The Anonymous collective's hacks begin to rack up nuisance successes against World Cup sponsors. Emirates Airline, one the announced targets, describes some of the measures it's put in place to secure its networks.
The "Soraya" point-of-sale crimeware is another instance of malware combining features of kits, in this case ZeuS and Dexter.
Researchers claim the GPRS Roaming Exchange (GRX) network uses hosts that are Internet-accessible and run "vulnerable and unnecessary services."
Other researchers find Chrome, Firefox, and Internet Explorer users susceptible to history-sniffing, a cyber attack that had (until recently) slipped into obscurity.
Apple's new programming language, Swift, has a "Playground" live-preview function with a dangerous flaw that could, as Ars Technica puts it, "wipe out your Mac."
OpenSSL is found vulnerable to interception of traffic between clients and servers. The remotely exploitable flaw (found in all versions of OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software, and widely compared to Heartbleed) has been patched.
The GOZeuS takedown has been widely applauded, but security experts warn the solution is temporary, and carries its own risks.
Brian Krebs offers "a peek inside" a criminal carding shop, and explains why what he sees makes him worry more about brick-and-mortar shopping than dealing online.
Target's shareholder meetings next week are expected to constitute a reckoning over the retailer's massive data breach.
China continues to push back, hard, against US indictment of PLA officers.
In the UK, the Queen's Speech threatens life sentences for hackers whose activities have national security implications.
Today's issue includes events affecting Australia, Austria, Belgium, Brazil, Canada, China, Colombia, Costa Rica, Indonesia, Japan, Republic of Korea, Kuwait, Luxembourg, Mexico, Panama, Russia, South Africa, Spain, United Arab Emirates, United Kingdom, United States..
the CyberWire will provide special coverage of next Tuesday's Cyber 5.0 Conference at the Johns Hopkins University's Kossiakoff Center. We'll be live-Tweeting from the event.
Emirates takes action over World Cup hacker threat(Arabian Business) Emirates has taken precautions to protect its networks after it was warned a hacker group was planning to launch a cyber attack against because of its sponsorship of the World Cup in Brazil
Hacking Anxiety Grows as U.S. Hit in South Korea(24/7 Wall Street) If anyone wants to know how skilled hackers are, both in terms of stealing personal data and corporate secrets, they only need to look at the cyberattack on the U.S. military in South Korea. The accounts of 16,000 people where hit. All associated with American military operations, these accounts should be impressively guarded
New OpenSSL MITM Flaw Affects All Clients, Some Server Versions(Threatpost) There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software
SSL/TLS MITM vulnerability (CVE-2014-0224)(OpenSSL Security Advisory) An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server
Early ChangeCipherSpec Attack(Imperial Violet) OpenSSL 1.0.1h (and others) were released today with a scary looking security advisiory and that's always an event worth looking into. (Hopefully people are practiced at updating OpenSSL now!) There are some critical bug fixes to DTLS (TLS over datagram transports, i.e. UDP), but most people will be more concerned about the fix to TLS
ANTIFULAI Targeted Attack Exploits Ichitaro Vulnerability(TrendLabs Security Intelligence Blog) Targeted attacks are difficult to detect and mitigate by nature. We recently uncovered a targeted attack campaign we dubbed as "ANTIFULAI" that targets both government agencies and private industries in Japan. In our 2H 2013 Targeted Attack Trends report, we found that 80% of the analyzed cases of targeted attacks hit government institutions
TR-24 Analysis — Destory RAT family(Luxembourg CIRCL) CIRCL analyzed a malware sample which was only sporadically detected by just a handful antivirus engines, based on heuristic detection. CIRCL analyzed the entire command structure of the malware and was able to attribute this specific malware to the Destory RAT family. The malware is a feature-rich Remote Access Tool
ESET analyzes first Android file-encrypting, TOR-enabled ransomware(Help Net Security) One year ago, Android Defender, a hybrid comprising characteristics of a rogue AV and ransomware (the lockscreen type, not a file-encryptor) was discovered. Last month we saw a report about a police ransomware for Android by the Reveton team. The malware did not encrypt any files on the infected device
Shuttering Gameover: Temporary Success(BankInfoSecurity) There's good news following this week's global law enforcement takedown of the Zeus Gameover Trojan and Cryptolocker ransomware campaigns: The number of new infections has become "very low," if not fallen to zero. But related attacks could quickly resurge once cybercriminals tweak their attack techniques to route around the takedown
Why botnet takedowns can cause more harm than good(Help Net Security) Zeus is a well-known and highly successful crimeware kit — the flat-pack furniture of the virus world. It is under constant development by several criminals or groups and new functionalities are constantly added
Peek Inside a Professional Carding Shop(Krebs on Security) Over the past year, I've spent a great deal of time trolling a variety of underground stores that sell "dumps" — street slang for stolen credit card data that buyers can use to counterfeit new cards and go shopping in big-box stores for high-dollar merchandise that can be resold quickly for cash. By way of explaining this bizarro world, this post takes the reader on a tour of a rather exclusive and professional dumps shop that caters to professional thieves, high-volume buyers and organized crime gangs
Recent barrage of IE zero days highlights risk for enterprises(TechTarget) A spate of Internet Explorer (IE) zero-day vulnerabilities in 2014 has forced Microsoft to repeatedly scramble to secure its Web browser, posing new questions about the software's overall security in an increasingly competitive browser landscape. Experts caution that enterprises shouldn't shun IE based solely on its recent problems
ICS Radar(Shodan) The Shodan search engine has started to crawl the Internet for protocols that provide raw, direct access to industrial control systems (ICS). This visualization shows the location of these industrial control systems on the Internet as well as other related data
ESET Security Websites and Forum for Spain Hacked by Indonesian Hacker(HackRead) Hmei7 defacer from Indonesia has been conducting mass defacement for last couple of years. Today, the same defacer has hacked and defaced the official website of IT Security company ESET and 4 of its domains designated for Spain. The targeted websites include Spanish ESET's official domain, ESET Security Forum and Training Center and Certification ESET Spain. All domains were left with
Local Verizon cell phone users targeted in phishing scheme(Cookeville (TN) Herald-Citizen) Cell phone users who had Verizon as their carrier have recently been contacted letting them know they have won $51, which would be taken off their phone bills. The calls instruct the callers to go to … where they would be asked for their cell phone number, password and Social Security number
Security Patches, Mitigations, and Software Updates
Critical OpenSSL Patch Available. Patch Now!(Internet Storm Center) The OpenSSL team released a critical security update today. The update patches 6 flaws. 1 of the flaws (CVE-2014-0195) may lead to arbitrary code execution
COPA-DATA Patches DNP3 SCADA Vulnerability(Threatpost) A vulnerability exists in a particular brand of SCADA software that if left unpatched, could trigger a denial of service condition and go on to compromise the software's communication connections, resulting in system instability
Why the Bridge Still Needs to be Built Between Operations and IT(Control) To many in the IT community, the gap in understanding industrial control system cyber security is gaping. I was drawn to a May 29th Dark Reading article titled "Large Electric Utilities Earn High Security Scores", as the title seemed to be at odds with what I have seen
After cryptolocker, how do we make data safe?(Guardian via NewsEdge) Consumers will continue to be the victims of cybersecurity crises unless businesses take more steps to protect the personal information of users, Christopher Graham, the information commissioner, warned yesterday
Cyber espionage 'is threat to global economy'(Telegraph) America and China have spent the past few years in a stand-off over Chinese attitudes to intellectual property, and how the Chinese government goes about cyber-spying. Virtually all nations engage in cyber-spying to some degree, but experts suspect China of using the material to give Chinese companies an unfair advantage over their foreign rivals
The Big Data Dump: How Info-Hoarding Can Overwhelm Startups, Spy Agencies(Bloomberg) When it comes to big data projects, there are none bigger than the National Security Agency's massive surveillance programs that were exposed by former contractor Edward Snowden a year ago. In internal documents, the agency crowed about the scope of its mission, which was encapsulated in one phrase: "Collect it all"
Estimating the cost of a cloud data breach(Help Net Security) IT and security professionals expect cloud services to multiply the likelihood and economic impact of data breaches as they pervade the enterprise. They also reveal that the scope of usage and responsibility for securing cloud services remains largely unknown among IT, according to Netskope
They Hack Because They Can(Krebs on Security) The Internet of Things is coming…to a highway sign near you? In the latest reminder that much of our nation's "critical infrastructure" is held together with the Internet equivalent of spit and glue, authorities in several U.S. states are reporting that a hacker has once again broken into and defaced electronic road signs over highway in several U.S. states
For Target, A Moment Of Truth Is Just Days Away(Forbes) On June 11, when Target holds its annual meeting, shareholders will make a decision that could have far-reaching impact beyond this particular company or, for that matter, the entire retail sector
Target Gives a Defense of Its Efforts on Security(New York Times) In advance of next week's annual shareholders' meeting, Target on Monday defended its management and oversight of customer data despite the extensive hacking it experienced last year
Silicon star: unlocking secrets, if not its own value(Irish Times) Palantir Technologies will not help you share, message, pin, post or chat. It does not exist to make you more social or connected, or even to help advertisers get to you. Its technology is deeply geeky, its work secretive. Nonetheless, it is one of the most valuable private tech companies in Silicon Valley
Zain signs MoU with Huawei Technologies(Kuwait News Agency) Kuwaiti leading telecommunications company ZAIN on Wednesday reported signing an MoU with leading international telecommunications solutions provider Huawei Technologies Co., Ltd. as part of its ongoing effort to keep up with advances in the field and to bolster its international position through strategic partnerships
Bitdefender Offers to Help CERTs, Police against CyberCrime(Broadway World) Bitdefender, the innovative antivirus software provider, is offering its years of private research and experience at the cutting edge of the fight against cyber crime to help CERTs and other organizations that may be overwhelmed by the rapid growth of cyber crime in an era of fuzzy borders and dizzying technological advances
Watch out, there's a cyber virus about(Tewksbury AdMag) A course to help companies protect themselves from cyber attack is to be held in Malvern. The Cyber Savvy Training Course is for professional services personnel and will be held at the National Cyber Skills Centre on Malvern Hills Science Park on Tuesday, June 10
The Open Data Era in Health and Social Care(National Health Service) A blueprint for the National Health Service (NHS England) to develop a research and learning programme for the open data era in health and social care
Probably the Best Free Security List in the World(Gizmo's Freeware) This article contains a comprehensive list of free security-related programs or web applications for Windows XP and later Windows PC-based operating systems. The few non-free programs on this list are included because they are of high merit (in our opinion) and lack a comparable free alternative. This list also includes links to webpages that contain security-related information
Homomorphic Encryption in the Real World(SYS-CON) For those following developments in cryptography, homomorphic encryption has been a hot topic in the last few years. Well, most practitioners are only interested in cryptography for what it can provide: data encryption, secure networking protocol, authentication and the ever controversial Digital Rights Management. It turns out that homomorphic encryption (HE) holds a big practical promise: when HE is finally available with good performance, people will be able to farm out CPU-intensive loads to the cloud, without having to share their actual data with the servers that process the data. So, when that happy day comes, we'll be able to benefit from the infinite scalability of the cloud, without paying the price in security
New Insights into Email Spam Operations(Infosec Island) Our research group at UC Santa Barbara has been studying spamming botnets for a while, and our efforts in developing mitigation techniques and taking down botnets have contributed in decreasing the amount of spam on the Internet. During the last couple of years the spam volumes have significantly dropped, but spam still remains a significant burden to the email infrastructure and to email users. Recently, we have been working on gaining a better understanding of spam operations and of the actors involved in this underground economy. We believe that shedding light on these topics can help researchers develop novel mitigation techniques, and identifying which of the already-existing techniques are particularly effective in crippling spam operations, and should therefore be widely deployed
Senate Plans Scrutiny of NSA Tactics Defended by Director(Bloomberg BusinessWeek) The government surveillance of U.S. citizens will be examined by a Senate committee tomorrow, two days after the National Security Agency director defended the spy agency's tactics, saying they comply with legal constraints
Canadian Cyberbullying Legislation Threatens to Further Legitimize Malware Sales(Technology, Thoughts and Trinkets) Lawful access legislation was recently (re)tabled by the Government of Canada in November 2013. This class of legislation enhances investigative and intelligence-gathering powers, typically by extending search and seizure provisions, communications interception capabilities, and subscriber data disclosure powers. The current proposed iteration of the Canadian legislation would offer tools to combat inappropriate disclosure of intimate images as well as extend more general lawful access provisions. One of the little-discussed elements of the legislation is that it will empower government authorities to covertly install, activate, monitor, and remove software designed to track Canadians' location and 'transmission data'
Department of Homeland Security Combats New Cybersecurity Issues(In Homeland Security) Cyber network defense is important in homeland security as it protects monitors, analyzes, detects and then responds to unauthorized activity within information systems. In the recently released Verizon 2014 Data Breach Investigations Report, the authors compiled data from 50 global organizations composed of private and public sectors. Another article from Homeland Security magazine cites from the Department of Homeland Security's (DHS) National Cybersecurity and Communications Integration Center (NCCIC) "reporting 31,593 cyber incidents, 28,000 vulnerabilities and sent out over 4,000 cyber-alerts to their 252,523 partners"
Actions Needed To Address DHS Intelligence Analysis, Workforce Challenges(Homeland Security Today) The Department of Homeland Security (DHS) has established mechanisms, including an intelligence framework and an analytic planning process, to better integrate analysis activities throughout the department, but the mechanisms are "not functioning as intended," said a new 57-page Government Accountability Office (GAO) audit report
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
AFCEA Presents: Insider Threat to Small Business(Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
SC Congress Toronto(Toronto, Ontario, Canada, June 17 - 18, 2014) SC Congress Toronto is Canada's premier information security conference and expo experience. Join us for this year's SC Congress Toronto on June 17-18, 2014! The two-day gathering brings industry thought...
MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.