Elections in Turkey are accompanied by an unusual degree of rancor in cyberspace, with extensive government Web censorship matched by an upsurge in hacktivism. The Foreign Minister has strong words for the hacktivists: their actions constitute an attack on the Turkish Republic, and may be serving hostile foreign interests.
AnonGhost's Palestinian-sympathizing hacktivists return with an attack on Israel's Ministry of Agriculture and Rural Development.
Pakistan Haxor Crew hits the Pakistani consulate's Jeddah site to protest corruption. Anonymous Ecuador hijacks that country's official presidential Twitter account.
Google engineers tell the audience at BlackHat Singapore that Moroccan journalists are under continuing cyber attack.
WordPress users should beware free "premium" plug-ins: many are malicious.
Webroot finds another black market DIY offering: an on-demand redirector generating service.
Colombian Internet users are hit by a "massive" spam campaign distributing malicious pdfs purporting to be from credit-scoring service Datacredito.
The US Senate committee investigating retail data breaches releases a "kill-chain" analysis of the Target breach.
Security analysts warn that medical IT devices may succeed ATMs as the most worrisome targets of Windows XP hackers.
A presentation at InfoSecurity Europe calls for greater automation of cyber defenses to free scarce engineering talent for tasks requiring human attention. NTT's Global Threat Intelligence Report points to automation gaps, particularly in endpoint security.
Lockheed Martin discusses reorganization; their next moves in cyber will be watched with interest.
As Trustmark drops out of the bellwether suit against Target and Trustwave, Trustwave calls the litigation baseless and promises to fight remaining plaintiffs.
Today's issue includes events affecting Australia, China, Colombia, Ecuador, Germany, Iceland, Israel, Morocco, Pakistan, Palestinian Territories, Saudi Arabia, Switzerland, Turkey, United Arab Emirates, United Kingdom, United States..
Turkey's online censorship just took a sinister Orwellian turn(Quartz) Over the weekend, Google reported that Turkey had intercepted traffic to its public domain name system (DNS) service—part of prime minister Recep Tayyip Erdogan's increasingly draconian crackdown against the social media networks that are being used to distribute damaging information about him
Cyber attack equal to military attack: Davutoglu(Turkish Press) 'This is not an attack to AK Party. This is an attack to Turkish Republic,' says Turkey's FM. Turkish Foreign Minister Ahmet Davutoglu said Friday everybody and everything will be investigated to find the "pawns and the mastermind behind" responsible for eavesdropping of a high-level security meeting
Anonymous Ecuador Hacks Official Twitter Account of Ecuador President(HackRead) The official Twitter account of Ecuadoran president Rafael Correa was hacked last Thursday with several anti-government tweets spammed over the social media. The hacked Twitter account which has 1.45 million followers was found spamming messages against the government, containing links of Anonymous Ecuador's website where official documents and emails uploaded by the hacktivists were published
DIY automatic cybercrime-friendly 'redirector generating' service spotted in the wild — part two(Webroot Threat Blog) Cybercriminals continue actively abusing/mixing legitimate and purely malicious infrastructure, on their way to take advantage of clean IP reputation, for the purpose of achieving a positive ROI (return on investment) out of their fraudulent/malicious activities, in terms of attribution and increasing the average lifetime for their campaigns. Acting as intermediaries within the exploitation/social engineering/malware-serving chain, the market segment for this type of cybercrime-friendly services continues flourishing, with more vendors joining it, aiming to differentiate their UVP (unique value proposition) through a variety of 'value-added' services. We've recently spotted yet another managed/on demand redirector generating service, that's empowering potential cybercriminals
'A' for Angela: GCHQ and NSA Targeted Private German Companies and Merkel(Der Spiegel) The headquarters of Stellar, a company based in the town of Hürth near Cologne, are visible from a distance. Seventy-five white antennas dominate the landscape. The biggest are 16 meters (52 feet) tall and kept in place by steel anchors. It is an impressive sight and serves as a popular backdrop for scenes in TV shows, including the German action series "Cobra 11"
Who's Behind the 'BLS Weblearn' Credit Card Scam?(Krebs on Security) A new rash of credit and debit card scams involving bogus sub-$15 charges and attributed to a company called "BLS Weblearn" is part of a prolific international scheme designed to fleece unwary consumers. This post delves deeper into the history and identity of the credit card processing network that has been enabling this type of activity for years
A "Kill Chain" Analysis of the 2013 Target Data Breach(US Senate Committee on Commerce, Science, and Transportation) In November and December 2013, cyber thieves executed a successful cyber attack against Target, one of the largest retail companies in the United States. The attackers surreptitiously gained access to Target's computer network, stole the financial and personal information of as many as 110 million Target customers, and then removed this sensitive information from Target's network to a server in Eastern Europe
MtGox Lost 'Barely 386 Bitcoins' Due to Cyber Attacks — Not 850,000(International Business Times) A study carried out by the Swiss Federal Institute of Technology in Zurich has concluded that, at most, MtGox lost 386 bitcoins in cyber attacks trying to take advantage of the transaction malleability flaw inherent in the bitcoin source code — not the 850,000 bitcoins its CEO Mark Karpeles claims
University of Wisconsin Hacked(eSecurity Planet) 15,000 students' names, addresses, phone numbers, e-mail addresses and Social Security numbers may have been exposed
Caution: Malware pre-installed!(SecureList) China's leading TV station, CCTV, has a long-standing tradition of marking World Consumer Rights Day on March 15 with its '315 Evening Party'. The annual show makes a song and dance about consumer rights violations. This year's party reported on cases where smartphone distribution channels pre-install malware into Android mobiles before selling them on to unwitting customers. As the program showed, the malware pre-installed is called DataService
Prominent Porn Site Hacked(Nextgov) Users of adult sites often pick up computer infections because the site operators practice poor security hygiene, but the explanation for why malicious code was injected into beeg[dot]com could be different
How Many Patients Will Die Along with Windows XP?(Information Security Buzz) According to NetMarketShare at the end of Feburary, 2014, 30% of all PC users were running Windows XP. Over the past year I've been working closely with a huge medical devices group. Don't have a heart attack (especially if you have a pacemaker running on XP), but based upon what I've learned during that time, I anticipate the percentage of medical devices running on XP is a greater percentage than this. Several months ago many of the medical device manufacturers indicated they also use embedded XP for the GUIs to devices as well as to provide a link to external databases (containing vital medical data collected and used by the devices)
Security Patches, Mitigations, and Software Updates
Unleash security rock stars through automation(InfoSecurity Europe) With analysts stating that there is a 20 year backlog of available cyber-security jobs to be filled, making current resources as effective and efficient as possible is crucial. Today's threat landscape requires specialised skills and analytical agility than ever before. Yet some of the best security talent lies buried, overwhelmed by manual tasks and procedures
NTT Innovation Cyber Security Study Finds Major Gaps(Converge! Network Digest) Network malware detection and purpose-built solutions are absolutely essential for enterprise cybersecurity as endpoint antivirus solutions are failing to catch a surprising amount of malware, according to a newly published Global Threat Intelligence Report (GTIR) from NTT Innovation Institute (NTT I³)
Bit Errors & the Internet of Things(Dark Reading) Internet traffic, misdirected to malicious bitsquatted domains, has plagued computer security for years. The consequences will be even worse for the IoT
Hackers Are Focused On Finding The Vulnerabilities(Information Security Buzz) In October 2013, a public exploit in PHP was disclosed using a vulnerability that was first published in 2012, categorized as CVE-2012-1823. The exploit suggested that PHP, in conjunction with Apache, suffered from command injection vulnerability. Soon after the exploit was released, Imperva's honeypots detected web servers being attacked with this exploit. In the first weeks following this discovery, Imperva recorded as many as 30,000 attack campaigns using the exploit
Even the Innocent Should Worry About Sex-Offender Apps(Quartz) The average citizen may not feel that they have anything to fear from the rise of apps that promise to identify sex offenders in their area but they are part of a worrying trend that should act as a warning about what happens when personal data is flattened out and sliced up into apparently user-friendly services
All of these Baltimore-area cyber security firms are hiring(Baltimore Business Journal) It's you against the bad guys — and technology is your weapon. Finding new and better ways to guard against cyber threats is crucially important these days, and new talent who are up for the challenge are in demand
HHS unveils security risk assessment tool(FierceHealthIT) A new security risk assessment (SRA) tool aimed to help healthcare providers in small to medium sized offices conduct risk assessments of their organizations is now available from the U.S. Department of Health & Human Services
Worldwide cyber threats map goes online in Runet(Voice of Russia) Kaspersky's Lab has launched a new Internet service, which in real time shows cyber threats registered worldwide. According to the company's report, their virtual globe displays malicious objects detected in computers in different parts of the world, triggerings of mail and web anti-viruses, and detected network attacks. You can rotate the globe in different directions, and also draw it nearer of farther
Scrutinizing Auroracoin(Bitcoin Magazine) People at the center of Iceland's tiny cryptocurrency, cryptography, and tech scenes are questioning the good intentions of Baldur Friggjar Odinsson, the pseudonymous creator of Auroracoin. The Litecoin-based coin has become the darling of Western media in recent days thanks to its free "Airdrop" distribution to Icelandic citizens on March 25th, and has been met with great enough demand that Coinmarketcap.com now ranks Auroracoin as the fourth largest cryptocurrency by capital volume
PACK - Password Analysis & Cracking Toolkit (Ethical Hacking) PACK (Password Analysis and Cracking Toolkit) is a collection of utilities developed to aid in analysis of password lists in order to enhance password cracking through pattern detection of masks, rules, character-sets and other password characteristics. The toolkit generates valid input files for Hashcat family of password crackers
Cisco Security Response Team Opens Its Toolbox(Cisco Blogs) Cisco's network is a massively complex environment that requires extensive monitoring and remediation. In today's world of advanced threats and attacks, the company that possesses and positions its tools to preemptively identify and mitigate threats is the one left standing when the dust settles
When Security Tools Cry Wolf(Tripwire: The State of Security) With the recent Target and Nieman Marcus breaches, we have seen that the attacks did not go without detection by the retailers' security tools. However, both cases reveal a larger problem: With the rising number and complexity of security tools at our fingertips, sometimes everything looks like an alert so nothing becomes actionable
5 "Actionable Intelligence" Questions Enterprises Should Ask Before Being Breached(SecurityWeek) From ongoing threat research, to crowd sourcing information, to Big Data analytics, and the list goes on, some security solutions provide mountains of data that are getting higher all the time. And while all of this "intelligence" is important (and potentially overwhelming), enterprises need to take a step back and ask a significant question before they find themselves breached; not after: is the intelligence supplied by our security solution truly actionable?
Industrial Internet Group Launches(EE Times) AT&T, Cisco, GE, IBM, and Intel officially formed the Industrial Internet Consortium (IIC) to accelerate work on areas such as interoperability standards for the Internet of Things in industrial markets. Just what the group will do and when remains a work in progress
Building security around Bitcoin(SC Magazine) Recent news reports have already indicated that as cryptocurrencies such as Bitcoin become more widely used, the risk of a cyber attack also increases. The latest string of stories revealing high-value digital heists of cryptocoins from exchanges, users and service providers has highlighted the ever-present skepticism of the currency's viability as well as its security
A 'cloud first' strategy calls for strong security: Five tips to get there(TechTarget) Security is still a major obstacle for IT when it comes to cloud adoption. That was made crystal clear at the Massachusetts Technology Leadership Council seminar on securing data, availability and reputation in the cloud, which attracted a mix of security, IT, entrepreneurs and business folks. As one attendee succinctly put it, "Why should we trust AWS [Amazon Web Services] when we have no visibility into their other side?"
Having a backup solution doesn't prevent data loss(Help Net Security) Results from a survey of customers who lost valuable computer data shows the majority of consumers and businesses are taking steps to back up their data, but a range of minor oversights rendered those steps ineffective, according to Kroll Ontrack
A digital fortress?(The Economist) Windows is "spyware with an operating system attached" according to the old sysadmin joke. Riddled with unpatched security vulnerabilities ("zero-days") that let criminal hackers and intel agencies take control of the operating system, Windows is a computer security professional's nightmare
Research and Development
The Anatomy Of A Forgotten Social Network(MIT Technology Review) While network scientists have been poring over data from Twitter and Facebook, they've forgotten about Tumblr. Now they've begun to ask how this network differs from the rest
Cyber Security a Hot Spot for Jobs in Lawrenceville(MMGlobalwire) When we saw this story recently about the number of postings for cyber security jobs in Lawrenceville, it made sense. The Washington D.C. area's large government complex, New York City's financial sector, and the Silicon Valley's technology hub are documented targets for cyber incursions aimed at gaining access to key assets and sensitive data
Pennsylvania's charter school funding debate no closer to resolution(TribLive) The contract that ousted PA Cyber Charter School founder Nick Trombetta brokered with its curriculum provider remains in place months after prosecutors indicted the former school chief on 11 counts of mail fraud, bribery, tax conspiracy and filing false tax returns
Legislation, Policy, and Regulation
No clear path to NSA reform on Hill(The Hill) President Obama's proposal to end government collection of Americans' phone records is expected to face a rocky path on Capitol Hill as lawmakers and pressure groups disagree on details and the scope of NSA reform
Obama's proposal on NSA phone records draws support(Los Angeles Times) President Obama's proposal to balance national security and privacy concerns by stopping the government from storing records of millions of phone calls from the U.S. — on condition the data remain accessible from the telecommunications companies — won diverse backing on Sunday
Feinstein Pushes Court Approvals for NSA Phone Searches(Bloomberg) Senate intelligence committee Chairman Dianne Feinstein said she supports requiring court approval for all searches of U.S. telephone records, setting the stage for a legislative fight over how to rein in the powers of the National Security Agency
Two-track minds on security and privacy(Seattle Times) Arguments leveled against Real ID are being recycled to bash the National Security Agency's surveillance program. They inevitably lead to the assumption that the government is up to no good, writes syndicated columnist
Spying for national security in the United States has a price(China Post) The U.S. government is working to restrain intelligence agencies, and Americans should applaud. On March 25, major proposals were announced. The Obama administration seeks to end government bulk collection of phone records by the super-secret National Security Agency (NSA) and require court approval to monitor individual phone numbers
Chuck Hagel Thanks Alexander, Cyber Community for Defense Efforts(American Forces Press Service via the SOP) Defense Secretary Chuck Hagel has paid tribute to retiring Army Gen. Keith B. Alexander, who is stepping down as head of U.S. Cyber Command and the National Security Agency, crediting him with leading key assets in the intelligence community through one of the most challenging periods in history
Hagel, ahead of China trip, urges military restraint in cyberspace(Reuters via the Chicago Tribune) Defense Secretary Chuck Hagel, pushing for openness ahead of a trip to China, said on Friday in an unusual live broadcast from a secretive base the Pentagon would exercise restraint in using the military in cyberspace and urged other nations to do so as well
DoD Looks Within to Build Cyber Force(GovInfoSecurity) Petty Officer First Class Chase Hardison is the future face of the cyberdefenders at the U.S. Cyber Command, the military organization charged with defending Defense Department networks and the nation's critical infrastructure
Did Obama Order a New Cyber Attack?(Foreign Policy) On June 21, 2013, the Chairman of the Joint Chiefs of Staff, Gen. Martin Dempsey, issued a classified order authorizing the military to conduct an operation in cyberspace. That the order came down through the military chain of command, from President Barack Obama to Secretary of Defense Chuck Hagel and then to Dempsey, seems beyond doubt. The question is, did the military actually launch a cyber attack on a computer network — which would be one of the few in documented history — as a result of the order?
Intel Community Loses Key Defender With Rogers's Retirement(Foreign Policy) The retirement of House Intelligence Committee Chairman Mike Rogers sent shockwaves through the intelligence community on Friday, as the powerful Republican from Michigan announced his intentions to quit Congress and pursue a career in conservative talk radio. The decision comes as public trust in America's spies, in particular the NSA, is at an all-time low — making the loss of the one of their staunchest defenders a particularly harsh blow for the beleaguered agencies
Secretary of Homeland Security Supports Cyber Security Proposal(Binghamton Homepage) The nation's first Secretary of the Department of Homeland Security visited Greater Binghamton…Ridge voiced his support for a Hanna proposal that would make Guardsmen with cyber security skills available to local governments in the event of a cyber attack on public infrastructure
Litigation, Investigation, and Law Enforcement
Trustwave plans to fight "baseless allegations" over Target breach (CSO Salted Hash) Last week, Trustmark National Bank and Green Bank NA, filed a complaint in Chicago federal court accusing Target and Trustwave of failing to properly secure customer data, and enabling the theft of 110 million records, including 40 million credit cards
Trustmark Pulls out Of Class-Action Suit Against Target And Trustwave(BH Consulting) Last week I wrote about how two banks — Trustmark National Bank of New York and Green Bank of Houston — had come together to file a class action lawsuit against Target, Inc. in the wake of a data breach at the US retailer which saw 40 million credit cards details, and 70 million other personal details, stolen
Here Comes the Cyber Chill?(Huffington Post) Disturbing news from the legal world this week, as cybersecurity vendor Trustwave was sued because it allegedly "failed to live up to its promises or to meet industry standards," according to an article in CIO Magazine
Court Extends NSA Bulk Data Collection Program for 90 Days(NBC News) The Foreign Intelligence Surveillance Court on Friday approved the government's request to renew for another 90-day cycle the National Security Agency's program of collecting phone call data in bulk — the final time it will do so
Newly Released and Reprocessed Documents Responsive to a Freedom of Information Act Request by the Electronic Frontier Foundation(IC on the Record) Docket Number BR 08-13 March 2, 2009 — Order from the Foreign Intelligence Court (Updated) In light of the compliance incidents identified and reported by the Government, the FISC ordered NSA to seek Court approval to query the telephony metadata on a case-by-case basis…Docket Number BR 09-06 June 22, 2009 — Order (Updated) In response to the Government's reporting of a compliance incident related to NSA's dissemination of certain query results discovered during NSA's end-to-end review, the FISC ordered the Government to report on a weekly basis, any disseminations of information from the metadata telephony program outside of NSA…Docket Number BR: 10-82 November 23, 2010 — Supplemental Order from the Foreign Intelligence Surveillance Court (Newly Released) Supplemental Order issued by the FISC in response to a government request for records concerning an individual target, not an application requesting records in bulk. The order interprets the relationship between the Right to Financial Privacy Act and Section 215 of the USA PATRIOT Act
FTC Settles with Fandango, Credit Karma Over SSL Issues in Mobile Apps(Threatpost) The makers of two major mobile apps, Fandango and Credit Karma, have settled with the Federal Trade Commission after the commission charged that they deliberately misrepresented the security of their apps and failed to validate SSL certificates. The apps promised users that their data was being sent over secure SSL connections, but the apps had disabled the validation process
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
The National Security Agency at a Crossroads(, January 1, 1970) The Intelligence Studies Project is a joint venture of the Strauss Center and Clements Center at the University of Texas at Austin, aiming to encourage policy-relevant academic inquiry into the past, present,...
2014 Honeynet Project Workshop(, January 1, 1970) The 2014 Honeynet Project Workshop is organized by the Honeynet Project and coordinating with CERT Polska under NASK, held in The Adgar Plaza Conference Center in Warsaw, Poland from 12-14 May 2014. The...
Interop Conference(, January 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.
SyScan 2014(Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...
InfoSec World Conference & Expo 2014(, January 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
IT Security Entrepreneurs Forum (ITSEF) 2014(, January 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community...
Defensive Cyberspace Operations & Intelligence Conference(, January 1, 1970) Two days of presentations, workshops, training, and networking on defensive operations and intelligence activities in cyberspace. Speakers from government, universities, and industry will share their insights...
SOURCE(, January 1, 1970) The purpose of SOURCE Conference is to bridge the gap between technical excellence and business acumen within the security industry. SOURCE fosters a community of learning where business and security professionals...
2014 GovCon Cyber Summit(McLean, Virginia, USA, April 9, 2014) The U.S. Computer Emergency Readiness Team (US-CERT) noted that last year federal networks saw a substantial increase in hacking incidents, with 48,000 attacks reported by agencies. In recognition of this...
Women in Cybersecurity Conference(Nashville, Tennessee, USA, April 11 - 12, 2014) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.
NSA Procurement in today's business arena(Elkridge, Maryland, USA, April 16, 2014) An opportunity to gain inside perspective on market trends in NSA Procurement. The guest speaker will be William Reybold, National Security Agency's Deputy Senior Acquisition Executive (SAE), who manages...
Suits and Spooks San Francisco(, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss...
US News STEM Solutions: National Leadership Conference(, January 1, 1970) The STEM crisis in the United States demands solutions—and nowhere is the search more concentrated than at U.S. News STEM Solutions. Now in its third year, this premier national leadership conference is...
East Africa Banking and ICT Summit(Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations,...
InfoSecIndy(Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.
United States Cyber Crime Conference 2014(, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics...
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.