Cyber operations in Israel and the Palestinian Territories have become relatively quiet recently (reports of Anonymous-led #OpSaveGaza browser performance degradation aside) but Israeli security agencies prepare for a post-Ramadan surge in attacks.
The pro-Russian (probably Russian controlled) CyberBerkut gang publishes what it claims are internal emails from a colonel assigned to Ukraine's Ministry of Defense. Their content renders them implausible, particularly given recent Ukrainian advances into insurgent territory. Twitter blocks access to @b0ltai, a persistent burr under the Russian government's saddle. MH17 scams proliferate.
"Anonymous Kenya," which Kenyan authorities call an Indonesian hacktivist group, hijacks Kenyan military Twitter accounts to criticize Kenyan operations against Somali pirates and jihadists.
Attacks on Indian firms cause observers to question the state of that country's cyber preparedness.
Android apps pose security risks, with as many as one in ten thought to be malicious. Trend Micro believes it understands the flaws in Android's security model.
Google bots and other Internet scanning activity concern security researchers.
More research on the threat of network steganography is out.
Ransomware advances in sophistication, and its criminal business models co-evolve with the technology.
A new criminal service offers to drain your competitors' Google AdWords budgets.
Security workarounds for TAILS are announced, but a full patch remains aspirational. Journalists and other TAILS users consider what the threat to anonymity means for them.
Key industries receive cyber security grades.
The Aspen Security Forum displays much current US thought on cyber security.
China calls for international cyber cooperation as it raids Microsoft offices.
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, India, Indonesia, Israel, Italy, Kenya, Latvia, Palestinian Territories, Poland, Russia, Spain, Ukraine, United States.
Israeli watchdog confirms recent cyber attacks have badly affected the Internet browsing(HackRead) Anonymous hackers along with other elite hackers from around the world have been attacking Israeli cyber space for ages, but since the beginning of Israeli attacks on Gaza there has been a massive increase in such attacks under the banner of #OpSaveGaza. This has been accepted by Israeli based newspaper Haaretz and Israeli homeland security website itself
Twitter "Blocks" Access to Russia's Most Infamous Hackers(Global Voices) Russia's Twitter users no longer have access to @b0ltai, an account belonging to a hacker collective that has leaked several internal Kremlin documents to the Internet over the past seven months. The hacker group, which RuNet Echo profiled last month, has published stolen emails belonging to high-profile members of the Russian government, inside reports on the state of Russian politics, and the Kremlin's instructions to state-controlled TV news channels
An IT emperor with no clothes, India lays bare to cyber attacks(Times of India) Ironically for a country that is seen as an IT superpower, India is stunningly vulnerable to cyber attacks. Our approach to the exponential growth of cyber crime and warfare is marked by ignorance and nonchalance. This has to change quickly to avoid catastrophe
Almost 1 in 10 Android apps are now malware(Help Net Security) Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses, roughly 9% of the total. Compared to previous years, this is a 153% increase from the number of infected files in 2013
Open Socket Poses Risks To Android Security Model(TrendLabs Security Intelligence Blog) The security of the Android platform is based on its sandbox and permission protection mechanism, which isolates each app and restricts how processes can communicate with each other. However, because it is designed to be open to include other open source projects like Linux and OpenSSL, it can inherit many features as well as vulnerabilities
"Internet scanning project" scans(Internet Storm Center) A reader, Greg, wrote in with a query on another internet scanning project. He checked out the IP address and it leads to a web site, [redacted], which states: "Hello! You've reached the Internet Scanning Project"
'Masquerading': New Wire Fraud Scheme(BankInfoSecurity) A new impersonation scheme is taking aim at business executives to perpetuate ACH and wire fraud, says Bank of the West's David Pollino, who explains steps institutions should take now to protect their customers
This Emerging Malware Sends Secret Messages and is Practically Impossible to Detect(Nextgov) As if computer malware that steals your data weren't enough, now there's a new kind to worry about: Malware that does it via covert messages that are practically impossible to detect. And it's becoming more prevalent, according to a new paper by researchers at the Warsaw University of Technology, the National Research Council of Italy, and Fraunhofer FKIE, a private information security research institute
Hidden and Uncontrolled — On the Emergence of Network Steganographic Threats(Arvix) Network steganography is the art of hiding secret information within innocent network transmissions. Recent findings indicate that novel malware is increasingly using network steganography. Similarly, other malicious activities can profit from network steganography, such as data leakage or the exchange of pedophile data. This paper provides an introduction to network steganography and highlights its potential application for harmful purposes
Andromeda bot spreads Tor-using CTB-Locker ransomware(SC Magazine) Last week a security researcher posted that the Angler Exploit Kit was delivering new ransomware advertised as CTB-Locker — now researchers with Kaspersky Lab have identified the Tor-using threat being spread by another malware known as Andromeda bot
New type of ransomware bucks established trends(Help Net Security) Ransomware is now one of the fastest growing classes of malicious software, says Kaspersky Lab researcher Fedor Sinitsyn. This should not comes as a surprise, when we know that 35 percent of those who get infected by it end up paying the ransom
Critroni — Newest Addition to Encrypting Ransomware(Webroot Threat Blog) In my last blog post about a week ago, I talked about how Cryptolocker and the like are not dead and we will continue to see more of them in action. It's a successful "business model" and I don't see it going away anytime soon. Not even a few days after my post a new encrypting ransomware emerged. This one even targets Russians! Presenting Critroni. This newest edition of encrypting ransomware uses the same tactics of contemporary variants including: paying through anonymous tor, using Bitcoin as the currency, changing the background, dropping instructions in common directories on how to pay the scam
Service Drains Competitors' Online Ad Budget(Krebs on Security) The longer one lurks in the Internet underground, the more difficult it becomes to ignore the harsh reality that for nearly every legitimate online business there is a cybercrime-oriented anti-business. Case in point: Today's post looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors
10 new social media scams to watch out for(CSO) Scams on social networks are nothing new, but they're constantly changing to keep up with and take advantage of the latest apps, trends, and news. Here are some of the most recent scams that are making the rounds
Real hacks of critical infrastructure are occurring — information sharing is not working(Control Global) I gave a presentation on ICS cyber security at Cyber Endeavor 2014 at the Naval PostGraduate School and discussed both Aurora and Project Shine. Aurora is a PHYSICAL gap in protection of the electric grid that with the exception of very few utilities, is not being mitigated. Project Shine identifies control systems and control system devices directly connected to the Internet. The DOE representative at Cyber Endeavor stated that many of the control system devices found by Project Shine were just garage door openers and utilities were doing a good job on Aurora
The Top 5 Most Brutal Cyber Attacks Of 2014 So Far(Forbes) In 2014, cyber attacks and data breaches don't look like they're going to slow down. We've seen high-end data breaches of large companies, with data, personal records and financial information stolen and sold on the black market in a matter of days
Security Patches, Mitigations, and Software Updates
TAILS Team Recommends Workarounds for Flaw in I2P(Threatpost) The developers of the TAILS operating system say that users can mitigate the severity of the critical vulnerability researchers discovered in the I2P software that's bundled with TAILS with a couple of workarounds, but there is no patch for the bug yet
Cybersecurity Grades Released for Key Industries(IT Business Edge) Traditionally, the complex world of cybersecurity has been left solely to information security professionals to defend the organization's sensitive information and systems. But the recent spate of high profile data breaches and warnings from regulators has caught the attention of C-level executives and board members. Cybersecurity is no longer just a technical issue as a breach can have a major impact on the viability of an organization — loss of brand reputation, jobs, customers and partners, and most importantly a negative impact on the bottom line
BYOD Programs Leave Several Security Holes Open(eWeek) Just 21 percent of more than 1,100 IT security practitioners said their organizations have fully implemented BYOD policies, processes and infrastructure, according to a Vectra survey
IoT Security the New Solution Vertical, Drives Faster Adoption of M2M(PCC) With more equipments and consumer appliances catching up with the Internet of Things (IoT) and becoming M2M connected, complimentary technologies and solutions are also surfacing to complement and accelerate the development of the IoT and its adoption in industry and consumer segments
DOE learned cyber lessons 'the hard way' — deputy secretary(Energy Wire) Criminal hacking is the most "pervasive and ominous" threat facing the nation, Department of Energy Deputy Secretary Daniel Poneman said yesterday here as he recounted a spate of cyberattacks against federally funded national laboratories
Mobile security: A mother lode of new tools(Computerworld) Long, complex passwords that must be input on tiny screens, often while on the move: Such hassles make password-based security unworkable in a mobile world. But change is coming, thanks to an industrywide backlash that gave rise to a gold rush of new technologies
Cyber-Attacken in Deutschland(All About Security) Jedes fünfte Unternehmen konnte seine IT-Systeme aufgrund eines Angriffes für einen ganzen Arbeitstag nicht mehr betreiben
Microsoft exec: Snowden disclosures have hurt the American IT business(Aspen Daily News) As Edward Snowden's disclosures about the U.S. government's data-collection programs reverberate throughout the world, American information-technology companies have a tougher sales pitch to make to international clients, a Microsoft executive said Thursday at the Aspen Security Forum
ArcSight Co-Founder Joins Threat Intelligence Startup(SecurityWeek) ThreatStream, a security startup that offers a SaaS-based cyber security intelligence platform, announced this week that Hugh Njemanze, former co-founder, CTO and executive vice president of research and development at ArcSight, has taken the role as chief executive officer
Products, Services, and Solutions
Avast vs AVG vs Microsoft Security Essentials — Top Free Antivirus Comparison(THe Fuse Joplin) Making sure that your computer is protected is an important part of your everyday work on your computer. You need to keep your PC safe from harm, especially if you are still running the old and outdated Windows XP operating system. There are many however, that use this old version of windows, mainly because of their computer's limitations and incapability towards upgrading to a fresher edition of Windows
Trustport Antivirus is Commendable But Needs More Advanced Features(Streetwise Tech) If you have used AVG and Bitdefender in your computer system, then Trustport is a combination of the two. According to various lab tests, it is good at identifying threats. While using an antivirus software that combines the best features of AVG and Bitdefender, Trustport still lacks advanced features that every computer system needs, which the best antivirus applications have and maintained their position at the top
AVG announces AVG Cleaner for Android(Voxy) AVG Technologies N.V. (NYSE: AVG), the online security company for 187 million active users, have announced the release of AVG Cleaner for Android 2.1 on the Google Play store. The refreshed app features enhanced battery life functionality and has been integrated into AVG Zen so customers can easily tune-up and check the performance status of their PC, Mac and mobile devices at any time, all from their PC or Android device
Securing Banking Apps(Mobile Enterprise) Customers Bancorp, Inc. has strengthened the security of its mobile banking application via Malauzai Software, a provider of mobile banking SmartApps for community financial institutions, and Trusteer, an IBM company
How the Recent Tails Operating System Vulnerability Affects Journalists and SecureDrop(Freedom of the Press Foundation) On Wednesday afternoon, vulnerability and exploit research firm Exodus Intelligence disclosed a security vulnerability that would allow an attacker to deanonymize a user of Tails, the operating system that many journalists rely on to communicate securely with sources and that we have written about before. Tails is also integral to SecureDrop, our open-source whistleblower submission system, so we wanted to clarify if and how the vulnerability affects users of this system
A new cyber exercise: Test your security team's incident response capabilities(Government Technology) The Michigan Cyber Civilian Corps, state and local government cyber analysts and the West Michigan Cyber Security Consortium participated in an attack-defend-respond tabletop exercise in a virtual city called Alphaville, which exists within the Michigan Cyber Range. Here's why it matters to a town near you
Panopticlick reveals the cookie you can't delete(Naked Security) Cookies are an essential part of the way the web works and occupy a pivotal position in the online privacy arms race. Organisations who want to track and profile people give them cookies and users who don't want to be tracked disable or delete them
Hackers only need to get it right once, we need to get it right every time(SC Magazine) Hackers only need to find one weak point to steal valuable information. On the flip side, you need to account for every possible vulnerability across your entire infrastructure. Doesn't seem fair, but it's the world we live in — we must band together, think like the bad guys and take action to protect what matters
The evolution of backup and disaster recovery(Help Net Security) In this interview, Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and much more
Preventing Corporate Account Takeover(BloombergTV) 41st Parameter & FBI Security Advisor Frank Abagnale, Jr., and 41st Parameter Founder Ori Eisen discuss corporate account takeovers, the growing number of cyber-security threats and how companies can secure their accounts
Noodling about IM protocols(A Few Thoughts on Cryptographic Engineering) The last couple of months have been a bit slow in the blogging department. It's hard to blog when there are exciting things going on. But also: I've been a bit blocked. I have two or three posts half-written, none of which I can quite get out the door
9 tips for communicating your BYOD policy(Help Net Security) If an IT department creates a BYOD policy and no one at the company knows about it, does it actually make an impact? I'll spare you the suspense — the answer is no
Passera(GitHub) A small tool to turn any entered passphrase into a strong secure password, allowing you to easily use different strong passwords for different websites without storing them
Wardriving with Kismet and WAPMap(Shortbus Ninja Security) I have written this Python script to parse .netxml files output by Kismet and then return a CSV file that can be uploaded to Google Mapping Engine. This will simplify war driving campaigns by allowing vulnerable networks (WEP or Open) to be easily mapped on Google Maps
Questions to ask vendors to gauge their commitment to “secure products”(Senki) What follows is something that has evolved over the years as a "check list" for the operator (and the vendor). This checklist can be used in RFPs or with any vendor. It can also be used as a conversation map with the existing vendors to shape the conversation. It will work with service providers, enterprise networks, industrial networks, etc. The checklist also provides a map for new vendors to help them know what customers would expect. Please provide feedback and questions. This checklist will be improved over time
When China stops copying Western tech giants is when they should start worrying(Quartz) Why do some of China's biggest tech companies engage in the sincerest form of flattery? This week Lei Jun, the chief executive of Xiaomi — recently rebranded internationally as Mi — stood on stage in a black T-shirt and jeans and announced a new smartphone with a notable resemblance to the iPhone in front of a slide that said "one more thing"
If you want to be rich and powerful, majoring in STEM is a good place to start(Quartz) The standard narrative today is that science, technology, mathematics, and engineering (STEM) education is important because we need more data scientists, engineers, and STEM professionals. But promoting STEM education is critical for another reason: it teaches creative problem solving, which is widely applicable and more necessary than ever today. STEM education is linked to success not only in STEM fields, but in many other disciplines and even among many of the world's most wealthy and powerful people
Calling all cybersecurity pros: The NSA wants you.(US News) In recent years, it has become abundantly clear that the U.S. is facing a concerning shortage of cyber security experts. In response to this crisis, the NSA, which is the largest employer of such professionals, has taken dramatic measures. The agency's solution? To attract and recruit the next generation of cyber pros, as well as prepare them to tackle the potential security challenges that lie ahead
UMBC student wins cybersecurity scholarship(Technical.ly Baltimore) Rising senior Victoria Lentz was one of 11 winners of a scholarship aimed at supporting women interested in cybersecurity. Only 10-15 percent of the cybersecurity workforce is female, according to a recent study
AusCERT chief steps down(SC Magazine via IT News) Organisation now reports directly into Queensland University. The general manager of Australia's computer emergency response team (AusCERT) Graham Ingram has left the organisation after 12 years of service
NSA director: Cyber attacks need international norms(Aspen Daily News) Nations around the world need to come together and establish international standards that regulate cyber attacks, said Richard Ledgett, deputy director for the National Security Agency at The Aspen Security Forum on Saturday
On NSA's Subversion of NIST's Algorithm(Lawfare) Of all the revelations from the Snowden leaks, I find the NSA's subversion of the National Institute of Standards's (NIST) random number generator to be particularly disturbing. Our security is only as good as the tools we use to protect it, and compromising a widely used cryptography algorithm makes many Internet communications insecure
When the Administration Asks Itself to Declassify(Federation of American Scientists) In preparing its recent report on the Section 702 surveillance program, the Privacy and Civil Liberties Oversight Board (PCLOB) demonstrated an unusual mode of declassification, in which one executive branch agency asks another agency to declassify information
Reflections on the NYDFS Bitcoin Proposal and the Right of Privacy(Money and State) Today, as human society progresses onward, Coinmap broke 5,000 global business listings, South African payment processor Payfast enabled their 30,000 merchants to accept Bitcoin, and the NY Dept. of Financial Services made financial privacy a crime, supported (at least superficially) by some leaders in the Bitcoin industry
Litigation, Investigation, and Law Enforcement
Why Intelligence Whistleblowers Can't Use Internal Channels(The Atlantic) Imagine a CIA agent who witnessed behavior that violated the Constitution, the law, and core human rights protections, like torturing a prisoner. What would we have her do? Government officials say that there are internal channels in place to protect whistleblowers, and that intelligence employees with security clearances have a moral obligation to refrain from airing complaints publicly, via the modern press. In contrast, whistleblowers like Daniel Ellsberg, Chelsea Manning and Edward Snowden — as well as journalistic entities like the Washington Post, The Guardian, and the New York Times — believe that questionable behavior by intelligence agencies should sometimes be exposed, even when classified, partly because internal whistleblower channels are demonstrably inadequate
NSA: Less need now for Snowden deal(Politico) A top National Security Agency offficial says there's less need now for the U.S. Government to cut a deal with leaker Edward Snowden than there was after his wave of surveillance disclosures began more than a year ago
Hacker Breached NOAA Satellite Data on a Contractor's PC(Nextgov) National Oceanic and Atmospheric Administration satellite data was stolen from a contractor's personal computer last year, but the agency could not investigate the incident because the employee refused to turn over the PC, according to a new inspector general report
Chinese Regulators Visit Microsoft Offices: Dow Jones(AFP via SecurityWeek) Officials from China's corporate regulator paid visits Monday to software giant Microsoft's offices in four cities in the country, Dow Jones Newswires reported, citing people familiar with the matter
Bendert Zevenbergen: what's right about the right to be forgotten?(Imperica) The Right to be Forgotten, most well-known as a European court ruling against Google, is a big and contentious issue for search engines, publishers, ISPs, and consumers. To some, they finally have the power to manage their reputation in open communications. To others, it's a restrictive process which limits freedom of expression
On The Importance Of Forgetting(TechCrunch) The ongoing debate about Europe's so-called 'right to be forgotten' ruling on search engines has shone a light onto a key pressure point between technology and society. Simply put the ability of digital technology to remember clashes with the human societal need to forgive and forget
Nobody seems quite sure how Spain's new "Google tax" will work(Quartz) On July 22 Spain passed a law (link in Spanish) called the canon AEDE, after the acronym for Spain's daily newspapers' association. The law has been dubbed the tasa Google ("Google tax") in the Spanish press and gives these publishers the right to seek payment from any site that links to their content with a "meaningful" description of the work
Agencies Still Plugging Gaps in Smart Card Security(Nextgov) The Department of Health and Human Services was too lax in issuing smart ID cards to new employees and failed to deactivate them in a timely manner when workers left the agency, according to a new audit from the department's inspector general office
Toddler dad case hinges on digital sleuthing(Atlanta Journal-Constitution) Justin Ross Harris, the father of a toddler who died after police say he was left in a hot car for about seven hours, sits for his bond hearing
Everyone, from prosecutors to the defense, knows Justin Ross Harris caused the death of his toddler son, Cooper, last month by leaving him in a hot car for seven hours
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.