Indonesian hacktivists claim responsibility for attacks on Australian sites. The Indonesian government gives that nation's telcos a week to inspect their records for evidence that they were complicit in alleged electronic surveillance by Australian intelligence.
Other Indonesian and Malaysian hacktivists deface Chinese government sites with unclear motives (ethnic resentments may be in play).
Former US DCI Michael Hayden says the Syrian Electronic Army is effectively a tool of Iran. (And a Syrian defector who hacked their servers before he departed the country says officers of Syria's Mukhabarat spend much of their workday surfing not-safe-for-work sites.)
Spam spoofing an AV vendor patch notification carries a Zeus payload. A Trojan recently discovered targeting SAP client apps seems partially based on Carberp code. Another old threat—Conficker—is still making its rounds.
Social engineers are probing bank call centers. New malicious spam impersonating WhatsApp carry a malicious payload that pulls infected machines into a botnet. McAfee detects new efforts to circumvent Android digital signature app validation.
CryptoLocker continues its malign spread, with over 12,000 new victims this week. High turnover in command-and-control servers helps it thrive: it rarely uses a server for more than a week.
Prolexic warns of rising distributed reflection denial-of-service attacks.
Increased military use of COTS technology prompts fresh concerns over supply chain cyber security.
The cyber insurance subsector's tentative growth is inhibited mainly by scanty threat data—more sharing is needed.
Pakistan's military says it has new software that renders its installations hack-proof (observers are reluctantly moved to skepticism).
Today's issue includes events affecting Australia, Austria, Belgium, China, Finland, Germany, India, Indonesia, Iran, Luxembourg, Malaysia, Netherlands, Nigeria, Norway, Pakistan, Sweden, Switzerland, Syria, United Kingdom, United Nations, United States..
SAP Trojan based partially on Carberp code(Help Net Security) Bit by bit, details about the first information-stealing Trojan discovered targeting SAP enterprise software are being unveiled, and Microsoft researchers have tied at least part of its source code to that of the infamous Carberp banking Trojan
Five Years Old And Still On The Run: DOWNAD(TrendLabs Security Intelligence Blog) Five years ago, Conficker/DOWNAD was first seen and quickly became notorious due to how quickly it spread and how much damage it caused
Fake WhatsApp 'Voice Message Notification' themed emails expose users to malware(Webroot Threat Blog) We've just intercepted a currently circulating malicious spam campaign impersonating WhatsApp — yet again — in an attempt to trick its users into thinking that they've received a voice mail. Once socially engineered users execute the malicious attachment found in the fake emails, their PCs automatically join the botnet operated by the cybercriminal(s) behind the campaign
New threats subverting digital signature validation(Help Net Security) McAfee Labs found new efforts to circumvent digital signature app validation on Android-based devices. The McAfee Labs team identified a new family of mobile malware that allows an attacker to bypass the digital signature validation of apps on Android devices, which contributed to a 30 percent increase in Android-based malware
Botnets Hike Usage of Google Cloud(Industrial Safety and Security Source) Mobile botnets are on the rise and one of the areas attackers are using the Google Cloud Messaging service as a stepping off point to send data from command-and-control servers to malware, researchers said
Ransomware Running Wild…(Industrial Safety and Security Source) There have been over 12,000 victims of the malware CryptoLocker in less than a full week, which has been locking up computers with ransomware over the past couple of months, researchers said. "CryptoLocker servers are changed very often – it is rare that a command-and-control server remains online for more than a week," according to security technology company Bitdefender Labs
Call Me i$Hm@eL(Pacific Standard) At the peak of his career in the late-2000s, a mysterious online figure from Eastern Europe attained the position of administrator of DarkMarket. He had climbed to the highest rung of one of the most significant cybercriminal forums—where stolen credit-card data and other illicit goods and services are traded—in history. But before he could do all that, he had to choose a nickname
Security Patches, Mitigations, and Software Updates
Threat Grows for Cyber-Physical Systems(SIGNAL) The rapid adoption of commercial firmware and software for cybersystems serving the critical infrastructure is increasing vulnerabilities that potentially could lead to devastating system failures, according to a report issued by a cybersecurity organization. In some cases, these diverse systems also are threatened by their legacy nature, which is a barrier to implementing necessary cybersecurity measures
Learn cyber conflict history, or prepare to repeat it(Armed Forces Journal) "There have been at least seven major "wake-up calls" in cyber conflict, attacks or other events that shocked and surprised defenders and decisionmakers, then were promptly forgotten until a similar shock "awakened" a new cohort of cyber leaders. This pattern will repeat itself until policymakers and practitioners pay attention to history"
The Need for a Cyber Attack Warning System(Recorded Future) In the 1960s, one of the largest threats being faced was nuclear warfare. The development of satellites capable of detecting nuclear launches or explosions was a decade away, but the United States and the United Kingdom needed a means of detecting if they were under nuclear attack
Google's Eric Schmidt: 'the solution to government surveillance is to encrypt everything'(The Verge) Since revelations of the NSA's widespread data collection and monitoring earlier this year, Google has staunchly denied working with the government agency and has taken it to task on a number of occasions. After calling the NSA surveillance "outrageous" earlier this month, Google executive chairman Eric Schmidt has come out against the agency again in an interview with Bloomberg News. "The solution to government surveillance is to encrypt everything," Schmidt said in a speed at the Johns Hopkins University School of Advanced International Studies
Why Nigerian Banks Will Keep Losing Money to e–Fraud(This Day Live) The recent loss of money recorded by the Central Bank of Nigeria (CBN) has not only given researchers a case study but has shown that the acclaimed tools and techniques currently used by Nigerian banks are not sufficient
John Halamka: Looming HIT mandates 'too big in scope'(FierceHealthIT) In the wake of the much maligned HealthCare.gov rollout, John Halamka, CIO at Boston-based Beth Israel Deaconess Medical Center, says that he sees signs that even "well resourced" health institutions will have a hard time with various health IT mandates that are on the horizon
Most senior execs clueless about handling data breaches, survey finds(FierceITSecurity) Senior business leaders are not prepared for a data breach, with fewer than one in four knowing enough to take the lead should a breach occur, according to a survey of 341 senior executives and in-depth interviews with 17 senior executives conducted by the Economist Intelligence Unit on behalf of HP
The enemy within(Help Net Security) Recent high-profile cases in the press have called attention to the threat the trusted insider can pose to the security of an organization. A recent survey highlighted that employees often have access rights that are way beyond the ones they actually require for their roles. Another survey by the University of Glasgow showed the risks posed to corporate data by employees using consumer-based cloud services such as Dropbox
TeraDact Solutions, Inc. names Gus Hunt Chief Cyber Strategist(Virtual-Strategy Magazine) TeraDact Solutions, Inc. (www.teradact.com), a privately held Missoula, Montana-based software company, announced today at Bloomberg, The Year Ahead: 2014, that Ira A. (Gus) Hunt, the former Chief Technology Officer for the Central Intelligence Agency, has joined the company as Chief Cyber Strategist and will also serve on the TeraDact Advisory Board
EPA experiments with Thunderclap(FierceGovIT) Late last month the Environmental Protection Agency experimented with a new social media tool designed to amplify a single message across social networks called Thunderclap. The tool is open to all agencies for use based on federal-friendly terms of service recently negotiated by the General Services Administration
Tresys Technology Announces Availability of New Product Tresys MobileFortress™(Hispanic Business) Tresys Technology, a leading provider of cyber defense technology and engineering services to our nation's defense, intelligence and critical infrastructure organizations, announced today the general availability of Tresys MobileFortress for Android, a secure mobile operating system for Government and Commercial Enterprise mobile platforms
Technologies, Techniques, and Standards
Replacing Security Best Practices with Things that Actually Work(Threatpost) The term "best practices" is high on the list of overused and nearly meaningless phrases that get thrown around in the security field. It forms the basis for regulations such as HIPAA and PCI DSS and yet if you asked a random sample of 10 security people what the phrase meant, you'd likely get 10 different answers. But what if there aren't actually any best practices
Are tablets secure enough for business?(Help Net Security) Amazon is launching its first enterprise-ready tablet. A smart move, as the much-loved mobile device can finally be integrated into business. However it does beg the question, how can SMEs ensure they are prepared for this new mobile device onslaught
5 Ways To Keep Big Data From Going Bad(CRN) While the collection and analysis of troves of data offer potential societal benefits, the public needs to understand the risks it poses on individual privacy and security, said Barton Gellman, a two-time Pulitzer Prize winning author and reporter who is one of three journalists still reviewing National Security Agency documents leaked by Edward Snowden
Is It Fair to Steer Students into STEM Disciplines Facing a Glut of Workers?(IEEE Spectrum) The argument over whether or not there is a shortage of qualified STEM workers was replayed once more in a story this past week in a Chronicle of Higher Education article titled, "The STEM Crisis: Reality or Myth." Unfortunately, you need to be a subscriber to gain full access to the article, but I thought a few quotes from the usual suspects claiming there is a STEM crisis in the United States would be enlightening
Father of Web says China will dismantle 'great firewall'(Reuters via The West Australian) China's rulers will ultimately take it upon themselves to dismantle the "great firewall" that limits its people's access to the Internet because doing so will boost China's economy, the inventor of the World Wide Web said
Congress Draws Battle Lines Over NSA Phone Snooping Program(PC Magazine) In the wake of revelations about the National Security Agency's domestic surveillance programs over American phone records and Internet activities, Congressional leaders are demanding reform to rein in the agency's broad powers
Poll: Many View NSA Intrusions as Unjustified(WTMA) Public belief that the National Security Agency unnecessarily intrudes on privacy rights has grown, but so has the sense that Edward Snowden damaged U.S. security by disclosing the spy agency's activities — with the latter a more powerful factor in views on charging him with a crime
Obama administration looks to scrub security clearance list(Politico) The Obama administration has ordered a government-wide reassessment of how almost 5 million Americans have been granted classified information security clearances and whether each person currently approved to see sensitive national security secrets truly has a need for such access
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
New Resources to Grow Cyber Security Companies in Maryland(Rockville, Maryland, USA, November 25, 2013) Learn about new resources available locally to grow your cybersecurity company, including the Maryland Cybersecurity Investment Incentive Tax Credit and the Montgomery County Supplemental Incentive Program...
Oil and Gas Cyber Security 2013(London, England, UK, November 25 - 26, 2013) It has been stated that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security. The hugely increased demand to protect a multi-billion dollar global industry is being spurred...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
DefCamp 2013(Bucharest, Romania, November 29 - 30, 2013) DefCamp is one of the most important conferences on hacking & information security in South-East Europe, bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.