Hacktivists strike in Syria (anti-government), Peru (LulzSec), and Saudi Arabia (anti-female driver).
Reports suggest Stuxnet was accompanied by a second exploit designed to disable Iranian uranium refining centrifuges at Natanz. (Note the broader implications for industrial control security, especially for the power grid.)
Strategy Page assesses China's Unit 61398, a PLA organization widely believed responsible for cyber espionage.
BadBIOS has dropped from the news lately, but the US Navy appears to take acoustic cyber threats seriously.
CryptoLocker ransomware continues to spread. Many US-based bots are joining Russian and Chinese ones in the distribution system.
Weak GitHub passwords are brute-forced; users should re-set them.
Australia's Cupid Media adds injury to its lovelorn customers' loneliness: over 40 million unencrypted personal records have been exposed. The attackers behind the recent Adobe breach are suspected.
Oversupply has driven down the black-market cost of stolen identities. Other investigations of the underground market reveal more on cyber arms merchants and crimeware-as-a-service.
Enterprises continue to look for better ways of sharing attack information and more dynamic approaches to supply chain security.
Shortages of skilled cyber workers prompt calls for more open immigration and further investment in education. A US Presidential plan to offer grants for tech education bears watching: it will probably disproportionately benefit cyber training.
Australia and Indonesia are in a major dust-up over allegations of Australian cyber espionage. US Senators continue their scrutiny of NSA.
Today's issue includes events affecting Australia, Bangladesh, Belarus, Canada, China, Iceland, India, Indonesia, Iran, Luxembourg, Mexico, Peru, Russia, Saudi Arabia, South Africa, Syria, United States..
Official Website of Peru's President and National Police Defaced by LulzSec Peru(Hack Read) The online hacktivists from Lulz Security Peru have hacked and defaced the official website of Peruvian President and Peruvian National Police. The website of Peruvian President was hacked on 17th November while Peruvian National Police site was hacked yesterday 19th November 2013. Lulz Security Peru left two different deface pages along with messages on both hacked websites in Spanish language
Stuxnet's Secret Twin(Foreign Policy) The real program to sabotage Iran's nuclear facilities was far more sophisticated than anyone realized
Information Warfare: Chinese Cyber Warriors Ignore The Limelight(Strategy Page) Earlier this year it was revealed by Western Internet security researchers that a specific Chinese military organization, "Unit 61398" has been responsible for over a thousand attacks on government organizations and commercial firms since 2006
Cryptolocker 'ransomware' seem to be targeting systems from the US(FierceCIO: TechWatch) A "ransomware" malware that unilaterally encrypts the data files of its victims is infecting more than 10,000 victims on a weekly basis. This was the conclusion of security vendor Bitdefender, which conducted research on Crytolocker between October 27 and November 1
Cryptolocker: The evolution of extortion(ComputerWorld) The Cryptolocker Trojan is an evolution of "ransomware," not a revolutionary change from past criminal attempts to extort money from PC owners, a security expert said today
Cupid Media Hack Exposed 42M Passwords(Krebs on Security) An intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays
Nordstrom card–skimming scheme lasted nearly two months(SC Magazine) A card-skimming operation that targeted a Nordstrom store in Florida lasted nearly two months, according to a letter detailing the event sent to the New Hampshire Department of Justice's Office of the Attorney General
How your LG Smart TV can spy on you(Graham Cluley) Do you have an LG Smart TV? Were you aware it was collecting information about your TV viewing habits? And, worst of all, that you can't stop it doing so
Queensland traffic systems vulnerable to G20 attack(IT News) Queensland's auditor-general has conducted penetration testing on the two major systems managing Brisbane's traffic network and found gaping holes which render the critical networks vulnerable to attack
Where do cyber–weapons come from? Try a cyber arms dealer(Quartz) When the US Air Force designated six "cyber tools" as "weapons" in April this year, Quartz asked, "What the heck is a cyber-weapon, anyway?" The answer, we found, was vague: Any computer program meant to inflict damage could qualify. These could be developed by military, government, commercial entities or lone actors
Cybercrime is big business(FuerceITSecurity) While other parts of the economy are stagnating, cybercrime is booming, according to research conducted by Joe Stewart, Dell SecureWorks' director of malware research for the Counter Threat Unit, and independent researcher David Shear
Cybercrime Exposed: Cybercrime–as–a–Service(McAfee) Today's cybercriminals do not necessarily require considerable technical expertise to get the job done, nor, in certain cases, do they even need to own a computer. All they need is a credit card. A marketplace offering cybercrime tools and services provides would-be criminals with an arsenal that can either be used as a component of a cyberattack or a handy way of outsourcing the process entirely
Watching Out For Typhoon Haiyan Scams(TrendLabs Security Intelligence Blog) More than a week has passed since Typhoon Haiyan made landfall over the central Philippines, leaving thousands dead or injured, with millions more in need of humanitarian assistance. More than US$248 million in relief has been given both by governments and the private sector to date. Unfortunately, many scams have already taken advantage of this disaster. For example, fake Facebook pages (like this one) ask for donations via PayPal, which end up in the hands of would-be scammers rather than the hands of legitimate charities
Security Patches, Mitigations, and Software Updates
Python 3.3.3 fixes several security bugs(Help Net Security) Python 3.3.3 fixes several security and a lot of overall bug fixes found in Python 3.3.2. This release fully supports OS X 10.9 Mavericks. In particular, this release fixes an issue that could cause
Why Do Tech Execs Lack Confidence In Security?(Forbes) Malware threats have evolved tremendously over the past several years, moving well beyond being a mere nuisance to being able to cause serious damage to data, infrastructures and entire companies. On top of this, cybercriminals are designing advanced persistent threats, "zero-day threats," and other targeted attacks to evade traditional signature-based detection
Uncontrolled privileged access still a major issue(Help Net Security) The NSA's notorious insider breach has caused 52 percent of IT security professionals to reconsider their approach to user and systems administrator privileges, yet the majority aren't taking action, according to Avecto. Its findings reveal that organizations continue to lag when it comes to controlling the use of administrator rights in their IT environment
You WILL be Hacked — Cope With It(InfoSecurity Magazine) The Institute of Chartered Accountants England and Wales has confirmed what the security industry has long been saying: it is impossible to prevent all breaches so companies should use a risk management approach to defend what the ICAEW calls the 'crown jewels'
Defense CEO Pushes Immigration Reform(Defense News) A leading US defense CEO made a strong plea for domestic immigration reform during a speech Tuesday morning, linking the defense industry's increasingly dire need for talented engineers with the push to develop an easier path to citizenship for skilled and educated immigrants
Google broadens Patch Rewards Program(Help Net Security) Google has announced the expansion of its recently unveiled Patch Reward Program, which urges security researchers to submit patches for third-party open source software critical to the health of the
IObit Advanced SystemCare Ultimate 7 Beta 1(PC Advisor) Advanced SystemCare Ultimate is IObit's "do everything" PC maintenance suite, combined with a dual security engine. This feature packed set of tools includes everything you need to maintain and protect your computer in one package
Which Companies Are Encrypting Your Data Properly?(Gizmodo) We've asked the companies in our Who Has Your Back Program what they are doing to bolster encryption in light of the NSA's unlawful surveillance of your communications. We're pleased to see that four companies--Dropbox, Google, SpiderOak and Sonic.net--are implementing five out of five of our best practices for encryption. In addition, we appreciate that Yahoo! just announced several measures it plans to take to increase encryption, including the very critical encryption of data center links, and that Twitter has confirmed that it has encryption of data center links in progress
Virtualization security dynamics get old(Search Security) In 2008 at the Black Hat security conference in Las Vegas, I presented the results of two years' worth of security research. "The Four Horsemen of the Virtualization [Security] Apocalypse" sought to educate the Black Hat audience about the past, present and future of the intersection of virtualization and security
Evaluating network security virtualization products(Search Security) Along with business units' and IT operations' steady push to virtualize data center servers and components comes a new conundrum for security professionals: how best to maintain adequate controls inside the virtual environment
Don't Like Spam? Complain About It.(Krebs on Security) Cynical security experts often dismiss anti-spam activists as grumpy idealists with a singular, Sisyphean obsession. The cynics question if it's really worth all that time and effort to complain to ISPs and hosting providers about customers that are sending junk email? Well, according to at least one underground service designed for spammers seeking to avoid anti-spam activists, the answer is a resounding "yes!
Don't buy from vendors with poor track records in security(FierceCIO: TechWatch) Just last week we reported on a new bunch of security vulnerabilities discovered in a D-Link router. Despite its severity, the limited scope of the problem--a single router model that is not even sold in the U.S.--means that it wouldn't usually be given the time of the day. What makes it news? The security researcher who found them says he decided to disclose them publicly after repeated attempts to report them failed to elicit a response from the vendor
Searching live memory on a running machine with winpmem(Internet Storm Center) Winpmem may appear to be a simple a memory acquisition tool, but it is really much more. In yesterday's diary I gave a brief introduction to the tool and showed how you can use it to create a raw memory image. If you didn't see that article check it out for the background needed for today's installment
How to Fight Social Engineering(eSecurity Planet) As an annual contest shows, social engineering can be an effective way for hackers to obtain sensitive data. Training is one of the best ways to fight social engineering
Raising awareness quickly: What happens after a breach?(CSO) Sometimes, especially if you work in Information Security, people ask about cybercrime, hackers, and security in general - such as malware or the latest scams and news reports. While most in the field are passionate about the topic, and can speak for days on it, it's still a bit daunting when you attempt to explain some of the complexities on a level that everyone understands
Active Defense: Good protection doesn't need to be offensive(We Live Security) Just Google for the search term '"active defense" startup' and it is clear that this is a hot growth area in Internet security. But what is it, exactly? The answer to that question is difficult and controversial, as this is a new name for a wide range of activities that have become increasingly popular as attacks on government and company systems have become both more complicated and more highly targeted
Looking for big data and machine learning to replace human thinking? Ain't gonna happen(FierceBigData) Christian Madsbjerg, cofounder of business consultancy ReD, says when it comes to technology mirroring or mimicking the human brain in the future, well, that's a big fat fail. Madsbjerg writes a post to that effect in VentureBeat in response to John Funge's post in the same publication making the opposite claim. Only one of them can be right about this. But which one
Obama to Unveil Competition to Overhaul High School(Wall Street Journal) President Barack Obama will unveil a $100 million competition Tuesday aimed at finding new ways to better prepare high-school students for the global high-tech economy, a senior administration official said. The program, Youth CareerConnect, would award 25 to 40 grants next year for high schools to team up with higher-education institutions and employers, creating innovative programs that give students industry-relevant education and
Indonesia halts all military co–operation(The Age) Australia's asylum-seeker measures in Indonesia have been thrown into disarray with Jakarta pulling the plug on all military co-operation in retaliation for the Abbott government's refusal to explain the phone tapping of Indonesian President Susilo Bambang Yudhoyono
Indonesia president calls for explanation from Australia(The Guardian) Indonesia has temporarily halted all co-operation with Australia on people smuggling, its president, Susilo Bambang Yudhoyono, announced on Wednesday as he continued to demand an explanation from the Australian government for the phone tapping revelations
Australian spies have 'run amok': Indon(Melbourne Herald Sun) Indonesia has halted all co-operation with Australia on people smuggling after the phone-tapping controversy in a major blow to Prime Minister Tony Abbott's plan to stop the boats
Revealing whose secrets?(The Economist) Angela Merkel, Germany's chancellor, retained a certain stony dignity in her fury when she learned that America had been eavesdropping on her phone calls. On November 19th Susilo Bambang Yudhoyono, Indonesia's president, took to that undignified medium, Twitter, to lodge a "strong protest" at the "hurtful action" by Australia in apparently listening in to his
The Future of NATO: Cyber and Deterrence(The Atlantic Council) As a security institution, NATO has demonstrated its capability to adapt in the post-Cold War era. The cyber realm, although pervasive and reminiscent of the Wild West with a similar lack of regulation and retribution by rule of law, may prove to be a challenge to NATO allies and partners
Digging the NSA Out of the Snowden Storm(Wall Street Journal) The National Security Agency's surveillance hasn't changed. Washington has. Former National Security Agency contractor Edward Snowden's leaks have subjected the NSA's surveillance programs to unprecedented attack, raising the possibility that Congress will not be able to pass the 2014 Intelligence Authorization bill needed to provide congressional guidance on a host of crucial national-security issues. It would be lamentable if the entirely legal and invaluable NSA surveillance program became more of a political football than it already is
Pentagon tightens cybersecurity rules for defense contractors(Times of India) The Pentagon said on Tuesday it had approved new rules that would require defense contractors to tighten their computer security procedures and to report any cyber intrusions that resulted in the loss of controlled technical information
Newly Released Documents Show How Government Inflated the Definition of Metadata(Slate) On Monday evening, the Office of the Director of National Intelligence finally made public the Foreign Intelligence Surveillance Court order approving a program to collect metadata—that is, information other than the actual contents of an email—from electronic communications. But rather than settling the debate that has raged over surveillance since the recent leaks, the document only complicates the already heated conversation about what data should be collected and by whom, pointing at larger questions of what is the medium and what is the message in this digital age—and when does one become the other
Sobriety Checkpoints Paved Path to NSA Email Spying(Wired) Sobriety checkpoints and mandatory drug testing of student athletes and railroad workers are among the legal precedents justifying the government's now-defunct and court-approved secret email metadata dragnet surveillance program, according to documents the government released late Monday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
Oil and Gas Cyber Security 2013(London, England, UK, November 25 - 26, 2013) It has been stated that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security. The hugely increased demand to protect a multi-billion dollar global industry is being spurred...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
DefCamp 2013(Bucharest, Romania, November 29 - 30, 2013) DefCamp is one of the most important conferences on hacking & information security in South-East Europe, bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.