The indirect road through security think tanks Deep Panda is taking to targets in Iraq (and elsewhere) is paved with Windows PowerShell, exploitation of which can be subtle and easily overlooked. The Chinese government dismisses allegations of its involvement in the campaign on the high-minded grounds of hacking's illegality, etc.
FireEye investigates disclosures of vulnerabilities in its security products NX, EX, AX, FX, and CM (and patches the same).
Passcape Software reports that a Windows Server DPAPI vulnerability could expose data to unauthorized decryption.
Adobe, Google, and Twitter patch quickly to fend off the Rosetta Flash attack (and other vendors are rapidly doing the same) but the risk remains a real one, so please take head of the fixes.
Microsoft's Patch Tuesday is called "light" ("OS administration teams will be busy, application administrators get the month off," summarized Help Net Security) but others are also patching this week, Adobe, Yahoo, WordPress, and FireEye among them.
As regulation tightens and exposure to litigation grows, corporate boards hustle to limit their cyber risk.
Stock analysts devote some attention to the cyber sector, offering an interesting perspective on how interested outsiders view the industry.
SIFMA's call for a government-industry cyber war council amounts to a plea for significantly enhanced cyber intelligence sharing and a more responsive active defense posture. But policy mavens receive it coolly, doubting that anything requiring "a meeting of eight undersecretaries" will achieve anything resembling responsiveness.
Microsoft, weary of its role as "the Internet's Dirty Harry," seeks partners in takedowns.
Today's issue includes events affecting Australia, China, Germany, Greece, Iraq, Romania, Russia, United Kingdom, United States..
DPAPI vulnerability allows intruders to decrypt personal data(Help Net Security) Passcape Software has discovered a DPAPI vulnerability that could potentially lead to unauthorized decryption of personal data and passwords of interactive domain users. The vulnerability is present in all Windows Server operating systems
Dispelling the myths behind DDoS attacks(Help Net Security) Distributed Denial of Service (DDoS) attacks are quickly becoming the preferred method for cyber attackers to wreak havoc on the internet. With a recent spate of attention grabbing headlines focused on the hacker's favorite tool, this article busts some myths about DDoS attacks
Risks of selling used smartphones(Help Net Security) AVAST Software easily retrieved personal data from used smartphones sold online, despite consumers deleting their data. From the used devices, researchers was able to recover more than 40,000 personal photos, emails, text messages, and — in some cases — the identities of the sellers
Threat Spotlight: "A String of Paerls", Part 2, Deep Dive(Snort Vulnerability Research Team) In part one of our two part blog series on the "String of Paerls" threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables
PwnStar — Script for multi attack (for all your fake-AP needs!)(Kitploit) A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF. De-auth with aireplay, airdrop-ng or MDK3
E-ZPass Spam leads to Location Aware Malware(Cybercrime and Doing Time) If you drive in a city with toll roads, you are familiar with the E-Z Pass System. If you are, you may have been tempted to click on an email that looked like this
Cyber attack hits guests at Houstonian Hotel(Houston Chronicle) At least 10,000 customers of the Houstonian Hotel, Club & Spa have been notified that the hotel's credit card processing system was breached for six months between last December and June 20
Studies show a car's computer system vulnerable to hacking(Digital Journal) As you're driving down the highway suddenly your engine cuts out. Your steering fails and your tires start loosing air. Your breaks stop working and your airbags deploy. You're flown to the hospital after causing an eight car pile-up
This is How Hackers Are Stealing Your Data(FoxBusiness) The rate of small and higher-profile data breaches has been on the rise as the computer security community races to keep up with the 'bad guys.' Duo Security, a firm that specializes in so-called two-factor authentication, crafted a look at how cyber evildoers are sneaking into networks and stealing a wide variety of sensitive information
Security Patches, Mitigations, and Software Updates
Light Patch Tuesday fixes six issues, two critical(Help Net Security) Microsoft has released the patches and it is a relatively light month. Six issues in total, 2 Critical, 3 Important, 1 Moderate. OS administration teams will be busy, application administrators get the month off
Microsoft Security Bulletin Summary for July 2014(Microsoft Security TechCenter) This bulletin summary lists security bulletins released for July 2014. With the release of the security bulletins for July 2014, this bulletin summary replaces the bulletin advance notification originally issued July 3, 2014. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification
Security Vulnerability Roll-Up Notice(FireEye Security Bulletin) FireEye has issued a set of FireEye Operating System (FEOS) updates for the following products: NX, EX, AX, FX, and CM. These updates contain a number of vulnerability fixes, some of which are listed in detail in this document. Many of these fixes have previously been communicated in product release notes. This bulletin denotes the first formal, separate FireEye security bulletin for this product family so that our customers and other interested parties can now track and maintain security vulnerability information. We intend to have future
bulletins contain a comprehensive list of security fixes since the previous release. These releases underwent a set of external security reviews, and a targeted security redesign by FireEye development. These releases bring the listed products to the same security parity
Yahoo Fixes Trio of Bugs in Mail, Messenger, Flickr(Threatpost) Yahoo recently fixed a trio of remotely exploitable vulnerabilities in its services that could have let attackers inject malicious script and cause session hijacking, phishing, among other nefarious tricks
WordPress 3.8.2 Security Release(WordPress.org) WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately
Corporate Boards Race to Shore Up Cybersecurity(Wall Street Journal) After a series of high-profile data breaches and warnings, corporate boards are waking to cyberthreats, grappling with security issues they once relegated to technology experts. Computer hacking is on the agenda these days when Kellogg Co.'s directors meet, alongside more conventional topics like cereal trends and the company's reliance on Wal-Mart Stores Inc. Kellogg's management is especially worried that cyberattackers
Security leaders face identity challenge(Computerworld via CSO) Information security today is seriously big business. While cybercriminals are making hay on the black market with stolen identities and records, cybersecurity breaches are also clearly costing companies much more than before
64% of companies expect cyber attacks(Help Net Security) Nearly two-thirds (64%) of UK IT decision-makers said they expect their organization to be the target of a cyber attack within the next 12 months. And nearly one in three (32%) of those surveyed confirm their business was hit by a cyber attack during the past year, according to Bit9 + Carbon Black
Cyber Protector Plans Supplies 4 Key Points that Shed Light on Data Breaches, Cyber Security Insurance(Insurance News Net) According to Ponemon Institute's research report Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age, data breaches cost millions of dollars; the average cost per record lost is an expensive $188. Cyber security is of the utmost importance for virtually every business as rules and regulations pertaining to safeguarding consumer data grow more severe. In fact, 47 states have enacted data breach legislation, most of which include hefty fees for the unwary
Which Security Stock Looks Secure in a Speculative Industry?(Motley Fool) As cyber attacks remain a growing threat, the reasons to own enterprise security stocks may seem clear. Companies like FireEye (NASDAQ: FEYE ) , Proofpoint (NASDAQ: PFPT ) , and Palo Alto Networks (NYSE: PANW ) have been Wall Street favorites, with the latter recently catching a bullish upgrade as the top-in-class investment. Albeit, should you be so bullish?
Can Akamai Continue Its Wild Growth?(Motley Fool) Akamai Technologies (NASDAQ: AKAM ) has tied its future to one of the biggest imaginable growth industries, Internet traffic, and as a result, it's seen remarkable growth for the past several quarters that's exceeding even management's expectations. It's also partnering with powerhouses such as Cisco (NASDAQ: CSCO ) and Qualcomm (NASDAQ: QCOM ), and it's expanding successfully into cybersecurity
RedOwl plans to double workforce(Baltimore Sun) Baltimore cyber security firm RedOwl Analytics plans to double its workforce to 50 people within the next few years as it tries to make Federal Hill Maryland's new technology hub, company CEO Guy Filippelli said Tuesday
Exabeam Initiates Sales Push with Hiring of Former Imperva SVP of Worldwide Sales Ralph Pisani(Broadway World) Fresh off its recent $10 million series A funding round, Exabeam, a big data security analytics company, announced today the hiring of Ralph Pisani as executive vice president of field operations. Former senior vice president of worldwide sales at Imperva, Pisani brings nearly 20 years of experience in sales, sales management, and channel and business development to drive Exabeam's field operations, business development and client services
Malcovery Security Continues to Hit Major Milestones(Digital Journal) Malcovery Security announced today that it achieved several major milestones in delivering email-based threat intelligence, underscoring its unique analytics and patented technology capabilities in light of the unprecedented surge in phishing attack campaigns, as reported in June 2014, by the Anti-Phishing Working Group (APWG)
Perion Partners with CYREN to Enhance Browsing Safety for Its App Users(Wall Street Journal) Perion Codefuel, a division of Perion Network Ltd. (NASDAQ: PERI) (TASE: PERI), a leading provider of software monetization solutions, and CYREN, a leading provider of cloud-based security solutions, announced today that they entered into a strategic cooperation and intend to leverage CYREN's online security services in order to help extend Perion Codefuel's suite of browsing and security applications
CrowdStrike Accredited by NSA for Cyber Incident Response Services(Broadway World) CrowdStrike, a global provider of security technologies and services focused on identifying advanced threats and targeted attacks, announced today it is one of seven companies accredited by the National Security Agency (NSA) under its National Security Cyber Assistance Program
Technologies, Techniques, and Standards
Multifactor authentication key to cloud security success(TechTarget) The collapse of source code-hosting provider Code Spaces in the wake of an attack on its Amazon Web Services' control panel has sparked industry debate around what the organization should have been doing to protect itself. While the Code Spaces incident was a security failure on several fronts, experts say the biggest lesson from the attack is that multifactor authentication is a must when dealing with the cloud
Learn from Target's mistake, report attacks early — Check Point(BNamericas) While corporate Latin America is rapidly adopting IT security systems, the region is lagging more developed nations in terms of legal obligations to report attacks, Ricardo Panez, Latin American regional director for Check Point Software, told BNamericas
Cloud security threats, tips and best practices(Help Net Security) In this interview, Gray Hall, CEO at Alert Logic, illustrates today's top cloud security threats, tackles privacy and surveillance issues, and offers security best practices organizations should implement when moving to the cloud
Defense in Depth for Advanced Threat Protection(Infosec Island) Over the last few years, the threat landscape has shifted. Threat actors have evolved from individual hackers to well-funded professionals, often with ties to organized crime or foreign governments. These threat actors have established a network to exchange information and create tools for launching increasingly sophisticated cyber attacks. This new wave of attacks is often targeted, aiming to gain access to digital assets of high financial value to the attacker, such as source code, design plans, customer data, or credit card data
Who owns your typo?(Internet Storm Center) Here's one way how to get at sensitive data that seems to be making a comeback. Already in the olden days, it was popular with the crooks to register domain names that only differed by a typo from the name of a legitimate high traffic site. Googl.com, for example. The crooks would then run web pages with lots of advertisements on these domains, and live happily ever after from the ad revenue that the misdirected typo traffic alone brought their way
Who inherits your IP address?(Internet Storm Center) Somewhat similar to the typo squatting story earlier, the recent proliferation of cloud service usage by enterprises has led to a new problem. For a project at a community college, we needed a couple servers, and didn't want (or have the funds) to build them on-site
Design and Innovation
Isis Flees Brand Tainted By Terror(InformationWeek) There's no such thing as bad publicity, unless the publicity is really bad. Just ask the mobile payments service formerly known as Isis
Cal Poly Pomona to host CyberGirtz Summit on Saturday(Daily Bulletin) Cal Poly Pomona's College of Business Administration's Center for Information Assurance will host CyberGirtz Summit on Saturday in an effort to encourage girls to pursue cybersecurity and other high-tech careers
Legislation, Policy, and Regulation
Currency, maritime disputes at stake in U.S.-China talks(Reuters via Yahoo! News) The United States pressed China to implement structural reforms in its exchange rate and to modify its "aggressive behavior" in disputed waters during a preliminary round of bilateral talks on Tuesday, senior U.S. officials said
Cyber War Council Idea Wins Few Backers(GovInfoSecurity) An idea to create a cyber war council, reportedly proposed by a financial services industry trade group, has not received an enthusiastic reception from cybersecurity experts, some of whom question its viability to defend against crippling cyberattacks
Eugene Robinson: The NSA's misguided mission(Washington Post via the San Jose Mercury News) Even those who believe the National Security Agency's vacuum-cleaner surveillance of electronic communications does not trample privacy rights should be troubled by this practical implication: If you try to know everything, you end up knowing nothing
Senate should demand electric grid reliability and security(The Hill) With a Senate vote on two nominees for commissioners of the Federal Energy Regulatory Commission (FERC) pending, there is unprecedented attention on this obscure regulator of interstate pipelines and electricity transmission. In 2005, Congress granted FERC additional authority to regulate electric grid reliability and security, but too often FERC has accommodated industry rather than enforce strict standards
Rogers: Cybersecurity is the 'ultimate team sport'(Federal Times) Thank you very much for taking the time from your very busy days to focus on a topic that I think is of critical importance to us as a nation: this idea of how do we maintain security in a cyber arena in a world where cyber continues to grow in importance and, at the same time, the level of vulnerability that is present within our cyber systems has probably never been greater. So that's quite a challenge for anybody
Air Force general named Cyber Command deputy chief(Defense Systems) Air Force Maj. Gen. James K. "Kevin" McLaughlin, commander of Air Forces Cyber, has been nominated for promotion to lieutenant general and assignment as deputy commander of the U.S. Cyber Command, Defense Secretary Chuck Hagel announced today
Florida Law Aims To Tighten Data Security(InformationWeek) Florida's new data privacy law increases security accountability for all enterprises; healthcare providers could face greater burden to protect patients' personal information
China says it will punish journalists just for talking about "state secrets"(Quartz) Like most governments, China is paranoid about its state secrets being exposed by pesky journalists. And like most governments, it has rules in place that make it difficult for reporters to publish such secrets, or for politicians to leak them. China has decided those rules aren't strict enough, and is now broadening them so that journalists can be punished just for talking about or collecting secrets
Snowden is Not a 'Civil Liberties Violator' — But One Prominent National Security State Apologist Thinks So(The Dissenter) Over at Lawfare blog, which is a bastion on the Internet for United States national security establishment thinking, editor-in-chief Benjamin Wittes is pushing this argument that National Security Agency whistleblower Edward Snowden is to blame for a massive civil liberties violation. That violation involves providing 160,000 emails collected by the NSA to the Washington Post for the purpose of publishing a major piece of journalism that would be in the public interest
Spying Case Left Obama in Dark, U.S. Officials Say(New York Times) When President Obama placed a call to Chancellor Angela Merkel of Germany last Thursday, he had a busy agenda: to consult with a close ally and to mobilize wavering Europeans to put more pressure on Russia to end its covert incursions in Ukraine
Spy Case Threatens To Sour German-U.S. Ties Anew(Newsfactor) An emerging scandal over a possible U.S. informant in the German intelligence service is threatening to spark a fresh rift between the U.S. and one of its closest allies, after earlier reports that the National Security Agency spied on Germans. Germany's president says that if the allegations are true, that kind of spying on allies must stop
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
INSCOM Cyber Day(Fort Belvoir, Virginia, USA, July 9, 2014) Cyber-industry vendors are invited to participate in the upcoming Cyber Day hosted by the United States Army Intelligence and Security Command (INSCOM), located at Ft. Belvoir. U.S. Army Cyber (AR Cyber)...
2nd Annual Oil & Gas Cyber Security Conference(Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.