Iran's cyber warfare director has been shot dead. As of this writing Iranian authorities have neither announced suspects nor called the shooting an assassination (which it manifestly is).
Hacktivists strike targets in India, Israel, Slovakia, and Canada. Palestinian-sympathizing AnonGhost claims the last three acts of cyber vandalism, but the attack on Canadian sites is an apparently motiveless outlier—the targets are baseball-related and the defacements carry no political message.
Django is vulnerable to compromise of session cookies, but there are no plans to patch the hole. Webroot offers interesting observations on the "vertical integration" of a criminal DDOS-for-hire-service operating in a "vibrant" corner of the black market. The ZeroAccess botnet remains highly profitable, with India accounting for a growing portion of its victims. Poor patching sustains WordPress vulnerabilities (as frustrated security experts preach patching to an apparently heedless choir).
US Intelligence Community leaders warn of the cyber dangers inherent in the current Government shutdown. DNI Clapper's confidence in the ability of financially pinched analysts to resist recruitment by hostile intelligence services is surprisingly shaky.
Insurers are urging their customers to adopt more sophistication cyber defenses. The financial sector similarly emphasizes the inadequacy of legacy, commodity antivirus and perimeter defenses. New EU penalties will soon render failure to secure enterprise networks costly.
Hindustan Times Hacked, Data Leaked(Softpedia) The website of the popular Indian English-language newspaper Hindustan Times has been hacked and defaced by a hacker calling himself Silent Hacker
Public Works Department India website hacked with several Indian Govt Sites(Hackers Post) H4x0r HuSsY, famous for hacking Indian govt sites hit again. This time The official website of Public Works Department, Punjab with 10 other Indian Govt sites hacked by H4x0r HuSsY. Anatomy of the attack on the Indian server is unknown. The hacked sites belongs to different name servers. Two weeks before, Indian BioResource Information Network was hacked by the same hacker
Behind the South Korean Government DDoS Attacks(Threatpost) In the last few years, there have been a series of DDoS attacks and intrusions on government networks in South Korea that have resulted in the loss of untold amounts of data. The four attacks haven't been linked together or attributed to the same attackers, but there are some similarities in the methods and results
DDoS for hire vendor 'vertically integrates' starts offering TDoS attack capabilities(Webroot Threat Blog) DDoS for hire has always been an inseparable part of the portfolio of services offered by the cybercrime ecosystem. With DDoS extortion continuing to go largely under-reported, throughout the last couple of years — mainly due to the inefficiencies in the business model — the practice also matured into a 'value-added' service offered to cybercriminals who'd do their best to distract the attention of a financial institution they're about to (virtually) rob. Operating online — under both private and public form — since 2008, the DDoS for hire service that I'll discuss in the this post is not just offering DDoS attack and
ZeroAccess: The Most Profitable Botnet(F–Secure) In March of this year, researchers on Symantec's Security Response team began looking at ways in which they might be able to "sinkhole" (takedown) ZeroAcess — one of the world's largest botnets. But then... in late June, the botnet started updating itself, removing the flaw that the researchers hoped to take advantage of. Faced with the choice of some or nothing, the team moved to sinkhole what they could. And that was over 500,000 bots
India has third highest infection rate of ZeroAccess botnet(Zee News) ZeroAccess, which is one of the largest known botnets in existence, has infected more than 1.9 million computers globally on a given day in August this year with India having the third highest infection rate after the US and Japan, cyber security firm Symantec has said
WordPress Attacks: Time To Wake Up(InformationWeek) The latest WordPress hacks highlight our continued laziness when implementing online security, a problem made worse by free, easy-to-use sites. I wrote a Security 101 story in light of this news — outdated WordPress sites are used to launch malicious attacks on other websites — it would go something like this: Use strong passwords. Stay current on software updates and patches. Educate employees on security risks and fundamentals. Use anti-malware tools and other technologies. Wash, rinse, repeat
Potential Ripples of Stretched Cyber Support During Shutdown(Nextgov) With electronic infrastructure still up and running despite the government shutdown, the lack of staff support in information security shops is likely affecting the government's ability to respond to cyber threats and attacks and creating potential ripple effects for cybersecurity going forward
Enterprises risk data theft from old laptops(FierceMobileIT) Many companies turn in their old laptops to the computer firm that sells them their new laptops. The computer firm, such as Dell, then sells them to a firm that refurbishes laptops, which in turn sells them on eBay
Security Patches, Mitigations, and Software Updates
Google Updates Chrome 30 for 50 Security Flaws(eSecurity Planet) Google doubles the number of vulnerabilities it has fixed in new browser release. Google is out with its latest Chrome stable browser release, providing one of the highest security fix counts in the history of Google's popular open source browser. The Chrome 30.0.1599.66 release, available
Hackers get past anti–virus software(GoErie) At a time when millions of computer users face increasingly sophisticated cyberattacks, the anti-virus software they rely on to keep their information safe frequently fails to do the job. Of 45 pieces of malware that lingered on the New York Times computer systems for a third of a year, just one was spotted by its anti-virus software, the newspaper disclosed in January. That same month, security company Kaspersky disclosed a global data-stealing scheme had evaded detection by anti-virus products for five years
Is wireless the Trojan horse in your network security?(Help Net Security) According to Roger Klorese of WatchGuard technologies, smartphones and tablets now account for about 25% of devices used for work in the US. Wireless, mobility and BYOD are all part of an unstoppable
Four Questions To Ask About Every Cyber Risk Report(Wall Street Journal) Verizon's 2013 Data Breach Report said most breaches are perpetrated by outsiders but the Global State of Information Security Survey 2014 said most of the responsibility lies with current and former employees. Ponemon Institute's 2013 study has yet another take: that human error and system problems are major contributors
Death of a Cloud: IBM Partner Nirvanix Files for Bankruptcy(Wired) The company behind IBM's storage cloud is indeed on the way out. Last month, Nirvanix — the San Diego, California company that powered IBM's SmartCloud Storage service — told customers and partners that it was shutting down on September 30
Northrop to lay off 52 employees in Reston(Washington Business Journal) Some contract maneuvering from a federal agency will force Falls Church-based Northrop Grumman Corp. to lay off 52 employees working in Reston. The company filed a layoff notice to the Virginia Workforce Network, saying that the employees from the Intelligence Systems division within the Information Systems segment will lose their jobs by Nov. 29. One of Northrop's contracts is coming to an end, confirmed spokesman Randy Belote, who noted that it was unrelated to the federal shutdown
CISO Interview: Richard Bejtlich(SYS-CON) This is an interview with Richard Bejtlich, Chief Information Security Officer at Mandiant- a major player in the industry leader helping organizations detect, respond to, and contain computer intrusion
So I'm the guy who sent the t–shirt out as a thank you.(Yahoo! Developer Network) So, I am the guy who started sending t-shirts as a thanks to people when they sent us a potential vulnerability issue. What an interesting 36 hours it has been :) Here's the story. When I first took over the team that works with the security community on issues and vulnerabilities, we didn't have a formal process to recognize and reward people who sent issues to us. We were very fast to remedy issues but didn't have anything formal for thanking people that sent them in
Security Startups: Interview with CyberARM CEO and Co–Founder Shay Zandani(SecurityWeek) SecurityWeek: How did you start out in the computer field and in particular, security? Shay: My background is with "Mamram" - the Israel Defense Force's technical unit. Later, I joined the Israeli Air Force as a programmer where I worked as a team leader and officer. After a few years, I was asked to establish the information warfare department which, generally speaking, means using the enemy IT systems on the defense's behalf. At that time all this was strictly confidential, not like nowadays where there's an information warfare department, and counter cyber-attacks. After proving the team's capabilities, I was asked to establish the "Blue team" which focused on protecting the systems. When I left the army, I gained industry experience with several start-ups. At one of the startups, we established the first Trusted Third Party (TTP). Unfortunately, the idea was ahead of its time - we had a great technical success but it was a marketing failure. After that, I joined PricewaterhouseCoopers (PwC). At PwC I became the CEO of the Global Risk Management Solutions (GRMS) Group. I spent more than 10 years there, running their risk management and IT practices. I left 1.5 years ago to establish CyberARM
Catonsville startup Light Point relishes national attention(Baltimore Business Journal) Cyber startup Light Point Security is feeling the warmth of being in the spotlight. Catonsville-based Light Point has made it to the top five contestants in a Wall Street Journal startup competition that attracted 500 applications. The company still has to make it through two more challenges to win, but already Light Point is experiencing the benefits of being a winner. Investors, potential clients and media have been flocking to Light Point
Products, Services, and Solutions
General Dynamics Fidelis Cybersecurity Solutions Continues to Strengthen Threat Intelligence, Detection and Prevention(Hispanic Business) General Dynamics Fidelis Cybersecurity Solutions announced its flagship network security solution, Fidelis XPS, now includes a new application of YARA technology, a rule-based malware identification and classification tool, that will increase the real-time prevention of malware attacks by analyzing threats in network traffic. Arming customers with another innovative method to detect malicious traffic as it flows on the network, the continued enhancements to Fidelis XPS help customers reduce remediation costs by blocking malware before it enters the enterprise
Identifying And Discouraging Determined Attackers(Dark Reading) Enterprises are finding ways to identify targeted attackers and give them fits. Here's how. George S. Patton said, "Nobody ever defended anything successfully — there is only attack and attack and attack some more." So, is it possible to strike back at your attackers? And more importantly, is it the sensible thing to do
Attacks On Volatile Memory Can Be Detected, Researchers Say(Dark Reading) In-memory attacks create processing delays that give hackers away, Triumfant research says. Elusive attacks on a computer's volatile memory can be detected through a detailed analysis of processor behavior, according to new research. Researchers at security vendor Triumfant have discovered that in-memory attacks create a significant delay in system calls that is typically beyond the normal variance of processing time. The ability to detect such attacks — which have generally eluded most security tools because they attack data that is not stored — could enable enterprises to interrupt the attacks before they can do any damage, Triumfant says
Who owns this website? That information may soon be "need to know" only(Quartz) The governing body that oversees the internet's naming system is considering wide-ranging changes to the way domain names are registered. The changes are designed to protect the privacy of people who own websites, but critics argue that such a move would make cybercrime harder to fight and possibly even stifle future innovation
8 tips for safer online banking(CSO) Most of us use online banking. But are you making sure you're doing it as safely as possible? Check to make sure you're doing all of these 8 things
Penetration Testing With Honest–To–Goodness Malware(Dark Reading) Popular fiction usually dictates that the primary cyberfoe of big business is a young, nerdish, and exceedingly smart computer hacker with a grudge against practically anyone and everyone. It may be this particular cliched (and false) stereotype of a hacker that many business analysts and executives have, in turn, used as justification for testing the defenses of their organizations in a particular way. While some may supplement this image of a hacker with concrete bunkers filled with uniformed cyberwarriors if they feel worthy of state-initiated attacks, it is a sad fact that many of the methodologies currently employed by organizations to evaluate their tiered defenses are tired and dated
Incident Response Teams: The MVPs Of Your Cyber Defense (Part 1 of 4)(ThreatTrack CSO) A recent study by ThreatTrack Security illustrated an ongoing paradox for many CISOs. On one hand, nearly 70% of the C-level participants in the study said they're concerned their organization might not be as protected as it should be against malware, Advanced Persistent Threats and other cyber espionage tactics. Yet nearly half also admitted that they don't have an incident response team in place or use advanced malware analysis tools such as sandboxes to further protect their companies
What to Expect When You're NOT Expecting: 7 Steps of a Professional Forensic Investigator(infosec island) A bad day. You receive a letter from your favorite payment brand, which states that your organization has experienced a breach of Card Holder Data. A copy of the letter has also been forwarded to your merchant bank; as a courtesy. Typically you have a week to respond to their request to have a PCI Forensic Investigator (PFI) determine how the breach occurred. Notice that you are pretty much guilty until proven innocent, and to select your vendor of choice, you are directed to the PCI PFI list. Once you have chosen a vendor based on aligned interests and specialty, they'll get to work stepping you through to a report to the payment brands
Research and Development
Crowdsource Control(IEEE Spectrum) The idea of aggregating the opinions of online users to produce valuable results dates back to John Brunner's 1975 science fiction novel, The Shockwave Rider. Today, crowdsourced opinions are very much a fact of daily life
Carnegie Mellon Cyber Security Scholarships(Industrial Safety and Security Source) Seventeen Carnegie Mellon University (CMU) graduate students earned cyber security scholarships from the National Science Foundation, the Department of Homeland Security's CyberCorps Scholarship for Service (SFS) Program and the Department of Defense's Information Assurance Scholarship Program (IASP)
Legislation, Policy, and Regulation
Sen. Feinstein Claims The NSA Does Collect Phone Call Location Information, Contradicting The NSA(TechCrunch) Today Senator Feinstein stated that the NSA phone metadata program that collects records on the telephone calls of American citizens includes location information. Previously, head of the NSA, General Keith B. Alexander, stated that the NSA was not currently collecting call location data under the authority of Section 215 of the Patriot Act. It was left open that other authorization could allow
NSA Experimented With Cell Phone Location Tracking Program(TechCrunch) The National Security Agency experimented with a cell phone location tracking program in 2010, but eventually shelved the idea. Director of National Intelligence, James Clapper, declassified the program during a senate testimony today on Capitol Hill
NSA May Not Be Collecting Your Location Data From Telco Dragnet…Because It Gets It From Your GPS(techdirt) As we noted last week, Senator Ron Wyden has been repeatedly asking the intelligence community about whether or not they're tracking the location on any Americans, and the intelligence community has steadfastly avoided giving a straight answer (as they do). Specifically, he was asking about whether or not the NSA has in the past, or has plans to, get location data on Americans in bulk. The NSA's Keith Alexander did his "under this program" two step, in which he insists that they are not doing so under this program and at this time. That leaves open other programs and at other times
NSA Chief Denies Report on Social Network Spying(SecurityWeek) The head of the National Security Agency said Wednesday the secretive intelligence service does not compile data on Americans' use of social networks, dismissing a media report as "wrong." General Keith Alexander told a Senate hearing that a New York Times article "jumped to the conclusion this was done on Americans, that's not true."
Time to Split the Cyber 'Deep State' of NSA and Cyber Command(Huffington Post) Imagine if the commander of U.S. Pacific Command were the leading source of information on the Chinese military threat, had the ear of Congress on China policy, ran covert military operations against China, and could decide what information on China was classified. This perverse concentration of power is similar to where the United States has found itself on cyber policy. To restore balance, Congress and the president must ensure that new initiatives to control surveillance are more than just cosmetic by reforming America's current national security cyber organizations
NSA Hiring Civil Liberties Watchdog(Time) Whether or not the in-house overseer would be furloughed in a shutdown is not yet known. Times are tough for the US intelligence services these days, what with 70 percent of the intel workforce reportedly on indefinite furlough amid the government shutdown. Director of National Intelligence James Clapper is so concerned about the situation he warned
How the feds took down the Dread Pirate Roberts(Ars Technica) The Dread Pirate Roberts, head of the most brazen drug trafficking site in the world, was a walking contradiction. Though the government says he raked in $80 million in commissions from running Silk Road, he allegedly lived under a false name in one bedroom of a San Francisco home that he shared with two other guys and for which he paid $1,000 a month in cash. Though his alleged alter ego penned manifestos about ending "violence, coercion, and all forms of force," the FBI claims that he tried to arrange a hit on someone who had blackmailed him. And though he ran a site widely assumed to be under investigation by some of the most powerful agencies in the US government, the Dread Pirate Robert appears to have been remarkably sloppy—so sloppy that the government finally put a name to the peg leg: Ross William Ulbricht
Lavabit got order for Snowden's login info, then gov't demanded site's SSL key(Ars Technica) Had e–mail provider given up key, all users' data would have been compromised. The American government obtained a secret order from a federal judge in Virginia demanding that Lavabit hand over its private SSL key, enabling authorities to access Edward Snowden's e–mail, and e–mail belonging to Lavabit's 400,000 other users as well. That sealed order, dated July 10 2013, was first published on Wednesday by Wired reporter Kevin Poulsen
The Monktoberfest(Portland, Maine, USA, October 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.
Suits and Spooks NYC 2013(New York, New York, October 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state...
Forensics and Incident Response Summit EU(Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to...
CyberMaryland 2013(Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for...
2013 Maryland Cyber Challenge(Baltimore, Maryland, USA, October 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school,...
AFCEA Hill AFB Technology & Cyber Security Expo(Ogden, Utah, USA, October 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo...
NSU's Raising Savvy Cyber Kids with Ben Halpert(Fort Lauderdale, Florida, USA, October 10, 2013) Ben Halpert is an award-winning author of several books for diverse audiences. The Savvy Cyber Kids At Home: The Family Gets A Computer (October, 2010) is a picture book that teaches the concepts of online...
VizSec 2013(Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.
Hack-in-the-Box Security Conference 2013(Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer...
USDA Cyber Security Symposium and Expo 2013(Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit...
SNW Fall 2013(Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and...
Hexis Exchange(Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such...
Cybersecurity Symposium: "Protect. Defend. Educate."(Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers,...
NSU Healthcare Cyber Security Summit(Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University,...
Nuclear Regulatory Commission Cyber Security Conference & Expo(Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have...
Securing the Internet of Things Summit(San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications,...
13th Industrial Control Systems Cyber Security Conference(Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security...
Cloud Connect(Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...
Cyber Security Seminar and IT Expo at Peterson AFB(Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest...
Hack.lu 2013(Luxembourg, October 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
Joint Federal Cyber Summit 2013(Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished...
NSU's 12 Simple Cybersecurity Rules For Your Small Business(Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security...
BREAKPOINT 2013(Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon(Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...
2013 ACT–IAC Executive Leadership Conference(Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...
SAP NS2: National Security Solutions Summit(Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.
RSA Conference Europe(Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...
NSA Hawaii — Cyber Security, Intelligence & IT Day(Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.