The FBI warns the US military of against the possibility of ISIS attacks against military personnel inside the United States, and strongly advises security and counterintelligence scrubbing of service (and service member) social media accounts.
The chair of the US House Intelligence Committee sees Iranian cyber attacks spiking should nuclear talks with the Islamic Republic break down.
The Sony hack (which the North Koreans decline to disavow, although they don't actually claim credit) prompts another FBI warning, this time to businesses. Reports say the Bureau regards the risk to corporate enterprises as high, and, because of the probability of data destruction, unusually dangerous. (Data corruption is a serious and lingering problem: the US Postal Service, for example, won't be releasing its required annual financial report because it cannot determine whether the hack it sustained this summer altered business data.)
Yesterday's news of apparently successful financial market manipulation remains the subject of analysis and speculation. "FIN4," as FireEye calls the group responsible, used sophisticated spearphishing (backed up by clever manipulation of email filters and warnings) to steal credentials and gain access to information on targeted companies. Most interested in healthcare and pharma, FIN4 sought data material to stock prices, notably merger-and-acquisition information. Observers think this was a criminal as opposed to state-sponsored operation, probably conducted by native or near-native speakers of English based in North America or Western Europe. That FIN4 was current in American investment-banking argot is telling. An interesting case of social engineering: phishing remains very much a threat.
Today's issue includes events affecting Bermuda, Brazil, Canada, China, Cuba, European Union, Germany, India, Iran, Iraq, Democratic Peoples Republic of Korea, Pakistan, Syria, Russia, United Kingdom, United Nations, United States.
The CyberWire will be covering the 2014 SINET Innovation Showcase this week, live tweeting from the National Press Club tomorrow and Thursday, with special issues devoted to the event.
Iran May Escalate Cyberattacks if Deal on Nukes Falls Through(Dark Matters) House Intelligence Committee chairman Mike Rogers believes that Iran could escalate the number of cyber attacks targeting U.S. critical infrastructure should there be a failure to reach an accord over the nation's controversial nuclear program
Hackers Using Lingo of Wall St. Breach Health Care Companies' Email(New York Times) For more than a year, a group of cybercriminals has been pilfering email correspondence from more than 100 organizations — most of them publicly traded health care or pharmaceutical companies — apparently in pursuit of information significant enough to affect global financial markets
Did Hackers Gain an Edge on Wall Street?(Wall Street Journal) Computer-security firm FireEye FEYE -0.63% has told the Federal Bureau of Investigation that a group of cyberthieves may be attempting to gain an edge on Wall Street by targeting chief financial officers, advisory firms and others involved in mergers, acquisitions and other market-moving events
FBI Warns US Firms of Destructive Malware Attacks(Infosecurity Magazine) The FBI has been forced to issue a confidential flash warning to US firms claiming they are at risk of a new destructive malware campaign designed to wipe corporate data, in a move which may have been presaged by the attack on Sony Pictures last week
Spies listening to Island's communications(Royal Gazette) Bermuda's undersea communications cables are monitored by UK and US security services, according to documents leaked by former National Security Agency (NSA) contractor Edward Snowden
Dridex Phishing Campaign uses Malicious Word Documents(Internet Storm Center) During the past few months, Botnet-based campaigns have sent waves of phishing emails associated with Dridex. Today, we'll examine a wave that occurred approximately 3 weeks ago. The emails contained malicious Word documents, and with macros enabled, these documents infected Windows computers with Dridex malware
Operation DeathClick(Infosec Institute) The era of spear phishing and the waterhole attack, which uses social engineering, has come to an end. Hackers are now moving their tricky brains towards targeted Malvertising — a type of attack that uses online advertising to spread malware. A recent campaign termed "Operation death click" displays a new form of cyber-attack focused on specific targets. The attack is also defined as micro targeted malvertising. In this newly targeted variation of malvertising, the hackers are attacking their victims using micro targeting techniques and real time bidding — a recent technology that helps to post ads based on user interests
Cyber Attack Monday in City of Fort Lauderdale(Fort Lauderdale Sun-Sentinel) Cyber Monday became Cyber Attack Monday as the hacker group Anonymous made good on a threat to crash the city's website because of recent laws the city has passed regulating homeless behavior
'Cyber Attack' Means No Digital Access to Supervisors' Agendas(Lost Coast Outpost) If you're someone who checks Humboldt County Board of Supervisors agendas Monday nights to decide whether or not to attend the Tuesday meetings, well, first of all, that's kinda weird, but secondly, we have bad news. The company that makes those agendas available online "was hit by a cyber attack today," according to the county, so the agenda for tomorrow's meeting is not available through the Internet tubes
The 10 Biggest Bank Card Hacks(Wired) The holiday buying season is upon us once again. Another event that has arrived along with the buying season is the season of big box retailer data breaches
8 holiday scams and mistakes to avoid(CSO) You're not the only one feeling merry and bright this holiday season — so are the criminals! This time of year provides them with plenty of opportunities for Scrooge-worthy scams. Here's how to ensure all they'll get is coal in their stocking
Security Patches, Mitigations, and Software Updates
OpenVPN Versions Released Since 2005 Affected by DoS Flaw(SecurityWeek) The developers of OpenVPN have released a new version of the open-source virtual private network software to address a critical denial-of-service (DoS) vulnerability that can be exploited to cause servers to crash
The persistent threat of data breaches(Help Net Security) Preventing and managing data breaches have become two of the highest priorities facing businesses today. Many evolving factors such as new threats, regulatory changes and technological advances make the data breach landscape difficult to navigate
Data Management: Brace for the Breach(Medical Marketing and Media) The specter of a massive hack is haunting the healthcare industry. As it turns out, that might not necessarily be a bad thing for everyone involved
Data loss and downtime costs enterprises $1.7 trillion(Help Net Security) Data loss and downtime cost enterprises $1.7 trillion in the last twelve months, or the equivalent of nearly 50% of Germany's GDP. Data loss is up by 400% since 2012 while, surprisingly, 71% of organizations are still not fully confident in their ability to recover after a disruption, according to EMC Corporation
Cyber attacks impact purchasing behavior(Help Net Security) As U.S. consumers head to malls and retail websites this holiday season, they do so increasingly concerned about the safety and security of their personal information. In fact, according to KPMG, more than half of consumers are either unsure or not confident at all in the security of their personal information when shopping both in-store (58 percent) and online (63 percent)
The KEYW Holding Corporation (KEYW) Drops 5.18% on December 01(Equities) The KEYW Holding Corporation (KEYW) was one of the Russell 2000's biggest losers for Monday December 01 as the stock slid 5.18% to $10.25, a loss of $-0.56 per share. Starting at an opening price of $10.75 a share, the stock traded between $10.25 and $10.91 over the course of the trading day. Volume was 202,788 shares over 1,742 trades, against an average daily volume of 302,449 shares and a total float of 37.59 million
Intel acquires digital identity manager PasswordBox(Help Net Security) Intel acquired PasswordBox, a provider of a cross-platform identity management service that gives users a way to log into all of their websites and applications from any device without having to type or remember passwords
Senate Explores Outsourcing Security Services(InformationWeek) The US Senate might outsource core cyber security support to a managed security service. Candidate tasks include network security monitoring, threat analysis, incident reporting, vulnerability analysis, and security engineering and research
WatchGuard launches next-gen firewalls(Trade Arabia) WatchGuard Technologies, a leader in multi-function firewalls, has launched next-generation firewall (NGFW) and unified threat management (UTM) appliances specifically engineered for mid-size and distributed enterprises
TrustPipe's Breakthrough Marker-Based Security Technology Helps Make Computers and Devices Virtually Hack-Proof(Broadway World) TrustPipe's Breakthrough Marker-Based Security Technology Helps Make Computers and Devices Virtually Hack-Proof After two years of testing in real-world deployments and at West Coast Labs, digital security vendor TrustPipe emerged from stealth mode today to introduce its breakthrough, marker-based security technology — offering a superior alternative to signature- and heuristic-based security, and helping to make computers and other devices virtually hack-proof
SANS to host advanced InfoSec training in Dubai(Trade Arabia) A leading InfoSec training event is set to offer three intensive training courses on hacker techniques, web app penetration testing and reverse-engineering of malware in Dubai, UAE next month
Technologies, Techniques, and Standards
NSA Opens Up Data Automation Software For Public Use(Forbes) The Apache APA -0.44% Software Foundation (ASF) has worked with the National Security Agency (NSA) on the release of Niagarafiles (or Nifi, to the initiated) technology designed to "automate data flows" among multiple computer networks. The software is free and open source (so is available to the public) through the Apache Software Foundation. But why is automating data flows important?
Researcher Releases Database of Known-Good ICS and SCADA Files(Threatpost) A prominent security researcher has put together a new database of hundreds of thousands of known-good files from ICS and SCADA software vendors in an effort to help users and other researchers identify legitimate files and home in on potentially malicious ones
Bitcrypt: Encrypted Messages in the Blockchain(Cryptocoins News) The Bitcoin blockchain has been the scene of quite a bit of innovation beyond its currency application. There are passports, applications for fiat currency banking, and there is even talk of artificial intelligence based on the technology
Cybersecurity concept for unmanned systems(Help Net Security) The University of Virginia School of Engineering and Applied Science Department of Systems and Information Engineering announced the success of an early-stage demonstration to improve defenses for unmanned aerial vehicles against cyber attacks. U.Va.'s System-Aware Cybersecurity concept and Secure Sentinel technology were tested in collaboration with Georgia Tech Research Institute through a series of live flight cyber-attack scenarios
Legislation, Policy, and Regulation
UN Committee Adopts Resolution on Right to Privacy in the Digital Age(Council on Foreign Relations) On November 25, 2014, the third committee of the UN General Assembly adopted a resolution that calls on states to "respect and protect the right to privacy" in the digital age. The resolution is the follow-up to a very similar motion that Germany and Brazil sponsored last year in response to the Snowden revelations. Germany and Brazil led the adoption of this year's resolution and secured over thirty-five cosponsors including Cuba and Russia, countries not necessarily known as beacons of online privacy
EU panel says 'right to be forgotten' should be worldwide right(FierceBigData) Google is under fire again with Europe at the trigger. The European Union issued new guidelines to extend the 'right to be forgotten' privacy protection for European citizens beyond European search sites. This clarification aims to push Google and other search engines to take down links across all their sites and services, without exception
Computers and a need for defense(Lompoc Record) As folks in the Northeast were shoveling their way out of 7 feet of snow — a month before winter's official start — and while politicians in Washington sniveled about Obamacare and immigration, the chief of America's intelligence community explained how foreign hackers could take out the U.S. electric power grid
DNI Clapper Establishes the National Counterintelligence and Security Center(Office of the Director of National Intelligence) Director of National Intelligence James R. Clapper announced today the establishment of the National Counterintelligence and Security Center. National Counterintelligence Executive William "Bill" Evanina will assume the additional role as the NCSC Director
Editorial: A full-time cyberdefense(Albany Times Union) The Issue: New York's U.S. senators want to enlist the National Guard in defense against cyber attacks. The Stakes: The threat is legitimate, but ensuring cyber security is a full-time job
How the Pentagon plans to bolster cloud security(FCW) The latest installment in the Defense Department's quest to find the right blend of security and affordability in the commercial cloud came in the form of a report released by the DOD CIO's office. The report offers "cradle-to-grave" guidance for commercial cloud providers and DOD customers, acting DOD CIO Terry Halvorsen wrote in a prefacing memo
U.S. Justice Department names new counterespionage chief(Reuters) The U.S. Department of Justice has named an experienced former federal prosecutor to oversee its counterespionage efforts, part of a broad restructuring of the national security prosecution team to deal with cyber attacks and the threat of sensitive technology ending up in the wrong hands
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
Healthcare Cyber Security Summit 2014(San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)2 Security Congress, now in its fourth year, (ISC)2 Security Congress EMEA will offer a complementary and unique opportunity within the Europe Middle East...
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...
ACSAC 30: Annual Computer Security Applications Conference(New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...
Tax Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...
Cybersecurity 2015: Beyond the Breach(Washington, DC, USA, December 9, 2014) With each new cybersecurity attack businesses lose millions, governments lose information and citizens lose trust. At the end of a year where these attacks regularly dominated headlines, what's ahead for...
ICFPT 2014(Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...
Cybersecurity World Conference(New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.