Moroccan hacktivists hit Saratoga County (in upstate New York, USA) to protest Israeli actions in Gaza. The episode points to something genuine hacktivists share with physical-space demonstrators: it's more about the demonstration than the disruption.
That said, it's worth turning to the ongoing cyber conflict among Russia and its targets in the near abroad. Forbes warns of "false flag" attacks, and, while this is a useful reminder of the inherent difficulties of attack attribution in cyberspace (a difficulty cyber attacks share with terrorist actions), the attacks the article discusses aren't really false flag operations. State cyber operations do indeed use front groups, but true false flags seem less common than fronts or (internal) provocations.
The Turla cyber espionage campaign, generally attributed to Russia, continues to infest diplomatic networks, with particular attention devoted to former Soviet republics and Warsaw Pact alumni.
CyberVor prompts discussion of the ethics of disclosure and the packaging of security services.
Last week's Gamma International hack, which leaked information on the distribution and use of the FinFisher lawful intercept tool, remains in the news. One of those claiming responsibility for the hack (who's anonymous-with-a-small-a) says it was easy, and publishes a how-to guide to penetrating non-cooperating networks. (A DIY competitor of FinFisher, in a way.)
Microsoft is increasingly unwelcome in China (but IBM seems to be doing alright there). Huawei, in bad odor with the US, finds customers in Canada.
IBM announces acquisition of Lighthouse Security. Gemalto sees SafeNet as an encryption and authentication cloud security play.
Today's issue includes events affecting Australia, Bahrain, Canada, China, European Union, India, Israel, Morocco, Palestinian Territories, Poland, Romania, Russia, Ukraine, United Arab Emirates, United States.
Salted Hash: Line Jumping at DEF CON 22(CSO) Today starts the final phase of Hacker Summer Camp, and Salted Hash will be wandering the halls — albeit a bit slowly — to offer random bits of coverage from DEF CON 22
DefCon: You cannot 'cyberhijack' an airplane, but you can create mischief(SC Magazine) It is not possible to hack a plane and take control of the aircraft, but creating some mischief is still possible, according to speakers at DefCon 22. Hacking a plane and taking control of the aircraft is a considerably scary prospect, but two speakers at DefCon 22 in Las Vegas quashed the notion and put worries to rest
Black Hat: Airport security equipment at risk(SC Magazine) While the Transportation Safety Administration and the Department of Homeland Security are very exacting in the specifications for airport security equipment must meet, x-ray machines, trace detection scanners, time and attendance clocks and the like all have backdoors and other vulnerabilities that can be exploited
Encryption Keeps Your Data Safe. Or Does It?(SecurityWatch) In the post-Snowden era, many people have come to believe that the only way to maintain privacy is through encrypting everything. (Well, as long as your encryption doesn't use the flawed RSA algorithm that gave the NSA a backdoor.) A fast-moving session at the Black Hat 2014 conference challenged the assumption that encryption equals safety. Thomas Ptacek, co-founder of Matasano Security, noted that "nobody who implements cryptography gets it completely right," and went on to demonstrate that fact in detail
Forget Car Hacking: Phone Calls and Web Bots Are the True Security Threat(Motherboard) Take a stroll through the Black Hat sales floor, where the nation's premier security conference is taking place this week, and you'll inevitably find some marketing types wearing tinfoil hats sucking down the cold, overly-processed air. It's their idea of 'fun' corporate irony. But it does reflect some truth: there's a lot of paranoia zipping around the gaudy halls of the Mandalay Bay hotel in Las Vegas
John McAfee In Crazytown(TechCrunch) "The press has portrayed me alternately as a mad genius or a mad psychotic genius," began the infamous John McAfee, speaking at Def Con — and why break that streak now? I must admit: when he's crazy, he's crazy like a fox. Ultimately, though, as insane and riveting as his tale is, what's most interesting to me is the way he has weirdly come to symbolize his audience
Will Putin go for cyber revenge?(Philly.com) Vladimir Putin is mad and has vowed revenge. Will it include a cybercrime wave directed at the West? And if yes, has it already begun?
Cyber-Security Expert Warns Of 'False Flag' Digital Attacks(Forbes) When a soldier comes under sniper fire, it's very difficult to know where the shots are coming from. But when it comes to war fought online, it's often a piece of cake to work out where an attack comes from. It's finding out who did it that's the hard bit
Security breach in NIC, critical data at risk(Hindustan Times) A major security breach of the National Informatics Centre (NIC), which runs all the emails of senior officials and websites of all central government departments, allowed hackers to issue several fraudulent digital certificates, raising global concerns about India's net security practices
Major Security Breach Disclosure Restarts Debate(IT Business Edge) Yesterday, Sue Marquette Poremba, writing on IT Business Edge about the alleged breach of over a billion personal records by a Russian gang, brought up the long-running question of the treatment of security breach disclosures
FinFisher hack: The Bahrain Logs(InternetProtectionLabs) On August 3rd, a hacker was able to obtain 40 GB of data from Gamma Group. Gamma Group is the producer of the notorious FinFisher malware that allows attackers to take over a target's computer, allowing the attacker access to the entire system, including turning on the webcam and microphone to spy on more than just the files present
Misconfigurations Expose Organizations to Serious Risks(Norse Blog) From the Norse DarkWolf Research Team: The following are some details on two of this week's most active/observed IPs. In reviewing our data and the trending activity of some potentially malicious actors, we noticed two IP addresses in Canada which were creating a whole lot of noise for a Linux high availability cluster protocol
Weekly Exploit Report—a few interesting ones to be aware of(Alert Logic Blog) This weekly report discusses some of the more interesting vulnerabilities found and provides information you can use to patch your impacted systems appropriately. If there is not a patch available make sure to check for signatures or patterns that you can use to build content for your compensating security controls
Security Patches, Mitigations, and Software Updates
Microsoft has announced the latest round of security improvements for Azure(WinBeta) In a blog post on the Trustworthy Computing blog, Microsoft details how they are making Microsoft Azure more secure. The latest improvements help keep their customer's data safe from attackers. Specifically, Microsoft is implementing the latest TLS/SSL protocols to keep data in transmission more secure. By adding Perfect Forward Secrecy (PFS) connections to Azure, it will have more secure keys to encrypted data
Watch That New Glucose Meter(LinkedIn) Apparently not just engineers are in demand at technology companies. According to the Reuters news service Samsung, Google and Apple are all hiring medical scientists with the hope of getting into the lucrative blood-sugar tracking market, estimated to be worth $2 Billion by 2017 by GlobalData. But if the devices — smart watches, for example — are marketed to diabetics, then the US Food and Drug Administration (FDA) will have to be involved. Experts predict these companies will first announce the products as fitness and health related , and not market them as medical devices
Inside The Crumbling Microsoft-China Love Affair(Worldcrunch) An antitrust investigation by Beijing authorities into the U.S. software giant was many months in the making, and may signal the end to a two-decade relationship built on billion-dollar deals
China's Huawei, Unwelcome in the U.S., Finds Favor in Canada(Bloomberg BusinessWeek) For years, Huawei Technologies has been a pariah in the U.S. The House Permanent Select Committee on Intelligence in 2012 issued a report concluding that its ties to the Chinese government pose a threat to U.S. national security and that Americans should avoid buying from the company, China's biggest maker of telecom-networking equipment
Apple iPads and MacBook Pros banned for Chinese government use(Naked Security) China's escalating anti-US tech rampage already includes banning Windows 8 for use in government offices, raiding Microsoft and partner Accenture's offices in China as part of an anti-trust investigation, and calling iPhones hazardous to state security
Gemalto to Buy Data Protection Firm SafeNet for $890 Million(Re/code) Gemalto NV, the digital security company that makes smart chips for mobile phones, bank cards and biometric passports, will buy U.S.-based data protection specialist SafeNet for $890 million, it said on Friday, in a move set to boost its earnings and reach
Summit Research: It's Time To Defend FireEye(Benzinga) On Friday, Summit Research Partners wrote a note to clients defending FireEye (NASDAQ: FEYE) following its second quarter results on August 5 and subsequent 11 percent decline the following trading day
On Point: Cloud Security Products Make Debut(Channelnomics) CloudLink Technologies, a leader in cloud security and data encryption management, announced the availability of CloudLink SecureVM solution for Microsoft Azure, enabling Azure customers to manage the encryption of Windows and Linux-based virtual machines…Catbird, a leader in security policy automation and enforcement for private clouds and virtual infrastructure, announced the forthcoming availability of its flagship cloud security and compliance solution, Catbird 6.0, with security policy automation for OpenStack
eScan Internet Security Suite with Cloud Security receives AV-TEST certification(Parda Phash) eScan, one of the leading Anti-Virus and Content Security Solution providers has bagged the latest AV-TEST certification for their Home user product, eScan Internet Security Suite with Cloud Security. The product proved 100% effective against harmful malware attacks, inclusive of web and e-mail threats during the test that was conducted in May and June 2014
ManTech upgrades enterprise malware defense platform(GCN) Government IT managers are always looking for ways to stay ahead of cybersecurity threats. To address the increasing need for enterprise threat detection tools, ManTech updated its Active Defense endpoint malware protection platform to better streamline detection and incident response
Mocana offers an alternative to OpenSSL on Apache web servers(Help Net Security) At the Black Hat conference, Mocana debuted its enterprise-grade NorthStar secure connectivity solution for Apache web servers, a highly secure, drop-in replacement for the vulnerability-prone and widely adopted OpenSSL stack
Unified solution for dynamic mitigation of cyberattacks(Help Net Security) ForeScout Technologies, provider of pervasive network security solutions for Global 2000 enterprises and government organizations, and ThreatStream, a cyber intelligence company that enables the disruption of cyberattacks in real time, today announced a partnership and plans to enable the ThreatStream OPTIC platform to interoperate with ForeScout's CounterACT platform
BAE Systems Applied Intelligence enhances its award-winning technology to help global companies combat increasing threat from money laundering(MENAFN Press) BAE Systems Applied Intelligence today unveils its enhanced NetReveal Anti-Money Laundering (AML) suite of solutions, which offers an end-to-end service that will help clients address ever more rigorous regulatory requirements. The updated suite builds upon the award-winning solution that was recognised by CEB TowerGroup as being a best in class provider for Anti-Money Laundering. It will offer current and prospective clients a range of new capabilities that will enhance their ability to prevent money laundering and terrorist financing, and manage compliance obligations
Kaspersky AntiVirus 2015 vs Bitdefender AntiVirus Plus 2015 — Which Can You Trust Better?(The Fuse Joplin) Who, in our days, doesn't have at least a computer in their house? If you're reading this, you probably have one too. Well, you know that when you first buy the computer, first thing that crosses your mind is that you need to find a good antivirus. An antivirus has become now a mandatory part of a computer, that's if you don't want to get overwhelmed with viruses from ads or so on. Today we thought we would cover two of the most talked about in this category: the Kaspersky Antivirus 2015 and the Bitdefender Antivirus Plus 2015. But now, which one do you choose?
Securonix Releases Industry's First Enterprise Class Real-Time Security Analytics Platform at Black Hat 2014(MarketWired) Securonix LLC, the industry-leading platform for security analytics and intelligence, today announced the general availability of Securonix Security Intelligence Platform 4.6, the company's flagship software platform for enterprise security analytics and intelligence. This new release brings the power of Securonix's purpose built security analytics into a real-time detection and response across an enterprise environment — network devices, applications, databases, and hosts
Technologies, Techniques, and Standards
Turns Out Your Complex Passwords Aren't That Much Safer(Wired) When the computer security company Hold Security reported that more than 1.2 billion online credentials had been swiped by Russian hackers, many people were worried — and justifiably so. Hold isn't saying exactly which websites were hit, but with so many credentials stolen, it's likely that hundreds of millions of ordinary consumers were affected
Insider threat program training starts with Security 101(Federal New Radio) The concept of putting an insider threat program (ITP) in place is to provide greater attention to protecting an organization's assets — personnel, data, information systems and networks — from the malicious insider
Verifying preferred SSL/TLS ciphers with Nmap(Internet Storm Center) In last year or two, there has been a lot of talk regarding correct usage of SSL/TLS ciphers on web servers. Due to various incidents more or less known incidents, web sites today should use PFS (Perfect Forward Secrecy), a mechanism that is used when an SSL/TLS connection is established and symmetric keys exchanged. PFS ensures that, in case an attacker obtains the server's private key, he cannot decrypt previous SSL/TLS connections to that server. If PFS is not used (if RSA is used to exchange symmetric keys), then the attacker can easily decrypt *all* previous SSL/TLS connections. That's bad
Botnets: What are They, and How can You Protect Your Computer?(CollaboristaBlog) Chances are that every day your email address receives more than its fair share of spam messages. With luck you have good spam-filtering technology in place which (hopefully) is blocking most of the unwanted email and allowing only legitimate messages through
Cookies with Secure Flag: Undesired Behavior in Modern Browsers(Infosec Institute) When a cookie has secure flag set, it will only be sent over secure HTTPS, which is HTTP over SSL/TLS. This way, the authentication cookie will not be disclosed in insecure communication (HTTP). It turns out, however, that an insecure HTTP response can overwrite a cookie with secure flag in modern browsers. As a consequence, insecure HTTP traffic can have an impact on secure HTTPS traffic, which doesn't look good from a security point of view. This undesired behavior is the subject of this article
How to Harden SSH with Identities and Certificates(Magnus Deininger) Whether you just need to feel in power or you actually use shells for day-to-day tasks, the Secure Shell [SSH] is probably the most important administrative access tool to your servers. It's also one of the least secured mission-critical services on most UNIX servers. Why? Because for some reason people are still using mere passwords to protect their root accounts. That's not quite as bad as using telnet, but not by too much. You might as well be using plain FTP to transfer data to your server… oh, wait, that's another article
The art and science of detecting emerging threats(Help Net Security) In this interview, Stephen Huxter, COO at Darktrace, talks about the challenges involved in detecting emerging threats, Recursive Bayesian Estimation, the evolution of AI, and more
Seniors' Role in Cyber Security Risk Management(ClickSSL) Cyber security is now not a secret for anyone, perhaps you might encounter with words like cyber crime, hacking, web security in your daily newspaper, online news, blog, magazine, etc. Due to nasty afflux of cyber threat, organizations must take strict action against these culprits or they may have to face critical time for their business. We habitually come to see millions of data breaches occur because of structural and organizational issues. Organizations are facing holdup in ceasing cyber crime in a complete manner. Thus, it seems difficult to carry risk management oriented Cyber security model. Even after spending millions of dollars cyber security has not achieved its true mark and senior leaders in organization should have to understand that global economy is still affected with cyber crime
Call For Entry: CREATING CONNECTIONS(Maryland Art Place) Maryland Art Place (MAP), in partnership with CyberPoint International is pleased to announce an open 'Call to Artists'. As an extension of MAP's annual IMPRINT Project, MAP is working with CyberPoint to offer a unique opportunity to female visual artists of the greater Baltimore metropolitan area. Collectively, MAP and CyberPoint wishes to commission a new work of art as well as license the image of that new work of art. The image of that artwork will be reproduced in a limited edition and presented to the guests of CyberPoint's Women in Cyber Security reception on October 29th, 2014
What Apple's secret in-house university teaches employees about good design(Quartz) At the top-secret internal training sessions that Apple offers to its employees, the message boils down to this: Be more like Picasso and less like Google. That's the takeaway from an excellent New York Times report on Apple University, as the iPhone maker's training program is known, which drafts in Ivy League professors and features tailor-made courses for incoming acqui-hires like Dr. Dre of Beats
Want a tech job? Study this. Advice from Mozilla, Reddit, Tumblr and more(Washington Post) Aaron Saunders, chief executive of Clearly Innovative, took a traditional route to a tech career: He earned a computer science degree at Ohio Wesleyan, studied marketing and information technology en route to an MBA from NYU, then hopped through jobs as an application architect for Lotus Development, a designer of Web strategy for Time Warner Cable, and a manager for the redesign of an e-commerce site
How to turn every child into a "math person"(Quartz) Last month, the US Math Team took second place in the International Math Olympiad — for high school students — held in Cape Town, South Africa. Since 1989, China has won 20 out of 27 times (including this year), and in the entire history of the Olympiad, the US Math Team has won only 4 out of 55 times, so second place is a good showing. According to the American Mathematical Association website: "team leader Loh noted that the US squad matched China in the individual medal count and missed first place by only eight points"
Accenture caught up in Microsoft China antitrust probe(ZDNet) Chinese regulator visits Accenture's Dalian office to access Microsoft-related documents as part of an ongoing anti-monolopy investigation on the software vendor. The U.S. consulting firm insists it's "not part of the antitrust probe"
China spies — sex to cyber(Toronto Sun) Sex-and-spying award winner? China's nominee is surely Katrina Leung, codenamed Parlour Maid. She'd pocketed $1.7 million in FBI money to spy on China by the time Washington figured out she was moonlighting as a double agent for Beijing — while bedding two senior FBI counterintelligence officers, in the process. Now, that's dexterity
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Security Essen 2014(Essen, Germany, September 23 - 26, 2014) Security Essen will offer the whole world of security and fire protection technology under one roof with a comprehensive overview of new security technologies and security concepts. From mechanical security...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.