Cyber operations continue to be regarded as a hostile action short of war—more espionage than combat—or so is the upshot of a Christian Science Monitor overview of the Crimean crisis. In this case espionage does appear the right classification, since the most prominent tool deployed (or at disclosed) so far is the cyber-spying framework Snake.
Kaspersky thinks Snake emerged from Agent.btz, whose employment against US Central Command was discovered in 2008. The Register reports Agent.btz's other progeny may include Red October, Turla, Flame and Gaus. US authorities have said they "strongly suspect" Russia's FSB (and so does just about everyone else).
Turkish hacktivists resume protest of a death during Instanbul's Gezi demonstrations with defacement of a key Prime Ministerial advisor's official Twitter account.
Flight MH370's disappearance remains mysterious, and speculation inevitably turns to the possibility that a cyber attack brought the aircraft down. ITProPortal admits, properly, that such speculation is at best based on a priori possibility (at worst on paranoia), but then gives a useful lay summary of commercial air's attack surfaces.
Azimuth Security reports that Apple iOS 7 suffers from a weak random number generator that "threatens kernel exploit mitigations."
A researcher believes he's found a backdoor in Samsung Galaxy devices.
WhatsApp dismisses reports of vulnerabilities as overblown.
Lockheed Martin acquires Industrial Defender, a commercial cyber play.
US Senator Feinstein's sharp accusations of CIA finagling with Senate networks (including claims of Presidential involvement) await the Administration's answer. Bills to restrict surveillance gain in the US House.
Today's issue includes events affecting Canada, China, Germany, Italy, Kazakhstan, Latvia, Lithuania, Malaysia, Netherlands, Poland, Romania, Russia, Spain, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States..
Agent.BTZ Malware May Have Served as Starting Point for Red October, Turla(Threatpost) Researchers looking into the recently uncovered Turla, or Snake, cyber espionage campaign have discovered some similarities connecting it to older pieces of malware such as Agent.btz, the worm that several years ago infected U.S. military networks and eventually caused the Department of Defense to ban the use of USB drives. However, there is not enough evidence to suggest that the two pieces of malware were created by the same authors, researchers say
Samsung Galaxy backdoor discovered that enables remote read/write access(Neowin) One of the major issues with closed source operating systems is that there is no independent code review: you can never truly tell what is happening. Backdoors that have been placed in a device, maliciously or otherwise, could allow an attacker to have the power to wreak havoc on an unsuspecting victim
Malicious Messages Foray Facebook(Malwarebytes Unpacked) In yet another method for cyber criminals to utilize the world's most popular social networks for their own nefarious purposes, it appears a trojan is circulating through Facebook, stealing accounts and (probably) taking creds
Account-hijacking Trojan spreads via Facebook messages(Help Net Security) Private messages delivering what seems to be an image are spreading like wildfire on Facebook, as the file in question triggers the download of a Trojan that compromises the victims' computer and Facebook account to spread the malware further
Facebook security and privacy pitfalls(Help Net Security) In this interview, Andrei Serbanoiu, Online Threats Researcher at Bitdefender, discusses Facebook security and privacy pitfalls, the dangers of sharing on the social network, and offers insight for CISOs
WhatsApp Says Reports Of Security Flaw Are 'Overstated' And Not Accurate(TechCrunch) WhatsApp — the popular messaging app with 465 million users acquired by Facebook for $19 billion last month — came under fire earlier this week after tech consultant Bas Bosschert published a blog post explaining how malicious developers can access your messages via the microSD card, and the post went viral
Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It(BloombergBusinessWeek) The biggest retail hack in U.S. history wasn't particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target's (TGT) security and payments system designed to steal every credit card used at the company's 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper's credit card number, and store it on a Target server commandeered by the hackers
What Justin Bieber's Twitter Hack Teaches Us About Social Media Security(Forbes) Justin Bieber's 50 million follower strong Twitter account was hijacked briefly a couple of days ago and now that the dust has settled it seems like a good opportunity to review how these attacks happen and what all of us (pop stars included) should learn about Twitter security. I'll briefly recount the attack, but if you just want the advice skip to the later section of this article for the top Twitter (and general social media) security tips
UM data breach slightly smaller than thought(Baltimore Sun) A cyber attack at the University of Maryland, College Park, affected 21,499 fewer people than originally thought after an analysis revealed the database contained some incomplete and inaccurate data, university officials said Wednesday
Police Ransomware threat of huge Fine forced Family to Commit Suicide(The Hacker News) Till Now we all have heard about the Ransomware Malware that encrypts your files or lock down your computer and ask for a random amount to be paid in a specified duration of time to unlock it, but this cyber threat has forced somebody for the terrible murder and suicide. It's true! This could be an extent of Ransomware that has marked its history by someone's blood
Anatomy of a Control Panel Malware Attack, Part 1(TrendLabs Security Intelligence Blog) Recently we've discussed how Control Panel (CPL) malware has been spreading in Latin America. In the past, we've analyzed in some detail how CPL malware works as well as the overall picture of how this threat spreads. In this post, we shall examine in detail how they spread, and how they relate with other malicious sites and components
Security Patches, Mitigations, and Software Updates
IE zero-day flaw shows kinks in Microsoft patching(CSO via NetworkWorld) The speed at which cybercriminals exploited an Internet Explorer vulnerability discovered in mid-February and finally patched Tuesday demonstrates the snags in Microsoft's security update system
Chrome Releases(Google Chrome Team) Stable Channel Update: The Stable Channel has been updated to 33.0.1750.149 for Windows, Mac, and Linux
About the security content of Apple TV 6.1(Apple Support) This document describes the security content of Apple TV 6.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website
About the security content of iOS 7.1(Apple Support) This document describes the security content of iOS 7.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website
Yahoo Mail Security Strengthened on iOS 7.1 Devices(Softpedia) Internet giant Yahoo is offering an updated version of its Mail app for iPhone and iPad customers who downloaded the latest firmware version from Apple this week. The security-centric update deals with image blocking, according to the release notes
Why You Should Embrace Surveillance, Not Fight It(Wired) I once worked with Steven Spielberg on the development of Minority Report, derived from the short story by Philip K. Dick featuring a future society that uses surveillance to arrest criminals before they commit a crime. I have to admit I thought Dick's idea of "pre-crime" to be unrealistic back then. I don't anymore
Is Hollywood the next hacking target for China?(Los Angeles Times) As the movie industry becomes a growing economic force in China, a new report predicts that Hollywood may become the next target for state-sponsored hacking efforts by that country's government
Experts: Filling CISO role just first step for Target security program(TechTarget) Veteran industry chief information security officers said Target Corp.'s decision to create a dedicated CISO role is a good move in the wake of its massive 2013 holiday data breach, but cautioned that filling that role is only the first step toward improving its beleaguered security program
Simpson Snags More Blackstone Work, as Cybersecurity Stays Hot(American Lawyer) The latest noteworthy deal in the expanding cybersecurity sector finds Simpson Thacher & Bartlett advising longtime private equity client The Blackstone Group on its purchase of a majority stake in Denver-based Accuvant from Sverica International, which are being advised, respectively, by lawyers from Holland & Hart and Cooley
Vupen cashes in four times at Pwn2Own(Threatpost) It's become a familiar walk for Chaouki Bekrar. Year after year at the Pwn2Own contest, the controversial Vupen founder is scurried from a small room in the basement of the Sheraton hotel to a suite several floors above. It's a short journey from where a string of zero-day exploits are executed to where formal disclosure is made to the vendor in question. It's also where payment is arranged, and on this day, exclusivity is promised to HP's Zero Day Initiative
Frost & Sullivan Recognizes FireEye With 2014 Global Web & E-mail Content Security Customer Value Enhancement Award(Wall Street Journal) FireEye, Inc. (Nasdaq:FEYE), the leader in stopping today's advanced cyber attacks, has been recognized by Frost & Sullivan with the 2014 Global Web & E-mail Content Security Customer Value Enhancement Award. The award, based on the findings of Frost & Sullivan's Global Research Platform and TEAM research methodology, recognizes how the FireEye virtual machine-based security platform has excelled in addressing the needs of customers looking for protection against advanced cyber attacks
How St. Louis is solving the programmer shortage(ITWorld) Dozens of companies in St. Louis can't hire good programmers. It isn't from lack of trying, or resources: they have the money, the open positions, and the need. The problem in the past has been explained that either they can't find them or don't know where to look. But there is a third possibility: the coders exist, they just need some training to get started. That is where an effort called LaunchCode comes into play
Steve Harris Appointed Dell Federal VP, GM(GovConWire) Steve Harris, a 16-year sales veteran at Dell and an executive in the company's public business group, has been appointed vice president and general manager of the technology maker's federal government organization
Compliance, video portals could shake SharePoint partners(FierceContentManagement) Enterprises have enjoyed a mutually beneficial relationship between developer partners and Microsoft's SharePoint for some time—allowing the nearly ubiquitous software to jive with legacy systems and business-specific tools. But compliance and video updates unveiled at last week's SharePoint Conference in Las Vegas, could unnerve some of the partners on which Microsoft relies
CSG Invotas Offers CISOs A Revolutionary Approach To Threat Mitigation(Information Security Buzz) CSG Invotas offers CIOs and CISOs a revolutionary approach to threat mitigation and eradication. Instead of simply detecting and analyzing intrusions, Invotas provides proven automation and orchestration solutions that respond in real time to cyber attacks. Invotas taps decades of CSG's deep domain expertise in complex automated workflow technologies to dramatically reduce the time it takes to identify an intrusion and take immediate action to protect against attack proliferation
Think Deleted Text Messages Are Gone Forever? Think Again(ComputerWorld) Last month, National Football League special investigator Ted Wells delivered a shocking report about Miami Dolphins player Richie Incognito's bullying tactics aimed at teammate Jonathan Martin. At the heart of the report: More than 1,000 text messages, many of them outrageously explicit, that Incognito and Martin swapped between October 2012 and November 2013
Why Client-Side Encryption Is Critical For Cloud Privacy(Network Computing) The old tale "The Emperor's New Clothes" can be applied to the current state of cloud security. Like the gullible emperor, people rely on cloud services to live their online lives and are too trusting in what companies try to sell. Big cloud companies often market fancy-sounding security and encryption features — like the invisible fabric the emperor could not see but was made to believe was there
How to lock down data in use — and in the cloud(GCN) Security best practices traditionally call for encrypting data in transit, as it moves from one storage locale to another, and data at rest, when it resides in an organization's storage systems
How to protect against unauthorized spying(Help Net Security) In this podcast recorded at RSA Conference 2014, Wayne Thayer, the General Manager of Security Products at GoDaddy and a member of the CA Security Council, discusses how Edward Snowden exposed intelligence operations that have performed unauthorized spying
Contracting Cybersecurity Efforts: Who Is Responsible?(Huffington Post) Siobhan Gorman penned an excellent article in Friday's The Wall Street Journal, discussing how alleged contracting omissions led to a successful cyber attack by Iranian hackers. According to her article, the Navy failed to "require it to provide specific security for a set of Navy Department databases, and as a result, no one regularly maintained security for them"
Quand le RSSI doit s'imposer(Qualys) La mésaventure survenue récemment à la société RSA illustre probablement la difficulté que peuvent rencontrer les RSSI à être mis dans la boucle de certains projets, notamment ceux initiés par le marketing et la communication
How to Keep the NSA From Spying Through Your Webcam(Wired) You already know that laptops, desktop computers, tablets and mobile phones are all at risk of being hacked. But did you know that intruders might use the built-in camera to take surreptitious pictures and videos of you and your surroundings or hijack your microphone to eavesdrop on conversations
Design and Innovation
Big Data's Fading Bloom(Forbes) Nobody would deny that Big Data was one of the most talked about areas in tech last year. And while Big Data was once viewed as the golden child of tech, its bloom is fading in terms of the value that it is able to deliver all on its own. There was a time not that long ago when the focus was on finding, capturing and storing data. But today, the shift in everyone's focus is how to unlock the value from each and every piece of data we can uncover
Quantum physics secures new cryptography scheme(Phys.org) The way we secure digital transactions could soon change. An international team has demonstrated a form of quantum cryptography that can protect people doing business with others they may not know or trust — a situation encountered often on the internet and in everyday life, for example at a bank's ATM
Legislation, Policy, and Regulation
CIA Hack Scandal Turns Senate's Defender of Spying Into a Critic(Wired) It's refreshing to hear Dianne Feinstein express outrage over warrantless and illegal government spying, But sadly to say, there's some dark humor of sorts here, too. Feinstein is perhaps the biggest congressional cheerleader of domestic surveillance, including the telephone snooping
How ferocious is Feinstein's bark?(Fresno Bee) "It is abundantly clear that a total review of all intelligence programs is necessary so that members of the Senate Intelligence Committee are fully informed as to what is actually being carried out by the intelligence community." That was Sen. Dianne Feinstein, D-Calif., the chair of the Senate Intelligence Committee, blasting U.S. spies for not fully informing congressional overseers about one of the more contentious intelligence programs in recent memory. But that wasn't Feinstein talking about CIA interrogations, which was the subject of a blistering tirade on Tuesday that accused the CIA of violating the Constitution
A new, disturbing intelligence target(Charlotte Observer) After revelations that the National Security Agency monitored Americans' phone and Internet use, and that the NSA also spied on close allies like Germany and France, it probably shouldn't be surprising that our intelligence agencies have found another frontier to violate. But it appears our government is spying on itself
Federal Website Security Bill Moves Forward in House(Nextgov) Legislation approved by the House Oversight Committee on Wednesday would require agency chief information officers to vouch to Congress for the security of any new government websites that gather citizens' personal information
NSA has 'industrial scale' malware for spying(Phys.org) The National Security Agency has developed malware that allows it to collect data automatically from millions of computers worldwide, a report based on leaked documents showed Wednesday
FICAM to be applied to the secret network(FierceGovIT) Identity management standards designed for federal unclassfied systems will be tailored for use on secret networks, with full implementation planned for September 2018
DHS Databases Still Not Integrated And Hard To Navigate, Report Says(HSToday) The existing architecture of the Department of Homeland Security's (DHS) myriad databases — known as the DHS Data Framework — which are crucial for the department's many disparate components to perform their primary mission — were found to not be conducive to effective implementation of the "One DHS" policy. This policy was implemented to provide DHS personnel timely access to the relevant and necessary homeland security information they need to successfully perform their duties in protecting the homeland
FEMA's new CISO comes aboard(FCW) Donna Bennett, the Federal Emergency Management Agency's new chief information security officer, started her job on March 10
Canada's military squeezed out of cyber-defence, emails warn(O Canada) Military advisers working on the cyber-security file warned a year ago that the Canadian Forces were on the verge of being pushed entirely out of the realm of cyber-defence, according to internal emails from the military's cyber task force
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Financial Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax...
CanSecWest(, January 1, 1970) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
Nuclear Regulatory Commission ISSO Security Workshop(, January 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce...
ICS Summit 2014(Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset...
Suits and Spooks Singapore(, January 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate...
MCT-Congress: Going Mobile with Clinical Trials(Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have...
Cyber Security for Energy & Utilities(, January 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the...
Veritas 2014(, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...
Black Hat Asia(, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...
SEC Cybersecurity Roundtable(Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies,...
Cyber Security Management for Oil and Gas(, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...
ISSA Colorado Springs — Cyber Focus Day(Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).
CyberBiz Summit(Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday,...
SyScan 2014(Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...
Interop Conference(, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.