Cyber hotspots in the Russian near abroad and the Levant remain relatively quiet at week's end. In East Asia investigations into attacks on Vietnam's Ministry of Natural Resources and Environment and a denial-of-service campaign aimed at disrupting unofficial voting in Hong Kong: suspicions in both cases focus on the Chinese government.
IDG chalks up its ability to parry recent attacks by the Syrian Electronic Army to good security awareness. They expected an SEA attack (because of presentations they'd given that showed insufficient enthusiasm for Bashir Assad) and alerted users to the likelihood of phishing (this being the SEA's principal attack technique). A good case study in using actionable intelligence: how could the lessons be extended to other threats?
The proof-of-concept vulnerability Duo Security demonstrated in PayPal's Security Key mechanism doesn't (says PayPal) endanger customer accounts.
IBM researchers release details of an Android vulnerability — patched back in November, but still threatening users. If you're an Android user, look to your patches, especially if you're dependent on a carrier to push them to you.
Criminals or security services may be able to exploit the Pangu iOS jailbreaking tool.
Ransomware and scareware have proliferated this year. Krebs describes extortionists' increasingly brazen operations (almost as if they were legitimate businesses) and Kaspersky offers insights into the criminal economy that enables extortion to pay.
McAfee warns of "Advanced Evasion Techniques" (AET). Dell warns that Windows servers require continuous monitoring.
An APT campaign hit US airports last year. The oil and gas sector forms an ISAC.
Today's issue includes events affecting China, European Union, Germany, Indonesia, Syria, United Kingdom, United States, and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Vietnam ministry cyber-attack: confirmed (Thanh Nién News) The website of Vietnamese Ministry of Natural Resources and Environment (MONRE) was attacked recently, but its confidential information remains untouched, a senior official has said
MONRE claims malware damage minimal(VietNamNet Bridge) The Ministry of Natural Resources and the Environment (MONRE) has denied assertions that its database on the East Sea was stolen by hackers
Beijing Behind Cyber Attacks on Hong Kong Poll?(New Tang Dynasty) June 22, Hong Kong movement for democracy's referendum, faced the second largest cyber attack in history. While the public suspect the 'herder' behind the attack, Hong Kong Internet security experts analyzed, 40% of the attacks came from Chinese-funded institutions. Referendum organizers believe that the Communist regime was directing the attack
A Security Awareness Success Story(CIO) The recent Syrian Electronic Army attacks against IDG demonstrate that good security awareness works, say Ira Winkler and Samantha Manke
PayPal Responds to Report of Security Key Vulnerability(eCommerce Bytes) Researchers at a security firm discovered a vulnerability in PayPal's two-factor authentication (2FA) - what PayPal calls the Security Key mechanism. However, as the Guardian newspaper reported, attackers would need a PayPal user's username and password to compromise accounts, but said "the vulnerability in PayPal Security Key would have made life far easier for hackers looking to steal PayPal users' funds"
Patched Code Execution Bug Affects Most Android Users(Threatpost) A serious code-execution vulnerability in Android 4.3 and earlier was patched in KitKat, the latest version of the operating system. Researchers at IBM this week disclosed the nature of the vulnerability, which was privately disclosed to the Android Security Team in September and patched last November
New iOS jailbreak could become sinister(IDG via CSO Salted Hash) A new jailbreak for Apple's iOS software that uses confidential information intended only for security researchers could develop into a more sinister attack, according to security analysts
Asia Beware: Ransomware is Traveling East(ComputerWorld) In late May this year, Microsoft came out with a security report that made a bold declaration: deception is now the favourite tactic of cybercriminals
The Year Extortion Went Mainstream(Krebs on Security) The year 2014 may well go down in the history books as the year that extortion attacks went mainstream. Fueled largely by the emergence of the anonymous online currency Bitcoin, these modern-day shakedowns are blurring the lines between online and offline fraud, and giving novice computer users a crash course in modern-day cybercrime
How Much Money Do Cybercriminals Earn?(Kaspersky Lab) When you read about hundreds of thousands of viruses that appear each day, you may wonder, who puts so much effort in development of this malware and why. The answer is simple — they are criminals and they do it because it is very, very profitable. Our researchers have discovered an Internet server being used for controlling the attack targeted at users of a large European bank. Log files from this server show that in just one week criminals stole more than 500,000 Euros from a bank's clients and transferred these funds to accounts, controlled by thieves
What's next: Advanced Evasion Techniques(Help Net Security) Advanced evasion techniques, or AETs, are delivery mechanisms used to disguise advanced persistent threats (APTs) and permit them to slip through network security undetected
Microsoft computer scheme resurfaces(KUSA) Security experts say that thieves are ramping up criminal activity along the Font Range, and that we may be seeing a new scam in our area very soon
Revenge porn hits two high profile boyfriends where it hurts(Naked Security) On Monday morning, one of Twitter's political sides exploded with revelations that a troll had leaked screen captures of a text message exchange and email, all of which suggested an extramarital affair between former NSA analyst John Schindler and a conservative Twitter user named Lesley
Security Patches, Mitigations, and Software Updates
The unlocked backdoor to healthcare data(Help Net Security) The majority of healthcare vendors lack minimum security, which is illuminated by the fact that more than 58% scoring in the "D" grade range for their culture of security
How old are today's networks?(Help Net Security) The percentage of aging and obsolete devices in today's corporate networks around the globe is at its highest in six years, signaling that the global financial crisis of recent years may still have a lingering effect today, according to Dimension Data
Why A Secured Network Is Like The Human Body(Dark Reading) It's time to throw away the analogies about building fortresses and perimeter defenses and start to approach InfoSec with the same standard of care we use for public health
CACI eyes the market for more acquisitions(Washington Business Journal) It's been about seven months since CACI International Inc. borrowed $800 million to fund its Six3 acquisition. Now it's counting how much is leftover for its next deal
IBM, Lenovo Tackle Security Worries on Server Deal(Wall Street Journal) International Business Machines Corp. and Lenovo Group Ltd. are grappling with ways to resolve U.S. security concerns over IBM's proposed $2.3 billion sale of its computer-servers business to the Chinese company. The deal, struck in January, remains in limbo as the U.S. government investigates security issues around IBM's x86 servers, which are used in the nation's communications networks and in data centers that support the
Palo Alto expands RI presence (Jakarta Post) California-based network security firm Palo Alto Networks is expanding its presence in Indonesia to profit from the growing demand for cyber security, not only among business entities but also government institutions
Defense intelligence officials struggle with mobile pilots(Defense Systems) The military services aren't the only organizations in the Defense Department trying to figure out how to use mobile systems and wireless connectivity — intelligence community members such as the Defense Intelligence Agency are also trying to find solutions
Dell Focuses On Security(InformationWeek) Dell made a flurry of security-minded announcements this week, highlighted by improvements to its Dropbox for Business integration
Products, Services, and Solutions
A look at Interflow, Microsoft's threat information exchange platform(Help Net Security) In the last few years, there has been one constant call from almost all participants in the information security community: the call for cooperation. But that is easier said then done — you need to make collaboration mutually beneficial and, above all, easy
Oil & Natural Gas Industry Forms ISAC(Dark Reading) New ONG-ISAC joins existing Information Sharing and Analysis Centers for electricity, water, and other critical infrastructure sectors
When is it a Breach?(securitycurrent) One of the most difficult decisions a CISO has to make is the one that says the organization suffered a data breach
Not All Malware is Created Equally(BankInfoSecurity) Not all malware strains pose equal threats to an organization. So, how does one distinguish the most dangerous forms? Through layered security controls, says Julian Waits, CEO of ThreatTrack Security
Community Banks Gear Up Against Cyber Security Threats(PYMNTS) In a bid to protect banks from the ever-growing cyber security threats, the Federal Institutions Examination Council (FFIEC) has launched a new program to assess the security readiness of 500 community banks against cyber attacks
Research and Development
Cryptographic Proof Paves Way for Nuke-Free World(Sci-Tech Today) A mathematical trick designed by cryptographers could be a key tool in nuclear disarmament. The question was, can you authenticate something without revealing anything about it? After all, nobody wants a foreign inspector seeing how a warhead is made. Mathematicians tinkering with zero-knowledge proofs may have found the answer
Legislation, Policy, and Regulation
German Official: U.S. Spying 'Biggest Strain' in Relations Since Iraq War(Wired) As U.S. and German officials meet this week to discuss privacy and security in the cyber realm, a German official is calling recent revelations of NSA spying on his country the "biggest strain in bilateral relations with the U.S." since the controversy surrounding the 2003 invasion of Iraq
Head of Britain's MI6 spy agency to step down (AP via KTVL CBS News 10) Wanted: Spymaster. Discretion an asset. Britain's MI6 intelligence agency announced Thursday that director John Sawers will leave in November at the end of his five-year term. MI6 says the recruitment process for Sawers' successor will begin soon
Senate panel passes procurement, cyber reform bills(Federal Times) The Senate Homeland Security and Governmental Affairs Committee passed several bills June 25 that would reform agency IT spending and IT project management — and save the government money, according to proponents
The Tech Trends Making Government Smarter(Forbes) The public sector is often the last to adopt big tech trends. Change tends to arrive slowly in government, especially in organizations without much dedicated IT staff. Unfortunately, that can mean missing out on the cost savings and civic engagement new technologies offer
Two new squadrons coming to Scott(AdvantageNEWS) U.S. Rep. Bill Enyart (D-Illinois) announced the addition of two new cyberprotection squadrons at Scott Air Force Base
SCOTUS Rules That Cellphone Searches Require Warrants(IEEE Spectrum) In a unanimous ruling yesterday the Supreme Court ruled that a police officer must obtain a warrant to search a cell phone. This will likely apply to computer and tablet searches as well, and acknowledges that a phone these days is far more like a file cabinet in a home, which historically cannot searched without a warrant, than a wallet, which can
Why the Supreme Court May Finally Protect Your Privacy in the Cloud(Wired) When the Supreme Court ruled yesterday in the case of Riley v. California, it definitively told the government to keep its warrantless fingers off your cell phone. But as the full impact of that opinion has rippled through the privacy community, some SCOTUS-watchers say it could also signal a shift in how the Court sees the privacy of data in general — not just when it's stored on your physical handset, but also when it's kept somewhere far more vulnerable: in the servers of faraway Internet and phone companies
Massachusetts Supreme Court Rules Defendant Must Decrypt Data(Threatpost) Encryption software has been enjoying a prolonged day in the sun for about the last year. Thanks to the revelations of Edward Snowden about the NSA's seemingly limitless capabilities, security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones and portable drives. But the Massachusetts Supreme Judicial Court put a dent in that armor on Wednesday, ruling that a criminal defendant could be compelled to decrypt the contents of his laptops
NSA Whistleblowers to Testify Before German Parliamentary Committee in July(Dissenter) National Security Agency whistleblowers Thomas Drake and William Binney will testify before a German parliamentary committee on July 3. They both will give testimony as part of an inquiry into details of NSA surveillance in Germany, which have been revealed through news stories based upon documents from NSA whistleblower Edward Snowden
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
INSCOM Cyber Day(Fort Belvoir, Virginia, USA, July 9, 2014) Cyber-industry vendors are invited to participate in the upcoming Cyber Day hosted by the United States Army Intelligence and Security Command (INSCOM), located at Ft. Belvoir. U.S. Army Cyber (AR Cyber)...
2nd Annual Oil & Gas Cyber Security Conference(Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT...
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
SHARE in Pittsburgh(Pittsburgh, Pennsylvania, USA, August 3 - 8, 2014) LEARN: Subject-matter experts and practitioners are on-hand at SHARE events to discuss major issues facing enterprise IT professionals today.
FOCUS: SHARE provides leading-edge technical education on a variety of topics. Whether you are an IT manager, IT architect, systems analyst, systems programmer or in IT support, SHARE offers focused sessions to benefit all job roles.
ENGAGE: At SHARE events, you will experience a wide variety of formal and informal networking opportunities that encourage valuable peer-to-peer interaction...
Passwords14(Las Vegas, Nevada, USA, August 5 - 6, 2014) Passwords is the first and only conference of its kind, where leading researchers, password crackers, and experts in password security from around the globe gather in order to better understand the challenges...
BSidesLV 2014(Las Vegas, Nevada, USA, August 5 - 6, 2014) We have an amazing array of speakers each year, covering topics such as Penetration Testing, Forensics, Incident Response, Risk, and everything in between. We have a Lockpick Village, the Squirrels in...
4th Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 5 - 6, 2014) The Information Systems Security Association (ISSA) — Colorado Springs Chapter and FBC, Inc. will co-host the 4th Annual Cyber Security Training Forum (CSTF). CSTF is set to convene from Tuesday August...
DEF CON 22(Las Vegas, Nevada, USA, August 7 - 10, 2014) The annual hacker conference, with speakers, panels, and contests. Visit the site and penetrate to the schedules and announcements.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.