Anonymous claims to have taken down Interpol's Indonesia site.
The weekend attack on Buffer is now at least partially explained: a major security breach has been found at MongoHQ, the NoSQL database hosting service. An internal support application, open to the Internet and unprotected by a VPN, was compromised via an employee's use of a password shared with a private account. Buffer won't pass all the blame to MongoHQ, acknowledging that had Buffer encrypted its tokens, the damage would have been much less.
In an update on this month's breach, Adobe reports that Photoshop source code was stolen. The breach affected some 38 million users, and a file holding 150 million usernames and hashed passwords has been seen on the Internet.
A new mass injection campaign, "GWload," has infected some 40 thousand Web pages worldwide. Victims visiting the sites are induced to download unwanted software.
About ten thousand items in Apple's AppStore have been shown potentially vulnerable to redirection attacks.
Trend Micro releases an interesting vade mecum for the Chinese cyber criminal underground.
In industry news, Dell is now private. BlackBerry shops its pieces to Facebook.
Trend Micro offers advice on defense against Cryptolocker. Dark Reading mulls the risk of "shelfware."
As the US President and Congress woof about reining in NSA, DNI Clapper and Director NSA Alexander testify that (1) electronic surveillance of allies is internationally normal, and (2) European governments feed the US their own domestic surveillance product. Transatlantic embarrassment suggests Clapper and Alexander are on to something.
Today's issue includes events affecting Canada, Ecuador, European Union, France, Germany, India, Indonesia, Russia, Spain, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
#OpThrowBack: Official Interpol Indonesia Website Taken Down by Anonymous(HackRead) The official website of Interpol Indonesia has been taken down by Fu7ion who calls himself a supporter and part of online hacktivist group Anonymous. Fu7ion says that he has taken Interpol Indonesia website under the banner of an online operation ''#OpThrowBack''. The operation was launched by Anonymous hackers yesterday against FBI, NSA, Verizon, Microsoft and AT&T
MongoHQ compromised, Have you re–checked your Security Settings?(Kualitatem) MongoHQ is a private, Database-as-a-Service platform for securely hosting and managing shared and dedicated MongoDB instances. Buffer app hacked accounts led to compromise MongoHQ application as per MongoHQ initial reporting. All High-tech applications are based on heterogeneous structure where multiple applications have to integrate with each other in controlled fashion. Security is a continuous process; companies have to scrutinize their security parameters
Stolen Adobe account data goes public, Photoshop source code breached(CSO) In an update on the data breach disclosed earlier this month, Adobe has said that source code for Photoshop was stolen. Making matters worse, a file containing 150 million usernames and hashed passwords has appeared online, and the company says that 38 million accounts were directly impacted by the incident
New Injection Campaign Peddling Rogue Software Downloads(Threatpost) A mass injection campaign has surfaced over the last two weeks that's already compromised at least 40,000 web pages worldwide and is tricking victims into downloading rogue, unwanted software to their computer. The campaign, dubbed GWload by researchers at Websense, relies on a Cost Per Action scam that convinces users into thinking the page they've navigated to has been locked and that they need a special version of VLC Player to open it
iOS apps can be hijacked to show fraudulent content and intercept data(Ars Technica) Some 10,000 titles in Apple's App Store may be susceptible to redirection hack. A large number of apps for iPhones and iPads are susceptible to hacks that cause them to surreptitiously send and receive data to and from malicious servers instead of the legitimate ones they were designed to connect to, security researchers said on Tuesday
Security hole found in Obamacare website(CNN Money) The Obamacare website has more than annoying bugs. A cybersecurity expert found a way to hack into users' accounts. Until the Department of Health fixed the security hole last week, anyone could easily reset your Healthcare.gov password without your knowledge and potentially hijack your account
When the phone call is more dangerous than malware(Help Net Security) During Social Engineer Capture the Flag contest, one of the most prominent and popular annual events at DEF CON 21, a pool of 10 men and 10 women, from diverse backgrounds and experience levels, tested their social engineering abilities against 10 of the biggest global corporations, including Apple, Boeing, Exxon, General Dynamics and General Electric. The complete results of the competition are in, and they don't bode well for businesses
Firm calls out consistent rise of "madware" in Google Play(SC Magazine) In the first half of the year, 23.8 percent of all free Google Play apps were plagued with ads that could potentially become a privacy concern for users, if not a serious nuisance, a security firm found. The "Mobile Adware and Malware Analysis" report, published on Tuesday by Symantec, revealed that the percentage of apps containing "madware" — defined as apps using overly aggressive ad libraries — has consistently increased since 2010
A Tour Through The Chinese Underground(TrendLabs Security Intelligence Blog) The Chinese underground has played host to many cybercriminals over the years. In the research brief titled Beyond Online Gaming Cybercrime: Revisiting the Chinese Underground Market, we provide some details of the current state of the Chinese underground economy. Last year, we looked into this underground sector, and this brief is a continuation of those efforts
Beyond Online Gaming Cybercrime: Revisiting the Chinese Underground Market(Trend Micro) After taking a grand tour of the Chinese underground market last year, let's revisit it and see what has changed since then. In the past, we noted that Chinese cybercriminals adapted well to their environment, trailing their sights on online gamers and mobile users, the majority of the Internet users in the country. They continue to adapt well, as the market has now reached a similar level of maturity as the rest of the global cybercriminal underground
Microsoft report finds decline in disclosed software vulnerabilities(FierceITSecurity) Finally there is good news on the IT security front. Software vulnerability disclosures declined 10.1 percent in the first half of 2013 compared to the same period last year and 1.3 percent compared with the second half of 2012, according to the Microsoft Security Intelligence Report released this week
Information security: From "bored" to "board"(ComputerWeekly) Increasingly, I hear information security professionals citing a lack of interest from the board room as a critical reason for their failure to address IT risk and security concerns
Control system security: safety first(Help Net Security) Every large utility, pipeline, refinery and chemical plant has a cyber security program, but most are IT-centric. Anti-virus programs, software update programs and programs of integration with corporate active directory controllers are all managed by IT teams, along with some degree of convergence and consultation with operations technology (OT) teams. While we have seen few large-scale cyber attacks in these industries, IT-style defenses invite such attacks. Cyber-sabotage is a real threat and it will take more than yesterday's firewall-level protections to ensure the safety and reliability of today's industrial sites
Software Security Maturity Plods Along(Dark Reading) While there is certainly room for improvement, the software vendor and financial services communities are making a steadily improving progression in maturing their software security practices according to a new study out today by the Building Security In Maturity Model (BSIMM) project. BSIMM today released the fifth version of an industry-wide study that examined in depth the secure development practices of many of the globe's most influential firms. "Here's the real take-home lesson: we know how to do software security on planet earth and now we just have to do it," says Dr. Gary McGrw, CTO of Cigital and one of the scientists in charge of the study. "There's a lot of people who say you should do it this way or that way and there are opinions and conjecture. But what we've done is collect a set of facts so that people can refer to them and know how to approach software security as grown-ups
The Battle for Power on the Internet(Schneier on Security) We're in the middle of an epic battle for power in cyberspace. On one side are the traditional, organized, institutional powers such as governments and large multinational corporations. On the other are the distributed and nimble: grassroots movements, dissident groups, hackers, and criminals. Initially, the Internet empowered the second side. It gave them a place to coordinate and communicate efficiently, and made them seem unbeatable. But now, the more traditional institutional powers are winning, and winning big. How these two side fare in the long term, and the fate of the rest of us who don't fall into either group, is an open question -- and one vitally important to the future of the Internet
How much custom would you lose from a data security breach?(IT Governance) We take it for granted nowadays that we can work pretty much wherever we are. The majority of us use laptops, tablets and smartphones for work as well as for leisure, Wi-Fi is by and large available wherever we go, 3G and increasingly 4G service is the norm, and cloud computing means we can access our data on the move. But an increasing reliance on virtual networks means sensitive data is more and more vulnerable to targeted attacks. Web-based applications may be convenient for you and your workforce to operate wherever you are, but they are also convenient for cyber criminals, as your and your customers' information is more exposed
Perception of Huawei is changing in India: John Suffolk(Economic Times) Huawei's global cyber security officer John Suffolk says that concerns raised by the US against the Chinese telecom gear maker has not had a lasting impact as the company's perception in markets like India is changing, albeit slowly. Speaking to ET, he denied all accusations of espionage, adding that 70% of its gear is made from parts manufactured in the US and only 30% is done in China
Dell (DELL) Go–Private Deal is Complete(Street Insider) Dell, Inc. (NASDAQ: DELL) completed its go-private tranaction by Michael Dell, Dell's Founder, Chairman and CEO, and Silver Lake Partners, a leading global technology investment firm
PwC to bulk up with Booz & Co merger deal(Financial Times) PwC is planning to absorb Booz & Co in the latest move towards consolidation in the management consultancy sector. The two groups announced on Wednesday that they had signed a conditional merger agreemen
Juniper unrolls MetaFabric, new switch(The Register) Juniper Networks has rolled out a fabric architecture and switch, along with other swag. To get a handle on it all, Vulture South spent some time talking with Dhritiman Dasgupta, Juniper's director of platform solutions, to get a handle on key aspects of the release
Twitter Two–Factor Lockout: One User''s Horror Story(InformationWeek) Warning to users of Twitter's two-factor authentication system: Never, ever misplace your backup access code and then switch phones. Otherwise, you'll find yourself locked out of your Twitter account
Centralizing threat intelligence to feed network defense systems(Help Net Security) ThreatConnect announced the launch of a prototype that connects commercial security products with advanced threat intelligence through an open source standard known as the Structured Threat Information eXpression (STIX), created by The Mitre Corporation
CylanceV Exposes the Unknown Threats Lurking on Computers Worldwide(EON) Cylance, Inc., a global cybersecurity company, is reinventing the way companies think about security. The first to apply mathematical science to security in a scalable way, Cylance announced today the official worldwide release of CylanceV™, a new cloud and on-premise solution to find what others miss in detecting advanced malware
What IT managers need to know about risky file–sharing(ComputerWeekly) There is a danger in employees being tech-savvy - they can use devices and means to transport and exchange files that are beyond the control of IT management. Employees may simply see webmail, file-sharing services, cloud storage, USB sticks and smart devices as easier to use than traditional corporate tools to transfer files
Obama, CEOs Meet on Cybersecurity Framework(GovInfo Security) As the National Institute of Standards and Technology began accepting public comments on the preliminary version of a cybersecurity framework on Oct. 29, President Obama met with a group of chief executives from information technology, financial services and energy companies to discuss efforts to improve the cybersecurity of the nation's critical infrastructure
Defending Against CryptoLocker(TrendLabs Security Intelligence Blog) Over the past few weeks, we've been seeing an increase in the number of spreading CryptoLocker malware. This new kind of ransomware has been hitting more users over the past few weeks, as seen in the 30-day feedback provided by the Smart Protection Network
Failure To Deploy: Aided And Abetted By Shelfware(Dark Reading) It takes more than technology acquisition to protect against the insider threat — just ask the NSA. Recent news reports indicate the NSA had acquired technologies to help prevent the leakage of classified data, but failed to deploy them before contractor Edward Snowden began working there. The technologies in question were purchased in the wake of the 2010 WikiLeaks scandal, but went uninstalled at NSA's Hawaii facility due to what was described as "bandwidth issues"
Of course Apple is engaging in planned obsolescence(Quartz) Catherine Rampell at the New York Times wonders whether her iPhone, which became much less usable after she upgraded to iOS7, is being deliberately sabotaged by Apple, to encourage her to buy a new iPhone. This is a bit like asking whether or not Apple cares about design. Planned obsolescence has been part of how Apple, and just about every other PC maker, has operated since time immemorial
Research and Development
How quantum key distribution works(GCN) Quantum key distribution (QKD) uses individual photons for the exchange of cryptographic key data between two users, where each photon represents a single bit of data. The value of the bit, a 1 or a 0, is determined by states of the photon such as polarization or spin
Breaking New Ground on Cyberdefenses(GovInfoSecurity) The Army Research Laboratory is collaborating with five universities to develop what's being characterized as a new science to detect, model and mitigate cyber-attacks
White House: Review will address global NSA concerns(USAToday) U.S. surveillance policies aimed at allies have sparked strong reactions across the globe. Below is a sampling of reaction from leaders to the disclosure of National Security Agency spying programs in news reports
Exclusive: Obama orders curbs on NSA spying on U.N. headquarters(Reuters) President Barack Obama recently ordered the National Security Agency to curtail eavesdropping on the United Nations headquarters in New York as part of a review of U.S. electronic surveillance, according to a U.S. official familiar with the decision
France and Spain, not NSA, responsible for spying on phone calls abroad, say US officials(The Verge) US officials have told The Wall Street Journal that the NSA wasn't responsible for intercepting phone calls in France and Spain. Over the past two weeks, documents obtained by Le Monde in France and El Mundo in Spain showed that millions of phone calls in each country had been intercepted by the NSA. The unnamed officials, however, say that these calls were actually logged by French and Spanish intelligence agencies, then later given to the NSA. This corroborates a statement by Director of National Intelligence director James Clapper, who said that "the allegation that the National Security Agency collected more than 70 million 'recordings of French citizens' telephone data' [over 30 days] is false"
The spies on the roof(Economist) Location, location, location, the Americans were thinking when they moved into their new embassy in Berlin in 2008, right next to the Brandenburg Gate
Five Reactions To Dianne Feinstein Finally Finding Something About The NSA To Get Angry About(TechDirt) Dianne Feinstein, the NSA's biggest defender in the Senate (which is ridiculous since she's also in charge of "oversight") has finally had enough. It's not because she finally understands how crazy it is that the NSA is spying on every American, including all of her constituents in California. It's not because she finally realized that the NSA specifically avoided letting her know about their widespread abuses. No, it's because she just found out that the NSA also spies on important people, like political leaders around the globe. It seems that has finally ticked off Feinstein, who has released a scathing statement about the latest revelations
Clapper: NSA controversy creating 'erosion of trust'(The Hill) The firestorm of criticism facing the National Security Agency from Capitol Hill has created "an erosion of trust" within the U.S. intelligence community, according to the community's top official. The repeated criticism and second-guessing by Congress over the agency's operations has hindered intelligence community leaders from doing their jobs, Director of National Intelligence James Clapper told lawmakers on Tuesday
Throwing the Intelligence Community Under the Bus(Washington Free Beacon) The outcry over NSA surveillance is reaching a critical breaking point. President Obama is having his options constrained by an avalanche of disclosures, and there might be only one, barely adequate way out of it
US legislators introduce bill to end dragnet phone data collection(Help Net Security) US Senate Judiciary Committee Chairman Patrick Leahy and Congressman Jim Sensenbrenner, chairman of the Crime and Terrorism Subcommittee in the House, introduced on Tuesday a legislation that seeks to restore Americans' privacy rights by ending the government's dragnet collection of phone records and requiring greater oversight, transparency, and accountability with respect to domestic surveillance authorities
Proposed USA FREEDOM Act Would Dramatically Curtail The NSA's Surveillance(TechCrunch) Senator Patrick Leahy and Representative Jim Sensenbrenner have introduced a new bill, called the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection, and Online Monitoring Act (USA FREEDOM Act), designed to dramatically curtail the ability of the NSA to collect information on the average United States citizen
US spying fiasco: Will 'additional' constraints ease European fury?(Christian Science Monitor) As news of the National Security Agency's spying on world leaders, allies, and citizens continues to leak to the public, the White House said this week that there is a need for "additional constraints" on US spying, a statement that some observers fear may do little to calm the diplomatic uproar spreading globally
Russia 'spied on G20 leaders with USB sticks'(The Telegraph) Russia spied on foreign powers at last month's G20 summit by giving delegations USB pen drives capable of downloading sensitive information from laptops, it was claimed today
Bill provides guidance on FDA mobile medical apps regulation(FierceMobileHealthCare) A bipartisan group of House members--three Democrats and three Republicans--has introduced a bill to "provide regulatory clarity regarding mobile medical applications, clinical decision support, electronic health records and other healthcare related software," according to an announcement
SOFTWARE Act gets mixed response from industry(FierceMobileHealthCare) Reactions from industry groups to the SOFTWARE Act, which seeks to "provide regulatory clarity regarding mobile medical applications, clinical decision support, electronic health records and other healthcare related software" have been quick, but not all positive
Bill to Bolster DHS Cyber Workforce Advances(Nextgov) The House Homeland Security Committee on Tuesday advanced legislation that would require the Homeland Security Department to take additional measures to improve and assess the cybersecurity workforce. The bill — the Homeland Security Cybersecurity Boots on the Ground Act (H.R. 3107) — sponsored by Rep. Yvette Clarke, D-N.Y., requires DHS to enhance efforts to bolster the cybersecurity workforce, in part by establishing occupations classifications and developing a strategy to address identified gaps in the cyber workforce
CNO Says Navy Needs Ground Forces' Help On Cyber, Electronic Warfare(Breaking Defense) Rivalries between the services are a favorite topic in this town, especially when budgets tighten. But when it comes to cyberwarfare, electronic warfare, and the wireless world where they intersect, the Navy's top man in uniform is more than happy to get help from the Army
Man charged in July cyber attack on DOE(Aiken Standard) An individual linked to the July 2013 cyber attacks to the Department of Energy, which affected employees at the Savannah River Site, was charged on Monday by the acting U.S. attorney for the Eastern District of Virginia
Not even two weeks after shutdown, BitTorrent search site isoHunt is back(Ars Technica) New anonymous creators tell TorrentFreak the site is a "file-sharing icon." Less than two weeks ago, IsoHunt, the notorious search engine site for BitTorrent files, agreed to shut down and pay $110 million in a settlement with the Motion Pictures of America Association. The site even shut down a day early as a way to avoid being part of an online archive
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
RSA Conference Europe(Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii(Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...
NSA Hawaii — Cyber Security, Intelligence & IT Day(Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...
Ahead of the Threat: Driving Innovation for Cyber Security(Bethesda, Maryland, USA, October 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will...
TrustED 2013(Berlin, Germany, November 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing...
OKTANE 1(San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...
MIRcon 2013(Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.
KMWorld 2013(, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...
Maryland Art Place Annual Fall Benefit(Baltimore, Maryland, USA, November 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner...
Cyber Education Symposium(Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...
APPSEC USA(New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...
IT Forum Expo/Black Hat Regional Summit(, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...
2nd Annual East Africa IT and Cyber Security Convention 2013(Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.