Russian intervention in Crimea becomes increasingly aggressive and lethal, but little new on the cyber front. One sidelight: a University of Illinois internal investigation dismisses suspicions that the university's servers had been hacked to deliver information operations support for Russian-supported Crimean secession from Ukraine. So a negative result, but an interesting illustration of how cyber conflict fears spread rapidly and globally.
The Syrian Electronic Army continues to claim successful intrusion into US Central Command networks, which CENTCOM continues to deny.
Researchers find a major Linux/Unix exploit circulating in the wild. "Operation Windigo" has hijacked more than 25,000 servers, from which some 500,000 PCs have been attacked daily.
Win-Spy, a commercial-off-the-shelf stealth monitoring tool, has been implicated in criminal attacks on at least one financial institution. The tool is effective against both Windows and Android devices.
Malaysia Air Flight MH370 spawns more phishbait and waterholing lures. The press continues to speculate on the aircraft's disappearance; analysts speculate amid a paucity of evidence that the hijacking (if such it was) was accomplished or supported by cyber means.
Target breach post mortems continue, with lessons drawn for paycard-handling networks.
Avast reports finding that attacks against Windows XP already dramatically exceed attempts on later versions of Windows.
Google patches a Compute Engine bug with the potential to affect Google Cloud.
Despite the manifest advantages of attack information sharing, most organizations remain reluctant to do so, fearing reputational damage or regulatory blowback.
Trustwave acquires Cenzic.
In the US, Senator Wyden again criticizes NSA and CIA.
Today's issue includes events affecting Brazil, European Union, Germany, Malaysia, New Zealand, Russia, Switzerland, Syria, Ukraine, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
No links between University and cyber attack(Daily Illini) An investigation by the University has found no evidence that the computer attacks against the website that served to promote the referendum vote in Crimea, referendum2014.ru, came from the University's campus computer network
Did Syrian Hackers Dig Deep Into U.S. Military Secrets?(Fiscal Times via Yahoo! News) Beware the ides of March, give or take a day. On March 14, the Syrian Electronic Army said it made good on a threat from earlier this month by posting a screen shot of what it says are more than 21,000 documents belonging to U.S. Central Command, also known as CENTCOM, which is responsible for overseeing military operations in the Middle East and other parts of Asia. The screen shot also includes document folders pertaining to several Air Force programs
Commercial RAT Used by Malicious Hackers(InfoSecurity Magazine) Win-Spy is a commercial off-the-shelf (COTS) stealth monitoring tool. "Start Spying on any PC or Phone within the Next 5 minutes," says its website. With such products generally available, why should hackers go to the trouble of developing their own RATs? Indeed, according to a FireEye analysis following an attempted intrusion on a US financial institution, they don't
Windows Spy Tool Also Monitors Android Devices(Threatpost) Win-Spy, a commercial Windows remote administration tool, has added Android monitoring capabilities. Researchers have discovered Win-Spy used in targeted attacks against a U.S. bank
4 Lessons CIOs Can Learn From the Target Breach(CIO) Retail giant Target made headlines after announcing that 110 million Americans were affected by a massive data breach at its stores. If you want to avoid the same fate, pay attention to these four lessons learned in the wake of the Target breach
Sally Beauty payment card data breach confirmed(Help Net Security) International cosmetics retailer Sally Beauty Holdings has confirmed that it has suffered a data breach that resulted in the possible theft of payment card data stored in their systems
Virus nails hospital, causes massive data breach(Government Health IT) No hospital is too small, evidently, to serve as fodder for hackers. The latest hospital cyber-attack is reported by a small-town rural hospital in Colorado. The hospital discovered it had a computer virus that had collected and encrypted patient data in a hidden file system. As a result, some 5,400 patients were mailed breach notification letters on March 17
20 infamous hacker security vendor break-ins(CIO) Companies providing IT security and software have been the target of hackers out to steal source code, compromise products or services, steal customer information or just to make them look foolish. Here are 20 of the most notorious known break-ins over the past decade
Security Patches, Mitigations, and Software Updates
The Windows XP Rundown is Really About Security(infosec island) April 8 is quickly approaching, which as we know means the end of support for Windows XP SP3. Why does anyone care? Well, according to Netmarketshare, Windows XP users still make up approximately 29 percent of the desktop operating system (OS) market. So, with just a few weeks left before the big day, now is an appropriate time to discuss the implications of the end of XP support and explore what the rundown is really all about: security
Oracle: Security concerns stymie BYOD adoption in Europe(FierceMobileIT) Forty-four percent of European companies don't allow employees to bring their own device (BYOD) and 29 percent allow only senior employees to use BYOD, finds the Oracle European BYOD Index. What's more, 20 percent of European businesses have no rules in place for BYOD
Wide Gap Between Attackers, BIOS Forensics Research(Threatpost) Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look for other means onto a system
Cyber attacks on the energy industry(Energy Global) The global energy sector is becoming increasingly vulnerable to cyber attacks and hacking, due to the widespread adoption of internet based or open industrial control systems (ICS) to reduce costs, improve efficiency and streamline operations in next generation infrastructure developments. A new report from Marsh, Advanced Cyber Attacks on Global Energy Facilities, energy firms are being disproportionately targeted by increasingly sophisticated hacker networks that are motivated by commercial and political gain
#SXSW 2014 and the future of digital security(Webroot Threat Blog) Security and privacy were hot topics at this year's SXSW Interactive festival, and deservingly so. While at the event in Austin, Grayson Milbourne had the pleasure of participating on a panel discussing malicious mobile apps, mobile device security and user privacy
Marillyn Hewson: Lockheed Seeks Aviation IT Business Growth Through BEONTRA Buy(GovConWire) Lockheed Martin (NYSE: LMT) has bought airport planning and forecasting tools provider BEONTRA AG for an undisclosed amount
The (ISC)² body of certified information and software security professionals is now accepting nominations for its 2014 US Government Information Security Leadership Awards (GISLA)
Hexis Cyber Solutions Executive Named 2014 CRN Channel Chiefs Award Winner for Second Consecutive Year(MarketWatch) Hexis Cyber Solutions, Inc. (Hexis), a subsidiary of The KEYW Holding Corporation KEYW +3.66% , today announced that John Hopkins, Director of Global Channel Sales for Hexis, was named a winner in the 2014 CRN Channel Chiefs Awards Program for the second consecutive year. The CRN Channel Chiefs are selected by the publication's editorial staff and recognizes executives that are driving an organization's channel strategy and building successful relationships with reseller partners worldwide
Products, Services, and Solutions
Mozilla to stop developing Metro Firefox for Windows 8(FierceCIO: TechWatch) In a surprising turnaround, Mozilla announced the decision to abandon its effort to build a hybrid browser that will compete with Internet Explorer 11 on touch-enabled Windows 8 devices. This was all the more surprising given that the browser was almost two years in the making, with nine dedicated engineers and two product managers at the time of the announcement
Threatglass Tool Gives Deep Look Inside Compromised Sites(Threatpost) Trying to enumerate the compromised sites on the Internet is a Sisyphian task. Luckily, it's not a task that anyone really needs to perform any longer, especially now that Barracuda Labs has released its new Threatglass tool, a Web-based frontend that allows users to query a massive database of compromised sites to get detailed information on the malicious activity and the threats to visitors to those sites
Can data lakes solve cloud security challenges?(CSO) What is a "data lake?" And can enterprises use differing data lakes to address cloud security concerns? "Data Lake" is a proprietary term. "We have built a series of big data platforms that enable clients to inject any type of data and to secure access to individual elements of data inside the platform. We call that architecture the data lake," says Peter Guerra, Principal, Booze, Allen, Hamilton. Yet, these methods are not exclusive to Booze, Allen, Hamilton
Researchers develop algorithm to rapidly track down malicious cyber content(Phys.org) Cyber attacks are the primary domestic security threat facing the United States, FBI Director James Comey told the Senate Homeland Security Committee last year. In our brave new world, traditional warfare is now inextricably linked to economic and cyber warfare. In just one example, cyber strikes have the potential to derail a nation's power grid, causing widespread damage, chaos, and loss of life. That's why surveillance programs must keep one step ahead of the perpetrators to secure civilian networks, cyberspace, and infrastructures essential to daily life
Sponsor ADMI & Help Expand the Minority Workforce in Cybersecurity(PRWeb) In an effort to broaden the talent pool the Center for Systems Security and Information Assurance (CSSIA) recently partnered with the Association of Computer and Information Science/Engineering Departments at Minority Institutions (ADMI) to promote cyber security student skills-based competitions
Teachers are low on the list students turn to when cyberbullied(Globe and Mail) Adopting a zero-tolerance policy may be hurting educators' ability to respond to cyberbullying among their students. That is just one of the findings of a new report that polled 5,436 students across Canada for their thoughts on cyberbullying
Legislation, Policy, and Regulation
As Prepared for Delivery - Remarks of ODNI General Counsel Robert Litt at American University Washington College of Law Freedom of Information Day Celebration(IC on the Record) Thank you, Dan, for that generous introduction, and for inviting me to speak here today. As you know, this is "Sunshine Week," a national initiative to promote dialogue about the importance of open government and freedom of information. Public knowledge about the activities of government is essential to a free and democratic society, and so on his first full day in office President Obama, who has noted our "profound national commitment to ensuring an open government," called upon the entire government to comply with both the letter and the spirit of the Freedom of Information Act. Today I would like to talk to you about the challenges of reconciling that commitment with the secrecy necessary to conduct effective intelligence operations in defense of our national interests
Net neutrality: Industry MEPs want stricter rules against blocking rival services(Help Net Security) Internet providers should no longer be able to block or slow down internet services provided by their competitors, says the Industry Committee which on Tuesday approved rules to protect net neutrality. Under the latest draft EU "telecoms" package legislation, MEPs also voted against "roaming charges", extra costs for using a mobile phone in another EU country. These charges should be banned from 15 December 2015, MEPs say
Litigation, Investigation, and Law Enforcement
The role of the forensic accountant(ComputerWorld New Zealand) The Green Party recently called on the government to sign up to an accord that ensures financial transactions between the government and oil, gas and mineral companies are made public
Germany set to form NSA investigation committee(Turkish Press) The German Federal Parliament has announced a parliamentary committee to investigate how the U.S. National Security Agency carried out surveillance in Germany since 2002 will be formed on Thursday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Saturdays(Laurel, Maryland, USA, March 29, 2014) Are you a community college student with an interest in network security or information assurance? Would you like to test your skills in a fast-paced game environment? If so, one if Capitol College's upcoming...
Suits and Spooks Singapore(, January 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate...
MCT-Congress: Going Mobile with Clinical Trials(Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have...
Cyber Security for Energy & Utilities(, January 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the...
Fourth Annual China Defense and Security Conference(Washington, DC, USA, March 25, 2014) The Jamestown Foundation will hold its Fourth Annual China Defense and Security Conference on March 25 in Washington, D.C. In keeping with the Foundation's mission, the conference will focus on understanding...
Veritas 2014(, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...
Black Hat Asia(, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...
SEC Cybersecurity Roundtable(Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies,...
Cyber Security Management for Oil and Gas(, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...
ISSA Colorado Springs — Cyber Focus Day(Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).
Financial Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax...
CyberBiz Summit(Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday,...
SyScan 2014(Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...
Interop Conference(, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.
NSA Hawaii(, January 1, 1970) Be a part of the 2nd Annual Information Technology Expo set to take place at the new National Security Agency (NSA) Regional Operations Center in Wahiawa, HI. The event is being sponsored once again by...
InfoSec World Conference & Expo 2014(, January 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
IT Security Entrepreneurs Forum (ITSEF) 2014(, January 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community...
Women in Cybersecurity Conference(Nashville, Tennessee, USA, April 11 - 12, 2014) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
Suits and Spooks San Francisco(, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss...
East Africa Banking and ICT Summit(Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...
InfoSecIndy(Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.