Did you hear Russia's PM Medvedev had resigned? Neither had Mr. Medvedev — his Twitter account was hijacked to tweet a resignation in (implausible) shame over his government's conduct. Anti-Putin hacktivists Sholtay-Boltay claim credit.
Taiwan complains publicly of Chinese cyber attacks.
Iranian dissidents (and ordinary Internet users) increasingly work Tor to evade Islamic Republic censorship. (Tor also retains its attractiveness to botnet masters.)
Symantec releases a study of obfuscation and finds, interestingly, noticeably fewer instances of malware shutting down upon detection of a virtual machine. Since determining that software is running in a VM is a useful indicator that the software may be under analysis, this shift indicates either that malware authors are becoming careless or (far more likely) they've decided other forms of evasion are a better investment.
Anonymous continues to hack Ferguson, Missouri, USA, over a controversial police shooting. Someone — possibly a hacktivist opposed to Anonymous — sets up a spoof site to troll Anonymous sympathizers.
Hold Security responds to critics of its handling of the CyberVor discovery, and publishes a CyberVor FAQ.
Researchers offer an overview of automotive cyber attack surfaces.
BlackBerry has patched its OS and enterprise server software.
Harvard Business Review and the Atlantic publish, respectively, a call for a workplace cyber panopticon and a rebuke to the Internet's marketing roots.
Frances' ANSSI issues guidelines for ICS cyber security.
NATO is again encouraged to think through Article 5's application in cyberspace.
US Department of Homeland Security critical infrastructure protection and cyber security programs receive marks from partners.
Today's issue includes events affecting Austria, China, European Union, France, Iran, Netherlands, Russia, Syria, Taiwan, United Kingdom, United States.
China launching 'severe' cyber attacks on Taiwan: Minister(Economic Times) "The Chinese cyberwar units have been engaging with Taiwan units almost every day, with some severe attacks every few months," Simon Chang said. Taiwan's science and technology minister today said that China is launching frequent cyber attacks on the island despite warming ties between the two former rivals
Threats to virtual environments(Internet Storm Center) In the past few years the virtualization concept becomes very popular. A new study by Symantec discussed the threats to the virtual environment and suggests the best practice to minimize the risk
Malware targets jailbroken iOS devices, hijacks ad revenue(Help Net Security) AdThief (or Spad) is the name of a recently discovered iOS malware that has managed to infect some 75,000 jailbroken iOS devices and steal revenue from around 22 million ads in a period that spanned a little over four months
DorkBot, a Twin Botnet of NgrBot(Fortinet Blog) DorkBot is another modified IrcBot that is extremely similar to NgrBot, which is why many antivirus software treat them the same way, oftentimes using the same detection. Our botnet monitoring system has even captured NgrBot and DorkBot at almost the same time. However, according to a deeper analysis of both NgrBot and DorkBot, we find that they should be treated differently
"Anonymous" attack disrupting Ferguson city government(Fox 2 St. Louis) Protests in the streets have not been the only disruption in the city of Ferguson since the shooting of Michael Brown by police. A cyber attack by the hacker group "Anonymous" has done more damage than any bottle or brick
This Phony 'Anonymous' Site Was Set Up to Trap Ferguson Hacktivists(Motherboard) As military police forces gather around Ferguson, trying to quell an angry, frustrated, and betrayed population, some people are taking their fight online. 'OpFerguson', being spear-headed by members of the hacktivism collective Anonymous, launched a couple of days ago
CyberVor Update: Hold Security Responds(BankInfoSecurity) Firm posts FAQ, defends its intentions. Hold Security continues to deal with the backlash prompted by its recent warning that a Russian cyber gang breached 420,000 web and FTP sites to pilfer more than 1.2 billion credentials.
Breach Puts Database Security Back In Spotlight(Daily Business Review) Reports of a Russian crime ring amassing 542 million unique email accounts and 1.2 billion username and password combinations once again raises questions about database security
A Survey of Remote Automotive Attack Surfaces(Illmatics) Modern automobiles consist of a number of different computer components, called Electronic Control Units (ECUs). Each automobile contains from 20-100 of these devices, with each ECU being responsible for one or more particular features of the vehicle. For example, there is an ECU for seatbelt tightening, one for monitoring the steering wheel angle, one to measure if a passenger is in the car, one to control the ABS system, and so on. These ECUs need to pass data to one another so they can make decisions on how to act. For example, an ECU may act differently depending on if the car is in drive or reverse or whether it is moving or stationary
Lockheed buying up suppliers? Chalk it up to serendipity, says one exec(Washington Business Journal) Tim Reardon, chief of Lockheed Martin Corp.'s defense and intelligence solutions group, acknowledged that some have surmised that Lockheed is buying up its suppliers, in an attempt to bring capabilities under its own umbrella and perhaps trim costs tied to the supply chain. So is it?
Products, Services, and Solutions
ESET releases new SOHO security SKUs(ChannelLine) Slovakian-based security software maker ESET has announced two new solutions for the Small Office/Home Office (SOHO) market: ESET Multi-Device Security Home Office and ESET Small Office Security
ANSSI key measures to improve the cybersecurity of industrial control systems(ANSSI) Since February 2013, industrial stakeholders (final users, vendors, integrators, professional organizations, etc.) and French governmental entities have been working together as part of a working group, lead by ANSSI, which aims at elaborating concrete and practical proposals to improve the cybersecurity of critical infrastructures
Wireless Auditing, Intrusion Detection & Prevention System(Ethical Hacking) WAIDPS is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is 'MAC filtered' or 'hidden SSID' and there isn't any existing client at that moment
SAMHAIN v3.1.2 Released(Toolswatch) The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes
Hybrid Cloud Security: New Tactics Required(InformationWeek) Interested in shuttling workloads between public and private cloud? Better make sure it's worth doing, because hybrid means rethinking how you manage compliance, identity, connectivity, and more
The Three Cyber-Security Challenges Facing Nato(International Business Times) Cyber is already an integral part of all conflicts and wars in today's world. For NATO there is plenty of work and planning ahead, before it, as alliance, is a credible player in the cyber domain. NATO must pay special and rapid attention improving its Article 5 policy and collective cyber capabilities, and also remind its member-states that collective cyber credibility begins with countries' own cyber defences. Decisions and guidelines are needed in the Nato Summit in September
The story behind DOT's cyber makeover(FCW) Richard McKinney says that when he came to the Transportation Department as CIO in May 2013, the agency's reputation for cybersecurity was dismal — marked by insufficient staff, inconsistent tools and siloed visibility
Who Receives Hacker Threat Info From DHS?(Nextgov) Health care, banking and other key sectors at risk of cyberattacks have not joined a Department of Homeland Security program required to offer these industries protections against a potential catastrophic hack, according to federal inspectors
Agencies slow to move out on DHS cyber program, survey says(Federal News Radio) A year after the Department of Homeland Security formally launched its effort to move agencies toward a continuous diagnostic and mitigation approach to cybersecurity, things are off to a slow start. On the plus side, the agencies that have gotten the ball rolling already are seeing good results
Cyber Uncertainty [National Guard](TMC Net) Governors want to tap the Guard's growing cyber capability. The Guard wants to help, but a lack of clear policy from Washington is an impediment
Litigation, Investigation, and Law Enforcement
Snowden: lies pushed me over the edge(AFP via Yahoo! News) Edward Snowden says dishonest comments to Congress by the US intelligence chief were the final straw that prompted him to flee the country and reveal a trove of national security documents
Snowden's New Lies for Old(XX Committee) WIRED has a new interview with Edward Snowden, conducted over several days in Moscow, which claims to be the most significant media discussion with the world's most famous IT contractor since he fled to Russia in June of last year. I won't comment on the magazine cover shot, with Ed wrapped in Old Glory, representing an American super-patriot, which is a rare breed in Putin's Russia
USIS Breach May Open Door To Foreign Agent Recruitment(HS Today) The largest provider of background investigations for the Department of Homeland Security (DHS) recently became the latest victim of a major cyberattack that may have compromised the personal information of employees, prompting the government to suspend its work with the firm
US construction company sues bank over cyber-heist(Computing) A US heavy industrial construction company is sueing its bank after losing $327,000 in a cyber attack, claiming negligence on the part of the bank and breach of contract after it was subject to a "corporate account takeover" in a sophisticated sting
IG: Former DARPA head promoted own company, violating rules(Military Times) A former director of the Defense Advanced Research Projects Agency used her influential position to help shine a spotlight on a high-tech research company that she created, actions that the Defense Department Inspector General says violated ethics rules
US Companies Still Mine Europeans' Private Data despite Promises, CDD says(Hot for Security) Dozens of US tech companies, including Adobe Systems, AOL and Salesforce.com, continue to violate Europeans' privacy despite promises to comply, according to the Center for Digital Democracy. The advocacy group filed a complaint against 30 data brokers, tech giants and data management firms that promised to better handle personal information of EU residents
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Build IT Break IT Fix IT: Build IT(Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.