Turla (a.k.a. Snake, a.k.a. Orobouros) seems to be slithering these days through the former Soviet republics and Warsaw Pact alumni of the Near Abroad. MIT Technology Review (reporting FireEye research) notes spikes in relevant malware command-and-control traffic immediately preceding Russia's incursion into Ukraine and Israel's operations against Hamas in Gaza. (While duly noting the (real but easily exaggerated) difficulty of distinguishing hacktivism from state-conducted cyber ops, one discerns a useful new entry into the catalogue of indications and warnings.) Belgium's Foreign Ministry says it's recovering nicely from its own earlier Snake infestation.
Bitdefender finds two new GameoverZeus variants active in the wild. The criminal botmasters, interestingly, appear to be upping their quality-control game.
The niche in the cybercriminal ecosystem formerly occupied by Blackhole is, Trustwave reports, being filled by the Magnitude exploit kit, which is largely devoted to spreading CrytoWall ransomware.
F-Secure finds that smartphone vendor Xiaomi's products have been quietly reporting user data back to its servers in China. Xiaomi apologizes and pushes an update to its customers.
US financial sector watchdogs and associations warn consumers against a too carefree adoption of virtual currencies.
Microsoft will patch two critical vulnerabilities later today, one affecting IE versions 6 to 11, the other in professional and business versions of Windows 7, 8, and 8.1.
Cyber value-at-risk remains difficult to estimate, as a study suggests executives routinely underestimate the costs data loss imposes on their companies.
NATO prepares for its September summit. Observers urge the alliance to clarify Article 5 for cyberspace.
Today's issue includes events affecting Algeria, Belgium, Egypt, European Union, India, Israel, Morocco, NATO, Palestinian Territories, Russia, Tunisia, United Kingdom, United States.
Belgian foreign ministry recovers from cyber-attack(Telecompaper) Belgium's foreign ministry finally has full internet access across all platforms, after it was the victim of repeat cyber-attacks in May, a spokesman for the ministry told the Wall Street Journal. The attack wasn't completely debilitating
Two new Gameover Zeus variants in the wild(SC Magazine) Two new Gameover Zeus variants have been found in the wild. Just two months after international law enforcement and security companies teamed to dismantle the Gameover Zeus botnet, researchers have found two new variants of the malware in the wild
Critical 0-days found in CPE WAN Management Protocol(Help Net Security) Check Point has released its findings of security concerns in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and consumer home internet equipment such as Wi-Fi routers, VoIP phones, amongst other devices
Millions of PCs Affected by Mysterious Computrace Backdoor(Threatpost) Nearly every PC has an anti-theft product called Computrace embedded in its BIOS PCI Optional ROM or its unified extensible firmware interface (UEFI). Computrace is a legitimate, trusted application developed by Absolute Software. However, it often runs without user-consent, persistently activates itself at system boot, and can be exploited to perform various attacks and to take complete control of an affected machine
NSA-Proof "Blackphone" Gets Rooted Within 5 Minutes(Hacker News) The ultra secure NSA-Proof Blackphone titled as, "world's first Smartphone which places privacy and control directly in the hands of its users," has been rooted within 5 minutes at the BlackHat security conference in Las Vegas this weekend
Bitcoin: More than a Bit Risky(FINRA) Bitcoin and other digital currencies have garnered considerable attention. Media reports have focused on virtual currency's potential promise to businesses and consumers — but also on very real abuses and criminal activity associated with it. Government hearings have been held on virtual currencies. In 2013 the US Securities and Exchange Commission (SEC) charged a Texas man and his company with fraud involving an alleged Bitcoin Ponzi scheme. More recently, on February 19, 2014, the SEC suspended trading in the securities of Imogo Mobile Technologies Corp — which had announced testing of a new mobile platform for Bitcoin a few weeks earlier — because of questions about the company's business, revenue and assets. And on February 24, 2014, the Tokyo-based Mt. Gox, one of the largest bitcoin exchanges, stopped its operations. It subsequently filed for bankruptcy in Japan on February 27th and in the U.S. on March 10th
The dangers of backdoor passwords(Help Net Security) In an increasingly connected world, backdoor passwords have large implications on the Internet of Things, the medical world and industrial control systems
Wie schlimm ist BadUSB wirklich?(Security Insider) Nachrichten zu einem möglichen Angriff mittels manipulierten USB-Geräten sorgten für Unruhe. Was genau dahinter steckt und wie dramatisch der Angriff wirklich ist war unklar. Auf der BlackHat wurden jetzt Details zum BadUSB-Angriff vorgestellt. Die gute Nachricht: Eine Attacke vorzubereiten ist deutlich komplexer, als es in ersten Berichten den Anschein hatte
Bulletin (SB14-223) Vulnerability Summary for the Week of August 4, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Microsoft To Patch 2 Critical Bugs(InformationWeek) Microsoft will fix two critical bugs on Patch Tuesday — but not for Windows 8.1 users who haven't installed the Windows 8.1 Update
Xiaomi Issues Update After Data Privacy Concerns(Infosecurity Magazine) Chinese smartphone poster child Xiaomi has been forced to issue an over-the-air update to its iCloud like messaging service after privacy concerns were raised over the amount of device and user details being silently sent to and stored on the company's servers
Blackphone Vulnerability Soon to Receive Full Fix(Softpedia) The famous Blackphone, the mobile built to offer encryption to all forms of communication it can manage (calls, emails, text and web browsing), has been rooted at the DefCon hacker conference in Las Vegas, but its makers say that all is to receive a fix in a short while
Move Over Web Security, Embedded Devices are Darling of Black Hat(Threatpost) At the risk of diving headfirst into the Internet of Things fray, embedded device security emerged as a shiny new penny during last week's Black Hat and DEF CON festivities. Firmware is the new hacker black, and everything from USB sticks, to home routers, to automobiles is in play for exploits, data theft and privacy erosion
Most people think public Wi-Fi is safe. Seriously?(Naked Security) Most people who use public Wi-Fi couldn't care less about security, according to the recent 2014 Communications Market Report from Ofcom — the UK's Office of Communications/regulatory authority for telecommunications
CyberLightning Raises $4.2M To Bring 3D Interface To Industrial 'Internet Of Things' Monitoring(TechCrunch) When you think about the Internet of Things (IoT) you['re] likely think of consumer hardware products like smart thermostats, WiFi lightbulbs or Quantified Self gadgets, such as various fitness trackers and other gizmos. CyberLightning, however, is an IoT startup of a different kind. It offers a platform for industrial IoT usage, such as utility companies or other providers of infrastructure, to help them monitor their wares via a 3D user interface that makes complex 'big data' easier to get a handle of and which can be mission critical when managing smart city grids and other aspects of the industrial Internet of Things age
Square Launches Bug Bounty, Hires Top Security Researcher(Theatpost) The bug bounty phenomenon began mainly with major software vendors and security companies, which were the main targets for security researchers and attackers. But it is now moving to virtually every corner of the Web and software ecosystem, and the latest company to join the party is Square, the mobile payment company
Jacobs Provides Information Assurance Services(SIGNAL) Jacobs Technology Inc., Bedford, Massachusetts, has been awarded a $21,143,345 cost-plus-fixed-fee and cost-reimbursable contract modification (P00009) for FA8721-14-C-0018 to provide engineering and technology acquisition support services, which consist of disciplined systems/specialty engineering and technical/information assurance services, support, and products using established government, contractor, and industry processes
Ecrypt Technologies Announces Impending Alpha Unit Release And Formation Of Strategic Partnerships(Broadway World) Ecrypt Technologies, Inc. has announced that the Alpha Unit for its state of the art, secure email system, Ecrypt One, is being tested in a newly developed "sandbox" that has been developed by the company for potential end users to test the system in a safe environment. The sandbox provides a virtual platform wherein qualified potential commercial customers are allowed to test the security of the technology without requiring the associated costs or labor of integrating it into their infrastructure
Bremer Bank Selects ForeScout CounterACT for Real-time Visibility, Guest Access and Control Automation(Globe Newswire) ForeScout Technologies, Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, today announced that Bremer Financial Corporation has successfully deployed ForeScout CounterACT™. ForeScout's agentless approach enabled the bank to migrate off of its existing 802.1X infrastructure and provides comprehensive, real-time network visibility across all endpoints, resulting in improved compliance with security policies without negatively impacting user experience or productivity
Avast vs AVG: Which One Should Be Your Best Security Buddy(Streetwise Tech) When it comes to free online antivirus programs, both AVG and Avast have been making it to the limelight as AVG and AVast are highly reliable antivirus programs that can highly be depended upon when you speak of online protection from viruses and other malicious online threats. But looking at both, is there a big difference in the kind of protection that they offer? We'll take a closer look at their advantages
Detect and respond(Help Net Security) At a recent security and risk management conference I had an opportunity to talk with industry analysts about today's challenges in network security. It seems that many analysts' perspectives are driven by client inquiries that seek simple product recommendations to solve complex challenges. A recurring problem with this sort of inquiry is that oftentimes the right solution requires more than the purchase of a product
BYOD: 10 ways to fight back(Help Net Security) The adoption of BYOD policies in SMBs means that IT has to protect devices that they didn't even specify, procure or configure. In addition, most companies are now multi-platform, blending in Linux and the Mac with their mainstay Windows client and server systems
NATO's September Summit Must Confront Cyber Threats(Breaking Defense) Cyber is already an integral part of all conflicts and wars in today's world. But there is plenty of work and planning ahead before NATO, as an alliance, is a credible player in the cyber domain. Most urgently, in the ongoing hybrid warfare in Ukraine, where the border between peace and war is intentionally blurred and where armies do not take on the role of a direct aggressor, NATO must improve its collective capabilities in cyberspace and its interpretation of Article 5, the famous treaty provision which says an "armed attack" — a term never defined — on one member of the alliance is an attack against all. President Obama and his European counterparts must make tough decisions and clear guidelines at the NATO Summit in September
Hagel Urges Expanded U.S.-Indian Defense Cooperation(DoD News) Defense Secretary Chuck Hagel today called for the United States and India to do more to transform their defense relationship through increased partnerships in production and technology, given the edge he said both nations have in science and innovation
Does U.S. Truly Want Cyber Peace?(BankInfoSecurity) The United States government does not want peace in cyberspace, contends cyber-conflict historian Jason Healey, a former White House cyber infrastructure protection director
Court Rejects Deal on Hiring in Silicon Valley(New York Times) There is "ample evidence" that Silicon Valley was engaged in "an overarching conspiracy" against its own employees, a federal judge said on Friday, and it should either pay dearly or have its secrets exposed at trial
Checking In On Africa: The Latest Developments in Cybercrime(TrendLabs Security Intelligence Blog) In the early 2000s, Africa gained notoriety due to the 419 "Nigerian" scam. This scam involved making payments in exchange for a reward for helping so-called high-ranking Nigerian officials and their families. While all the scams may not have necessarily originated from Africa, the use of Nigerian officials was imprinted upon the public consciousness, thereby forever associating this scam with the continent
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
DerbyCon 4.0(Louisville, Kentucky, USA, September 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.