-Nev., hopes to get through before lawmakers head home for Thanksgiving. Of those issues, the National Defense Authorization Act will take up plenty of the body's time and energy as it encompasses a host of broader issues, from military sexual assault to National Security Agency surveillance to spending
After 30 Years of Silence, the Original NSA Whistleblower Looks Back(Gawker) Four decades ago, Perry Fellwock became the NSA's first whistleblower, going to the press to explain the spy agency's immense scope and mission to a public that had barely been allowed to know such an organization existed. His revelations in the radical magazine Ramparts were picked up by the front page of the New York Times. He went on to be a key player in the turbulent anti-surveillance movement of the 1970s, partnering with Norman Mailer and becoming the target of CIA propaganda. But today he's a semi-retired antiques dealer living in Long Island
UK pursuing criminal investigation into NSA leaks(AP via WTSP) A senior British police official says her force is pursuing a criminal investigation following the leak of classified material on U.K. and American intelligence-gathering techniques to the Guardian newspaper
Business, IT, and the Law: 10 Common Mistakes(O'Hanlon and O'Dowd, Solicitors) 10 Random and absolutely unnecessary things we find clients tend to do when it comes to Computers. This is a shortened version of a Lecture to UCC MBA Class on the 25th October 2013
10 Year Prison Term Sought for Anonymous Hacktivist Jeremy Hammond(Wired) Anonymous hacktivist Jeremy Hammond should receive the maximum 10 year prison term for defacing law enforcement and corporate websites and stealing 200 gigabytes of email and 60,000 credit card numbers from a private intelligence firm, prosecutors argued in a court
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.