The Energetic Bear campaign, a.k.a. DragonFly, draws comparison to Stuxnet. Although so far apparently used mostly for espionage, its association with Havex ICS malware gives it a more active, dangerous potential. Suspicion remains on Russian intelligence organs.
Taiwan has suffered from Dropbox exploits. Suspicious eyes look at China.
Saudi Arabia gets a new intelligence chief: job one will be collecting and operating against ISIS/ISIL's self-proclaimed caliphate.
While everyone was looking at the World Cup, criminals busily pilfered a great deal of money via small-scale Brazilian cyber fraud.
The healthcare sector is warned that a major attack is inevitable, that it poses a legal risk second only to major malpractice, and that security is a relative thing: the soft, slow sector targets will be hit first.
Russia moves to ban services that don't host personal data in Russia, a foreseeable move that promotes autarky and (more importantly) eases surveillance.
Facebook's emotional contagion study attracts ill will, skepticism, and (in the UK) legal scrutiny.
Other ill will follows PayPal's (quickly rescinded) suspension of crowd-funded crypto-email service ProtonMail and Microsoft's (now apologized for) sinkholing of No-IP domains. The former seemed prompted by heebie-jeebies over large-scale crowd-funding, and the latter by over-aggressive response to a relatively low-level of user abuse. Both episodes provide useful reminders that (1) a lot (most?) of critical cyber infrastructure is in private hands, (2) novel business models are easily misunderstood, and (3) active measures against cyber crime carry non-trivial risk of collateral damage.
GCHQ and NSA face new lawsuits.
Today's issue includes events affecting Australia, Austria, Brazil, China, European Union, Republic of Korea, Netherlands, Russia, Switzerland, Taiwan, United Kingdom, United States..
The CyberWire will take a break this Friday as we observe US Independence Day, with normal publication returning Monday. We also continue to look forward to covering the SINET Innovation Summit, "connecting Wall Street, Silicon Valley and the Beltway," in New York on July 17. US Deputy Energy Secretary Daniel Ponemon and US NSA Director Admiral Michael S. Rogers will deliver the keynotes.
The threat to Taiwan's information security in CSSTA(Taiwan News) As Next Media Group and the Apple Daily in Hong Kong and Taiwan assessed the damage from two consecutive days of large-scale cyber attacks late last week, an investigation by security units in Taiwan pointed to a cyber warfare unit in China as the likely culprit in one of the most massive direct denial of service (DDoS) attacks in the history of the Internet
Dropbox Used to Attack Taiwanese Government(Fresh Business Thinking) The cloud storage service, Dropbox, is being used to command and control a cyber attack on the Taiwanese government, according to a cyber security expert
Facebook SDK flaw allows unauthorized access to Facebook accounts(Help Net Security) MetaIntell has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user's Facebook account using a session hijacking method that leverages the Facebook Access Token (FAT)
Geodo infostealer gets help from worm(Help Net Security) The distribution potential of the infamous Cridex infostealer (also known as Feodo or Bugat) just went up a notch, as a new version of the malware works in conjunction with a worm that sends out emails with a link to download a zip file containing the trojan
Botnet Advancements — The latest trends in botnet activities(Trend Micro: Simply Security) In my previous post I discussed the basics of a botnet in which we included an infographic giving you a visual representation of how botnets are formed, how they work, and how to not become a zombie. In this new post, I'm going to dive a bit deeper into the latest trends we've seen with cybercriminals use of botnets and some of the latest statistics we've gathered over the first half of this year
Brazilian 'Boleto' Bandits Bilk Billions(Krebs on Security) With the eyes of the world trained on Brazil for the 2014 FIFA World Cup, it seems a fitting time to spotlight a growing form of computer fraud that's giving Brazilian banks and consumers a run for their money. Today's post looks at new research into a mostly small-time cybercrime practice that in the aggregate appears to have netted thieves the equivalent of billions of dollars over the past two years
DOWNAD Tops Malware Spam Source in Q2 2014(TrendLabs Security Intelligence Blog) DOWNAD, also known as Conficker remains to be one of the top 3 malware that affects enterprises and small and medium businesses. This is attributed to the fact that a number of companies are still using Windows XP, susceptible to this threat
The 5 Biggest Cybersecurity Myths, Debunked(Wired) "A domain for the nerds." That is how the Internet used to be viewed back in the early 1990s, until all the rest of us began to use and depend on it. But this quote is from a White House official earlier this year describing how cybersecurity is too often viewed today. And therein lies the problem, and the needed solution
Big cyber hack of health records is 'only a matter of time'(Politico) The health world is flirting with disaster, say the experts who monitor crime in cyberspace. A hack that exposes the medical and financial records of tens of thousands of patients is coming, they say — it's only a matter of when
Better put on your running shoes(Insurance News Net) Most health organizations fully understand that they are at great risk in terms of cyber attacks, but few possess the proper perspective in terms of developing an effective cyber attack defense plan. Paul Calatayud, Chief Information Security Officer, Surescripts, perhaps puts it best when he says, "Preparing for a cyber attack is like preparing for a bear attack. You don't train to fight the bear. You prepare to be faster than the guy standing next to you"
New KnowBe4 Survey Shows IT Pros Concern Over Ransomware Skyrocketing(Insurance News Net) A new survey by IT Security company KnowBe4 shows the growing alarm among IT Pros about the threat of ransomware like the infamous CryptoLocker. The KnowBe4 June 2014 survey over 300 IT Pros compared the levels of concern over ransomware to a similar survey by IT Security company Webroot in January this year. The study showed the rapidly growing apprehension over ransomware, rising to to 73% from 48% of those who are very or extremely concerned about it. Nearly half of the IT professionals surveyed know someone who has experienced a ransomware attack and it worries them more now with 88% expecting ransomware to increase for the remainder of the year compared to 66% at the start of this year
The "internet of things" may not always need an internet connection(Quartz) The "internet of things" is one of those odd phrases that can mean many things and nothing at the same time. On one hand, it describes a future that is rapidly becoming the present, with all sorts of objects—from televisions and watches to cups and streetlights—able to connect to the internet. On the other hand, it is used a marketing tactic by chip-makers and networking companies eager to sell their wares. Between 26 and 50 million "things" will be connected to the internet by 2020, according to various forecasts
Palo Alto: Morgan Stanley Ups Target to $105 on Product Cycle, Sales Ramp(Barron's) Shares of networking security vendor Palo Alto Networks (PANW) are higher by $4.21, or over 5%, at $85.42, after Morgan Stanley's Keith Weiss this morning reiterated an Overweight rating on the stock, and raised his price target to $105 from $90, writing that a combination of multiple new products and slower growth in its costs could boost free cash flow 45% next year
Corero DDoS Defense System Wins Two Hot Companies and Best Products Awards from Network Products Guide(Wall Street Journal) Corero Network Security (LSE: CNS), a leading provider of First Line of Defense® security solutions, today announced that its DDoS Defense System was selected for two of Network Products Guide's 2014 Hot Companies and Best Products Awards. The solution won silver in the "IT Products and Services for Enterprise (Medium)" and "IT Products and Services for Finance, Banking and Insurance" categories. These industry and peer recognitions from Network Products Guide honor the achievements of organizations across the IT industry
Tenable Network Security Named a Top Workplace by The Washington Post(MarketWatch) Tenable Network Security®, Inc., the leader in continuous network monitoring, has been selected as one of The Washington Post Top Workplaces based on ratings by its employees. Tenable also received the The Washington Post's special award for leadership for a midsized company. The Post reached out to thousands of employees from 244 businesses to help analyze how the area's top organizations are shaping the future of the workplace
Encryptics Names John D. Cohen Chief Strategy Advisor(Digital Journal) Encryptics, a provider of patented data privacy and protection services for businesses and government entities, has named John D. Cohen as the company's Chief Strategy Advisor. In this role, Cohen will be responsible for continuing to position its data encryption technology at the forefront of the cybersecurity landscape for private and public companies, governments, and public safety entities
Q2 Partners with Easy Solutions to Expand Secure Virtual Banking Offerings(Wall Street Journal) Easy Solutions®, the Total Fraud Protection® company, and Q2 (NYSE: QTWO), a leading provider of secure virtual banking solutions for regional and community financial institutions, today announced a partnership to provide omni-channel fraud prevention solutions to Q2's roster of more than 340 financial institutions. Easy Solutions' award-winning platform is designed to protect organizations against the most sophisticated forms of electronic fraud
Windows XP user don't care about security updates — market share stable(myce) The amount of Windows XP systems has remained stable in June, according to market researcher Net Applications. The company reports the exact same market share of XP in June as in May this year. According to the company the amount of Windows XP systems makes up 25.3% of the market
FireEye Combines Advanced Threat Protection With Traditional Email Security to Deliver Comprehensive Email Threat Prevention Cloud(Wall Street Journal) FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the new release of FireEye® Email Threat Prevention Cloud™ that adds the traditional email security features of anti-spam and anti-virus protection to its advanced threat detection capabilities. Now generally available, the latest update to FireEye Email Threat Prevention Cloud creates the only secure email gateway solution that utilizes the FireEye Multi-vector Virtual Execution(TM) (MVX) engine and FireEye Dynamic Threat Intelligence(TM) (DTI) cloud
IEEE launches Anti-Malware Support Service(Help Net Security) IEEE announced the launch of IEEE Anti-Malware Support Service (AMSS). A new service from IEEE Standards Association's (IEEE-SA) Industry Connections Security Group (ICSG), AMSS is designed to increase the availability of and access to stronger cryptographic and metadata cybersecurity tools and resources, as well as to unite key computer security stakeholders in the development of new ones
Lunarline's School of Cyber Security Offers NEW Malware Analysis Course(MarketWatch) We at Lunarline are thrilled to announce that the Lunarline School of Cyber Security (SCS) is now offering a new Malware Analysis Course. This 4-day hands-on course provides students with insight into advanced static analysis methodologies, techniques for researching active malware, and real-life examples of malware capabilities and characteristics
MegaCryption 6.4.1 Excels With Additions to Utilities, Algorithms, Key Management, and PGP Encryption Options(Digital Journal) Advanced Software Products Group (ASPG) has announced the latest release of MegaCryption, its robust encryption solution for z/OS, UNIX, LINUX, and Windows platforms. MegaCryption 6.4.1 developments include increased key storage and creation options, accelerated speed for OpenPGP decryption, enhancements to ISPF, as well as additional JCL procedures. With these enhancements, data centers are presented with an array of dynamic features to increase encryption/decryption speed, key management options, and accessibility of cryptographic approaches
10 Steps for Protecting Executives from Risks Using Cyber Threat Intelligence(Cyveillance Blog) As the lines between digital and physical threats progressively blur, forward-thinking executive protection professionals are increasingly recognizing the value of using digital threat intelligence to identify, analyze, and manage threat information. So, what can security professionals do to better defend the executives and employees they're entrusted to protect? Here are 10 steps
Ovum: Facebook big data experiment may have tragic consequences for mentally ill users(FierceBigData) I get doing research on Facebook to understand more about customers in particular and humanity in general. I also get using marketing techniques such as A/B and multivariate testing on Facebook to improve user response to ads. But manipulating the Facebook news stream to deliberately over-expose users to positive or negative posts in order to evaluate the effects on their emotional responses is definitely taking things too far. Facebook wants our data in turn for the free service—a market exchange—but no one signed up to be their lab rats for any experimentation Facebook can cook up
Cyber competition enriches UCA campus( Log Cabin Democrat) Homeland Security official, Robin "Montana" Williams visited UCA last week to instruct and empower students in a week-long robotic competition
Legislation, Policy, and Regulation
New Saudi spy chief confronts 'Islamic State'(Al Monitor) With the al-Qaeda spin-off Islamic State of Iraq and al-Sham (ISIS) now virtually on its northern border, Saudi King Abdullah bin Abdulaziz has appointed a new spy master and a new special envoy for the kingdom. The appointments also strengthen the king's hand in the succession process
Give DISA an operational mission to operate and defend the DoDIN, says cyber chief(Federal Times) U.S. Cyber Command and the Defense Information Systems Agency are working collaboratively to develop a construct under which the agency will operate and defend the Department of Defense Information Network (DoDIN), and will be ready to unveil that construct in the fall, said ADM Mike Rogers, USCYBERCOM commander and director of the National Security Agency
Litigation, Investigation, and Law Enforcement
NSA's Internet Monitoring Said to Be Legal(AP via ABC News) The first time the bipartisan Privacy and Civil Liberties Oversight Board dissected a National Security Agency surveillance program, it found fundamental flaws, arguing in a January report that the NSA's collection of domestic calling records "lacked a viable legal foundation" and should be shut down
Security World To Microsoft: Stop Trying To Police The Internet(Forbes) Crazy. Outrageous. Unbelievable. These are a few of the many vitriolic words being levelled at Microsoft MSFT +0.41% today, which is taking a kicking from the security community over the dismantling of a cybercriminal campaign said to have infected millions
Latest Microsoft Malware Takedown Causes Waves in Security Community(Threatpost) Microsoft's latest takedown of a malware operation, announced Monday and involving the infrastructure of several malware families, has, like many of the company’s actions, elicited strong opinions on both sides of the issue from security researchers, activists and others with a stake in the game. This takedown didn't involve simply hitting the C2 infrastructure of a botnet, but also includes legal action against a hosting company, No-IP.com, which has called out Microsoft for its tactics and raised a lot of questions in the security community, as well
To Whom It May Concern(Blackout Austria) June 30th, 2014 marks a turning point for Austria. Not only was the Vorratsdatenspeicherung (data retention) terminated preliminarily for good (no, really), the operation of TOR exit nodes supposedly was also declared a criminal offense by a regional criminal court. The accused was operating a TOR exit node which was being used fraudulently by a third party to transmit content of an illegal nature
Many fraud victims clueless about data compromise source(FierceITSecurity) Nearly half of identity fraud victims do not know where their information was compromised, according to a survey of residents in four U.S. cities by Javelin Strategy & Research on behalf of the National Consumers League (NCL)
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
INSCOM Cyber Day(Fort Belvoir, Virginia, USA, July 9, 2014) Cyber-industry vendors are invited to participate in the upcoming Cyber Day hosted by the United States Army Intelligence and Security Command (INSCOM), located at Ft. Belvoir. U.S. Army Cyber (AR Cyber)...
2nd Annual Oil & Gas Cyber Security Conference(Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.