skip navigation

More signal. Less noise.

Daily briefing.

CryptoLocker continues to wreak damage as it strikes a New Hampshire town hall, effectively wiping out eight years of files. Unfortunately it's not the only ransomware kit out there, and it may not be the worst: two competitors, PrisonLocker and PowerLocker, have been observed in criminal markets, and others are thought to be under development.

Follow-up phishing is underway in two recent pay card breaches, JP Morgan Chase and Target.

Last week's denial-of-service attacks on online gaming services didn't involve data theft, but a new World-of-Warcraft attack does: a Trojanized Curse client steals player login credentials.

Webroot sees a spike in Zeus vectors spoofing Bitdefender anti-virus software.

Guccifer returns with more celebrity hacks. Romanian intelligence services say they'll get him.

Yahoo reports it's removed the malware from its ad servers. While the infection lasted, it reportedly infected 27k users per hour, mostly in Europe, and mostly via PCs.

Citing regional governments' (particularly Iran's) heavy use of covert cyber operations, the Center for Strategic and International Studies publishes a report identifying the Arabian Gulf as a major flashpoint for cyber conflict.

Cyber mergers and acquisitions continue, although none as big as FireEye's acquisition of Mandiant last week. Blue Coat has bought Norman Shark, and Palo Alto Networks has picked up Morta Security. Analysts see the latter as a riposte to FireEye. VUPEN lists a number of zero-days for sale (and helpfully notes where they fit into the Wassenaar export control regime).

The US FAA's aviation safety data-sharing program needs better anonymous sharing.

Notes.

Today's issue includes events affecting Bahrain, Canada, China, France, Iran, Iraq, Ireland, Israel, Japan, Kuwait, Oman, Qatar, Romania, Russia, Saudi Arabia, Syria, Tajikistan, United Arab Emirates, United Kingdom, United States..

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Federal Mobile Computing Summit (, January 1, 1970) The Federal Mobile Computing Summit: Digital Government Strategy II will feature government leaders who played an instrumental role in the development of the DGS and worked on the resulting deliverables.

FloCon2014 (Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...

NASA Langley Cyber Expo (Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...

Federal Intel Summit (, January 1, 1970) The Potomac Officers Club is proud to host the 2014 Federal Intel Summit featuring Congressman Mike Rogers and leadership from across the Federal Agencies focused on protecting our national interests.

cybergamut Tech Tuesday: Malware Reverse Engineering: An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (, January 1, 1970) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer...

Cybertech: Cyber Security Conference and Exhibition (, January 1, 1970) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.