vBulletin's support forum has been breached, and the password compromise leads to fears of other exploits targeting Internet fora and message boards. vBulletin is resetting its users' passwords and urging them to change any they may have reused elsewhere.
CryptoLocker ransomware email vectors have reached millions of UK Internet users. Sophos offers suggestions for helping mitigate the crimewave.
Vulnerabilities have been found in another D-Link router. Symantec warns of Linux Backdoor Trojan Fokirtor, found on some corporate networks. Google Cloud Messaging is increasingly being used to handle botnet command-and-control traffic.
CME Group reports its ClearPort energy and metals futures trading platform has been attacked. The FBI is investigating; the financial industry continues to work toward attack information sharing.
Bitcoin, gaining legitimacy as a financial instrument, complains that a flaw in Android's secure random number generator enables Bitcoin theft. (Bitcoin also gains favor in the criminal underground's creepier precincts: a self-styled anarchist tries to crowdfund political assassinations using the virtual currency.)
Cyber rioting affects targets tangentially related to Israel. Motiveless Italian hackers hit NASA.
Allegations of Australian surveillance of Indonesia's president (allegedly by hacking his cellphone) induce Indonesia to recall its ambassador in protest. The German Bundestag opens a major debate over proper response to US surveillance today.
Director Alexander continues to defend NSA's surveillance operations as a divided Senate considers the agency's future.
China denies allegations of widespread PLA industrial espionage.
Stratfor hacker Hammond gets ten years; his supporters ask about Sabu, the Father Gapon of LulzSec. Lavabit litigation advances.
Today's issue includes events affecting Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Israel, Morocco, Pakistan, South Africa, Spain, United Kingdom, United States..
Ten–Thousand CryptoLocked–Out(PC Magazine) In a blog post, security company Bitdefender revealed that CryptoLocker claimed over 10,000…Bitdefender Labs researchers were able to reverse-engineer the
UK probes cyber attack on bank computers(Oman Tribune) Cybercrime investigators are looking into a barrage of spam sent to millions of British banking customers designed to freeze their computers and demand a ransom, Britain's National Crime Agency said on Friday
CryptoLocker urgent alert — here's how YOU can help!(Naked Security) The UK's National Crime Agency has put out a CryptoLocker ransomware alert - the malware is still a huge problem, even after weeks of high profile coverage. Here's what YOU can do to help prevent it
Multiple security holes found in yet another D–Link router(FierceCIOTechWatch) A new bunch of vulnerabilities have been discovered in a D-Link router, according to security researcher Liad Mizrachi. As reported on ThreatPost, Mizrachi says he contacted D-Link to disclose the cross-site scripting (XSS) bugs he found in the company's 2760N (DSL-2760U-BN) routers on multiple occasions--twice in August, twice in September and once in October. However, he says the vendor did not respond to any of his disclosures
Malicious emails target multiple operating systems(Help Net Security) Over the past several years, we have seen the proliferation of malware targeting mobile devices such as Android and iOS. The vast majority of the malware has been designed to target the former
CME discloses FBI probing July hacking attack(Financial Times) CME Group disclosed on Friday that a system used to process big futures trades had been hacked in July, highlighting the vulnerability of the financial industry to cyber attacks
Secure Crypto: Critical Crypto Flaw on Android(RSA) BitCoin recently announced that there is a critical weakness in Android's secure number generator that lead to the theft of over 55 coins worth more than $5500. Google investigated and determined that key generation, signing, and random number generation operations might not receive cryptographically strong values. Also, native code that directly invokes the built-in OpenSSL PRNG without explicit initialization is also affected
FBI warns of U.S. government breaches by Anonymous hackers(7 News) Activist hackers linked to the collective known as Anonymous have secretly accessed U.S. government computers in multiple agencies and stolen sensitive information in a campaign that began almost a year ago, the FBI warned this week
PlayStation 4 and Xbox One Survey Scams Spotted(TrenLabs Security Intelligence Blog) With the recent release of the PlayStation 4 in North America and the upcoming release of the Xbox One, November is fast becoming an exciting month for gamers. However, it appears that they aren't the only ones looking forward to these launches. We spotted several survey scams that took advantage of the buzz surrounding the two consoles
Modi's men ground UAVs fearing cyber attack!(Bangalore Mirror) It was a security plan that was worked out in minuscule detail. Even the sky was not spared as unmanned aerial vehicles (UAVs) were to be deployed for an hawk-eyed vigil on the nearly two lakh crowd that would gather at the Palace Grounds. Dry runs were conducted and the results were also positive. But when BJP's prime ministerial candidate Narendra Modi got into action-mode on Sunday, the UAVs remained grounded. Reason: The threat of a cyber attack
8 NASA Domains Hacked and Defaced by Italian Hackers Team(HackRead) A newly emerging hacking group going with the handle of M4ST£R 1T4L!4N H@CK£RS T£4M (Master Italian Hackers Team) has hacked and defaced 8 official National Aeronautics and Space Administration (NASA) domains. Team left their deface page along with a message on all hacked domains. However, the reason for attacking NASA domains was not mentioned anywhere on the page
AnonGhost Hacks Hillside Illinois Police Department website against NATO Strikes(HackRead) The official website of State of Illinois' Hillside Police Department has been hacked and defaced by online hactivist group AnonGhost. Hillside Police Department website got hacked just few minutes ago on which the hackers have left a deface page along with a message against the governments of the world. The audio message on the site criticizes NATO's role in the Muslim countries
AnonGhost Hacks and Defaces 1282 Websites(HackRead) hacker from online hacktivist group AnonGhost has hacked and defaced a total number of 1282 random websites just few hours ago. Hacker has left a deface page along with a message on all hacked sites, displaying group's official logo and tribute to his group members. We are AnonGhost, Hacked by HusseiN98! We are watching you, don't close you eyes! Targeted websites belong to different countries
4 Lessons From MongoHQ Data Breach(InformationWeek) Security experts urge companies to implement two-factor authentication, VPNs, and graduated permission levels to better protect customer data from hackers
Security Patches, Mitigations, and Software Updates
Firefox 25.0.1 — the security update that wasn't?(Naked Security) Firefox just pushed out a minor browser update, bumping its version number from 25.0 to 25.0.1. Paul Ducklin saw Mozilla's advice that this was "a security and stability update", and went looking for the security fixes
Aviation industry vulnerable to cyber attacks: IATA(Times of India) The International Air Transport Association (IATA) has also called for a partnership between industry, governments and regulators to enhance aviation security by embracing a globally harmonised, risk-based system. Faced with cyber security threats, the aviation industry, which has spent over US$ 100 billion on security since 9/11, should share best practices and partner with governments to adapt to new challenges and tackle them, airlines' body IATA has said
Finance Industry Grapples With Cyber Threats(Forbes) Cyber attacks are increasingly thought of as a threat to modern society. Fears that attackers will use computers to disable critical infrastructure, like the power grid or transportation networks, crippling everyday functions, are touted as the next frontier in threats to security
FireEye CEO DeWalt on Snowden, cyber security, his stock price — and the mobile phone threat(Silicon Valley Business Journal) FireEye Inc. CEO David DeWalt has been busy lately. Following one of the biggest IPOs of the year, the company has pushed an aggressive product development schedule that's seen it introduce a new product every 11 days, and it's more than doubled its revenue and increased its headcount at least 22 percent to well over 1,100 since its IPO
Zero–Day Attacks Among the Most Costly and Feared Hacker Tools for a Reason(Digitl Journal) …"We designed DBRT with this fundamental weakness in mind. DBRT doesn't rely on known signatures to fight malware, it recognizes suspicious program behavior to expose what is actually being done and to whom, allowing IT personnel to identify an attack, remediate it, and inoculate systems enterprise-wide against reinfection, all from a single command and control console"
Data–classification levels for compliance: Why simple is best(Search Security) We're interested in implementing a data-classification program to lower our compliance costs. We'd like to establish different sets of controls for different data types. However, we're struggling to define our data-classification levels. How do you recommend structuring the data-classification scheme for a Fortune-500-type company
Data governance 2.0: Adapting to a new data governance framework(Search Security) Companies are collecting more data on the behavior and sentiment of customers than ever before. They use multiple partnerships into what Forrester Research Inc. calls a data economy ecosystem, which involves four distinct roles: data originators (fidelity and payment cards, sensors, social networks), data aggregators (Acxiom, Bluekai, Experian, Rapleaf), data analyzers (Adobe Marketing Cloud, Acxciom, Buxton, Rapp) and data clients (retailers)
New measures for security metrics: Ranum Q&A with Jay Jacobs(Search Security) Information security metrics abound, but few reports garner the attention awarded Verizon's Data Breach Investigations Report. The 2103 DBIR, which highlighted China's alleged cyberespionage among other significant breaches, was based on data pooled from 19 organizations worldwide
Break–even analysis: The highs and lows of risk and ROSI(Search Security) Pete LindstromIn my first column I issued a call to action to help technology risk management professionals make good decisions through the application of economic techniques. While that might seem like a tall order, you're already making those decisions. What you thought were random qualitative choices about running a security program actually reveal a lot about your risk expectations
Virtualization security dynamics get old(Search Security) In 2008 at the Black Hat security conference in Las Vegas, I presented the results of two years' worth of security research. "The Four Horsemen of the Virtualization [Security] Apocalypse" sought to educate the Black Hat audience about the past, present and future of the intersection of virtualization and security
Eliminating black hat bargains(Search Security) When it comes to information security defense, Mike Hamilton has a tough job. As the chief information security officer for the city of Seattle, Hamilton's responsibilities extend to the networks of a variety of other groups, such as the city's police and fire departments. The complexity of securing those networks requires that Hamilton focus not just on defense, but also on causing pain to any attacker
Sagan as a Log Normalizer(Internet Storm Center) "Sagan is an open source (GNU/GPLv2) high performance, real-time log analysis & correlation engine that run under *nix operating systems (Linux/FreeBSD/ OpenBSD/etc)"
The Security Impact of HTTP Caching Headers(Internet Storm Center) Earlier this week, an update for Media-Wiki fixed a bug in how it used caching headers . The headers allowed authenticated content to be cached, which may lead to sessions being shared between users using the same proxy server. I think this is a good reason to talk a bit about caching in web applications and why it is important for security
Quantum Bit Stored for Record 39 Minutes at Room Temperature(IEEE Spectrum) A physical state crucial for quantum computing has managed to survive at room temperature for 39 minutes in a record-breaking experiment. The new study gives a huge boost to quantum computing's prospects of storing information under normal conditions for long periods
Tracking botnets using automatically generated domains(Help Net Security) Stefano Zanero is an Assistant Professor at Politechnico di Milano, where he focuses on systems security. Modern botnets rely on domain-generation algorithms (DGAs) to build resilient command-and-control
Poly hacking competition comes to close, winners announced(Washington Square News) The Polytechnic Institute of NYU became a tech hub this weekend as it hosted the finals for five of its Cyber Security Awareness Week's competitions. Winners were decided for the final games including Capture-the-Flag, High School Forensics, Embedded Systems, Homeland Security Quiz and Awareness events. The competition extended from Nov. 14 to 16
Legislation, Policy, and Regulation
Indonesia recalls ambassador(9 News National) Indonesia has recalled its ambassador to Australia and will review all information exchanges and cooperation amid growing anger in Jakarta over fresh spying allegations
US envoy: NSA spying causing distress in Germany(AP via the Appeal Democrat) The United States faces a difficult task in repairing its image among Germans after allegations of massive National Security Agency surveillance, including Chancellor Angela Merkel's personal cellphone, the U.S. ambassador to Germany acknowledged Friday
Give Snowden Asylum in Germany(New York Times) Almost every day, new information is released about how American and British intelligence agencies have monitored governments, embassies and the communications of whole societies. These revelations have provided us with a deep and terrifying insight into the uncontrolled power of intelligence agencies
Allemagne: grand débat au Bundestag sur l'espionnage américain(AFP via Le Point) Les députés allemands doivent débattre lundi après–midi de l'espionnage américain lors d'une séance extraordinaire au Bundestag réclamée par la gauche radicale et les Verts après des révélations en octobre sur une possible surveillance du portable d'Angela Merkel
Mischaracterizing the NSA(Armed with Science) Media reports detailing secret National Security Agency collection of data from companies such as Google and Yahoo from overseas data centers mischaracterize what NSA does, the agency's director said in a speech to the Baltimore Council on Foreign Affairs
Senate intelligence panel sharply split on surveillance reforms(Politico) The Senate Intelligence Committee split sharply on proposals to rein in National Security Agency surveillance programs last month, rejecting several potentially significant reforms by a single vote, according to a formal committee report published this week
Key moments in NSA spy saga(Christian Science Monitor) A timeline of important events as elements of a National Security Agency clandestine operation came to light this year
US spying agencies are out of control(China Daily) When Internet security firm Mandiant issued a report in February accusing a so-called Shanghai-based People's Liberation Army Unit 61398 of hacking into the computers of a wide range of American industries, Congressmen, government officials, intelligence officers and a largely unquestioned news media in the US immediately jumped on the bandwagon railing against China
A Russian GPS Using U.S. Soil Stirs Spy Fears(New York Times) In the view of America's spy services, the next potential threat from Russia may not come from a nefarious cyberweapon or secrets gleaned from the files of Edward J. Snowden, the former National Security Agency contractor now in Moscow
U.S. Agencies to Say Bitcoins Offer Legitimate Benefits(Bloomberg) The Department of Justice and Securities and Exchange Commission are telling a U.S. Senate committee that Bitcoins are legitimate financial instruments, boosting prospects for wider acceptance of the virtual currency
NSA surveillance programs face challenges in court(Greenville Online) The federal government's once-secret telephone and Internet surveillance programs face crucial court hearings in Washington and New York this coming week, and even the Supreme Court is getting in on the act
Judge Hearing Demand to Unplug NSA Spies(World News Daily) A federal judge in Washington on Monday will hear arguments that the spies at the National Security Agency should be unplugged so they cannot collect telephone and Internet information on Americans, and while attorneys often consider their own cases significant, in this situation it's the judge who has established a high priority
Praag to lay criminal charge after cyber attack(ITWeb) The Pro-Afrikaanse Aksiegroep (Praag) will lay a charge with the South African Police Service (SAPS), after becoming the victim of a distributed denial of service (DDOS) attack that it says was launched by extremist anti-Afrikaans groups
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Oil and Gas Cyber Security 2013(London, England, UK, November 25 - 26, 2013) It has been stated that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security. The hugely increased demand to protect a multi-billion dollar global industry is being spurred...
DefCamp 2013(Bucharest, Romania, November 29 - 30, 2013) DefCamp is one of the most important conferences on hacking & information security in South-East Europe, bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.