skip navigation

More signal. Less noise.

Daily briefing.

Fighting in Gaza and Israel calls out cyber-rioters, mostly pro-Palestinian hacktivists. So far attacks seemingly amount to nuisance-level vandalism.

The scanner-based campaign against international shipping, traced to China and increasingly attributed to the Chinese government, now has a name: "Zombie Zero." Logistics companies using industrial scanners are most affected by the pre-installed malware, which exploits vulnerabilities in Windows XP. TrapX notes that the command-and-control server appears to be located at the Lanxiang Vocational School, an institution associated with the PLA's 2012 Operation Aurora.

The US indicts another Chinese national, a businessman accused of industrial espionage conducted by compromise of Boeing networks. The Washington Post reports a Chinese cyber espionage campaign against US biofuel manufacturer Algenol, suggesting broad, continuing Chinese interest in the energy sector.

Neither side in the ongoing Sino-US cyber dispute seems ready to back off: Chinese state media denounce the iPhone as a security threat because of its geolocation features. (Apple issues a surprising mild demurral.) US authorities say no data appear to have been lost in the recent Chinese cyber attack on the Office of Personnel Management.

The US Secret Service warns the hospitality industry that hotel Wi-Fi is dangerously insecure.

The goal of a long-running Facebook and Dropbox credential theft effort remains unclear, but the campaign itself suggests preparation for large-scale crime or espionage.

As expected, Gameover Zeus and Cryptolocker have begun to recover from their takedowns.

Corporate boards worry about cyber security, but corporate resources aren't following their concerns. Insurers grapple with assessing cyber risk.

Notes.

Today's issue includes events affecting Albania, Australia, Canada, China, India, Israel, Japan, Palestinian Territories, South Africa, United Kingdom, United States..

We'll be providing live coverage from New York City of Thursday's SINET Innovation Summit.

Cyber Attacks, Threats, and Vulnerabilities

Hackers target Israeli Govt, claim leaking login details in support of Palestine (HackRead) Hackers from around the world are targeting Israeli government against the ongoing bombing over Gaza Strip, Palestine

Anonymous hacks Israeli Galilee Development Authority website for Palestine (HackRead) Anonymous hacker AnonGhost has hacked and defaced the official website of Galilee Development Authority, which is directly under the Israeli ministry of Rural development authority

China accused of global zero-day attack on shipping firms (SC Magazine) A suspected Chinese government cyber-attack called 'Zombie Zero' has been targeting shipping, logistics and manufacturing companies worldwide, according to US security research firm TrapX

Why were this company's computers attacked millions of times this year? Algae. (Washington Post) About 16 months ago, a Florida-based biofuel company called Algenol noticed that its Internet service was slowing down. In checking that out, Jack Voth, Algenol's information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China, a country where Algenol has never sought to do business

China Labels iPhone a Security Threat (Wall Street Journal) China's influential state broadcaster on Friday called a location-tracking function offered by Apple Inc. AAPL +0.78%'s iPhone a "national security concern," in the latest sign of a backlash in the country against U.S. technology firms

Apple responds to China's claim iPhone is a 'national security threat' (CSO) Apple's rebuttal against claims iPhone is a national security threat

No likely data breach from reported Chinese hacking: US (AFP via Yahoo! News) The personal data of thousands of US government workers was not compromised in a recently reported cyber attack, officials say, amid fresh allegations that Chinese hackers accessed computers housing employee information

Adobe Flash: The most INSECURE program on a UK user's PC (The Register) XML a weak spot, but nothing's as dire as Adobe player

Lack of Certificate Pinning Exposes Encrypted iOS Gmail App Communication (Threatpost) Google's Gmail application for iOS fails to perform a task called certificate pinning, which could expose the users of affected devices to man-in-the-middle attacks capable of monitoring encrypted email communications

Google denies report of Gmail security risk on Apple iOS (CSO) Google says the 'pinning' technique Lacoon Mobile Security says should be in Gmail would not protect users

Beware Keyloggers at Hotel Business Centers (Krebs on Security) The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests

Attack Campaign Targets Facebook, Dropbox User Credentials (Dark Reading) The goal of the attackers is not fully clear but the credential theft could set up sophisticated targeted attackers

"Gameover" malware returns from the dead… (Naked Security) In early June 2014, international law enforcement agencies combined to carry out a hugely successful action called Operation Tovar against the cybercrime group behind the malware family known variously as Gameover, Gameover Zeus or GOZ

Gameover Zeus Trojan Returns (BankInfoSecurity) Gameover Zeus appears to have returned, just one month after an international law enforcement operation targeted the malware in a high-profile takedown operation

CryptoLocker's delivery platform remains operational (CSO) A new report from BitDefender warns that the content delivery network used by CryptoLocker is still up and running, and while it isn't serving the ransomware that made it famous, it's still a vital communications channel for various other threats

After takedown efforts, Cryptolocker fate still "undetermined," firm says (SC Magazine) Bitdefender Labs, the security company that discovered Cryptolocker ransomware, says the fate of the malware is "undetermined," despite continuous takedown efforts

Microsoft revokes trust in certificate authority operated by the Indian government (IT World) A security breach at India's National Informatics Centre resulted in at least 45 rogue digital certificates for Google and Yahoo domains

The Vice in the Device #2 (Cyactive) With the number of new mobile malware growing by 167 percent over the past year, and mobile phones taking an ever increasing part in people's daily lives, a number of major new mobile malware were discovered lately, reusing code and methods from earlier malware

LastPass Sadly Downplays Pair of Year-Old Vulnerabilities (NoVA Infosec) On Friday our favorite password manager LastPass published a nonchalant blog post about two vulnerabilities discovered by researcher Zhiwei Li last year

Security Patches, Mitigations, and Software Updates

LibreSSL ships first portable version, now up to 48% less huge! (Naked Security) Just under three months ago, we wrote about a coding project called LibreSSL

Cyber Trends

Hacking Gets Physical: Utilities At Risk For Cyber Attacks (Forbes) Imagine this: Your city has been out of electricity for a full day because the power grid is being held ransom by an international group of hackers, demanding money before electricity will be restored. While this might sound like the plot of a dystopian novel, Dr. Larry Ponemon, founder of the Ponemon Institute, says this kind of attack on an electrical grid or water system could be in our future if critical infrastructure sectors don't improve their security systems

Study: Most Critical Infrastructure Firms Have Been Breached (Dark Reading) A new Ponemon Institute study finds 70% of critical infrastructure companies have been hit by security breaches in the last year, but cyber security programs are still a low priority

Managing Cyber Risk: Job #1 for Directors and General Counsel (FTI Journal) Each year, FTI Consulting and NYSE Governance Services survey public company directors and general counsel about the legal and governance issues that concern them the most

Cyber attacks target teleco industry (Business Tech) Kaspersky Lab has found that targeted cyber attacks are on the rise year-over-year, and also identified the business sectors most likely to be targeted

Businesses will experience cyber-attacks: Deloitte report outlines top threats for seven industries and provides tips to understand greatest risk (Trend) Advanced Persistent Threats have become a reality for all organizations that depend on digital technology

Exploring the BYOD security dynamic (Help Net Security) Webroot examined the use and security of personal mobile devices in the work environment from both the employee and employer perspectives

Empowered Millennials expect BYOD (Help Net Security) New data finds that Millennials — the new generation of workers born between the early 1980s and the early 2000s — are highly dedicated to their jobs and often times work well beyond normal business hours. Yet they remain fiercely independent in their work habits — craving greater freedom and flexibility to work whenever and wherever they feel most productive

Businesses are deprioritizing information security (Help Net Security) Businesses are deprioritizing information security and decreasing their investment in the destruction of confidential information, according to Shred-it

Japan rushes to thwart cyber onslaught (The Age) Shortly after the alert sounded at 9.10pm, Yahoo Japan Corp.'s risk team knew it had a problem. More than 20 million usernames and passwords belonging to its customers were being dumped into a file, primed to be stolen

Marketplace

Insurers struggle to get grip on burgeoning cyber risk market (Reuters via the Chicago Tribune) Insurers are eagerly eyeing exponential growth in the tiny cyber coverage market but their lack of experience and skills handling hackers and data breaches may keep their ambitions in check

Cyber crime still evolving, many breaches uninsured: Crawford & Company (Canadian Underwriter) Crawford & Company has released a white paper meant to help insurance companies and adjusters better understand the current cyber risk environment and how insurers are addressing a risk that continues to be a global threat to millions of commercial enterprises and consumers

IoT creating plethora of new jobs in IT cybersecurity (TechRepublic) The complexity and sheer number of Internet of Things devices will require more IT security professionals, creating new job opportunities for those in the field

Closing the Back Door — Responding to the Whisper Campaign (Trend Micro: Simply Security) The Information Technology (IT) industry is a huge economic driver for the world economy. Purchasing products and solutions are based not only on superior technology, but also whether you have trust and confidence in a vendor

Security approval gives Samsung access to Australian government market (CSO) Media reports may have suggested that that Samsung was going to give up on its Knox security platform, but the Common Criteria approval of its flagship Galaxy S5 smartphone is likely to give the platform new momentum as the company pushes into the lucrative Australian government market

The Return Of FireEye (FEYE) (Seeking Alpha) FireEye Inc. (FEYE) provides IT security software for corporations and government entities to detect, remove, and prevent cyber-attacks. With a virtual-based platform, FireEye products can protect against threats in real time, and prevent threats from materializing in the first place. In short, this company is a hacker''s worst nightmare. Since its IPO, FEYE has had a somewhat rocky ride, evidenced by the graph below

GCR names new information, cyber security manager (Financial News) GCR Inc. said that Andre Allen will spearhead GCR's cyber security practice to deliver cost-effective cyber security solutions, with a primary focus on the Aviation industry''

Products, Services, and Solutions

Silent Circle Challenges Skype, Telecoms With Encrypted Calling (InformationWeek) Blackphone maker's affordable encrypted calls could appeal to security-conscious businesses

ARM, Quarri ink Web security deal (ITWeb) African security management provider African Risk Mitigation (ARM) has signed a distribution agreement with Quarri Technologies, a Web information security software company that empowers organisations to keep their sensitive data secure, to distribute its Web and browser security solutions

eScan Internet Security Features (Streetwise Tech) eScan Internet Security has been designed to protect homes and businesses from threats, viruses, malware, worms, spyware and Trojan horses from destroying their system

Technologies, Techniques, and Standards

Securing the virtual environment (Help Net Security) So you have you a shiny new virtual environment up and running. You may have virtualised all your servers, so that your business-critical databases, CRM systems, ERP applications and email all reside in a virtual environment. It has been a long project, but now it is complete and you are experiencing the operational, performance and cost gains. Stop! Think! Have you covered all the bases? Have you thought about security?

Firewall Policies: How to Build a Better Policy (Fortinet Blog) As networks become more advanced, so do the demands placed upon your firewall. As such, it is equally important to know how to make a firewall policy work, and to make it work well

The Internet of Things: How do you "on-board" devices? (Internet Storm Center) Certified pre-pw0ned devices are nothing new. We talked years ago about USB picture frames that came with malware pre-installed. But for the most part, the malware was added to the device accidentally, or for example by customers who later returned the device just to have it resold without adequately resetting/wiping the device

Heuristic Scanning and Sandbox Protection: Best of Both Worlds (TrendLabs Security Intelligence Blog) We have been dealing with targeted attacks and know that there is no single technology that can practicably defend an organization's network against these high-impact campaigns. This is sad, true, but it does mean there are ways to harness security technologies like sandboxing and heuristic scanning so that they work together to protect as a stronger whole

Egress Filtering? What — do we have a bird problem? (Internet Storm Center) One of the major tools that we have in our arsenal to control malware is outbound filtering at firewalls and other network "choke points"

Strategic Security: Begin With The End In Mind (Dark Reading) The trouble with traditional infosec methodology is that it doesn't show us how to implement a strategic security plan in the real world

Design and Innovation

Google changing Chrome malware, phishing warnings (ZDNet) New designs for interstitial warning pages for malware and phishing sites detected by Google Safe Browsing are simpler

Research and Development

Army Issues RFI on Biometrics Research and Development Work (Executive Gov) The U.S. Army is seeking information on potential vendors that can perform biometrics-related research, development and implementation work for the Intelligence and Information Warfare Directorate of the Communications Electronics Research and Development Engineering Center

Welcome to the era of social network tyranny (Quartz) Amid growing calls for formal investigations into Facebook's disturbing mood manipulation research, media scholar Jay Rosen has a reminder for journalists, editors, and personal social media users alike: "Facebook has all the power. You have almost none"

Academia

DSU Develops Cyber Security Camp For High School Students (Yankton Daily Press and Dakotan) Next summer will bring a new kind of camp to South Dakota, one that not only features the time honored traditions of meeting new friends and staying up all night, but teaches campers the basics of cyber security. Dakota State was recently awarded a $100,000 grant from the National Science Foundation (NSF) to develop and host a cyber security camp July 20-25, 2014, for students entering grades 10-12

New York Gets Another Learn To Code Academy (TechCrunch) New York is getting a new tech skills training academy. The twist it that the just launched academy is being created by a dev studio drawing on their existing expertise making apps for others to teach budding entrepreneurs the web development skills they're going to need to turn their big idea into a big business. At a price, of course

PA Cyber Charter School announces plans for $5.7 million expansion (Trib Live) As school districts statewide continue cutting, Pennsylvania's largest cyber school announced plans for widespread expansion, including at least 80 new teachers and a $5.7 million building project in downtown Midland in Beaver County

Legislation, Policy, and Regulation

Cyber operation centres to be set up for threat management: Arun Jaitley (Economic Times) Cyber Operation Centres will be set up for threat management and mitigation as part of efforts to protect defence networks from cyber attacks, Defence Minister Arun Jaitley told the Lok Sabha today

Big Brother is Watching: Policing of the Future is Here Today Says Morgan Marquis-Boire (International Business Times) "There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time." This is a quote from George Orwell's dystopian novel Ninteen Eighty-Four which was publised 65 years ago. On Tuesday the UK government will fast-track legislation through parliament in order to safeguard the security of the country and its people — according to David Cameron at least

Edward Snowden Attacks British Emergency Surveillance Laws (NDTV) Fugitive US intelligence expert Edward Snowden attacked British plans for emergency laws to allow police and security services greater access to Internet and phone data on Sunday

NIOC Bahrain holds change of command (DVIDS) Navy Information Operations Command (NIOC) Bahrain held a change of command ceremony July 7 at the Naval Support Activity Bahrain Chapel

Litigation, Investigation, and Law Enforcement

Spiegel: Intel agency suspected in alleged phone hacks of MPs (Deutsche Welle) Two German parliamentarians suspect that their phones were tapped by an intelligence agency, according to Der Spiegel. The allegations come amid a diplomatic row between Berlin and Washington over US espionage

Feds: Chinese businessman hacked into Boeing computers systems for data on military projects (Fox Business) U.S. authorities have charged a Chinese businessman with hacking into the computer systems of U.S. companies with large defense contracts, including Boeing, to steal data on military projects, including some of the latest fighter jets, officials said Friday

Liberty in security bodies law bid (Belfast Telegraph) A civil liberties campaign group says it has taken legal action against Government intelligence services because it believes its private communications have been "interfered with" in breach of human rights legislation

BAE reversal came after Homeland Security came calling (CNBC) BAE Systems' inaccurate claim of stopping a major cyberattack against a large hedge fund got the attention of the U.S. Department of Homeland Security, CNBC has learned

Ethical concerns raised by workers at Canadian spy agency (Globe and Mail) Employees at Canada's fast-growing electronic spy service are sounding alarms about possible misuse of funds, conflicts of interest and financial mismanagement

Albanian hacker pleads guilty in US$14m global bank fraud (Channel News Asia) An Albanian hacker who was part of an international cyber-attack conspiracy that stole US$14 million from ATM machines all over the world pleaded guilty in New York to bank fraud

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2nd Annual Oil & Gas Cyber Security Conference (Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...

Security Startup Speed Lunch DC (Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...

Seminar: Cybersecurity Framework for Protecting our Nation's Critical Infrastructure (Marietta, Georgia, USA, July 22, 2014) The Automation Federation and Southern Polytechnic State University will co-sponsor the "Cybersecurity Framework for Protecting our Nation's Critical Infrastructure." a free seminar from 8 a.m. to noon...

SHARE in Pittsburgh (Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today. FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles. ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...

STOP. THINK. CONNECT. Two Steps Ahead: Protect Your Digital Life Tour (Clarksville, Tennessee, USA, August 5, 2014) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, is coming to TK with its STOP. THINK. CONNECT.

Passwords14 (Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...

BSidesLV 2014 (Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...

4th Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...

DEF CON 22 (Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.

South Africa Banking and ICT Summit (Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...

SANS Cyber Defense Summit and Training (Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...

Resilience Week (Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.

AFCEA Technology & Cyber Day (Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.