Z Company hacktivists attack two official Indian domains to protest that government's policy for Kashmir. The Syrian Electronic Army (which primly denies Forbes's claim that it tried to shake the magazine down for "fees") sees fit to attack FC Barcelona.
The Mask remains under examination amid growing conviction that it was a state-sponsored campaign.
Seculert concludes that two distinct cyber gangs are exploiting holes in IE8 and IE9: the VFW watering-hole campaign in the US and the attack on French aerospace concern SNECMA used the same exploit code but served different malware.
Steganographic concealment, that long feared but seldom seen bugaboo of security researchers, has turned up in a new Zeus variant hiding itself in jpgs. Another Zeus flavor—this one a RAM-scraper targeting payment systems—is discerned via Windows error reporting (as that recently maligned feature shows it still has some moves).
A drive-by attack exploiting an old Android vulnerability is published in Metasploit.
IOActive claims to find multiple vulnerabilities in Belkin home automation products. Belkin says at least some have already been fixed. Belkin subsidiary Linksys also issues a firmware patch for router vulnerabilities.
Persons unknown are scanning for systems vulnerable to a recently disclosed flaw in Symantec Endpoint Protection Manager.
Two incidents prove more expensive than thought: Iranian intrusion into US Navy networks and the Target breach. The former required four months and $10M to remediate; the latter is now thought likely to cost banks some $200M. Business draws sobering lessons from Target, government from the Navy.
Today's issue includes events affecting Australia, Belgium, China, Ethiopia, France, Germany, India, Indonesia, Iran, Democratic Peoples' Republic of Korea, Republic of Korea, Netherlands, New Zealand, Russia, Saudi Arabia, Spain, Syria, United Arab Emirates, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
National Portal of India Hacked by Z Company Hacking Crew in Support of Kashmir(HackRead) The online hacktivists from Z Company Hacking Crew (ZHC) have hacked two official domains of National portal of India and left messages against Indian occupation over Kashmir. One of the hacked domain is designated for mobile users, while other domain belongs to the site's content. Though the sites were partially hacked and no deface page
Error reports uncover hacks at govt agency, telco(IT News) New RAM-scraping Zeus version targeting payment terminals. Microsoft's Windows error reporting system Doctor Watson will reveal failed zero-day attack campaigns, security software company Websense has discovered
More Details About "TheMoon" Linksys Worm(Internet Storm Center) Using a vulnerable Linksys E1200 router in a lab, I was finally able to capture the complete (?) sequence of exploits used by the Linksys Worm "TheMoon".
Spamvertised 'Image has been sent' Evernote themed campaign serves client-side exploits(Webroot Threat Blog) Cybercriminals continue to populate their botnets, with new infected hosts, through the persistent and systematic spamvertising of tens of thousands of fake emails which impersonate popular and well known brands — all in an attempt to socially engineer prospective victims into interacting with the scam. We've recently intercepted a currently circulating malicious spam campaign, impersonating Evernote, serving client-side exploits to prospective victims who click on the links found in the fake emails
Nursing home data exposed on file-sharing site(Naked Security) Researchers have found a trove of information on a file-sharing site that could allow attackers to breach electronic medical records and payment information from healthcare providers such as nursing homes, doctors' offices and hospitals
Hackers prove massive data theft from US casino operator(Help Net Security) Last week's hack and defacement of the official website of the US-based Las Vegas Sands Corp. and that of the popular casinos it operates apparently didn't affect customers and the corporation's gambling systems
Wurm MMORPG offers 10,000 Euros reward after DDoS attack(Graham Cluley) Wurm, the 3D massively multiplayer online role-playing game (MMORPG), has offered a reward totalling 10,000 Euros for information which might lead to the conviction of hackers who launched a distributed denial-of-service (DDoS) attack against the site
Gabe Newell responds to Valve history-scan claims(Playerattack) Valve has stepped up to answer allegations that the company's anti-cheat system was scanning users' internet history. Rather than a simple, sanitised press release or a refusal to comment on "rumours and innuendo", Valve CEO and gaming hero Gabe Newell has personally responded
Profiling hacking for hire services offered in the underground(Security Affairs) In the past we have already analyzed the diffusion in the underground of hacking for hire services, a term coined to define the sale of hacking services made by cyber criminals for a limited period of time. Surfing in various cyber criminal forums or visiting some hidden services in the DeepWeb it is quite easy to discover forum dedicated to facilitating the matching of supply and demand
Flappy Bird and Third-Party App Stores(TrendLabs Security Intelligence Blog) Earlier we talked about some Flappy Bird-related threats. In the course of uncovering their background, we found several third-party app stores that distributed or created similarly dangerous mobile apps
Target breach: A timeline(FierceITSecurity) The Target breach, which compromised over 40 million credit and debit card accounts, touches many aspects of IT security—payment card security, point-of-sale system vulnerability, international malware development, third-party contractor risk, access controls, and the list goes on
Target breach timeline: Learning from history(FierceITSecurity) As we get further away from the massive Target data breach that compromised 40 million payment card accounts and exposed personal data on another 70 million customers, the news begins to fade from memory. Yet the details of the breach provide a blueprint of how not to handle IT security
Security Patches, Mitigations, and Software Updates
Linksys announces firmware fix to neutralize "The Moon" worm(Help Net Security) As Linksys (i.e. parent company Belkin) announced they were aware of "TheMoon" malware targeting its older routers and that they are working on a firmware fix, more details about the worm in question have been shared by researchers
Belkin: Security Fixes Were Already Issued for Recent WeMo Vulnerabilities(SecurityWeek) Early Tuesday, Security firm IOActive issued a warning about multiple vulnerabilities in Belkin WeMo Home Automation devices that could give attackers the ability to remotely control WeMo Home Automation attached devices over the Internet, perform malicious firmware updates, and in some cases, remotely monitor the devices
The Target PoS Attack: Gleaning Information Security Principles(SecurityWeek) While there are always new and interesting things unfolding in the information security world, there are a handful of developments each year that are like something out of an edge-of-your seat Hollywood blockbuster, or a gripping novel that ratchets up the suspense level with each page. Over the last few months, it is hard to argue that any event has been as captivating — or triggered more passionate discussion within and beyond the information security community — than the high profile Point-of-Sale (PoS) malware attack at retail giant Target
Is Threat of Surveillance New Reality For Law Firms?(American Lawyer) For many lawyers who represent foreign governments, the recent revelation that the U.S. National Security Agency's Australian ally has been privy to communications between an American law firm and its international client comes as no surprise
CSC Plans Bossier City, Louisiana, Technology Center At National Cyber Research Park(Area Development Online) CSC selected National Cyber Research Park in Bossier City, Louisiana, to establish its 116,000-square-foot, next-generation technology center, creating 800 jobs during the next four years. The firm will become an anchor tenant at the 3,000-acre research park being developed by the Cyber Innovation Center, a not-for-profit research corporation
Camber Corporation Acquires Avaya Government Solutions IT Consulting Services(Sacramento Bee) Camber Corporation today announced that it has reached a definitive agreement to acquire the IT consulting services business of Avaya Government Solutions, a subsidiary of Avaya Inc. Avaya Government Solutions has been providing high-end, full life-cycle information technology consulting to government customers for over 20 years
Bug Bounty Program Launched by Secret(Softpedia) Secret, Inc., the company that's behind Secret, the iOS application that allows users to anonymously share their thoughts, has launched a bug bounty program
CSG Invotas Unveils Orchestration Solution Suite(Wall Street Journal) CSG Invotas, the new enterprise security business from CSG International, Inc. (NASDAQ: CSGS), today announced its unique cyber-threat-response solution suite that gives security executives the ability to coordinate and manipulate devices across the enterprise to combat intrusions at machine speed
Cylance Unveils CylancePROTECT, Applying Math to Prevent Advanced Cyber Threats on Company Endpoints(Broadway World) Cylance, Inc., the first math-based threat detection and prevention company, today announced the release of CylancePROTECT. The product takes a unique mathematical and machine learning approach to stop the advanced threats on endpoint computers. Without the traditional use of signatures, rules, behavior, heuristics, whitelists or sandboxing, CylancePROTECT identifies and renders new malware, viruses, bots, zero-days and unknown future attacks useless
Lastline Enterprise v4.7 Delivers Increased Security With Support for VMware ESX(SYS-CON Media) Lastline, Inc., a provider of active malware defense technology for enterprise networks, today announced the availability of Lastline Enterprise v4.7, which adds new capabilities to address the threat of advanced malware, advanced persistent threats (APTs), active backdoors, and targeted attacks within highly distributed environments
SafeLogic Congratulates API Technologies on FIPS 140-2 Validation(PRWeb) SafeLogic, the new industry leader in validated cryptography, applauds the completed validation of API Technologies' Common Cryptographic Module to the National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-2
On Zombies and Cyber Attacks(Huffington Post) During the winter of 2013-14, amidst the school delays and extreme weather conditions in much of the United States, the federal Emergency Alert System issued a warning, but perhaps not the one people expected: "Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living
Cyber-Security Takes Centerstage: Risks, Guidance, and Regulator Wrath(Compliance Week) Several weeks ago I wrote about how boards and audit committees struggle to handle IT risks, and how compliance executives can help them understand such problems. The good news: compliance professionals themselves now have fresh guidance to understand cyber-security risks
Five Tactics To Help Triage Your Patching(Dark Reading) Companies should refine their risk measurements to better prioritize the patching of vulnerabilities, including using improved risk values and data on whether a vulnerability is being exploited
How Tor Works(MIT Technology Review) A video demonstrating how Tor uses a series of relays to protect anonymity online
How to Fight Malvertising Threat(eSecurity Planet) Even security-conscious enterprises like Yahoo can be compromised by attacks in which ad servers are used to deliver malware. How can you fight this 'malvertising' threat? Yahoo continues trying to reinvent its business model and value to users, a little more than a month after it made headlines when its advertising servers were compromised to deliver malware to Yahoo site visitors. As reported by Fox IT, the security firm that initially discovered the incident, last month some 300,000 users were exposed to infected ads with some 9 percent estimated to have been affected
Design and Innovation
Designing the details: Why empty states matter(TNW) One of my favourite things to do with new apps is to check out and screenshot the first-run experience. After navigating any initial welcome screens, I go in search of empty states; views within the app typically devoid of content or data
Research and Development
New detection system spots zero-day malware(Help Net Security) A group of researchers has created a new infection detection system that can help Internet service providers and large enterprises — or anyone running large-scale networks — spot malware attacks that antivirus and blacklisting solutions can't
Commander: Iranian Armed Forces Ready for Cyber War(Fars News Agency) The Iranian Armed Forces are equipped with the state-of-the-art technologies and are prepared to defend the country against any possible cyber attack, a senior commander said on Tuesday
Forget China: Iran's Hackers Are America's Newest Cyber Threat(Foreign Policy) In March 2012, Ayatollah Ali Khameini, the Supreme Leader of Iran, publicly announced the creation a new Supreme Council of Cyberspace to oversee the defense of the Islamic republic's computer networks and develop news ways of infiltrating or attacking the computer networks of its enemies. Less than two years later, security experts and U.S. intelligence officials are alarmed by how quickly Iran has managed to develop its cyber warfare capabilities — and by how much it's willing to use them
S. Korea pushes to develop offensive cyberwarfare tools(Yonhap via Global Post) South Korea will push to develop sophisticated cyberwarfare tools that could wreak havoc on North Korea's nuclear facilities as part of its plans to beef up offensive capabilities, the defense ministry said Wednesday
European backlash against NSA surveillance grows(FierceGovIT) Backlash in Europe against revelations of bulk surveillance by U.S. intelligence agencies intensified this month, with German Chancellor Angela Merkel endorsing the idea of a communications network that would keep Europeans' data from passing through the United States
New NSA choice reflects desire to get past criticism(Navy Times) President Obama's recent nominee to head the NSA will confront a host of problems if confirmed in his new job, including a demoralized workforce, frayed relations with Capitol Hill and angry foreign intelligence partners
Senate bill targets data brokers(FierceGovIT) Consumers would have access to the private information that data brokers collect about them under a bill that Sen. Jay Rockefeller (D-W.V.) introduced Feb. 12
States defend turf from feds on data breach rules(Politico) With no federal law on data breaches, most states created their own rules to ensure companies alert residents when hackers seize their personal information. But as massive breaches at Target and Neiman Marcus revive congressional interest in a national notification standard, states are warning Washington: Don't trample on our turf
Minister to launch new Telkomsel, Indosat investigation (The Jakarta Post) In response to the latest allegations concerning spying by the US National Security Agency (NSA), the Communications and Information Ministry warned domestic operators that they would risk a shutdown if implicated
US Man Sues Ethiopia for Cyber Snooping(SecurityWeek) A lawsuit filed on Tuesday accuses Ethiopia of infecting a US man's computer with spyware as part of a campaign to gather intelligence about those critical of the government
Cyber Security for Energy & Utilities(Abu Dhabi, UAE,
March 23 - 26 2014) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the 3rd Edition of Cyber Security for Energy & Utilities conference taking place from 23 -26 March 2014 at The Westin Golf Resort in Abu Dhabi, UAE
NovaSEC! Pre-RSA Rally(McLean, Virginia, USA,
February 19, 2014) This unique forum allows participants to meet, interact on key issues and provide a unified forum to network with likeminded individuals and creates an opportunity to cultivate a strong and integrated community that demonstrates the Northern Virginia region's size, scope and impact on the Country's cyber landscape. This particular event will take place one week before the annual RSA Conference in San Francisco. We view this as an opportunity for security professionals to network and discuss current security topics that will be highlighted at the RSA Conference. Plenty to talk about in 2014 for sure! So whether you are going to RSA or not this is the place to connect socially with your peers
FBI HQ Cloud Computing Vendor Day(Washington, DC, USA,
February 19, 2014) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing four 'Vendor Days' a year focusing on technology that can enhance current IT capabilities. These market research events will enhance exposure for all Department of Justice (DOJ)/Federal Bureau of Investigation (FBI) employees to new products and services and to have an opportunity to interact directly with the industry. Vendor days are for demo purposes only and are designed to facilitate FBI market research efforts. Attending vendors shall make all inquiries concerning pending or future FBI requirements to the cognizant FBI contracting officer
New FFIEC Guidelines on Social Media: 3 Things You Need to Know(Webinar,
February 19, 2014) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll break down nearly 20 pages of dense government material, distilling the key topics for legal, compliance, risk and finance professionals
CyberSecurity Innovation Forum(Fairfax, Virginia, USA,
February 20, 2014) Join us for a series of short case study presentations by cybersecurity experts and technology innovators from throughout the region. Presentations will be followed by a panel discussion with plenty of opportunity for discussion and discovery. The focus of the evening will be on cybersecurity innovations that address current and evolving challenges and have had a real, measurable impact
Free OWASP Training and Meet Up(San Francisco, California, USA,
February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn more about securing their code as well as security professionals who want to become acquainted with the latest web vulnerabilities
RSA Conference USA(San Francisco, California, USA,
February 24 - 28 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else
Nellis AFB Technology & Cyber Security Expo(Las Vegas, Nevada, USA,
February 26, 2014) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case last year, the 2014 event will once again have a Cyber Security theme. This is an excellent opportunity for any technology or cyber company to meet with the personnel at Nellis AFB, as well as the local AFCEA members
Cloud Expo Europe(London, England, UK,
February 26 - 27 2014) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex hosting to development platforms
Suits and Spooks Security Town Hall(San Francisco, California, USA,
February 27, 2014) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton San Francisco on February 27, 2014 (7pm-10pm). We are condensing the Suits and Spooks two-day "collision" model into a 3-hour debate and discussion format to help raise awareness about the complexities involved in balancing security objectives with our privacy rights
Trustworthy Technology Conference(San Francisco, California, USA,
February 27, 2014) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens who are interested in discussing the technical, legal and ethical underpinnings of a stronger social contract between users and technology
Creech AFB Technology & Cyber Security Expo(Indian Springs, Nevada, USA,
February 27, 2014) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is an excellent opportunity for technology, cyber and tactical technology companies to meet with remote personnel at Creech AFB. At the 1st Annual event held in February 2013 over 100 Creech AFB personnel attended this event. Some of their job descriptions included: Commander, Flight Chief, Communications Officer in Charge, IT Lead, Systems Admin, Wing Training, Information Assurance Officer, Knowledge Management, Section Chief, Avionics, Physical Security, Project Manager, Director and more
Nuclear Regulatory Commission ISSO Security Workshop(Rockville, Maryland, USA,
March 17, 2014) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce are encouraged to exhibit at this one-day expo. Topics of the workshop and of high interest to attendees include: computer security policy, standards and guidance, cybersecurity, FISMA compliance, and training updates
ICS Summit 2014(Lake Buena Vista, Florida, USA,
March 17 - 18 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security
27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference(Gaithersburg, Maryland, USA,
March 19, 2014) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be on display March 19 only. This year's theme "Partners in Performance: Shaping the Future of Cybersecurity Awareness, Education, and Training" will focus on developing a better understanding of current information systems/cybersecurity projects, emerging trends, and initiatives. Through numerous high quality sessions, approximately 200 attendees will learn new ways to improve their IT security program and practical solutions to training problems while earning Continuing Professional Education (CPE) credits. The vendor fair gives attendees a tactical look at the products and services available to meet their professional goals
Suits and Spooks Singapore(Singapore,
March 20 - 21 2014) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate in a globally hostile environment that consists of foreign intelligence collection, mercenary hacker crews, insider threats, and supply chain/vendor vulnerabilities. Our international list of speakers will discuss who the threat actors are, what they're after, and best practices to mitigate the risks
MCT-Congress: Going Mobile with Clinical Trials(Edinburgh, Scotland, UK,
March 20 - 21 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have on the clinical research process
Veritas 2014(London, England, UK,
March 25 - 27 2014) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the sector will show you how the right approaches can lead to far-reaching results in business model innovation, risk mitigation and identifying new revenue streams. See how Veritas 2014 will help you develop your big data implementation strategy
Cyber Security Management for Oil and Gas(Houston, Texas, USA,
March 26 - 27 2014) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security breaches while ensuring your employees, social media and mobile devices operate effectively. Implementing best practices in order to achieve and maintain SCADA and other key systems security. How a "critical infrastructure" designation would impact different aspects of oil and gas cyber security management
March 31 - April 4 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.