Eastern Europe sees some nefarious cyber activity. Hackers claim to have pwned Serbia's state network, and with it personal information of essentially all citizens. Kaspersky reports that various Russian enterprises have been afflicted by the "Cloud Atlas" cyber espionage campaign.
In the US and UK, concerns mount over a potential Iranian threat to critical infrastructure as the FBI renews warnings to businesses and the import of Cylance's report on "Operation Cleaver" sinks in. Some observers note Iran's record of episodic cooperation with North Korea.
Whether or not North Korea will turn out to be implicated in the attack on Sony, that company's troubles continue to multiply. (IEEE Spectrum compares the situation to a digital Exxon Valdez.) More information has leaked, and soi-disant "Guardians of Peace" hackers who claim responsibility for the attack promise more — a "Christmas gift." Sony's legal response may have advanced from the "don't-sue-us-dude" to the "dude-we'll-sue-you" phase as loss of IP and production delays begin to bite. Observers draw lessons from the attack — the value of continuous monitoring and concentration of protection on essential data — and think governments in particular should take note.
Other risks are found: a worm is exploiting Shellshock to backdoor QNAP network-attached storage devices, Dyre continues to spread, Google blacklists over 100,000 websites for SoakSoak infections, and the Turla Linux version is found in Solaris boxes.
Industry news includes BAE's closure of two acquisitions and new funding for Palantir, CipherCloud, and DB Networks.
Cyber legislation seems more likely to clear the US Congress.
Today's issue includes events affecting Belarus, Belgium, Canada, Finland, Germany, India, Iran, Iraq, Israel, Kazakhstan, Democratic Peoples Republic of Korea, Lithuania, Isle of Man, Norway, Oman, Russia, Serbia, Sweden, Syria, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
Hackers Hack into Serbia's State Network and IDs of all Serbians(Tech Worm) It seems that identities of almost all Serbians are at the risk of their personal information being leaked or used for malicious intent as a result of a hack on Serbian State's network. Five hackers have claimed that they hacked in the internet backbone of the Serbian Identity system and stolen ID numbers of almost all citizens of Serbia. Though the has not been confirmed by the Serbian authorities, the hackers have leaked a screenshot of what seems to be details of Serbian citizens
North Korea And Iran: Partners In Cyber Warfare?(Forbes) North Korea has denied any involvement in the massive hacking attack last month on Sony Pictures Entertainment, and absent evidence clearly pinning the deed on Pyongyang, it may be fair to keep an open mind. With investigators still digging into the case, it's too soon to rule out a role in the attack by some of North Korea's closest friends — for instance, Iran
Iran Poses Huge Worldwide Cyber Threat(Sci-Tech Today) "Hopefully the Operation Cleaver report serves as a wake up call for global critical infrastructure providers," writes Cylance CEO and founder Stuart McClure, the man behind a riveting new report that positions Iran as the number one threat to global cyber security
What I Took Away From The Operation Cleaver (#OpCleaver) report(Threat Brief) If you track cyber security you have no doubt heard of the recently published report by Cylance titled Operation Cleaver. It has been extensively referenced in the press (including here and here) and has generated significant dialog among practitioners, pundits and policy wonks including on Twitter with the hashtag #OpCleaver. The report was so good and so well documented it resulted in the FBI taking the action of publishing special alerts warning infrastructure providers of possible Iranian cyber attacks. This was a very important report
Why the Sony hack should scare feds(FCW) Sony Pictures Entertainment was brought to a virtual standstill by the recent cyberattack and the damage it caused.
As the fallout from the unprecedented electronic attack on Sony Pictures Entertainment continues, cybersecurity experts said federal IT managers — while likely facing no immediate threat from the group that attacked Sony — should be paying close attention
How Not to Be Sony Pictures(IEEE Spectrum) The scope of the recent hack of Sony Pictures — in which unidentified infiltrators breached the Hollywood studio's firewall, absconded with many terabytes of sensitive information and now regularly leak batches of damaging documents to the media — is only beginning to be grasped. It will take years and perhaps some expensive lawsuits too before anyone knows for certain how vast a problem Sony's digital Valdez may be
Hacking after Sony: What companies need to know(CBS News) The massive breach at Sony Pictures has raised fears that cyber crime is outpacing corporate security and that hackers have achieved a new height of technical ingenuity in their attacks. But experts tell CBS News there's more to the story — and that while not every hack can be prevented, some of the damage can be
Revealed: spy equipment in central Oslo(The Local (Norway Edition)) Spy equipment that can be used to eavesdrop on the mobile phones of politicians and ordinary Norwegians has been discovered in several places in the Oslo area, including close to the country's parliament, newspaper Aftenposten has revealed
Spammers Accelerate Dyre Distribution(ThreatTrack Security Labs) ThreatTrack Security Labs researchers continue to monitor the evolution Dyre (aka Dyreza), the banking-credential-stealing Trojan that appears to be quickly filling the gap left by the takedown of GameOver Zeus
Pirated Assassins Creed Spreads Malware(Infosecurity Magazine) Assassins Creed, that wildly popular mobile and console video game, will take players to the French Revolution, World War II, or even to the Crusades as part of the Knights Templar. But a fake version will take users somewhere else entirely: to the great Malware War of 2014
'Security by Antiquity' Bricks Payment Terminals(KrebsOnSecurity) Last week, several thousand credit card payment terminals at various retailers across the country suddenly stopped working, their LCD displays showing a blank screens instead of numbers and letters. Puzzled merchants began to worry that this was perhaps part of some sophisticated hacker attack on their cash registers. It turns out that the incident was indeed security-related, but for once it had nothing to do with cyber thieves
BitDefender Exposes Potential Android Wear Vulnerability(TechAeris) Bluetooth communication is great, but how secure is it really? A team at BitDefender — an Antivirus company — wanted to find out just how much information could be intercepted from the communication between an Android phone and an Android Wear device. Just how much they were able to see might be surprising
Norse Discovers Buffer Overflow Vulnerability In FreeBSD(Dark Reading) Norse, the leader in live attack intelligence, today announced that its engineering team discovered a buffer overflow vulnerability in FreeBSD, which was shared with the FreeBSD security team and announced in their FreeBSD-SA-14:27.stdio security advisory
Employment Websites in Belgium Hacked by Rex Mundi(Softpedia) The servers of Tobasco.be and Z-Staffing.org have been breached by an entity operating under the name of Rex Mundi, which extracted sensitive information about job applicants and published it online
University of California, Berkley suffers data breach(CSO) On September 16th of this year, the servers that were used for the capital projects and physical plant units at the University of California, Berkley were compromised. The breach involved servers and workstations in the Real Estate division which is responsible for commercial leasing and campus filming and facility use permits to name a few of their functions
Holiday Downtime Brings Big Risk for Enterprises(Infosecurity Magazine) A combination of irresponsible user behavior and weaknesses in the protection of networks could create more risks for data breaches during the holiday period than at any other time
Cyber Attack Sends Sweden Offline(CardsChatNews) Telia, the largest Internet service provider in Sweden, released details of its outage that occurred Tuesday evening and intermittently throughout Wednesday
Bulletin (SB14-349) Vulnerability Summary for the Week of December 8, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Microsoft to end browser toolbar mayhem(Myce) Starting next year, Microsoft will be stricter on toolbars and other software that make changes to a browser without the explicit permission of the user. This includes applications that limit users in the choice of search engines or that mislead users in tricking them to change their default search engine or homepage
Avast CEO: Cyber attacks 'less dangerous' than dropping bombs(Wired) State-sponsored cyber attacks are less damaging than "dropping bombs" according to Vince Steckler, CEO of antivirus firm Avast. The threat of government spy agencies is also exaggerated, with Android alarm clock apps more of a danger to ordinary people
Security Trends 2015: CISO Needs To Think Differently(CXO) With cyber attacks getting more sophisticated by the day, security will continue to remain a major concern for enterprises in 2015. As adoption of cloud and mobility is on the rise, data security gets significant focus, as threats and risks are high
Security concerns will dampen cloud enthusiasm in 2015: WatchGuard(CSO Australia) Ongoing concerns about the security of cloud-hosted data will drive many companies to put their cloud initiatives on the back burner in 2015, security firm WatchGuard has predicted as it singles out the most and least concerning security trends for the new year
Biometrics could hold key for secure BYOD(FierceMobileIT) Security remains a concern for companies considering or implementing a BYOD program. One solution to improve the security of mobile devices is biometrics, the use of human characteristics, such as fingerprints, for identification
Prepare for Cyber Armageddon(Real Clear Defense) The United States is woefully unprepared to deal with the inevitability of a major cyber attack. Recent hacks of private companies such as Sony, Home Depot, Target and the like are warnings of greater dangers to come; like the proverbial canary in the coal mine. These companies don't represent critical infrastructure such as the power grid, banking system, food distribution and storage or air traffic control. A successful attack on any one of these could bring this country to its knees
Business Briefs: CipherCloud Raises $50 Million in Funding(IndiaWest) San Jose, Calif.-based CipherCloud, a provider of cloud information protection, has closed an $50 million round of financing led by Transamerica Ventures, with participation by Delta Partners and existing investors Andreessen Horowitz and T-Venture, the venture capital arm of Deutsche Telekom
The Curious Case of FireEye (NASDAQ: FEYE)(Financial Buzz) 2014 has been, among other things, a year full hacks. Numerous cyber attacks on large businesses taught us that hackers are becoming more sophisticated, and more dangerous. Starting from the damaging attacks on retailers like Target (NYSE: TGT), Staples (NASDAQ: SPLS), entertainment companies like Sony (NYSE: SNE), which has been hacked twice, one attack targeted the PlayStation network, and the second targeted Sony Pictures in a successful attempt to damage property and reveal private information. Just to make the cyber-attack wave a little scarier than it already is, Turkey may have witnessed one of the first cyber attacks that caused physical damage to infrastructure, making an oil pipeline explode
AEGIS launches first cyber insurance product(Actuarial Post) AEGIS London, a Lloyd's of London syndicate, launches the first cyber insurance product to offer property damage, bodily injury, environmental pollution and cyber terrorism wrapped around existing policies
TraceSecurity and Rapid7 Partner to Add Value for Shared Customer Base(Thomasnet) TraceSecurity, a pioneer in cloud-based IT Governance, Risk and Compliance (GRC) management solutions, and Rapid7, a leading provider of security analytics software and services, today announced an integration partnership that teams the market-leading strengths of each company and enables mutual customers to leverage Rapid7's vulnerability management data when deploying their information security and compliance programs using TraceSecurity's TraceCSO
ESET Launches All-New Business Security Suite(PRNewswire) ESET®, a global leader in proactive internet security protection, today announced the launch of its all-new business security suite, with seven completely redesigned and reengineered solutions available now in North America
Porticor Honored for Innovative Cloud Key Management(Newsfactor) Porticor®, a leading cloud data security company delivering the only cloud-based key management and data encryption solution that infuses trust into the cloud and keeps cloud data confidential, today announced that TMC, a global integrated media company, has named the Porticor Virtual Private Data™ (VPD) platform as a 2014 Cloud Computing Product of the Year Award winner
BestCrypt By Jetico Is OPSWAT Gold Certified Disk Encryption(BusinessWire) Jetico, pioneer in disk encryption software, is pleased to announce that BestCrypt Volume Encryption has now received OPSWAT Gold Certification. By being compatible with leading technology solutions that employ the OESIS Framework, Jetico's certified encryption can be used alongside many other technologies, ensuring a seamless user experience
StarLink becomes Splunk distributor in Middle East, Turkey and Africa(IT Web) StarLink, the region's trusted security-specialised "true" value-added distributor (VAD), today announced an agreement with Splunk, provider of the leading software platform for real-time operational intelligence, to become a distributor of Splunk software. StarLink will distribute Splunk products through its extensive network of channel partners to enterprise and government customers in the Middle East, Turkey and Africa
Security Risks and Benefits of Docker Appllication Containers(Lenny Zeltser on Information Security) Running applications in containers rather than virtual machines is gaining traction in the IT community. This ecosystem presently revolves around Docker, a platform for packaging, distributing and managing Linux apps within containers. Though this technology is not very mature yet, it will evolve along the trajectory similar to that of VLANs and virtual machines. In the meantime, let's explore the security risks and benefits of using such containers
Cloud Regulation(Cloud Tweaks) When talking about cloud and regulation in financial services, it is important to approach it with a clear understanding of the typical policies that your national regulator will require you to adhere to
HIPAA security compliance: How risk tolerant are you?(Help Net Security) At the heart of HIPAA lies a set of core security tenets for which every affected organization is responsible. These fundamentals are absolutely non-negotiable — but the Security Rule as a whole actually allows for a certain degree of flexibility in how requirements are implemented. When it comes to HIPAA compliance, many organizations lose sight of the fact that they have the power to balance risk and keep costs down
Northrop Grumman Does K-12 STEM Ed Both Nationally and Locally(Inside Philanthropy) Given its aerospace and defense technology corporate inclination, it's no surprise that Northrop Grumman places primary focus on STEM education, including emphasis at the K-12 level. What makes Northrop Grumman unique is that it places parallel emphasis on national STEM education programs and local STEM education programs
SANS, CSIS unveil cyber scholarships for Air Force vets(FCW) The SANS Institute and the Center for Strategic and International Studies are offering cybersecurity training scholarships for 12 veterans of the Air Force. It is the pilot phase of a broader program to get veterans top public- or private-sector jobs in cybersecurity
National Centre of Cyber Security will start functioning as of 2015 in Lithuania(Baltic Course) The National Centre of Cyber Security formed on the basis of a section of the Ministry of National Defence will be inaugurated on 1 January, as provided for in the amendments of the Law on Cyber Security and other related legal acts approved by the Seimas of Lithuania on 11 December, informs BC the Ministry of National Defence
Congress Passes Four Cybersecurity Bills(National Law Review) Congress approved a package of four cybersecurity bills after a series of votes in the House and Senate this week, increasing the likelihood that some cybersecurity-related legislation will be enacted by the end of the year
FBI outlines proposals for dealing with cybercrime to Congress(WeLiveSecurity) Joseph Demarest, assistant director at the FBI, has been testifying on the threats of cybercrime to a Senate Committee on Banking, Housing and Urban Affairs, and Network World reports that the agency has three specific recommendations of how Congress could assist with the ever-evolving problem
Who Might Control Your Telephone Metadata(Schneier on Security) Remember last winter when President Obama called for an end to the NSA's telephone metadata collection program? He didn't actually call for an end to it; he just wanted it moved from an NSA database to some commercial database
How cyber-vigilantes catch paedophiles and terrorists lurking in the dark web(International Business Times) Buying marijuana, cocaine and heroin has never been easier. Neither has finding a contract killer or viewing horrifying pornography. The dark web — the dark underbelly of the internet — is growing and allowing users to surf beneath the ordinary surface web with almost complete anonymity
SpamHaus, CloudFlare Attacker Pleads Guilty(KrebsOnSecurity) A 17-year-old male from London, England pleaded guilty this week to carrying out a massive denial-of-service attack last year against anti-spam outfit SpamHaus and content delivery network CloudFlare, KrebsOnSecurity has learned
Indian Police Arrest 'Jihadi Tweeter'(SecurityWeek) Indian police on Saturday arrested a 24-year-old executive believed to be the handler of an influential Twitter account supporting the Islamic State group, officials said
Cybersecurity World Conference(New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting...
FloCon 2015(Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
FIC 2015(Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.