Anonymous threatens to attack corporate sponsors of the World Cup, aiming, those who purport to speak for it, to protest the disparity between corporate largesse showered on the games and shortfalls in Brazilian social services. (Coincidentally and predictably, there's also a rising wave of fùtbol-related scam traffic. It's unfair to attribute all or even most scams to hacktivism, but crime tends to track activist concerns.) Brazil's Ministry of External Relations was also hit last week by phishing of unclear source and intent.
Recorded Future discerns the spoor of a familiar Iranian crew—Parastoo—in the intelligence campaign recently uncovered by iSight.
Security researchers continue to discuss the state of TrueCrypt—down, for whatever reason. Cyveillance warns of suspicious binaries on the new TrueCrypt site. The crowd-funded TrueCrypt audit continues, and ComputerWorld offers a useful beginner's guide to TrueCrypt alternative BitLocker.
MITRE researchers demonstrate that the Unified Extensible Firmware Interface's Secure Boot security mechanism could be bypassed to brick about half the machines using Secure Boot.
Adobe patches disclosure and denial-of-service bugs in tomcat. The All in One SEO Pack for WordPress is vulnerable and being exploited in the wild: users are advised to update the plugin.
Reports on the state of cyber security suggest again that attackers continue to operate inside defenders' decision loops, in part because of the black market's role as de facto crowdsourced R&D establishment.
NIST wants comments on its SHA-3 Standard.
US indictments of PLA officers spur calls for a cyberwar convention.
Snowden's recent interview earns him poor reviews.
Today's issue includes events affecting Australia, Austria, Belgium, Brazil, Denmark, Finland, Germany, Iran, Japan, Luxembourg, Maldives, Netherlands, New Zealand, Norway, Romania, Saudi Arabia, Sweden, Switzerland, Ukraine, United Kingdom, United States..
Hacker group threatens cyber-attack on World Cup sponsors : source(Reuters via the Chicago Tribune) The hacker group Anonymous is preparing a cyber-attack on corporate sponsors of the World Cup in Brazil to protest the lavish spending on the soccer games in a country struggling to provide basic services, said a hacker with knowledge of the plan on Friday
Iranian Hacker Network Linked to Familiar Group?(Recorded Future) News of an Iranian hacker network targeting US government officials made waves yesterday after being uncovered by iSIGHT Partners. Buried deep in Reuters' report is a password used by the group: parastoo
GameOver Zeus P2P Malware(US-CERT) GameOver Zeus (GOZ), a peer-to-peer (P2P) variant of the Zeus family of bank credential-stealing malware identified in September 2011, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), is releasing this Technical Alert to provide further information about the GameOver Zeus botnet
It's 'Game Over' for Zeus and CryptoLocker(McAfee Blog Central) Under Operation Tovar, global law enforcement—in conjunction with the private sector and McAfee—has launched an action to dismantle the Gameover Zeus and CryptoLocker infrastructure. Disrupting the criminal infrastructure by taking control of the domains that form part of the communications network provides a rare window for owners of infected systems to remove the malware and take back control of their digital lives
Is TrueCrypt No More?(Cyveillance) Late Wednesday night (and as has now been reported by Brian Krebs and others), Cyveillance analysts noticed that the TrueCrypt website was replaced with a forward to a new site hosted by Sourceforge, a major open source project hosting site. The site is now recommending that people stop using TrueCrypt, a popular disk encryption service, and start using BitLocker from Microsoft instead. The site also provides a new binary with an incremented version number "7.2", versus the old "7.1a," which it says to use only to migrate from TrueCrypt
Adobe Flash Player Critical Vulnerability Targeting Japanese Web users(HackRead) Symantec has come up with a discovery about Adobe Flash Player Buffer Overflow Vulnerability (CVE 2014-0515). Symantec monitored CVE 2014-0515 vulnerability trend and found that attackers are targeting Japan internet users on a huge scale. This vulnerability was being used in watering hole attacks against organizations and industries. However, Adobe had released a patch for
Ransomware Now Uses Windows PowerShell(TrendLabs Security Intelligence Blog) We highlighted in our quarterly threat roundup how various ransomware variants and other similar threats like CryptoLocker that now perform additional routines such as using different languages in their warning and stealing funds from cryptocurrency wallets. The addition of mobile ransomware highlights how these threats are continuously improved over time
Spammers adapt to filtering technologies by staying below radar(CSO) Anti-Spam technologies, for the most part, catch a majority of the spam that hits your inbox, or at the least it flags it as potentially unwanted. However, each day, spam of some kind — including junk messages that are sometimes overtly malicious, will bypass these filters
State server hacked via software security glitch (AP via the Miami Herald) Hackers broke into a Montana health department computer server through software in need of a security upgrade after a Chinese-language website last year identified the department's server as vulnerable, state officials said Friday
Hacktivist group "Anonymous Ukraine" has published card data to internet(AmEx via California Attorney General's Office) AXP was informed by law enforcement that several large files containing personal information were posted on internet sites by claimed members of "Anonymous", a worldwide hacking collective. The source(s) of the posted data is/are not currently known. The posted records
contained varying data elements, but AXP has identified, and is providing notice via mail to, 58,522 California residents whose names and corresponding AXP account numbers were involved
Security Patches, Mitigations, and Software Updates
After Snowden, Global Espionage Increased Fivefold(Epoch Times) After former NSA contractor Edward Snowden stole and released documents about spying activities of the NSA, the world got a glimpse of the war on the wires. Yet, after the mask over global espionage was pulled off, intelligence agencies in China and Eastern Europe significantly increased their operations of spying and theft
The U.S. state of cybercrime takes another step back(ComputerWorld) When it comes to cybercrime, it seems no enterprise goes unscathed. There are more breaches happening, the associated costs are rising, and business leadership grows increasingly concerned that information security remains a challenge that is out of control. Those are the headline findings of the 2014 U.S. State of Cybercrime Survey, an annual survey by CSO Magazine with help from the U.S. Secret Service, the Software Engineering Institute at Carnegie Mellon University, and PwC
Cybercrime in the US: The Black Hats Are Winning(Techzone360) Cybercrime is one of those things that everyone who's on the Internet for any length of time worries about at least a little bit. Is this site secure? Will my login data and passwords go flying around for anyone who wants access? Is the data in this cloud safe from outside intrusion? These are the questions that give some Internet users pause, and not without good reason. A new report offers some stark tidings for those who really are concerned about such things: the bad guys, so to speak, are outgunning the good guys on most every front
FireEye Inc. (NASADAQ:FEYE) Expecting An Increase In Cyber Attacks(US Trade Voice) FireEye Inc. (NASADAQ:FEYE) CEO anticipates a further increase in the rate of cyber-attacks this year as the trend looks set to continue on the current five year rise pattern. The CEO has admitted that the company is tracking more than twenty groups in China that are responsible for perpetrating cyber-attacks against the US and a number of western world companies. FireEye has already had its fair share of success in the fight against the attacks in the US
AVG Technologies NV Stock Upgraded (AVG)(TheStreet) AVG Technologies (NYSE:AVG) has been upgraded by TheStreet Ratings from hold to buy. The company's strengths can be seen in multiple areas, such as its expanding profit margins, increase in stock price during the past year, largely solid financial position with reasonable debt levels by most measures and notable return on equity. We feel these strengths outweigh the fact that the company has had sub par growth in net income
Bear of the Day: KEYW (KEYW)(Zacks.com via Nasdaq) After reporting declining revenues and a loss of 8 cents per share in the first quarter, analysts revised their estimates significantly lower for The KEYW Holding Corporation ( KEYW ). This sent the stock to a Zacks Rank #5 (Strong Sell) stock
Lockheed develops tools to fight viruses(Orlando Sentinel via Stars and Stripes) Buoyed by tens of millions of defense dollars, Lockheed Martin Corp. has made Orlando ground zero for a "test range" to help the military develop antivirus technology to combat hacker attacks and cyber-terrorism
A beginner's guide to BitLocker, Windows' built-in encryption tool(ComputerWorld) The creators of TrueCrypt shocked the computer security world this week when they seemingly ended development of the popular open source encryption tool. Even more surprising, the creators said TrueCrypt could be insecure and that Windows users should migrate to Microsoft's BitLocker. Conspiracy theories immediately began to swirl around the surprise announcement
Free mobile privacy platform unveiled(Help Net Security) Boolean Tech announced ShieldMe, a secure and free mobile privacy platform that allows users to connect with other people without ever giving up their phone number
Using nmap to scan for DDOS reflectors(Internet Storm Center) Before we get into this here is the standard disclaimer. Do not scan any devices that you do not have explicit permission to scan. If you do not own the devices I strongly recommend you get that permission in writing. Also, port scanning may cause instability or failure of some devices and/or applications. Just ask anyone who lost ILOs to heartbleed. So be careful!
Top 5 Email Retention Policy Best Practices(Infosec Institute) Email retention policies are no longer just about conserving space on your Exchange server. Today you must take into account how your email retention controls increase or decrease risk to your company
10 Cyber Security Tips to Protect Your Company from Hackers(ClickSSL) Hacking is a growing problem for businesses, as demonstrated by recent headlines about data breaches that affected tens of millions of Target customers and now potentially 145 million eBay users. Hacking is an issue for consumers and companies of all sizes, not just big corporations
Scientists Report Finding Reliable Way to Teleport Data(New York Times) Scientists in the Netherlands have moved a step closer to overriding one of Albert Einstein's most famous objections to the implications of quantum mechanics, which he described as "spooky action at a distance"
National Security Agency Program Fills Critical Cyber Skills Gaps(SIGNAL) The first graduates are emerging from centers of excellence for cyber operations that teach the in-depth computer science and engineering skills necessary to conduct network operations. The program better prepares graduates to defend networks and should reduce the on-the-job
PLA ready to make further contribution to peace(Xinhua via the China Daily) The People's Liberation Army (PLA) of China is ready to work with other militaries to make further contribution to regional and global peace and development, Wang Guanzhong, a senior PLA officer, said on Sunday
Security matrix prevents another Tiananmen (AP via the Miami Herald) A quarter century after the Tiananmen Square pro-democracy movement's suppression, China's communist authorities oversee a raft of measures for muzzling dissent and preventing protests. They range from the sophisticated — extensive monitoring of online debate and control over media — to the relatively simple — routine harassment of government critics and maintenance of a massive domestic security force. When visiting friends in China's capital, environmental activist Wu Lihong must slip away from his rural home before sunrise, before the police officers watching his home awaken. He rides a bus to an adjacent province and jumps aboard a train just minutes before departure to avoid being spotted
Faux Transparency(Defense News) Sen. Kay Hagan, D-N.C., gaveled a Senate Armed Services Emerging Threats and Capabilities subcommittee markup into session at 5:04 p.m. on May 20. Twelve minutes later, the panel was done for the day
When Police Spy On Free Speech, Democracy Suffers(Cognoscenti) What does Boston Mayor Marty Walsh have in common with peace activists, environmentalists and the ACLU? All showed up in files created by the Boston Police Department's "Boston Regional Intelligence Center" (BRIC) database
NSA, Snowden clash over 2013 internal email release(Reuters via the Chicago Tribune) An email exchange released on Thursday shows Edward Snowden questioned the U.S. National Security Agency's legal training programs, but provides no evidence the former contractor complained internally about vast NSA surveillance programs that he later leaked to the media
After Edward Snowden interview, many doubts from former NSA chief(CBS News) Michael Hayden, the former director of both the CIA and National Security Agency (NSA) said that Edward Snowden, the former government contractor who leaked a massive number of secret documents to the media didn't have "the ring of total truth" in a recent interview he gave to NBC News
Edward Snowden, traitor(Daily News) The know-it-all Millennial arrogated to himself the right to determine what secrets, if any, our government should be allowed to keep
Snowden's explanation still doesn't make him hero(Baltimore Sun via the Clarion Ledger) Accused National Security Agency leaker Edward Snowden was handed a golden opportunity to justify himself Wednesday when he was asked by NBC's Brian Williams whether the American public should view his unauthorized release of thousands of classified U.S. government documents to the media as a principled act of civil disobedience or as a betrayal of his country — and he blew it
Edward Snowden, Moscow's Accidental Tourist(Town Hall) National Security Agency leaker Edward Snowden has found the court of public opinion to be far more receptive than a court of law. He conducts the occasional interview with seemingly sympathetic journalists. NBC News aired one such interview with anchorman Brian Williams on Wednesday night. "Do you see yourself as a patriot?" Williams asked
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Area41(, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
NSA SIGINT Development Conference 2014(, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
AFCEA Presents: Insider Threat to Small Business(Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.