SoHo routers widely used in homes have been shown to have backdoors that enable an attacker to gain admin access. The SANS Institute's Internet Storm Center reports seeing a large number of probes to a port on which Linksys devices may be listening, which indicates this is more than a theoretical risk.
CryptoLocker, which had hitherto spread as a conventional Trojan, turns up in a new, worrisome version that propagates itself as a worm.
SnapChat works to contain and undo the damage done by the end-of-year compromise it suffered, and announces plans to upgrade security. Forbes suggests the story is one of a missed opportunity to benefit from an independent security warning.
Kaspersky Labs foresees surveillance concerns and desire for increased national control fragmenting the traditional Internet in 2014, going so far as to predict that the deep web will soon be the only remaining international network.
The maritime shipping industry sees a cyber risk in its increased automation of ship operations (compare airline concerns about cyber security).
In industry news, FireEye announced late yesterday that it has acquired Mandiant for a reported $1.05B. Synergies are expected as FireEye combines its virtual machine monitoring tools with Mandiant's endpoint security, incident response, and remediation services. Kevin Mandia will become FireEye's COO; FireEye plans to increase its sales force.
A criminological study claims warning banners actually have a deterrent effect on hackers.
In the US surveillance policy debate, a Foreign Policy essay describes the Presidential surveillance panel's recommendations as "reckless" and "ineffective."
Today's issue includes events affecting Australia, China, Japan, Russia, Taiwan, United Kingdom, United States..
Scans Increase for New Linksys Backdoor (32764/TCP)(Internet Storm Center) We do see a lot of probes for port 32764/TCP . According to a post to github from 2 days ago, some Linksys devices may be listening on this port enabling full unauthenticated admin access. At this point, I urge everybody to scan their networks for devices listening on port 32764/TCP. If you use a Linksys router, try to scan its public IP address from outside your network
Snapchat user data exposed in huge data theft(Trend Micro Countermeasures) Usernames and phone numbers for more than 4.5 million Snapchat users have been published on a website called SnapchatDB.info after attackers took advantage of an exploit disclosed on the 23rd December 2013
Snapchat Says It's Improving Its App, Service To Prevent Future User Data Leaks(TechCrunch) Snapchat has released an official post about the recent leak of 4.6M usernames and phone numbers from its servers. The post blames what it says was 'abuse' of its API on the leak, but acknowledges that the way that it stores the information made it possible for a database of numbers to be used to sniff out usernames and match them up. Changes will be made to both Snapchat's apps
Alert (TA14-002A) Malware Targeting Point of Sale Systems(US CERT) When consumers purchase goods or services from a retailer, the transaction is processed through what are commonly referred to as Point of Sale (POS) systems. POS systems consist of the hardware (e.g. the equipment used to swipe a credit or debit card and the computer or mobile device attached to it) as well as the software that tells the hardware what to do with the information it captures
Developer Spams Google Play With Ripoffs Of Well–Known Apps…Again(TechCrunch) It's not uncommon to search the Google Play app store and find a number of knock–off or "fake" apps aiming to trick unsuspecting searchers into downloading them over the real thing — especially when the app in question isn't yet available on Android. But one developer really went out of his or her way over New Year's to fill the Android app marketplace with a number of rip–offs of big–name
TBR: SaaS Usage Disrupts Security Vendor Sales(Talkin' Cloud) Traditional security vendors may have a difficult 2014 (and beyond), thanks to cloud computing. According to a Technology Business Research (TBR) report, the rise of software–as–a–service (SaaS) has led organizations away from traditional security products in favor of—you guessed it—cloud–based security services.
Robocoin, The Bitcoin ATM, Is Heading To Hong Kong And Taiwan(TechCrunch) The first shipping bitcoin ATM, Robocoin, is landing in Hong Kong and Taiwan as the company expands its reach this January. They are planning further releases in Europe, Canada, and the US but, given Asia's clout in the BTC markets, this is definitely an interesting development. The first Robocoin landed in Vancouver where it's been a big hit and we wanted to see how things have been going for the
Technologies, Techniques, and Standards
Restrictive Deterrent Effects of a Warning Banner in an Attacked Computer System(Criminology) System trespassing by computer intruders is a growing concern among millions of Internet users. However, little research has employed criminological insights to explore the effectiveness of security means to deter unauthorized access to computer systems. Drawing on the deterrence perspective, we employ a large set of target computers built for the sole purpose of being attacked and conduct two independent experiments to investigate the influence of a warning banner on the progression, frequency, and duration of system trespassing incidents
Is U.S. Ready Rethink Sept. 11 Security Policies?(NPR via KERA News) President Obama says he will soon propose changes at the National Security Agency. Former contractor Edward Snowden's disclosure of NSA surveillance programs widespread criticism and prompted a review of the agency's operations by Congress, the courts, and the White House. NPR's Tom Gjelten looks at whether the country is now at a turning point, ready to rethink the security policies in place since 9/11
Reckless Reforms(Foreign Policy) Why the Obama administration should ignore recommendations from the panel it established to review NSA surveillance
Real ID enforcement to begin in April(FierceHomelandSecurity) Enforcement of the Real ID Act will be phased in starting in April under a schedule the Homeland Security Department released Dec. 20
Cyber deterrence and reserves corps strategy become law(FierceGovernmentIT) This year's national defense authorization act, signed into law by President Obama Dec. 26, includes Senate Armed Services Committee language requiring development of a new cyber attack deterrence policy
Yes, Virginia, there is privacy (I hope)(SC Magazine) It will be just after the start of this year that we all should hear President Obama's stance on recommendations made by the special advisory panel he created last year to review the surveillance programs of the National Security Agency
Top 10 Hacker Arrests in 2013(Hot for Security) It was a fruitful year for cyber–crime authorities worldwide, and notorious hackers were arrested with a weekly or even daily frequency. Neither Christmas nor New Year's Eve put an end to police effervescence in 2013 when it comes to busting cyber–criminals
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
FloCon 2014(, January 1, 1970) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...
NASA Langley Cyber Expo(Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...
Cybertech: Cyber Security Conference and Exhibition(, January 1, 1970) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.