Hacktivists sympathizing with Hamas, or at least with Gazans, release online credentials of some 4000 Israelis.
Non-governmental OSINT (open source intelligence) slowly uncovers (and preserves) the history of the MH17 shootdown. Cybercriminals meanwhile continue their sick exploitation of the tragedy with maltweets, waterholes, and malware-laden bogus Facebook tributes to the victims.
Havex and Dragonfly persist in energy sector networks. FireEye observes a new Havex variant — "Peacepipe," or "Fertger" — with enhanced capabilities against SCADA systems. Cyactive reports on Dragonfly's mechanisms of action, and assesses the campaign as cyber espionage, with a secondary mission of establishing an ICS attack capability. Sentinel Labs finds "Gyges" proliferating from Russia's cyber arsenal to cybercriminals.
Privacy-friendly OS Tails is found vulnerable to a de-anonymization zero-day.
A researcher finds a hidden network packet-sniffer in iOS: the backdoor is allegedly a deliberately designed feature.
Canvas fingerprinting, a persistent, difficult-to-block tracking tool, is found on many websites, from the stodgy to the dodgy.
Apple's iOS 8 will add a location-spoofing capability; WiFi location-based services worry about the feature's effect on their business.
Augurs consider the future of "cyber war," examining 2010's Nasdaq hack for auspices.
Bloomberg reports cyber risks are inadequately addressed during mergers and acquisitions. This is of a piece with the challenges the more advanced cyber insurance market faces: the risks are relatively novel, and absolutely difficult to assess.
Venture capitalists continue to invest in cyber. IT industry layoffs affect the cyber labor market.
New York and Connecticut regulators look respectively at cryptocurrencies and utility cyber security.
Today's issue includes events affecting Albania, Australia, Austria, China, European Union, Germany, Ireland, Israel, Japan, Kenya, Palestinian Territories, Poland, Russia, Turkey, Ukraine, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
#OpSaveGaza: Hackers leak login credentials of 4000 Israeli users(HackRead) A group of hackers going with the handle of @IzzahHackers on Twitters are claiming to leak login credentials along with other details of over 4,000 Israeli citizens. The leaked data was posted online which shows names, emails, phone numbers and some passwords. The breach was conducted under the banner of #OpSaveGaza earlier today in which hackers have claimed
Havex, It's Down With OPC(FireEye) FireEye recently analyzed the capabilities of a variant of Havex (referred to by FireEye as "Fertger" or "PEACEPIPE"), the first publicized malware reported to actively scan OPC servers used for controlling SCADA (Supervisory Control and Data Acquisition) devices in critical infrastructure (e.g., water and electric utilities), energy, and manufacturing sectors
Lights Out: Dragonfly Is On the Move(Cyactive) A large, possibly state-backed operation named Dragonfly\Energetic Bear, which has been running since 2011, was recently discovered infecting US and European energy and Industrial Control System (ICS) equipment manufacturers. The operation reused both exploits and RAT's in its attacks. A large, possibly state-backed operation named Dragonfly\Energetic Bear was recently discovered in a number of US
Funny Facebook video scam leaves unamusing Trojan(Help Net Security) A new funny video spreading on Facebook leaves a not-so-hilarious Trojan in its wake on users' computers, according to research by Bitdefender. The malware, believed to originate from Albania, can access a large amount of data from the user's internet browser
Critical de-anonymization 0-days found in Tails(Help Net Security) Tails, the security-focused Debian-based Linux distribution favoured by Edward Snowden, journalists and privacy-minded users around the world, sports a number of critical vulnerabilities that can lead to the user's identity to be discovered by attackers
The dangers of social media(DVIDS) A Marine is using social media when a female he does not recognize sends him a friend request. He enjoys meeting new people, so he accepts her request. They begin to chat and soon decide to meet. Before they meet, she tells the Marine he must contact, a man who knows the woman. The man tells him he must pay money or the Marine and his family and friends will be in danger
How cyber attacks ran rampant at the 2014 World Cup(AppsTechNews) After a month of fierce competition, exciting matches, and phenomenal goals, the 2014 World Cup in Brazil has finally concluded. While Germany is celebrating another impressive victory and the world looks back on what turned out to be a thrilling tournament, it's also important to look at some of the less than fantastic behind-the-scenes details
Researcher finds backdoors in Apple iOS(IDG via CSO) Jonathan Zdziarski says the services added to the firmware of Apple devices can bypass backup encryption while copying more personal data 'than ever should come off the phone'
Identifying back doors, attack points, and surveillance mechanisms in iOS devices(Digital Investigation) The iOS operating system has long been a subject of interest among the forensics and law enforcement communities. With a large base of interest among consumers, it has become the target of many hackers and criminals alike, with many celebrity thefts (For example, the recent article "How did Scarlett Johansson's phone get hacked?") of data raising awareness to personal privacy
The 'Fingerprinting' Tracking Tool That's Virtually Impossible to Block(Mashable) A new, extremely persistent type of online tracking is shadowing visitors to thousands of top websites, from WhiteHouse.gov to YouPorn.com. The type of tracking, called canvas fingerprinting, works by instructing the visitor's web browser to draw a hidden image, and was first documented in a upcoming paper by researchers at Princeton University and KU Leuven University in Belgium. Because each computer draws the image slightly differently, the images can be used to assign each user's device a number that uniquely identifies it
Chip and PIN security no panacea against payment card fraud(TechTarget) In June 2011, Alex Gambin had his wallet stolen while on the Spanish island of Mallorca. A few minutes later, unauthorized charges of more than $1,800 were made to his HSBC credit card, despite the fact that his card contained a security chip designed specifically to prevent that kind of theft and that any transactions should have required a personal identification number
Finding Holes in Banking Security: Operation Emmental(TrendLabs Security Intelligence Blog) Like Swiss Emmental cheese, the ways your online banking accounts are protected might be full of holes. Banks have been trying to prevent crooks from accessing your online accounts for ages. Passwords, PINs, coordinate cards, TANs, session tokens — all of these were created to help prevent banking fraud. We recently come across a criminal operation that aims to defeat one of these tools: session tokens. Here's how they pull it off
FDIC Made Progress in Securing Key Financial Systems, but Weaknesses Remain (GAO) The Federal Deposit Insurance Corporation (FDIC) has a demanding responsibility enforcing banking laws, regulating financial institutions, and protecting depositors. Because of the importance of FDIC's work, effective information security controls are essential to ensure that the corporation's systems and information are adequately protected from inadvertent or deliberate misuse, improper modification, unauthorized disclosure, or destruction
Vulnerabilities in LZO and LZ4 compression libraries(US-CERT) Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation
New search engine Indexeus unmasks malicious hackers(Naked Security) I don't know if it's because every hacker on the planet was frantically trying to look up their details before their enemies found them or what, but Indexeus, a new search engine that exposes personal data, was offline on Monday
Bulletin (SB14-202) Vulnerability Summary for the Week of July 14, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
1-15 July 2014 Cyber Attacks Timeline(Hackmageddon) It's time for the first cyber attacks timeline of July reporting the main cyber events happened (or discovered) during the first half of the month
Security Patches, Mitigations, and Software Updates
3 questions about the future of cyber warfare(F-Secure: Safe & Savvy) "We're not creative enough when we imagine cyber warfare," F-Secure Security Advisor Sean Sullivan recently told me. "It's not kinetic explosions. It could be a guy whose crimeware business has dried up and is looking for new business"
The NASDAQ Hack and Coming Global Cyberwar(H+) It was October 2010 when the FBI started an investigation on alleged malware-based cyber attacks against on NASDAQ, probably related to the operation of a state-sponsored group of hackers. After more than 12 months in which the FBI has worked with NSA, the US intelligence concluded that a major attack against the NASDAQ caused a significant danger
Workaholic Brits expose sensitive data by taking their devices with them on holiday(ITProPortal) A survey of 1,000 UK consumers by ESET found that 44 percent of respondents will be taking their work-enabled mobile device abroad this year. While 67 per cent of respondents will carry work-related data on the mobile device they take on holiday; over a third admit to having no security on the device what-so-ever to protect the data
Cybersecurity startups to bank $788 million(CNN Money) Online privacy is on the tips of everyone's tongues these days, and investors are rushing to pour money into cybersecurity startups. Venture capital firms are expected to funnel $788 million into early-stage cybersecurity startups this year
Growing IT layoffs add to recruiter feeding frenzy(FierceCIO) As reported by FierceCIO last Thursday, news that Microsoft will lay off close to 18,000 workers caught even the most critical analysts off guard, with the media now scrambling to figure out what it all means for the tech giant. But one thing that was immediately agreed to is that the announcement means 'open season' for recruiters
Vectra Networks Recognized by CRN as a 2014 Emerging Vendor(Digital Journal) Vectra Networks, the leading innovator in real-time detection of in-progress cyber-attacks, today announced it has been recognized as one of 2014's hottest emerging technology vendors by CRN, the top news source for solution providers and the IT channel
Netskope Recognized as a 2014 Emerging Vendor by CRN(Broadway World) Netskope, the leader in cloud app analytics and policy enforcement, todayannounced it has been recognized as one of 2014's hottest emerging technology vendors by CRN, the top news source for solution providers and the IT channel
Lastline Recognized by CRN as a 2014 Emerging Vendor(Fort Mill Times) Lastline, a global advanced malware protection provider, announced today it has been recognized as one of 2014's hottest emerging technology vendors by CRN, the top news source for solution providers and the IT channel. The annual Emerging Vendors list identifies up-and-coming technology vendors that have introduced innovative new products, creating opportunities for channel partners in North America to create high-margin, cutting-edge solutions for their customers
Cybercom event explores agency roles in cyber incident response(Fedscoop) Cybersecurity and incident response are practices engrained in most every 21st century federal agency. But when it comes to a massive cyber attack requiring the aid of multiple, partnering groups, which agency does what? Last week, the U.S. Cyber Command demonstrated a specific framework for how several critical agencies can play complementary roles in the national cyber incident response process
Malware Analysis | Part 1(Sys-Con Media) How to use a number of tools to analyze a memory image file from an infected windows machine
Old and Persistent Malware(Cisco Blogs) Malware can find its way into the most unexpected of places. Certainly, no website can be assumed to be always completely free of malware. Typically, there are many ways that websites can be compromised to serve malware
FakeNet Malware Analysis(eHacking) FakeNet is a tool that aids in the dynamic analysis of malicious software. The tool simulates a network so that malware interacting with a remote host continues to run allowing the analyst to observe the malware's network activity from within a safe environment
OWASP Zed Attack Proxy(Internet Storm Center) Affectionately know as ZAP the OWASP Zed Attack Proxy in an excellent web application testing tool. It finds its way into the hands of experienced penetration testers, newer security administrators, vulnerability assessors, as well as auditors and the curious. One of the reasons for its popularity is the ease of use and the extensive granular capability to examine transactions
Design and Innovation
Metadata-hiding Dark Mail protocol soon to be reality(Help Net Security) At the Hackers on Planet Earth (HOPE) conference held this weekend in New York, NSA whistleblower Edward Snowden called for hackers, coders and developers to "help build a better future by encoding our rights into the programs and protocols upon which we rely everyday"
Talk on cracking Internet anonymity service Tor canceled(Reuters) A highly anticipated talk on how to identify users of the Internet privacy service Tor was withdrawn from the upcoming Black Hat security conference, a spokeswoman for the event said on Monday. The talk was canceled at the request of attorneys for Carnegie Mellon University in Pittsburgh, where the speakers work as researchers, the spokeswoman, Meredith Corley, told Reuters
Iran's Ruling Elite Embrace Facebook, While Ordinary Citizens Are Arrested Over It(Slate) On July 13, Iran's official state news agency reported that eight people had been sentenced to a combined term of 127 years in prison for their activities on Facebook. The eight youths reportedly were charged with "acting against national security, spreading propaganda against the establishment, insulting the sacred, and insulting the heads of the Islamic Republic." The Iranian judiciary has not revealed the identities of those sentenced, or the particulars of this offensive activity. Iranian activists both in and outside the country seem to know almost nothing more about the case
U.S. Chamber mounts a push for Senate information-sharing bill(Inside Cybersecurity) Seeking to improve the odds for action in the Senate, the U.S. Chamber of Commerce today is urging Majority Leader Harry Reid (D-NV), Minority Leader Mitch McConnell (R-KY) and all other senators to take up the cybersecurity information-sharing bill passed recently by the Intelligence Committee
Can New York's BitLicense Prevent Another Mt. Gox Catastrophe?(BayPayForum) The release of proposed digital currency business regulations by the New York Department of Financial Services (NYDFS) has raised numerous questions, many of which focus on the threat to innovation in the space and the impact on broader adoption. Yet one question that may be worth considering is this: will these regulations stop another Mt. Gox catastrophe?
Cyber Defense Requires National Coordination(Hartford Courant) It does not take an overactive imagination to picture the fallout from a cyber attack on an American public utility. The consequences of knocking out the generation and/or distribution of electricity, water, natural gas or communications could ripple so far and wide, it could be considered an act of war. No wonder that some call the efforts that nations, individuals and groups make to "test" our systems and conduct intrusions "battlefield preparations"
IRS gives full account of lost Lerner emails(Politico) The IRS declared under oath and penalty of perjury on Friday that Lois Lerner's hard drive is irrecoverable after being wiped clean by tech staff and recycled with an outside contractor, according to a court filing
Activist group sues US border agency over new, vast intelligence system(Ars Technica) The Electronic Privacy Information Center (EPIC) has sued the United States Customs and Border Protection (CBP) in an attempt to compel the government agency to hand over documents relating to a relatively new comprehensive intelligence database of people and cargo crossing the US border
Spionage-Angriff auf Siemens in Österreich(Kronen Zeitung) Mitten in die Diskussion um NSA-Agenten und die Wiener US-Botschaft platzt jetzt ein echter Wirtschaftskrimi: Siemens Österreich soll Opfer einer Spionage-Attacke geworden sein. Ein Ex-Manager soll seinem Nachfolger Geld für ein gut gehütetes Betriebsgeheimnis geboten haben. Es geht um einen Riesenauftrag und Hunderte Arbeitsplätze
How genealogy data can lead to identity theft(Privacy Blog) Irish Data Protection Commissioner Billy Hawkes has stepped in to have a database of civil registration records removed from the website IrishGenealogy.ie. The problem is that the database contains information on living persons which is often used for identity verification
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.