Social media OSINT and intercepted phone calls are playing a large role in understanding the MH17 shootdown. Defense intellectuals warn of the dangers of "cyber war" should sanctions "push Russia too far." Some see campaigns like Havex and Dragonfly as Russian battlespace preparation for economic warfare.
Cyber criminals continue to exploit the crisis in Ukraine. A transparently bogus video circulating on Facebook purports to show the Malaysian airliner's destruction. It of course leads the ghoulishly unwary to crimeware. Dyre malware also reappears, now emblazoned with "Slava Ukraini!" ("Glory to Ukraine!").
Ransomware evolves as foreseen. Android Simplocker's masters have raised their ransom demands and "taught the malware to speak English" as they target Anglophones' devices. Bitdefender says Crytolocker is rising from the ashes to which law enforcement reduced it. Some cyber blackmail is crudely retro, threatening to release victims' explicit pictures.
Trend Micro reports on the "Emmental" bank fraud campaign (named for the perforated cheese, evocative of security holes). Some thirty-four (unnamed) banks in Europe were affected.
"W0rm" achieved his (her? their?) hack of the Wall Street Journal with an SQL injection exploit.
Apple pooh-poohs a researcher's claim to have found backdoors in iOS. What he found, says Apple, is a diagnostic feature put there to improve the user experience.
Their respective developers promise security fixes for Tor and TAILS.
IBM and Bromium issue security trend reports.
Cyber insurers seem unsure whether to write policies or offer security consultation.
Today's issue includes events affecting Austria, Canada, China, Germany, India, Nigeria, Romania, Russia, Sweden, Switzerland, Turkey, Ukraine, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
US: Russia 'Created the Conditions' for Shoot-Down(AP) Senior U.S. intelligence officials said Tuesday that Russia was responsible for "creating the conditions" that led to the shooting down of Malaysia Airlines Flight 17, but they offered no evidence of direct Russian government involvement
UK at risk of cyber-warfare if Russia is pushed too far(London Economic) The threat of a real war with Russia still hangs in the air, but one academic believes a cyber-attack is a more likely scenario. A silent, but digitally destructive scenario, which could cause chaos across the globe, adversely affecting the UK
Slava Ukraini: Dyre Returns(InformationSecurityBuzz) It has been a few weeks since the original discovery of the Dyre malware, and the attackers have sent another wave of phishing, reports PhishMe. This time, the phishing campaign only went to one senior level individual within the enterprise
The new plague: Computer viruses that extort you(CNN Money) Ransomware, a particularly annoying breed of computer virus, is spreading like the plague. This malware locks you out of your computer files until you pay up — and it is proving incredibly difficult to exterminate
Trio of Flaws Found in OleumTech Wireless Monitoring System(Threatpost) Researchers have identified several remotely exploitable vulnerabilities in a wireless remote monitoring product from OleumTech that is used in energy, water and other critical infrastructure sectors. Two of the three flaws are related to the encryption implementation in the affected products, including the use of a weak random number generator
WordPress brute force attack(Internet Storm Center) Now that the XMLRPC "pingback" DDoS problem in WordPress is increasingly under control, the crooks now seem to try brute force password guessing attacks via the "wp.getUsersBlogs" method of xmlrpc.php. ISC reader Robert sent in some logs that show a massive distributed (> 3000 source IPs) attempt at guessing passwords on his Wordpress installation
How Thieves Can Hack and Disable Your Home Alarm System(Wired) When it comes to the security of the Internet of Things, a lot of the attention has focused on the dangers of the connected toaster, fridge and thermostat. But a more insidious security threat lies with devices that aren't even on the internet: wireless home alarms
How Nigerian cyber criminals have evolved(Help Net Security) Cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously been their primary targets, according to Palo Alto Networks
Point-of-Sale Dealers Need a Security Sit-Down(Threatpost) The travails of small retail and hospitality businesses struggling with hackers have been documented for years in the annual Verizon Data Breach Investigations Report. Mom-and-pop businesses, small restaurants and regional hotel chains are perfect targets of opportunity for attackers adept at scanning for and exploiting vulnerabilities in point-of-sale systems
Researchers Plan to Disclose Critical Bugs to TAILS Team Soon(Threatpost) The developers of the TAILS operating system are poised to release a new version of the software — which is designed to preserve privacy and anonymity — and it includes several security fixes. However, there are several other security issues that aren't patched in the new release, vulnerabilities identified by researchers at Exodus Intelligence, who have not disclosed the bugs to the TAILS developers yet
The Stark Realities of Today's Cyber Security Landscape(IBM Security Intelligence) A recent report from IBM titled "2014 Cyber Security Intelligence Index" provides an up-to-date, high-level overview of the major threats facing organizations today and the trends being seen in the evolution of the threat landscape. With data gathered through the monitoring of clients' technology platforms worldwide and analysis of the security intelligence gleaned, it describes the types of attacks being seen and their impact on organizations
RSA's security utopia requires China, US to be friends(ZDNet) Countries must set aside their differences and work together to create new norms of behavior in an interconnected digital world, or risk having the current digital chaos "bleed" into the physical world, warns RSA chairman Art Coviello
Bromium Labs Research Brief: Endpoint Exploitation Trends H1 2014(Bromium) The only constant in cyber security is change. Cyber-attacks come in cycles. Hackers always attack the weakest link in the chain and adjust their targets frequently. As a result of high profile attacks and the increasing spotlight on cyber-security, vendors are improving their software development practices, but in reality all software is vulnerable to attack. In the ever-shifting cyber-landscape the attackers' choice of targets is driven by the ease with which a particular product can be attacked, its importance to the intended targets of the attacker and how prevalent the software is in the market
Modern electric grid fighting cyber vulnerabilities(Pittsburgh Post-Gazette) The recent push to modernize the electric grid has increased communication between utilities and consumers, enhanced reliability and created more opportunities for green energy producers
'Smart Phones More Vulnerable To Cyber Attacks'(New Indian Express) Smart phones and tablets are slowly replacing laptops and desktops, but they seem to be more vulnerable to cyber attacks, Richard H L Marshall, former director of Global Cyber Security Management, Department of Homeland Security, USA, said
Preparing for cyber warfare(Milwaukee Journal-Sentinel) Recently, emboldened Russian hackers breached the systems of power plants across the United States and Western Europe. In June, Chinese hackers attempted to gain access to several U.S. power plant operation control systems. And in May, the Department of Homeland Security announced hackers had actually gained control of a mechanical device at an unnamed U.S. energy facility
Cyberspionage in der Praxis(ComputerWoche) Digitale Wirtschaftsspionage kostet die deutsche Wirtschaft im Jahr mindestens 50 Milliarden Euro. Was können Unternehmen tun, um sich besser zu schützen?
Vectra Networks Recognized by CRN As A 2014 Emerging Vendor(Newswire Today) Vectra Networks, the leading innovator in real-time detection of in-progress cyber-attacks, today announced it has been recognized as one of 2014's hottest emerging technology vendors by CRN, the top news source for solution providers and the IT channel. The annual Emerging Vendors list identifies up-and-coming technology vendors that have introduced innovative new products creating opportunities for channel partners in North America to create high-value, cutting-edge solutions for their customers
Second Cyber Command Defense Contractor To Open Location In Richmond County(WJBF News Channel) A second defense contractor has announced plans to locate in Augusta-Richmond County in support of the U.S. Army Cyber Command which will be headquartered at Fort Gordon…The Augusta Economic Development Authority announced today another outstanding defense contractor is locating in Augusta-Richmond County. Sabre Systems, Inc. (Sabre), a provider of integrated technology solutions to United States defense and civilian agencies, commercial and international clients, will open a new office in Augusta this summer
Cybersecurity firm SixGen joins Odenton incubator(Technical.ly Baltimore) SixGen provides open-source solutions to businesses and government. "Proprietary technology struggles to keep up with the industry needs," said cofounder and CEO Ethan Dietrich
Verdasys Adds Three to Senior Leadership Team(MarketWatch) Verdasys, the leading provider of advanced data protection for endpoints for Global 2000 and mid-sized companies, has added three senior executives to its leadership team: Doug Bailey, chief strategy officer; Salo Fajer, chief technology officer; and David McKeough, executive vice president, global field operations. After strong momentum in the first half of 2014 , the company continues to position for more growth in the rapidly expanding security market
Microsoft account Android app simplifies using two-factor authentication(BetaNews) While two-factor authentication acts as an effective security barrier against malicious attacks, it also makes the login process more cumbersome for legitimate users by requiring them to type in security codes, on top of usernames and passwords. Luckily, there are dedicated apps that can make things easy
Understanding the Protection from Microsoft Security Essentials(Streetwise Tech) Despite Microsoft Security Essentials' success and whopping download rates, some people are still raising their eyebrows as to the kind of protection that it offers. After all, everything usually comes with a price nowadays. Microsoft Security Essentials has come into question because it is totally free! No credit card number needed, no registration, no nothing — as long as your system passes the Genuine Windows Validation you are totally A-ok
WidePoint and SPYRUS Enable Higher Assurance Security for Microsoft Windows To Go®(Wall Street Journal) WidePoint Corporation (NYSE Mkt: WYY), a leading provider of Managed Mobility Services (MMS) featuring Cybersecurity and Telecommunications Lifecycle Management (TLM) solutions, announced today its collaboration with SPYRUS, Inc., to issue WidePoint Certificate-on-Device for the SPYRUS WorkSafe and WorkSafe Pro USB 3.0 drives with Windows To Go 8.1 certification, enabling higher assurance security and functionality for mobile workers. The WorkSafe Pro is the only USB 3.0 certified Windows to Go 8.1 drive with XTS-AES 256 hardware encryption and internal FIPS 140-2 Level 3 validated PKI
Varonis DatAnywhere Enables ATMI Employees to Share Large Files While Data Remains Protected on Site(CNN Money) Varonis Systems, Inc. (NASDAQ: VRNS), the leading provider of software solutions for unstructured, human-generated enterprise data, today announced it has enabled the employees of ATMI to use cloud-style file sharing remotely and securely using any device with customers, vendors and each other — turning their existing file shares into a private cloud — through the adoption of Varonis DatAnywhere
Privacy Badger Extension Blocks Tracking Through Social Icons(Threatpost) Online tracking has been a thorny problem for years, and as Web security companies, browser vendors and users have become more aware of the problem and smarter about how to defend themselves, ad companies and trackers have responded in kind. The advent of social networks has made it far easier for tracking companies to monitor user behavior across the Web, and in an effort to counter some of that effect, the EFF has released a beta version of its Privacy Badger browser extension, which blocks a large chunk of that tracking
Everything You Ever Wanted To Know About Apple's OS X Yosemite Beta Preview(TechCrunch) Apple has a new version of OS X coming to Macs this fall, and for the first time ever, it's giving up to 1 million members of the public the opportunity to test it out in advance — for free, and without requiring they register as a developer, starting this Thursday. The purpose of the advance feedback is to gather feedback and help test the release before its wider launch, and by opening it up to the public, Apple can likely get more input about how consumer-facing features are working than they would with a pool limited strictly to developers
Technologies, Techniques, and Standards
Embrace and Secure Shadow IT(McAfee Blog Central) "Shadow IT" is stepping out into the light of day. Business users are eagerly embracing the cloud and especially Software-as-a-Service (SaaS) in search of cost-effective productivity tools for file sharing and storage, collaboration, social media, and anything else that makes them more effective on the job. But the problem is these well-intentioned, hardworking employees are putting their organizations at risk by accessing unapproved applications that could lead to malware, data loss, or other vulnerabilities
Data breach epidemic shines spotlight on shared secrets(GCN) Recent history has not been kind to businesses and consumers when it comes to Internet security. From LinkedIn to Adobe to eBay, we continue to hear the same story: X number of passwords/records leaked via company Y data breach. According to Tripwire, the Adobe breach alone compromised over 234,000 accounts of military and government users. While few can argue the extent of the problem, what do all of the data breaches really mean to password security, and what can agencies do about it?
Spectacles of Insecurity: Top 10 Greatest White-Hat Hacks(Bloomberg) Hats off to the white hats. These hackers, who break into computer networks and digital devices to find holes before the bad guys do, have led to some of the most significant advances in securing the online world. Their findings have reshaped the way e-mail accounts, credit card numbers, and even ATMs and medical devices are protected from cyber-criminals
New Feature: "Live" SSH Brute Force Logs and New Kippo Client(Internet Storm Center) We are announcing a new feature we have been working on for a while, that will display live statistics on passwords used by SSH brute forcing bots. In addition, we also updated our script that will allow you to contribute data to this effort. Right now, we are supporting the kippo honeypot to collect data. This script will submit usernames, passwords and the IP address of the attacker to our system
How Microsoft Handles BYOD(eSecurity Planet) While BYOD still worries infosec pros, vendors like Microsoft are easing concerns by offering authentication and management capabilities
Edward Snowden to work with Russia on anti-spy technology(Washington Times) Former National Security Agency contractor Edward Snowden announced plans to work with Russia, where he's now residing, to develop anti-surveillance technology aimed at shuttering government spy operations around the globe
iovation Provides Eight Digital Safety Tips for College-Bound Kids(Digital Journal) iovation, the trusted source for mobile and online fraud prevention to safeguard businesses, is providing eight digital safety tips for college-bound kids as part of its dedication to making the Internet a safer place for everyone. In this 24/7 digital world, sending a son or daughter off to college can be a daunting task. Of course, parents want to do everything possible to prepare their children for a successful transition. Previous generations didn't need to have "the digital talk" but in a world where what goes online stays online, it's essential
Legislation, Policy, and Regulation
White House, Germany try to rebuild trust(The Hill) White House chief of staff Denis McDonough and counterterrorism czar Lisa Monaco held intensive talks with their German counterparts Tuesday in Berlin, as the White House scrambled to ease tensions with Germany
DHS 'dos and don'ts' on cybersecurity(The Hill) Is a cyber-attack on America?s electric grid imminent? Or will hackers sabotage a major chemical plant this year? Answers to these questions may surprise you because they're slightly counterintuitive
Head of DHS cyber hub stepping down(FCW) Larry Zelvin will step down in mid-August as head of the Department of Homeland Security's hub for monitoring and responding to cyber threats, a DHS spokesman told FCW
Russian 'digital bomb' may have been trying to copy Nasdaq, not destroy it(FierceFinanceIT) Back in 2010, a piece of malware that investigators characterized as a digital weapon was discovered in Nasdaq. The malware was detected by both Nasdaq and the FBI before it detonated, but a new detailed investigative article by Bloomberg Businessweek sheds light on the multiagency investigation into the sophisticated hack and the motives behind it
500,000-per-day SMS spammer gets just £4,000 fine(Naked Security) An Indian call-centre operator has been fined by a London court for breaching Data Protection laws, but despite his operation bombarding UK cell phones with spams, his punishment amounts to little more than a slap on the wrist
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.