The conflict around Gaza spawns many anti-Israeli denial-of-service campaigns. Some of these appear to derive from an Iranian controlled botnet, but whether the action is primarily state-directed or self-organized hacktivist cyber-rioting remains unclear.
CyberVor's big sweep of credentials remains the big story in cyber. The consensus is that the crooks certainly got something, and that they're using it to spam. How they got it and what the theft's further implications might be remain unclear. Many observers offer sound (if familiar) password hygiene advice. Several analysts call the event the password's death-knell.
Background-checking firm USIS has suffered a hack, which it says bears the hallmarks of a "state-sponsored" operation. The US Office of Personnel Management and Department of Homeland Security, both major USIS customers, temporarily suspend some use of the company's services.
Lawful intercept vendor Gamma International (makers of FinFisher) has also been hacked (and spoofed). FinFisher details as well as customer information have leaked.
FireEye finds an APT campaign, "Poisoned Hurricane," active against US and Asian targets. The APT conceals its operations with hijacked domains.
Facebook buys security start-up PrivateCore.
FireEye and Fox-IT offer free CrytoLocker recovery support.
Black Hat USA is wrapping up, and accounts of some of its more interesting presentations are online. In-Q-Tel's CISO Geer delivered a provocative keynote. He advocates cornering the market on exploits (then disclosing them); he sees home routers as critical infrastructure, etc. Other symposiasts note that the line between legitimate vulnerability research and cyber crime can be murky: clarity would be welcome.
Today's issue includes events affecting Algeria, Australia, China, India, Iran, Israel, Palestinian Territories, Russia, United Arab Emirates, United Kingdom, United States, and Vietnam.
Dateline Black Hat USA 2014
Briefings — August 6-7(Black Hat USA 2014) [Black Hat's repository of text and slide decks from keynotes and presentations]
Separating Cybersecurity Hype from Reality(Townhall) The big players in the global information-security industry are intermingling with computer hackers this week at the annual Black Hat conference in Las Vegas. Even Chris Inglis, who stepped down as the deputy director of the National Security Agency earlier this year, is scheduled to attend the conference in his new capacity as an advisor to the American security-intelligence company Securonix. The purpose of the event is to reveal and discuss new threats and research in the field of cybersecurity
Treat Computer Hacks Like Disease Epidemics(Bloomberg View) A cybersecurity guru who works for the U.S. Central Intelligence Agency's venture capital arm has suggested a wholesale solution to the problem of malicious hacking: Treat vulnerabilities as if they are disease outbreaks and make cures publicly available at government expense. This is a brute force approach that would change the rules of what is currently a game of cops and robbers
Legal Divide Between Security Research and Cybercrime Remains Murky(Threatpost) In his keynote address at Black Hat Wednesday, Dan Geer, the CISO of In-Q-Tel and a respected security luminary noted that the industry has never been closer to the forefront of corporate and government policy decision making. Despite this, security research remains a dangerous business for those who seek out bugs in software systems and face prosecutions and lawsuits as a result
Black Hat 2014: Hacking the Smart Car(IEEE Spectrum) Walk into a BMW, Infiniti or Cadillac showroom, and you might see a host of enticing new cars. Chris Valasek, on the other hand, sees targets for an attack
Prevasive OTA Carrier Controls Exploitable on a Massive Scale(Threatpost) Device manufacturers and service providers quietly maintain a pervasive level of remote control over the devices they sell to consumers so they can push over-the-air (OTA) updates for a variety of reasons, but problematically one popular product that enables this type of control is poorly secured and knowledgeable attackers can exploit it in order to compromise affected smart phones, basebands, laptops and other electronic devices
Hackers confused Iranian scientist by blaring AC/DC in nuke lab(Crowdfunding Today) Call it black hacker humor. With a twist. During a thoroughly detailed and far ranging talk about hacking and malware propagation at the Black Hat conference attended by 2,000 in a massive conference room at the Mandalay Bay Wednesday, legendary computer security visionary Mikko Hypponen had a funny story to tell
The tip of the iceberg? Why massive Russian cyber attack should be a wake-up call(Infosecurity Magazine) It's rare that information security stories break through into the mainstream press. The eBay data breach and Gameover Zeus takedown are two rare examples from 2014. Yet to this exclusive list was added another on Wednesday when news broke that a Russian cybercrime gang had amassed a staggering 1.2 billion user name and password combinations and 500 million email addresses from poorly protected sites
Q&A on the Reported Theft of 1.2B Email Accounts(Krebs on Security) My phone and email have been flooded with questions and interview requests from various media outlets since security consultancy Hold Security dropped the news that a Russian gang has stolen more than a billion email account credentials. Rather than respond to each of these requests in turn, allow me to add a bit of perspective here in the most direct way possible: The Q&A
U.S. Homeland Security contractor reports computer breach(Reuters) A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that "it has all the markings of a state-sponsored attack"
Top gov't spyware company hacked; Gamma's FinFisher leaked(ZDNet) The maker of secretive FinFisher spyware — sold exclusively to governments and police agencies — has been hacked, revealing its clients, prices and its effectiveness across an unbelievable span of apps, operating systems and more
Oracle Database Redaction 'Trivial to Bypass'(Threatpost) David Litchfield for many years was one of the top bug hunters in the game and specialized in causing large-scale headaches for Oracle. When he decided to retire and go scuba diving, there likely were few tears shed in Redwood City. Litchfield recently decided to resurface, which is good news for the security community and users but may not cause a celebration among Oracle engineers
Blue Coat Uncovers New Malvertising Attack Leveraging Major Ad Network to Deliver CryptoWall Ransomware(Broadway World) Blue Coat Systems, Inc., the market leader in business assurance technology, recently uncovered a malvertising attack that is leveraging major legitimate ad networks such as ads.yahoo.com to drive a CryptoWall Ransomware campaign. In malvertising attacks, cyber criminals gain legitimacy for their ad servers within ad networks and then serve malicious ads to high-profile sites. The ads appear legitimate but deliver malware or other unwanted software to the unsuspecting user
Magnitude Exploit Kit Backend Infrastructure Insight — Part I(Trustwave SpiderLabs Anterior) In our recently released Trustwave Global Security Report Online and previous Magnitude blog post, A Peek Into the Lion's Den — The Magnitude [aka PopAds] Exploit Kit, we detailed our discovery of one of the more prevalent exploit kits seen these days, showed an inside look at the control panel and analyzed the kit's activity over one month
Windows OS loophole resurfaces, says Kaspersky(Economic Times) IT security firm Kaspersky Cyber security firm Kaspersky today claimed it has detected an old, widely known vulnerability that was used in a cyber attack to sabotage Iran's nuclear programme in some versions of Windows platform across 19 million computers, including in India
Security Patches, Mitigations, and Software Updates
Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability(Cisco) A vulnerability in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted EnergyWise packet to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device. Cisco has released free software updates that address this vulnerability
Internet Explorer begins blocking out-of-date ActiveX controls(IEBlog) As part of our ongoing commitment to delivering a more secure browser, starting August 12th Internet Explorer will block out-of-date ActiveX controls. ActiveX controls are small apps that let Web sites provide content, like videos and games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren't automatically updated, they can become outdated as new versions are released. It's very important that you keep your ActiveX controls up-to-date because malicious or compromised Web pages can target security flaws in outdated controls to collect information, install dangerous software, or by let someone else control your computer remotely
Secure Cloud Provider FireHost Fills Two Key Posts — Adds New Chief Marketing Officer, Head of EMEA Business(Broadway World) FireHost, the secure cloud provider, has hired two security and cloud veterans to further guide the company as it continues its high-growth momentum. The company has named Steve Lesem as chief marketing officer and Eleri Gibbon as vice president of EMEA (Europe, Middle East and Africa). The appointments strengthen FireHost's international presence and help expand its market presence for compliance- and security-driven businesses
FishNet Security Expands Testing Capabilities With $5M Cloud-Based Lab(Power Engineering) FishNet Security, North America's largest independent information security solutions provider, announces the opening of a state-of-the-art, cloud-based technology testing lab in the company's newly expanded St. Paul office. The "cLab" is a $5 million investment that allows FishNet Security, its partners and customers to vet technologies in a virtual IT environment using simulated network conditions and attack scenarios. During the product selection phase, customers can test technologies and configurations prior to purchase to improve deployment time and reduce risk
AdaptiveMobile to Showcase Powerful, Cloud-Based Mobile Security Management (MSM) Platform for the Enterprise at the Gartner Catalyst Conference(Broadway World) AdaptiveMobile, the leader in mobile security, today announced that it will demo the AdaptiveMobile Enterprise Mobile Security Management (MSM) platform, a comprehensive, cloud-based mobile security solution for the enterprise, at the Gartner Catalyst Conference on August 11 in San Diego. AdaptiveMobile Enterprise MSM provides a security anchor for IT and security departments needing protection in a corporate ecosystem that is always-on, in constant movement, and that involves employees, contractors, partners, customers and others using multiple connection points for access
Eset Smart Security and Eset Nod32 Antivirus 8 Beta released(Neowin) NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Smart Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life
Microsoft Security Essentials or Norton Antivirus which gives the best protection?(Gamer Headlines) There are several antivirus software that you can use to keep the data on your computer safe. Two of such software that you can go for are Microsoft Security Essentials and Norton Antivirus. Although both of them could be used to achieve the same goals, there are quite a number of differences between them. Below is a comparison of the two so that you can make the right choice of antivirus for your laptop or PC
WWPass Introduces Hacker-Proof Mobile Multi-Factor Authentication and Privacy Protection System for Business(Digital Journal) Combining unmatched security and convenience, WWPass® has launched a mobile version of its patented, unbreakable, cloud-based, multi-factor authentication and privacy protection system. WWPass technology encrypts user data, fragments and disperses it across 12 separate global locations in the cloud, making it inaccessible to identity thieves, producing an unmatched level of security. Instead of providing a username and password to retrieve the data and access secure networks and servers, users connect a physical PassKey token to the USB port or NFC reader to authenticate. With PassKey for Mobile, Android mobile device users can turn their device into a mobile token via Wi-Fi or Bluetooth technology for the most secure, multi-factor authentication available on the market today
CGI accredited for cyber security evaluations by CESG(SC Magazine) CGI has become the only test lab in the UK able to perform common criteria tailored assurance scheme (CTAS), commercial product assurance (CPA), security evaluations, and CESG assured services (CAS) evaluations following approval by CESG, the UK Government National Technical Authority for Information Assurance. "These accreditations are the latest in a long line of such schemes that CGI UK has invested in. We see these schemes as an important part of establishing our credentials, especially amongst Government clients," Andrew Rogoyski, head of cyber security at CGI in the UK told SCMagazineUK
Ionic Security wants to turn the way we think about protecting our data on its head…(Decrypted Tech) The thought of a network breach or targeted attack is what keeps most systems admins up at night and constantly irritated to boot. The need to man the walls and make sure the moat is filled all the time is exhausting and nearly impossible in today's moderns and increasingly distributed networks and business models. It makes the thought of a breach not a "what if", but a "when". This is becoming the new way of thinking about security. As we have talked about in the past people are no longer thinking they can keep everyone out, but are concentrating on quickly identifying and mitigating the inevitable breach
Risk I/O Threat Management Platform to Include Verisign iDefense Zero-Day Vulnerability Intelligence(Digital Journal) Risk I/O, the leading vulnerability threat management platform announced today that they have licensed Verisign's iDefense vulnerability intelligence reports which will be included and fully integrated into Risk I/O's threat processing engine. Verisign's vulnerability, attack and exploit data includes unpublished zero-day vulnerabilities collected from over 30,000 products and 400 technology vendors which will be incorporated into the Risk I/O platform
Securonix Releases Industry's First Enterprise Class Real-Time Security Analytics Platform at Black Hat 2014(Digital Journal) Securonix LLC, the industry-leading platform for security analytics and intelligence, today announced the general availability of Securonix Security Intelligence Platform 4.6, the company's flagship software platform for enterprise security analytics and intelligence. This new release brings the power of Securonix's purpose built security analytics into a real-time detection and response across an enterprise environment — network devices, applications, databases, and hosts
Technologies, Techniques, and Standards
In Fight With Hackers, We Are on Our Own(New York Times) Call it the hack whipsaw. A computer security company — it is rarely a government entity — comes out with a new report. Millions of stolen passwords. Tens of millions. No, hundreds of millions
CipherShed(CyberPunk) CipherShed is free (as in free-of-charge and free-speech) encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project
Securing VoIP systems(Infosec Institute) Download & Resources
Sign up for our newsletter to get the latest updates.
View our FREE mini-courses!
View our FREE mini-courses!
Voice over Internet Protocol (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. VoIP communication has reduced the cost of international calls dramatically allowing people to dial ISD calls with a cheaper cost. In this growing era of smartphones everyone carries a VoIP application in their pocket to make cheap calls
Data Breach Response Planning 101(HackSurfer) Don't think in terms of "if" you'll suffer a data breach, but rather, "when." Once you establish this mindset, it's time for you to develop a response plan. After all, a security system that's impenetrable has yet to be invented
8 Tips to Stay Safe Online(Webroot Threat Blog) Yesterday, the New York Times published an exclusive story on what many are stating to be the largest series of hacks ever, all revealed by Hold Security in their latest report. With a report of over 1.2 billion unique username-password combinations and over 500 million e-mail addressed amassed by a Russian hacker group dubbed CyberVol (vol is Russian for thief). While the reactions among the security industry are mixed, with some researchers raising a few questions of the masterwork behind the hack, the story does bring to the public's attention the necessity of strong, personal, online security policies for all aspects of the connected life
5 Steps To Supply Chain Security(Dark Reading) The integrity of enterprise data is only as strong as your most vulnerable third-party supplier or business partner. It's time to shore up these connection points
Sending Mixed Messages With Passwords(TrendLabs Security Intelligence Blog) The biggest security headache that consumers face on a regular basis may well be… the password. You need one to do just about anything online nowadays. This makes them very valuable targets of theft — as the news that "1.2 billion" passwords were stolen highlights. Unfortunately, remembering passwords for all the sites that people use every day can be a challenge
Mitigating the Risk of Backdoor Attacks(BankInfoSecurity) The exploit of backdoors has been linked to recent attacks waged against the retail industry, including the third-party attack on Target Corp
Simulators solving cyber training challenges(C4ISR & Networks) Soldiers on the battlefield, with bombs exploding nearby and rifle fire coming from somewhere in the middle distance, is in no position to learn how to use the computing and communications systems that their lives might depend on. The time for training — thoroughly — is long before their boots hit the dirt
Meet the Puzzle Mastermind Who Designs Def Con's Hackable Badges(Wired) Def Con is one of the world's biggest hacker conventions, an annual gathering of security experts, cryptographers and at least a few people who could surreptitiously drain your bank account if they wanted. They come to Las Vegas to learn about the latest computer vulnerabilities and exploits, show off their skills, and hack or crack anything that can be hacked and cracked — including the conference badges
Research and Development
Bottom Up! Tool Transfers Unclassified Data to Classified Networks(SIGNAL) The Tactical Army Cross Domain Sharing device will connect the unclassified Rifleman Radio to the classified Nett Warrior system, autonomously sharing critical soldier location information for improved situational awareness on the battlefield. A small form factor device that will allow communications from low-level unclassified networks up to high-level secret classified networks has completed the development stage and is in the process of transferring to its new program. Created at the Communications-Electronics Research, Development and Engineering Center (CERDEC), the Tactical Army Cross Domain Information Sharing (TACDIS) tool is an easy-to-connect cable that will enhance situational awareness at the top to protect troops at the tactical edge
Blame bad science on profit-making journals(Quartz) Imagine you're a scientist. You're interested in testing the hypothesis that playing violent video games makes people more likely to be violent in real life. This is a straightforward theory, but there are still many, many different ways you could test it. First you have to decide which games count as "violent." Does Super Mario Brothers count because you kill Goombas? Or do you only count "realistic" games like Call of Duty? Next you have to decide how to measure violent behavior. Real violence is rare and difficult to measure, so you'll probably need to look at lower-level "aggressive" acts — but which ones?
Forgot Your Password? Don't Worry, the Kremlin Has It.(Global Voices) If you are officially recognized as a blogger in Russia, your name will soon appear on a state "blogger registry." Only a handful of names have appeared on the list since its launch last Friday, but there's no telling how many bloggers Russia's communications agency, Roscomnadzor, will add to its records
China has neutralized the social media threat(Quartz) For the past four years, China's government and its far-reaching bureaucracy have embarked on campaign to take back China's weibo microblog scene from the masses, who have been using social media services to expose corrupt officials, circulate news, and air their opinions
In Bipartisan Achievement, Meehan-Led Cyber Bills Pass House(National Journal) The House of Representatives today passed groundbreaking cybersecurity legislation co-sponsored by Congressman Patrick Meehan (PA-07). Meehan chairs the House Homeland Security Committee's Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies
CIA Insider: U.S. Should Buy All Security Exploits, Then Disclose Them(Wired) To increase the security of the internet and computers, the government should corner the market on zero-day vulnerabilities and exploits, offering top-dollar to force out all other buyers. At least, that's what Dan Geer thinks, and his opinion matters. Geer is chief information security officer at the CIA's venture capital arm In-Q-Tel, which invests in technologies that help the intelligence community
'We've Got To Wake Up': Frank Kendall Calls For Defense Innovation(Breaking Defense) "We've been complacent," Frank Kendall said. For decades, the Pentagon's top weapons buyer said yesterday, the US has assumed its forces will be better equipped than any foe, but that's increasingly in doubt: "Our technological superiority is very much at risk, there are people designing systems [specifically] to defeat us in a very thoughtful and strategic way, and we've got to wake up, frankly"
CIA Didn't Really Hack Senate Computers(Nextgov) CIA personnel probably didn't commit a hacking crime by rummaging through congressional computers used to research the agency's torture activities, former federal attorneys and scholars say
Why The Gmail Scan That Led To A Man's Arrest For Child Porn Was Not A Privacy Violation(TechCrunch) No one will argue against the outcome of a case which saw a man arrested on child pornography charges, after Google tipped off authorities about illegal images found in the Houston suspect's Gmail account. But the nature of how the discovery came about led some to questions about the methodologies used behind the scenes. Was Google actively scanning Gmail for illegal activity?
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.