Hacktivism against Latin American targets surges, mildly, with the usual diversity of motive. Venezuelan dissenters hit that country's police and military Websites, Anonymous Peru goes after the Peruvian Association of Authors and Composers on behalf of music pirating, and Pakistani hackers attack the Google Video Costa Rica domain for obscure reasons. Other Pakistani hacktivists continue the usual cyber-rioting against India.
In the UK, Parliament offers two object lessons in cyber security. First, the Minister for the Cabinet Office "installed his own Wi-Fi" in Commons, showing the familiar vicious circle of sluggish IT support prompting shadow IT, which in turn opens vulnerabilities, whose closure too often induces even more sluggish support, etc. Second, MPs' widespread on-the-job porn-surfing pastime proves resistant to technical control because of the "Scunthorpe Problem," a reminder of how difficult automated approaches to intensionality can be. Still, worth working on.
Data stolen from PR Newswire turns up beside stolen Adobe code, which suggests there are more companies with hacked data on the criminals' servers.
Researchers supported by Automatak find 25 vulnerabilities in ICS/SCADA protocols. Coupled with Project SHINE's ongoing inventory of Internet-connected SCADA systems, the findings indicate a high degree of industrial control system vulnerability.
Advanced malware appears in the wild sporting Address Space Layout Randomization (ASLR) bypass techniques.
Organized crime turns to hackers to compromise shipping systems.
US NSA Director Keith Alexander will retire in the spring; his deputy will retire this winter. Alexander's retirement has been discussed since June; it's not connected with the Snowden affair.
Today's issue includes events affecting Australia, Belgium, Costa Rica, Estonia, European Union, Germany, India, Republic of Korea, Pakistan, Peru, Russia, United Kingdom, United States, and Venezuela..
Cyber Attacks, Threats, and Vulnerabilities
Anonymous Venezuela Defaces Venezuelan Police and Military Websites for #Op15O(HackRead) The online hacktivists from Anonymous Venezuela have hacked and defaced the Venezuelan police, military websites and domains of non-profit organizations under the operation of #Op15O. Targeted sites belong to Vargas Municipal Police and two domains of Bolivarian Military Technical Academy, left with a deface page showing official Anonymous logo and Twitter handles of the hackers who participated in the cyber
Official Google Video Costa Rica Domain Hacked by h4x0r HuSsY from TeaM MADLEETS(HackRead) Pakistani hacker h4x0r HuSsY from TeaM MADLEETS has hacked and defaced the official Google Video Costa Rica domain just few hours ago. The hacker left his deface page along with a message on the hacked Google Video Costa Rica domain which shows that hack was more likely done as a result of a personal dispute between TeaM MADLEETS and another Pakistani hacker going with the handle of Dr. Freak!
Indian State Owned Telco BSNL gets Hacked by Ch3rn0by1 Hacker(HackersPost) The official domain of Indian state–owned telecommunications company Bharat Sanchar Nigam Limited — BSNL gets hacked by the Pakistani hacker with the handle Ch3rn0by1. The Ch3rn0by1 hacker is a crew member of P4K M4D HUNT3RS hacking group. The hacked domains belong to BSNL's Regional Telecom Training Centre (RTTC), Ahmedabad. There is no specific reason mentioned
Government minister embraces the Dark Side.(Trend Micro CounterMeasures) It appears that Francis Maude, the Minister for the Cabinet Office in the United Kingdom government is getting a little frustrated with technological solutions available to him in the Houses of Parliament. So much so that he has "installed his own wi-fi". In the House of Commons. In his office. In government. Nothing to worry about there then
Comment: Parliamentary Porn Habits(Help Net Security) Security analyst Bill Walker says the only scandal regarding recent revelations about the frequency of the UK Parliament's porn surfing is the lack of web security training
Bug Hunters Find 25 ICS, SCADA Vulnerabilities(Threatpost) A trio of researchers have uncovered 25 security vulnerabilities in various supervisory control and data acquisition (SCADA) and industrial control system (ICS) protocols. The researchers, Adam Crain, Chris Sistrunk, and Adam Todorski–though Todorski has not yet been credited with finding any of the disclosed bugs — are conducting this research with a sponsorship from Automatak, a firm — started by Crain — that provides security support for the makers and maintainers of the sorts of ICS and SCADA equipment that control much of the world's critical infrastructure and industrial machinery
'Project SHINE' Illuminates Sad State Of SCADA/ICS Security On The Net(Dark Reading) One million ICS/SCADA devices — and counting — found exposed on the public Internet, researchers say. A global Internet-scanning project focused on finding SCADA/ICS equipment and systems accessible via the public Internet is discovering some 2,000 to 8,000 new exposed devices each day
Project SHINE — Are Control Systems REALLY Connected to the Internet?(Belden) Eric Byres: One of the statements I continue to hear as I talk to executives, managers and engineers is "None of our SCADA or ICS equipment is accessible from the Internet." This week's blog contributor, Bob Radvanovsky of www.infracritical.com, explains Project SHINE — his effort to determine if this statement is fact or fiction
Smart Grid and the Threat of Malicious Cyber Actors(Global Security Sitrep) As the energy industry rushes to become "smart," it has paid scant attention to the security implications of this move, particularly in the cyber realm. Touted as the next big thing by policymakers and industry executives alike, smart grid technology is projected to improve the efficiency and sustainability of the electric grid--for less money. Yet smart grids will also drastically increase the security risks of an already vulnerable energy infrastructure
Cyber attack: The truth wouldn't be stranger than fiction(Baltimore Business Journal) "American Blackout" tells what might happen if a cyber attack cripples the nation's power system. A consultant for the film says that the scenario isn't that far-fetched. Could a cyber attack destroy the electrical grid and leave the nation powerless and in the dark for days, weeks or even months? How would people react and deal with an attack on the electrical grid? Would we be prepared, or would chaos ensue? On Oct. 27, National Geographic will premiere "American Blackout," a movie that tells the story of a national power failure in the U.S. caused by a cyber attack
Mass iFrame injection campaign leads to Adobe Flash exploits(Webroot) We've intercepted an ongoing malicious campaign, relying on injected/embedded iFrames at Web sites acting as intermediaries for a successful client-side exploits to take place. Let's dissect the campaign, expose the malicious domains portfolio/infrastructure it relies on, as well as directly connect it with historical malicious activity, in this particular case, a social engineering campaign pushing fake browser updates
DDoS attack size accelerating rapidly(Help Net Security) Arbor Networks released data on global DDoS attack trends for the first three quarters of 2013. The data shows that DDoS continues to be a global threat, with alarming increases in attack size this year
Easyjet systems crash "not an attack"(Business Traveller) Easyjet has denied speculation that its website fell victim to a cyber attack following a Europe-wide system failure yesterday. The airline faces a big compensation bill after its system shut down from 1100 to around 2000, affecting hundreds of flights
Is your webcam watching you?(KSDK) The plundering of the Internet of Things has commenced. From a command center in a non-descript high-rise here in the heart of Silicon Valley, security start-up Norse has been gathering shocking evidence of hackers usurping control of Internet-connected appliances, everything from web cams to climate-control systems
Inside the mind of an online predator(Graham Cluley) Fortunately, most of us don't think like a predator. Understanding how predators act and think is one of the most difficult things a victim has to do. But identifying predators is a useful skill, not only for victims but anyone online
Security Patches, Mitigations, and Software Updates
The Internet of Things: Vulns, botnets and detection(Help Net Security) Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and setting up a dev environment to build embedded software
All quiet on the Wi–Fi security front(ComputerWeekly) Since the assault on the Wi-Fi network of the US-based TJX retail group in 2007, there has been no further high-profile data breach involving this communications channel. Does this mean that the TJX breach was enough to shock corporations into ensuring that Wi-Fi networks were secure, proving that it usually takes a big breach to spur across the board action
BlackBerry to world: Trust us(CRN) Canadian vendor claims to be solid but the losses have long told another story. Ailing BlackBerry has a message for its passionate, if dwindling, user base: We'll be here for you
Seven Local Tech Companies Prove Vermont Can Lead the Nation(Seven Days) When most people think of Vermont products, they think of Burton Snowboards, Ben & Jerry's ice cream and maple syrup. But the Green Mountain State is also home to a number of tech and bioscience companies with national or international reputations within their niche markets
Healthcare.gov problems spark federal IT recriminations(FierceGovIT) Problems with healthcare.gov, the federal website for residents of 36 states whose governments declined to build their own healthcare exchanges, have set off a round of recriminations against federal information technology management and acquisition
Video: Hacking back and active defense(Information Security Buzz) In this DerbyCon video, John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the myths, outright lies and subtle confusions surrounding taking active actions against attackers
Webroot brings app reputation service to its mobile security suite(ComputerWorld) Webroot announced a new release of the Webroot SecureAnywhere Business--Mobile Protection suite. The new version adds some key features and capabilities and blurs the line between mobile security and mobile device management. One element that stands out from the rest, though, is Webroot's new service to help IT admins understand the risk posed by installed apps
Signifyd Fights Fraud With Online Sleuthing(All Things D) Signifyd today launches tools for online merchants to fight fraud. It helps sellers make better choices about whether to accept or deny sales by piecing together online identities that match up with offline people
Technologies, Techniques, and Standards
NSA's Data Center Electrical Problems Aren't That Shocking(IEEE Spectrum) Last week, the Wall Street Journal reported that arc-fault failures—electrical problems that exceed the protective capabilities of circuit breakers and cause metal to melt and go flying—are delaying completion of the NSA's controversial new Utah data-storage center. The article reported that 10 such meltdowns over the past 13 months had led to disputes about the adequacy of the electric control systems, and suggested that designers and builders of the new data center may have cut corners
Access denied and blacklists / blocklists(Internet Storm Center) If you are surfing the Internet, minding your own business, and receive an access denied message, you might understandably wonder why. As one Internet surfer discovered, he was trying to go to a legitimate web site to book a service in a country he was planning on visiting. Imagine his surprise when he see the image below in his web browser
Is Cybersecurity an Inside Job?(Digital Communities) While security clearance and authentication processes are essential to physical and other security, the physical DC Navy Yard breach by Aaron Alexis and the state secret breaches by Edward Snowden illustrate some disturbing weaknesses in personal validation and authentication. These clearance breaches were very different in nature but show a range of how a person's calculated action can subvert basic security measures
Improving Tor's anonymity by changing guard parameters(Tor Project) There are tensions in the Tor protocol design between the anonymity provided by entry guards and the performance improvements from better load balancing. This blog post walks through the research questions I raised in 2011, then summarizes answers from three recent papers written by researchers in the Tor community, and finishes by explaining what Tor design changes we need to make to provide better anonymity, and what we'll be trading off
Customizing defense models to reduce the window of exposure(Help Net Security) Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape has changed and is constantly changing. Currently, that involves many client side attacks, and the possibility of being targeted by persistent attackers, either those affiliated with criminal organizations or state-sponsored ones
Dissecting Malware — Static Analysis of Malware(Infosec Institute Resources) This article will show you how to do static malware analysis. What are the processes involved in a static analysis? Static malware analysis is the first essential step taken by malware analysts or reverse engineers working in the forensics department
Raising awareness quickly: A look at basic password hygiene(ComputerWorld) Continuing a running series for National Cyber Security Awareness Month, Rapid7 has released another easily emailed awareness note. This time the topic is passwords, something that can either make or break a person's overall level of security
Cybernomics 101(The Hill) Over the last few months there's been tremendous speculation in the media surrounding leaks from the National Security Agency (NSA) and the ongoing commentary this continues to receive around the globe. Much of what we are reading is the stuff of spy novels, and in some cases media reports pursue headlines without understanding the substance of the content contained within the classified documents that they are reviewing
NIST cybersecurity framework draft delayed by shutdown(FierceGovIT) The Oct. 10 deadline for the National Institute of Standards and Technology to issue a preliminary cybersecurity framework for private sector operators of critical infrastructure came and went without action, due to the ongoing government shutdown
How to Design — And Defend Against — The Perfect Security Backdoor(Wired) We already know the NSA wants to eavesdrop on the internet. It has secret agreements with telcos to get direct access to bulk internet traffic. It has massive systems like TUMULT, TURMOIL, and TURBULENCE to sift through it all. And it can identify ciphertext — encrypted information — and figure out which programs could have created it
The Reality Of Freshly Minted Software Engineers(Dark Reading) Why do recent computer science graduates need to be retrained when they hit the commercial world? Universities and colleges are pumping out more and more software engineers each year. Yet it would seem to many in the industry that the quality of these freshly minted graduates is decreasing. Perhaps "quality" is too harsh a word — "immediate usefulness" would likely be more appropriate. What's the problem
Meet the man who could be next in line to control the NSA's spying apparatus(Washington Post) Reuters reports that both Gen. Keith B. Alexander, NSA and U.S. Cyber Command chief, and his civilian deputy John "Chris" Inglis will be departing the National Security Agency (NSA) soon. And they identify Vice Admiral Michael Rogers, current commander of the U.S. Navy's 10th Fleet and U.S. Fleet Cyber Command, as one leading candidate to replace Alexander in the top spot
Should the NSA and U.S. Cyber Command be split up after Keith Alexander steps down?(Washington Post) The head of U.S. Cyber Command and the NSA, Gen. Keith Alexander, intends to retire, Reuters is reporting. It doesn't appear that he's being forced out over this year's domestic surveillance controversy. Alexander's voluntary plans were first reported by Wired back in June. But news that the intelligence official has finalized his departure means that President Obama faces a choice: Will Alexander's successor have control over both the NSA and Cyber Command, or should he appoint two separate officials to manage each agency
NSA revelations: A timeline of what's come out since Snowden leaks began(Christian Science Monitor) Since Edward Snowden's first published leak about National Security Agency surveillance techniques appeared in The Guardian on June 5, new revelations have been steadily trickling out. Here's a look at what we've learned since June, broken down by eight key dates
How the NSA and FBI foil weak oversight(Guardian) Over 20 congressional bills aim to address the crisis of confidence in NSA surveillance. With Patriot Act author and Republican Congressman Jim Sensenbrenner working with Vermont Democratic Senator Patrick Leahy on a bipartisan proposal to put the NSA's metadata program "out of business", we face two fundamentally different paths on the future of government surveillance
How to fight cyber war? Estonia shows the way(Times of India) Estonia is the Hiroshima of cyber war. In April 2007, the new government decided to move a Soviet-era war memorial to a location outside the capital, Talinn. Pro-Soviet elements came out on the streets to protest. Then, the cyber attacks started. Within hours, the attackers brought down the tiny country's banks, newspapers, news agencies and all government sites. The rioters raged outside
Defending Against Cyber Attacks in South Korea(The Peninsula) Named as the most wired place on earth, it is no surprise that South Korea has faced many cybersecurity challenges with 2013 being one of its worst years. Unfortunately, at this time all that South Korea can do when dealing with cyberwarfare is play defense
Cryptographer Adi Shamir Prevented from Attending NSA History Conference(Federation of American Scientists) In this email message to colleagues, Israeli cryptographer Adi Shamir recounts the difficulties he faced in getting a visa to attend the 2013 Cryptologic History Symposium sponsored by the National Security Agency. Adi Shamir is the "S" in the RSA public-key algorithm and is "one of the finest cryptologists in the world today," according to historian David Kahn. The NSA Symposium begins tomorrow. For the reasons described below, Dr. Shamir will not be there
Post–Snowden, U.K. Parliamentary Committee To Probe Individual Privacy Vs. National Security(TechCrunch) A U.K. parliamentary committee has widened the scope of a planned inquiry into the legislative framework governing national intelligence agencies' access to private information, triggered by the PRISM revelations in the U.S. It will now consider more broadly the impact of mass surveillance on individuals' right to privacy. The Intelligence and Security Committee (ISC) said today it will broaden the scope of its forthcoming inquiry — in order "to examine the appropriate balance between privacy and security in an internet age"
National Strategies & Policies(CCDCOE) The selection below provides links to national cyber security policy and legal documents, including national security and defence strategies identifying cyber, national cyber/information security strategies, and relevant legal acts. The collection primarily focuses on NATO Nations, but a number of other national examples are represented as well
Litigation, Investigation, and Law Enforcement
To pay off webcam spies, Detroit kid pawns $100k in family jewels for $1,500(Ars Technica) Video was so embarrassing, theft seemed the better option. Yesterday, I gave a one-hour talk at the University of Michigan on remote administration tools (RATs) and the surprising ways they allow hackers, corporations, schools, and police to spy on computer users by activating microphones and webcams. The talk contains some pretty wild stories—but a woman approached me afterward to let me know that the craziest single RATing story she had ever heard just took place up the road in Detroit. And she was right
Controversy grows over cyber warfare command's alleged election meddling(Yonhap) The main opposition Democratic Party (DP) on Thursday sought to stir up controversy over allegations that the defense ministry's cyber warfare command meddled in last year's presidential election, likening the current Park Geun-hye administration to the military regime of her father and late president Park Chung-hee
Door may open for challenge to secret wiretaps(New York Times) Five years after Congress authorized a sweeping warrantless surveillance program, the Justice Department is setting up a potential Supreme Court test of whether it is constitutional by notifying a criminal defendant -- for the first time -- that evidence against him derived from the eavesdropping, according to officials
IBM continues legal fight against AWS(FierceGovIT) Making good on its promise to contest an unfavorable Court of Federal Claims decision over its effort to have the CIA reconsider a lucrative contract award for intelligence community cloud computing to Amazon Web Services, IBM filed two requests for an injunction on Oct. 10
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
MIRcon 2013(Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.
Hack-in-the-Box Security Conference 2013(Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer...
SNW Fall 2013(Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and...
Cybersecurity Symposium: "Protect. Defend. Educate."(Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers,...
NSU Healthcare Cyber Security Summit(Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University,...
Nuclear Regulatory Commission Cyber Security Conference & Expo(Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have...
Securing the Internet of Things Summit(San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications,...
13th Industrial Control Systems Cyber Security Conference(Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security...
Cloud Connect(Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...
Cyber Security Seminar and IT Expo at Peterson AFB(Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest...
Hack.lu 2013(Luxembourg, October 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
Joint Federal Cyber Summit 2013(Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished...
NSU's 12 Simple Cybersecurity Rules For Your Small Business(Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security...
BREAKPOINT 2013(Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon(Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...
2013 ACT–IAC Executive Leadership Conference(Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...
FIRST Energy Symposium(Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been...
SAP NS2: National Security Solutions Summit(Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.
RSA Conference Europe(Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...
NSA Hawaii — Cyber Security, Intelligence & IT Day(Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.