Anonymous resumes its campaign against corruption, hacking Ukraine's Customs Service.
Effects of two attacks continue to ripple out. 1.5 million European customers have now been touched by Ireland's AXA breach. The Adobe compromise is found to extend to government and military accounts.
Blackhole's criminal market share continues to slip, but it remains dangerous even in its diminished form. The Kelihos botnet, also reduced, also remains a threat. Holiday spam scams are in full swing two weeks ahead of the oddly-named "Black Friday."
Businesses grapple with CryptoLocker and share lessons learned.
A new exploit kit, "Angler," targets Silverlight users.
An Apple Store flaw is fixed, BlackBerry warns of (and closes) a vulnerability in BlackBerry Link, and observers react to industry pullback from RC4 and SHA-1.
Analysts note rising awareness of the difficulty of attribution, and the risks this imposes on both active defense and national policy. Also noteworthy are the continuing need for, and lack of, effective, actionable, cyber threat information sharing. Cyber insurance, with its attendant actuarial apparatus, struggles toward a place in the market. Government cyber investment receives its share of criticism, with Cisco proposing what the Register calls "Gross Domestic P0wnage" as a measure of ROI.
The US tech industry shows signs of investing in better encryption to secure market share shaken by international surveillance concerns. At the retail level, new privacy tools continue to hit the market.
China gets a new national security apparatus; the world wonders whether it will direct its gaze more inward or outward.
Today's issue includes events affecting Australia, Austria, Belgium, Canada, China, Cyprus, Denmark, European Union, El Salvador, Estonia, Finland, France, Germany, Greece, Iceland, India, Ireland, Italy, Japan, Luxembourg, Malta, Republic of Moldova, Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Rwanda, Slovenia, Slovakia, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, United States..
Compromised Adobe accounts include military and government users(Help Net Security) The Adobe hack is truly gargantuan, what with all the stolen source code of a number of extremely popular software and the exfiltrated database containing user email addresses, poorly encrypted passwords and associated hints in plaintext
Spam campaign doubles on threats(Help Net Security) Some malware peddlers might be moving on from using the Blackhole exploit kit to deliver malicious code, but others are still not ready to give up on it, as proven by a spam campaign recently spotted by Trend Micro
Black Friday spams are too good to be true(Naked Security) With the holiday season approaching and lots of super good deals being offered around the American Thanksgiving holiday, retailers aren't the only ones looking to make a buck
Businesses offer best practices for escaping CryptoLocker hell(ComputerWorld) It is an IT nightmare: Businesses hit with the CryptoLocker malware find their electronic files locked up inside strong encryption and the extortionist operating the malware botnet demanding money to give them the security key that would let companies get their data back
Inside the BREACH attack: How to avoid HTTPS traffic exploits(Search Security) Cryptography was under heavy analysis long before Edward Snowden released the NSA's work undermining encryption. At the ekoparty Security Conference in 2012, Thai Duong and Juliano Rizzo discussed an attack named CRIME that did not significantly affect the security of Secure Sockets Layer/Transport Layer Security (SSL/TLS). At Black Hat 2013, Yoel Gluck, Neal Harris and Angelo Prado, who continued researching SSL/TLS cryptography, revealed a new threat, the Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext — otherwise known as the BREACH attack — which could have a far more profound impact on SSL/TLS than CRIME did
Hacking Your Way Through Airports and Hotels(Tripwire: State of Security) Want to know how to hack travelers and hotel networks in a matter of minutes? On a recent trip, Nabil Ouchn (@toolswatch) decided to do some some security analysis with a piece of hardware called the PwnPad – a penetration testing tablet – and a few other tools to see what kind of mischief he could get into
Hackers Can Now Target Pacemakers And Other Smart Products(Forbes) Are pacemakers at risk of cyber-attack? The ever-present availability of smart, connected products magnifies the threat of cyber-attacks. Just ask former vice president Dick Cheney knows this all too well. Turns out his fear of assassination via heart device was justified
Security Patches, Mitigations, and Software Updates
Apple iOS 7.04 Fixes App Store Purchase Flaw(Threatpost) Apple has released a new fix for iOS 7–no, it doesn't roll your phone back to iOS 6–that patches a vulnerability that enabled a user to make app or in-app purchases without needing to enter a password
Watch out for less advanced malware and new exploit kits(Help Net Security) This year, cybersecurity took center stage with nation-state attacks, numerous high-profile data breaches and prominent cybercriminal arrests. Websense Security Labs outlined their 2014 predictions to help organizations defend against attacks throughout the entire threat kill chain
FS–ISAC threat information sharing helped thwart DDoS attacks against US banks(FierceITSecurity) Cybersecurity threat information sharing carried out by the Financial Services Information Sharing and Analysis Center helped thwart a distributed denial of service campaign launched against major U.S. banks last year, according to Denise Anderson, vice president for government and cross-sector programs at the FS-ISAC
Multiple Drivers For Cyber Security Insurance(NSS Labs) While cyber security insurance has been discussed for more than a decade, only recently has it become a widely accepted risk management option. Today, there is even interest from the public sector in devising ways to incentivize private entities to embrace cyber insurance. Read on for an update on the latest developments in cyber insurance in the United States
Cyber Attacks May One Day Hit Their Utility Marks(EnergyBiz) Every day it seems the newspapers are filled with stories of breached security at a bank, government agency, media outlet, or a utility. According to a recent US Department of Homeland Security report, in fiscal year 2012, ICS-CERT received and responded to 198 cyber incidents as reported by asset owners and industry partners. Attacks against the energy sector represented 41 % of the total number of incidents. While none of these attempted cyber-attacks on utilities were successful, many experts have said it is not a question of if, but when
Silicon Valley Nerds Seek Revenge on NSA Spies With Super Coding(Bloomberg BusinessWeek) Google Inc. (GOOG:US), Facebook Inc. (FB:US) and Yahoo! Inc. (YHOO:US) are fighting back against the National Security Agency by using harder-to-crack code to shield their networks and online customer data from unauthorized U.S. spying
Surveillance Infrastructure Showing Signs of Decay(Threatpost) Buried underneath the ever-growing pile of information about the mass surveillance methods of the NSA is a small but significant undercurrent of change that's being driven by the anger and resentment of the large tech companies that the agency has used as tools in its collection programs
Cybersecurity Investment Incentive Tax Credit(Maryland Department of Business and Economic Development) Maryland provides a refundable tax credit to Qualified Maryland Cybersecurity Companies (QMCCs) that seek and secure investment from an in-state or out-of-state investor. The purpose of this new program is to incentivize and attract cybersecurity companies to start-up in or move to Maryland; and to attract investment to cybersecurity companies in order to help them grow, create jobs and retain intellectual property in Maryland
Maryland Employer Security Clearance Costs (ESCC) Tax Credit(Maryland Department of Business and Economic Development) Businesses that incur qualified federal security clearance administrative expenses, and construction and equipment costs for constructing or renovating sensitive compartmented information facilities (SCIFs) in Maryland may be eligible for a State income tax credit. In addition, a qualified small business that performs security-based contracting in Maryland may be eligible for a State income tax credit for the first year of rental payments for spaces leased in Maryland
A–T Solutions Picks Up Security Tech Contractor GreenLine Systems(GovConWire) Arlington, Va.-based counterterrorism services contractor A-T Solutions has acquired security technology provider GreenLine Systems for an undisclosed amount in a push to expand into international markets for transportation security and border protection
IBM's purchase of Fiberlink puts a big price tag on other MDM vendors(CITEWorld) IBM this morning said it acquired Fiberlink for an undisclosed sum. The deal comes at a time when the focus of mobile management has shifted from devices to apps. But the fact that IBM has bought a top tier mobile device management provider shows the function is still key
Jobs go at Lockheed as cuts bite(Financial Times) Lockheed Martin has announced plans to cut 4,000 jobs and close four factories, in the clearest sign yet of how across-the-board "sequestration" spending cuts are feeding through into redundancies
F–Secure Launches A Dropbox For the Dark Web And A VPN That Could Erase Content Borders Everywhere(Forbes) Finnish security company F-Secure is making a sizable move out of its corporate security business into the world of the consumer cryptoWeb. It announced this week it's launching a Dropbox-like cloud storage service, Younited, and a virtual private network (VPN) smartphone app called Freedome, the latter threatening to disrupt the regional restrictions on use of copyrighted material around the world
Dropbox Tackles Security Concerns in Revamped Dropbox for Business(InfoSecurity Magazine) BYOD brought personal file syncing into the limelight, and a new threat into business: Shadow IT, where employees use personal apps to move company files back and forth between personal devices and company computers outside of the control, and often even the knowledge, of the IT department
After NSA Scandal, Crop of Whistleblower Communication Tools for Journalists Emerge(techPresident) Among the many questions raised by the NSA scandal, there is one that is especially worrying for journalists: how to have secure communications with sources given the widespread surveillance of emails, phone calls, chats and browsing activities. How should investigative reporting deal with the technological challenges posed by governments' mass control of Internet and phone traffic? A number of online platforms have now sprouted across the globe with the mission to protect the anonymity of journalists' sources
SecretInk Lets You Send Self-Destructing Messages Over Email Or SMS Right From Your Inbox(TechCrunch) PowerInbox, the email platform company which merged with competitor ActivePath a year ago, is today launching technology called SecretInk that enables "self-destructing" messages that can be sent over email or SMS. The system works online or inside Gmail and other webmail services using the company's PowerInbox add-on. This utility also enables other interactive email content from dozens of
Using PGP Encryption To Communicate Privately(Intellihub) There are many tools out there that allow you to communicate privately with varying levels of security. PGP (Pretty Good Privacy), specifically the OpenPGP standard, is a well tested and solid method of encrypting emails and messages, before transmission, to ensure that the only person who can read them is the intended recipient
Israeli Cyber Game Drags US, Russia to Brink of Mideast War(Defense News) The war game began in Israel with coordinated cyber and terrorist attacks: An explosion at an offshore drilling platform, multiple blasts in Haifa and Tel Aviv and network disruptions that paralyzed hospitals and sent aviation authorities scrambling to regain contact with an inbound airliner
A look at IT security health checks(Help Net Security) Over the past few days, one thing got my attention which I think in many ways sums up the state of our industry. While on a shopping trip with my wife, she noticed a billboard from a certain health insurance organization with the slogan, "Our focus is health, not shareholders."
Security Tools, Templates, Policies(CSO) CSOonline's Security Tools, Templates & Policies page provides sample documents contributed by the security community. Feel free to use or adapt them for your own organization
Tracking botnets using automatically generated domains(Help Net Security) Modern botnets rely on domain-generation algorithms (DGAs) to build resilient command-and-control infrastructures that are difficult to track or deactivate. Considerable attention has been given to recognizing automatically generated domains (AGDs) from DNS traffic, in order to identify previously unknown AGDs, which helps in the task of disrupting botnets' communication capabilities
Research and Development
Stanford Metaphone Project aims to show dangers of metadata collection(Threatpost) When the first NSA surveillance story broke in June, about the agency's collection of phone metadata from Verizon, most people likely had never heard the word metadata before. Even some security and privacy experts weren't sure what the term encompassed, and now a group of security researchers at Stanford have started a new project to collect data from Android users to see exactly how much information can be drawn from the logs of phone calls and texts
What The Carna Botnet Also Found(Dark Reading) The researcher who rocked the security world earlier this year by revealing he had built a botnet to conduct a census of the Internet remains anonymous, but has passed to a white-hat researcher more security findings from the controversial project
How India, Rwanda, and El Salvador are solving the biggest problem in online education(Quartz) Massive open online courses have quickly fallen out of favor—initially thought to be the savior of higher education, the huge classes are now its punching bag. Critics of the free online courses point to low completion rates, a devaluation of degrees, the displacement of professors, and an absence of necessary classroom time. But a more effective application of the standalone courses is taking root, notably outside of the US
Who Will China's New Security Agency Target?(Bloomberg BusinessWeek) An interesting question to consider of China's soon-to-be-formed national security committee, announced at the end of the third plenum on Nov. 12: Will its primary focus be containing what the party perceives as threats from overseas? Or will it instead aim at combating threats seen as coming from within
Boehner Wants NSA Separate From Defense Authorization(Roll Call) Bad news for National Security Agency critics who want to use the annual Defense authorization bill to exact changes to the agency's spying policies: Speaker John A. Boehner doesn't think the defense measure is an appropriate vehicle for that debate
Top 10 PRISM revelations as spy scandal rumbles on(V3) It has been several months since the PRISM spying scandal broke, and the revelations have been coming thick and fast since whistleblower Edward Snowden handed over everything he knew and fled to Hong Kong
NSA chief says Snowden leaked up to 200,000 secret documents(Chicago Tribune) Former U.S. National Security Agency contractor Edward Snowden leaked as many as 200,000 classified U.S. documents to the media, according to little-noticed public remarks by the eavesdropping agency's chief late last month
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.