In Iraq's civil war, apparently all cyber conflict is local: Intel Crawler reports that groups fighting one another are using targeted malware — for the most part commodity tools readily available on the black market — for highly targeted intelligence gathering.
Russian authorities, having dismissed as hoaxes social media posts by Russian soldiers whooping up cross-border shelling of Ukrainian targets, now assert that US satellite imagery showing the same is another fraud.
In Israel and Gaza, Shin Bet claims to have parried a major cyber attack by Hamas supporters. Palestinian sympathizers claim they're winning the opinion war in social media.
China has been busy at cyber espionage. PLA Unit 61389 ("Comment Crew") has been spying on companies associated with Israel's Iron Dome anti-rocket system, and Canada's CSEC says the Chinese government hacked Canada's National Research Council (necessitating a prolonged cleanup).
These tensions, particularly those associated with Russian ambitions in the Near Abroad and the economic sanctions being considered in response, lead observers to regard recent probes of Western energy infrastructure as possible cyber battlespace preparation.
Kaspersky and other report the Amazon cloud is infested with denial-of-service bots that exploit Elasticsearch.
Bluebox Security announces discovery of an Android vulnerability — "Fake ID" — quietly disclosed to Google three months ago. Fake ID permits rogue apps to pose as Flash and escape Android's sandbox.
Ransomware, both old and new, remains endemic on the Internet.
Microsoft seems clearly in the Chinese government's crosshairs: this week's raids involved an anti-monopoly probe.
Cyber risk is increasingly an M&A dealbreaker.
Today's issue includes events affecting Australia, Canada, China, Czech Republic, European Union, Finland, Iraq, Israel, Japan, Republic of Korea, Palestinian Territories, Russia, Tunisia, Ukraine, United Kingdom, United States.
On the Not-so-new Warfare: Political Warfare vs. Hybrid Threats(War on the Rocks) The ongoing conflict in Ukraine challenges our traditional Western concepts of warfare. The current crisis, pitting the national government against separatists, Russian ultra-nationalists, proxy fighters and possibly Russian GRU personnel, does not fit neat Western categories of "war"
Twitter hashtags are finally neutralizing the Israeli government’s propaganda(Quartz) I told CNN during a recent television interview that there hasn't been a single hot-button topic treated with more intellectually dishonest, one-sided coverage than that which the American media has given the Israel-Palestine conflict — and that includes the War on Terror, Al-Qaeda, Guantanamo Bay, NSA surveillance, and torture
Cyber warfare: The next front in the Israel-Gaza conflict?(CBS News) House Intelligence Committee Chairman Mike Rogers, R-Mich, is sounding the alarm that that cyber warfare could be the next front in the conflict between Israel and Hamas as nations allied with the Gaza-based militants look for non-military ways to aid their cause
Chinese hackers pull off Israel Iron Dome hack(IT Pro Portal) Chinese hackers have broken into the computer systems of three Israeli defence contractors instrumental in the construction of Israel's Iron Dome missile defence system
Are We Being Prepped?(Excelsior Commentary) According to Bloomberg News and Smart Grid News, yet another cyber attack occurred on the digital infrastructure of the US and Europe this month. This time the attack was no small intrusion, but a massive systems breach of thousands of power plants across the U.S. and Western Europe
Far East Targeted by Drive by Download Attack(Cisco) On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews[.]com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from a US base. The site is extremely popular, rated by Alexa's global traffic ranking as the 1759th most visited website worldwide, and the 28th most visited in South Korea. In addition the news site also receives a substantial number of visitors from Japan, the United States and China
A peek into Police Locker's distribution infrastructure(Help Net Security) An analysis of the distribution infrastructure for the bothersome Android "Police Locker" ransomware has revealed that the attackers behind it are not putting all of their eggs in one basket, and have been looking to target Internet users using a variety of devices and software
Koler — The 'Police' ransomware for Android(Kaspersky Lab) At the beginning of May 2014, we detected a new mobile ransomware named AndroidOS.Koler.a. As the name suggests, this affects mobile devices running Google's Android operating system
Changes in the Asprox Botnet(Fortinet) Asprox, a.k.a. Zortob, is an old botnet that was uncovered in 2007. It is known to spread by arriving as an attachment in spam emails that purport to be from well-known companies. The attachment itself is disguised as a legitimate document file by using icons such as those of a .doc or .pdf file
A toast to the "Be Healthy" phishing group(Hack and Flash) This post diverges from my last three posts, and outlines a phishing group that I ran into when helping out reddit user(s) with a phishing attempt. Being a security professional, and currently working for a company that deals with bad guys over social media, the Steam platform fits nicely within the context of what I work with and how we deal with these platforms being launching sites for attackers
How Cybercrime Exploits Digital Certificates(Infosec Institute) What is a digital certificate? The digital certificate is a critical component of a public key infrastructure. It is an electronic document that associates the individual identity of a person to the public key associated with it
Bulletin (SB14-209) Vulnerability Summary for the Week of July 21, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
July's Broken Office 365 Update Gets a Fix(Windows IT Pro) The past couple months has been rough for the Office 365/2013 team at Microsoft. In June, Patch Tuesday broke Office 2013 click-to-run installations, and then in July, updates caused apps in the Office 365 ProPlus suite to just stop working. The solution at the time was to just uninstall and reinstall Office. Just uninstall and reinstall Office? Microsoft may not realize, but that's a huge problem and a big pain for customers to have to use the wipe-and-reload methods of yesteryear
For cyber-defense, automation alone is not enough(Federal Times) For years the IT community has been building walls and digging moats to keep out an especially damaging form of cyber attack: the advanced persistent threat, or APT. Now the emphasis has changed. Rather than focus on outside invaders, security experts have set their sights on internal vulnerability
CISOs obsess over malware outbreaks, data breaches(FierceCIO) Worries over malware outbreaks and data breaches continue to keep CISOs up at night, which isn't surprising considering that most organizations report they can't find an acceptable security solution
CISOs Are Like Sheep to the Slaughter(BlogInfoSec) It took almost 10 years, but my claim that the role of the CISO is to take the blame when something goes awry, even if only marginally attributable to information security, goes awry has at last been substantially validated
The CIA Fears the Internet of Things(Nextgov) The major themes defining geo-security for the coming decades were explored at a forum on "The Future of Warfare" at the Aspen Security Forum on Thursday
De-Identification: A Critical Debate(Future of Privacy Forum) Ann Cavoukian and Dan Castro recently published a report titled Big Data and Innovation, Setting the Record Straight: De-Identification Does Work. Arvind Narayanan and Edward Felten wrote a critique of this report, which they highlighted on Freedom to Tinker. Today Khaled El Emam and Luk Arbuckle respond on the FPF blog with this guest post
The big war — 100 years in retrospect (with a cyber angle)(LinkedIn) Today (July 28th) the world will commemorate the centennial of the "Big war". That war (more known today as WWI) was revolutionary in many means, and to some it was the event that signaled the coming of the modern age. It is always tempting (and quite cheesy) to look and find similarities between the past and our own times, but in this case there are some striking resemblances between today and a century ago
Cybersecurity wird zum Dealbreaker bei M&A-Deals(Finance) Das Thema Cybersecurity erfährt bei M&A-Deals eine immer größere Bedeutung. Es ist zu einem der wichtigsten Dealbreaker geworden, wie eine Untersuchung der Kanzlei Freshfields Bruckhaus Deringer zeigt, die FINANCE exklusiv vorliegt
Why Microsoft (MSFT) Stock Is Declining Today(The Street) Microsoft (MSFT_) shares are down -1% to $44.04 after announcing that Chinese government officials have made unexpected visits to the company's Chinese offices. Microsoft has faced China's ire since former National Security Agency contractor Edward Snowden revealed spying programs that use U.S. companies' technology for espionage
Deloitte ranked #1 globally by revenue in security consulting(Saudi Gazette) Deloitte Touche Tohmatsu Limited (DTTL) ranked number one globally, based on revenue, in Security Consulting Services by Gartner for the second consecutive year in their recently released market share analysis entitled Market Share: Security Consulting Services, Worldwide, 2013, published recently
Skyhigh Networks and SafeNet Team Up to Deliver Flexible Key Management Solutions to Protect Data in the Cloud(MarketWatch) Skyhigh Networks , the Cloud Visibility and Enablement Company, today announced a collaboration with SafeNet to deliver flexible and secure key management solutions to protect corporate data in the cloud. By working together, Skyhigh Networks and SafeNet enable enterprises to leverage on-premise or cloud-based models for encrypting data while retaining full control of their encryption keys, thereby meeting their corporate and regulatory compliance requirements. The cloud-based model for data security provides immediate scale, minimizes network latency, and avoids the expensive upfront investment and limits of on-premise deployments
Bring Your Own Device (BYOD) Design Considerations Guide(Microsoft TechNet) This guide provides the system architect and system designer with a collection of critical design considerations that need to be addressed before designing a Bring Your Own Device (BYOD) infrastructure that enables employees to use their own devices and protects the company's data
Security Think Tank: How to build a resilient defence against cyber attacks(ComputerWeekly) Organisations are facing new and unpredictable cyber threats, which can appear overnight and are difficult to prevent. According to PwC's 11th Annual Global Information Security Survey, the number of security incidents detected climbed by 25% from 2012 to 2013 and the average losses per incidents by 23% over the same period
Efficacy of MemoryProtection against use-after-free vulnerabilities(HP) As of the July 2014 patch of Internet Explorer, Microsoft has taken a major step in the evolution of exploit mitigations built into its browser. The new mitigation technology is called MemoryProtection (or MemProtect, for short) and has been shown to be quite effective against a range of use-after-free (UAF) vulnerabilities. Not all UAFs are equally affected, however. Here we'll discuss what MemoryProtection is and how it operates, and evaluate its effectiveness against various types of UAFs
Weak Password Advice From Microsoft(Dark Reading) Tempting as it may seem to do away with strong passwords for low-risk websites, password reuse is still a significant threat to both users and business
Professionalizing Cybersecurity: A path to universal standards and status(Pell Center for International Relations and Public Policy) The Internet, together with the information communications technology (ICT) that underpins it, has revolutionized our world and opened new opportunities for the global economy and civilization at large. Our reliance on this complex infrastructure, however, has also exposed new vulnerabilities and opened the door to a wide range of nefarious cyber activities by a spectrum of hackers, criminals, terrorists, state and non-state actors. Government agencies and private-sector companies alike have been victims of cyber thefts of sensitive information, cybercrime, and cyber disruption (e.g. denial-of-service attacks). The nation's critical infrastructure, including the electric power grid, air traffic control systems, financial systems, and communication networks, is vulnerable to cyber attacks. Compounding the problem is the reality that, as computing and communications technologies become more ubiquitous throughout society, the incentives to compromise the
security of these systems will continue to rise
How to remove Neurowise(Best Tech Tips) Most of users download different software to surf the web easier. Some of the extensions are really helpful and are able to surprise their users with beneficial windfalls. But sometimes browser add-ons can be downloaded with manifold freeware making users be surprised with the new installed program. If you have the same problem and you want to remove the popping up windows with the objectionable add-on that creates them, so we will tell you what to do. Here you will find several effective instructions that will help you to remove Neurowise from your computer
Cybercrime Exposed Part 1: The Security Risks of Phishing(TrendLabs Security Intelligence Blog) While new threats are emerging that hit new avenues or targets like PoS systems and cryptocurrencies, old threats like phishing remains to be an effective means of gathering user data. A simple spam email that leverages holidays, online shopping, release of anticipated gadgets, and hot/current news items can redirect unsuspecting users to survey scams and phishing pages that ask for their credentials and personal identifiable information (PII). A very recent example of this is the attacks we saw leveraging the interest around the World Cup
When Cyber Thieves Disrupt Your Life — Online Financial Threats(Trend Micro: Simply Security) I was supposed to publish a blog today that discusses our recent report, Operation Emmental, which disclosed details about a cybercrime organization that put together an elaborate online banking theft operation whereby they socially engineered the victims using DNS Changers, phishing sites, and mobile apps to obtain 2-factor authentication codes. This report highlights the needs for individuals to be vigilant with their financial accounts, especially online
How To Spot A Social Bot On Twitter(MIT Technology Review) Social bots are sending a significant amount of information through the Twittersphere. Now there's a tool to help identify them
Not by Technical Means Alone: The Multidisciplinary Challenge of Studying Information Controls(IEEE Internet Computing) The study of information controls is a multidisciplinary challenge. Technical measurements are essential to such a study, but they do not provide insight into why regimes enact controls or what those controls' social and political effects might be. Investigating these questions requires that researchers pay attention to ideas, values, and power relations. Interpreting technical data using contextual knowledge and social science methods can lead to greater insights into information controls than either technical or social science approaches alone. The OpenNet Initiative has been developing a mixed-methods approach to the study of information controls since 2003. This article presents our approach through a series of case studies and concludes with a discussion of methodological challenges and recommendations for the field moving forward
Monitoring Arms Control Compliance With Web Intelligence(Recorded Future) Can we find insights for defense against chemical and biological weapon threats by analyzing livestock disease outbreaks and public health crises? Research by Maynard Holliday of Sandia National Labs points the way forward
Need More Langsec Background? (Probably)(Trustifier) Some important work has been spearheaded out of Dartmouth College, termed Language-Theoretic security, or Langsec. For many in infosec, the first introduction to the term was Dan Geer's mention of it in some few keynote speeches or talks that he has given
Air Force seeks moving-target cyber defense(C4ISR & Networks) The Air Force is hunting for Moving Target Defenses (MTD) for its networks. The $9.9 million Command and Control of Proactive Defense (C2PD) solicitation, by the Air Force Research Laboratory's Information Directorate, describes Moving Target Defenses as "cyber agility techniques" that "offer a capability to assure the network and Air Force missions"
3 Bills To Protect Critical Infrastructure From Cyber Attack Passed By House(HS Today) The House overwhelmingly passed three bills Monday "to strengthen efforts to combat cyber attacks on our critical infrastructure through the distribution of cyber threat information, the development and procurement of new technologies and support for the Department of Homleand Security's (DHS) cybersecurity workforce
FISMA Reform Efforts Aim For Balance Between CDM And FISMA(Business Solutions) Legislation aimed at modernizing the 12-year-old Federal Information Security Management Act (FISMA), introduced by committee chairman, Sen. Tom Carper (D-Del.), and ranking member Sen. Tom Coburn (R-Okla.), has passed a vote by the Senate Homeland Security and Governmental Affairs Committee on June 25 and is with Senate committee
Personal Privacy Is Only One of the Costs of NSA Surveillance(Wired) There is no doubt the integrity of our communications and the privacy of our online activities have been the biggest casualty of the NSA's unfettered surveillance of our digital lives. But the ongoing revelations of government eavesdropping has had a profound impact on the economy, the security of the internet and the credibility of the U.S. government's leadership when it comes to online governance
Hill Hurts Innovation, Just Like DoD — But We Can Change: Forbes, Langevin(Breaking Defense) "We have the presumption we're going to have the competitive edge when it comes to technology," said Rep. Randy Forbes, "[that] just because we've had it in the last several decades that somehow or other we're destined to have it in the future." That's a dangerous mistake, Forbes said Thursday at the Carnegie Endowment, where he and Rep. Jim Langevin spoke on how the Pentagon needs to innovate
Oversight, Is That You?(Defense News) Over drinks with several government watchdogs, a recent House Armed Services Committee hearing almost immediately came up
The Security Community Needs Effective, Targeted Cybercrime Laws(Information Security Buzz) Let me tell you about Dave*. We met a while back and would chat whenever we happened to run into each other. That is, until one day I mentioned a cyber security event for high school students that I was planning called 1NTERRUPT. His eyes lit up, after which the conversation steered towards the technical details. I was astonished by how clearly he knew his stuff. Finally, I stopped and said, "I thought you were a painter. How do you know all this?" He smiled, and said, "Yeah, about that"
Litigation, Investigation, and Law Enforcement
Microsoft offices in China raided over monopoly allegations(The Verge) Four of Microsoft's offices in China were raided yesterday as part of an anti-monopoly investigation. China's State Administration for Industry and Commerce (SAIC) has revealed that around 100 officials made unannounced visits to Microsoft's offices in China, seeking information on Microsoft's security features and the way it bundles software. Microsoft was quick to issue a statement yesterday when news of the raids broke, noting that the software maker would "actively cooperate" with the government
Sharing knowledge to tackle online banking fraud(ComputerWeekly) Banks and law enforcement agencies (LEAs) are working to prevent, detect and prosecute this crime. Hurdles they have to overcome include restrictive legislation, such as data protection, international treaties on cyber crime and fraud prosecution laws, slow communication between banks and LEAs, and the speed at which fraudsters take advantage of weaknesses in the system
Banks as Cybercrime Fighters?(BankInfoSecurity) Karl Schimmeck of the Securities Industry and Financial Markets Association won't discuss reports about the group's alleged backing of formation of a cyberwar council, but says financial institutions must play a role in protecting critical infrastructure
Consumer Groups Urge FTC to Halt Facebook Data Collection Program(Threatpost) A collection of privacy and consumer groups from the United States and Europe has asked the Federal Trade Commission to force Facebook to suspend a recently installed program that mines information on sites that users' visit around the Web in order to serve them interest-based ads. The groups say that Facebook's program "directly contradicts its previous
Obama's crackdown on leakers damages constitutional protections, activists say(Bellingham Herald) Recent revelations of the U.S. government's pervasive surveillance program and its crackdown on leaks are making it increasingly difficult for American journalists and lawyers to do their jobs, the advocacy group Human Rights Watch and the American Civil Liberties Union said in a report released Monday
Before You Blow the Whistle — Read This(Lawyers and Settlements) Computer systems analyst and former National Security Agency contractor, Edward Snowden, unleashed an unprecedented volume of government secrets and became the world's best-known whistleblower
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat USA 2014(, January 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning,...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
South Africa Banking and ICT Summit(Lusaka, Zambia, August 8, 2014) The South Africa Banking and ICT Summit is the exclusive platform to meet industry thought leaders and decision makers, discover leading edge products and services and discuss innovative strategies to...
SANS Cyber Defense Summit and Training(Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training...
AFCEA Technology & Cyber Day(Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only...
Resilience Week(Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
The Hackers Conference(New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.