US Attorney General Holder says his Department is investigating the Target hack. Target describes how hackers got into its systems—stolen vendor credentials were involved. Krebs thinks a widespread backdoor in server software may also be implicated.
Social engineering of GoDaddy and PayPal appear responsible for one gentleman's loss of his famous, valuable, and much-coveted Twitter handle, "@N."
Kaspersky Labs discuss wipers, a malware genre noted for its motiveless malice and lack of rational criminal purpose.
The Register goggles at how much IKEA wants to know about customers' digital lives (more than GCHQ wants to know about HM enemies, el Reg suggests with typically endearing hyperbole).
The tension between security and trade in a globalized marketplace dominates industry news. The UK courts Brazilian tech firms (to bring jobs to Britain), and Israel works to attract investment and increase cyber exports. The US Defense Department's new procurement rules are intended to build security into acquisitions early, and suggest such measures as baselining and continuous monitoring.
But the most interesting story involves China's Lenovo, which, having added IBM's commodity server business to its portfolio, now pays Google $3B for Motorola. IBM bets on the cloud, Google on AI, Lenovo on enterprise mobility. Lenovo's acquisitions face close US regulatory scrutiny.
In what might be called "semi-active" defense, researchers debut "honey encryption"—spoofed data to gull attackers.
The US surveillance policy debate continues. Privacy advocates are somehow surprised President Obama didn't address compromised crypto in his State of the Union.
German intelligence services face surveillance litigation.
Today's issue includes events affecting Brazil, Bulgaria, China, European Union, Germany, Ireland, Israel, Japan, Poland, Russia, Sweden, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Target says attackers stole vendor credentials(ComputerWorld) Target said Wednesday that intruders accessed its systems by using credentials "stolen" from a vendor, one of the first details the retailer has revealed about how hackers got inside
DHS Report Researcher: Retailers at Risk(BankInfoSecurity) Retail data breaches are growing. ISight Partners' Tiffany Jones, a researcher who helped the Department of Homeland Security prepare its report about malware attacks, offers new insight into the latest cyber-attacks
PayPal and GoDaddy may have cost one man his '$50,000' Twitter account(The Verge) Naoki Hiroshima had owned a rare Twitter account for around seven years. It was one that someone allegedly wanted to purchase for $50,000. Despite numerous attempts by attackers to steal his @N handle over the years, Hiroshima had managed to prevent anyone from gaining access to the account. That was until just over a week ago. "While eating lunch on January 20th, 2014, I received a text message from PayPal for a one-time validation code," explains Hiroshima. "Somebody was trying to steal my PayPal account. I ignored it and continued eating." That was the first sign of what would become a painful experience
NEUREVT Bot Analysis(Fortinet Security Research) Neurevt (also known as Beta Bot) is an HTTP bot 1 which entered the underground market around March 2013 and which is priced relatively cheaply 2. Though still in its testing phase, the bot already has a lot of functionalities along with an extendable and flexible infrastructure
Check Point Session Authentication Agent Vulnerability(Intelligent Exploit) Check Point Session Authentication agent is a service that is installed on endpoint system in order to communicate with security gateway and allow it to request and obtain user's credentials. Session Authentication is a part of Legacy Authentication suite which provides different authentication methods to allow or deny access to network resources
Some Malware Just Wants to Watch the World Burn(Kaspersky Lab Daily) To summarize Costin Raiu, the director of Kaspersky Lab's research arm, the vast majority of malicious files are what he calls crimeware — computer programs deployed by cybercriminals seeking to make a profit by stealing credentials, data, resources, or money directly. The second most prevalent category of malicious software is designed exclusively for cyber-espionage and is used by a variety of advanced threat actors — often with state, corporate, or other deep-pocketed benefactors. Then there is a third, much smaller category of purely destructive malware — sometimes called wipers
Email Worm Varies Attack Messages(Industrial Safety and Security Source) An email worm called NetSky is sending out various kinds of malicious emails to the same address. One case in point is a malicious email supposedly came from PayPal, then one from USA Hosting and one from Symantec, said researchers at Kaspersky Lab
Using USB Modems to Phish and Send Malicious SMS Messages(Threatpost) Some USB modems can be leveraged to send malicious SMS messages and carry out spear-phishing attacks — sometimes in conjunction with each other — thanks to a cross site request forgery vulnerability present in the device's web interfaces
Does the Twitter Follower Scam Actually Work?(TrendLabs Security Intelligence Blog) We've seen "get Twitter followers" scams in the past, but a recent one stood out for a very good reason: it actually delivers what it promises—and then some
Many Android apps can track your location, access photos(Help Net Security) An alarming proportion of Android applications can find and open private photographs on smartphones, track users' locations, divulge e-mail addresses over the internet and leak address books and phone logs, according to an analysis of 836,021 Play Store Android applications
Security Patches, Mitigations, and Software Updates
RCS removes Selector Java vulnerability(Radio Today) RCS has taken steps to remove the last few remaining pieces of Java from its music scheduler, Selector 15, citing recently stated "zero-day vulnerability" security concerns
Data mining the future with security predictions(Help Net Security) It has become somewhat of a tradition for information security vendors to pull out their crystal balls at the end of each year and do their best to predict interesting developments and threats for the coming months. It is also becoming a tradition for the security community to greet those predictions with emotions ranging from skepticism to sarcasm but in doing so we may actually miss out on an opportunity to better anticipate developing risks. That said, we need to watch out for hidden agendas embedded in those predictions of course
3 reasons for the demise of patient privacy(FierceHealthIT) Several factors have contributed to the demise of patient privacy in recent years, according to software analyst and healthcare blogger Shahid Shah (a.k.a., The Health IT Guy)
Top Cloud Security Threats(Sys-Con) To say that cloud security for cloud computing is gaining traction would be the understatement of our era
How COTS endangers national security(Federal Times) I have long said that if you look at all the disclosures of cyber attacks and breaches, you may not have an accurate view of the current state of this national security threat. Well, last year CNBC posted a piece titled "Cyberattacks: Why Companies Keep Quiet" that expressed the same concern
6 ways to build security into acquisition(Federal Times) A report released on Jan. 29 lays out six recommendations for incorporating security standards into the government's acquisition process, including one that would ensure agencies do business only with companies that meet baseline security standards
Lenovo rolls the dice twice on US national security clearance for Motorola and IBM deals(Quartz) Lenovo's surprise deal to buy the Motorola smartphone business from Google is the Chinese firm's second high-profile acquisition of an American business, coming a few days after it agreed to take over IBM's low-end server unit. As for any purchase by a foreign company, Lenovo will need national security clearance from the US government for the deals to go ahead—and with China, internet infrastructure, and mobile phones involved, it's going to be a contentious process
Why Google just sold Motorola to Lenovo for $3 billion(Quartz) Well this is unexpected. Google is selling Motorola, the iconic handset maker it bought for $12.5 billion in May of 2012, to Chinese PC maker Lenovo for $2.91 billion. Google CEO Larry Page has penned a short note about the sale, but he doesn't get into details. Here's why the deal makes sense
Second Time's The Charm For Lenovo's Motorola Deal(TechCrunch) Lenovo's aspirations for an established mobile handset company goes back a few years. According to a report published by the WSJ, Lenovo competed with Google for Motorola Mobility in 2011. Then just last October Lenovo submitted an offer for BlackBerry. That deal also fell through. However, Lenovo's search ended last Thanksgiving when Google Chairman Eric Schmidt called Yang Yuanqing, Lenovo's
Lenovo's Motorola Mobility Buy Is Partly About The Chance To Own The Enterprise Mobile Market(TechCrunch) Lenovo's ThinkPad is the brand of choice when it comes to enterprise notebooks — Dell has a strong footing still, to be sure, but Lenovo dominated the PC market in 2013, followed by HP and then Dell. The acquisition of Motorola Mobility today gives them a chance to parlay that success in the traditional computing world into the booming enterprise hotspot of mobile tech
Will BlackBerry's comeback strategy work?(FierceMobileIT) The year 2013 was not a banner year for BlackBerry. After launching its much touted BlackBerry 10 smartphones at the beginning of the year, the Canadian mobility firm failed to get consumer traction with its all-touch Z10 smartphone
Israel's Cyber-Security Prowess Is Attracting Foreign Firms(Bloomberg) Israel's cyber-security industry has grown from a few dozen companies to more than 200 in just the past three years amid a flood of hacks targeted at the country. As Israeli Prime Minister Benjamin Netanyahu welcomes more outsiders to invest in or collaborate with the country's cyber-defense industry, a Big Four professional-services firm, Deloitte Touche Tohmatsu, is stepping up to the plate
IBM and Lockheed Martin Invest In Israeli Cyber Complex(SecurityWeek) Israel Prime Minister Benjamin Netanyahu and Ben-Gurion University of the Negev President Rivka Carmi this week announced the establishment of a national cyber complex in Beer-Sheva, called CyberSpark, Ben-Gurion University of the Negev said Tuesday
Latest Enhancements Position MegaCryption as Best-In-Class Encryption Software for Big Data(PRWeb) Advanced Software Products Group's (ASPG) latest announced enhancements to MegaCryption simultaneously offer increased protection and increased ease of use to creators and consumers of Big Data. The enhancements include increased centralization of cryptographic key portability and interoperability, as well as increased support for both hashing and symmetric algorithms
Safe surfing: Tips to protect your children on the internet.(Women's World) Most parents these days will remember the mantras of their childhood being 'stop, look, listen' and 'don't take sweets from strangers'. The outside world was somewhere to be weary of. Now, the outside world is right there on a screen in your home
Four easy ways to protect your Mac from malware(Sophos Blogs) It's true that malware is less common on Macs than on Windows or Android. But that doesn't mean Macs are inherently more secure, or that Mac users should take their security for granted
Anthropology and Algorithms: On Reverse Engineering(Medium) The Atlantic welcomed 2014 with a major feature on web behemoth Netflix. If you didn't know, Netflix has developed a system for tagging movies and for assembling those tags into phrases that look like hyper-specific genre names: Visually-striking Foreign Nostalgic Dramas, Critically-acclaimed Emotional Underdog Movies, Romantic Chinese Crime Movies, and so on. The sometimes absurd specificity of these names (or "altgenres," as Netflix calls them) is one of the peculiar pleasures of the contemporary web, recalling the early days of website directories and Usenet newsgroups, when it seemed like the internet would be a grand hotel, providing a room for any conceivable niche
Obama Stays Silent on Reform of NSA's Crypto Subversion(Wired) President Barack Obama in his State of the Union on Tuesday failed to address needed surveillance reforms concerning NSA-introduced cryptography vulnerabilities. Privacy advocates and business interests were crossing their fingers that the chief executive would announce he was following the
OWASP Statement on the Security of the Internet(OWASP) The OWASP (Open Web Application Security Project, www.owasp.org) community cares deeply about how much people can trust commonly used Internet services and the applications that provide and use these services. The reports about large-scale intelligence activities targeting Internet communication and applications and possible attempts to undermine cryptographic algorithms leave us deeply concerned. We knew about the interception of targeted individuals and other monitoring activities, however, the scale of recently reported activities and the possibility of active undermining of the security of deployed applications are alarming
Startups get two year delay on government eavesdropping disclosures(FierceBigData) It's no secret that U.S. Internet giants and technology companies are catching a lot of heat about their role, voluntary or not, in government eavesdropping. Therefore no one blames Google, Facebook, Yahoo and Microsoft for striking a deal with the Obama administration to disclose government data requests to the public. However, startups are not getting quite the same deal, which makes one wonder why
Israel to Create Cyber Attack Emergency-Response Team(Mashable) As part of Israel's program to deal with rising cyber threats, the government is putting together a task force to help citizens and businesses cope. The country's National Cyber Bureau plans to establish cyber-emergency response teams this year that will specialize in handling different kinds of hacks, said Rami Efrati, the head of the bureau's civilian division
GAO: Protect next-gen 911 from cyberattack(FCW) The Government Accountability Office wants the Department of Homeland Security to work with the departments of Commerce, Justice, and Transportation and the Federal Communications Commission to ensure next-generation, IP-based 911 emergency response systems are not vulnerable to cyberattack
No, Edward Snowden Doesn't Deserve The Nobel Peace Prize(Forbes) Once again, Edward Snowden has been nominated for the Nobel Peace Prize. Bloomberg reports that "Norwegian parliamentarians Snorre Valen and Baard Vegar Solhjell nominated Snowden for the award — the same honor Obama himself
Snow Job(Politico) It's time to blow the whistle on Edward Snowden
No known threats, but Super Bowl transit security ramped up(Newsday) Law enforcement officials are beefing up Super Bowl security measures for the mass transit system after suicide bombings in Russia in the weeks before the Sochi Olympics, though there are no known terrorism threats against Sunday's big game.
SpyEye Creator Got 'Sloppy,' Then Got Nabbed(Dark Reading) Russian national behind the infamous crimeware kit pleads guilty to conspiracy to commit wire and bank fraud in his role as primary developer and distributor of SpyEye
Payment Card Fraud Ring Busted in Poland(eSecurity Planet) Five Bulgarian citizens are accused of using stolen financial data to create counterfeit payment cards and make illegal electronic transactions
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Free OWASP Training and Meet Up(San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...
Cloud Expo Europe(, January 1, 1970) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex...
Veritas 2014(, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...
Cybertech — Cyber Security Conference and Exhibition(Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...
U.S. Census Data Protection & Privacy Day(Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...
2014 Cybersecurity Innovation Forum(Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.
Cyber Training Forum at NGA(Springfield, Virginia, USA, February 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence...
U.S. Department of Commerce Technology Expo(, January 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact...
Cyber Security 2014(, January 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security...
Security Analyst Summit 2014(Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.
FBI HQ Cloud Computing Vendor Day(, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...
RSA Conference USA(San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...
Nellis AFB Technology & Cyber Security Expo(, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...
Trustworthy Technology Conference(, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...
Creech AFB Technology & Cyber Security Expo(, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.