The AXA Loyaltybuild cyber crimewave (Ireland's the epicenter, but it's spread through Europe) now affects some 500,000 consumers.
Facebook works to keep itself free of collateral damage from the Adobe attack, and (predictably) spoofed Facebook password-reset emails are serving malware.
In the US, coverage of Healthcare.gov's rollout has concentrated on what might be called the network's self-jamming features. But reports now appear of potential security and privacy issues in the system. (Paradoxically Healthcare.gov seems to be suffering an unusually low level of cyber attacks, although disclosure is, as always and everywhere, spotty and unsystematic.)
CryptoLocker vector Upatre seems to be filling Blackhole's vacated niche in the criminal ecosystem. In more evidence that every feature of legitimate markets eventually appears in criminal markets, CryptoLocker's masters stand up a customer support site.
Other criminals combine Zeus and Sinowal Trojans in a suite designed to evade defensive software.
Complex systems exhibit complex vulnerabilities: see BIOS attacks and attack surfaces presented by the small, usually overlooked operating systems contolling parts of smartphones.
Complex IT procurement rules remain an unsolved problem for governments. Attack intelligence sharing remains an unsolved problem for everyone.
CIO tells us which "hot security start-ups to watch." Cisco's bad quarterly results prompt serious reflection on headwinds government surveillance has apparently imposed on US companies. Customers may shift to Chinese firms, but absent better supply-chain security, this hardly seems a promising solution.
The North American power-grid cyber exercise continues. Walking Shark 2 concludes, and preliminary reactions to the UK financial wargame appear.
Today's issue includes events affecting Australia, China, Ecuador, Ireland, Japan, Republic of Korea, Malaysia, Philippines, United Kingdom, United States..
Fake Facebook password request email carries malware(Help Net Security) Not ones to miss an opportunity, malware peddlers are piggybacking on the fact that Facebook is blocking the accounts of certain users and demanding they change their passwords in the wake of the Adobe
Obamacare Website Targeted About 16 Times by Cyber Attacks(ABC News via Yahoo! News) The troubled Affordable Care Act website has been subject to "a handful" of hacking attempts, including at least one intended to bring the site down, a Department of Homeland Security official told lawmakers today. But considering that some federal websites get hundreds of cyber-assaults each day, the approximately 16 reported attacks on healthcare.gov is a surprisingly small number, experts said
Data Privacy Scare On HealthCare.gov(Dark Reading) Had you asked me last week whether the situation for the federal government's embattled insurance marketplace website, HealthCare.gov, could get any worse, I probably would have said, "I don't see how." Today, I'm not so sure
Examining The Security Implications of Healthcare.gov(SecurityWeek) After hearing about all the technical issues with Healthcare.gov, I started to think about the security implications of these sites and, with some light investigation, concluded that there's more than functionality and availability that's ailing Healthcare.gov. There's significant potential for compromise
Filling the Blackhole Void(Industrial Safety and Security Source) Ever since police arrested the person they feel is responsible for Blackhole, there has been a significant reduction in spam campaigns using the exploit kit, creating a vacuum in the spam-sending world
Unusual BHEK-Like Spam With Attachment Found(TrendLabs Security Intelligence Blog) Soon after Paunch was arrested, we found that the flow of spam campaigns going to sites with the Blackhole Exploit Kit (BHEK) had slowed down considerably. Instead, we saw an increase in messages with a malicious attachment. Recently, however, we came across rather unusual spam samples that combines characteristics of both attacks
Sinowal and Zbot Trojan collaborate in new attack(Help Net Security) Trend Micro researchers have recently come across an interesting example of malware collaboration involving the Zeus banking Trojan and a new variant of the password-stealing Sinowal Trojan
Linux Back Door Uses Covert Communication Protocol(Symantec) In May of this year, sophisticated attackers breached a large Internet hosting provider and gained access to internal administrative systems. The attackers appear to have been after customer record information such as usernames, emails, and passwords…The attackers understood the target environment was generally well protected. In particular, the attackers needed a means to avoid suspicious network traffic or installed files, which may have triggered a security review. Demonstrating sophistication, the attackers devised their own stealthy Linux back door to camouflage itself within the Secure Shell (SSH) and other server processes
The secret second operating system that could make every mobile phone insecure(ExtremeTech) When we talk about computers — PCs, smartphones, cars — we generally assume that there's just one operating system: A single, monolithic piece of software that manages each individual piece of hardware, from the CPU to the USB controller to the wireless connectivity…In actual fact, unbeknownst to the user, almost every computer has multiple operating systems running at the same time, managing various different parts of the computer — and worryingly, these OSes are usually proprietary, closed-source, bug–ridden, and have extensive, low–level access to your data
Crackers crack Cracked with exploit kit(SC Magazine) Hughely popular site Cracked.com among the 300 most visited in the US was hacked and hosted the Nuclear Pack exploit kit. Barracuda Labs research scientist Daniel Peck said Cracked.com served the attack kit from possibly last week until Monday
Infosec forum hacked, foists malware via IE zero–day(SC Magazine) An infosec forum was hacked and implanted with malware that hit users with drive-by attacks via a Internet Explorer zero-day. FireEye senior malware researcher Ned Moran said evidence suggested the attackers were likely those behind the 'Operation DeputyDog' attacks in August
Google Drive Phishing(Internet Storm Center) In the past we have seen malware being delivered via Google Docs. You would receive an email stating that a document had been shared and when you clicked the link bad things would start to happen. In recent weeks the same approach has increasingly been used to Phish. You would receive an email along these lines
Security Patches, Mitigations, and Software Updates
Microsoft leads the way, setting new cryptographic defaults(Naked Security) Microsoft is upping its game with regards to cryptographic standards. By discontinuing support for the older, weak RC4 cipher and putting Certificate Authorities on note to migrate to SHA-2, it seems to be leading the way to be ready for the future, rather than reacting
Server Innovation Moves Slowly(InformationWeek) Companies may be planning big data and Internet of things strategies, but they aren't buying the next-gen hardware to support them
Attackers circumvent security through app store, hardware(FierceMobileIT) Although enterprises utilize a variety of security techniques, such as compartmentalizing trusted apps and containerizing sensitive data to create sterile enterprise mobile environments, attackers are finding success infiltrating the most mundane mobile activities
UK consumers demand to be told of all data breaches(Help Net Security) The UK public wants to be informed whenever an organization suffers a data breach, and that more needs to be done to punish companies that lose sensitive information, according to LogRhythm
Merchants showing payment security awareness(Help Net Security) ControlScan and Merchant Warehouse have jointly released the results of their survey of Level 4 merchants' awareness, sentiment and progress toward securing cardholder data in compliance with PCI standards
We're All The APT(Dark Reading) Despite the original, long-lost, but well-intentioned meaning of the security industry's favorite acronym, lines have become blurred to the extent that "APT" can now be so broadly applied by our adversaries to describe, well, us. Although this makes the term even more useless in conversations intended to characterize the specifics of an attack, it has been something I've argued for quite some time now and was my initial thought when news of Edward Snowden's escapades (and, specifically, XKeyscore, FoxAcid, et al.) broke
12 Hot Security Startups to Watch(CIO) Going into 2014, a whirlwind of security start-ups are looking to have an impact on the enterprise world. Most of these new ventures are focused on securing data in the cloud and on mobile devices
Cisco's disastrous quarter shows how NSA spying could freeze US companies out of a trillion–dollar opportunity(Quartz) Cisco announced two important things in today's earnings report: The first is that the company is aggressively moving into the Internet of Things—the effort to connect just about every object on earth to the internet—by rolling out new technologies. The second is that Cisco has seen a huge drop-off in demand for its hardware in emerging markets, which the company blames on fears about the NSA using American hardware to spy on the rest of the world
IBM to acquire Fiberlink Communications(Help Net Security) IBM announced a definitive agreement to acquire Fiberlink Communications, a mobile management and security company. Financial terms were not disclosed. With Fiberlink's MaaS360 cloud-based offering
Juniper Taps Former Verizon CTO As Its New CEO(CRN) Juniper Networks (NSDQ:JNPR) Tuesday appointed Shaygan Kheradpir, former CTO and CIO of telecommunications giant Verizon Communications (NYSE:VZ), as its new CEO and a member of the company's board of directors effective Jan. 1, 2014
Free mobile security scanning apps and SDK(Help Net Security) iScan Online announced an updated and enhanced suite of security scanning services. iScan Online Mobile for iOS - This app provides security scanning for iPhone and iPad smartphones and tablets
anasonic Video Surveillance Technologies Achieve DIACAP Precertification(Sys-Con) Panasonic System Communications Company of North America, a leading provider of integrated security and surveillance solutions, today announced that a range of its video surveillance technologies have been pre-certified as compliant with the security and risk management requirements of the United States Department of Defense (DoD)
New secure USB Flash drive from Kingston Digital(Help Net Security) Kingston released the DataTraveler Vault Privacy 3.0 (DTVP) secure USB Flash drive, as well as the DataTraveler Vault Privacy 3.0 Anti-Virus, which helps enterprises safeguard business data and set security policies for end-users
Microsoft Opens High Tech Cybercrime Center(SecurityWeek) Microsoft said Thursday it has opened a new cybercrime center that combines Microsoft's legal and technical expertise along with cutting-edge tools and technology and cross-industry expertise, to combat cyber crime
Did Waking Shark Test the Right Areas of Banking Security?(InfoSecurity Magazine) On the very day that the City of London ran operation Waking Shark II, researchers published an analysis of known bank security incidents or vulnerabilities since 2000. If Waking Shark was designed to test the cyber-readiness of the banking sector, this new analysis suggests it might not be enough
Can application security products really be 'self–defending?'(Search Security) I've read a lot recently about "self-defending" application security products -- those that can be integrated into an enterprise application to ward off application hacks, subversion and piracy. How do these products work? Do they really do anything new
Cloud Security Alliance Announces Software Defined Perimeter (SDP) Initiative(BWW) The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today announced the launch of the Software Defined Perimeter (SDP) Initiative, a project to develop an architecture for creating highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks
Avoiding fallout from Google's blacklist(Help Net Security) Small businesses remain prime targets for cybercrime. For small businesses, particularly entering the holiday season, the fallout from an attack is significant: hacked websites' traffic slows to a crawl
10 mistakes companies make after a data breach(CSO) In a recent presentation for The International Association of Privacy Professionals (IAPP) Privacy Academy, Michael Bruemmer of Experian Data Breach Resolution outlined some the common mistakes his firm has seen as organizations deal with the aftermath of a breach
$45M Hack Holds Lessons to Prevent Prepaid Card Fraud(Storefront Backtalk) Hackers have developed sophisticated schemes to funnel money from banks and payment processors into their own pockets. The more processors know about their tactics, the more they can prevent these heists in the future
Setting up Honeypots(Internet Storm Center) Most if not all of the handlers run honeypots, sinkholes, SPAM traps, etc in various locations around the planet. As many of you are aware they are a nice tool to see what is going on on the Internet at a specific time. Setting up a new server the other day it was interesting to see how fast it was touched by evilness. Initially it wasn't even intended as a honeypot, but it soon turned into one when "interesting" traffic started turning up. Now of course mixing business (servers original intended use) and pleasure (honeypot) aren't a good thing, so honeypot it is
Capco Debuts Innovation Lab(American Banker) Global business and technology consultancy firm Capco has launched a high-tech digital lab that aims to provide financial service clients with a place to develop new financial products and services
Malaysia capable of tackling cyber attack: Minister(Press TV) Malaysia has the expertise needed to protect the systems of administration and other main institutions from any possible cyber attacks, Communications and Multimedia Minister Datuk Seri Ahmad Shabery Cheek says
Senate Debates Surveillance Transparency Act of 2013(Threatpost) Senator Al Franken presided over a hearing today in which lawmakers and technology experts discussed the National Security Administration's surveillance practices, examining a proposed bill that would require that the U.S. spy agency carry out its operations in a more transparent fashion
Obama aides: Transparency plans could harm security(Politico) Obama administration officials warned senators Wednesday that some of the legislative proposals to bring more official transparency to previously secret surveillance programs could undermine national security and divert crucial intelligence resources
Cybersecurity Legislation Gets Push From Financial Firms(Wall Street Journal) Top financial-industry lobbyists pressed Senators to move forward with cybersecurity legislation, part of an effort to re-energize a campaign that has lost steam amid revelations about the National Security Agency's extensive domestic surveillance
Opinion: Merkel and National Security(Albion Pleiad) As every single one of us should be aware, the National Security Agency (NSA) has increased its phone-tapping and internet supervision with guns a-blazing since 2001
How Did Snowden Do It?(Dark Reading) Experts piece together clues to paint possible scenarios for how the NSA contractor accessed, downloaded, and leaked secret agency documents on its spying operations
EFF Appeals Chevron's Speech–Chilling Subpoena(Electronic Frontier Foundation) On Halloween of this year, EFF and EarthRights International (ERI) filed an appeal in the Second Circuit to protect the rights of dozens of environmental activists, journalists, and attorneys from a sweeping subpoena issued by the Chevron Corporation. And just last week, both the Republic of Ecuador and a group consisting of Human Rights Watch, Automattic, a pair of anonymous bloggers, and academics Ethan Zuckerman and Rebecca McKinnon filed amicus briefs in support of our appeal
Alleged Leader of Anonymous Philippines Arrested(Softpedia) Authorities in the Philippines have arrested an individual believed to be involved in the recent cyberattacks against around 40 government websites. The attacks took place just before activists from all over the world participated in the November 5 Million March Mask protests
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SyScan 2014(Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...
Teaching Computer Forensics(Sunderland, England, UK, November 14, 2013) The workshop is an opportunity for academics and students in the computer forensics subject area to address the current issues and challenges in a number of themes including (but not exclusive to) student...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.