ISIS insurgents (who appear to have Syria, Lebanon, and Jordan queued up for attention once they re-establish their simulacrum of a caliphate in Iraq) are finding social media a two-edged weapon: as cyber conflict rises in parallel with the fighting, parties unknown are tweeting sensitive information about ISIS plans and operations.
Anonymous announces another action against the energy sector: oil companies in Saudi Arabia, Qatar, and the United Arab Emirates are named as targets.
Apparent Russian government hacking of recent Ukrainian elections came close to achieving their complete disruption. The Christian Science Monitor reports that experts see the episode as an unhappy foreshadowing of future election problems worldwide.
As the HM Government announces broader cyber-sharing with British industry, it also says government networks have been breached by foreign cyber espionage operations. (The espionage is unattributed, but the UK and China have been at cyber loggerheads for some time. These tensions aside, the two countries are said to be working toward closer cyber law enforcement collaboration.)
Several stories on malware evolution offer further insight into how the Internet (and especially its shadier, black-market precincts) can give cyber criminals a supple and responsive R&D capability.
Microsoft discloses and fixes a vulnerability in its Malware Protection Engine. The bug could expose users of several Microsoft products to denial-of-service attacks.
Advances in mobile device technology pose forensic analysts new technical and legal challenges.
Dark Reading looks at the cyber insurance market and discerns a big problem: no "evidence-based method" to assess cyber risk profiles.
Today's issue includes events affecting Australia, Canada, China, European Union, Finland, India, Iraq, Ireland, Jordan, Lebanon, NATO, Portugal, Qatar, Russia, Saudi Arabia, Syria, Taiwan, Ukraine, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Someone Is Spilling ISIS's Secrets on Twitter(Daily Beast) The terror group may be on a rampage in Iraq. But ISIS is being threatened from inside, it seems. And no one is sure who's behind the tweets disclosing the group's intimate detail
Next Media websites 'attacked'(Hong Kong Standard) Democratic Party legislator, James To, on Wednesday called on the police to conduct a thorough investigation into a cyber attack on the pro-democracy Next Media Group. The group's Apple Daily websites in Hong Kong and Taiwan have been under attack since 3:30am
Android Ransomware Uses TOR(TrendLabs Security Intelligence Blog) The recent introduction of ransomware in the mobile threat landscape was followed by a new development: the usage of TOR to hide C&C communication
Template Document Exploit Found in Several Targeted Attacks(TrendLabs Threat Blog) The use of contextually-relevant emails is one of the most common social engineering tactics employed in targeted attacks. Emails still being the primary mode of business communications are often abused to deliver exploits to penetrate a network that consequently lead to other stages of a targeted attack cycle
Sality Malware(Infosec Institute) During the last Christmas season, a phishing email with an executable named as greetings . exe was broadly sent, and when the email was executed, an image named 'xmas' was drawn on the screen. This has captured the eyes of many security analysts, as the firewall and other prevention measures were disabled. Upon thorough investigation, it was concluded that it was a Trojan classified as Sality.AM, and many files were dropped in the %WINDIR%/TEMP directory
Cyber-Attacked AT&T Users Urged to Watch Out For Financial Fraud(States Chronicles) Last May we reported that giant online retail platform eBay got hacked into and lost personal data belonging to over 145 million users. The news stroke like lightning, as it was one of the biggest, most astute security breaches we came to stumble upon this year. However, in either eBay's or Spotify's cyber attack cases the users weren't robbed of their financial data or highly sensitive personal information
Spamvertised 'June invoice' themed emails lead to malware(Webroot Threat Blog) Cybercriminals continue spamvertising tens of thousands of malicious emails on their way to socially engineer gullible end users, ultimately increasing their botnet's infected population through the systematic and persistent rotation of popular brands
Britain expected to face worst-ever cyber attack(Times of India) GoZeuS is designed to steal banking information from personal computers, while CryptoLocker encrypts user-created files such as business documents and photographs, only releasing them in return for a ransom of hundreds of pounds. The attack is expected on the night on June 17
DDoS attacks: Perfected by hacktivists, preferred by cybercriminals(FierceITSecurity) Once the primary tool of hacktivists bent on disrupting corporate and government websites, distributed denial of service attacks are today being embraced by cybercriminals bent on extortion and distracting firms to steal sensitive data. And not surprisingly, these types of attacks are on the rise
Security Patches, Mitigations, and Software Updates
Microsoft Security Advisory 2974294: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service(Microsoft Security Tech Center) Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed and the service is restarted
Can digital forensics keep up with smartphone tech?(GCN) The explosive growth in both the use and capacity of smartphones has led to a sea change in digital forensics, creating technology challenges for the justice and law enforcement communities and raising legal questions that in some cases have gone to the Supreme Court
Employees take too many risks with Wi-Fi security(Help Net Security) UK employees are potentially putting their companies at risk of cyber-attack when using mobile devices for work purposes while on holiday or on a short break, new research has found
SMBs still use Windows XP and face security risks(Help Net Security) Almost one in five small and medium businesses worldwide are currently exposed to major security risks as they are still using Windows XP after Microsoft ended support for the operating system, according to Bitdefender
Could you maintain security in event of IT failure?(Help Net Security) A study investigating the priorities for the UK and Ireland's top banks and insurance companies has revealed low confidence in the ability to remain secure in the event of an IT collapse, according to Fujitsu. Only a third (35%) of the 176 organizations surveyed said they were "very confident" that security could be maintained in the event of an outage
Businesses ill-equipped to handle data-theft hackers(FierceCIO:TechWatch) Hackers broke into the online systems of Dominos in the countries of France and Belgium, and attempted to blackmail the pizza chain into parting with €30,000 to prevent the public disclosure of the stolen passwords and customer data
India Third-Most Affected by Online Banking Malware: Report(NDTV) The use of Internet has improved the overall banking services in India, but, it has also led to a heightened activity by cybercriminals making the country the third-most affected globally by online malware, a report by cyber-security firm Trend Micro said
The Smartification of the Home, Part 1(TrendLabs Threat Blog) Over the past few years, there has been proliferation of intelligent connected devices introduced into homes across the globe. These devices can range from the familiar — such as tablets, smart phones, and smart TVs — to the less familiar, such as utility meters, locks, smoke and carbon monoxide detectors, motion detectors and scales
The Problem With Cyber Insurance(Dark Reading) Insurers have yet to develop an evidence-based method to assess a company's cyber risk profile. This has resulted in high premiums, low coverage, and broad exclusions
FINRA Reviews FireEye Trading Activity Ahead of Mandiant Acquisition(Wall Street Journal) The Financial Industry Regulatory Authority is reviewing trading in computer-security firm FireEye Inc. FEYE -0.34%'s shares ahead of its $1 billion January acquisition of Mandiant Corp., another cybersecurity company known for investigating high-profile data breaches
Jim Messina Joins Vectra Networks Board Of Directors(Broadway World) Jim Messina Joins Vectra Networks Board Of Directors Vectra Networks, the leader of real-time detection of cyberattacks in-progress, today announced that Jim Messina has joined its board of directors
Products, Services, and Solutions
Gear to Block 'Juice Jacking' on Your Mobile(Krebs on Security) Ever since I learned about the threat of "juice-jacking" — the possibility that plugging your mobile device into a random power charging station using a USB cord could jeopardize the data on that device — I've been more mindful about bringing a proper power-outlet charging adapter on my travels. But in the few cases when I forgot or misplaced the adapter, I've found myself falling back on one of two devices I'll review today that are both designed to block USB charging cords from transmitting data
ThreatTrack Security Rolls Out ThreatSecure(Dark Reading) Venture-backed cybersecurity firm introduces ThreatSecure, a disruptive threat detection and remediation technology, and announces plans to expand into Silicon Valley
Votiro Incorporates Spear Phishing Protection(Newsfactor Business Report) Votiro, the provider of Secure Data Sanitization solutions for protecting organizations against zero-day and other ongoing cyber-threats, announced today that it has extended the usability of its free, cloud-based, sanitization service to include protection against spear phishing and other email-based attacks
AhnLab Introduces Its Anti-APT Security Solutions at CommunicAsia 2014(Wall Street Journal) AhnLab, Inc., a leading provider of information security products and services for enterprise, military and government organizations, and Synetcom Philippines, Inc., AhnLab's strategic business partner, introduced AhnLab MDS, multi-layered security solutions against today's advanced security threats at the CommunicAsia 2014 (Booth Number BB5-08, Basement Level), held on June 17-20, 2014 at Marina Bay Sands, Singapore
secunet introduces policy framework for eID PKIs(Biometric Update) German IT security solutions provider secunet announced at Security Document World 2014 that it will introduce a policy framework for public key infrastructures with regard to electronic identity documents
Blue Coat Systems offers JIE advanced malware protection(C4ISRNet) As the Defense Department moves toward the centralized network approach of the Joint Information Environment — and the joint regional security stacks that will help keep it secure — one industry partner is providing a crucial layer of protection that will help secure DoD networks worldwide
Successful Launch of Webroot for Gamer at E3(Webroot Threat Blog) Webroot, the market leader in cloud-based, real-time Internet threat detection, recently returned from the 18th annual Electronic Entertainment Expo, or E3 for short, hosted by the Entertainment Software Association
TrueCrypt — a matter of assurance(Graham Cluley) Over a number of years, TrueCrypt gained a reputation and a sizeable following as a reliable and stable, tried and tested free full disk encryption solution
Error logging and tracking done right with Raygun.io(Troy Hunt) For some years now, one of the first things I've dropped into any new project has been ELMAH. Grab it from NuGet, provision yourself a SQL database table and watch magic happen as every unhandled error gets dumped into the DB and is reviewable via a handler which exposes the original stack trace amongst other info such as server variables and POST data. In theory, you also secure this. In practice, many people don't
Ransomware with a happy ending(Naked Security) Ransomware is certainly a hot topic these days. That's the sort of malware that locks up your computer, or scrambles your data, and demands a fee to get things back the way they were
7 Things Your Boss Needs to Know About Phishing(Cyveillance Blog) As an IT security professional, you spend your day protecting your organization and managing risk. You handle the day-to-day tasks that help keep the criminals out, like monitoring log files, updating antivirus software, managing firewalls, and responding to cyber security incidents. You deal with threat vectors like phishing every day, but can you explain to your boss (or your boss' boss) the seven things about phishing that he or she really needs to know?
Windows XP, slow to die :-((Internet Storm Center) After traveling around the past few months in various countries it looks like getting rid of Windows XP is going to take quite a while. It is probably due to the fact that it has expired that I noticed it more than usual, but XP is certainly everywhere. You see it at airports on display boards, Point of Sale systems. In one overseas country the computers in customs as well as the railway displays and control systems and hospitals
Being a CISO at a higher education institution(Help Net Security) In this interview, Matt Santill, CISO of Broward College, talks about the requirements and peculiarities of his job, the technologies the college uses to make its network safe, and offers advice for CISOs working in other educational institutions
U.S., NATO Exploring Collective Cyber Defense(USNI News) Top American and NATO military leaders could begin exploring the ramifications of an Article 5 response by the alliance to a cyber attack, according to a top Pentagon cyber official
Cyber agenda considers security impact of declassifying IP(Government Computing) The declassification of government-designed intellectual property for potential commercial use and assistance for small and medium-sized enterprises (SMEs) to mitigate security risks in providing public services will be among the key focuses at an information assurance event that concludes today
U.S. senators push ahead with cyber security legislation(Reuters via Business Insurance) The U.S. Senate Intelligence Committee is expected to consider a bill next week aimed at encouraging companies to exchange information on hacking attempts and cyber security threats with the government, senators said on Tuesday as they released a draft of the legislation
Snowden Leaks Cost Nation's Cyber Security Efforts, Former NSA Official Says(Wall Street Journal) A former deputy National Security Agency director said intelligence secrets leaked by Edward Snowden last June derailed legislative attempts to encourage the public and private sectors to share information about vulnerabilities in cyberspace, and said the government must do more to encourage such collaboration
Agencies work to close mobile security, connectivity gaps(GCN) The right mix of technology and policies will help agencies strike a balance between government-issued and personal devices as they attempt to give a mobile workforce secure access to data from anywhere, anytime and any device
Judge orders release of NSA surveillance court rulings(SFGate) A federal judge in Oakland, citing "intense public interest and concern" about government surveillance, has ordered the Obama administration to turn over secret court rulings about National Security Agency activities so she can decide whether to make them public
20-years-old Alleged "NullCrew" Hacker Arrested by the FBI(HackerNews) The FBI officers have arrested a 20-year-old Tennessee man and charged with federal computer hacking for allegedly conspiring to launch cyber attacks on five organizations in 2013, including two universities and three companies in the US and Canada, federal law enforcement officials announced today
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Hacktivity 2014(Budapest, Hungary, October 10 - 11, 2014) Official and alternative representatives of the information security profession meet with all those interested in this field in framework which is at the same time informal and informative, and sometimes...
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
2nd Annual Oil & Gas Cyber Security Conference(Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.