Several hacks (in Spain, the US, and Africa) look like hacktivism but appear on closer inspection to be mere cyber vandalism (although the African site defacements have an Islamist style and Anonymous claims the Catalonian hack).
The Mevade botnet continues to roil through its largely European targets, with businesses, organizations and governments hit indiscriminately.
F-Secure finds interesting obfuscated code leading to an exploit kit. FireEye describes Terminator RAT's evasion techniques. The old criminal standby, Blackhole, seems to be disappearing from the black market, largely replaced by Cutwail.
Security analysts think LinkedIn's new features may prove a phisher's playground. Popular IZON security cameras are found vulnerable to hacking.
Insurers take note of the rising threat to US power infrastructure.
Mozilla offers a Firefox plug-in that shows how users' browsing is monitored, by whom, and to whom the monitors are connected.
Financial sector cyber drill Quantum Dawn 2's after action report is out. NIST's draft cyber security framework attracts criticism, but, on balance, good will.
Germany and France protest US electronic surveillance. Germany and Brazil want to elevate the matter to the United Nations, and many see new international norms emerging. Such norms won't be a Stimsonian gentlemen-don't-read-other-gentlemen's-mail, stopping intelligence collection being generally understood as irresponsible, but new restraints will certainly be considered. Inter alia the US warns allies their cooperation with collection may have been compromised.)
In the US, senior voices are raised in support of splitting Cyber Command from NSA. The Department of Defense releases its cyber threat sharing guidelines.
Today's issue includes events affecting Australia, Brazil, China, European Union, France, Germany, Iran, Ireland, Israel, Malaysia, Panama, Russia, South Africa, Spain, Taiwan, Tunisia, Ukraine, United Kingdom, United Nations, United States..
Cyber Attacks, Threats, and Vulnerabilities
African Petroleum Producers' Association Website Hacked by Fallaga Team Tunisia(Hack Read) A Tunisian hacker going with the handle of TN_X2X from Fallaga Team Tunisia has hacked and defaced the official website of African Petroleum Producers' Association based in Lagos, Nigeria. The hack is a high profile where hacker left his deface page along with a message on the website, leaving an Islamic prayer
Northern Region Civil Air Patrol of U.S. Air Force Domain Hacked by KamiSecTeam(Hack Read) A group of Malaysian hackers from KamiSecTeam has hacked and defaced the official website of Northern Region Civil Air Patrol of the United States Air force. Hackers left an image as a deface page on the hacked website with team's name KamiSecTeam and official logo but reason for targeting the site was not mentioned anywhere
Anonymous Hacks Systems of Spain's Catalan Police(Softpedia) Anonymous hackers claim to have breached the systems of Mossos d'Esquadra, the police force of Spanish community of Catalonia. The targeted website is the one of the Catalan police union, from which they've leaked the details of several individuals
Neutrino: Caught in the Act(F-Secure) Last week, we got a tip from Kafeine about hacked sites serving injected iframes leading to an exploit kit. We thought it was quite interesting so we looked at one of the infected websites and found this sneaky piece of code
Evasive Tactics: Terminator RAT(FireEye Blog) FireEye Labs has been tracking a variety of advanced persistent threat (APT) actors that have been slightly changing their tools, techniques, and procedures (TTPs) in order to evade network defenses. Earlier, we documented changes to Aumlib, the malware used in the attack against the New York Times, and Taidoor, a malware family that is being used in ongoing cyber-espionage campaigns particularly against entities in Taiwan. In this post we will explore changes made to Terminator RAT (Remote Access Tool) by examining a recent attack against entities in Taiwan
Halloween Freebies Lead to Ghastly Survey Scams(TrendLabs Security Intelligence Blog) With Halloween just around the corner, everyone's thinking about costumes and candy - including cybercriminals. We found several scams taking advantage of the upcoming holiday on popular sites like Facebook, Twitter, and YouTube
How hackers could hijack HealthCare.gov(FierceHealthIT) President Obama may have tapped Jeff Zients, one of his economic advisers, and communications giant Verizon to start fixing the troubled HealthCare.gov, but a bigger problem may be on the horizon: hackers
Exclusive: Apple Store Favorite IZON Cameras Riddled With Security Holes(Security Ledger) It's another day, another face-palm moment for the home surveillance camera industry. Just one month after the Federal Trade Commission (FTC) settled a complaint with the maker of SecurView, a line of poorly secured home surveillance cameras, a researcher at the firm Duo Security has found a slew of even more serious security holes in the IZON Camera - a popular product that is sold in Apple Stores and Best Buy, among others. A review by The Security Ledger found dozens of such systems accessible via the public Internet, in some cases allowing anyone to peer into the interiors of private residences and businesses
LinkedIn Intro: Hack Here For Juicy Data(Forbes) LinkedIn's new Intro service has put up a big sign advertising to cyber criminals, nation states and others 'hack here, we've got loads of juicy data'. The architecture of its new service is innovative but compromises your security and privacy in ways you really should care about. Oh, and whilst I am at it, I'll have a dig at Apple AAPL +1.33% for putting LinkedIn in this position in the first place. So how does it work
What teenagers think about Facebook's new privacy controls(Guardian) Young people post vast amounts of information about themselves online often to the horror of adults. Here three teenagers affected by Facebook's new privacy settings discuss what they think about sharing information online
Cyber risk for U.S. power, utilities companies increasing(Canadian Underwriter) Critical infrastructure in the United States, and in the power and utilities sector in particular, is facing an increase in cyber attacks, leading to stronger regulation and the need for insurance coverage, according to a briefing from Marsh
Internet Privacy Company Ends Service To Avoid Government Surveillance(Reason) Remember Lavabit and Silent Circle, the encrypted email providers that closed their doors because they faced government pressure to enable government snooping on their customers (Silent Circle still offers other privacy services)? Well, you can add CryptoSeal to the mix. The company has ended its CryptoSeal Privacy virtual private network (VPN) service (it still offers enterprise-lever services), which was advertised as "keeps prying eyes off of your internet usage while you're at home, in a coffee shop or even another country," also over concerns about the legal environment and government snooping
Will Huawei be the NBN's Saviour…or a Threat to National Security?(Counting Pips) Huawei is one of the biggest communication companies in the world. They do everything you can think of that has anything to do with communication. Mobile phones? Yes. Cellular Towers? You bet. Internet infrastructure? It's a specialty. When it comes to communication Huawei is a global leader. They've rolled out their services all over China, Europe and Asia. But not the US and not Australia. You can buy their consumer products in Australia and the States…but you won't find anything else branded Huawei. What's worthy of note is the UK has just given Huawei the green light to build a £125 million R&D facility. And the UK is renowned for being US 'yes men'
Skybox Security Adds Several New Partners to its North America Channel Program(Virtual Strategy) Skybox Security, the leading provider of risk analytics for cyber security, today announced a number of new North American channel partners, including: CipherTech, Creative Breakthroughs Inc. (CBI), CR&T, GigaNetworks, Namtek, NuTech and Tevora. Skybox Security's Channel Program provides value-added resellers (VARs) and system integrators with the industry's most advanced and effective security risk and compliance solutions
Serco CEO quits after government contract scandal(Reuters) Serco, the global outsourcing firm battling to save its relationship with the British government after a series of scandals, said its chief executive had quit as part of a major reorganisation aimed at restoring its reputation
Wikipedia sockpuppet saga threatens users' trust of the service(Naked Security) PR firms willing to make a buck by gaming Wikipedia's editing processes are starting to threaten users' trust of the service, to the extent that alarmed watchers are predicting that, in a few years, a significant portion of Wikipedia's content could well be spam
Firefox plugin reveals how your internet browsing is being monitored(Engadget) If someone screams "they're watching you!" into your face, then you're either starring in a horror movie or living in these surveillance-conscious times. Still, if it's the latter, at least now you can put a name to the faceless entities observing your every move. Mozilla has released Lightbeam, a Firefox plugin that visualizes which sites are tracking your browsing history and how those sites are connected
Procera Networks and Skyfire Announce Deployment–Ready Partnership(MarketWatch) Procera Networks, Inc. PKT +1.33% , the global Internet Intelligence company, and Skyfire, a fully-owned subsidiary of Opera Software, today announced a joint solution and partnership to tackle the rapid growth of video traffic on global mobile networks, based on an open, scalable ICAP architecture. The two companies have partnered to create a flexible, deployment-ready solution around PacketLogic™ Intelligent Policy Enforcement platforms that enables mobile operators to accelerate their move toward virtualized, software-defined network architectures, and to provide deeper functional integration for advanced traffic steering of video content. The interoperable solution is already being field-trialed by a major European operator
Technologies, Techniques, and Standards
To Determine Threat Level, Context Matters(Dark Reading) Computers communicating with the Amazon cloud, users logging in after hours, and the risk posed by Java; without context, evaluating threats is nearly impossible
Spear–Phishing: What Banks Must Do(Bank Info Security) The Federal Bureau of Investigation recently warned of an uptick in spear-phishing attacks targeting employees across numerous industries
NIST's latest cybersecurity framework reveals a lot of goodwill amidst continued criticism(CSO) After delays due to the government shutdown, the National Institute of Standards and Technology (NIST) released on October 22 its latest version of a comprehensive cybersecurity framework for critical infrastructure as mandated by President Obama's February cybersecurity executive order (EO). This preliminary framework is subject to a 45-day public comment period, after which NIST will make revisions and then produce a final framework for publication in February
Research and Development
NSF grant funds UB communication research into anti-phishing models(University at Buffalo) "Phishing has become the attack vector of choice among cyber criminals and their incidence has gone up significantly" (Arun Vishwanath, associate professor of communication). Arun Vishwanath, PhD, associate professor in the Department of Communication at University at Buffalo, has received a three-year $320,000 grant from the National Science Foundation to launch a research project to learn just how people fall victim to cyber-phishing attacks and what tools can be used to protect them
Beaver alumnus wins Lockheed Martin Cyber Challenge(Penn State) David G. Walker, a 2003 graduate of Penn State Beaver's information sciences and technology baccalaureate degree program, is the winner of the inaugural Lockheed Martin Cyber Challenge. Walker is a senior systems engineer at the company
(ISC)² Names Inaugural Winners of USA Cyber Warrior Scholarships(InfoSecurity Magazine) The (ISC)² Foundation, the nonprofit charitable trust of (ISC)², today announced the inaugural recipients of the 2013 USA Cyber Warrior Scholarship, a program developed in partnership with Booz Allen Hamilton to help close the cybersecurity workforce gap by providing career training to qualified veterans who served in the US military
Coding: 'Suitable for exceptionally dull weirdos(The Register) Niche, mechanical skill, a bit like plumbing or car repair. Readers' corner Teaching all children to code software is daft and pointless to The Telegraph blogger Willard Foxton. In an article attacking the UK government's plans to update the ICT curriculum, the "investigative journalist and television producer", writes
EU Reconsiders Intelligence Cooperation With US After Spying Reports(TechCrunch) German Chancellor Merkel is angry with President Obama; so furious that she's publicly calling the European Union to reconsider its intelligence cooperation with the United States, after reports that the National Security Agency tapped her and 35 other leaders phones
Exclusive: Germany, Brazil Turn to U.N. to Restrain American Spies(Foreign Policy) Brazil and Germany today joined forces to press for the adoption of a U.N. General Resolution that promotes the right of privacy on the internet, marking the first major international effort to restrain the National Security Agency's intrusions into the online communications of foreigners, according to diplomatic sources familiar with the push
EU summit statement on US spying scandal(EUBusiness) The 28 European Union leaders agreed Friday a statement on relations with the United States after revelations of US spying sparked uproar. Leaders met for a summit otherwise devoted to the economy and refugees but it was largely overtaken by events after reports the United States had tapped the mobile phone of German Chancellor Angela Merkel
Of course the NSA spies on Angela Merkel. The problem is she can't spy back(TechWorld) Well-executed spying is an essential safety valve. But the NSA has got ahead of its friends. So the world now knows that the US has definitely been spying on the mobile phone calls of Angela Merkel, François Hollande, David Cameron and most probably the leaders of every other one of its closest allies. Everyone suspects these countries attempt the same back just as surely as do the US's strategic opponents, Russia, China, Iran and North Korea
Allies Aren't Always Friends(New York Times) To play the role it has played in the world for the last 70 years, the United States must be able to gather intelligence anywhere in the world with little or no notice. We never know where the next crisis will erupt, where the next unhappy surprise is coming from. It's the intelligence community's job to respond to today's crises, but its agencies live in a world where intelligence operations take years to yield success. That makes it a little hard - and very dangerous -- to create "intelligence-free zones."
The National Security Agency, Narcissism, and Nationalism(Daily Beast) If the Germans were tapping our president's phone, Rush Limbaugh would be musing about fire-bombing Dresden. But since we're doing the spying, the right doesn't care. That indifference only weakens the U.S., says Peter Beinart
Snowden rebuts Feinstein's statement that NSA spying "is not surveillance"(Ars Technica) Former National Security Agency contractor Edward Snowden went into a relatively long silent period after being charged with espionage and fleeing to Russia. But it seems that he is becoming more comfortable about speaking out. Today, new Snowden comments emerged in which he directly took on Sen. Diane Feinstein (D-CA), who last week defended the NSA spying programs in a controversial op-ed in USA Today
Divide and Conquer(Foreign Affairs) As General Keith Alexander prepares to depart from the federal government early next year, it's important to note that he will be vacating not one job but two. He has earned plenty of attention for his role as director of the National Security Agency (NSA), the United States' signals intelligence operation. But Alexander has concurrently served as head of Cyber Command, the cybersecurity command that the Pentagon established in 2010. This overlap was not an oversight; in fact, it was quite the opposite. Policymakers assumed that it would be efficient to have the same person run the two organizations, given that they both relied on the same types of technical expertise and operated in the same virtual space (not to mention that they are both physically based in Fort Meade, Maryland)
NSA Needs a 12 Step Program(Nextgov) Since Edward Snowden started leaking details on how the National Security Agency gobbles up exabytes of data worldwide, it has become increasingly clear that it has an unhealthy addiction
DoD taking steps to protect data on unclassified contractor networks(Defense News) A new plan will ensure that the department provides a cohesive, comprehensive and cost-effective approach to protect priority investments and future defense capabilities while maintaining efficient business operations with our industrial partners, Hagel wrote
Measuring the Cybersecurity Problem(East-West Institute) Trillions of dollars of transactions fly across cyberspace every day that we know are riddled with cybersecurity problems, yet there is no sufficient way to measure their frequency or impact. The EastWest Institute's just-released report, Measuring the Cybersecurity Problem, highlights this global challenge and offers recommendations that, if implemented, would achieve a breakthrough for much-needed measurement of cybersecurity breaches
The right to be forgotten, or erased?(IT Security Guru) This week saw the announcement of the draft Data Protection Directive and among the significant changes was the wording from "right to be forgotten" to "right of erasure"
Euro Parliament axes data sharing with US — the NSA swiped the bytes anyway(Register) The European Parliament has voted to halt the Terrorist Finance Tracking Program (TFTP), an agreement to share data on financial transactions in the Continent with the US — after documents leaked by Edward Snowden showed the NSA was hacking the system anyway…In the wake of these allegations, the parliament voted by 280 to 254 (with 30 abstentions) to suspend the TFTP until a "full on-site technical investigation" of the hacking claims has been carried out by Europol's Cybercrime Centre
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
BREAKPOINT 2013(Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon(Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...
2013 ACT–IAC Executive Leadership Conference(Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...
FIRST Energy Symposium(Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been...
SAP NS2: National Security Solutions Summit(Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.
RSA Conference Europe(Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii(Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...
NSA Hawaii — Cyber Security, Intelligence & IT Day(Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...
Ahead of the Threat: Driving Innovation for Cyber Security(Bethesda, Maryland, USA, October 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will...
TrustED 2013(Berlin, Germany, November 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing...
OKTANE 1(San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...
MIRcon 2013(Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.