Officials and researchers continue to warn those attending the Sochi Olympics (or even watching from home) of the games' attendant cyber risks.
The Syrian Electronic Army made an attempt on Facebook's domain, but two-factor authentication and registry lock apparently kept the would-be DNS hijackers out.
This week's hasty Adobe Flash patch addressed a vulnerability currently being exploited in the wild. Kaspersky offers technical details—Flash users should patch.
For some weeks now the Target hackers were said to have compromised point-of-sale systems via stolen vendor credentials. Krebs reports the vendor's been identified: an HVAC and refrigeration subcontractor. Target (which says only 25 cash registers were infected, but that was enough) is accelerating its plans to adopt chip-and-pin pay card technology. The US Secret Service tells Congress the Target hackers were "highly technical and sophisticated" and probably located outside the United States. The malware used was crafted for Target, and different from that deployed against Neiman Marcus.
The creepy cyber vandals of NullCrew boast that they were the ones behind the recent Bell Canada hack. They also claim blame for an attack on Comcast servers.
Some of the luster temporarily glittering about Huawei for its new UK security center is tarnished by developments elsewhere in the Commonwealth: Indian authorities are investigating the Chinese company for allegedly hacking telco Bharat Sanchar Nigam (BSNL).
"Waking Shark II," the financial cyber exercise led by the Bank of England, has reported. It finds poor technical information sharing mechanisms the biggest obstacle to common cyber defense.
Today's issue includes events affecting Canada, China, India, Israel, New Zealand, Russia, South Africa, Switzerland, Syria, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Security Tip — Sochi 2014 Olympic Games(US-CERT) Whether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-related risks to consider. As with many international level media events, hacktivists may attempt to take advantage of the large audience to spread their own message. Additionally, cyber criminals may use the games as a lure in spam, phishing or drive-by-download campaigns to gain personally identifiable information or harvest credentials for financial gain. Lastly, those physically attending the games should be cognizant that their communications will likely be monitored
Experiment Shows Russia is Still a Hotbed of Nefarious Digital Activity: Part 1(Trend Micro Simply Security) Recently, NBC News invited me to take part in an experiment that took place in Russia with NBC's Chief Foreign Correspondent, Richard Engel. For this experiment a honeypot environment was created emulating a user in Russia performing basic tasks; such as browsing the Internet, checking email, and instant messaging. The primary purpose of this experiment was to gauge how quickly a compromise would occur on given devices, should the user perform normal activity while in Russia for the Sochi Olympics. In this post I outline the experiment and how I set it up. In my next post I'll talk about the actual experiment and what I learned
Kaspersky Lab Details Exploits Targeting Just-Patched Adobe Zero-day(SecurityWeek) On Tuesday afternoon, Adobe released an out-of-band security update to address a critical zero-day security vulnerability in Adobe Flash Player. The remotely exploitable vulnerability is being used in attacks in the wild and allows an attacker to take control of an affected system
Adobe Flash flaw exploited in the wild, update now(Help Net Security) Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker gaining remote control of the
Target Hackers Broke in Via HVAC Company(Krebs on Security) Last week, Target told reporters at The Wall Street Journal and Reuters that the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor. Sources now tell KrebsOnSecurity that the vendor in question was a refrigeration, heating and air conditioning subcontractor that has worked at a number of locations at Target and other top retailers
Secret Service says Target hackers were sophisticated(Minneapolis Star Tribune via TMC ) The hackers who stole data from Target Corp. were "highly technical and sophisticated" and likely were located outside the United States, a Secret Service official told a House subcommittee looking into one of the biggest thefts of computerized information in the country's history
Demystifying Point of Sale Malware and Attacks(Symantec) Cybercriminals have an insatiable thirst for credit card data. There are multiple ways to steal this information on-line, but Point of Sales are the most tempting target. An estimated 60 percent of purchases at retailers' Point of Sale (POS) are paid for using a credit or debit card. Given that large retailers may process thousands of transactions daily though their POS, it stands to reason that POS terminals have come into the crosshairs of cybercriminals seeking large volumes of credit card data. Symantec has therefore published an Attacks on Point of Sales Systems whitepaper with details on how POS attacks are carried out, and how to protect against them
Comcast customer surprised to learn new router is also public hotspot(Ars Technica) Routers broadcast public Wi-Fi signals, unless you ask Comcast to turn it off. Comcast customer Ronaldo Boschulte didn't know exactly what he was getting when the company swapped his malfunctioning modem for a new one. The cable modem doubles as a Wi-Fi router—that much he was expecting. But he didn't realize the router would, by default, broadcast a public Wi-Fi network that anyone with a Comcast account could connect to
Crooks target SA Windows users(News 24) Microsoft has warned that scammers are targeting people using Windows in order to steal personal information as well as cash
Drive-by Download Attacks: Examining the Web Server Platforms Attackers Use Most Often(Microsoft Security Blog) We have included data on drive-by download attacks in numerous past volumes of the Microsoft Security Intelligence Report. But in the latest volume of the report, volume 15, we published some new data that we haven't included in the report before — the relative prevalence of drive-by download sites hosted on different web server platforms
123-reg hack knocks out 120 UK domains(PCPro) Hosting provider 123-reg has been accused of a lapse in security after one customer found his account hacked - and the domains he had registered redirecting to a ransomware site
3 startling malware developments(IT Manager Daily) Heads up: Three insidious malware programs could wreak havoc on your systems if you or your users aren't ready for them. Some are remakes of old strains. Others are new and ready to make a big impression
Windows XP: If You Cannot Patch, Catch(FireEye Blog) More than 12 years after its initial launch and five years after its most recent major update (Service Pack 3), Microsoft is finally ending support for Windows XP. The upshot: Microsoft will release no additional updates for the antiquated OS. No more updates means no more security patches or bug fixes, leaving systems still running XP more vulnerable to viruses and cyber attacks
Retailers call for collaboration to combat cyberattacks(FierceRetailIT) In a statement submitted today to the U.S. Senate Committee on Banking, Housing & Urban Affairs Subcommittee on National Security and International Trade and Finance, the Retail Industry Leaders Association (RILA) highlighted the importance of collaboration among retailers, banks and card networks to advance payments security to prevent future cyberattacks. The letter was submitted for the record ahead of the Subcommittee hearing, "Safeguarding Consumers' Financial Data."
Going There: The Year Ahead in Cyber Security(re/code) Last year, we saw some of the most significant events in the history of cyber attacks, including the largest DDoS attack on record, the Edward Snowden NSA revelations and evidence of nation-state cyber warfare against not only governments but also civilian organizations. What became clear in 2013 is that cyber threats are coming from complex operations funded by nation-states and private enterprises moving so quickly that they have outpaced many of the systems designed to stop them
PHI breaches up 138% in 2013(FierceHealthIT) More than 7 million patient records were breached last year, an increase of 138 percent from 2012, according to a report from IT security audit firm Redspin
U.S. retailers face pressure to raise cybersecurity spending(Reuters via the Baltimore Sun) Target Corp's decision to speed up a $100 million program to adopt the use of chip-enabled smart cards is just a drop in the bucket when it comes to what retailers need to do to defend themselves against future cyber attacks, according to security experts and IT service providers
Lack of skills hindering appsec programs(Help Net Security) An ongoing shortage of skills in application security is severely hampering the implementation of effective Appsec programs, according to SANS
Richard Weaver Appointed Johns Hopkins APL Chief Security Officer; Ralph Semmel Comments(Executive Mosaic) Richard Weaver, a more than 10-year veteran of the National Security Agency, has been appointed chief security officer at The Johns Hopkins University Applied Physics Laboratory, The government intelligence veteran joined APL in March 2013 as a special adviser and will be responsible for overseeing the nonprofit research lab's security functions in his new role, APL said Tuesday
Julie Bowen Named MITRE VP, General Counsel; Alfred Grasso Comments(Executive Mosaic) Julie Bowen has been appointed to the vice president, general counsel and corporate secretary roles at MITRE Corp. The cybersecurity and intellectual property law veteran joined MITRE in 2006 as associate general counsel, with responsibility in the organization's technology transfer office, MITRE said Tuesday
OpenDNS and FireEye Partner to Amplify Protection Against Advanced Cyber Attacks(BWW) OpenDNS, the world's leading provider of cloud security services, today announced the integration of its Umbrella security service with the FireEye Web Malware Protection System (MPS). The combination of OpenDNS predictive threat detection and enforcement with FireEye behavioral analysis provides real-time protection against custom malware, zero-day exploits and advanced persistent threats (APT). Using OpenDNS and FireEye together, customers can extend security policies to the cloud and transparently protect any user and any device, both on and off the network
Amazon wants to be your POS, don't let them(FierceRetailIT) Amazon.com (NASDAQ: AMZN) plans to introduce an in-store POS system using Kindle tablets. It's a genius move for the online retailer, but a terrible one for brick and mortar folks
CSG Introduces Groundbreaking Enterprise Security Business(Wall Street Journal) CSG International, Inc. (NASDAQ: CSGS), a global provider of interactive transaction-driven solutions and services, today announced the worldwide launch of CSG Invotas, a new software and services business focused on enterprise security solutions designed to help clients combat the increasing frequency, sophistication, and unpredictability of cyber attacks
Banks warned cyber attacks still a big threat(City A.M.) Banks need to better co-ordinate their response to any future cyber attack if they are to resist the assault and keep key systems functioning, a test of the industry's capabilities has revealed
Now is the time for information governance, AHIMA CEO says(FierceHealthIT) From financial to clinical information, data indisputably is everywhere—and now is the time for information governance for the healthcare industry, Lynne Thomas Gordon (pictured), CEO of the American Health Information Management Association, writes
7 Ways to Reclaim Your Digital Privacy(Popular Mechanics) The digital spies are watching you—marketers, the NSA, identity thieves, and all kinds of snoops. But the battle's not over. These are the seven best ways to fight back
NAC Comes Back(Dark Reading) BYOD and advanced malware help resuscitate network access control
NIST makes a hash of SHA-1 ban(ZDNet) The National Institute of Standards and Technology has declared that "SHA-1 shall not be used for digital signature generation after December 31, 2013." So why are they still using it
Apple Dives Deeper Into Improved Device Display Research With Quantum Dot-Enhanced Tech(TechCrunch) Apple has filed for three new patents, according to applications published by the USPTO (via AppleInsider) today. The applications all relate to the use of quantum dot-enhanced displays, which provide a number of advantages to electronic device screens, including richer and more vibrant colors, better viewing angles and an overall better experience vs. standard LCD gadget screens
Accelerators In India's Nascent Startup Ecosystem Face A Reality Check(TechCrunch) Is the startup accelerator bubble ready to burst in India? That's the question several VCs, entrepreneurs and early to late stage investors have started asking in the country's fledgling startup ecosystem. Their concerns don't look unfounded, especially after India's oldest startup accelerator, The Morpheus, said it's planning to move away from the existing model
Swiss govt tightens tech security over NSA spying(AP via the Washington Post) The Swiss government has ordered tighter security for its own computer and telephone systems that could block foreign companies from key technology and communications contracts
Feds' Shift to Mobile Creates Security Cracks(E-Commerce Times ) "While it is the agency's responsibility to provide mobile device management and training, it is the responsibility of the end-user to follow these policies. Simple steps such as creating a complex password — and changing it often — or using a secure wireless connection are effective techniques for end-users to begin practicing," said Cindy Auten, general manager of the Mobile Work Exchange
'Clock ticking' on telephony metadata reform, says Sensenbrenner(FierceGovIT) A June 2015 expiration of the Patriot Act section the intelligence community says authorizes the bulk storage of telephony metadata means the Obama administration should act now to propose legislative changes, said Rep. Jim Sensenbrenner (R-Wisc.)
Secure the Future of the Internet(Brookings) In 2014, President Obama should pursue policies guaranteeing an open, free-market Internet, write Peter W. Singer and Ian Wallace. Instead of waiting out the international blowback from Edward Snowden's NSA revelations, the president needs to lead a new strategy against those governments who want to regulate the way the global Internet is run
National Guard Fights For Cyber Role In 2015 Budget(Breaking Defense) Chinese and Russian hackers have everybody running scared. So whatever else happens with the president's budget request for fiscal year 2015, we know it will include more money for things cyber, from purely defensive network security to black-budget "offensive cyber weapons" such as the Stuxnet worm. But one big thing remains in doubt: the role of the National Guard
Litigation, Investigation, and Law Enforcement
New Zealand Spy Agency Deleted Evidence About Its Illegal Spying On Kim Dotcom(TechDirt) I have to admit that I'm consistently amazed at just how badly law enforcement in both the US and New Zealand appeared to screw up the raid and the case against Kim Dotcom. I've said it a few times before, but it really feels like authorities in both places actually believed the bogus Hollywood hype being spread by the MPAA about how Dotcom was really a James Bondian-villain, and acted accordingly, while ignoring any evidence to the contrary
Internet Giants Disclose FISA Surveillance Requests For Customer Data(IEEE Spectrum) Technology giants such as Google, Microsoft and Yahoo have started disclosing U.S. government requests for customer information under a new agreement reached last month. But the first such reports on the controversial Foreign Intelligence Surveillance Act (FISA) orders remain limited in how much detail they reveal about the surveillance activities of the U.S. National Security Agency
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
The Insider Threat: Protecting Data and Managing Risk(Online, February 11, 2014) As recent events have demonstrated, the threats from inside government have the potential to be more harmful than the hacking activities of our enemies. Protecting sensitive government information from...
East Africa Banking and ICT Summit(Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
Ethiopia Banking and ICT Summit(Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial...
U.S. Department of Commerce Technology Expo(, January 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact...
Cyber Security 2014(, January 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security...
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
NovaSEC! Pre-RSA Rally(, January 1, 1970) This unique forum allows participants to meet, interact on key issues and provide a unified forum to network with likeminded individuals and creates an opportunity to cultivate a strong and integrated...
FBI HQ Cloud Computing Vendor Day(, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...
Free OWASP Training and Meet Up(San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...
RSA Conference USA(San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...
Nellis AFB Technology & Cyber Security Expo(, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...
Cloud Expo Europe(, January 1, 1970) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex...
Suits and Spooks Security Town Hall(, January 1, 1970) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton...
Trustworthy Technology Conference(, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...
Creech AFB Technology & Cyber Security Expo(, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.