skip navigation

More signal. Less noise.

Daily briefing.

More information appears on recently reported cyber intrusions into US power utility networks: the incursions appear to have been cyber reconnaissance, which is consistent with Department of Homeland Security claims that no damage was found in control systems. One of the hackers mentioned in dispatches is Wang Dong (former nom de guerre "Ugly Gorilla," currently going by "Say Goodbye to my youth") whom regular readers will recognize from US indictments of Chinese PLA officers. Among the utilities affected was that of Madison, New Jersey, a smallish town that manages its own piece of the grid, and therefore an attractive test target.

The World Cup continues to spawn more cyber crime than effective hacktivism, but big sponsors remain on alert. Fans in Brazil to watch the games are advised to be wary of local AC/DC device chargers.

The Australian mining trade press discusses the difficulty of balancing security and operational efficiency, an act all industries will find familiar.

In industry news, Target's new CISO will report to the CIO, and observers differ over whether that will prove an effective organization. The US State Department has turned to bonuses (although it refuses to call them such) in its efforts to lure cyber talent from industry.

NIST 800-53 Revision 5 is likely to place more emphasis on continuous monitoring, and enterprises consider doing the same in anticipation of the new US security standard. Also in the US, the FCC revises its own cyber defense guidance for industry; the FAA pushes avionics cyber security.

Notes.

Today's issue includes events affecting Australia, Bahamas, Belgium, Bolivia, Brazil, China, France, India, Indonesia, Israel, Malaysia, Netherlands, Romania, Russia, Taiwan, United Kingdom, United States, and Venezuela..

Cyber Attacks, Threats, and Vulnerabilities

UglyGorilla Hack of U.S. Utility Exposes Cyberwar Threat (Bloomberg) Somewhere in China, a man typed his user name, "ghost," and password, "hijack," and proceeded to rifle the computers of a utility in the Northeastern U.S.

World Cup big brand sponsors braced for wave of cyber attacks (The Grocer) As The Grocer went to press, World Cup sponsors were bracing themselves for cyber attacks

Cyber criminals cash in on World Cup frenzy (Business Standard) Security solutions firm Kaspersky Lab advises football fans traveling to Brazil to use AC/DC chargers available locally carefully

Security Tips for Football World Cup Fans (Lumension) The FIFA World Cup has kicked off in Brazil, with fans travelling to the country from around the globe in the hope that their country's football team will make it to the grand final

Ransomware "Svpeng" strikes US, leaves Android devices unusable (SC Magazine) Earlier versions of Svpeng impacted mobile users in Russia, stealing card details from customers of major banks. A mobile trojan called "Svpeng," has now been updated to extort Android users in the U.S., researchers warn

Taiwan Hit With Micropayment Fraud via Android Malware (TrendLabs Security Intelligence Blog) In our 1Q Threat roundup report, we noted that the number of mobile malware and high-risk applications reached the two-million mark and is rapidly growing. In our monitoring of the mobile threat landscape, we have recently discovered an Android malware that is spreading fast in Taiwan

10 years since the first smartphone malware — to the day. (Eugene Kaspersky Nota Bene) On June 15, 2004, at precisely 19:17 Moscow time something happened that started a new era in computer security. We discovered the first malware created for smartphones

Scans Quantify Vulnerable OpenSSL Servers (Threatpost) Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it's probably no surprise that patching levels for CVE-2014-0224 aren't as high out of the gate as they were for Heartbleed

Heartbleed & The Long Tail Of Vulnerabilities (Dark Reading) To this day there are still unpatched systems, still hackers scanning for vulnerable systems, and still cyber criminals using Heartbleed every day to break into companies

Biggest, baddest, boldest software backdoors of all time (IT World) These 12 historically insidious backdoors will have you wondering what's in your software — and who can control it

Origin not hacked, EA confirms false alarm (SlashGear) This afternoon there's been a false alarm announcement by a supposed hacker group suggesting they'd breached Origin, lifting thousands of emails and passwords. In fact the emails included in a leak come up in Google searches as far back as several years ago, meaning the list was likely harvested from several already-public lists. EA suggests that "there is no truth" to the idea that there was a hack

Bitcoin security guarantee shattered by anonymous miner with 51% network power (Ars Technica) For the first time in Bitcoin's five-year history, a single entity has repeatedly provided more than half of the total computational power required to mine new digital coins, in some cases for sustained periods of time. It's an event that, if it persists, signals the end of the crypto currency's decentralized structure

Stolen USB Drive Exposes 33,702 Calif. Patients' Data (eSecurity Planet) Patients' names, genders, medical record numbers, birthdates and dates and times of service may have been exposed

Domino's Pizza Database Hacked, 650,000+ Customer Records Stolen (HackRead) A group of hackers going with the handle of Rex Mundi breached into the database of Domino's Pizza websites in France and Belgium and ending up with access to more than 592,000 records of French customers and 58,000 records of Belgians

French Hospital's Computer "Bug" Trashes a Fortune in Perfectly Good Drugs (IEEE Spectrum) Last week saw another wave of healthcare-related IT malfunctions, problems, and issues being reported. This time, we turn our focus to a controversy currently capturing the attention of the French press: the startling admission by administrators at the university hospital in Rennes that perfectly good drugs and other medical supplies are being trashed as a result of technical issues with its relatively new automated pharmacy system

Bulletin (SB14-167) Vulnerability Summary for the Week of June 9, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Mozilla Releases Security Updates for Firefox, Firefox ESR, Thunderbird, and Netscape Portable Runtime (US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, Thunderbird, and Netscape Portable Runtime. Exploitation of these vulnerabilities may allow attackers to execute arbitrary code, cause a denial of service, or conduct clickjacking attacks

Microsoft strips some Windows 7 users of IE11 patch privileges (ComputerWorld) Mandate similar to the one put in place for Windows 8.1 Update

Microsoft promises better privacy, updates service level pledge but there's a small catch (TechTimes) From now on, when you log on to Outlook.com, Office.com, Bing, MSN, OneDrive, or any of a dozen other Microsoft services, security and privacy are things you don't have to worry about. Or so Microsoft claims, according to a newly revised "Services Agreement" that's big on words like "privacy," "transparency" and "simplicity"

Cyber Trends

Why Reset the Net falls short in protecting you from surveillance (Phys.org) A year on from Edward Snowden's revelations around state sponsored mass surveillance programs, some of the major players in the online and technological world (including Google, Mozilla, Twitter and Reddit) have launched the Reset the Net campaign

Four tips to overcome the cyber threat to the mining industry (The Ferret) Organisations in the mining sector face a new and important challenge as they balance the drive for operational and environmental efficiency against the emerging risk of cyber attack

British firms 'not taking mobile security seriously', says Samsung (ComputerWorld via CSO) Lack of visibility of mobile losses and thefts, says research from the company

The privacy attitudes of 15,000 consumers from 15 countries (Help Net Security) Spanning 15 countries and 15,000 consumers, the the EMC Privacy Index reveals consumers hold viewpoints on privacy that vary widely by geography and the type of activity engaged in while online

Children prey to cyber-crime; majority of parents don't feel so (Indian Express) Negative online experience refers to experience someone posting private/intimate content without permission

Large-scale tests with self-driving cars to hit Dutch roads (IT World) The Netherlands wants to be a front-runner of self-driving cars in Europe

Marketplace

Target top security officer reporting to CIO seen as a mistake (CSO) Experts worry that the retailer's chief executive and board may not get a complete picture on the company's security, if the CISO does not report directly to them

China's Huawei trains Indonesian ICT students (Xinhua via GlobalPost) China-based telecommunications giant Huawei held a commencement ceremony for Indonesian information and communications technology (ICT) students on Friday, seeking to transfer ICT skills to the largest Southeast Asian country through its training program

ZTE to Support Telkom Indonesia in Java Backbone Network Upgrade (Wall Street Journal) ZTE Corporation ("ZTE") (H share stock code: 0763.HK / A share stock code: 000063.SZ), a publicly-listed global provider of telecommunications equipment, network solutions and mobile devices, is pleased to support Telkom Indonesia in Java backbone network upgrade to deliver a 10-fold capacity increase in most of the network and will enable a superior user experience to subscribers

Booz Allen Hamilton Sees Revenues Declining, but Hold On for the Ride (Wall Street Cheat Sheet) Booz Allen Hamilton Holding Corporation (NYSE:BAH) is an interesting company, and it makes a hefty profit. It provides management consulting, technology, and engineering services in the United States

Raytheon broadens tech offerings as market shifts (Washington Technology) Whether a threat is kinetic or cyber, or comes from a terrorist group or a rogue nation, Raytheon offers the technologies to provide the U.S. government and other nations with the technologies to alert them to the threat and enable them to take action to neutralize the threat

Raytheon: 6 Different Insiders Have Sold Shares During The Last 30 Days (Seeking Alpha) Summary: 6 insiders sold Raytheon stock within one month. The stock was not purchased by any insiders in the month of intensive selling. 3 of these 6 insiders decreased their holdings by more than 10%

An Extra 14 Percent Keeps Cyber Pros at State — Just Don't Call It a Bonus (Nextgov) It's hard to lure hacker fighters from the lucrative private sector to the government, but once they join the State Department, they typically stay, a top department cyber official says. Dangling cash incentives helps

Industry Veterans Join AlgoSec to Support Strong Growth in the Security Policy Management Market (IT Business Net) AlgoSec, the market leader for Security Policy Management, today announced the expansion of its executive team with the appointments of Eli Adler as General Manager of EMEA, Bruno Weinberger as Vice President of Strategic Alliances and Shelly Sarid as Vice President of Finance. The new executives will help drive the company's business model and growing market presence. In the first five months of 2014, the company continued on its track of fast growth, securing several 7-digit deals with global financial institutions, retailers and managed service providers

ZeroFOX Appoints Two New Vice Presidents to Lead Global Sales Teams (PR.com) ZeroFOX, The Social Risk Management Company™, today announced the appointment of two new vice presidents, Pano Paschaloudis and Stephen Weis, to augment the company's leadership team and further develop and execute its comprehensive sales vision to foster high volume revenue and dynamic sales growth

Products, Services, and Solutions

Stalker: A creepy look at you, online (CNN Money) While you were having a latte and hunting for a Tinder date on your local coffee shop's open Wi-Fi, you were giving away your personal information. Want to know how much? Stalker will tell you

Kaspersky, Telef—nica join forces to improve cyber protection (Daily Express) Kaspersky Lab has announced a new strategic cooperation agreement with Telef—nica, to provide its customers worldwide with cyber-security services

Tenable Integration with Threatgrid Enhances Detection of Persistent Malware (Crowdsourcing.org) Tenable Network Security®, Inc., the leader in continuous monitoring of vulnerabilities, threats and compliance, announced its latest new source of threat analytics through an integration with ThreatGRID's malware analysis and threat intelligence solution. This integration enhances Tenable's dynamic library of known threats from the industry's top 25 antivirus vendors, improves accuracy and reduces the time to detect advanced malware that bypass traditional security controls

Scots firm creates way to hide internet footprint (Scotsman) In the age of Big Brother and the prying eyes of the National Security Agency and its allies, it is billed as a way of reclaiming the internet for ordinary people

Votiro Incorporates Spear Phishing Protection Into Its Cloud-Based Sanitization Service (Digital Journal) New protection against email-based attacks extends the usability of Votiro's free service

Google's after your health data with 'Google Fit' service (Naked Security) Google's about to jump into the growing fitness data marketplace — a mosh pit that consumer advocates are already calling a privacy nightmare — to wrestle with Apple and Samsung for the data created by fitness trackers and health-related apps

Spamhaus readies new antimalware data feeds (IDG via CSO) The data feeds will make Spamhaus' Domain Block List more effective and versatile, the organization said

Technologies, Techniques, and Standards

NIST Security Guidance Revision: Prepare Now (InformationWeek) NIST 800-53 Revision 5 will likely put more emphasis on continuous monitoring. Don't wait until next year to close your security gaps

Does iOS malware actually exist? (ZDNet) There actually has been some iOS malware, but it's shockingly rare. It's all thanks to Apple's rigid control over app distribution

Hacked restaurant chain goes back to the 1970s, to protect itself from hackers (Hot for Security) Security blogger Brian Krebs was the first to blow the whistle earlier this week on a serious data breach at the US-based P. F. Chang's China Bistro chain of restaurants

What's the leading cause of data loss? (Help Net Security) HDD crashes more than doubled in the last four years, prevailing as the most common cause of data loss according to customer data provided by Kroll Ontrack

Design and Innovation

Booz Allen Holds 'Combustion Chamber' Competition as Catalyst for Employee Thinking (ExecutiveBiz) Booz Allen Hamilton had five teams cross the firm pitch their best ideas for helping clients solve problems to a panel of judges during a series of presentations at the firm's "Combustion Chamber" event June 5

DARPA Builds 3D Display Platforms for Cyber Mission Planning, Adversary Tracking Activities (ExecutiveGov) The Defense Advanced Research Projects Agency has designed two military platforms that aim to help warfighters organize cyber operations and track adversaries in a large-scale digital environment

Soldiers Could Use 'Plan X' to Combat Cyber Attacks (Headlines and Global News) The Defense Advanced Research Projects Agency (DARPA) is developing a project called 'Plan X' to help soldiers combat cyber attacks

Research and Development

The age of the quantified family is upon us (Quartz) We're one step closer to the quantified household. University of Virginia associate professor of computer science, Kamin Whitehouse, is leading a team that's designing the software to make it possible. "We need to not just be users of the internet of things, we need to also be objects in the internet of things," Whitehouse told a Massachusetts Institute of Technology digital summit last week

Legislation, Policy, and Regulation

Snowden effect changes US-China dynamic on cybersecurity (South China Morning Post) The whistle-blower's revelations of the extent of NSA spying gave Beijing a stronger hand in negotiations on the issue of cybersecurity

Mending fences in Brazil after Snowden leaks (USA TODAY) Liliana Ayalde couldn't have picked a worse time to start her job as U.S. ambassador to Brazil

Bahamas Expects Official Response from US Addressing Spying Claims (Atlanta BlackStar) Foreign Affairs Minister Fred Mitchell said Wednesday that the Bahamian government will ensure that its relationship with the United States remains intact even if it discovers the controversial allegation that its National Security Agency (NSA) is recording and storing audio from every cellphone conversation in the Bahamas is true

New evidence US drug body spied on Bolivia, Venezuela (GreenLeft) In a May 19 article on US government spying for The Intercept, Ryan Devereaux, Glenn Greenwald and Laura Poitras publish leaked documents that show the US government may have used the Drug Enforcement Administration (DEA) to aid National Security Agency (NSA) spying on US citizens and non-citizens in foreign countries

FCC unveils 'new regulatory paradigm' for defeating hackers (Washington Post) In recent months, the Federal Communications Commission has quietly worked to expand its role among federal agencies charged with protecting the nation's networks from cyberattack. On Thursday, the agency sought to take the lead again, unveiling a new regulatory model aimed at helping phone companies and other telecommunications firms defend themselves from malicious hackers

FAA Orders Boeing to Protect Airplanes from Cyber Attacks (eSecurity Planet) Proposed special conditions require Boeing to 'ensure that the airplanes' electronic systems are protected from access by unauthorized sources'

Obama-Congress intelligence pipeline broken (Politico) The Senate's spy watchdogs are abuzz over what lawmakers describe as a low point in relations with the Obama administration and its intelligence policymakers

What the Departure of Eric Cantor Means for National Security (Roll Call) Everyone is still digesting the fallout from this week's surprise primary election defeat of Majority Leader Eric Cantor, R-Va., but the part related to its effect on national security and foreign policy is pretty well-chewed, enough to examine it as a whole

Willie May to Officially Become Acting Director at NIST (ExecutiveGov) Patrick Gallagher steps down as National Institute of Standards and Technology chief this week and Willie May will formally assume the acting director role with the standards body

Transportation Department Looks To Regulate Navigation Apps (TechCrunch) The Department of Transportation is angling for regulatory control over navigational apps as a part of the Obama administration's proposed transportation bill, which is expected to pass later this year

House of Lords sets up Digital Skills Select Committee (ComputerWeekly) The House of Lords has set up a select committee on digital skills

Litigation, Investigation, and Law Enforcement

Stockman asks NSA for Lois Lerner metadata after IRS claims 'glitch' erased all incriminating emails (Bay Area Citizen) Congressman Steve Stockman Friday asked the National Security Agency to turn over all its metadata on the email accounts of former Internal Revenue Service Exempt Organizations division director Lois Lerner for the period between January 2009 and April 2011

Judge orders DOJ to turn over FISA surveillance documents (IDG via CSO) The agency failed to justify keeping the 66 pages of documents secret, the federal judge said

Ruling Raises Stakes for Cyberheist Victims (Krebs on Security) A Missouri firm that unsuccessfully sued its bank to recover $440,000 stolen in a 2010 cyberheist may now be on the hook to cover the financial institution's legal fees, an appeals court has ruled. Legal experts say the decision is likely to discourage future victims from pursuing such cases

U.S. officials scrambled to nab Snowden, hoping he would take a wrong step. He didn't. (Washington Post) While Edward Snowden was trapped in the transit zone of Moscow's Sheremetyevo Airport last year, U.S. officials were confronting their own dearth of options in the White House Situation Room

French Senator Optimistic on Possible Asylum to Edward Snowden (Prensa Latina) French senator Catherine Morin-Desailly was quite optimistic regarding the request to appoint a French citizen of honor and grant asylum to US former National Security Agency analyst Edward Snowden

How to 'double your money on PayPal!' and why you should NOT try it (Naked Security) You can double your money by bilking PayPal with a loophole in its terms of service, according to a Romanian man convicted in 2012 of temporarily blocking the systems of the US Army, Pentagon and NASA. Cernăianu Manole Răzvan, who has published under his hacker handle TinKode in the past, was released a few months after Romanian law nabbed him

Chinese gov't reveals Microsoft's secret list of Android-killer patents (Ars Technica) Microsoft crows about transparency, but it didn't reveal this list of 310 patents

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

AFCEA Information Technology Expo at Joint Base Lewis-McChord (JBLM) (, January 1, 1970) Federal Business Council, Inc. (FBC) and the Armed Forces Communications & Electronics Association (AFCEA) Pacific Northwest Chapter (PNC) will be partnering once again to co-host the 4th Annual Information...

Global Summit on Computer and Information Technology (, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...

NRC Cyber Security Seminar/ISSO Security Workshop (Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.

2014 Spring National SBIR Conference (Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...

18th Annual Colloquium for Information Systems Security Education (, January 1, 1970) The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's...

MeriTalk's Cyber Security Brainstorm (Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...

Suits and Spooks New York (, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...

SANSFIRE (Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.

26th Annual FIRST Conference (Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...

Gartner Security & Risk Management Summit 2014 (National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...

AFCEA International Cyber Symposium (Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.