PLA hacking — from both the recently disclosed and attributed Putter Panda campaign as well as a resurgent APT 1 — leads the news and prompts discussion of differences between state-sponsored and criminal cyber operations. Cyber criminals tend toward the opportunistic: if you prove a harder target than your peers, they'll probably look for easier scores. State intelligence services display more focus, patience, and resources: carefully crafted infection vectors like Putter Panda's infrequently emerge from the black market.
The US and China continue their stare-down, with their respective national corporate champions seeing threats (US) and opportunities (China) in the marketplace.
Ukrainian media push back at Russian ambitions with what amount to citizen information operations.
Online betting shops fortify themselves in cyberspace as criminals seek World Cup marks. Anonymous defaces some Brazilian sites to protest the Cup's allegedly plutocratic matrix (and for some reason also goes after New York election commissioners).
Denial-of-service attacks seem to be on the rise. The ZeuS kit has evolved from its original banking fraud roots into a DDoS tool. Cloudflare is offering free DDoS protection to qualifying "citizen journalists and activists."
Twitter works to correct a Tweetdeck cross-site scripting vulnerability. Observers differ as to the episode's seriousness, but sensible precautions are surely in order.
Restaurant chain P.F. Chang's investigates an apparent paycard breach.
The recent takedown of GameOver ZeuS involved both extensive reverse engineering and collaboration among international police agencies, security companies, and universities. It was a valuable win, but it won't suppress the criminal market for long.
Today's issue includes events affecting Australia, Austria, Brazil, Canada, China, Colombia, Denmark, Egypt, Israel, Luxembourg, Netherlands, Switzerland, Russia, Ukraine, United Arab Emirates, United Kingdom, United States..
Anonymous Hacks New York's Board of Elections Website Against Brazil Football World Cup (HackRead) Anonymous, the hacktivist collective, compromised the New York State Board of Elections official website recently to protest against the FIFA World Cup starting from tomorrow in Brazil. The hacktivists are protesting against the reported human rights abuses in Brazil, most of which were associated with the ongoing preparation for the World cup
World Cup 2014 fans are not the only ones with their eye on the ball(Help Net Security) The World Cup 2014 championship has begun and like most major sports events, employees are browsing websites to check the latest scores, watch streaming live games and chat with their peers about the latest updates. Sports-related websites receive a lot of traffic during large events like these creating a prime opportunity for advertisers to post campaign banners and watch the cash roll in
Anonymous Denmark targets Socialist Party (SF) for signing Internet surveillance bill(HackRead) The online hacktivist Anonymous has target Denmark's political party (Socialistisk Folkeparti, SF in Danish language) for signing and passing mass Internet surveillance bill from the parliament yesterday. Despite criticism from experts and human right organizations, the Danish parliament approved bill that will allow government to keep track of user's activity on the Internet
TweetDeck wasn't actually hacked, and everyone was silly(ZDNet) Twitter's popular account management service TweetDeck got nailed by the public discovery of a cross-site scripting vulnerability that not only replicated itself, but managed to make the security issue into a hilarious comedy of errors
TweetDeck Hacked—Panic (And Rickrolling) Ensues(Wired) TweetDeck, the popular application for managing Twitter feeds that is operated by Twitter itself, announced that it was temporarily disabling its service after a number of accounts were affected today by hackers who exploited a vulnerability in the service
Air-Gapped Networks Can Be Hacked from Afar(Softpedia) Breaching air-gapped networks is not new, but researchers at Ben Gurion University discovered that an attack can be devised using a mobile phone placed in close proximity to the target system
Windows Security Feature Abused, Blocks Security Software(TrendLabs Security Intelligence Blog) We recently discussed the latest attacks affecting users in Japan that were the works of the BKDR_VAWTRAK malware. This malware family combines backdoor and infostealer behaviors and had just added the banking credentials theft to its repertoire
Gmail Bug Could Have Exposed Every User's Address(Wired) Until recently, anyone may have been able to assemble a list of every Gmail account in the world. All it would have taken, according to one security researcher's analysis, was some clever tweaking of a web page's characters and a lot of patience
Will PF Chang's data breach speed EMV?(FierceRetailIT) Many banking and security professionals would argue that the P.F. Chang's credit card data breach discovered on June 10 is a reason for quick EMV migration in the U.S. However, others say EMV is not the be-all, end-all for retail fraud
Death by a thousand packets(CSO) Last night some negative actors (or bored teenagers) were hard at work launching distributed denial of service attacks against the popular note taking site, Evernote and the RSS aggregator, Feedly
Was Heartbleed really that critical? Here's why it wreaked havoc across the IT community(Secunia Blog) Secunia Research classifies vulnerabilities by rating the severity of vulnerabilities from 1: "not critical" to 5: "extremely critical."
Going by the PR Heartbleed received, you would be excused for thinking that what we were dealing with here was, indeed, "extremely critical." But it was not, as vulnerabilities go. That rating we use for "remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild"
Official website of Sky News Egypt Hacked by Arab Hacker(HackRead) A hacker going with the handle of "The BLuE" has hacked and defaced the official website of Sky News Egypt today. The BLuE hacker claims he is from United Arab Emirates (UAE) and reason behind defacing the Sky News website was nothing else but a challenge given by a friend. Hacker left a deface page along with
Metasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vulnerability)(Internet Storm Center) The latest release of Metasploit released today includes a module to ease exploitation of CVE-2014-0195. This vulnerability in the DTLS implementation of OpenSSL was patch last week and didn't get the attention the MitM vulnerability got that was patched at the same time. It is absolutely critical that you patch and/or firewall your DTLS services. This is complicated buy the fact that many of them are part of embeded devices like routers and switches (SNMPv3) or VoIP systems. Your web servers are NOT affected by this
BIND Security Update for CVE-2014-3859(Internet Storm Center) BIND has released a security update (CVE-2014-3859) for versions 9.10.0-p2, 9.9.5-p1, 9.8.7-p1. The update is available for download
iOS 8 will randomize devices' MAC address to increase privacy(Help Net Security) The next major release of Apple's iOS mobile operating system will include an important change: when local wireless networks scan for devices in range, devices running iOS 8 will provide random, locally administrated MAC addresses
Google End-to-End: The encryption silver bullet?(Help Net Security) The world seems to be turning its attention to the notion of data encryption, and Google is the latest to jump on the bandwagon. On June 3rd, Google announced that it would be offering a Chrome extension called End-to-End that provides end-to-end encryption of email. Comcast immediately followed with an announcement that they were aggressively pursuing adding encryption to email
How apps and extensions affect your browsing(Help Net Security) Google has announced the newest version of the Chrome Apps & Extensions Developer Tool, which helps developers debug apps and extensions, and power users to see which extensions ask for broad permissions that allow them to access sensitive data such as browser cookies or history
The Promise of a New Internet(Nextgov) People tend to talk about the Internet the way they talk about democracy—optimistically, and in terms that describe how it ought to be rather than how it actually is
Who Needs Heartbleed When Many Dot-Govs Don't Even Encrypt Communications?(NextGov) More than a quarter of federal websites are not properly configured with software to prevent intruders from intercepting data entered by citizens, according to a new study. Federal sites in general scored 10 percent lower than online banking services and social media networks at site security and server configuration, researchers at the Online Trust Alliance discovered
Oil and gas assets at high risk of cyber attack(FierceSmartGrid) New infrastructure development in the oil and gas industry and the growing threats to the security of critical oil and gas assets are encouraging end users to invest in security solutions, according to research from Frost & Sullivan. Plant owners are particularly interested in security products, services, and solutions that can detect and delay threats and are able to employ cutting-edge innovation and technology
Cyber threat 'impossible to avoid'(Risk.net) Financial institutions must accept that cyber attacks are inevitable and make allowances for their occurrence, OpRisk Europe conference heard yesterday. Also, banks must continue to vet third-party suppliers
Cyber Threat Landscape: Basic Overview and Attack Methods(Recorded Future) The flourishing synergy between the internet and its beneficiaries, who use it with varying identities, for various intentions and purposes, has had a noticeable impact on the overall outlook of the global cyber threat landscape
Cyber Threat Landscape: Attackers and Operations(Recorded Future) In 1996, a group of RAND researchers published a seminal book on the then alien concept of "netwar." They introduced and defined the term as an "emerging mode of conflict (and crime)" in which actors rely on small teams lacking a "precise central command" or a rigid hierarchy (Arquilla and Ronfeld, 1996)
Cyber Threat Landscape: Forecast(Recorded Future) According to United Nations Office on Drugs and Crime's (UNODC) Comprehensive Report on Cyber Crime (2013), in 2011, at least 2.3 billion people, the equivalent of more than one third of the world's total population, had access to the internet. Over 60% of all internet users are in developing countries, with 45% of all internet users below the age of 25 years
Should Microsoft, Cisco, and IBM Be Worried About China?(The Motley Fool) Tensions between the United States and China have been growing over accusations that the countries are using tech companies for cyber espionage. The U.S. recently charged five Chinese military officials with hacking into various American companies to steal trade secrets, and the government has been suspicious of Chinese tech giant Huawei for years. The United States, as it turns out, has been spying on Huawei, and it was recently reported that the NSA has been intercepting some networking hardware and installing surveillance equipment before sending it on its way
Meeting with Putin, Industry Leaders Ditch Users on Digital Rights(Global Voices) At a highly anticipated meeting today, Vladimir Putin spoke to Yandex's Arkady Volozh, Mail.ru's Dmitri Grishin, and others — all Internet industry leaders who stand to lose huge sums of money if the Kremlin's Internet crackdown causes Russian consumers to take their business to foreign competitors like Google. The "Internet Entrepreneurship in Russia Forum" was organized by the Agency for Strategic Initiatives — a non-profit organization Putin created in May 2011, ostensibly to cut red tape for new businesses
SourceClear Launches to Redefine Security for Developers(Fort Mill Times) SourceClear, the company creating a modern software security platform for developers, today announced it has closed $1.5 million in seed funding for the SourceClear platform, which is turning traditional software security inside-out. With general availability in the coming weeks, SourceClear empowers developers with the intelligence to make smarter decisions while they're building software, ensuring organizations gain complete visibility across their software portfolios. The platform integrates directly into established development tools, is armed with machine-learning capabilities and leverages 'big data' analytics
Corero appoints new chief technology officer(Education Investor) Corero Network Security has appointed a new chief technology officer and vice president of product. David Larson, previously Hewlett-Packard's chief technology officer, will direct the firm's technology and product strategy as it expands its cyber security software
Target Names Its First CISO(BankInfoSecurity) Target Corp. has chosen the former leader of information security at General Motors and General Electric as its first CISO. The move comes in the wake of a massive data breach last year that exposed 40 million credit and debit card accounts and the personal details of 70 million customers
Is TrueCrypt pining for the fjords?(Naked Security) As Monty Python famously opined in the Parrot Sketch from Monty Python's Flying Circus, no amount of jostling, explanations or hopeful wishes will bring back something that is well and truly dead
CloudFlare Teams Up With 15 NGOs To Protect Citizen Journalists And Activists From DDoS Attacks(TechCrunch) A lot of political speech now happens online, but that also makes it very vulnerable to DDoS attacks from those who don't agree with a given viewpoint. Many of these sites are hosted by individual journalists (and citizen journalists, if you want to make that distinction) and artists, who likely don't have the infrastructure and knowledge to protect themselves against these attacks
Rambus Cryptography Research Division Unveils CryptoManager™ Secure Feature Management Platform(MarketWatch) Rambus Inc. (NASDAQ:RMBS) today announced the CryptoManager™ platform, a feature management solution developed by the Rambus Cryptography Research (CRI) division. The CryptoManager platform consists of both a Security Engine and an Infrastructure suite that can dramatically improve efficiency and security during the manufacturing process. As lead customer, Qualcomm (see related release also issued today) is integrating the CryptoManager Security Engine into select SoCs and adopting the Infrastructure suite as part of its overall manufacturing process
Best Antivirus for Windows XP? Microsoft Security Essentials vs AVG vs Avast(Gamer Headlines) Protecting your Windows is crucial especially if you're still running Windows XP a out dated windows that many users still tend to use, mainly because of software limitations only a XP OS's. Today we go over which anti virus is best to use for your Windows XP operating system, we're merely guiding you which one to go with the choice is always up to you which you think is best
Is your data already out there?(Help Net Security) CIOs cannot underestimate the creativity of online organized criminals to quietly penetrate their IT systems through a growing area of vulnerability: employees and vendors, according to 360 Advanced
Easy Things Are Often the Hardest to Get Right: Security Advice from a Development Manager(White Hat Security) I'm not a security guy. I haven't done much hands-on software development for awhile either. I'm a development manager, project manager, and CTO, having spent much of my career building technology for stock exchanges and central banks. About six years ago I helped to launch an online institutional trading platform in the US, where I serve as the CTO today. The reliability and integrity of our technology and operations are critically important, so we worked with some very smart people in the info sec community to make sure that we designed and built security into our systems from the start
Why database monitoring may, or may not, secure your data(CSO) A majority of IT security pros believe that continuous monitoring of the database network is the best approach to prevent large-scale breaches like the ones that occurred at retailers Target, Michaels and Neiman Marcus, a study showed
Guarding against 'Carmageddon' cyberattacks(Eurekalert) The potential value of turning the nation's freeways into "smart transportation systems" is enormous. Equipping the nation's concrete arteries with a nervous system of computers and sensors that directly control on-ramp signals to keep traffic moving smoothly can substantially reduce travel times, fuel consumption and air pollution, not to mention improve road safety. In California alone the economic penalty of traffic congestion has been estimated at $400 million in extra costs and $3.5 million in lost wages every day
DARPA's Plan X Uses New Technologies to 'See' Cyber Effects(American Forces Press Service) Three years after the Defense Department named cyberspace a new domain of warfare, the Defense Advanced Research Projects Agency is unveiling technologies that soon could make it possible for military leaders and warriors to plan and execute real-time cyber missions in a territory charted so far only by machines
House Intel Chairman: US Getting Past 'Emotional Phase' of Snowden Disclosures(DefenseNews) While emphasizing that the cyber threat continues to be grave, US House Intelligence Committee chair Rep. Michael Rogers, R-Mich., said Wednesday that the public is moving beyond the immediate upset that surrounded the Edward Snowden disclosures, and that careful work is now underway to make "adjustments" to surveillance programs
CIA Uses Its First Public Conference to Stress Value of Human Sources(Government Executive) The nation's oldest spy agency remains relevant in the digital age, CIA Director John Brennan told an academic conference on Wednesday, saying his team "still provides intelligence and analysis that social media and foreign partners cannot because nothing can replace the insight that comes from a well-connected human source"
Separate cyber force not needed, says Navy official(FierceGovernmentIT) While the Defense Department has grown fond of referring to cyberspace as the new, fourth operational venue — along with sea, air and land — it does not warrant its own, independent branch of the armed services, said Vice Adm. Ted Branch, director of Naval Intelligence
FBI Shutdown of Virus Demanded New Anti-Hacker Tactics(Bloomberg) Dismantling one of the world's most insidious computer viruses required complex and fast-paced tactics that will be the blueprint for U.S. law enforcement's future cyberbattles. By the time authorities claimed victory over Gameover Zeus last week, they had reverse-engineered how the virus communicated, seized command-and-control servers overseas and engaged in cyber battle with the hackers to keep them from re-establishing contact with their fast evaporating network
Cyber Chaos(UPI) Cybercrime has taken a huge chunk out of the US and allied economies, here's how
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.