Over the weekend the Tunisian Hackers Team, not much heard from since its 2013 attempts against American financial sector targets, resurfaced to promise a campaign against US banks and airports. The airport threat comes during heightened Western air travel alert — both the US and UK express concerns over flight security. Among immediate measures taken by the US TSA is increased scrutiny of mobile devices, with probable exclusion of uncharged devices over concerns they may hold concealed explosives.
The Syrian Electronic Army spoofs an Israeli Defense Forces tweet announcing a (hoaxed) nuclear accident at the Dimona facility.
Turkish authorities complain that the Andalou news agency has come under foreign cyber attack at least twenty-four times this year.
With gasconade unusually self-important and creepy even for Anonymous, "OpCISA" threatens members of the US Congress and their families over pending cyber legislation.
US authorities ask the energy sector to check their networks for signs of Energetic Bear (a.k.a. DragonFly, a.k.a. Havex) malware.
Brazilian cyber criminals are credited with quietly stealing a scarcely credible $3.75B through exploitation of the Boleto payment system.
Point-of-sale concerns continue in the wake of a security breach at vendor ISS. The Internet Storm Center and Brian Krebs discuss physical access and skimmer threats.
US-German relations are strained as the US declines a "no-spying" agreement and Germany arrests a BND employee for espionage.
Fresh allegations of NSA wide-scale surveillance prompt Bruce Schneier (among others) to suspect another leaker within the agency — they don't see this stuff in Snowden's purloined files.
Today's issue includes events affecting Brazil, Canada, China, European Union, France, Germany, Isle of Man, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Pakistan, Russia, Sri Lanka, Syria, Tunisia, Turkey, United Kingdom, United States..
Next week we'll be covering SINET's Innovation Summit in New York, which convenes on July 17 with keynotes by US Deputy Energy Secretary Daniel Ponemon and US NSA Director Admiral Michael S. Rogers.
Cyber Attacks, Threats, and Vulnerabilities
EXCLUSIVE: Tunisian Hackers Announce Cyber Jihad Against US Banks, Airport Computer Systems(HS Today) Beginning July 5, The Tunisian Hackers Team (THT), a group of Tunisian hackers known for its 2013 attempts to attack US banks, including Bancorp, announced via social media that it intends to launch a cyber attack on US banks and airport computer systems during the coming week, according to the Middle East Media Research Institute's (MEMRI) Cyber Jihad and Lab Project
Dead mobile devices banned from planes to US(IT News) International passengers travelling on American airlines from certain airports will need to prove their devices are charged before being allowed to board, in a new security effort aimed at preventing acts of terrorism
US Govt asks energy firms to check systems after attacks(IT News) The US government has asked critical infrastructure operators to review computer networks to see if they are infected with malicious software from the "Energetic Bear" hacking group, after three industrial control system manufacturers were found to have been penetrated
Estimated $3.75bn stolen by Brazil fraud ring(Help Net Security) An estimated $3.75 billion have been netted by a single fraud ring that took advantage of a popular Brazilian payment method — the Boleto — by wielding a frequently upgraded piece of malware that silently intercepted and rerouted payments to the crooks' bank accounts
Dailymotion.com Visitors Redirected to Exploit Kit(Softpedia) Cybercriminals managed to compromise the popular video sharing website Dailymotion.com, by injecting malicious code designed to redirect visitors to a website that served the Sweet Orange exploit kit
Cyber attack disrupts work of genealogists(Times Leader) Genealogists, as we now know, are not immune to cyber crime. This sad fact was amply demonstrated a few weeks ago when a DDoS (distributed denial of service) attack was levied against the popular genealogy website Ancestry.com, wreaking havoc with its services
Remote access breach via POS system sparks yet more consumer data leak fears(Naked Security) A supplier of point-of-sale (POS) equipment based in northwest US has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to intrude into the clients' machines and potentially harvest customer payment card data
Physical Access, Point of Sale, Vegas(Internet Storm Center) Physical Access, as most of us know, is the final point of control. While in Las Vegas (on a well earned vacation) my wife and wandered all over. It only took around a day of being completely unplugged before my mind wandered back to 'security' land. While scoping out places to eat my partner drug us into a 'pricey' looking place (will attempt to remain nameless to protect the 'really' not so smart, however I am not a photo editor so if something slipped, I tried)
The Rise of Thin, Mini and Insert Skimmers(Krebs on Security) Like most electronic gadgets these days, ATM skimmers are getting smaller and thinner, with extended battery life. Here's a look at several miniaturized fraud devices that were pulled from compromised cash machines at various ATMs in Europe so far this year
phpinfo() Type Confusion Infoleak Vulnerability and SSL Private Keys(SektionEins) In the last weeks we have spent some time looking into the PHP source code again, because we were working on new versions of Suhosin, our security extension for PHP. During this time we have discovered some security problems in PHP and disclosed them to the PHP security team, after our initial analysis was finished and POC exploits were developed
Coinbase wallet app in SSL/TLS SNAFU(Naked Security) The popular Bitcoin wallet Coinbase has a weakness in its Android app that could allow an attacker to steal authentication codes and access users' accounts, according to a security researcher
Fourth of July Malware Campaign Targets Vacationers(MarketWatch) Researchers from Proofpoint, Inc. PFPT -0.54%, a leading security-as-a-service provider, have discovered a nasty piece of malware which is targeting vacationers who visit US travel sites, just in time for the July 4th holiday
Spammers are always thinking up new tricks(Help Net Security) The percentage of spam in email traffic in May averaged 69.8 per cent — 1.3 percentage points less than the previous month. May saw numerous mass mailings for schools and colleges offering distance learning; other spam mailings were more straightforward, simply inviting users to buy a qualification. All that was required was a donation to a church that would then officially award an honorary doctorate to the benefactor
Bulletin (SB14-188) Vulnerability Summary for the Week of June 30, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
The Rise Of Threat Intelligence Sharing(CRN) The Target breach prompted retailers to create a formalized process for disseminating threat intelligence information to help incident responders quickly address attacks targeting payment systems and threats to servers containing sensitive customer data
Don't Set The CISO Up To Fail(InformationWeek) More healthcare organizations are hiring CISOs — a good thing. But bad management structure, insufficient resources, and poor understanding of risks often doom these newly appointed security executives
Albany area's Center for Internet Security expands nationwide(Albany Business Review) The Center for Internet Security, a nonprofit headquartered in Rensselaer County, New York, will expand its cyber monitoring services to all 50 states this year in a partnership with the U.S. Department of Homeland Security
Protect your family with Bitdefender(Download) Back by popular demand, Bitdefender is offering its top-rated, all-around security protection for the whole family at less than half the regular price
Microsoft Encryption Protects User Data From NSA and Other Snoops(Forbes) In a not-so-subtle dig at the National Security Agency, Microsoft's Vice President of Trustworthy Computing, Matt Thomlinson, described the company's expanded encryption efforts as a way to help "reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data"
Microsoft supports open source software framework for IoT(Help Net Security) The AllSeen Alliance, the broadest Internet of Everything open-source project, announced that Microsoft has joined the group's multi-company effort as a Premier Member to make it easier for a broad range of everyday devices, objects and services to interoperate seamlessly and intelligently
The building blocks of a successful authentication infrastructure(Help Net Security) In this interview, Josh Alexander, CEO of Toopher, discusses how an increasingly mobile workforce shapes the way an organization deals with authentication issues, provides advice to a CISO with the task of upgrading an outdated authentication infrastructure, and much more
Panel: NSA's targeting of foreigners is lawful(Washington Post) An independent executive-branch board has concluded that a major National Security Agency program targeting foreigners overseas is lawful and effective but that certain elements push "close to the line" of being unconstitutional
US closes out no-spy deal with Germany(Voice of Russia) The United States will not sign a no-spying agreement with Germany as it attempts to settle the diplomatic fallout from the US National Security Agency's surveillance on Chancellor Angela Merkel, a White House official said Thursday
Ties Strained, Germans Press U.S. to Answer Spy Allegation(New York Times) With mystery enveloping a German intelligence service employee accused of spying — reportedly for the United States — German officials and commentators on Sunday angrily demanded a response from Washington, warning that an already troubled relationship was at risk of deteriorating to a new
US spying on Sri Lanka also(Sunday Times) Sri Lanka is among many countries where the United States National Security Agency has been spying on
Warn U.S. against snooping: Karat(The Hindu) The Communist Party of India (Marxist) on Friday demanded that the Narendra Modi government get a firm assurance from the U.S. that it would not indulge in surveillance and espionage operations in India
Germany Summons U.S. Ambassador Over Spy Allegations(Wall Street Journal) German arrested on suspicion of working as a foreign agent, says prosecutor. Germany summoned the U.S. ambassador on Friday after allegations of American spying erupted anew, threatening to further damage one of Washington's most important alliances
The NSA may have another leaker on its hands(Quartz) Edward Snowden has done a lot of damage to the National Security Agency by disclosing dozens of its most sensitive internet surveillance programs — but there may be a lot more to come from someone following in his footsteps
NSA Targets the Privacy-Conscious for Surveillance(Schneier on Security) Jake Appelbaum et. al, are reporting on XKEYSCORE selection rules that target users -- and people who just visit the websites of -- Tor, Tails, and other sites. This isn't just metadata; this is "full take" content that's stored forever
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
INSCOM Cyber Day(Fort Belvoir, Virginia, USA, July 9, 2014) Cyber-industry vendors are invited to participate in the upcoming Cyber Day hosted by the United States Army Intelligence and Security Command (INSCOM), located at Ft. Belvoir. U.S. Army Cyber (AR Cyber)...
2nd Annual Oil & Gas Cyber Security Conference(Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.