The Sochi Olympics open at week's end, and mainstream media issue alarmist warnings that Russian security services will hack every spectator's devices. A bit breathless, but wariness and pessimism are surely justified (as they are, to a lesser extent, wherever one travels).
Reports circulate that Britain's GCHQ counterattacked Anonymous with a denial-of-service campaign. This week's earlier reports that GCHQ and NSA hacked a Belgian academic cryptographer are undermined by the purported victim, who calls de Standaard's evidence inconclusive and its conclusions premature.
The Target breach took longer to contain than previously thought. Stolen card data are turning up in the hands of Eastern European criminals (some of whose governments may, allege FireEye and Damballa, be offering the gangs protection). US retailers lament before the Senate that the cyber criminals seem to have the upper hand. Target, meanwhile, works on a more secure pay card.
Coders in Belarus claim to have written portions of the US Affordable Health Care Act (a.k.a. Obamacare) site. Questioned about whether this indicates vulnerability, US officials deny contractors used Belarusian software. (Observers claim, however, that some US Government IT contractors have outsourced portions of other projects to coders in former Soviet republics.)
Prolexic claims denial-of-service attacks can be used to manipulate stock prices.
Researchers demonstrate IFrame injection attacks via PNG image metadata.
Adobe issues an emergency Flash patch.
IBM, Microsoft, UCLA, and MIT researchers report crypto breakthroughs.
US Representative Sensenbrenner says Congress will curtail bulk metadata collection.
Colombia investigates allegations of army surveillance of FARC talks.
Today's issue includes events affecting Belarus, Belgium, Bulgaria, Colombia, Czech Republic, European Union, Germany, Republic of Korea, Poland, Russia, Slovenia, Syria, United Kingdom, United States.
Cyber risks awaiting visitors and viewers of Sochi 2014 Olympics(Help Net Security) The 2014 Winter Olympics are set to start on Friday in Sochi, a Russian city located on the shores of the Black Sea. There have been many controversies regarding this choice of host city (and country), but also when it comes to the expected blanket communication surveillance — communication interception, metadata collection, etc. — that Russia will effect during the Games
To Merrillville or Sochi: How Dangerous is it to travel?(Internet Storm Center) Our reader Rodney sent us a link to a story that apparently aired on NBC Nightly News last night: "I was wondering if someone could do a piece on the report that was on NBC's Nightly News last night (see link below) regarding connecting personal devices like smart phones and laptops to the Internet while in Sochi for the Olympics. The first video leaves out some details that the second video reveals. The first video aired on NBC, the second did not. It seems as if the first video was sensationalism. The second video revealed that the journalist had willingly clicked on links to download the malware. The first video made it look like they only had to connect to become infected. I know that it can happen, but they made it sound like it will definitely happen"
Watch Out for Olympic Spam, Phishing, Malware(PC Magazine) While much of the world's scrutiny has focused on the possibility of a terrorist attack at the XXII Olympic Games in Sochi, Russia, "there are several cyber-related risks to consider," the Department of Homeland Security warned in an advisory
These Guys Battled BlackPOS at a Retailer(Krebs on Security) Ever since news broke that thieves stole more than 40 million debit and credit card accounts from Target using a strain of Point-Of-Sale malware known as BlackPOS, much speculation has swirled around unanswered questions, such as how this malware was introduced into the network, and what mechanisms were used to infect thousands of Target's cash registers
Misleading advertisements lead to hijacked browser settings(Naked Security) Advertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation
Windows, IE, Java are most vulnerable(Help Net Security) When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what's more, the number of critical vulnerabilities has also risen — although
DDoS Attacks Against Global Markets(Prolexic Knowledge Center) Are DDoS cyber attackers trying to manipulate stock prices and trading markets? The DDoS experts in Prolexic's Security Engineering and Response Team think so. This PLXsert white paper shares cyber intelligence gathered from nearly a dozen significant DDoS cyber-attacks and the resulting market effects
Possible Belarus link to ObamaCare raises concerns about cyber attack(Washington Free Beacon via Fox News) U.S. intelligence agencies last week urged the Obama administration to check its new healthcare network for malicious software after learning that developers linked to the Belarus government might have helped produce the website, raising fresh concerns that private data posted by millions of Americans will be compromised
U.S. says no evidence Obamacare software written in Belarus(Reuters) U.S. health officials have investigated whether some of the software used in computers at the heart of President Barack Obama's healthcare reform was written in Belarus, but have found no evidence of that being the case, a White House official said on Tuesday
Cybercriminals release Socks4/Socks5 based Alexa PageRank boosting application(Webroot Threat Blog) Since its inception in 1996, Alexa has positioned itself as primary Web metrics data portal, empowering Web masters, potential investors, and marketers with access to free analytics based on data gathered from toolbars installed on millions of PCs across the world. Successfully establishing itself as the most popular, publicly accessible Web site performance benchmarking tool, throughout the years, the Alexa PageRank has acted as a key indicator for the measurement of a Web site's popularity, growth and overall performance, often used in presentations, competitive intelligence campaigns, and comparative reviews measuring the performance/popularity of particular Web sites
Scams Circulate After German Email Accounts Get Hacked(TrendLabs Security Intelligence Blog) Recently, the German Federal Office for Information Security disclosed that the email accounts of up to 16 million users had been compromised. The computers of these users were infected with information-stealing malware which were used to steal these login credentials
Anonymous Slovenia Claims FBI Hacked(International Business Times) Anonymous claims it has hacked the FBI, uploading email addresses and personal information relating to the current director to online storage site Pastebin
Mozilla Releases Multiple Updates(US-CERT) The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 27, Firefox ESR 24.3, Thunderbird 24.3, Seamonkey 2.24
Mozilla adds standard password scheme for Firefox Sync service(FierceCIO: TechWatch) Mozilla is currently testing a more standard username and password system for the Firefox Sync service used by its popular Firefox browser. Firefox Sync enables users to securely synchronize their browsing data such as bookmarks, open tabs and passwords between devices
Cybersecurity Firms to Watch in 2014(Daily Finance) It seems like not a day goes by that we don't hear about the NSA spying, Russian teen hackers, or new details about the Target security breach. Our bank, email, and social network accounts are ripe for the taking. Consumers will never fully trust retailers with financial or private information again. It's another "new normal" thrust upon us, and it's here to stay
Critical Software Flaws In The Shadows(Dark Reading) Researchers are often paid for discovering and privately disclosing software security flaws to vendors and third parties, but evidence of a market shift to paid research is still lacking
Cyber University Program Named Outstanding Training Initiative of 2013 by Training Magazine(MarketWatch) Booz Allen Hamilton's BAH -0.92% Cyber University Program was named Outstanding Training Initiative of 2013 by Training magazine at an awards gala held last night in San Diego, California. Selected from among submissions by all 14 members of the Training Hall of Fame, the Cyber University program received the highest score from a panel made up Hall of Fame peers and the magazine's editors
Ex-NSA Chief Details Snowden's Hiring at Agency, Booz Allen(Wall Street Journal) Mike McConnell says Booz Allen hired Snowden because Government had vetted him. Edward Snowden, the former NSA contractor who leaked information about the agency's surveillance program, targeted Booz Allen Hamilton for employment because of its access to national security contracts, a company vice chairman said
How Satya Nadella will lead Microsoft differently(Quartz) Satya Nadella is "honored," "humbled," and confident about Microsoft's future. In his open letter to Microsoft employees, Nadella checked all of the boxes for a CEO introduction. The letter also serves to distance the company from outgoing CEO Steve Ballmer and its recent past, and lays out a philosophy of leadership that promises to be less abrasive, and to acknowledge how far behind the company is in things like cloud services and mobile
Security Software Firm Avast Gets CVC Capital Investment, Now Valued At $1B(TechCrunch) The rise in malware and online security threats continues to give a big boost to companies that are looking for ways to make the connected world a bit safer. Avast, one of the bigger PC and mobile security software firms that competes against the likes of Microsoft, Symantec and McAfee (Intel) for consumer and enterprise business, today announced a major investment: CVC Capital Partners
Jeremiah Grossman Becomes Interim CEO At WhiteHat Security(Dark Reading) WhiteHat Security, the Web security company, today announced that effective immediately, Jeremiah Grossman, company founder, has accepted the Board of Directors offer to lead the company as its interim CEO following the resignation of former CEO Stephanie Fohn. Grossman, the company's founding CEO, has served as the company's CTO since 2004 and plans to maintain focus on company growth and innovation in the web security space
Defending Against Tor-Using Malware, Part 2(TrendLabs Security Intelligence Blog) Last week, we talked about what Tor is, how it works, and why system administrators need to be aware of it. Now the question is: should I block Tor, and if I do decide to do that, what can be done to block Tor
What Every CISO Should Learn From the Target Attack(Wall Street Journal) A remediation-centric cyber defense is not enough. Today's threat environment demands that companies or agencies have a predictive edge to sense and preempt coming attacks, writes Guest Contributor Mike McConnell, former Director of National Intelligence
How to Call Ransomware's Bluff(PC Magazine) If your files have been taken over by the CryptoLocker ransomware, you had better hope your backups are current. Sure, you can pay the ransom, but that doesn't guarantee you'll get your files freed from hostile encryption. And if ransomware has taken over all of Windows, your best bet is a bootable rescue CD. But there's a new kind of ransomware spreading, a type that really doesn't have any teeth. I'll explain how to recognize it, and how to call its bluff
Secure Browser Alternatives On The Rise(Dark Reading) The sandboxed browser on the desktop, the disposable browser session from the cloud, and now a high-security browser that by default blocks third-party cookies and online ads
Revolutionary new cryptography tool could make software unhackable(ExtremeTech) A team of researchers from IBM and Microsoft may have just made a breakthrough in the quest for unbreakable cryptography. The results produced by the team from UCLA and MIT offer hope that encryption could protect not just an output, but an entire program. Once believed to be too powerful to exist in any real sense, this new method of program obfuscation could lead to ultra-secure software that keeps your personal information safe from nefarious individuals
DARPA Wants Self-Destructible Computer Chips(Defense Tech) Called the Vanishing Programmable Resources, DARPA announced the program on Jan. 28 issuing a $3.5 million award to IBM to study the possibilities of developing "strained glass substrates" that would crumble into powder on command, according to the DARPA announcement
US ambassador: Merkel phone tap was stupid(The Local (German edition)) The US ambassador admitted on Tuesday the tapping of Chancellor Angela Merkel's phone by US security services was "stupid". He was speaking minutes before it emerged the phone of Merkel's predecessor was also targeted
Bericht: NSA hat auch früheren Bundeskanzler Schröder abgehört(Kledy) Der US-Geheimdienst NSA hat offenbar auch den früheren Bundeskanzler Gerhard Schröder (SPD) abgehört. Nach Recherchen der "Süddeutschen Zeitung" und des NDR wurde Schröder spätestens 2002 unter der Nummer 388 in die sogenannte "National Sigint Requirement List" aufgenommen. Die Liste legt fest, welche Personen und Institutionen überwacht werden
States look to rein in government surveillance(The Washington Post) Angry over revelations of National Security Agency surveillance and frustrated with what they consider outdated digital privacy laws, state lawmakers around the nation are proposing bills to curtail the powers of law enforcement to monitor and track citizens
Satellites, electronics next in U.S. export control reform(Reuters) The U.S. government is making "great strides" in its drive to reform unwieldy export rules, and expects to unveil proposed changes covering exports of satellites, electronics and chemicals this year, a senior White House official said Tuesday
Summit explores cyber attack risks(Belfast Telegraph) The vulnerability of Britain's essential services to cyber attack is being discussed at the first summit bringing together intelligence and security chiefs with regulators
CDS Coalition: SOFTWARE Act goes too far(FierceMobileHealthCare) In a new legislative proposal, the Clinical Decision Support (CDS) Coalition charges that a bipartisan bill introduced in October 2013 to amend the Federal Food, Drug, and Cosmetic Act "goes too far" in deregulating CDS software that requires regulation to ensure the health and safety of patients
Legal complexities, uncertainties face mHealth app developers(FierceMobileHealthCare) Mobile health applications are affected by a patchwork of policies related to medical licensure, privacy and security protection, as well as malpractice liability--all of which must be taken under consideration by app developers
East European cyber criminals 'protected from prosecution'(SC Magazine) Respected security researcher Nart Villeneuve has controversially declared that Eastern European cyber criminal gangs — responsible for the recent attacks on Target and other major retailers — are relatively safe from arrest and prosecution
Senate cybersecurity report finds agencies often fail to take basic preventive measures(The Washington Post) U.S. officials have warned for years that the prospect of a cyberattack is the top threat to the nation and have sharply increased spending for computer security. Yet the report by the Republican staff of the Senate Homeland Security and Governmental Affairs Committee says that federal agencies are ill-prepared to defend networks against even modestly skilled hackers
Why the SpyEye Conviction is a big deal(Trend Micro Simply Security) This week in the United States, the Federal Bureau of Investigation (FBI) in Atlanta, Georgia announced that Aleksandr Andreevich Panin, a Russian national also known as "Gribodemon" and "Harderman" had pled guilty before a federal court to charges related to creating and distributing the SpyEye family of malware
Parallel Construction Revealed: How The DEA Is Trained To Launder Classified Surveillance Info(TechDirt) Last summer, Reuters revealed how the NSA and other surveillance organizations would share info with the DEA and other law enforcement agencies, but then tell them to reconstruct the evidence via a process called "parallel construction," so that the surveillance would not then be discussed in court. This is highly questionable, and probably illegal, as a defendant has the right to know all of the evidence being used against him or her, and should also be told how that evidence was gathered, to make sure the collection was legal
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
The Insider Threat: Protecting Data and Managing Risk(Online, February 11, 2014) As recent events have demonstrated, the threats from inside government have the potential to be more harmful than the hacking activities of our enemies. Protecting sensitive government information from...
Free OWASP Training and Meet Up(San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...
RSA Conference USA(San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...
Nellis AFB - Technology & Cyber Security Expo(Las Vegas, Nevada, USA, February 26, 2014) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...
Cybersecurity Tax Credits Webinar(Online, March 11, 2014) Learn about tax credits designed to help your cybersecurity company grow in Maryland. Details will be presented by Jeffrey Wells, Executive Director of Cyber Development and Mark Vulcan, Esq., CPA, Program...
ICS Summit 2014(Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset...
MCT-Congress: Going Mobile with Clinical Trials(Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.