Recorded Future thinks it discerns synchronization of Russian offensive cyber operations with Ukraine's debt service schedule, which would augment pressure exerted through Ukrainian natural gas imports. The 2008 Georgian incursion, combining as it did both cyber and "kinetic" operations, continues to serve as a template for analysts watching Russian involvement in the increasingly lethal Ukrainian crisis. (And Latvian officials seem to fear their country is next—watch for cyber rioting as battlespace preparation.)
The VRT Blog's Snorters offer a useful overview of CVE 2014-1776 Internet Explorer exploits.
OAuth and OpenID, shown susceptible to redirection late last week, should be approached with caution, particularly in social media. Observers dispute whether "Covert Redirect" actually counts as a vulnerability—many analysts are calling it a "weakness"—and it seems clear that it's not in the same class as Heartbleed. (The discovery of Covert Redirect also occasions some useful discussion of where responsibility for security properly lies.)
Accelerometers are found easily susceptible to device fingerprinting, which reveals the possibility of a new covert tracking modality.
An overview of the "darknet" offers a glimpse into the black market's R&D infrastructure.
OpenDNS Security Labs thinks generic Top-Level Domains are inherently vulnerable to exploitation, largely because of their relative novelty.
Fresh reports of maritime vulnerability to cyber attack appear.
A CSO piece announces a deathwatch for encryption. It's overstated, but the "algorithm arms race" discussion is interesting.
Target's CEO falls to Target's data breach. Symantec announces a shift away from antivirus to attack mitigation solutions. Huawei wants to be "European."
Today's issue includes events affecting Australia, China, Costa Rica, Cuba, Georgia, Germany, Panama, Russia, Ukraine, United Kingdom, United States..
Anatomy of an exploit: CVE 2014-1776 (Snort VRT Blog) When the Internet Explorer 0-day CVE 2014-1776 was announced, we turned to our intelligence feeds for more information. In the course of taking it apart we found a few things that were quite interesting that we wanted to share
Researchers Say Accelerometers are Perfect for Pervasive Tracking(Threatpost) Minute manufacturing imperfections in popular accelerometers cause that hardware to emit uniquely identifiable data that could give third parties the ability to single out specific mobile devices, regardless of any privacy protections deployed on them
The Cyber Threat Industry: Lurking Into the Darknet(The Cutting Edge) Deep in shadowy chat rooms, where normal users never visit, there's an entirely different world. Its denizens conduct their business secretly, keeping their distance from journalists and information security experts who try to meddle in their affairs. This business has rules of its own — the collection of forums and websites we call "darknet". The tracks of every virus and malware that threaten innocent users lead there
Attack Prediction: Malicious GTLD Squatting May Be the Next Big Threat(Open DNS Security Labs) Late last year, ICANN began expanding the generic Top-Level Domains (gTLDs). In addition to the standard .COM, .ORG, and .NET TLDs, over 1,300 new names could become available in the next few years. These new gTLDs and internationalized domain names (IDNs) are awesome ideas if you think about the creativity sparked around the names one can possibly register
Coin Mining DVRs: A compromise from start to finish.(Internet Storm Center) We talked before about DVRs being abused as bitcoin (or better Litecoin) mining bots. As part of my "IoT Honeypot Lab", I started adding a DVR to see how long it took to get compromised. The DVR was installed "as purchased" and port 23 was exposed to the internet
Social Engineering: The Basics(CSO) What is social engineering? What are the most common and current tactics? A guide on how to stop social engineering
Anti-piracy group warns about malware-riddled sites — fair, or scaremongering?(Naked Security) A UK body battling online media piracy has released a rather stark warning about "bogus content" on sites providing access to pirated films and TV shows, claiming that 97% of such sites feature either malware or scams, and 3 out of 4 people who use these dodgy services subsequently suffer "problems with their device"
Bulletin (SB14-125) Vulnerability Summary for the Week of May 5, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Adobe Enhances Security in ColdFusion 11(SecurityWeek) Adobe has released ColdFusion 11, the latest version of its Web application technology that enables organizations to build and deploy web and mobile enterprise applications
Cybersecurity may be going the way of country music(Nextgov) Late last year Entertainment Weekly writer Grady Smith compiled the YouTube video Why Country Music Was Awful in 2013, explaining "so much of what's on the radio these days sounds exactly the same!" I'm an old school country music fan (my husband likes to say I'm so old school I listen to both country and "western" music) so when I saw that video, it confirmed my thoughts on a lot of today's music
11 reasons encryption is (almost) dead(CSO) Everyone who has studied mathematics at the movie theater knows that encryption is pretty boss. Practically every spy in every spy movie looks at an encrypted file with fear and dread. Armies of ninjas can be fought. Bombs can be defused. Missiles can be diverted. But an encrypted file can only be cracked open with the proper key — and that key is always in the hands of a dangerously attractive agent hidden in a sumptuous hideout on the other side of the world
Procera Networks Awarded Business Valued at Approximately $3.5 Million From Two New Tier 1 Service Providers in APAC(Wall Street Journal) Procera Networks, Inc. (NASDAQ: PKT), the global Internet Intelligence company, today announced it was awarded approximately $3.5 million of business from two Tier 1 service providers that represent new customers in the Asia Pacific region. The operators selected Procera's PacketLogic™ platform and displaced a long-term incumbent vendor to deliver a better subscriber experience. The operators conducted thorough evaluations and selected Procera's PacketLogic platform for its ability to deliver the high capacity required to scale network performance above 100Gbps today, and to continue scaling over the next few years. The awarded business is expected to benefit revenue in 2014
MOVE your cybersecurity, green technology, IT or life science business HERE(Montgomery Economic Development) The MOVE Program is a recently-announced initiative from the Montgomery County Department of Economic Development created to get you to take a serious look at Montgomery County, Maryland and the variety of great commercial office space available to YOUR business right NOW
Huawei CEO says not surprised by U.S. spying reports(Reuters via the Chicago Tribune) The founder of China's Huawei Technologies Co Ltd said media reports that the U.S. National Security Agency (NSA) was spying on his company came as no surprise, and they would not damage its reputation among its customers
Security Pro File: IT Risk Manager Julie Fetcho(Dark Reading) The skills women are traditionally encouraged to cultivate — like communication and relationship building — are becoming more valuable to the security field, says Julie Fetcho, who leads TIAA-CREF's IT risk governance team
VCW Security is First to Distribute Cloud-Based CYREN WebSecurity Service in UK(IT Business Net) CYREN (NASDAQ: CYRN), a leading provider of cloud-based security solutions, today announced that a new distribution partnership with VCW Security, a leading UK distributor of IT security products and solutions. Under the agreement, VCW Security will offer the CYREN WebSecurity service via their network of resellers
Tenable Network Security Wins Best Vulnerability Management Solution at SC Magazine Europe 2014(MarketWatch) Tenable Network Security, Inc. , the leader in real-time vulnerability, threat and compliance management, has been named Best Vulnerability Management Solution at SC Magazine Awards Europe 2014. Tenable SecurityCenter Continuous View™ was recognised for providing the best vulnerability assessment for physical, virtual, cloud and mobile assets using active or passive testing
An Inside Look at ProtonMail: End-to-End Encrypted Email(Cryptocoins News) Bitcoin users are no strangers to cryptography. After all, Bitcoin wouldn't even exist without it, since cryptography prevents double spending and allows the network to verify ownership of coins. Of course, the primary purpose of cryptography has always been secret communication, and a new service called ProtonMail is offering exactly that
Observations from Key-logged Passwords(Internet Storm Center) I recently had the opportunity to look at a sample of key-logged passwords collected from compromised machine over a period of 4 years. I wanted to share some of the takeaways, since I'm not comfortable sharing too many of the details
How to Buy Static Analysis Tools(eSecurity Planet) Static analysis tools can help software developers produce more secure applications. Here is what you need to know when evaluating such tools for your organization
TEMA leads first responders in cyber attack exercise(Tullahoma News) Imagine not being able to use a cell phone, access the Internet or communicate with family members. That was the scenario Friday during a "cyber attack" exercise sponsored by the Tennessee Emergency Management Agency (TEMA) and held at the Tennessee Fire and Codes Academy in Bell Buckle
5 Bitcoin Projects That Could Make Payments Far More Anonymous(Wired) Some believe that bitcoin's anonymous properties are a bug, not a feature. This past January, New York financial regulator Benjamin Lawsky called for a crackdown on software that anonymizes transactions in the online digital currency, saying it will merely help criminals evade law enforcement. And one of the currency's biggest supporters, venture capitalist Marc Andreessen, believes bitcoin will truly thrive only after it shrugs off anonymity protections
Going Back To (Cyber) School(Forbes) Academia is acquiring an interest in cyber education on many fronts. Not likely to crank out cyber warriors at anywhere close to the rate needed to meet current demand, they are nonetheless anxious to participate in a real trend
DOD Center pioneers first-ever strategic cyber course(DVIDS) Cyber policy, strategy development, Internet governance and a host of other top-level issues surrounding the cyber domain will get their own program at the George C. Marshall European Center for Security Studies starting in December
Legislation, Policy, and Regulation
Merkel not ready to say trust restored after NSA spying affair(Oman Daily Observer) Chancellor Angela Merkel made it clear in Washington that Germany has not yet forgotten last year's revelations of National Security Agency (NSA) spying. Asked in a press conference whether she felt trust had been restored in the wake of the affair, Merkel said: "I think the whole debate…has shown that the situation is such that we have a few difficulties yet to overcome"
Congress revives cyber legislation(Federal Times) Lawmakers on Capitol Hill consistently failed over the past two years to pass cybersecurity legislation, but that won't stop them from trying again: The latest round of proposed cyber laws emerged earlier this week from the Senate Intelligence Committee
Congress should help DHS and DoD guard against domestic cyber attack(The Hill) The United States Government must rethink its domestic cyber defense strategy. Even though the Departments of Homeland Security (DHS) and Defense (DOD) have the nominal lead in defending America from cyber-attack, no federal agency has been tasked to protect key infrastructure during a significant cyber incident. Treating cyber disasters far differently from physical ones is a mistake because it deprives the country of a powerful resource, the National Guard. The upcoming National Defense Authorization Act (NDAA) is the perfect opportunity to remedy this situation
In Surveillance Debate, White House Turns Its Focus to Silicon Valley(New York Times) Nearly a year after the first disclosures about the National Security Agency's surveillance practices at home and abroad, the agency is emerging with mandates to make only modest changes: some new limits on what kind of data about Americans it can hold, and White House oversight of which foreign leaders' cellphones it can tap and when it can conduct cyberoperations against adversaries'
Reforming the NSA: How to Spy After Snowden(Foreign Affairs) The long-running debate over the tradeoffs the United States should make between national security and civil liberties flared up spectacularly last summer, when Edward Snowden, a National Security Agency contractor, handed journalists a huge trove of heavily classified documents that exposed, in excruciating detail, electronic surveillance programs and other operations carried out by the NSA
Why Ignoring the NIST Framework Could Cost You(Huffington Post) Last week, the much anticipated (at least in the, let's face it, relatively small and quirky circles that pay attention to this stuff) NETmundial meeting on the future of Internet governance wrapped up in Brazil
Tech firms increasingly notify users of secret data demands(Washington Post via Philly.com) Major U.S. technology companies have largely ended the practice of quietly complying with investigators' demands for e-mail records and other online data, saying that users have a right to know in advance when their information is targeted for government seizure
Terrorism case defense wants surveillance records(Bradenton Herald) Attorneys for a Chicago terrorism suspect are urging a federal appeals court to uphold a trial judge's decision to grant defense lawyers unprecedented access to secret intelligence-court records
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
STEM Café(Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect...
cybergamut Technical Tuesday: Malware Reverse Engineering(Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending...
US Secret Service Cybersecurity Awareness Day(Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to...
SANS Security West(, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...
HackMiami 2014(Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...
Eurocrypt 2014(, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
CyberWest(Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Cyber Security for National Defense Symposium(, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...
FOSE Conference(Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government,...
INFILTRATE(, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
Security BSides Denver 2014(Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.