The Islamic State (formerly known as ISIL/ISIS) imposes media strictures in the Syrian provinces it controls — all journalists must swear allegiance to the caliphate and submit to its censorship. This will disproportionately affect online activity, including social media: the journalists affected are largely activists and citizen journalists. Few traditional media operate in the region.
Recorded Future reports on Al Qaeda encryption, post-Snowden: leaks appear to have induced changes, and the current encryption doesn't look like homebrew.
Hacktivists sympathizing with Gazans claim webpage defacements against Israel's Mossad and (oddly) the US state of Connecticut.
The BBC says it's seen evidence that Chinese cyber espionage services indeed obtained information about Israel's Iron Dome anti-rocket system. Canada stands by attribution of the NRC hack to China.
Kaspersky reports the Crouching Yeti cyber espionage campaign seems also to have targeted francophones and speakers of Swedish. (If you're keeping score, "Crouching Yeti" is "Energetic Bear" is "Energetic Yeti.")
Researchers warn that point-of-sale malware "Backoff" is active in the wild, integrating keylogging, memory scraping and other capabilities. (Observers also note that focus on compliance has blinded some retailers to security realities.)
Symantec publishes mitigations for Endpoint Protection vulnerabilities.
Cyber firms remain M&A darlings. IBM picks up CrossIdeas, Twitter gets Mitro, and BlackBerry (aspiring to "security powerhouse" status) announces intent to acquire Secusmart.
Behavioral biometric modalities (such as how you physically handle your smartphone) are touted as password alternatives (reminiscent of the operator's "fist" in Morse telegraphy).
Russian law clamps down on bloggers, requiring registration, forbidding anonymity.
Today's issue includes events affecting Canada, China, France, Ireland, Israel, Kenya, Democratic Peoples Republic of Korea, Palestinian Territories, Sweden, Syria, Russia, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
Islamic State imposes media controls in Syrian province(Reuters) Islamic State, the al Qaeda splinter group which has seized parts of Syria and Iraq, has told activists in Syria's Deir al-Zor province they must swear allegiance to it and submit to censorship, a monitoring group said on Friday
How Al-Qaeda Uses Encryption Post-Snowden (Part 2)(Recorded Future) Al-Qaeda (AQ) encryption product releases have continued since our May 8, 2014 post on the subject, strengthening earlier hypothesis about Snowden leaks influencing AQ crypto product innovation
'Energetic' Bear Under The Microscope(Dark Reading) Kaspersky Lab report finds more industries hit by the infamous cyber espionage campaign — and evidence pointing to French and Swedish-speaking attackers as well as Eastern European ones
Crouching Yeti APT Campaign Stretches Back Four Years(Threatpost) A new analysis of a long-term APT campaign targeting manufacturers, industrial, pharmaceutical, construction and IT companies in several countries has uncovered fresh details of the attack, including identification of nearly 3,000 victims and the unmasking of the command-and-control infrastructure
Tor attack may have unmasked anonymous users(Naked Security) Tor and Black Hat USA logosTwo Carnegie-Mellon-affiliated researchers, Alexander Volynkin and Michael McCord, had planned to give a talk at Black Hat USA 2014 about how to break Tor anonymity using a bargain basement kit that cost less than $3,000 (£1,780)
New Backoff POS Malware Identified in Several Attacks(Threatpost) A new breed of point-of-sale malware has been found in several recent attacks, and experts say that the tool, known as Backoff, has extensive data stealing and exfiltration capabilities, including keylogging, memory scraping and injection into running processes
Remote code execution on Android devices(Bromium Labs: Call of the Wild Blog) You walk into a coffee shop and take a seat. While waiting for your coffee, you take out your smartphone and start playing a game you downloaded the other day. Later, you go to work and check your email in the elevator. Without you knowing, an attacker has just gained a foothold in your corporate network and is steadily infecting all your colleagues' smartphones too. Wait, what?
Yes, Hackers Could Build an iPhone Botnet — Thanks to Windows(Wired) A reminder to Apple and smug iPhone owners: Just because iOS has never been the victim of a widespread malware outbreak doesn't mean mass iPhone hacking isn't still possible. Now one group of security researchers plans to show how to enslave an entire botnet of Apple gadgets through a perennial weak point — their connection to vulnerable Windows PCs
Malicious USB device firmware the next big infection vector?(Help Net Security) Researchers from German security consultancy SR Labs have created a whole new class of attacks that can compromise computer systems via ubiquitous and widely used USB-connected devices (storage drives, keyboards, mice, smartphones, etc.)
Sandwich Chain Jimmy John's Investigating Breach Claims(Krebs on Security) Sources at a growing number of financial institutions in the United States say they are tracking a pattern of fraud that indicates nationwide sandwich chain Jimmy John's may be the latest retailer dealing with a breach involving customer credit card data. The company says it is working with authorities on an investigation
USDA data network vulnerable due to lack of security and oversight(FierceGovernmentIT) Inadequate security protections of a new U.S. Department of Agriculture computer network could result in a data breach and loss, according to a new internal audit, which also found that the project's prime contractor even overcharged for some services
Security Patches, Mitigations, and Software Updates
Trio of Flaws Fixed in Facebook Android App(Threatpost) Facebook has fixed a vulnerability in its Android app could allow an attacker to cause a denial-of-service condition on a device or run up the victim's mobile bill by transferring large amounts of data to and from the device
Hackers Back to Their Old Tricks (eCommerce Times) What the Goodwill breach illustrates — and why old hacker tricks continue to work — is the inadequacy of payment system standards. "Almost all major retail and credit card breaches occurred where a vendor or merchant was actually in PCI-DSS compliance," said Vijay Basani, CEO of EiQ Networks. "Regulations in general incentivize merchants to do just enough to pass a security audit"
Latest Netskope Report: Security Nightmare For IT Departments(Cloud Tweaks) Netskope have today released the findings of their quarterly 'Cloud Report'. The report, which complies the foremost trends on cloud app adoption and usage, discovered the emergence of several new trends. Chief among them was the ever-increasing number of apps that enable some kind of sharing and the security concerns which accompany them
Cybercrime threat landscape evolving rapidly(SC Magazine) New research claims to show that, whilst spam levels fell to a five-year low last month, the increasing complexity of cyber-criminal attacks shows no sign of easing, with increasing levels of malware attacks and dangerous PDFs rapidly becoming the norm
Move over BYOD … it's time for BYOID(FierceCIO) In case you're not versed on the latest trend in IT — Bring Your Own Identity, or BYOID — you had better brush up on the topic soon. A new study finds that both the lines of business and IT find value in BYOID initiatives, where social networking or digital IDs are used for application login
Failure is an option(Help Net Security) Information is the lifeblood of today's business world. With timely and accurate information business decisions can be made quickly and confidently. Thanks to modern technology, today's business environment is no longer constrained by physical premises or office walls. We can work on laptops, smartphones or tablets and, with nearly ubiquitous internet connectivity, we can work from any location
Unprepared Businesses Learn Cybersecurity Lessons The Hard Way(HS Today) In response to increasing reports of damaging data breaches in both the public and private sector, many businesses are implementing cyber strategies that leave them feeling confident about their readiness to respond to a cyber incident. But businesses without a cyber plan are learning lessons the hard way
The role of the cloud in the modern security architecture(Help Net Security) In this interview, Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture
Can BlackBerry Become The Next Security Superpower?(Forbes) BlackBerry announced its intent to acquire Secusmart. It's a company that offers high-security voice and data encryption and anti-eavesdropping solutions for government organizations, enterprises and telecommunications service providers. BlackBerry had previously partnered with the company to offer Secusmart's technology to its customers. John Chen said "We have addressed eavesdropping concerns with Secusmart, who has been a partner since 2009 and we currently have the SecuSUITE for BlackBerry 10. It's a solution used by Germany's Federal Office for Information Security for classified communications between the country's top officials, including Chancellor Angela Merkel"
Whistleblower alerted L-3 to accounting misconduct(Reuters) An employee complaint exposed accounting misconduct at L-3 Communications Holdings Inc, according to people familiar with the matter, prompting the aerospace and defense supplier to fire four people, revise two years of earnings statements and cut its earnings forecast
Antivirus Software for the Morning After(PC Magazine) When your antivirus software is nicely installed and integrated with Windows, it has lots of chances to prevent malware infestation. It can block access to the malicious URL, kill the download before it executes, eliminate known malware based on its signature, detect and avert malicious behavior, and so on. But if the malware has already dug in its heels, that's a different story. An arduous, months-long test by AV-Test Institute evaluated which products do the best cleanup job
ESET Launches New Products, Offering Affordable Protection for Home Offices and Small Businesses(Broadway World) ESET, the global leader in proactive digital protection, today announced the availability of two new security solutions for the Small Office/Home Office (SOHO) market: ESET Multi-Device Security Home Office and ESET Small Office Security. With this release, ESET delivers affordable, advanced protection that meets the unique security needs of this fast-growing business segment
DarkWatch Uncovers Thousands of Previously Unknown Threats(Norse) Norse is excited to announce the release of the DarkWatch™ attack intelligence appliance, the first solution of its kind on the market which is designed to protect large networks from a wide array of new advanced threats and attacks
iValue Now a Value-added Distributor for CyberArk Across India(Parda Phash) iValue InfoSolutions (iValue), a premium technology enabler throughout India, will now act as a value-added distributor (VAD) for CyberArk, the company securing the heart of the enterprise. Under the agreement, CyberArk's full portfolio of Privileged Account Security solutions will be made available to iValue's partners and customers
BitTorrent's Bleep messenger is a secure, decentralized chat platform(Engadget) There's a distinctive sound your computer makes when an online friend is trying to get your attention. Sometimes its high pitched, other times its a low, warm tone, but regardless of your chat software, the onomatopoeia probably reads something like "bleep" which — by no coincidence, we're sure — is what BitTorrent is calling its new messaging platform. Unlike Google Hangouts, AIM or Skype, however, Bleep is a decentralized communication platform, design specifically to protect user metadata and anonymity
Sandboxes May Not Be Much Fun for Your Network(Trustwave Blog) While products that implement sandboxing techniques can detect zero-day malware, targeted attacks and advanced persistent threats, they come with one string attached — an end-user gets infected. The products let the malware infect at least one user and then essentially notify the company: "You've been breached. Now let us clean up the mess"
How to Hunt Down Phishing Kits(Jordan-Wright Security and Programming Blog) Sites like phishtank and clean-mx act as crowdsourced phishing detection and validation. By knowing how to look, you can consistently find interesting information about how attackers work, and the tools they use to conduct phishing campaigns. This post will give an example of how phishing kits are used, how to find them, as well as show a case study into other tools attackers use to maintain access to compromised servers
SlowHTTPTest v1.6 — DoS Attacks Released(ToolsWatch) SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin — a Unix-like environment and command-line interface for Microsoft Windows
Takedowns: Touchdown or Turnover?(Seculert) Over the last several months malware takedowns have made headlines. But what is really involved in such an operation? The recent takedowns have been a collaborative effort mostly between the private sector and government entities, with academic researchers also playing a role. While some operations included arrests, and others included a civil lawsuit, the same question remains — How does one determine if the takedown was a success?
A Honeypot for home: Raspberry Pi(Internet Storm Center) In numerous previous Diaries, my fellow Internet Storm Center Handlers have talk on honeypots, the values of full packet capture and value of sharing any attack data. In this Diary I'm going to highlight a fairly simple and cost effective way of rolling those together
The Severe Flaw Found in Certain File Locker Apps(TrendLabs Security Intelligence Blog) Protecting data has always been one of the most important aspects of our digital life. Given the amount of activity done on smartphones, this is especially rings true for smartphones. While users may use the built-in privacy and security settings of their devices, others take it a step further and employ security and privacy protection apps
Is This the Death of Passwords?(NBC News) Is it possible that your next password might be as simple and subtle as the way you type or hold your smartphone? If you hate trying to fill out those CAPTCHA forms with impossible-to-decipher characters, a new strategy for telling the difference between people and computers might give you some hope
Why were CERT researchers attacking Tor?(Freedom to Tinker) Yesterday the Tor Project issued an advisory describing a large-scale identification attack on Tor hidden services. The attack started on January 30 and ended when Tor ejected the attackers on July 4. It appears that this attack was the subject of a Black Hat talk that was canceled abruptly
Russian blogger law comes into action(ComputerWeekly) A new information security law, which places restrictions on Russian bloggers and social media users, has come into force today. The law states that Russian bloggers cannot be anonymous and that popular blogs must register with a regulator
Crimea just switched over to the Russian internet(Quartz) Annexing territory is the easy bit. It's the hard slog of bringing it into the fold that takes more patience, money, and time. Four months after Crimea officially became a part of Russia, and three months after Russia's Rostelecom finished laying a 46 km (27 mile) submarine cable along the Kerch Strait that separates the peninsula from the Russian mainland, Crimean internet service providers (ISPs) have started finally started sending traffic through Russia, according to Renesys, a company that monitors the world's networks
Microsoft Braces for Long Battle Over U.S. Warrant(New York Law Journal) Microsoft Corp. and its allies have braced for a long battle in the courts and in Congress over a 1986 electronic communications law, as the technology giant fights a U.S. search warrant to give up customer data it has on a server in Ireland
CIA improperly accessed Senate computers, agency finds(McClatchy Washington Bureau) CIA employees improperly accessed computers used by the Senate Intelligence Committee to compile a report on the agency's now defunct detention and interrogation program, an internal CIA investigation has determined
Snowden's asylum status in Russia ending(Seattle Times) Edward Snowden's temporary asylum status in Russia will expire at midnight Thursday, but the former U.S. National Security Agency systems administrator appears set to stay on until authorities decide on his application for an extension
Why Snowden Is Still Very Useful To Russia(Business Insider) As the world condemns Russia's continued support for separatists in eastern Ukraine in the wake of MH17, Edward Snowden is asking Vladimir Putin for an extended asylum
How to avoid legal trouble over sources and secrets(Medill National Security Zone) The battle between media organizations and the government over access to information — especially about national security — has existed for centuries. It has intensified exponentially in the post-9/11 era, especially in recent years due to WikiLeaks, Edward Snowden, an aggressive anti-leak campaign by the Obama administration and other developments
FBI to increase staffing in Pittsburgh cyber crime unit(Pittsburgh Post-Gazette) In 2007, as the nation continued to adjust to a high-security paradigm forged in the aftermath of 9/?11, the current assistant attorney general for national security, John Carlin, was tasked with helping then-FBI director Robert Mueller draft a speech identifying the new face of terror
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
Build IT Break IT Fix IT: Break IT(Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
Ground Zero Summit, Sri Lanka(Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.
Build IT Break IT Fix IT: Fix IT(Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
Dutch Open Hackathon(Amsterdam, the Netherlands, September 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation
Ground Zero Summit, India(New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in...
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.