Anonymous Ukraine claims it's published "more than 800 million credit cards" (Risk Based Security says 955,579). Most of the data belong to Russian Visa, Mastercard, American Express, and Discover cardholders. Anonymous Ukraine doesn't claim, at least for now, any particular political objective.
The threat to Windows XP manifests itself in exploits. Symantec finds "Plotus," crimeware that enables thieves to steal cash from compromised ATMs running XP. The theft is initiated by SMS.
The Gameover Zeus Trojan, specializing in web injections for man-in-the-browser attacks, has been detected pursuing consumers of online employment services. Jobseekers using both CareerBuilder and Monster are affected.
Exploitation of the Microsoft Word/Outlook zero-day continues. Users are advised to apply Microsoft's (quickly developed) mitigation.
Analysts have speculated at length (and sometimes informatively) on hacking as a possible cause of the loss of flight MH370. It's appropriate, however, to temper fear of avionics hacking with a realistic appraisal of the risks. Boeing, which has obviously thought a lot about that risk, explains why a cyber attack on an airliner is a very difficult proposition.
Symantec finds a worm, "Linux.Darlloz," infesting the Internet-of-things.
Malware infection rates vary worldwide, but the Middle East's run high.
RAND's cyber threat study prompts somber reflection on how black markets keep criminal innovation inside defensive OODA loops. The problem's not new: a 2008 NRAC report explains how it works.
Attack information sharing remains too aspirational, but a new anonymization engine seeks to change that.
In the US, President Obama announces his proposed electronic surveillance reforms.
Today's issue includes events affecting China, Egypt, European Union, Germany, Iraq, Japan, Palestinian Authority, Pakistan, Russia, Syria, Ukraine, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Potential 7 Million Credit Card Details Leaked(DATALOSSdb) The last couple of weeks have seen tensions rising between Russia and Ukraine, and along with it an increase in computer crime. Sometime earlier this morning, a post allegedly by Anonymous Ukraine has claimed to have published "more than 800 million credit cards" by releasing four archives: Visa, Mastercard, American Express, and Discover cards. Based on the initial analysis by Risk Based Security, the number appears to come to a total of 955,579 cards
Three Things You Should Know About the Syrian Electronic Army(Bloomberg) For the past three years, cyber-security research firm IntelCrawler has studied the Syrian Electronic Army using a combination of operatives, underground sources and public information. The result? A 94-page report that is among the most comprehensive studies of the prominent hacking group's activities
New Malware Named Ploutus: Cybercriminals Steal Cash from ATMs(ClickSSL) A leading Security Certificate Authority named Symantec has detected a new malware which can steal cash from ATM machines. When Microsoft declared that support for windows XP will cease from April 8, 2014, every bank started to worry about the security of their ATMs. In the world of cyber culprits, hackers are inventing new techniques everyday to steal confidential information and money of companies and internet users. Symantec recently find out an ATM malware named "Backdoor.Ploutus.B" that works on a single SMS pattern in which, attacker sends a simple SMS to compromised ATM and can easily collect the cash. This technique is currently in use by attackers across the world. Below is an image showing that how an attacker withdraw cash from an ATM using a phone
Gameover ZeuS now targets users of employment websites(Help Net Security) Some newer variants of the Gameover Zeus Trojan, which is exceptionally good at using complex web injections to perform Man-in-the-Browser (MITB) attacks and gain additional information about the victims to be used for bypassing multi-factor authentication mechanisms and effecting social engineering attacks, has been spotted targeting users of popular employment websites
New worm infects thousands of IoT devices, mines cryptocurrency, warns Symantec(FierceITSecurity ) A new type of malware, first discovered in November, is infecting Internet of Things, or IoT, devices in order to mine cryptocurrency, according to computer security company Symantec. The worm, known as Linux.Darlloz, takes advantage of the tendency not to change access restrictions on IoT devices and routers from default factory user names and passwords
ZIP Codes Show Extent of Sally Beauty Breach(Krebs on Security) Earlier this month, beauty products chain Sally Beauty acknowledged that a hacker break-in compromised fewer than 25,000 customer credit and debit cards. My previous reporting indicated that the true size of the breach was at least ten times larger. The analysis published in this post suggests that the Sally Beauty breach may have impacted virtually all 2,600+ Sally Beauty locations nationwide
YouTube has fallen(Bromium) Last year I wrote about our critical state of cyber-security: the barbarians are at the gates, and CISOs must take bold steps forward to adopt new practices to dramatically reduce enterprise insecurity
Middle East Malware Rates Five Times Worldwide Average(InfoSecurity Magazine) At the RSA conference 2014 in San Francisco, Tim Rains, director of Trustworthy Computing at Microsoft, spoke to Infosecurity editor Eleanor Dallaway about the security threat landscape in the Middle East
Disruptive Commercial Technologies(Naval Research Advisory Committee) The internet functions effectively as both an R&D resource and supply chain for irregular forces throughout the world. Commercial technologies pose a real and enduring threat
Healthcare Security: Where's the Hype for HIPAA?(SecurityWeek) I've written a good deal about hype in the past year or so, and how I believe the security industry does itself a disservice by continually playing up issues to serve its own short-sighted purposes. However, it's also been my experience that, for one reason or another, there are segments of the security market that aren't discussed enough. One of those segments is healthcare. While retail breaches continue to dominate headlines (most notably Target), healthcare security issues continue to fly under the radar
Cybersecurity Expert and CIO: Internet of Things is 'Scary as Hell'(CIO via ComputerWorld) The terms "Internet of Things" (IoT) and "connected home" are two of the trendiest buzzwords in the technology world today. And while both clearly offer very real potential, they also introduce their own share of risk, particularly if they're not approached with caution, according to Jerry Irvine, an owner and CIO of IT outsourcing services firm, Prescient Solutions
InvestMaryland Challenge finalists unveiled(Baltimore Business Journal) Four Baltimore startups have made it to the final round of this year's InvestMaryland Challenge. All together, 12 finalists are competing for a $100,000 top prize in four categories — information technology, life sciences, general industry, and cyber security. Cyber startups Light Point Security and Zero Fox, as well as Foodem.com and Staq, are the Baltimore finalists
Tera Group creates swap agreement to hedge bitcoin exchange rate risk(FierceFinanceIT) Tera Group has created a non-deliverable forward swap agreement to hedge the risk of fluctuations in the exchange rate for bitcoin. The agreement has the potential to "open doors" to more bitcoin users who may want to accept bitcoin payments while hedging the risk that the virtual currency will lose value, Tera Group executives say
Defense Department Deploys Secure Cloud Service(InformationWeek)) The Department of Defense (DOD) is rolling out a new cloud computing service as part of its ongoing efforts to trim IT costs and provide more streamlined services to its military and civilian users. The service, called MilCloud, provides an integrated suite of capabilities, including the ability for users to configure infrastructure resources and manage applications on a self-service basis
(Free!) Security Tools you should try(Network World) A whirlwind guide to free network security, anti-virus products. Who doesn't like free stuff? There's a long tradition of free or open-source security tools, and one of the best sites to learn more about them is Security Tools, a running list of what it claims are the 125 best free security tools around
Twitter Bags Encryption Program(TechNewsWorld) While Twitter is concerned with the privacy of its users and protecting them from run-of-the-mill phishing attacks and such, it's unlikely anything it was going to do would protect its users' direct messages from the likes of the NSA, noted Tal Klein, vice president of marketing for Adallom. Moreover, that kind of encryption would very likely crank up the customer complaints
Breach detection systems: Deployment models that detect malware better(TechTarget) Advanced malware has increased the need for organizations to expand their security best practices to include tier-two security technologies. There are many tier-two security technologies; the value of a breach detection system (BDS), which serves as a complementary technology to tier-one security tools, is its ability to detect malware
Network Virtualization: Final Piece of the Private Cloud(Forbes) Server virtualization epitomizes the benefits of abstracting logical IT resources from their physical manifestation. Hypervisors like VMware vSphere or Microsoft Hyper-V create immense efficiencies and flexibility in data centers by allowing previously underutilized equipment to run multiple applications in software-isolated environments. Networks are the next piece of data center infrastructure to get the virtualization treatment and the ensuing products provide comparable improvements in efficiency, versatility and productivity
Tor networks: Stop employees from touring the deep Web(TechTarget) Interest in the deep Web exploded in 2013 as international headlines broadcast the unexpected reach of National Security Agency's mass surveillance programs, and the made-for-Hollywood story unfolded of the Silk Road website and arrest of its alleged proprietor, "Dread Pirate Roberts"
You want to know who has access to what? Good luck(ComputerWorld) There's a dirty little secret in the computer security world that makes the dream of least-privilege access control very hard to attain: It's often literally impossible to determine who has what level of access to which objects
Password Hashing Competition(PHC (h/t Bruce Schneier)) The Password Hashing Competition (PHC) is an effort organized to identify new password hashing schemes in order to improve on the state-of-the-art (PBKDF2, scrypt, etc.), and to encourage the use of strong password protection. Applications include for example authentication to web services, PIN authentication on mobile devices, key derivation for full disk encryption, or private keys encryption
Moraine Valley to Host Midwest Regional Cybersecurity Competition(Midland Daily News) After months of preparation, the top cybersecurity teams in the Midwest are set to demonstrate their skills on Friday, March 28, 1:30-10 p.m., and Saturday, March 29, 8 a.m.-5 p.m. at the National Center for Systems Security and Information Assurance (CSSIA) housed at Moraine Valley Community College
Former NSA Director: 'Shame On Us'(Der Spiegel) In a SPIEGEL interview, former NSA director Michael Hayden, 69, discusses revelations of US spying on Germany made public in documents leaked by Edward Snowden, surveillance against German leaders and tensions between Berlin and Washington
Rand Paul takes some credit on NSA plan(Politico) Sen. Rand Paul on Tuesday praised reports that President Barack Obama is moving toward ending the National Security Agency's bulk collection of Americans' phone data, saying he's willing to take some credit
The real losers in NSA's hacking of Huawei(FierceCIO: TechWatch) The National Security Agency reportedly hacked into the networks of Huawei Technologies, stealing product source code and monitoring the communications of company executives. This startling revelation was jointly unveiled over the weekend by The New York Times and the German newspaper Der Spiegel, drawn once again from the huge trove of data leaked by former NSA contractor Edward Snowden
Director of national intelligence wins 'worst open government' prize(Seattle Post Intelligencer) James Clapper, the Obama administration's director of national intelligence, is winner of this year's Rosemary Award, given out for the "Worst Open Government Performance of 2013" by the National Security Archive at George Washington University
In Age of Cyber Strikes & Sanctions, Will Only US Ground Forces Deter Putin?(Intercepts) Cyber strikes. Sophisticated sanctions. In an ever-more technologically and economically connected world, the US national security apparatus increasingly talks about and employs these "new" tools of conflict. But will either work against an adversary/irritant who still moves his forces via freight rail? One influential Washington think tank says no
Rise in security clearances worries OMB(FierceGovernmentIT) The large number of individuals ruled eligible for a security clearance is risky and costly, the Office of Management and Budget warned in a recently released report
Human Resources Command stands up Cyber Branch(Army News Service) U.S. Army Human Resources Command established a provisional Cyber Branch Thursday, to provide career management, development and readiness to the Army's cyber forces
Japan establishes cyber defence unit(Jane's Defence Industry) The Japanese Ministry of Defense (MoD) established a Cyber Defence Unit (CDU) on 26 March to detect and respond to attacks on the MoD and the Japan Self-Defense Forces
Litigation, Investigation, and Law Enforcement
Why NSA spying is breaking UK law(ComputerWeekly) The show is over. The fat lady has finally sung. The fat lady, in this case, is a former White House lawyer, Rajesh De, now the senior legal counsel for the US National Security Agency
Petitions call on U.S. government to leave Snowden alone(PCWorld) U.S. President Barack Obama's administration should reverse its decision to suspend the passport of U.S. National Security Agency leaker Edward Snowden and end its efforts to prosecute him as policymakers push to change the programs he exposed, a group of activists said
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Veritas 2014(, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...
Black Hat Asia(, January 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four...
SEC Cybersecurity Roundtable(Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies,...
Cyber Security Management for Oil and Gas(, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...
Financial Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax...
ISSA Colorado Springs — Cyber Focus Day(Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).
CyberBiz Summit(Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday,...
Cyber Saturdays(Laurel, Maryland, USA, March 29, 2014) Are you a community college student with an interest in network security or information assurance? Would you like to test your skills in a fast-paced game environment? If so, one if Capitol College's upcoming...
Interop Conference(, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.
SyScan 2014(Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...
NSA Hawaii(, January 1, 1970) Be a part of the 2nd Annual Information Technology Expo set to take place at the new National Security Agency (NSA) Regional Operations Center in Wahiawa, HI. The event is being sponsored once again by...
InfoSec World Conference & Expo 2014(, January 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
IT Security Entrepreneurs Forum (ITSEF) 2014(, January 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community...
SOURCE(, January 1, 1970) The purpose of SOURCE Conference is to bridge the gap between technical excellence and business acumen within the security industry. SOURCE fosters a community of learning where business and security professionals...
Women in Cybersecurity Conference(, January 1, 1970) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
Suits and Spooks San Francisco(, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss...
East Africa Banking and ICT Summit(Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...
InfoSecIndy(Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.