skip navigation

More signal. Less noise.

Daily briefing.

Over the weekend the Tunisian Hackers Team, not much heard from since its 2013 attempts against American financial sector targets, resurfaced to promise a campaign against US banks and airports. The airport threat comes during heightened Western air travel alert — both the US and UK express concerns over flight security. Among immediate measures taken by the US TSA is increased scrutiny of mobile devices, with probable exclusion of uncharged devices over concerns they may hold concealed explosives.

The Syrian Electronic Army spoofs an Israeli Defense Forces tweet announcing a (hoaxed) nuclear accident at the Dimona facility.

Turkish authorities complain that the Andalou news agency has come under foreign cyber attack at least twenty-four times this year.

With gasconade unusually self-important and creepy even for Anonymous, "OpCISA" threatens members of the US Congress and their families over pending cyber legislation.

US authorities ask the energy sector to check their networks for signs of Energetic Bear (a.k.a. DragonFly, a.k.a. Havex) malware.

Brazilian cyber criminals are credited with quietly stealing a scarcely credible $3.75B through exploitation of the Boleto payment system.

Point-of-sale concerns continue in the wake of a security breach at vendor ISS. The Internet Storm Center and Brian Krebs discuss physical access and skimmer threats.

US-German relations are strained as the US declines a "no-spying" agreement and Germany arrests a BND employee for espionage.

Fresh allegations of NSA wide-scale surveillance prompt Bruce Schneier (among others) to suspect another leaker within the agency — they don't see this stuff in Snowden's purloined files.

Notes.

Today's issue includes events affecting Brazil, Canada, China, European Union, France, Germany, Isle of Man, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Pakistan, Russia, Sri Lanka, Syria, Tunisia, Turkey, United Kingdom, United States..

Next week we'll be covering SINET's Innovation Summit in New York, which convenes on July 17 with keynotes by US Deputy Energy Secretary Daniel Ponemon and US NSA Director Admiral Michael S. Rogers.

Cyber Attacks, Threats, and Vulnerabilities

EXCLUSIVE: Tunisian Hackers Announce Cyber Jihad Against US Banks, Airport Computer Systems (HS Today) Beginning July 5, The Tunisian Hackers Team (THT), a group of Tunisian hackers known for its 2013 attempts to attack US banks, including Bancorp, announced via social media that it intends to launch a cyber attack on US banks and airport computer systems during the coming week, according to the Middle East Media Research Institute's (MEMRI) Cyber Jihad and Lab Project

Dead mobile devices banned from planes to US (IT News) International passengers travelling on American airlines from certain airports will need to prove their devices are charged before being allowed to board, in a new security effort aimed at preventing acts of terrorism

SEA hacks Israeli Defence Force Twitter account, posts bogus nuclear warning (Naked Security) Residents of the Southern District of Israel may have felt alarmed on Thursday after the Twitter account of the Israeli Defence Force warned of a possible leak at the Dimona nuclear facility

Anadolu Agency under cyber-attack: deputy PM (Hurriyet Daily News) Anadolu Agency has faced 24 cyber-attacks so far this year, mostly from the U.S., Canada and China, Deputy Prime Minister Bülent Arınç said on July 4

#OpCISA: Anonymous threatens congressmen & their families over cyber security bill (HackRead) The hacktivist collective Anonymous going with the Twitter handle of Anon_Messenger has threatened congress lawmakers to back off over CISA cyber security bill if they value the "sanctity of their loved ones" and themselves or face the consequences in shape of massive on ground protest

US Govt asks energy firms to check systems after attacks (IT News) The US government has asked critical infrastructure operators to review computer networks to see if they are infected with malicious software from the "Energetic Bear" hacking group, after three industrial control system manufacturers were found to have been penetrated

Estimated $3.75bn stolen by Brazil fraud ring (Help Net Security) An estimated $3.75 billion have been netted by a single fraud ring that took advantage of a popular Brazilian payment method — the Boleto — by wielding a frequently upgraded piece of malware that silently intercepted and rerouted payments to the crooks' bank accounts

CosmicDuke malware surprisingly linked to Miniduke campaign (Security Affairs) While investigating on MiniDuke malware, experts at F-Secure discovered a surprising link to a new malware, dubbed CosmicDuke, belonging to Cosmu family

Researchers Find Vulnerability in Internal PayPal Portal (SecurityWeek) The existence of a vulnerability in a portal used internally by PayPal staff was recently disclosed by Germany-based security research company Vulnerability Lab

Dailymotion.com Visitors Redirected to Exploit Kit (Softpedia) Cybercriminals managed to compromise the popular video sharing website Dailymotion.com, by injecting malicious code designed to redirect visitors to a website that served the Sweet Orange exploit kit

Cyber attack disrupts work of genealogists (Times Leader) Genealogists, as we now know, are not immune to cyber crime. This sad fact was amply demonstrated a few weeks ago when a DDoS (distributed denial of service) attack was levied against the popular genealogy website Ancestry.com, wreaking havoc with its services

Remote access breach via POS system sparks yet more consumer data leak fears (Naked Security) A supplier of point-of-sale (POS) equipment based in northwest US has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to intrude into the clients' machines and potentially harvest customer payment card data

Physical Access, Point of Sale, Vegas (Internet Storm Center) Physical Access, as most of us know, is the final point of control. While in Las Vegas (on a well earned vacation) my wife and wandered all over. It only took around a day of being completely unplugged before my mind wandered back to 'security' land. While scoping out places to eat my partner drug us into a 'pricey' looking place (will attempt to remain nameless to protect the 'really' not so smart, however I am not a photo editor so if something slipped, I tried)

The Rise of Thin, Mini and Insert Skimmers (Krebs on Security) Like most electronic gadgets these days, ATM skimmers are getting smaller and thinner, with extended battery life. Here's a look at several miniaturized fraud devices that were pulled from compromised cash machines at various ATMs in Europe so far this year

phpinfo() Type Confusion Infoleak Vulnerability and SSL Private Keys (SektionEins) In the last weeks we have spent some time looking into the PHP source code again, because we were working on new versions of Suhosin, our security extension for PHP. During this time we have discovered some security problems in PHP and disclosed them to the PHP security team, after our initial analysis was finished and POC exploits were developed

Coinbase wallet app in SSL/TLS SNAFU (Naked Security) The popular Bitcoin wallet Coinbase has a weakness in its Android app that could allow an attacker to steal authentication codes and access users' accounts, according to a security researcher

Security weakness found in WiFi enabled LED light bulb (Help Net Security) Researchers at Context Information Security have been able to expose a security weakness in a WiFi enabled, energy efficient LED light bulb that can be controlled from a smartphone

Fourth of July Malware Campaign Targets Vacationers (MarketWatch) Researchers from Proofpoint, Inc. PFPT -0.54%, a leading security-as-a-service provider, have discovered a nasty piece of malware which is targeting vacationers who visit US travel sites, just in time for the July 4th holiday

Malicious Spam Mails about Parking Fine Hit Internauts in UK; BitDefender (Spamfighter) According to BitDefender the security company, spam mails are surging which talk about parking fines, while continuously contaminate PCs within United Kingdom with malware

Spammers are always thinking up new tricks (Help Net Security) The percentage of spam in email traffic in May averaged 69.8 per cent — 1.3 percentage points less than the previous month. May saw numerous mass mailings for schools and colleges offering distance learning; other spam mailings were more straightforward, simply inviting users to buy a qualification. All that was required was a donation to a church that would then officially award an honorary doctorate to the benefactor

Changes to passwords, questions urged after cyber attacks (WAFF) Cyber attacks compromised user data of a high-profile web service, prompting the company to issue a warning to its customers

How Google Map Hackers Can Destroy a Business at Will (Wired) Rene Bertagna blames Google for the death of his restaurant, Serbian Crown

North Korea doubles number of hackers: South Korea (Press TV) South Korean sources say neighboring North Korea has doubled the number of its elite hackers over the past two years

Bulletin (SB14-188) Vulnerability Summary for the Week of June 30, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Patch Tuesday for July 2014 — 6 bulletins, 2 RCEs, 3 EoPs and get ready to reboot (Naked Security) Here's what to expect from Microsoft in the July 2014 edition of Patch Tuesday, scheduled to ship on Tuesday 08 July 2014

Five WordPress Plugins You Should Update Right Now (PC Magazine) If you own a WordPress site, make sure you are staying on top of updates — not just for the core platform, but for all the themes and plugins, too

Cyber Trends

Mobile security market moves away from FUD (TechTarget) The mobile security market has matured, but some IT departments haven't gotten the message

Integrating intelligence key to better security, says FireEye (ComputerWeekly) Security threat intelligence is vital, but challenging to implement, says Joshua Goldfarb, chief security officer, enterprise forensics group, FireEye

The Rise Of Threat Intelligence Sharing (CRN) The Target breach prompted retailers to create a formalized process for disseminating threat intelligence information to help incident responders quickly address attacks targeting payment systems and threats to servers containing sensitive customer data

Gear towards resilience in cyber war (Insurance Business Online) Insurer's research finds Australasian IT companies must prepare to face global internet failure

Facebook Mood Manipulation: 10 Bigger Problems (InformationWeek) Facebook's failure to communicate about its mood experiment is the least of the things Internet companies do to us

Don't Set The CISO Up To Fail (InformationWeek) More healthcare organizations are hiring CISOs — a good thing. But bad management structure, insufficient resources, and poor understanding of risks often doom these newly appointed security executives

Journalists need to know all the things 'cyber' can mean for smart coverage (CJR) Journalists need to learn to evaluate threats by being as specific as possible in describing them, and who might be affected

Marketplace

The Internet Of Small Things Spurs Big Business (InformationWeek) IoT scenarios that appear consumer-centric and disposable hold broad business opportunities

Germany's biggest datacentre opens its doors, targeting the security-conscious (ZDNet) Deutsche Telekom's IT services arm has opened a twin facility for its existing Magdeburg datacentre

Facebook's experiment on users — what would it take for you to finally quit? [POLL] (Naked Security) Facebook is taking heat once again for perceived invasion of privacy, after it disclosed a research experiment conducted on users without their explicit consent

Albany area's Center for Internet Security expands nationwide (Albany Business Review) The Center for Internet Security, a nonprofit headquartered in Rensselaer County, New York, will expand its cyber monitoring services to all 50 states this year in a partnership with the U.S. Department of Homeland Security

Israeli ministers approve tax breaks for new cyber-security park (Haaretz) Critics note cost of move to both treasury and other business parks in south

Products, Services, and Solutions

Protect your family with Bitdefender (Download) Back by popular demand, Bitdefender is offering its top-rated, all-around security protection for the whole family at less than half the regular price

Microsoft Encryption Protects User Data From NSA and Other Snoops (Forbes) In a not-so-subtle dig at the National Security Agency, Microsoft's Vice President of Trustworthy Computing, Matt Thomlinson, described the company's expanded encryption efforts as a way to help "reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data"

Chief Minister welcomes Manx Telecom investment in cyber attack prevention (isleofman.com) Chief Minister Hon Allan Bell MHK said Manx Telecom's new cyber attack prevention solution will enhance the Isle of Man's status as a responsible jurisdiction in the digital community

'Spy-proof' IM launched: Aims to offer anonymity to whistleblowers (The Register) Security experts have teamed up to created a stealthy internet messenger client designed especially for whistleblowers

Technologies, Techniques, and Standards

Microsoft supports open source software framework for IoT (Help Net Security) The AllSeen Alliance, the broadest Internet of Everything open-source project, announced that Microsoft has joined the group's multi-company effort as a Premier Member to make it easier for a broad range of everyday devices, objects and services to interoperate seamlessly and intelligently

The building blocks of a successful authentication infrastructure (Help Net Security) In this interview, Josh Alexander, CEO of Toopher, discusses how an increasingly mobile workforce shapes the way an organization deals with authentication issues, provides advice to a CISO with the task of upgrading an outdated authentication infrastructure, and much more

How Microsoft cracks the BYOD code: 3 tips (InformationWeek) Microsoft's CISO shares best-practices for balancing employee autonomy and security in today's bring-your-own world

Avoiding the pitfalls of a corporate data breach (Gulf News) Organisations in the technology and retail sector are far more likely to have a breach

How to remember all your passwords and keep them safe (Quartz) In the days after the Heartbleed story broke, Internet users were strongly advised to change the compromised passwords on their online accounts to protect their data

Academia

UAH cyber security expert to speak at Huntsville technology luncheon (al.com) A cyber security expert at the University of Alabama in Huntsville will address the Huntsville branch of an international technology group at a luncheon next week

Legislation, Policy, and Regulation

Panel: NSA's targeting of foreigners is lawful (Washington Post) An independent executive-branch board has concluded that a major National Security Agency program targeting foreigners overseas is lawful and effective but that certain elements push "close to the line" of being unconstitutional

Edward Snowden and the NSA Can Both Be Right (TIME) Two reports raise the possibility that on balance, both the NSA collection programs and Snowden's revelations have done more to advance the public good than to harm it

US closes out no-spy deal with Germany (Voice of Russia) The United States will not sign a no-spying agreement with Germany as it attempts to settle the diplomatic fallout from the US National Security Agency's surveillance on Chancellor Angela Merkel, a White House official said Thursday

Ties Strained, Germans Press U.S. to Answer Spy Allegation (New York Times) With mystery enveloping a German intelligence service employee accused of spying — reportedly for the United States — German officials and commentators on Sunday angrily demanded a response from Washington, warning that an already troubled relationship was at risk of deteriorating to a new

Spying by US 'security agency' against international laws: Pakistan (Daily Times) Tasnim says Pakistan's embassy in Iraq functional, ambassador in touch with all Pakistanis

US spying on Sri Lanka also (Sunday Times) Sri Lanka is among many countries where the United States National Security Agency has been spying on

Warn U.S. against snooping: Karat (The Hindu) The Communist Party of India (Marxist) on Friday demanded that the Narendra Modi government get a firm assurance from the U.S. that it would not indulge in surveillance and espionage operations in India

Russia's latest internet law proposal — anti-NSA, or pro-FSB? (Naked Security) Russia's parliament, the State Duma, has heard another internet freedom bill requiring foreign web firms to host any data on Russia citizens within Russia's borders

State Department's CIO says budget doubled after harsh inspector general report (Washington Business Journal) The State Department's top cybersecurity official says his budget doubled in order to address tough criticism given by the agency's inspector general, according to Federal News Radio

AVG wants new legislation covering the Internet of Things for the sake of children (ITProPortal) AVG wants legislators to devise a plan that stops data gathering firms from spying on children by placing limits on how much can be collected from portable devices

Litigation, Investigation, and Law Enforcement

Germany Summons U.S. Ambassador Over Spy Allegations (Wall Street Journal) German arrested on suspicion of working as a foreign agent, says prosecutor. Germany summoned the U.S. ambassador on Friday after allegations of American spying erupted anew, threatening to further damage one of Washington's most important alliances

The NSA may have another leaker on its hands (Quartz) Edward Snowden has done a lot of damage to the National Security Agency by disclosing dozens of its most sensitive internet surveillance programs — but there may be a lot more to come from someone following in his footsteps

NSA Targets the Privacy-Conscious for Surveillance (Schneier on Security) Jake Appelbaum et. al, are reporting on XKEYSCORE selection rules that target users -- and people who just visit the websites of -- Tor, Tails, and other sites. This isn't just metadata; this is "full take" content that's stored forever

Report: NSA Dragnet Ensnares Way More Regular Folks Than Legal Targets (TIME) 9 out of 10 people caught up in the NSA's surveillance were average Internet users, many of whom were U.S. citizens, according to data leaked by former NSA contractor Edward Snowden

Crypto thwarts TINY MINORITY of Feds' snooping efforts (The Register) Dire warnings from cops fall flat thanks to official US.gov figures

No-IP reclaims control of domains seized by Microsoft (Help Net Security) The end of No-IP customers' troubles seems near, as Microsoft has relinquished control of the 23 domain names it seized control of on Monday with the blessing of a Nevada federal court

Euro-cops get crash course in fighting cybercrime (V3) A collection of high-ranking police officers are being trained in how to tackle increasingly advanced cyber threats at a two-week event hosted by Europol

Feds unmask mystery hacker who "hamburgled" Burger King Twitter account (Ars Technica) Serial hacker is tied to breaches involving Twitter, police, and Paris Hilton

French Police Smash Illegal Bitcoin Trading Ring (AFP) French police said Monday they had smashed an illegal Bitcoin trading network, seizing virtual currency worth 200,000 euros ($272,000) in the first such operation in Europe

Five arrested in crackdown on bogus UK government websites (ComputerWeekly) The National Trading Standards eCrime Team has arrested five people in a crackdown on bogus government websites

Computer whizzkid jailed for failing to provide password after cyber attacks on police (The Journal) A brilliant Northumbria University student suspected of hacking police systems is today behind bars for refusing to reveal his password

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

INSCOM Cyber Day (Fort Belvoir, Virginia, USA, July 9, 2014) Cyber-industry vendors are invited to participate in the upcoming Cyber Day hosted by the United States Army Intelligence and Security Command (INSCOM), located at Ft. Belvoir. U.S. Army Cyber (AR Cyber)...

SiliconExpert Counterfeit Electronic Component Detection & Avoidance (Webinar, July 10, 2014) Join us for a free 60 minute webinar with Dr. Diganta Das from the University of Maryland's Center for Advanced Life Cycle Engineering (CALCE), which is a research leader in the area of counterfeit electronics...

2nd Annual Oil & Gas Cyber Security Conference (Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...

Security Startup Speed Lunch DC (Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...

Seminar: Cybersecurity Framework for Protecting our Nation's Critical Infrastructure (Marietta, Georgia, USA, July 22, 2014) The Automation Federation and Southern Polytechnic State University will co-sponsor the "Cybersecurity Framework for Protecting our Nation's Critical Infrastructure." a free seminar from 8 a.m. to noon...

SHARE in Pittsburgh (Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today. FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles. ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...

STOP. THINK. CONNECT. Two Steps Ahead: Protect Your Digital Life Tour (Clarksville, Tennessee, USA, August 5, 2014) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, is coming to TK with its STOP. THINK. CONNECT.

Passwords14 (Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...

BSidesLV 2014 (Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...

4th Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...

DEF CON 22 (Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.

South Africa Banking and ICT Summit (Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...

SANS Cyber Defense Summit and Training (Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...

Resilience Week (Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.