Cyber security warnings continue to accrete to the Sochi Olympics. Several analysts pooh-pooh reports of rampant hacking (notably NBC's somewhat breathless account of its experiment in vulnerability) but their objections come down largely to noting that the cyber threat at Sochi is no greater than that normally encountered in international travel. The games make for headlines, but to be alarmed by wireless vulnerability, as Gartner says, "try your local Starbucks." Such risks explain security officers' return to network access controls.
Iranian hackers are accused of compromising Nepal's presidential Website. Facebook may have blunted the Syrian Electronic Army's attack, but the SEA's tactics are worth a look.
Stolen HVAC contractor credentials were the entering wedge of the Target breach. The contractor seems more sinned against than sinning, but here's the important lesson: poor network segmentation let the attackers through the crack. The FBI warns other retailers, and chip-and-pin technology attracts more attention.
The black-market cost of "APTs" drops as they're deployed against a wider range of targets. The Russian hacker labor market supplies much of the coding talent.
Israeli start-up Cyactive makes large claims of effectiveness, but discuss: does their "evolutionary" approach to malware amount to more than a signature-based approach?
Waking Shark II, participants say, should have been more challenging. Still, it demonstrated the importance of information sharing. The US Department of Homeland Security would agree.
Turkey begins censoring Internet sites.
Look to a 1970s railroad merger case for clues as to how the US Supreme Court may handle surveillance.
Today's issue includes events affecting Armenia, Azerbaijan, Brazil, China, Colombia, France, India, Iran, Israel, Nepal, Poland, Russia, Sweden, Syria, Turkey, United Kingdom, United States..
Intelligence Report on Sochi(International Policy Digest) The folks over at Homeland Security Today sent me a notification that might interest our readers as it pertains to security at the Sochi Olympics. While journalists for the past few days have been tweeting humorous stories of falty toilets, manholes without covers and hotel rooms that aren't quite ready, there is a seriousness surrounding the games. With Sochi, Russia only 250 miles from Chechnya there is a real concern over security at the games and whether terrorists will strike. Homeland Security Today has partnered with BAE Systems to produce daily reports concerning security at the games. Below is the press release
The President of Nepal has been hacked by Iranian hackers(CyberWarZone) The website of the President in Nepal has been hacked by Iranian hackers. The hackers claim that they have hacked the website and that they accessed the /etc/passwd so they could hack the Database. The database has been dumped to a Pastebin file
Sharpsburg firm is 'victim of sophisticated cyber attack' in Target breach(Pittsburgh Post-Gazette) Sharpsburg firm Fazio Mechanical Services has confirmed that it is cooperating with a federal investigation of a data breach at Target. The Target security breach that compromised the data of millions of Christmas shoppers could be traced to the cybertheft of information from a Sharpsburg-based heating, air conditioning and refrigeration company
Did the crooks who broke into Target tailgate the cleaners?(Naked Security) Intrepid chronicler of the Target breach, Brian Krebs, has uncovered yet another cog in the criminal gearbox behind Target's data disaster. Guess what? 2FA and network segregation would have made things a lot harder for the crooks
FBI Issues Cyber Attack Warning To Retailers: Is Chip And PIN The Answer?(mondaq) Point-of-sale (POS) systems are under attack. In the wake of breaches at Neiman Marcus, Target and other stores over the 2013 holiday season, the FBI is now warning retailers to expect similar cyber attacks in the coming months. The warning came in the form of a 3 page report distributed to numerous retailers on January 17th, detailing the current risks with POS systems
New identity fraud victim every two seconds thanks to massive data breaches (CSO Salted Hash) There have been a number of high-profile data breaches lately—and a whole bunch of smaller data breaches that didn't make national headlines. The data breach itself, however, is just the beginning. What matters most is what happens with the sensitive customer information after it is stolen
Encrypted Java Archive Trojan bankers from Brazil(SecureList) I have never bought a PlayStation and neither has my colleague Micha-san from Japan — well, in his case, at least not from Brazil. Nonetheless, we both received the same email notification
Large-scale DNS redirection on home routers for financial theft(CERT Polska) n late 2013 CERT Polska received confirmed reports about modifications in e-banking websites observed on iPhones. Users were presented with messages about alleged changes in account numbers that required confirmation with mTANs. This behavior would suggest that some Zeus-like trojan had been ported to iOS. As this would be the first confirmed case of such malware targeting the platform, and at the same time it targeted Polish e-banking users, it immediately attracted our attention. Internally we have come up with several scenarios of how it might have happened, but unfortunately were not able to gather enough first-hand data about the case to rule out any options
Beware of snoopy Valentine apps(ITWire) A security vendor has warned that along with the usual seasonal scams, a number of Valentine's Day related apps are privacy invaders
Cost of doing APT business dropping(Threatpost) The term APT often is used as a generic descriptor for any group—typically presumed to be government-backed and heavily financed—that is seen attacking high-value targets such as government agencies, critical infrastructure and financial systems. But the range of targets APT groups are going after is widening, as are the levels of talent and financing these groups possess
Skilled, Cheap Russian Hackers Power American Cybercrime(NBC News) When it comes to finding original ways of virtually stealing real money, Russian criminals are in a class of their own. With an estimated annual turnover of more than $2 billion a year, the Russian cybercrime industry is the source of at least a third of all viruses, Trojans and other malicious software, or malware, sent around the world
Why Android devices are a security nightmare for companies(Graham Cluley) Fiery arguments between the rival camps of Android and Apple iPhone lovers about the merits of their respective devices aren't likely to be extinguished any time soon, but there's one thing that's clear: Android is a lot less safe than iOS. Read my guest blog on the Foursys website
Insecure file sharing puts corporate data at risk(Help Net Security) Personal email could be 2014's biggest threat to corporate data. A new survey of more than 500 professionals by Globalscape found that in the past 12 months, 63 percent of employees have used personal email to send sensitive work documents. Perhaps more surprisingly, 74 percent of those employees believe that their companies approve of this type of file-sharing behavior
How the speed of technological change can be an opportunity(FCW) AT&T's Chris Smith argues that mobile, cloud computing and the Internet of Things have untapped potential for agencies able to embrace them. It isn't surprising that cloud, mobility and cybersecurity will be front and center federal issues for the next 18 months, but the speed with which those technologies are developing and their increasingly significant impact for agency management could present opportunities for historic change, according to a former federal CIO who is now AT&T's vice president of technology
The FBI issues request for quotes to purchase malware(TripWire State of Security) The Federal Bureau of Investigation has issued a Request for Quotes (RFQ) soliciting vendors to provide malware to assist the Operational Technology Division (OTD) Investigative Analysis Unit (IAU) with their mission to support field agents in criminal investigations
DARPA hires Raytheon to work on Plan X cyber warfare platform(Defense Systems ) The Defense Advanced Research Projects Agency has awarded a $9.8 million contract to Raytheon as a part of its Plan X program, which is designed to plan for, conduct and assess cyber warfare in the same way that kinetic warfare is analyzed. Raytheon's research and development will be contracted to enable scaling and execution of cyber operations for the Defense Department
TEDCO Invests $1.3 Million in 13 Maryland Startups(TEDCO) The Maryland Technology Development Corporation (TEDCO) announced today that 13 companies have received a total of $1.3 million in funding from the organization's Technology Commercialization Fund (TCF) since July 2013. The funding will be used to advance the companys' technology and product commercialization efforts. Funds were awarded to startups representing a wide-range of industries including medicine and disease treatment, health care, biopharmaceuticals, software development and systems integration. Companies including Allovue, LLC; Altenera Technology, Inc.; An Estuary, LLC; Ariadne Diagnostics, LLC; Citelighter, Inc.; Graftworx, LLC; I-lighting, LLC; Integrata Security, LLC; Maryland Energy and Sensor Technologies, LLC; Noble Life Sciences, Inc.; PrintLess Plans, LLC; Rehabtics, LLC and SurveySnap, Inc. were each awarded $100,000
Southern Israel Slated to be 'Silicon Wadi,' Cyber-Security Hub(JNS via the Allgemeiner) The southern Israeli city of Be'er Sheva has long been stigmatized by its peripheral location, economic instability, and poor public image. That reputation, however, is quickly getting a full makeover to a complete cyber-field ecosystem with all the components for global leadership
An Equity Investor's Due Diligence(IOActive Labs) Information technology companies constitute the core of many investment portfolios nowadays. With so many new startups popping up and some highly visible IPO's and acquisitions by public companies egging things on, many investors are clamoring for a piece of the action and looking for new ways to rapidly qualify or disqualify an investment ; particularly so when it comes to hottest of hot investment areas — information security companies
Products, Services, and Solutions
Israeli start-up claims it may be able to stop all viruses(The Times of Israel) An Israeli start-up claims it may be able to put an end to the viruses, malware, and trojan horses that cost the world economy hundreds of billions of dollars a year. Not only does Cyactive say it can stop viruses that are already "in the wild," currently causing damage, but according to CEO & Co-Founder, Liran Tancman, it can beat them most of them even before they are invented
CSG International launches enterprise security service(Telecompaper) Global provider of interactive transaction-driven services, CSG International has announced the worldwide launch of CSG Invotas, a new software and services business focused on enterprise security services designed to help clients combat increasing frequency, sophistication and unpredictability of cyber attacks. Rather than detecting and analysing intrusion, Invotas provides automation and orchestration services to respond in realtime to emerging and ongoing cyber attacks. Invotas builds on CSG's services that support mitigation and eradication of cyber attack across complex enterprise environments
Technologies, Techniques, and Standards
Many IT pros turning to NAC for mobile security(FierceITSecurity) More than three-quarters of IT pros are using or planning to use network access control technology to improve mobile security, according to a survey of more than 750 IT pros by CyberEdge Group on behalf of NAC vendor ForeScout Technologies and eight other IT security firms
Security Protocols and Evidence: Where Many Payment Systems Fail(Cryptography and Data Security) As security protocols are used to authenticate more transactions, they end up being relied on in legal proceedings. Designers often fail to anticipate this. Here we show how the EMV protocol (the dominant card payment system worldwide) does not produce adequate evidence for resolving disputes. We propose five principles for designing systems to produce robust evidence. We apply these to other systems such as Bitcoin, electronic banking and phone payment apps. We finally propose specific modifications to EMV that could allow disputes to be resolved more efficiently and fairly
New ISO Standards on Vulnerability Handling and Disclosure(Internet Storm Center) Also in the news, ISO standard 30111 was published recently (on Jan 21) — a standard for the Vulnerability Handling Processes. The standard was edited by Katie Moussouris, Senior Security Strategist Lead at Microsoft
Hello Virustotal? It's Microsoft Calling.(Internet Storm Center) You might think that phone call might be unlikely, but as of this week it's built in and is likely happening right now. I was poking around in the latest version of Sysinternals, and tripped over a new option. You can now submit any running process in memory directly to Virustotal. it's a simple right-click in the latest version of Process Explorer
Effective incident response(Help Net Security) Organizations are bombarded with potential threats every day. Most of these are small and irritating, not truly critical — but among those needles are little threads of larger actions at work. An incident response program enables you to pull out the needles that make up the haystack of the big picture, according to Jaime Blasco, Director at AlienVault Labs
The Problem With Two-Factor Authentication(InformationWeek) The failure of corporate security strategies to protect personal identity information from hackers resides more with system architecture than with authentication technology. Here's why
Event Security with Surveillance Technologies(IPWatchdog) Governmental infringement of our privacy has been a hot-button issue in recent months, with the public discovery and outcry over the U.S. National Security Agency's mining of private citizen data. The government claims that by mining all of this information we are safer, although it is hard to evaluate those claims given the cloak of secrecy. Whether we like it or not, surveillance technologies are proliferating due to the dangerous world in which we live
Governments Need to Discuss Use of Cyber Weapons(Threatpost) Attacks on critical infrastructure have been grabbing headlines for years now, long before sophisticated operations such as Stuxnet and Flame hit the scene. But we're probably still in the early stages of the evolution of such attacks, and the use of so-called cyber weapons in these operations is likely going to increase in the
Amid Flow of Leaks, Turkey Moves to Crimp Internet(New York Times) Shortly after an audio recording in which Prime Minister Recep Tayyip Erdogan is said to be heard talking about easing zoning laws for a construction tycoon in exchange for two villas for his family, SoundCloud, the file-sharing site where it was leaked last month, was suddenly unavailable to Internet users in Turkey
Activists and Hacktivists Preparing to Protest Against(Softpedia) Turkey's parliament has approved controversial changes to an Internet law, allowing authorities to block access to certain websites. Activists and hacktivists are preparing to protest against the new law, which, they say, limits freedom of speech. Hackers of the group RedHack, which represents the Turkish government's fiercest adversary from cyberspace, say they plan on protesting against the new law alongside NGOs and other groups. The demonstrations are scheduled to start on Saturday at 19:00
Meet the Man Who Will Be Slashing the Pentagon's Bloated Budget(Foreign Policy) After months of feverish speculation about who would succeed Ash Carter as the Pentagon's No. 2, former Marine colonel and current think tank chief Bob Work appears to have won the job and gone into pre-nomination mode, declining invitations to give speeches or take part in other public events -- a sure sign in Washington that someone's about to get the nod
The 'Least Untruthful' National Security State(Huffington Post) NSA National Security Agency Nsa Surveillance National Intelligence National Security Senate Intelligence Politics News
The question Senator Ron Wyden asked on March 12 of last year was straightforward enough and no surprise for Director of National Intelligence James Clapper. He had been given it a day in advance of his testimony before the Senate Intelligence Committee and after he was done, Senator Wyden and his staff offered him a chance to "amend" his answer if he wished
Foreign Intelligence or Intelligence?(Huffington Post) The debate over the National Security Agency's cyber surveillance and collection of telephone records should lead to a better balance between rights of privacy and requirements of foreign intelligence. But whatever the outcome of that debate, it has failed to acknowledge inherent deficiencies and risks in "foreign intelligence" and the transcendent role of foreign policy in the defense of our national interests. Important fundamentals that shape our national security policy will be unaddressed and unchanged
Litigation, Investigation, and Law Enforcement
Colombian rebels say Uribe behind spying on peace negotiators(EFE via Global Post) Colombia's FARC rebels said Wednesday that former President Alvaro Uribe is behind an alleged espionage operation targeting the current government's peace negotiators, and indicated their delegates also have been spied upon
Colombia's spying scandal Snoopers sacked(The Economist) The peace process with the FARC, which aims to end half a century of internal conflict, has many detractors, particularly among those who believe the
Twitter transparency report shows government takedown and account info requests are on the rise(TNW) Twitter released its latest transparency report today, detailing a rise in the number of requests it received from government and copyright holders throughout the second half of 2013. The numbers are broken down between government applications for account information and the removal of user content, as well as the content allegedly infringing Digital Millennium Copyright Act (DMCA). In all three sections, the number of requests it received had increased from its previous report
Twitter: France leads world in battling abuse(The Local (French edition)) When it comes to countries demanding Twitter remove abusive or illegal tweets France stands out well ahead of the pack. Is it something to be proud of or is it a sign of a growing infringement on basic civil liberties
FISC Approves Government's Request to Modify Telephony Metadata Program(IC on the Record) During his speech on Jan. 17, 2014, President Obama ordered a transition that will end the Section 215 bulk telephony metadata program as it currently exists, and establish a mechanism that preserves the capabilities we need without the government holding this bulk data. As a first step in that transition, the President directed the Attorney General to work with the Foreign Intelligence Surveillance Court to ensure that, absent a true emergency, the telephony metadata can only be queried after a judicial finding that there is a reasonable, articulable suspicion that the selection term is associated with an approved international terrorist organization. The President also directed that the query results must be limited to metadata within two hops of the selection term instead of three
When Will Glenn Greenwald Return to the United States?(Slate) Glenn Greenwald hasn't been back to the United States since he began publishing a seemingly never-ending string of Edward Snowden-fueled stories about the NSA and government surveillance last year. Greenwald is an American citizen but lives primarily in Brazil, so it's not exactly a surprise that he's opted to stay out of the country given the prosecution-themed rhetoric that's been coming from the mouths of some U.S. lawmakers and government officials
Judge Denies Juniper Motion for Infringement Against Palo Alto Networks(SecurityWeek) Palo Alto Networks said on Thursday that a judge for the District of Delaware rejected Juniper Networks' motion for summary judgment of patent infringement, and granted in part several Palo Alto Networks' motions for summary judgment of non-infringement based on the doctrine of equivalents
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Nuclear Regulatory Commission ISSO Security Workshop(, January 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
The Insider Threat: Protecting Data and Managing Risk(Online, February 11, 2014) As recent events have demonstrated, the threats from inside government have the potential to be more harmful than the hacking activities of our enemies. Protecting sensitive government information from...
NovaSEC! Pre-RSA Rally(, January 1, 1970) This unique forum allows participants to meet, interact on key issues and provide a unified forum to network with likeminded individuals and creates an opportunity to cultivate a strong and integrated...
FBI HQ Cloud Computing Vendor Day(, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...
Free OWASP Training and Meet Up(San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...
RSA Conference USA(San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...
Nellis AFB Technology & Cyber Security Expo(, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...
Cloud Expo Europe(, January 1, 1970) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex...
Suits and Spooks Security Town Hall(, January 1, 1970) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton...
Trustworthy Technology Conference(, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...
Creech AFB Technology & Cyber Security Expo(, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.