Microsoft's out-of-band patch of the recent IE zero-day bug is out, amid fresh reports of attacks exploiting the vulnerability. (Enterprises in the defense, financial, governmental, and energy sectors are reported to be the current targets.) The patch also extends, as an exception to policy, to Windows XP. Ars Technica harrumphs that this is a bad idea ("there will always be one more emergency") but XP clingers will be at least temporarily grateful. US and UK CERTs, who've previously advised everyone to avoid IE until it's fixed, now advise all to patch.
Heartbleed seems to have fallen short of frightening ordinary users to change passwords, the management and remembering of which ordinary users find difficult enough. In what may count as an interesting case of active defense, some security researchers exploit Heartbleed to access black market chat spaces where cyber criminals conduct much of their R&D.
Researchers find that attackers can exploit a "Covert Redirect" vulnerability in the OAuth 2.0 and OpenID to steal personal information and redirect browsing to malicious sites.
Tech in Asia translates and summarizes an interview with a Chinese hacker. His views on the importance of hacking games to the criminal underground are particularly interesting.
Eugene Kaspersky again tells everyone that cyber terrorism is inevitable. Other analysts describe cyber espionage as a tool of state security agencies (with one calling Russian and Chinese services the "Bonnie and Clyde" of cyber space).
A US-German summit is underway: intelligence policy is under discussion.
US court challenges to surveillance mount.
Today's issue includes events affecting Australia, Canada, China, European Union, France, Germany, Israel, Libya, New Zealand, Philippines, Russia, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Microsoft issues fix for IE zero-day flaw amid fresh attacks(ComputerWeekly) Microsoft has issued an emergency security update for all versions of its Internet Explorer browser. The update will patch a zero-day flaw reported on 26 April that has already been used in live attacks… Besides previously observed attacks against the defense and financial sectors, organisations in the government and energy sectors are also facing attack
London warbiking reveals worrying state of Wi-Fi security(Help Net Security) At Infosecurity Europe 2014, IT security company Sophos this week highlighted the worrying state of wireless security in the UK's capital city, when it sent security expert James Lyne and his computer-equipped bicycle onto the streets of London to test how safe homes, businesses, and even people on mobiles phones are from cyber criminals
All About Windows Tech Support Scams(Webroot Threat Blog) Editors Notes: The purpose of this research was to see exactly how this scam is carried out, and the extent to which it is done. DO NOT TRY THIS AT HOME. We used a clean machine, off network, to monitor the activity of the scammer. Have you ever received a phone call from a tech support person claiming to be from Microsoft, and that your Windows based machine has been found to have a virus on it? These cold calls typically come from loud call centers, and are targeting the uninformed and naïve in hopes of gaining access to their individual machines, and ultimately the victim's credit cards
Multi-Brand French Phisher uses EDF Group for ID Theft(Cyber Crime and Doing Time) At the end of January last year, French power company EDF advised the public that they were seeing a significant rise in the number of phishing complaints they were receiving from their customers. An example story in English from The Connexion: EDF customers hit in 'phishing' scam, says that an EDF spokesperson said beginning in August of 2012 they were seeing 20,000 customers per month complaining about the phish and that in January 2013 it had risen to as many as 40,000 customers per month. As many as 200 to 300 new phishing sites per month were being created at that time. This week Malcovery is noticing that the EDF phish are back, with a twist
Hacking China's online games for profit: an interview with a Chinese hacker(Tech in Asia) "PW"—that's not his real name, obviously—has a secret life, kind of like a superhero (or perhaps a super-villain). By day, he's the young prodigy manager of a legitimate software company, the guy who graduated a top Guangzhou college with a triple major and landed a high position at a reputable software firm. The guy whose friends call him a computer god. By night—well, by whenever he feels like it really—he's a hacker, a member of a big hacker QQ group on China that produces all kinds of hacking tools and techniques
Security Patches, Mitigations, and Software Updates
Microsoft Security Bulletin MS14-021 — Critical: Security Update for Internet Explorer (2965111)(Microsoft Security Tech Center) This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights
Microsoft updates IE against latest 0-day, updates also XP(Help Net Security) Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the wild in targeted attacks seemingly directed against US-based defense and financial firms
Cyber spies in disguise: Nation-state(SC Magazine) Espionage has been a fact of life for centuries, but with increased capabilities online, it's spread beyond a narrow core, reports James Hale
The Growing Risk(SC Magazine) Large-scale cyber espionage is not new — it is the methods behind it which are becoming more complex and sophisticated, reports Kate O'Flaherty. The ability to remain anonymous — or at least to raise doubt over the identity of the perpetrator — is seeing cyber attacks take increasing preference over physical means. One incident in March saw Ukraine reported to be under cyber attack following the initial physical takeover of the Autonomous Republic of Crimea
The Wild Cyber West(Townhall) The Bonnie and Clyde of cybercrime, Russia and China, are stepping up their game. In the May issue of Townhall Magazine, where this article originally appeared, Cortney O'Brien explains how U.S. businesses and the federal government are going to have to play better defense
IoT security requirements will reshape enterprise IT security programs(Help Net Security) The power of objects in the Internet of Things (IoT) to change the state of environments — in addition to generating information — will cause chief information security officers (CISOs) to redefine the scope of their security efforts beyond present responsibilities, according to Gartner
Born in the NSA: These former spies are starting companies of their own(VentureBeat) National Security Agency alumni are coming to a tech startup near you. Lots of them. America's largest intelligence agency found itself mired in scandal since contractor Edward Snowden stole and leaked some of its darkest secrets last year. But instead of concealing their backgrounds, many leaving the secretive NSA are proudly promoting their espionage backgrounds
MACH37™ Seeks Security Start-ups for Fall Cohort(Digital Journal) The MACH37™ Cyber Accelerator has officially opened the application period for its "F14" Fall Cohort, which will begin September 2, 2014 in its Herndon, Virginia headquarters. The program consists of an intense 90-day program in which the selected startups are coached in all aspects of creating a sustainable and successful business. Participants receive a $50,000 investment to develop and launch their ideas into the market
Splunk: A Good Way To Benefit From Big Data(Guru Focus) Splunk (SPLK), the company that provides software solutions that provide real-time operational intelligence, has lost 20% of its market capitalization this year. However, Splunk is a big data player and investors can count on the company to deliver in the long run. The company has entered into many partnerships with several leading companies and it could perform well in the future
Splunk: "A business can never have too much security"(ITProPortal) ITProPortal spoke to Splunk's security markets VP Haiyan Song at Infosecurity Europe 2014 about what's new in the security industry, and what the biggest frustrations are when dealing with security vendors
NIKSUN: Ensuring Cybersecurity and Optimizing Network Performance(Silicon india) Increasing network complexity, growing obfuscation techniques, and exploding multimedia traffic volumes are bringing a host of next-generation problems from zero-day exploits, targeted malware and Advanced Persistent Threats (APT), to service level disruptions and Payment Card Industry (PCI) compliance issues. On a granular level, the nature and frequency of cyber attacks are fundamentally changing the cyber security landscape
Risco to protect World Cup stadium in Brazil (Bloomberg BusinessWeek) The Israeli national soccer team's was not good enough to qualify for the World Cup, but Israeli systems will run the security at one of new soccer stadiums that has been built in Brazil. Risco Group reported today that it has completed the implementation of command and control systems and advanced security systems at the Arena Patanal soccer stadium, which was built for the World Cup
Products, Services, and Solutions
AhnLab's MDS: A comprehensive approach to malware management(SC Magazine) AhnLab is no newcomer to the information security market — having been around since 1995. This offering, however, is relatively new. It is backed by a large global company with vast experience in many aspects of information security, cloud-based systems and on-premises tools. I have seen elements of this offering in many other anti-malware tools, though the hallmark of this one is that for every reason one buys individual gateways this tool has it — in one place and under a single pane of glass
CipherCloud Releases Free Cloud Discovery Solution for Enterprises(Talkin' Cloud) California-based cloud security specialist CipherCloud has unveiled CipherCloud for Cloud Discovery, solution that allows enterprises to analyze their cloud applications usage. In addition, enterprises can use CipherCloud for Cloud Discovery to evaluate a cloud application's risk factors and calculate the app's risk score
ManageEngine fortifies enterprise security log analytics(Help Net Security) ManageEngine announced the general availability of new features to its enterprise security log analytics portfolio. EventLog Analyzer, the security information and event management (SIEM) software, now offers complete user audit trails as well as the real-time event correlation and ISO 27001 reporting previously available in beta
Security analytics solution identifies attacks in historic data(Help Net Security) Arbor Networks is showcasing at Infosecurity Europe 2014 its Pravail Security Analytics, whose unique looping capability can be used to identify and establish an attack timeline for the recently disclosed and much discussed Heartbleed attacks
Sophos Cloud manages Windows, Mac and mobile devices(Help Net Security) At Infosecurity Europe 2014, Sophos announced the latest version of Sophos Cloud, the company's cloud-based solution for small- and mid-sized organisations seeking a simpler approach to IT security that still provides world-class protection
Cellcrypt Mobile for Secret™ Completes NIAP Mobility Evaluation(IT News Online) Cellcrypt, a leading provider of encrypted voice and messaging for smartphones and tablets, today announced that its Cellcrypt Mobile for Secret™ product has officially been listed as certified by the National Information Assurance Partnership (NIAP). As part of the Common Criteria evaluation, Cellcrypt selected Cygnacom Solutions, Inc. to perform the validation testing services that were reported to NIAP
Cyber Insurance Protection Availability is Growing(Live Insurance News) At a time in which the headlines involving businesses that have undergone data breaches and other digital attacks are becoming a regular occurrence, American International Group (AIG) has now announced that it will be joining the growing number of insurers that are offering cyber insurance protection
Police use new tool to source crowds for evidence(AP) An annual spring party in a Southern California beach town devolved into a riot last month when revelers turned violent, rocking cars, smashing windows and throwing rocks. Dozens were injured and about 50 people ended up in the hospital, including several police officers
Technologies, Techniques, and Standards
NIST Revises Guide to Use of Transport Layer Security (TLS) in Networks(Targeted News Service Via Acquire Media NewsEdge) Information Technology Laboratory, a sub-agency of the U.S. Department of Commerce's National Institute of Standards and Technology, issued the following news release: The National Institute of Standards and Technology (NIST) has released an update to a document that helps computer administrators maintain the security of information traveling across their networks
Guide to the UK government cyber essentials scheme(Help Net Security) The results of the latest cyber threat reports and surveys have denominated 2013 as the year of major breaches. The media naturally focuses on the big stories of massive data breaches or coordinated state attacks which leave in their wake a trail of lawsuits, customer data losses and political conflicts. However that's not the entire spectrum of the cyber security landscape, nor does it reflect the full damage of attacks in cyber space. The SME landscape has its own perils and it suffers just as much as the large corporate domain. The difference is you don't often hear about it
Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP)(Broadway World) TheCloud Security Alliance(CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today announced the release of two key documents related to the CSA's Software Defined Perimeter (SDP), an initiative to create the next generation network security architecture.The SDP Version 1.0 Implementation Specification and SDP Hackathon Results Report provide important updates on the SDP security framework and deployment in protecting application infrastructures from network-based attacks
Why your access control vendor needs to be familiar with DIACAP(GSN) As you may be aware, the Department of Defense Information Assurance Certification and Accreditation Process, better known as DIACAP, regulates the implementation of risk management for information systems. What you may not know is that not all DIACAP certifications are created equal. Understanding this accreditation process, how the certification is achieved and what it signifies — or working with an integration specialist who has this expertise — will help your agency make the best possible decision in choosing an access control or other security solution
iOS Application Security Part 34 — Tracing Method calls using Logify(Infosec Institute) In the previous articles, we have seen how applications like Snoop-it can trace method calls specific to the application at runtime. This is very important in deducing the flow of the application. The same process can be performed by using a perl script named Logify.pl that comes installed with Theos
Design and Innovation
Special operations forces' communication needs lead to innovation(C4ISR & Networks) Navy Seals, Army Rangers, Air Commandos, and other special operations forces (SOF) rely on network hardware and services to access fresh, accurate intelligence and situational awareness information, often under severe pressure in extreme situations and environments
Fresh meat: a new search for cyber-defenders(Economist) In A hot and noisy bunker room a stone's throw from Downing Street, dozens of people battle a cyber-attack. Programmers huddle around screens, tracking down a virus that has frozen cash machines, online payments and stock flotations. A red-faced man in a suit harangues one sweating coder: "What can I tell the PM?"
Legislation, Policy, and Regulation
Obama, Merkel to meet at White House(USA TODAY) President Obama and German Chancellor Angela Merkel will meet Friday at the White House to discuss their common dispute with Russia, and their own dispute over U.S. intelligence gathering
NSA looms over Merkel-Obama visit(The Hill) German Chancellor Angela Merkel visits the White House on Friday for the first time since news broke that President Obama's spies had snooped on her phone
U.S. and Germany Fail to Reach a Deal on Spying(New York Times) The effort to remake the intelligence relationship between the United States and Germany after it was disclosed last year that the National Security Agency was tapping Chancellor Angela Merkel's cellphone has collapsed, according to German officials, who say there will be no broad intelligence sharing or "no-spy" agreement between the two countries when Ms. Merkel arrives at the White House on Friday
Internet Party to pull plug on Govt spying(Voxy) The Internet Party will pull the plug on out-of-control Government spying by immediately repealing laws which have given the country's spy agency, the Government Communications Security Bureau (GCSB), unprecedented and chilling powers to snoop on Kiwis
China-Australia cyber relations: insights for a cooperative future(The Strategist) Having spent the last week in Beijing meeting with a range of think tanks, government officials and academics, I was struck by the importance our hosts placed upon the relationship with Australia. The concept used most frequently by the Chinese in relation to Australia was as 'the bridge' between China and the US
New NSA chief Michael Rogers: Agency has lost Americans' trust(Politico) The NSA has lost the trust of the American people as a result of the Edward Snowden leaks, and needs to be more transparent to gain it back, the NSA's new director said Wednesday in his first public comments since taking control of the embattled spy agency
Big Data: Seizing Opportunities, Preserving Values(Executive Office of the President ) We are living in the midst of a social, economic, and technological revolution. How we com-municate, socialize, spend leisure time, and conduct business has moved onto the Internet. The Internet has in turn moved into our phones, into devices spreading around our homes and cities, and into the factories that power the industrial economy. The resulting explosion of data and discovery is changing our world
FCC Chairman: Implement NIST Cybersecurity Framework So That We Don't Have To(DigitalCrazyTown) The Chairman of the Federal Communications Commission (FCC) Tom Wheeler today urged the cable industry to get moving on the implementation of the cybersecurity framework released by the National Institute of Standards and Technology (NIST) earlier this year. Speaking at the National Cable and Telecommunications Association (NCTA) annual conference here, Wheeler said that broadband networks are at a critical cybersecurity juncture and that the "more we learn about the challenges of cybersecurity and the costs of failure, the more apparent the importance of addressing it with best efforts, including yours"
German Government Won't Summon Snowden(Wall Street Journal) The German government is opposed to inviting whistleblower Edward Snowden to testify before a parliamentary committee investigating alleged data transgressions by the U.S. National Security Agency, a lawmaker for Chancellor Angela Merkel's party said Thursday. Roderich Kiesewetter signalled in a statement that Berlin would reject calls from opposition lawmakers to invite Mr. Snowden to testify before the committee
When the Evidence is on the Cell Phone(IEEE Spectrum) On Tuesday, the United States Supreme Court heard arguments in two cases in which information found on cell phones, obtained by searching those phones without a warrant, led to convictions: United States v. Wurie and Riley v. California. At issue is whether the Fourth Amendment's rules on unreasonable searches and seizures apply to cell phones
Lives Destroyed by Identity Theft and Data Breaches(Canada Free Press) Identity thieves have victimized 12.6 million Americans in 2012 to the tune of nearly $21 billion. Eighteen percent of all Federal Trade Commission complaints received that year involved identity theft
Private investigator hit with £89,000 penalty(Information Commissioner's Office) A man who ran a company that tricked organisations into revealing personal details about customers has today been ordered to pay a total of £20,000 in fines and prosecution costs, as well as a confiscation order of over £69,000 at a hearing at Isleworth Crown Court
Philippines police and Interpol smash cyber extortion network(iNews China Daily) Philippine police, backed by Interpol, have arrested dozens of suspected members of an online extortion syndicate who duped hundreds of victims worldwide into exposing themselves in front of webcams, including a Scottish teenager who committed suicide after being blackmailed, officials said on Friday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
United States Cyber Crime Conference 2014(, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics...
Infosecurity Europe 2014(, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000...
Cyber COMSEC and IT Day at Fort Huachuca(, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas,...
STEM Café(Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect...
cybergamut Technical Tuesday: Malware Reverse Engineering(Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending...
US Secret Service Cybersecurity Awareness Day(Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to...
SANS Security West(, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...
HackMiami 2014(Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
Eurocrypt 2014(, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
CyberWest(Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Cyber Security for National Defense Symposium(, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...
FOSE Conference(Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government,...
INFILTRATE(, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
Security BSides Denver 2014(Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.