Anonymous continues to deface Israeli military and intelligence service websites. Iranian hackers acting in professed sympathy with Gaza Palestinians attack an Israeli job-seeker site and expose 70,000 users' personal information. Der Spiegel reports that Israeli security services were monitoring US Secretary of State Kerry's communications during recent negotiations over the Gaza crisis.
Russian authorities may block access to BBC sites in retaliation for the British service's interviews of a Siberian autonomy activist.
G-Data sees the IcoScript RAT using email (including Yahoo and Gmail) for command-and-control.
McAfee researchers say an Android RAT masquerading as Kaspersky Mobile Services is prospecting Polish Android users.
Sandboxing and code emulation may be approaching the end of their useful lives as defenses against zero-days, claims a senior Juniper software architect — demo coming today at BSides Las Vegas.
CryptoWall continues to rake in the Bitcoins.
Malvertising worries rise. The "Magnitude" pop-up exploit kit's success on the black market shows that cybercriminals have learned a lesson or two from the arrest of Blackhole's Paunch — they've grown cagier and harder to finger.
Sophos runs a "honeybot" and tells what they learned about botnet formation.
Cisco, Evernote, and Synology fix some vulnerabilities.
Threatpost sees a silver lining in Snowden's leaks — a wave of innovation — as others see a dark cloud of damage — better terrorist cyber tradecraft.
Target's breach proves costlier than once thought. Kaspersky and Symantec deny they've been banned in China. Haystax buys NetCentrics. Verdasys rebrands as Digital Guardian.
China sternly warns Microsoft not to interfere with monopoly probes.
Today's issue includes events affecting Australia, Canada, China, European Union, France, Germany, Hungary, India, Iran, Israel, Palestinian Territories, Poland, Russia, Switzerland, United Kingdom, United States.
Wiretapped: Israel Eavesdropped on John Kerry in Mideast Talks(Spiegel) New information indicates that Israeli intelligence eavesdropped on telephone conversations by US Secretary of State John Kerry. Sources told SPIEGEL the government then used the information obtained from the calls during negotiations in the Mideast conflict
Poweliks malware creates no files, lays low in the registry(Help Net Security) For most malware, performing their malicious task(s) is the primary goal, and a close second is to stay unnoticed on the system for as long as possible. As developers of security software constantly improve detection methods, malware creators are always trying to keep one step ahead of their efforts
Electric Mayhem — Linux and FreeBSD servers in easy reach(Cyactive) The Mayhem malware, uncovered In May-July 2014, specifically targets Linux and FreeBSD operating system servers, turning them into bots and enabling attackers access to hosted websites. Mayhem is estimated to have been active for the past six months and reuses code and methods from earlier malware
A Peek Into the Lion's Den — The Magnitude [aka PopAds] Exploit Kit(Trustwave Spider Labs: Anterior) Recently we managed to have an unusual peek into the content that is used on the servers of the prevalent exploit kit, Magnitude. In this blog post we'll review its most up-to-date administration panel and capabilities, as well as review some infection statistics provided by Magnitude over the course of several weeks
Vulnerability in Spotify Android App May Lead to Phishing(TrendLabs Security Intelligence Blog) We have discovered a vulnerability that affects versions of the Spotify app for Android older than 1.1.1. If exploited, the vulnerability can allow bad guys to control what is being displayed on the app interface. This vulnerability can be potentially abused by cybercriminals to launch phishing attacks that may result to information loss or theft
Call Center Phone Fraud for Fun and Profit at Black Hat(Threatpost) Reconnaissance in the context of targeted attacks usually involves scouring freely available online resources such as social media and developer forums. Personal information willfully posted to these sites are clues a hacker can use to build a profile on a target, map systems and network architecture, and craft phishing emails in order to steal user credentials
Bitdefender Reveals the Biggest Scams on Facebook(VPN Creative) While Facebook's research and popularity continues to increase at a staggering pace, the social network is becoming an attractive target for malware and scam adversaries, and social engineering attacks on Facebook users only increased massively since the last decade
Why I WOULD Eat at P.F. Chang's After their Data Breach(Trend Micro Simply Security) Recently FBI director James Comey told ABC News that there are two kinds of companies: those that have been hacked and know it, and those that have been hacked and don't know it. One company, P.F. Chang's, recently fell into the hacked category, and from our view, their handling is a text-book case in the right way of doing things
The World's Most Hackable Cars(Dark Reading) Researchers find 2014 models of Dodge Viper, Audi A8, Honda Accord are the least likely to be hit by hackers
Bulletin (SB14-216) Vulnerability Summary for the Week of July 28, 2014(US CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Evernote Patches Vulnerability in Android App(TrendLabs Security Intelligence Blog) We have previously discussed an Android vulnerability that may lead to user data being captured or used to launch attacks. We discovered that the popular Android app for Evernote contained the said vulnerability. We disclosed the details to Evernote, and they took action by issuing an update to the Android version of their app. Evernote has added additional controls to protect user data in Evernote for Android 5.8.5. Android users who are running versions below 5.8.5 should update to the latest version
In the Wake of the Snowden Revelations, a Wave of Innovation(Threatpost) It was an absurd scene. Keith Alexander, the director of the NSA and a four-star general in the Army, stood alone on the stage, squinting through the floodlights as members of the standing-room-only crowd shouted insults and accusations. Armed men in dark suits roamed the area in front of the stage, eyeing the restless crowd. Nearby, a man sat with a carton of eggs at his feet, waiting for a chance to let fly
A Fight for Narratives in the Battle Against Extremism(Small Wars Journal) In a world where power is often interpreted as the ability to exert kinetic influence over one's enemies, it is important not to ignore a very different sort of battle space: the fight over perceptions and the struggle to influence ideas. In this arena, narratives can be every bit as powerful as physical force, but where physical force is often a tangible battle for territorial dominance; narratives are an intangible battle for legitimacy
Dude, How Secure Is My Connected Car?(eSecurity Planet) With connected cars becoming more common, experts say vehicle manufacturers should adopt security best practices used by mobile device makers
Connected vehicle cybersecurity: Opportunity and responsibility(The Hill) Last week, as leaders of the automobile industry gathered in Detroit to announce a new effort to protect our increasingly networked vehicles from future cyber attacks, President Barack Obama was calling for more investment in the development of connected car technologies that will save American lives and money
When It Comes to Technology, Humans Are Idiots (Tech News World) At the core of bad decisions, you can usually find one of three things: an excessive focus on finding someone to blame rather than doing causal analysis and focusing on the actual problem; an unwillingness to do the hard work to actually fix the problem; and a stronger need to appear right than actually to be right. Technology can help us become smarter, but it can't force us to act smart
Cyber attacks on rise in India(Asian Age) There is an increase in aggressive cyber attacks against Indian organisations involved in environmental, economic and government policy, according to cyber security firm Kaspersky Lab
Cybercom Chief: Cyberspace operations key to future warfare(American Forces Press Service via North Texas e-News) In the cyber domain of 2025, the ability of military formations to operate offensively and defensively will be a core mission set, and commanders will maneuver the capability much as they maneuver ground forces today, the commander of U.S. Cyber Command said recently
Target: Expenses Related to Data Breach Higher Than First Thought(SecurityWeek) Minneapolis-based Target Corporation announced on Tuesday that its second quarter financial results are expected to include gross expenses of $148 million, partially offset by a $38 million insurance receivable, related to the December 2013 massive data breach that rocked the retail giant
Symantec, Kaspersky deny being banned in China(PC World) Symantec and Kaspersky Lab are both denying that China has banned their products, amid media reports that the country is shutting out foreign security vendors from selling to government agencies
SRA Wins Prime Position on DHS EAGLE II Contract(MarketWatch) SRA International, Inc. , a leading provider of IT solutions and professional services to government organizations, today announced that the company was awarded one of several prime positions on the Department of Homeland Security's (DHS) Enterprise Acquisition Gateway for Leading Edge Solutions II (EAGLE II) program. SRA received an award on the Unrestricted Track for Functional Category 1. The cumulative value of all contracts in this multiple award procurement is established at $22 Billion
New game sharpens secure coding skills(Help Net Security) Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve their code security know-how and facilitate better security practices in hope of reducing the amount of vulnerabilities in their applications
Kaspersky vs BitDefender Antivirus: Who Rules the Global Market(Mobile Web User) The competition of antivirus software in the market nowadays, is rapidly catching the eyes of end-users. Companies wanted to get all the users' attention, giving them an idea that the rapid increase of viruses and threats are harmful to their PCs. The increasing demands of computer security nowadays, is now one of the main components of improving the service to offer to their customers
Leak Lets You Send Anonymous Emails(TechCrunch) It's clear that anonymity, in one way or another, is going to be a part of our digital future. But the folks over at JustLeak.it have looked to the past for inspiration in this brave weird new world
Raytheon to Showcase Broad Cyber Product Portfolio at Black Hat 2014(Wall Street Journal) Raytheon Company (NYSE: RTN) will demonstrate its wide breadth of cybersecurity products and latest research in booth #627 in the business hall at the Black Hat Conference taking place August 2-7 at the Mandalay Bay in Las Vegas. Black Hat attracts approximately 150 vendors and more than 7,500 of the world's most renowned security experts, executives and attendees. This is Raytheon's first year as an exhibitor and sponsor
Synolocker: Why OFFLINE Backups are important(Internet Storm Center) One current threat causing a lot of sleepless nights to victims is "Cryptolocker" like malware. Various variations of this type of malware are still haunting small businesses and home users by encrypting files and asking for ransom to obtain the decryption key. Your best defense against this type of malware is a good backup. Shadow volume copies may help, but aren't always available and complete
Bits and bytes in intelligence: Umbrella from OpenDNS(SC Magazine) In our other First Look this month we talk about the soft side of cyber intelligence. Our review for that was Silobreaker. Now we turn to the hard side of the equation: the bits and bytes. This is the aspect that helps us determine if addresses and domains are hosting attacks, malware or phishing. As one might expect, gathering that type of information needs sensors and, to be effective, lots of sensors. There are three generic ways to access/place sensors
A dual approach to risk management and mitigation of cyber threats(FierceBigData) Risk management and mitigation of cyber threats are no different from any other risk exposure facing companies. Effective strategies must employ a dual approach: security and insurance. Neither one alone is adequate, but both are necessary and more likely to address the growing cyber threats in their many manifestations
Is Third-Party Software Worth It?(Tripwire: State of Security) Several months ago, I was having a conversation with an engineer who was struggling with the various build system and legal hoops one has to deal with to include a third-party library
Android Dynamic Code Analysis — Mastering DroidBox(blog.dornea.nu) In this article I'll have a a closer look at DroidBox which provides a mobile sandbox to look at Android applications. In the previous post I've dealt with static code analysis. This time will start running our malicious application and look at the "noise" it generates
How to recognise the cyber insider threat(Computerworld) Losing business to a competitor because one of your trusted employees has walked out the door with sensitive information doesn't need to happen if you look for the signs and put controls in place, according to a panel of cyber security experts
The Best of Both Worlds(UC Santa Barbara Current) UC Santa Barbara cryptologists receive $500,000 from the NSF to study encryption algorithms that are both efficient and provably secure
AACC Cyber faculty one of 4,000 in world to earn Intrusion Certification(Eye on Annapolis) Marcelle Y. Lee recently became one of only 4,000 people in the world to earn a Global Information Assurance Certification (GCIA) as a Certified Intrusion Analyst. The instructional specialist at Anne Arundel Community College's CyberCenter, Lee plans to use that knowledge to enhance AACC's already advanced cyber training programs
Legislation, Policy, and Regulation
CSEC won't say how long it keeps Canadians' private data(Globe and Mail) The federal government's secretive electronic intelligence agency is not disclosing how long it can hold onto Canadians' communications — even though its leaders have said that "firm" time limits are in place to protect privacy
Military services seeking innovative ways to attract highly skilled recruits(Washington Post) The military services are looking at innovative ways to change their personnel systems to boost the recruitment and retention of skilled people. The services are considering steps such as starting people at higher ranks and providing career paths that might include going in and out of the service
North Carolina National Guard: Preparing Cyber Warriors for state and nation(DVIDS) What do major online and storefront retail giants, federal and state government agencies and national banks/financial institutions have in common? They all have suffered malicious cyber attacks over the past several years. Cyber intrusions and attacks expose sensitive personal and business information and disrupt essential operations negatively affecting business and the economy
Litigation, Investigation, and Law Enforcement
China Warns Microsoft Against Obstructing Probe(Wall Street Journal) Chinese regulators on Monday publicly warned Microsoft Corp. against obstructing an antitrust investigation into the firm, in the latest sign that Beijing has turned frosty on the U.S. software maker. China's State Administration for Industry and Commerce said in a statement that Microsoft should avoid "interfering in or obstructing" the probe. The regulator also said it had questioned Microsoft Deputy General Counsel
As evidence mounts, it's getting harder to defend Edward Snowden(Volokh Conspiracy via the Washington Post) The evidence is mounting that Edward Snowden and his journalist allies have helped al Qaeda improve their security against NSA surveillance. In May, Recorded Future, a predictive analytics web intelligence firm, published a persuasive timeline showing that Snowden's revelations about NSA's capabilities were followed quickly by a burst of new, robust encryption tools from al-Qaeda and its affiliates
Visit the Wrong Website, and the FBI Could End Up in Your Computer(Wired) Security experts call it a "drive-by download": a hacker infiltrates a high-traffic website and then subverts it to deliver malware to every single visitor. It's one of the most powerful tools in the black hat arsenal, capable of delivering thousands of fresh victims into a hackers' clutches within minutes
Google defends child porn tip-offs to police(AFP via Yahoo! News) Google defended its policy of electronically monitoring its users' content for child sexual abuse after it tipped off police in Texas to a child pornography suspect
Apple faces class action suit for tracking users without consent(Naked Security) Apple's been hit with a class action suit [PDF] in the US for using the location service function on its iPhones to track customers without notice to, or consent from, customers when it comes to their whereabouts being tracked, recorded, sent to Apple, and potentially provided to third parties
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
InfoSec 2014(Kuala Terengganu, Malaysia, October 8 - 10, 2014) You are invited to participate in The International Conference on Information Security and Cyber Forensics (InfoSec 2014) that will be held at Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu,...
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.