skip navigation

More signal. Less noise.

Daily briefing.

Conflicts in Ukraine and Gaza turn, sadly, from cyber to kinetic phases, with much attendant loss and sorrow. We'll continue to monitor them, of course, for their reverberations in cyberspace.

Sino-American cyber tension continues unabated, as the US reiterates warnings that some Chinese actors — probably state-directed — are targeting smaller US agencies. Attribution is, as always, a challenge, and a UN report suggests a partial explanation for why this is so: many governments make heavy use of private companies for surveillance. Some of these organizations have also served as cyber mercenaries operating on behalf of corporations themselves, with competitors' intellectual property and operations as targets. China's leaders use the BRIC summit in Brazil to denounce American "one-sided" special pleading over international norms in cyberspace.

Ransomware remains a matter of concern, despite the (probably temporary) crippling of Cryptolocker. Lookout Mobile Security warns of the emergence of ScarePakage, which locks infected Android devices, displays a bogus FBI warning, and demands a $300 ransom.

Zscaler finds a more general problem with the Android ecosystem: its apps tend to ask for too many "intrusive" permissions. Trend Micro calls attention to another problem: there are about a million bogus apps targeting Android devices.

vBulletin discloses and patches an SQL injection vulnerability.

eBay acknowledges a business significant hit from the attack it sustained this spring.

Dell encryption and InstallShield crashes appear to be unintended side effects of Microsoft's July patches.

Gartner mulls the possibility of FireEye becoming a takeover target. IBM negotiates purchase of Aorata for $200M.

Notes.

Today's issue includes events affecting Brazil, China, Estonia, Germany, Israel, Romania, Saudi Arabia, United Kingdom, United Nations, United States..

Cyber Attacks, Threats, and Vulnerabilities

Chinese Hackers: Cyber-Espionage Increasing Between US, Beijing, As US Government Agencies Targeted (International Business Times) The normally quiet U.S. Office of Personnel Management isn't used to attracting as much international attention as the FBI or the CIA, but the federal agency responsible for assigning national security clearance found itself in the spotlight recently after Chinese hackers attempted to breach its secure network

UN: Nations hide rise in private digital snooping (AP via the Kitsap Sun) Governments on every continent are hiding an increasing reliance on private companies to snoop on citizens' digital lives, the U.N. human rights office said Wednesday

ScarePakage Android ransomware pretends to be FBI porn warning (The Guardian) Hard-to-remove malware locks devices and tries to make people pay $300 fines, says security firm Lookout

Cryptolocker is not dead (Webroot Threat Blog) Recently in the news the FBI filed a status report updating on the court-authorized measures to neutralize GameOver Zeus and Cryptolocker. While the report states that "all or nearly all" of the active computers infected with GameOver Zeus have been liberated from the criminals' control, they also stated that Cryptolocker is "effectively non-functional and unable to encrypt newly infected computers." Their reasoning for this is that Cryptolocker has been neutralized by the disruption and cannot communicate with the command and control servers to receive instructions or send RSA keys after encryption

Ransomware: 5 Threats To Watch (Dark Reading) Cyber criminals have kicked it up a notch with nasty malware that locks you out of your machine and holds it for ransom

vBulletin vulnerable to SQL injection (Help Net Security) A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum software vBulletin

Android apps ask for too many intrusive permissions, Zscaler analysis finds (CSO) Ad networks drive sneaky permissions grab

There's almost a million fake apps targeting your phone (IDG via CSO) Trend MIcro finds hundreds of thousands of fake Android apps in trawl of online stores, forums

Facebook number one social network for phishing attacks (Computing) Facebook remains the number one social media target for cyber criminals, security firm Kaspersky Lab has warned

100+ DDoS events over 100GB/sec reported this year (Help Net Security) Arbor Networks released global DDoS attack data derived from its ATLAS threat monitoring infrastructure. The data shows an unparalleled number of volumetric attacks in the first half of 2014 with over 100 attacks larger than 100GB/sec reported

Large-Scale DDoS Attacks Continue to Spike (Threatpost) Although the average size of a given DDoS attack is going down, the number of attacks at the upper end of the scale is increasing, with researchers at Arbor Networks reporting more than 100 attacks of 100 Gbps in the first half of this year

eBay admits cyber attack has hit sales (Telegraph) Online marketplace revealed in May that a hacker had compromised the data of around 145m customers

Here's How Easy It Could Be for Hackers to Control Your Hotel Room (Wired) Shenzhen is the Silicon Valley of mainland China. Situated about 50 minutes north of Hong Kong, the modern city is home to the Shenzhen Stock Exchange and numerous high-tech giants and startups

Common Misconceptions IT Admins Have on Targeted Attacks (TrendLabs Security Intelligence Blog) In our efforts around addressing targeted attacks, we often work with IT administrators from different companies in dealing with threats against their network. During these collaborations, we've recognized certain misconceptions that IT administrators — or perhaps enterprises in general — have in terms of targeted attacks. I will cover some of them in this entry, and hope that it will enlighten IT administrators on how they should strategize against targeted attacks, also known as APTs

Security Patches, Mitigations, and Software Updates

InstallShield and Dell Encryption Crashes Connected to July Security Patch (Redmond Magazine) While the InstallShield flaw currently has a limited workaround, there's no word on whether the Dell problem is further being investigated by Microsoft

Cisco Patches Wireless Residential Gateway Vulnerabilities (Threatpost) Cisco patched a critical remote code execution bug in its Cisco Wireless Residential Gateway product

Oracle's "Patch Tuesday" brings 113 patches across 13 product families (Naked Security) Oracle's latest scheduled security updates are now available, coming as they do on the Tuesday closest to the middle of the 17th of the month in January, April, July and October

Emergency vBulletin patch fixes dangerous SQL injection vulnerability (CSO) Attackers could exploit the flaw to steal information from the databases of websites running vBulletin 5

Cyber Trends

Security Concerns Grow Over Ransomware (Business Solutions) A survey by IT security company KnowBe4 shows concern over ransomware is growing. The study reveals 73 percent of IT professionals surveyed are "very or extremely concerned about it," an increase from 48 percent responding in the same way in a study by IT security company Webroot in January of this year

Developing a smart approach to SMAC security (CSO) As businesses look to take advantage of SMAC (social, mobile, analytics, and cloud) platforms, they first need to consider the risks and security implications of the technologies involved

Krebs on security, Target and why retailers need a better response to data breaches (FierceRetailIT) Blogger Brian Krebs is responsible for breaking many a story about cybercrime, including Target's (NYSE:TGT) massive data breach in fall 2014 that compromised the credit and personal information of more than 70 million shoppers. But more than anything, he believes that retailers need to fundamentally change the way they respond to breaches

Internet Of Things: 8 Pioneering Ideas (InformationWeek) Today's Internet of Things remains a disparate assortment of ideas and products competing for attention. These pioneers should intrigue enterprise IT

Total internet failure: are you prepared? (Computer Weekly) A total internet failure is the one thing that could stop any business in its tracks, yet few are preparing for this possibility, consultancy KPMG has warned

Marketplace

FBI seeks information about cloud services to store criminal justice data (FierceGovernmentIT) The FBI is seeking commercial cloud-computing options that can store vast amounts of criminal justice data

Goldman Sees FireEye As Potential M&A Target (Benzinga) FireEye (NASDAQ: FEYE) was highlighted in a security sector report from Goldman Sachs on Wednesday

Microsoft in talks to buy Aorato for $200m — report (Globes) Microsoft Corp. (Nasdaq: MSFT) is in talks to buy Israel cyber security company Aorato, "Bloomberg" reports. Talks are reportedly in an early stage and it is likely that Aorato is also negotiating with other companies. Sources believe that Aorato will be sold for about $200 million

CA spins out Arcserve backup and data protection division (Computer Weekly) CA has spun out its Arcserve mid-market backup and data protection business in a move financed by Silicon Valley invester Marlin Equity

Google bug-hunting Project Zero could face software developer troubles (CSO) How Google handles conflicts with software vendors will be important to Project Zero's success, experts say

Why Cutting 18,000 Jobs Was Likely Microsoft's Plan All Along (Wired) Micosoft will slash up to 18,000 jobs by the end of the year. That's 14 percent of the company's workforce, and it amounts to the largest round of layoffs in the nearly 40 year history of the software kingpin

Canadian Government Funds Seccuris to Expand OneStone Cloud-based Security Platform (Insurance News Net) Securris Inc., the North American leader in security consulting and managed services, announced that it has secured $750,000 in funding through the government of Canada's Western Innovation (WINN) Initiative. The company will use the investment to expand the capabilities of its OneStone™ Information Assurance Portal, a cloud-based security platform that offers an integrated suite of security management services

Paul J. Cormier, Red Hat Executive and Tech Industry Veteran, Joins SolarWinds' Board of Directors (MarketWatch) SolarWinds SWI +0.89% , a leading provider of powerful and affordable IT management software, today announced that Paul J. Cormier, President, Products and Technology for Red Hat, Inc. has joined its board of directors. Cormier brings his expertise and proven track record in high-transaction, volume-based software companies and deep perspective on technology adoption to the role

Raytheon and Pannesma name board members for joint venture operation in the Kingdom of Saudi Arabia (MarketWatch) Raytheon Company RTN +0.32% and Pannesma Company Limited today announced the board members of the Raytheon Atheeb Systems Limited (RASL) Joint Venture company in the Kingdom of Saudi Arabia. The Joint Venture agreement builds upon Raytheon's and Pannesma's long-standing, successful partnership of more than 20 years and their ongoing commitment to support and expand the Saudi Arabian industrial, technology and educational base. Company ownership is Raytheon 51 percent and Pannesma 49 percent

BlackBerry takes a pop at privacy-focused Blackphone (Naked Security) There's a public spat between BlackBerry and Blackphone, the spunky start-up company trying to break into the crowded mobile market with promises of air-tight security. Can BlackBerry survive the competition?

Products, Services, and Solutions

Alert Logic Log Manager Delivers Security Insight and Compliance Visibility - Now Available on AWS Marketplace (MarketWatch) Alert Logic Log, IDS and WAF security solutions all now available for annual subscription

SECUDE Releases Halocore for SAP NetWeaver 2.0 With Full Cloud Support Running on Microsoft's Azure (MarketWatch) Extending the Recently Announced SAP and Microsoft Partnership, Halocore Brings Powerful Cloud-Based Protection and Mobility Capabilities of Azure to SAP Customers

Egnyte Delivers Policy-Based Sync for Enterprises with Storage Sync 10.0 (BusByway) Enables instantaneous Ccollaboration across offices and simplified administration

Bitdefender Antivirus Plus 2015 (PC Magazine) When you buy antivirus protection these days, you know that it's really antivirus plus protection against Trojans, rootkits, rogues, and all sorts of malware. Sometimes, though, you get even more. The "Plus" in Bitdefender Antivirus Plus 2015 ($39.95 per year; $59.95 for three licenses) refers to an impressive collection of bonus features that many vendors would reserve for their full security suite

Exostar Receives DoD Interoperability Certification for SHA-2 Certificates (MarketWatch) Exostar, whose cloud-based solutions enable secure, cost-effective business-to-business collaboration, today announced its Federated Identity Service (FIS) has received interoperability certification for its public key infrastructure (PKI) services that are based on the latest National Institute of Standards and Technology (NIST) SHA-2 standard

Proofpoint Launches Suite of Protection and Compliance Products for Office 365 (MarketWatch) Proofpoint, Inc. PFPT -1.54%, a leading security-as-a-service provider and Microsoft Gold Independent Software Vendor, today announced the availability of the Proofpoint Security and Compliance Suite for Office 365

Technologies, Techniques, and Standards

NIST report outlines steps to strengthen encryption standards development after NSA revelation (FierceGovernmentIT) The National Institute of Standards and Technology's main advisory committee, which has been reviewing concerns about the integrity of the agency's cryptographic standards and guidelines program, recommended greater transparency and openness in NIST's relationship with the National Security Agency

65 challenges that cloud computing poses to forensics investigators (Help Net Security) The National Institute of Standards and Technology (NIST) has issued for public review and comment a draft report summarizing 65 challenges that cloud computing poses to forensics investigators who uncover, gather, examine and interpret digital evidence to help solve crimes

Cloud Security Alliance Releases New Cloud Controls Matrix v3.0.1 And Consensus Assessments Initiatives Questionnaire v3.0.1 (Broadway World) The Cloud Security Alliance(CSA) today announced the release of significant updates to two de facto industry standards, the Cloud Controls Matrix (CCM) Version v3.0.1 and the Consensus Assessments Initiatives Questionnaire (CAIQ) v3.0.1. With the updates, the CSA has completed a major milestone in the alignment between the Security Guidance for Critical Areas of Focus in Cloud Computing v3, CCM, and CAIQ

Microsoft's Answer to Buggy Code: Monitor the Coder (Infosecurity Magazine) Eye-tracking, EEG and EDA sensors could alert managers when programmers are struggling, according to new study

Selectively re-using bad passwords is not a bad idea, researchers say (Help Net Security) For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across many websites and online services

No money, no problem: Building a security awareness program on a shoestring budget (CSO) Awareness programs don't have to be complicated, expensive ventures

Oracle Data Redaction is Broken (Datacom via PacketStorm) Oracle data redaction is a simple but clever and innovative idea from Oracle. However, at present, there are weaknesses that undermine its effectiveness as a good security mechanism. These weaknesses can be exploited via web based SQL injection attacks and this paper details those weaknesses and provides suggestions on how it can be improved and made more secure

Healthcare IT Cloud Safety: 5 Basics (InformationWeek) Healthcare is warming up to cloud services, and that means extra vigilance. Here's what you should be doing at a minimum to keep data safe

Ethical Walls in the Digital Age: When it’s Good to Block Comms (Trend Micro: Simply Security) When two major advertising groups last year proposed a merger, it would have meant the same ad agency serving both PepsiCo and Coca-Cola. To keep the ideas and content from being shared, the ad agency would have had to create 'Ethical Walls' or communication blocks between the creative teams serving each client

Are TrueCrypt Users Screwed? (eSecurity Planet) When developers of the TrueCrypt disk encryption program warned the open source project was insecure, it left users hanging. Fortunately, there are TrueCrypt alternatives

Design and Innovation

Keybase Project Plans to Make Cryptography as Easy as Twitter (CoinDesk) A new project called Keybase is attempting to make cryptographic keys, like those used for bitcoin wallets, easier for everyone to use

Research and Development

Research alliance for the digital revolution (Phys.org) Collaborative research of Siemens with the Technische Universität München, the Ludwig-Maximilians-Universität München, the German Research Center for Artificial Intelligence and the Fraunhofer Institute for Applied and Integrated Security New technology base for automation, Internet of Things, cloud solutions, IT security and smart data Siemens to invest a sum in the double-digit million-euro range over three years

Academia

Ravens Capology Educational Program Unveiled (Baltimore Ravens) The Ravens and LifeJourney are teaming up to provide real-world education to high schoolers

ESET Presents Thousands in Scholarships to Local High School Seniors (MarketWatch) ESET®, the global leader in proactive digital protection, today announced its support and participation in the Armed Forces Communications and Electronics Association (AFCEA) San Diego Scholarship Award Ceremony, held last night at the Hilton Mission Valley in San Diego. The company awarded $10,000 in scholarship funds to two local high school seniors to support their studies in the fields of science, technology, engineering or math (STEM) in higher education

NSA and Capitol College Working Together (American News Report ) The National Security Agency has chosen Capitol College of Laurel, Maryland as one of two academic partners to help NSA's personnel stay ahead of the steepening cybersecurity curve

University Receives Dual Information Assurance/Cyber Defense Education Designations (iSchool News) Syracuse University is among an elite group of academic institutions designated by federal agencies for research and education in information assurance and cyber security

Legislation, Policy, and Regulation

Espionage claims could test US-German military accord, experts say (Stars and Stripes) News Wednesday that Germany is investigating new allegations that the United States bought secrets from a German official — the second such probe to become public in a week — delivered another blow to U.S.-German relations over what is now a year-old scandal of American spying on an ally

In Brazil, Chinese President Blames US for Double Standard in Cyberspace (Brazzilmag) Cyber security was one of the issues raised by Chinese President Xi Jinping during his visit to Brazil's National Congress. According to China's leader, the international community needs to work to guarantee the nations' sovereignty in this area

Law Enforcement Asks Congress for More Power Against Botnet Operators (SecurityWeek) Cyber-attackers are increasingly using botnets to drive their criminal enterprises, whether they are sending spam, infecting computers with malware, or launching denial-of-service attacks, experts testified at a Senate committee hearing on Tuesday

Privacy Groups Urge Obama to Reject Senate Cyber-Security Bill (CFO) Their major objection: it doesn't offer solutions to cyber-security, only info sharing between businesses and the government

Pincus: Is NSA keeping too much? (Washington Post via the Salt Lake Tribune) The National Security Agency does not have the time or personnel to eliminate innocent U.S. citizens' communications collected under Section 702 of the Foreign Intelligence Surveillance Act

Litigation, Investigation, and Law Enforcement

Chaos Computer Club bolsters NSA spying complaint with Tor snooping evidence (IDG via CSO) The Chaos Computer Club wants new evidence to prompt an investigation into mass surveillance of German citizens

Digital fraudster 'tetereff' gets five years hard time (V3) Estonian hacker Andrei Sergejev has been sentenced to five years in prison, following his arrest in March 2012

13-year-old girl arrested for Facebook death threats against entire town (Naked Security) Despite specific threats to kill a 12-year-old cancer patient along with the entire population of a Texas town, Facebook initially stonewalled police's efforts to find the identity of whoever was making the terrorist threats

Child abuse images dragnet snares 660 suspected paedophiles (Naked Security) Doctors, teachers, scout leaders, care workers and former police officers — all professions that entail unsupervised access to children — were among 660 who've been arrested in an unprecedented child abuse image dragnet in the UK

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2nd Annual Oil & Gas Cyber Security Conference (Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...

SINET Innovation Summit (New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...

Security Startup Speed Lunch DC (Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...

Seminar: Cybersecurity Framework for Protecting our Nation's Critical Infrastructure (Marietta, Georgia, USA, July 22, 2014) The Automation Federation and Southern Polytechnic State University will co-sponsor the "Cybersecurity Framework for Protecting our Nation's Critical Infrastructure." a free seminar from 8 a.m. to noon...

Black Hat USA 2014 (, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...

BSidesLV 2014 (Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...

Passwords14 (Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...

4th Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...

DEF CON 22 (Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.

South Africa Banking and ICT Summit (Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...

SANS Cyber Defense Summit and Training (Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...

AFCEA Technology & Cyber Day (Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...

Resilience Week (Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.

c0c0n: International Information Security and Hacking Conference (, January 1, 1970) c0c0n, previously known as Cyber Safe, is an annual event conducted as part of the International Information Security Day. The Information Security Research Association along with Matriux Security Community...

The Hackers Conference (New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.