An unusually large amount of cyber-rioting is reported from the usual parts of the world. Australian sites continue to draw attention from Indonesian hacktivists. In Columbia, FARC insurgents call for a regional campaign to drive out US bases: since FARC explicitly recognize such a campaign would have to be asymmetric, it's reasonable to expect cyber attacks.
More signs emerge of a global man-in-the-middle cyber crimewave.
Concerns about Chinese cyber espionage surface in the US and elsewhere. These include renewed warnings of "pre-hacked" hardware. Many observers suggest leaks about US surveillance have emboldened Chinese government cyber operators, but it seems very unlikely the PLA needed any such disinhibition. Oh, also, China blames the US for stalled talks over duty-free IT trade.
Allegations of US-government spyware planting operations surface from Snowden via the Netherlands press. Australian intelligence agencies are reported upset at the US NSA, not for surveillance, but for poor internal security.
Analysts continue to warn of security problems with the troubled US Healthcare.gov program. At least one state site (Vermont's) reports a privacy breach. Conventional (legacy?) healthcare providers continue to report familiar breaches—mistakenly posted documents, lost unencrypted physical media—even as the drive towards increased medical data automation and sharing seems inexorable.
CryptoLocker remains a threat, and perhaps a harbinger of worse ransomware to come.
Preliminary results of GridEx II are under discussion. Much of this North American power grid cyber drill concentrated on, predictably, effective attack-information sharing.
A UN resolution on surveillance proceeds, for now largely undiluted by Anglo-American objections.
Today's issue includes events affecting Australia, Brazil, China, Colombia, European Union, France, India, Indonesia, Iran, Israel, Japan, Republic of Korea, Netherlands, Palestinian Territories, Syria, Taiwan, Thailand, Tunisia, Turkey, United Kingdom, United States, and Venezuela..
Protest Against Spying: Indonesian Gantengers Crew Hacks Australian National University Domain(Hack Read) Indonesian based hackers from Gantengers Crew has hacked and defaced an official sub-domain of Australian National University today against Australian spying activities over Indonesian government as reveled by NSA's whistleblower Edward Snowden. The targeted domain belongs to Australian National University's Deepening Histories of Place Project, which is now displaying a deface page along with a message
New York State Government Sub-Domain Hacked by Indonesian Hacker(Hack Read) An Indonesian hacker going with the handle of Jje Incovers has hacked and defaced a sub-domain of New York State Government information portal. The defaced domain belongs to Hudson River Valley Greenway which is now displying a .txt deface page uploaded by the hacker with a simple note. However, the reason for targeting Hudson River Valley was not mentioned anywhere
FARC–EP Calls to Arrange Campaign vs. US Military Bases(Prensa Latina) The Revolutionary Armed Forces of Colombia-People''s Army (FARC-EP) described as urgent and a necessary task the arrangement of a campaign in all Latin America and Caribbean countries against U.S. military bases
Large–scale net traffic misdirections and MitM attacks detected(Help Net Security) Man-In-the-Middle BGP route hijacking attacks are becoming regular occurrences, but it's still impossible to tell who is behind them, and what their ultimate goal is, warns Jim Cowie, co-founder and CTO of Internet intelligence company Renesys
China's Cyber War(Newsweek) For more than a decade, a relentless campaign by China to steal valuable, confidential information from U.S. corporations flourished with barely a peep from Washington. And now it might never be stopped
Chinese Hackers Seen Exploiting Cloud to Spy on U.S.(Bloomberg) China-based hackers may target Internet-based e-mail, data storage and other services provided overseas by such companies as Microsoft Corp. (MSFT) to spy on the U.S., a congressional commission found
Chinese hackers spying on American cloud(PCWorld) With the National Security Agency spying on pretty much everyone inside and out of this country, we can't be too surprised, or offended, to find out that other countries are spying on us
NSA infected 50,000 computer networks with malicious software(NRC Handelsblad) The American intelligence service — NSA — infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information. Documents provided by former NSA–employee Edward Snowden and seen by this newspaper, prove this
Facebook reveals friends list even when it's set to private(Naked Security) Don't want the entire Facebook–using and –abusing population to see your friends list? You can always change the setting to private — a setting labeled, for some strange reason, "only me", chosen in response to the "who can see your friends list?" setting. Fat lot of good it will do you, though
LG caught red-handed spying on viewers via Smart TVs(FierceBigData) Jason Huntley, U.K. ICT consultant, accidently discovered his LG Smart TV was sending extensive information about his viewing habits to the Korean manufacturer. He gives a full account of the unsettling details in his DoctorBeet's Blog. Readers should consider carefully what this means to them beyond using LG or other brands of Smart TVs
Tech experts: HealthCare.gov not secure(FierceHealthIT) At a Nov. 19 hearing of the House Committee on Science, Space, and Technology, four technology experts--including two university representatives--all testified that they thought HealthCare.gov was not a secure website, Reuters reported. What's more, three of the four experts said they thought that the site should be shut down until it is secure
Faked LinkedIn job offers on the rise(USA Today) Social networks interconnect people with common interests in near real time on a global scale. That's the power of social media. And it's also a beacon to cyberscammers
Have you heard of the Happy Hour virus?(Naked Security) Vigilant Naked Security reader Betty Kann has alerted us to an online service that she felt security-conscious sysadmins ought to be made aware of
Racing Post website hacked, customer information stolen(Graham Cluley) Racing PostThe website of the Racing Post, a daily newspaper obssessed with horse racing, greyhound racing and other sports betting, has been hacked by criminals who managed to access customer information
The importance of the User–Agent in the Botnets connections(Behind the Firewalls) The RFC 1945 says in the 10.15 section: "The User-Agent request-header field contains information about the user agent originating the request. This is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents for the sake of tailoring responses to avoid particular user agent limitations. Although it is not required, user agents should include this field with requests"
Asia Chats: Analyzing Information Controls and Privacy in Asian Messaging Applications(Citizen Lab) Across Asia, a new class of instant messaging (IM) mobile applications are rapidly growing in popularity and amassing enormous user bases. These applications encompass more than text, voice, and video chat as they offer social networking platforms that include expressive emoticons and stickers (known as "emoji"), photo and video sharing, e-commerce, gaming, and other features that provide a more sophisticated user experience than previous generations of IM clients
How to fight back against CryptoLocker(ComputerWorld) As early as 2007, if not earlier, Windows users encountered the very first rogue antivirus programs. Even today, end users are easily fooled by this vicious type of malware
Security Patches, Mitigations, and Software Updates
Data Breaches May Be Worse Than Reported(Baseline Magazine) Despite the growing awareness of cyber-attacks and the increasingly sophisticated tools and technologies available to combat data breaches, the problem is getting worse. What's more, organizations face steep challenges in dealing with cyber-attacks, and many are underreporting incidents, according to a recently released research report from ThreatTrack
Only half of healthcare IT pros use formal risk assessments(Help Net Security) Tripwire and the Ponemon Institute evaluated the attitudes of 1,320 respondents from IT security, IT operations, IT risk management, business operations, compliance/internal audit and enterprise risk management. One hundred seventeen health and pharmaceutical sector respondents from the U.S. and U.K. participated in the healthcare portion of the survey
The risks of having a false sense of security(Help Net Security) Organizations are overwhelmingly confident in their readiness to combat security threats, but may not be prepared for dangers linked to new technology models and increasingly sophisticated threats, according to CompTIA
Post Prism: The new meaning of spyware(BBC) It may not just be the cybercriminals accessing your computer. If you thought you were pretty clever knowing that spyware refers to pieces of malicious code put on computers in order for cybercriminals to steal your passwords and other IDs, think again
Cyber–attack at a major port could cost $1 billion per day(GSN) At a time when the nation's infrastructure faces a growing threat from cyber-attacks, maritime and homeland security officials say they are making significant progress in protecting the nation's ports, which handle more than 2 billion metric tons of cargo annually and are critical to the global economy
The Danger Of Laissez–Faire Security Attitudes(TechCrunch) A door lock does not have the same status as a modern, wall-mounted television or a couch from a world-class designer. It's not like you invite a friend over to check out the new double bolt on the front door: "Hey, you should come by and check out my new door lock! I also bought a new television and a couch, but forget that. This new door lock is awesome!" But if you did buy that $2,000
Surveillance as a Business Model(Schneier on Security) Google recently announced that it would start including individual users' names and photos in some ads. This means that if you rate some product positively, your friends may see ads for that product with your name and photo attached--without your knowledge or consent. Meanwhile, Facebook is eliminating a feature that allowed people to retain some portions of their anonymity on its website
NTRU public key crypto released to open source community(Help Net Security) RSA and ECC are the two most common public-key crypto systems in use today. At the 2013 Black Hat conference, researchers declared that the math for cracking encryption algorithms could soon become so efficient that it will render the RSA crypto algorithm obsolete. Coupled with the recent NSA tampering allegations on ECC, this mistrust could set up a "cryptopocalypse" with organizations scrambling to retrofit systems with new, yet trusted, public-key crypto systems. Today, Security Innovation announced the availability of NTRU crypto for free use in open source software
How certificate pinning improves certificate authority security(SearchSecurity) I saw that Microsoft is going to include something called certificate pinning in version 4.0 of its EMET tool. EMET is already in use at my company, but I'm curious if you could describe what certificate pinning is and the potential benefits? And how can we use EMET for certificate pinning
From 1,024– to 2,048–bit: The security effect of encryption key length(SearchSecurity) Google is changing the length of its encryption keys from 1,024-bit to 2,048-bit, including the root certificates that sign all SSL certificates. What are the practical effects of such a switch from a security perspective, including how enterprises can plan for the switch
'Honey pot' utility trap lures hackers in show of cyberthreats(EE News) The small city water company in Arnold, Mo., went online last November. Seventeen hours later, a hacker using the SHODAN attack search engine had identified and penetrated an internal computer address leading to the control system that operated the pumps at the heart of Arnold's operation
Unofficial guide to Tor: Really private browsing(Help Net Security) The issue of privacy on the Internet has long been a difficult one: there are a lot of good reasons that you might be leery of strangers reading your emails or spying on the websites you visit
DISA's EOC Shines at Annual Cyber Flag Exercises(Federal News Radio) The Defense Information Systems Agency's new Enterprise Operations Center played a big role in the 3rd annual U.S. Cyber Command-sponsored joint exercise Cyber Flag 14-1 The training exercise was held at Nellis Air Force Base the first week in November
Emerging Central And Eastern European Startups Showcased At How To Web(TechCrunch) I went to an event last week that exemplifies the enormous sea-change in tech startups that is sweeping across the Central and Eastern European region. I'll be writing about this more depth in due course. For now, suffice it to say that there is a real explosion occurring. Startups from all over the CEE region are now exhibiting or entering startup competitions in multiple locations
The internet mystery that has the world baffled(The Telegraph) For the past two years, a mysterious online organisation has been setting the world's finest code-breakers a series of seemingly unsolveable problems. But to what end? Welcome to the world of Cicada 3301
Legislation, Policy, and Regulation
UN surveillance resolution goes ahead despite attempts to dilute language(Jopurnal of Law and Cyber Warfare) The US, UK and their close intelligence partners have largely failed in their efforts to water down a United Nations draft resolution expressing deep concern about "unlawful or arbitrary" surveillance and calling for protection for the privacy of citizens worldwide
Spooky silence until next Snowden bomb(Sydney Morning Herald) The ability of American whistleblower Edward Snowden to poach the Western intelligence community's most explosive secrets while working as a government contractor in Hawaii has left security experts around the world gobsmacked
NSA Chief Offered to Resign After Leaks(Government Executive) According to an National Security Agency official quoted by The Wall Street Journal, recent leaks have been "cataclysmic" for the organization and forced a large-scale reevaluation of its policies. They were so devastating that Gen. Keith Alexander offered to resign from his position as head of the NSA after Snowden came forward about the agency's domestic surveillance
India Debates Establishing Cyber Command(DefenseNews) Top India military commanders meeting here have discussed establishing an independent Cyber Command. Addressing the Combined Commanders Nov. 22, Indian Prime Minister Manmohan Singh highlighted the need for developing capacities to counter what he described as "global surveillance operation"
Arms regulations urged for internet surveillance systems(Engineering and Technology Magazine) New arms sale regulations urgently need to be introduced to clamp down on the export of electronic surveillance technology similar to that used in the highly controversial monitoring by GCHQ, a Labour MP has claimed
Google's Vint Cerf to FTC: "Privacy may actually be an anomaly"(FierceBigData) Google's chief internet evangelist, Vint Cerf said in a speech given before the Federal Trade Commission (FTC) last week that "privacy may actually be an anomaly." Apparently he doesn't think privacy a basic human right, but rather an "anomaly" created by the industrial revolution. Therefore, reverting to a state of no privacy at all for citizens might be a natural thing. Though his argument sounds convincing, his premise is completely wrong
Litigation, Investigation, and Law Enforcement
Leaker Snowden asked for more dirt(The West Australian) Indonesian politicians plan to quiz former US National Security Agency contractor Edward Snowden in Russia about revelations Australia tapped the phone of President Susilo Bambang Yudhoyono
Internet security chief lashes out at Snowden, calls him a criminal(Times of India) Internet Security Alliance (ISA) chief Larry Clinton, in an interview with TOI on Friday, lashed out at whistleblower Edward Snowden, calling him a "criminal who must be prosecuted". He compared Snowden's actions to instances of Mahatma Gandhi 'breaking the law' and said that what Snowden did was not honourable
Lavabit Strikes Back at Feds in Key Internet Privacy Case(Wired) Lawyers for secure email provider Lavabit just filed the reply brief in a case that will determine whether an internet company can be compelled to turn over the master encryption keys for its entire system to facilitate court-approved surveillance on a single user
Judge Appears Receptive to Critics of NSA's Collection of Phone Data(Wall Street Journal) A federal judge on Friday appeared receptive to the idea that Americans enjoy some level of privacy in their phone records, in the first court challenge to the National Security Agency's bulk collection of data from telecommunications companies. The U.S. Supreme Court held in 1979 that Americans have no expectation of privacy in who they are calling, because they knowingly give that information to phone companies
How BYOD Puts Everyone at Legal Risk(CIO) If your BYOD policy goes too far, you may be prosecuted for unfair labor practices. However, courts expect you to produce all relevant data in discovery proceedings. Meanwhile, your employees may fear retaliation if they don't sign draconian BYOD policies. CIO.com talks to attorneys to better understand the legal side of BYOD
Commentary: Sir Bernard Hogan—Howe on new cybercrime push(London Evening Standard) Over the next month more Londoners than ever before will go online and take part in what retailers hope will be a £10 billion Christmas internet spending spree. The world wide web has given consumers an unprecedented opportunity to conduct our shopping, banking and other financial activities
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
New Resources to Grow Cyber Security Companies in Maryland(Rockville, Maryland, USA, November 25, 2013) Learn about new resources available locally to grow your cybersecurity company, including the Maryland Cybersecurity Investment Incentive Tax Credit and the Montgomery County Supplemental Incentive Program...
Oil and Gas Cyber Security 2013(London, England, UK, November 25 - 26, 2013) It has been stated that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security. The hugely increased demand to protect a multi-billion dollar global industry is being spurred...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
DefCamp 2013(Bucharest, Romania, November 29 - 30, 2013) DefCamp is one of the most important conferences on hacking & information security in South-East Europe, bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
Operationalize Threat Intelligence(Webinar, December 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data...
Cloud Security Alliance Congress 2013(Orlando, Florida, USA, December 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering...
SINET Showcase: THE SINET 16(Washington, DC, USA, December 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present...
World Congress on Internet Security(London, England, UK, December 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the...
ACSAC 2013(New Orleans, Louisiana, USA, December 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and...
2013 ASE International Conference on Cyber Security(Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...
Cyber Defense Initiative 2013(Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.