Chinese cyber-rioting against Vietnamese targets coincides with China's assertive deployment of drill rigs in disputed waters.
Fresh allegations surface that Russia hacked Belgian Foreign Ministry networks. The goal seems to have been intelligence on international reaction to Russian ambitions in Ukraine. Radware warns that other nations' networks should expect to be targeted, with the United Kingdom, France, Germany, and the United States of particular interest to Russian intelligence services. Russian information operations—marketing in battledress—directed toward the Near Abroad intensify.
Iran seems satisfied with its influence on the Syrian civil war, and also increases its cyber optempo. FireEye reports on "Operation Saffron Rose," in which apparent hacktivism evolved into a practically overt Iranian government cyber campaign.
Anonymous Tunisia continues to count coup against Israeli sites. In other respects Anonymous isn't doing so well these days: the collective is riven by a dispute over missing funds and allegations of mismanagement. The funds and mismanagement aren't large, but who would have thought a disinterested anarchist collective had any of either?
Many patches have been announced at mid-week. Beyond Microsoft's, users will also find fixes and upgrades to Adobe, Google Chrome, Linux, BlackBerry, and AVG software.
Breaking Defense reports on the difficulties widespread participation in cyberspace poses to armies (specifically the US Army, but all conventional armies are affected). Force protection and counterintelligence become difficult; asymmetric threats evolve more rapidly.
Damballa says North American businesses get, on the average, 10,000 security alerts daily. This is obviously too much to process: it's glare, not light.
Today's issue includes events affecting Australia, Belgium, Canada, China, France, Germany, India, Israel, Japan, Philippines, Russia, South Africa, Tunisia, Ukraine, United Kingdom, United States, and Vietnam..
Hidden face of a Dirty Decrypter malware(Infosec Institute) The Dirty decrypter is a crypto ransomware; its intention is to encrypt the compromised user's pictures, documents, videos etc making them unusable. The malware coerces you to pay large sums of money to decrypt any of these files. Failure to pay this sum will cause the malware to destroy all the decryption keys for the files, which results in destruction of the user's files forever. The malware was coded with the ability to override several essential security measures such as Windows Firewall, UAC, and Anti-Virus solutions
Kippo Users Beware: Another fingerprinting trick(Internet Storm Center) We all know that the ssh honeypot "kippo" is a great tool. But it is awful easy for an attacker to figure out that they are connected to a kippo honeypot. The latest trick I see people use is to run the "file" command, which is not impleneted in kippo
Uruguay: Prisoner Hacks US Ambassador's Cellphone(New York Times) A prisoner in Uruguay tapped into the U.S. ambassador's cellphone and sent messages to some of her contacts in an attempt to commit a still undisclosed fraud, authorities said Tuesday
ICO Report Identifies Eight Most Common Causes Of Data Breaches(TechWeek Europe) ICO says the same mistakes are being made again and again. The Information Commissioner's Office (ICO) has called on businesses and organisations to familiarise themselves with the best ways of protecting personal data and not fall prey to the most common causes of data breaches
Cyber Space and its Militarization(DataQuest) Globally, cyber security is seen as a critical element of the national security apparatus by nations. The reasons are proliferation of advance and sophisticated cyber attacks, cyber threats with political and social effects, increase in cyber espionages, developments of cyber weapons and its usage for military purposes, attacks against nations by non-state actors, cyber terrorists, hackers etc
Army Grapples With Cyber Age Battles In Megacities(Breaking Defense) High-tech warfare at knife-fight ranges: that's the ugly future of urban combat. If you thought Baghdad was bad, with its roughly six million people, imagine a "megacity" of 10 or 20 million, where the slums have more inhabitants than some countries. Imagine a city of the very near future where suspicious locals post every US military movement on Twitter with digital photos and GPS-precise coordinates. Imagine roadside bombs that fly because the bad guys downloaded blueprints for a kamikaze mini-drone and built it with their 3-D printer
Trend Micro's Q1 Security Roundup Reveals Cybercriminals' Advanced Methods for Executing Attacks on Wide Variety of Targets(Broadway World) Cybercriminals continuously discover more ways to successfully target new outlets for financial theft as revealed in Trend Micro Incorporated's (TYO: 4704; TSE: 4704) first quarter security roundup for 2014, "Cybercrime Hits the Unexpected." Greed is motivating cybercriminals to take a non-traditional approach in the selection of unlikely targets, such as advanced threats to Point-of-Sale (PoS) terminals and the exploitation of disasters. Though well protected, these new targets are in the crosshairs of emboldened cybercriminals around the world
Kaspersky Lab reports on cyber threats in Africa(BizTech Africa) As well as reporting on global IT threats, Kaspersky Lab also presents statistics for Africa in the first quarter of 2014, based on data from Kaspersky Security Network. Algeria leads in terms of local and web threats, well ahead of Egypt in second place. South Africa followed by Kenya saw a significant number of security incidents, though the number of users affected is one of the lowest in the region. Africa accounted for 4% of total security incidents worldwide, while the figure for the Middle East region was 3%
VN faces high risk of cyber attacks(VietnamNet) Director for Systems Engineering, Asia South Region, Symantec, Raymond Goh said that Viet Nam had jumped nine spots because of the rapidly increasing number of mobile internet subscribers and users who lack good cyber security skills
Office workers have little trust in digital world(Help Net Security) The majority of UK office workers have trouble deciding who to trust in the digital world, however this isn't surprising considering 14 percent have already been badly affected by cybercrime, according to PhishMe
Cyber: worth the risk?(Intelligent Insurer) As cyber threats increase and legislation involving privacy and data breaches tightens, demand for cyber coverage has never been higher. As insurers strive to stay ahead of demand, Intelligent Insurer asks is the industry doing enough?
Key focus areas for security technology investment(Help Net Security) A new report from the Security for Business Innovation Council advocates three key areas for technology investment and recommendations for specific security technologies to build better anticipatory defenses while also improving business productivity
Wellington Financial Provides $5 Million Growth Capital to Agiliance(MarketWatch) Wellington Financial LP, a privately-held specialty finance firm, today announced a $5 million expansion financing for Agiliance®, Inc. The investment will be used to increase product marketing evangelism, leverage target sector distribution and solution coverage and bring to market a new cloud offering. Wellington's funding follows Agiliance's double-digit profitability over the past seven quarters, release of an innovative and high quality RiskVision™ 7 , and nearly ten-fold growth in secure cloud services wins over a trailing twelve month period
Syniverse Agrees to Acquire Aicent(MarketWatch) Acquisition anticipated to expand Syniverse's global communications network, driving increased service and value to customers
WatchGuard Technologies Announces Interim CEO(MarketWatch) WatchGuard® Technologies , a leader in integrated security platforms, today announced that its Board of Directors has named Michael Kohlsdorf as interim CEO while it conducts a selection process to replace Joe Wang, who has announced his departure
Products, Services, and Solutions
Mozilla Asks CAs for Details on Subordinate Certificate Controls(Threatpost) Mozilla has warned certificate authorities included in its root CA Certificate Program that they only have a few weeks left to comply with the company's new policy, which requires CAs to adhere to the CA/Browser Forum Baseline Requirements and provide proof of audits of their subordinate certificates. The company made the policy change last year, but gave CAs about a year to comply and now that grace period is running out
SafeNet Enhances Access Security to Microsoft Cloud Applications and Services(MarketWatch) SafeNet, Inc., a global leader in data protection solutions, today announced that its industry-leading SafeNet Authentication Service (SAS) can be fully integrated with Microsoft Windows® Server 2012 R2 Active Directory Federation Services (AD FS). This enables enterprises and other organizations to quickly deploy and manage multi-factor authentication into Office 365® applications and other web-based services for more secure access control
Compatability Issues May Occur with Microsoft's EMET Security Tool(Microsoft Certified Professional Magazine) Microsoft's free Enhanced Mitigation Experience Toolkit (EMET) may not operate correctly for some apps. EMET emerged from Microsoft about five years ago as an alternative check to software security threats, but using it comes with a risk that users will encounter application compatibility issues. Microsoft's lists just a few apps with known incompatibilities, including Skype, the NetFlix Silverlight app, ATI drivers, the iPod sync service and an AOL plug-in, at this TechNet forum page. However, the forum includes comments from many others describing apparent app incompatibility issues
Lieberman Software Enables Audited, Privileged Access for Users From the Cloud to On-Premises(MarketWatch) Lieberman Software Corporation is introducing new privileged user management (PUM) capabilities in Enterprise Random Password Manager(TM) (ERPM) at Microsoft TechEd 2014 in Houston, TX this week. The new PUM capabilities allow users to launch cross-platform applications in a secure environment, where elevated operations are automatically authorized, recorded and audited. ERPM now offers connectors for a broad array of cloud provider portals, SAAS vendors and social media platforms
Advanced attack protection for data centres(ProSecurityZone) StealthWatch FlowSensor 4000 has been released for providing large network visibility and security against advanced attacks launched against enterprise data servers and data centres
Proactively Hardening Systems Against Intrusion: Configuration Hardening(Tripwire: The State of Security) The concept of "hardening" has nice imagery to it. When we use it to describe battle-hardened soldiers who have been tested in combat a grim, determined image invariably leaps to mind. The same thing happens when we speak of hardened steel that's been repeatedly quenched and tempered, or of hardened fortifications or bunkers
Inspired by nature, researcher develops new cyber security techniques(Phys.org) Imagine a cyber world in which hackers, identity thieves, spammers, phishers, foreign spies and other miscreants have a much tougher time plying their trade. Thanks to UC Irvine computer science professor Michael Franz and his research group, such a world is closer to a reality
Norwich University receives $122,000 NSF grant for cybersecurity scholarship(Vermont Biz) Norwich University has received a $122,232 supplemental grant from the National Science Foundation (NSF) as part of a "Scholarship for Service" program, in which student-recipients majoring in computer security and information assurance commit to work for the federal government following graduation. A five-year, $974,836 grant was awarded by the NSF two years ago, portions of which are disbursed annually. The current $122,232 grant supplements this original grant, and will support the education of one student for two years
Evan Schuman: One law to rule all data breaches — but let's make it a real law(Computerworld) When the White House issued its big-data privacy report on May 1, it recommended the passage of federal breach legislation "to replace a confusing patchwork of state standards." Although that may have sounded like good news to the development community -- the folk who generally bear the brunt of complying with such security requirements -- it's only a step in the right direction if your goal is falling off of a cliff
REUTERS SUMMIT-DHS chief says confident U.S. cyber legislation will pass(Reuters) Congress is likely to pass cybersecurity legislation this summer, Jeh Johnson, secretary of the U.S. Department of Homeland Security said on Tuesday, citing growing consensus among lawmakers on the need to help industry share data with government about escalating attacks on computer networks
Can JIE take cyber awareness 'beyond the foxhole'?(C4ISRNet) The Joint Information Environment aims to streamline Defense Department technology and networks, aligning the services under a centralized strategy for the future of Pentagon IT. But what will the initiative do for military operations in cyberspace?
Snowden, China and cyber security(Horizons (blog)) As I wrote about yesterday, I keep trying to convince myself that Edward Snowden was just a naive fool rather than something more sinister. But just as I'm about to get there, another troubling inconsistency in his story emerges
'No Place to Hide' a vital discussion on Snowden's revelations(Chicago Tribune) Glenn Greenwald's "No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State" comes with a built-in challenge: creating a sense of drama when we all know the basics of the tale. In December 2012, the Rio de Janeiro-based journalist, then writing for the Guardian, received an email from someone calling himself Cincinnatus, after the Roman farmer "who, in the fifth century BC, was appointed dictator of Rome to defend the city against attack"
Chronicling the abuse of authority(The Economist) The disclosures of Edward Snowden constitute perhaps the most notorious leak in history. America's National Security Agency was so secretive that for decades even its existence was classified. Insiders joked that its initials stood for "no such agency". That a 29-year-old contractor was able to steal tens of thousands of classified documents is not only astounding, but also unprecedented. Only recently had it become possible to fit so much material on an inexpensive digital chip
Justice Dept. Criticized on Spying Statements(New York Times) Two Democratic senators accused the Obama administration on Tuesday of seeking to "ignore or justify" statements it made to the Supreme Court about warrantless surveillance by the National Security Agency, contributing to what they called a "culture of misinformation" by the executive branch
"Battered, fractured" Anonymous hacktivists in schism over missing funds(ITProPortal) Back in 2013, Anonymous was riding high. The loose hacktivist collective had just carried out a number of high-profile hacks against major targets around the world, it had gained fame by hacking the email inbox of the beleaguered Syrian President Bashar al-Assad, and it had just raised more than $54,000 (£32,000) via crowdfunding site Indiegogo to turn its YourAnonNews Twitter account into a rolling news service
100 more Filipino suspects linked to sex blackmail(Philippine Star) About 100 more Filipino suspects are linked to online blackmail syndicates that extorted money from victims worldwide after luring them into exposing themselves in front of webcams or engaging in lewd chats, a Philippine police official said Tuesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Security West(, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information...
Eurocrypt 2014(, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014(Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and...
GovSec 2014(Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...
Cyber Security for National Defense Symposium(, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations...
CyberWest(Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations...
Fraud Summit(Chicago, Illinois, USA, May 14, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...
INFILTRATE(, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot...
Security BSides Denver 2014(Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
Security Start-up Speed Lunch NYC(New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare,...
CEIC 2014(Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions...
The Device Developers' Conference: Bristol(Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Mobile Network Security in Europe(London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the...
Positive Hack Days(, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright...
Georgetown Law: Cybersecurity Law Institute(, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels...
NSA Mobile Technology Forum (MTF) 2014(, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia,...
CyberMontgomery Forum: Center of Gravity(Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
The Device Developers' Conference: Cambridge(Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
Fort Meade Technology Expo(, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel...
3 Day Startup(San Antonio, Texas, USA, May 23 - 25, 2014) The nation faces tremendous challenges to our online security. Turn innovative ideas into startups that protect our information and our livelihood. 3 Day Startup is an entrepreneurship program designed...
How the SBIR/STTR Program Can Help Grow Your Business(Halethorp, Maryland, USA, May 27, 2014) The SBIR/STTR programs promote small business innovation and profitability while simultaneously meeting the government's research and development needs. Every year, small businesses receive millions of...
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.