The Syrian Electronic Army counted coup thrice against Microsoft over the weekend, hacking two of the company's official Twitter accounts and its TechNet blog.
Elsewhere in the Middle East, Israeli sources dismiss claims that Iran (or Iranian-inspired hacktivists) hacked Israeli airlines as "psychological warfare." (The reports were disturbing in that they boasted an ability to take down aircraft in flight.) And the Voice of Russia circulates unconfirmed reports that twenty-eight embassies in Tehran were infected with data-mining malware.
East-European cyber-criminal forum "Verified" is hacked and exposed by a rival gang.
Neiman Marcus and other US retailers report Target-like (although not Target-scale) data breaches. The Target caper continues to grow in size and seriousness: more than 100M records, many belonging to non-customers, are now believed to have been compromised. Target confirms finding malware in its point-of-sale devices. Some analysts call the known scope of the Target breach "the tip of the iceberg," and expect more retailers to discover similar problems in their own networks.
Yahoo! finds its exploitation by a Bitcoin-mining botnet more extensive than previously believed, with more infections outside Europe (mostly in Asia) than within.
An undocumented firmware backdoor is found in some Cisco routers; Cisco promises to close it as soon as possible.
Oracle will issue "hundreds" of patches tomorrow. (Microsoft is expected to release only four.)
Surveillance backlash continues to bedevil US companies' international market position. (Canadian firms seek to benefit). President Obama is expected to announce his plans for the future of surveillance policy this Friday.
Today's issue includes events affecting Australia, Brazil, Canada, China, France, Germany, Guyana, India, Iran, Israel, Japan, People's Democratic Republic of Korea, Republic of Korea, Netherlands, Norway, Pakistan, South Africa, Syria, United Kingdom, United States..
Cyber attackers prey on 28 embassies in Tehran(Voice of Russia) Twenty-eight embassies in the capital city of Iran were affected by a brand new cyber-attack. Emails regarding the conflict in Syria included data-mining malware which no defenses had been programmed in to combat this sort of attack
Hacked Cybercrime Forum Exposes Nearly 20,000 "Bad Actors"(SecurityWeek) Cyber-criminals targeted an online community and stole member information and login credentials from the site's forum database late Tuesday. What sets this attack apart from similar data breaches is the fact that the victims were part of a community of Eastern European cyber-criminals
Cryptolocker ransomware protection: A new reason for old advice(TechTarget) As with anything in technology, it is only a matter of time until a newer, faster version is available. Unfortunately, this is not always for the betterment of all. Earlier this year a new ransomware virus, called Cryptolocker, began infecting computers owned by individuals and businesses alike. Cryptolocker is a Trojan horse malware program that targets computers running Windows. It primarily comes from email, but can also be passed on through any type of file transfer and, when activated, encrypts files using RSA cryptography. A Cryptolocker ransomware attack could be devastating if a company is not properly protected
Target admits "there was malware on our point-of-sale registers"(Naked Security) The Target data breach story has turned into a bit of a bus: it's big, has lots of momentum, and three just came along at once. First: 40M payment card details stolen. Second: 70M names, addresses and the like stolen. Third: looks like there was a specialised botnet involved
Target planning 'significant changes' after data breach(CNBC via Reuters ) Target Corp plans to make "significant changes" in light of the data breach during the holiday shopping season when hackers stole personal information of millions of customers, the U.S. retailer's chief executive said in an interview with CNBC aired on Monday
Data breach at Target is under close investigative scrutiny(Daily Record) As computer experts peel back the layers of Target's massive data breach, federal and state law enforcement agencies are running parallel investigations to find the cyber criminals who infiltrated the retailer's computers
Six ways hackers try to break Secure Sockets Layer-encrypted data(TechTarget) Secure sockets layer (SSL) is used to protect millions of network users but how vulnerable is it? Over the last several years, there has been an array of attacks designed to subvert SSL. While the technology is fundamentally secure, attackers are always looking for loopholes to bypass security protocols and standards. And SSL is a big target. It is used to protect sensitive Hypertext Transfer Protocol (HTTP) traffic. Attackers, who like to think outside the box, are always seeking new ways to gain access to sensitive data. Let's look at some of the different ways that hackers are trying to break SSL
Mysterious Message Posted on UGNazi's Twitter: "We're Back"(Softpedia) The UGNazi hacker group made a lot of headlines back in 2012 after hacking the systems of several high-profile organizations by using some clever techniques. The group's activities stopped after some members, including Cosmo the God, were arrested
Root a Mac in 10 seconds or less(Patrick Mosca) Often times, physical access to a machine means game over. While people like to think that OSX is immune to most security threats, even Apple computers can be susceptible to physical attacks. Mac OSX is capable of booting into single user mode by holding a special key combination (Command-S). From this point, an attacker has root access to the entire computer. Note that this is not a security exploit, but rather an intentionally designed feature. While of course the intruder needs to be physically present, this can become a huge security problem
Network Time Protocol (NTP) Amplification Attacks(US-CERT) A vulnerability in the "monlist" feature of ntpd can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of this attack vector in recent DDoS attacks
Unwiped Mobile Devices a BYOD Risk(eSecurity Planet) Just 16 percent of adults who use mobile devices for work wipe data from old devices when they get a new one. It's important to educate employees about the BYOD risks this creates
The Future of Global Cyber-Security is in the Cloud(Forbes) Both hackers and antivirus makers were put on notice last week when two shining stars in the $67 billion worldwide cyber-security universe announced their merger. Milpitas, Calif.-based global network security company FireEye has acquired Washington, D.C.-based cyber-security firm Mandiant, which released a famous report last year about a Chinese military unit that allegedly pilfered data from at least 115 companies across major U.S. industries
Comment: Cybersecurity Lessons from the Financial Sector(InfoSecurity Magazine) Creating a cybersecurity policy is hard, largely because it's so difficult to define success. A national cybersecurity initiative should define the goals we want to achieve and provide incentives for the private and public sector to cooperate. According to Matthew Cohen of NT OBJECTives, once that is done, the private sector can do what it does best: compete to provide the most robust and cost-effective solutions to the problem
Would You Shout "My PIN Code Is 9876!" In The Street?(Forbes) Most readers I suspect are fairly unlikely to shout their PIN code or banking password in the middle of the street. Neither would you choose to go walking around town with banknotes hanging out of your pockets (this I should note is not a challenge). We have all learned whilst growing up that certain personal information or assets are better kept to ourselves and protected. Yet, the same can not be said for many people's behaviour online
It is time for more attention to be paid to cyber security(Stabroek News) Two years ago I suggested in this column that few Caribbean governments or companies were taking seriously the threat posed by cyber attack and cyber crime. This was despite evidence to suggest that the region was increasingly subject to damage by those who use the internet to breach national security, undertake criminal activity or behave maliciously
Enterprise computing in the post-Snowden era(ZDNet) Edward Snowden didn't just disclose embarrassing details about the NSA. He also exposed weaknesses in enterprise security. How much will things really change? It seems implausible that nothing will change in the NSA as a result of Edward Snowden's leaks of their practices. But those practices didn't affect just the government. In light of all that has happened you have to reexamine how your own business operates
The biggest challenge to IT security is marketing(Help Net Security) Most companies today are using social media and online marketing channels to tell their customers and prospects about what they do. From company Twitter accounts, LinkedIn profiles through to website CMS or marketing automation platforms, all these tools have two things in common: one, they are essential to running marketing. Two, they are all outside the control of the IT department
Trends in Targeted Attacks: 2013(FireEye Blog) FireEye has been busy over the last year. We have tracked malware-based espionage campaigns and published research papers on numerous advanced threat actors. We chopped through Poison Ivy, documented a cyber arms dealer, and revealed that Operation Ke3chang had targeted Ministries of Foreign Affairs in Europe
Canada courting U.S. web giants in wake of NSA spy scandal(The Toronto Star) U.S. industry stands to lose billions as companies spooked by security leaks seek to store banks of personal data outside U.S. The Canadian government is trying to profit from the National Security Agency spy scandal south of the border by luring frustrated American web titans such as Google and Facebook into storing sensitive banks of personal information outside the United States, the Toronto Star has learned
Internet chieftains press Obama over NSA spy swoops(AFP via Digital Journal) Bosses from Internet giants including Twitter and Facebook Tuesday pressed President Barack Obama for reforms of US spy agency snooping, adding to rising heat from the courts and American allies
No NSA fears as tech hawks data-hungry devices(Politico) The most significant privacy debate in recent history is rattling an NSA-wary Washington, but you wouldn't have known it here at one of the largest tech gatherings in the world
With Watson, Is IBM Riding Right Wave?(InformationWeek) IBM bets that its Watson technology will ride the cognitive-computing wave to commercial success — while rivals gear up for the connected-computing era
CyberRX: First industry-wide healthcare cyber attack exercise(Help Net Security) HITRUST will lead an industry-wide effort to conduct exercises to simulate cyber attacks on healthcare organizations, named CyberRX. The results will be used to evaluate the industry's response and threat preparedness against attacks and attempts to disrupt U.S. healthcare industry operations
Twitter Security and Privacy Settings You Need to Know(Threatpost) To kick off the new year, we are restarting our tutorial screencast series where we attempt to briefly walk users through the process of locking down their various online accounts. Today's video, which is just slightly longer than we had hoped, thoroughly details the steps necessary to ensure that your Twitter account is as private and secure as possible
The Potential of Social Network Analysis in Intelligence(OODA Loop) The legality of the National Security Agency's (NSA's) use of US citizens' metadata to identify and track foreign intelligence organizations and their operatives is currently a subject of much debate. Less well understood (and consequently routinely misreported) are the capabilities and limitations of social network analysis, the methodology often used to evaluate this metadata
Take steps to defend your network using DHCP snooping(TechTarget) The numbers vary on whether insiders or outsiders are the greater security threat to the enterprise, and the line continues to blur. And if an organization has architected its network in a way that includes using insecure systems and protocols, the network infrastructure could be at risk. For example, sometimes securing a Layer 2 protocol like Dynamic Host Configuration Protocol (DHCP) is overlooked. DHCP is an example of a helper protocol that works in the background, and most end users don't give much thought to it. The fact that it doesn't get much attention means it's a potential attack vector that may go unnoticed. DHCP snooping is one such control that can be used to prevent many common attacks
IEEE approves update to 802.11ac for faster Wi-Fi(FierceCIO: TechWatch) The IEEE officially approved the 802.11ac -2013 update for up to 7Gbps of theoretical wireless data rates over the 5GHz Wi-Fi spectrum, reports Enterprise Networking Planet. An addendum to the initial 802.11ac specification, the new specification gets its speed boost primarily from the use of Multi User, Multiple-Input, Multiple-Output (MU-MIMO) technology, which supports the use of multiple concurrent downlink transmissions
Air Force Academy's cyber team reaches rare heights(Stars and Stripes) The team practices four days a week, two hours at a crack. Members hone their speed and skills, with each gaining specialized skills. And they only sweat when an Internet server crashes
Critical sectors get cyber attack protection(Hindustan Times) The government has cleared a proposal to put technical-spying agency NTRO in charge of securing the IT installations of key infrastructure bodies including telecommunications, power, railways and airports
Don't let data protection turn into protectionism(Xinhuanet) We live in a global, digitally networked world. Cloud, mobile and in-memory technologies are its engines. Our new world has no boundaries; there is a huge potential for growth, employment and new business models. But it also comes with challenges for policy and industry. In response to leaks about the US National Security Agency's widespread surveillance, there have been lots of understandable concerns. Unfortunately, some parties have suggested building fortresses around national data
President Obama May Introduce Major NSA Changes On Friday(Tapscape) Intrusive surveillance programs implemented by the National Security Agency (NSA) have been a point of controversy throughout the past year. Amid the controversy and outrage from US citizens as well as the citizens of the US's allies, President Obama will reportedly introduce massive reform for the NSA this coming Friday
Obama to speak on NSA reforms Jan. 17(The Washington Post) President Obama will deliver his highly anticipated speech on National Security Agency reforms Jan. 17, White House press secretary Jay Carney said Friday
What will happen to NSA programs? That's a secret(MSNBC) More than six months after the leaks from former National Security Agency contractor Edward Snowden began, critics and supporters of the NSA are waiting for President Obama to announce what changes to government surveillance policies he can support
Why Hasn't Obama Reined in NSA?(Huffington Post) After the 2008 election, Barack Obama supporters had high expectations for his national-security policy. We thought he'd end U.S. involvement in Iraq and Afghanistan, and open talks with Iran. We expected he would close down Guantanamo and end the National Security Agency's (NSA) domestic surveillance program that collects Americans' phone and email data. He's accomplished some of these objectives but he hasn't reined in the NSA
The limits of President Obama's power on NSA reform(Politico) President Barack Obama on Friday will try to put the ongoing surveillance controversy behind him, laying out reforms to U.S. intelligence-gathering activities aimed at reassuring Americans that his administration will right the balance between civil liberties and national security. But Obama's powers have significant limits
I Spent Two Hours Talking With NSA's Big Wigs. Here's What's Got Them Mad(Wired) My expectations were low when I asked the National Security Agency to cooperate with my story on the impact of Edward Snowden's leaks on the tech industry. During the 1990s, I had been working on a book, Crypto, which dove deep into cryptography policy, and it took me years — years! — to get an interview with an employee crucial to my narrative. I couldn't quote him, but he provided invaluable background on the Clipper Chip, an ill-fated NSA encryption runaround that purported to strike a balance between protecting personal privacy and maintaining national security
U.S. Senators Implore Obama to Rein in NSA Surveillance(Mashable) Three U.S. senators say they think it's time for U.S. President Barack Obama to rein in the National Security Agency's surveillance tactics. The three Democrats, Sen. Mark Udall of Colorado, Ron Wyden of Oregon and Martin Heinrich of New Mexico, wrote a letter to Obama earlier this week, urging him to follow the advice of an independent panel that recently recommended ending the NSA's bulk telephone metadata collection and storage program, as well as other proposed NSA reforms. Each of the three senators sits on the U.S. Senate Select Committee on Intelligence
Working With Law Enforcement In 2014 And Beyond(TrendLabs Security Intelligence Blog) Last December, I spoke at a cybersecurity summit sponsored by the International Telecommunications Union (ITU) in Baku, Azerbaijan. I was there to discuss one thing that Trend Micro will focus on in 2014 and beyond: how we can we work together with law enforcement to stop cybercrime
French Privacy Watchdog Fines Google €150,000(Search Engine Watch) Google has been fined €150,000 (roughly $203,000) by the French data protection authority after it ruled that the firm doesn't comply with the country's data protection laws
Intel panel: DOD report finds Snowden leaks helped terrorists(The Hill) Edward Snowden's leaks about National Security Agency programs have put U.S. troops at risk and prompted terrorists to change their tactics, according to a classified Pentagon report. House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-[Md.]) said that the Pentagon report found a significant portion of the 1.7 million documents Snowden took were related to current U.S. military operations
Carafano: Snowden is a traitor in all but name(The Statesman) Edward Snowden stole hundreds of thousands of American secrets and sprinkled them across the Internet. Should he be considered a traitor?
The Australian government thinks so. Snowden's revelation of highly sensitive intelligence operations "down under" led Australian Federal Attorney-General George Brandis to brand the former National Security Agency contractor an "American traitor"
After 30 Years of Silence, the Original NSA Whistleblower Looks Back(Gawker) The four-story brownstone at 141 East 37th Street in Manhattan has no remarkable features: a plain building on a quiet tree-lined street in the shadow of the Empire State Building. In the summer of 1920, Herbert O. Yardley, a government codebreaker, moved in with a gang of math geniuses and began deciphering intercepted Japanese diplomatic telegrams. This was the Black Chamber, America's first civilian code-breaking agency. From this was born the American surveillance state, and eventually the sprawling National Security Agency, which you may have heard about recently
Hacker hijacked YouTube channels to milk AdSense for money(Naked Security) A US man, Matthew A. Buchanan, has admitted that he and his accomplice jimmied open YouTube accounts via Google's password recovery process. They also hacked AOL email, right on up to the inbox of the AOL CEO himself
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
FloCon2014(Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...
NASA Langley Cyber Expo(Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...
Federal Intel Summit(, January 1, 1970) The Potomac Officers Club is proud to host the 2014 Federal Intel Summit featuring Congressman Mike Rogers and leadership from across the Federal Agencies focused on protecting our national interests.
Federal Mobile Computing Summit(, January 1, 1970) The Federal Mobile Computing Summit: Digital Government Strategy II will feature government leaders who played an instrumental role in the development of the DGS and worked on the resulting deliverables.
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.