Secretary of State Kerry says the US intercepted Russian command-and-control calls to Russian agents in Ukraine.
Iran is again reported to be upgrading its cyber offensive capabilities, placing the US energy sector and (curiously) US state governments in its crosshairs.
The Internet Explorer zero day currently being exploited is widely viewed as auguring oblivion for Windows XP. It's also bad news for IE, at least until Microsoft comes up with a patch: the US and UK governments both advise users to stay away from IE. India's governmental and banking sectors are also worried.
The AOL breach means, analysts say, that you should treat all email from AOL accounts as guilty until proven innocent.
Google's Chrome is measured for its ability to detect Heartbleed holes and is found wanting: Chrome is "blind to 98% of potentially compromised certificates."
Several old pieces of malware are upgraded to more dangerous forms, illustrating again the relative efficiency of the black market and its criminal R&D community.
Siemens is patching Heartbleed in its ICS/SCADA products. Apple quietly fixes its leaky Developer Center. Mozilla updates Firefox, Thunderbird, and Seamonkey.
The Financial Times runs a series of thoughtful, disturbing articles on international cyber risks to critical infrastructure, with threats mounted by both state and non-state actors. One interesting conclusion: the need for businesses to undertake effective common defense apart from what protection governments give them, valuable as that may be. Energy sector cyber risk continues to draw attention from policy-makers (and industry worries about a regulatory monoculture).
Today's issue includes events affecting Australia, France, India, Iran, Ireland, New Zealand, Russia, Ukraine, United Kingdom, United States..
Tracking the Clandestine Fox(Recorded Future) FireEye Research Labs reports targeted attacks using a new IE zero-day against defense and financial services. Early details on malware in the wild and threat actor behind it are slight. FireEye links to Pirpi provide an interesting clue, while Websense analysis of IE crashes points in a different direction
UK and US Governments urge users to give up on Internet Explorer(TechRadar) Microsoft has issued a warning about a newly discovered zero-day flaw in Internet Explorer, the first to be discovered after Windows XP reached end-of-life. The vulnerability is present in all versions of the software from Internet Explorer 6 (including 7, 8, 9, 10 and 11) and could allow for the remote execution of code if exploited
Indian government agencies and banking sector most vulnerable by IE flaw(tech2) A casual look at some of the most popular Indian government and banking websites will make it amply clear that Internet Explorer is their preferred web browser. This is thanks to the fact that IE is still one of the most used browsers despite stellar competition in the form of Firefox or Chrome
IE zero day is the first sign of the XPocalypse(PC World) Well, it took a bit longer than many security experts expected, but the first big security threat for Windows XP users has arrived. The zero day vulnerability will be quickly patched by Microsoft—for supported platforms at least. That means that this will be the first of many open wounds for Windows XP—known vulnerabilities left exposed because the OS is no longer supported by Microsoft
10 Ways to Protect Yourself From the Zero-Day IE Exploit(eWeek) It seems with each passing day, there's something else for Web users to worry about. Whether it's the prospect of government spying or plain old security issues, no one is safe from what's out there. That became abundantly clear recently when Microsoft revealed that a zero-day exploit is affecting Internet Explorer and wreaking havoc on some users' machines. What's worse, since the software giant is no longer patching Windows XP, finding a fix for that operating system is a pain. Still, there are ways for Windows users to safeguard themselves from the possible issues associated with the latest zero-day exploit
Kuluoz malware spam(Pastebin) Kuluoz malware, fake USPS mail with link to download of ZIPfile, which includes an EXE with Word icon
Old Infostealer Resurfaces, Now Delivers Ransomware(Trend Micro Security Intelligence Blog) Sometime near the start of the year, we noticed that the old malware family TSPY_USTEAL resurfaced. This information stealing malware now includes new routines including malicious packers, obfuscation, and bundling ransomware
Hackers Can Mess With Traffic Lights to Jam Roads and Reroute Cars(Wired) The hacker in the Italian Job did it spectacularly. So did the fire sale team in Live Free or Die Hard. But can hackers really hijack traffic lights to cause gridlock and redirect cars? According to one researcher, parts of the vehicle traffic control system installed at major arteries in U.S. cities and the nation's capital are so poorly secured they can be manipulated to snarl traffic or force cars onto different streets
DDoS trends: Attackers vary DDoS size to cloak other attacks(TechTarget) While huge distributed denial-of-service attacks driven by the NTP reflection technique have been behind a number of recent headline-grabbing incidents, a new report warns that midsize DDoS attacks are on the rise, and are being used to cloak more insidious enterprise attacks
Security Patches, Mitigations, and Software Updates
Siemens Patches Heartbleed Bug in Industrial Products(Softpedia) The OpenSSL vulnerability known as the Heartbleed bug has impacted a large number of websites and services, including industrial products. Siemens, one of the affected organizations, has started rolling out updates to make sure its products are secure
Apple fixes hole that leaked employees' and developers' personal info(Naked Security) Apple quietly slipped its Developer Center offline on Sunday night for maintenance and, it turns out, to patch a serious security hole that let anybody access personal contact information for any registered Mac, iOS or Safari developer; every Apple Retail and corporate employee; and some key partners
Mozilla Releases Security Updates for Firefox, Thunderbird, and Seamonkey(US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, execute arbitrary code, conduct phishing attacks, conduct a man-in-the-middle attack, or operate with elevated privileges on an affected system
Cyber attacks on national targets grow(Financial Times) Experts worry that critical national infrastructure is insufficiently defended. Napoleon may have said that an army marches on its stomach. Today's fighting forces, though, depend just as much on electricity and telecommunications
Luck not enough to avoid cyber security catastrophe(Financial Times) It is March 2014 and London is under attack. The financial sector is suffering catastrophic computer failures. ATMs have stopped working. The stock exchange has put initial public offerings on hold because its computer systems are malfunctioning
Cyber security: business is in the front line(Financial Times) As many of the world's largest companies are beginning to realise, the threat to their margins, their brands and even their continued existence from cyber attacks is no longer an abstract risk they can ignore. Indeed, safeguarding the interests of the business community has become a critical national security issue for some of the west's biggest powers
Allied Cyber Forces? Yes Please.(Huffington Post) Often lost in the debate over surveillance and the actions of the National Security Agency is that cyber space is a potential battlefield where countries will vie for superiority just as they do with air, sea, and land. So it should be no shock to anyone that Defense Secretary Chuck Hagel recently announced that he was looking to expand cybersecurity cooperation with our Canadian and Mexican neighbors
Only 1% of Q1 data breaches were "secure breaches"(Help Net Security) Of the 254 data breaches that occurred during the first quarter of 2014, only 1 percent were "secure breaches," i.e. breaches where strong encryption, key management, or authentication solutions protected the data from being used, SafeNet revealed at Infosecurity Europe 2014. Also, in Q1 we witnessed the theft of nearly 200 million records, which was an increase of 233 percent over the same time last year
Key security technologies can help cloud adoption(Help Net Security) The majority of companies are delaying deployment of cloud applications due to security and compliance concerns. Among the companies that have started to adopt cloud apps strategically, Bitglass found that Google is outpacing Microsoft in cloud-based email adoption
What The NSA PRISM Scandal Really Means for Cloud's Future(MSPmentor) Most businesses understand that boycotting the cloud in hopes of teaching the NSA a lesson and/or to better secure their data creates more problems (and expenses) than it solves. If you're a VAR or MSP that's either second guessing your decision to start selling cloud services or hesitant about getting started selling cloud services, here are a few thoughts to help put your mind at ease
Corporate Surveillance Really Is Out of Control(The Street) Corporations are invading your privacy in more invasive ways than either the National Security Agency or the U.S. government in general. Here's a bit of history to put it context
ThreatTrack Security Appoints Gary Benedetti Vice President of Worldwide Sales(Providence Journal) ThreatTrack Security today announced the appointment of Gary Benedetti as vice president of worldwide sales. Benedetti has more than a decade of experience leading global sales operations for security vendors trying to stem the data breach epidemic, including his last three positions at Fidelis, Epok and e-Security
Gartner Names Sqrrl in 2014 "Cool Vendors" Report(Digital Journal) Sqrrl, the company that develops the most secure, scalable, and flexible NoSQL database software for powering real-time big data applications, today announced it has been named as one of four "Cool Vendors" in Database Management Systems (DBMS) 2014ⁱ report by Gartner, Inc., the world's leading information technology research and advisory company
Defacement mitigator for cybersecurity protection(Help Net Security) At Infosecurity Europe 2014, Foresight released Defacement Mitigator, the first cloud-based web security solution that provides full defacement mitigation and protection to government, academic, religious, financial services, and other organizations targeted by cyber hacktivists
Radware Delivers Its Strongest DDoS Mitigation Capabilities for Network Attacks(Wall Street Journal) Radware® (Nasdaq:RDWR), a leading provider of application delivery and application security solutions for virtual and cloud data centers, today announced the latest version of DefensePro® — a real-time, behavioral based attack mitigation device that protects enterprise infrastructures against emerging cyber attacks. The latest release underscores Radware's commitment to delivering a holistic network security architecture through its Attack Mitigation Network (AMN)
Seccuris Partners with ChoiceTel to Offer OneStone Managed Security Solution(PRWeb) Security provider, Seccuris Inc., announced it has formed a strategic partnership with ChoiceTel, a leading telecommunications consulting and management company. ChoiceTel will provide Seccuris managed security services, including the OneStone™ Information Assurance Portal, to ChoiceTel clients in the United States through its ChoiceCyber division
Cloaq, The Anonymous Social App That Doesn't Require An Email Or Phone Number, Goes Live(TechCrunch) On the same day that anonymous social sharing app Secret is officially crossing the pond to launch in the U.K., Ireland, Australia and New Zealand, another new anonymous app called Cloaq is making its App Store debut. The app, previously detailed here, hopes to differentiate itself in the space by being even more secret (if that's possible!) by not requiring any personal information
Google Stops Mining Education Gmail And Google Apps Accounts For Ad Targeting(TechCrunch) Google will no longer scan student and teacher Gmail messages or use data from Apps for Education for advertising purposes, the company told the WSJ today. The move comes after Google's use of data from its education products came under fire by students and others during a court case last year that claimed the scanning violated user privacy rights
Technologies, Techniques, and Standards
How to Securely Erase Removable Media Using Windows 7(The Security Skeptic) In a companion post, How to Securely Erase Removable Media Using Mac OS X, I explain how physical loss, theft or improper disposal of laptops or removable drives is the most common data breach of electronic personal health information. Personal identifying or health data disclosure are too frequent outcomes of leaving our data on laptops or drives we lose, discard, or sell. Several ways exist to protect these data: encryption, data destruction, archival, or secure erasure
To Defend Against Cyber Attack, Test Your Defenses(Metropolitan Corporate Counsel) The Editor interviews Paul Luehr, Managing Director of Stroz Friedberg, LLC. Editor: Please give our readers a brief overview of your professional background. Luehr: I am managing director and chief privacy officer for Stroz Friedberg. I started my legal career at the Federal Trade Commission, where I chaired the Internet Coordinating Committee and was one of the early folks on the Internet as a regulator
Reducing Cyber-Attack Response Times(GovInfoSecurity) As cyber-attacks become more common, organizations must devise new ways to shorten response times and lessen the impact, says Paul Nguyen of CSG Invotas
Research and Development
NSA launches 'lablets' tech initiative with major U.S. universities(Venture Beat) The National Security Agency is coming to a university near you. The agency has launched an initiative to strengthen contacts between tech-heavy U.S. American colleges and universities. The project will coordinate academic collaboration to best protect Internet infrastructure. Already, the NSA has awarded funds and resources to Carnegie Mellon University, the University of Illinois Urbana-Champaign, the University of Maryland, and the University of North Carolina to set up so-called "lablets" on their campuses
Students connect with tech(Livingston Daily) The Eastern Michigan University Information Assurance Program hosted girls in middle school and high school at the third Cyber Security in the 21st Century: Digital Divas Conference this month in Ypsilanti. Brighton High School took 20 students from its digital multimedia program to the conference, where they took part in hands-on learning about simulation, animation and gaming, along with interior design using engineering and computer-aided design
H.R. 4499: Privacy and Civil Liberties Oversight Enhancement Act(Govtrack) A bill to require reports submitted to Congress under the Foreign Intelligence Surveillance Act of 1978 to also be submitted to the Privacy and Civil Liberties Oversight Board. This Act may be cited as the "Privacy and Civil Liberties Oversight Enhancement Act"
Congress Considers Cyber Attack On Power Grid A 'Pressing Domestic Security' Issue(The Inquisitir) Power grid vulnerability is finally being heralded as a "pressing domestic security" concern in Congress. Current Congressional discussions appear to primarily be focusing on the threat of a cyber attack on the power grid, but the movement is still viewed as a step in the right direction by enlightened lawmakers and informed Americans alike. Tech expert Adam Crain once felt that it would be virtually impossible for cyber hackers to tap into power grid computer networks and cause a problem due to the "heightened vigilance over cybersecurity" in the United States. When Cain realized that he was wrong, he admitted the error
Industry stresses flexibility on cyber acquisition rules(FCW) An association of communications and network services providers told GSA that any rules aimed at establishing contractor cybersecurity baselines to protect government acquisitions should tread carefully to avoid stifling innovation
The White House and Zero Day Sleight of Hand(Threatpost) The White House wants you to know that it did not know about the OpenSSL Heartbleed vulnerability before you did. The White House also wants you to know that administration officials don't think stockpiling zero days isn't necessarily good for national security. That's all well and good, except that it mostly doesn't matter
Litigation, Investigation, and Law Enforcement
The Challenge of Collaborating with Law Enforcement Agencies to Stop Cybercrime(Trend Micro Security Intelligence Blog) The promise of easy money remains the biggest motivation for cybercrime today. Cybercriminals thus make it their main objective to steal information that would lead them to the money, like online banking information. Once stolen, the information can be used to transfer funds illegally from victims' accounts
Terrorists have changed methods since Snowden leaks: UK official(Reuters via the Chicago Tribune) Terrorists have substantially changed their methods of communication since leaks by former U.S. intelligence operative Edward Snowden, hindering intelligence agencies' efforts to track them, a senior British security official said on Tuesday
Ex-Navy lingust pleads guilty in secret documents case(Politico) A former Navy contract linguist accused of removing classified documents from a secure space at a base in Bahrain pled guilty Friday to a misdemeanor charge of taking classified documents without authority
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
United States Cyber Crime Conference 2014(, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics...
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
Cyber COMSEC and IT Day at Fort Huachuca(, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas,...
STEM Café(Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect...
cybergamut Technical Tuesday: Malware Reverse Engineering(Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending...
US Secret Service Cybersecurity Awareness Day(Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to...
SANS Security West(, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...
HackMiami 2014(Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
Eurocrypt 2014(, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
CyberWest(Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Cyber Security for National Defense Symposium(, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...
FOSE Conference(Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government,...
INFILTRATE(, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
Security BSides Denver 2014(Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.