Many Heartbleed fixes are found to be "not totally working." Hasty fixes have jumbled certificates and patches, compromised keys are being reused, and governmental "red tape" has impeded stanching. Still, says CSO, it could've been worse: Heartbleed has proven more headache than disaster.
Tomorrow's Patch Tuesday, barring unforeseen backsliding by Microsoft, will be the first to exclude Windows XP. This greatly increases the risk of attacks on XP users. The software's retired but remains widely used, and hackers will reverse-engineer vulnerabilities addressed tomorrow, hoping to uncover similar unpatched holes in XP.
The market for cyber liability insurance continues to grow, driven to a great extent by fears of reputational damage. Insurers and their clients look for reliable ways of assessing and mitigating risk.
In industry news, GE buys Wurldtech in a SCADA play. Investment analysts take another look at FireEye's acquisition of nPulse and see a disciplined approach to closing corporate capability gaps.
In the US, the House Intelligence and Judiciary Committees have both approved pending legislation governing bulk data collection. Observers from Hayden to Greenwald weigh in.
The US Justice Department urges more cyber threat information sharing.
A UK court finds cyber export control issues in HM Revenue and Customs.
Today's issue includes events affecting Australia, Canada, Colombia, Finland, Germany, India, Kenya, Netherlands, Pakistan, Russia, Singapore, Taiwan, Thailand, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Targeted Attack Against Taiwanese Agencies Used Recent Microsoft Word Zero-Day(TrendLabs Security Intelligence Blog) Vulnerabilities, particularly zero-days, are often used by threat actors as the starting point for targeted attacks. This was certainly the case for a (then) zero-day vulnerability (CVE-2014-1761) affecting Microsoft Word. In its security advisory released last March, Microsoft itself acknowledged that the vulnerability was being used in "limited, targeted attacks"
Pakistani Team MadLeets hacks and defaces Indian Ministry of Railway Server(HackRead) Writing a news about cyber attack is incomplete without mentioning India and Pakistan, where both countries are known for their skillful hackers and defacers. Keeping up with their cyber war, a Pakistani based hacker going with the handle of rOOX from Team MadLeets has hacked and defaced the server of Indian Ministry of Railway, which includes around 47 domains
Colombian peace talks at stake in presidential election(Reuters via the Chicago Tribune) Peace talks to end five decades of war are on the line in Colombia's election this month with President Juan Manuel Santos fighting for a second term while opponents accuse him of giving up too much to Marxist rebels at the negotiating table
A Pod of 'Crypto-clone' Ransomware Spawns in 2014(Infosecurity Magazine) Call it the invasion of the crypto-clones: so far this year, several CryptoLocker-esque variants have popped up on underground forums and in the wild. These include CryptoClone and CryptoLocker 2.0, which have added functionality to officially make them self-replicating worms for greater possible damage
Heartbleed Fixes Not Totally Working(Top Tech News) The Web sites that are prehaps in the worst shape following Heartbleed are those that increased their vulnerabilities because they overreacted, according to a new report from Netcraft. Around 20 percent of servers that are currently vulnerable were not in the same situation in early April when Heartbleed was first made public, Netcraft and others said
Heartbleed was a headache, but far from fatal(CSO) It's been a month since the Heartbleed Bug set off a stampede to patch software in everything from network gear to security software as it quickly became evident that vulnerable versions of the OpenSSL encryption code had been very widely deployed
Bridging the Airgap(Security Watch) Yesterday I spoke at the International Society of Automation Ireland Section's Cyber Security Conference. My talk highlighted how relying on air gaps to protect ICS and secure networks is a fallacy. Using well known incidents as examples of how air gaps failed I outline the problem and ways to address it
Has Microsoft set a dangerous precedent on the Windows XP security front?(ITProPortal) It's now a month since support for Windows XP came to an end, and we've already had our first exciting little post-XP incident. When a security flaw was discovered in Internet Explorer, an out-of-band patch was released for XP users despite Microsoft's previous claims that no more such updates would be issued. A month on seems like a good time to assess the lay of the land for the operating system, and that's precisely what security firm Secunia has done
Bitly hackers stole user credentials from offsite database backup(We Live Security) Bitly has shed a little more light on the serious security breach it suffered last week. As you may recall, the URL-shortening service announced last week that it believed the account credentials of Bitly users could have fallen into the hands of hackers, but it fell short of answering how it determined customer privacy had been breached, how securely passwords had been stored, or — indeed — what had actually gone wrong
Bulletin (SB14-132) Vulnerability Summary for the Week of May 5, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Cybercrime Boss Offers Ferrari to Top Hacker(International Business Times) A cybercrime boss has offered a Ferrari to the hacker who can come up with the best online scam, according to a European law enforcement official
Security Patches, Mitigations, and Software Updates
Why the Target Breach Matters to Insurers(Insurance & Technology) Thus far, Target has reported $61 million in expenses related to its data breach. $44 million of which was offset by an insurance payment. While the financial impact of data breaches on insurers is significant, these incidents serve as a reminder of the cyber threats which put them at risk as well. With their growing reliance on third-party software and cloud-based services, insurers are at risk from the same type of supply chain attacks that led to the Target breach. Dynamic changes in the risk ecosystem are eroding the effectiveness of current approaches to security risk management and regulatory compliance for preventing data breaches. So what best practices can insurance providers implement to fortify their IT defenses?
AV Isn't Dead. It's Evolving.(Webroot Threat Blog) Since the WSJ report was released, endpoint security solutions have received a lot of media attention. As many have started to ask "Is AV really dead?", I felt it was a good idea to talk about it from my perspective
Public sector cyber security a shame(Bangkok Post) Thailand's internet security is woeful, and nowhere are the flaws more obvious and dangerous than the websites of government agencies and state institutions. Not only has personal data on Thai government
Finland excels in cyber security review; language a deterrent(Uutiset) A fresh report by the software giant Microsoft places Finland among the top five locations for cyber security. However local network security authorities say while Finland's unique language offers some protection from online threats, Finnish web users shouldn't be complacent
King & Spalding advises GE on Acquisition of Cyber Security Solutions Company Wurldtech(King & Spalding) King & Spalding advised GE in its definitive agreement to acquire privately held Wurldtech, a Vancouver, British Columbia-based cyber security solutions company. Wurldtech solutions and services are used in complex environments such as oil refineries, power transmission grids or for individual assets like medical devices or smart meters
Symantec's 'antivirus is dead' assertion draws fire(FierceCIO: TechWatch) In a Wall Street Journal report that ran over the weekend, Brian Dye, Symantec's senior vice president for information security was quoted as calling traditional antivirus software "dead", as well as claiming that it isn't considered as a moneymaker "in any way" by the company
Cyber security firm brings 130 jobs to Wales(NewsWales) An American cyber security company which has links with Cardiff University's School of Computer Science & Informatics is set to bring more than 100 jobs to South Wales. Alert Logic, based in Texas, announced this week that they will be creating almost 130 jobs when they open a new European HQ in Cardiff and a UK data centre in Newport
New Strategic Partnership Strengthens Maryland's Homeland Security Enterprise(HSToday) Homeland Security Solutions, a global consulting firm committed to improving the homeland security enterprise, recently announced its strategic partnership with Chesapeake Innovation Center (CIC) in an effort to bridge the gap between public, private and non-profit sectors in the homeland security marketplace
Wick Hill Now Shipping WatchGuard's New APT (Advanced Persistent Threat) Solution(IT News Online) Wick Hill is now shipping WatchGuard's new Advanced Persistent Threat (APT) solution, WatchGuard APT Blocker. Delivering real-time threat visibility and protection in minutes, not hours, APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox, using the industry's most sophisticated full-system-emulation environment for detecting APTs and zero day malware
4 tips to successfully deploy a wireless security network(FierceMobileIT) Wireless technology can improve the performance of an organization's physical security system while lowering the cost and complexity of deploying cables connecting security cameras and access control systems throughout a facility
Do You Need EV-SSL?(eSecurity Planet) The CEO of Comodo, a key contributor to the EV-SSL standard, explains why extended validation SSL matters but why you might not always actually need it
Here's how to hacker-proof your app in 5 steps(Venture Beat) As reports of companies suffering data breaches continue to roll in with alarming frequency, concern about data security has moved beyond the realm of IT pros and into the mainstream
Why Anonymity Apps Are So Healthy—And So Rotten(Wired) As far as interviews go, it was a bit of a train wreck. Last week, Michael Heyward was on stage at the annual TechCrunch Disrupt conference in New York City, shifting uncomfortably in his seat, raising his voice, and stumbling over his words, as TechCrunch founder Michael Arrington grilled him about Whisper, the anonymous social networking app Heyward helped create in 2012. Things grew tense, and Heyward became so agitated that, at one point, Roelof Botha, a Whisper investor sitting to Heyward's right, gave the young entrepreneur a fatherly pat on the shoulder, as if to say: "Enough"
Former director of NSA and CIA: 'We kill people based on metadata'(Examiner) On Wednesday, Democratic Senator Patrick Leahy and Republican Congressman James Sensenbrenner proposal to amend the USA Freedom Act, the domestic metadata collection by the National Security Agency (NSA) of millions of Americans, passed unanimously by a vote of 32-0, in the House Judiciary Committee
The Disturbing Clause not Covered by Proposed NSA Reform(AllGov) The U.S. House of Representatives has before it two bills that are supposed to put some safeguards on the National Security Agency's (NSA) spying activities on Americans. But neither plan includes reforms for a controversial section of federal law on which many of the NSA's most intruding programs are legally based
Congressman Jim Cooper on the NSA Internal Watchdog Act(Nashville Scene) Earlier this month, U.S. Rep. Jim Cooper was among a bipartisan trio of congressmen who introduced the NSA Internal Watchdog Act, to create a "tough, independent watchdog inside [the National Security Agency] who will be accountable to Congress and the American people"
Intelligence Policy Bans Citation of Leaked Material(New York Times) The Obama administration is clamping down on a technique that government officials have long used to join in public discussions of well-known but technically still-secret information: citing news reports based on unauthorized disclosures
ODNI clarifies more limited effect of its new preclearance policy(Just Security) Steve Aftergood reported yesterday on a new Office of Director of National Intelligence Instruction 80.04, which appeared to establish new restrictions, and a more robust "prepublication" review, for virtually all writings and communications of ODNI employees and officials that discuss "operations, business practices, or information related to the ODNI, the [Intelligence Community], or national security." Instruction 80.04 caused a great deal of confusion and concern on several fronts
U.S.: Companies should share security data(KSPR) The Justice Department is issuing new legal guidance encouraging companies to share cyber-security information with each other and the government, while protecting the privacy of their customers
German Lawmakers to Interview Snowden(Guardian Liberty Voice) German lawmakers are in the middle of deciding when and where to interview former United States intelligence contractor Edward Snowden, who leaked information last year about the U.S. National Security Agency's (NSA) spying program to the rest of the world. While his grant of asylum in Russia expires next year, he has written to other U.S. allied European countries that have rejected his requests for asylum
Russian Hacker Charged in Biggest U.S Hacking Case Doesn't Want Extradition to U.S(HackerNews) Earlier we reported, 33-year-old Russian hacker Vladimir Drinkman is wanted in U.S and Russia for various cyber crime charges, and the Netherlands Court ruled simultaneous requests from the U.S. & Russia for the extradition were admissible. But now it's up to the Dutch Minister of Justice to decide, whether to which country he would be extradited. However, Hacker Vladimir Drinkman does not want to face charges in US and appealed to the Supreme Court of the Netherlands, Country's highest court, to avoid his extradition to the US, Bloomberg reported
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security B-Sides Cape Breton(Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...
SANS Security West(, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...
Eurocrypt 2014(, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Cyber Security for National Defense Symposium(, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...
CyberWest(Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...
Fraud Summit(Chicago, Illinois, USA, May 14, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...
INFILTRATE(, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
Security BSides Denver 2014(Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
3 Day Startup(San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...
How the SBIR/STTR Program Can Help Grow Your Business(Halethorp, Maryland, USA, May 27, 2014) The SBIR/STTR programs promote small business innovation and profitability while simultaneously meeting the government's research and development needs. Every year, small businesses receive millions of...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.