Researchers continue to unpack a possible second eBay security bug as eBay users brace for identity theft.
The novel "hacked-by-Oleg-Pliss" ransomware has affected many Apple users in Australia and New Zealand, and there's no reason to believe the campaign will be confined to those countries. Unlike more familiar forms of ransomware, "Oleg Pliss" doesn't encrypt victims' files, but instead activates the "Lost iDevice" feature on their iPhones or iPads. Security researchers offer advice on prevention and recovery (sound password practices are especially recommended) but much about the campaign remains baffling. Why should it seem confined largely to Australia and New Zealand—equally curious whether it used stolen credentials or exploited an iOS flaw?
Fidelis Security reported in February on the "STTEAM" cyber campaign afflicting Middle Eastern oil and gas companies; Recorded Future has an update.
Bitdefender says the instant messaging Trojan Gen:Variant.Downloader.167 is politely spreading itself through Europe and North America, asking nicely, "I want to post these pictures on Facebook, do you think it's OK?" (Tip: it's not "OK.")
Several Android exploits are currently active in the wild; other Android vulnerabilities are discovered in labs. Chinese Android users are hit by a banking Trojan that poses as a WeChat app. Researchers find some email and messaging programs (including Outlook) storing messages unencrypted on Android devices' SD card. Other researchers demonstrate that Android phones can be hacked to take pictures without owners' knowledge.
Snowden tells reporters he was "a trained spy," not just some lowly sysadmin.
Sabu walks with time served.
Today's issue includes events affecting Australia, Bahrain, Canada, China, Denmark, Estonia, France, Germany, India, Iran, Israel, NATO, New Zealand, Pakistan, Palestinian Territories, Philippines, Romania, Switzerland, Thailand, United Arab Emirates, United Kingdom, United States..
Shedding Light on STTEAM(Recorded Future) Researchers from Fidelis Security in February reported a newly identified cyber campaign dubbed STTEAM (PDF) found to be targeting oil and gas companies in the Middle East
Instant messaging Trojan spreads through the UK(Help Net Security) Hundreds of computer systems have been infected with the latest instant messaging Trojan. Bitdefender has spotted an increasing wave of infections in the past week in countries such as the UK, Germany, France, Denmark, Romania, the US and Canada
Outlook for Android fails to keep emails confidential(Help Net Security) Did you know that Outlook and many other email and mobile messaging Android apps store your emails and messages on the device's SD card, unencrypted, and accessible to any third-party app that is permitted to access the card's contents?
Spotify Android Application at Issue in Breach(Threatpost) Users of Spotify on Android will soon be asked to update the application after a breach was reported this morning by the streaming music service's chief technology officer
Did an undisclosed SMF 2.0.6 flaw enable the AVAST forum breach?(SC Magazine) The AVAST forums were hacked on Sunday and about 400,000 users had information compromised. It might have been an undisclosed vulnerability in Simple Machines Forums (SMF) 2.0.6, the years-long community platform of choice for computer security company AVAST Software, that enabled attackers to compromise information on nearly 400,000 AVAST message board users
Compromised non-payment card data on the rise: Trustwave(Credit Union National Association) Payment card data continues to lead the way in the type of online information most often compromised by data breaches, but data thefts involving non-payment card data is gaining ground, according to analysis from online security technology company Trustwave
FireEye CEO IDs the next big cyber threat(CNBC) As the threat of cyber-security attacks continues to loom over U.S. businesses and the federal government, the CEO of FireEye said Tuesday that the rate of attacks has been rising
Study Shows Businesses Not Prepared for Attacks(Huffington Post) Amazing: With the proliferation of cyber attacks globally, most businesses are ill-prepared to deal with this, says research from the Economist Intelligence Unit and Arbor Networks
The cloud will transform the airport experience(Help Net Security) Airports are increasingly identifying the need to switch to cloud systems in order to improve operational efficiencies, according to Amadeus, who collected the viewpoints of over 20 senior IT leaders from the airport industry to investigate the business case for adopting cloud based Common Use systems at airports
China's Payback for US Hacker Indictments Begins(TechNewsWorld) The fallout from U.S. indictments against Chinese hackers is just beginning. "You'll probably see economic repercussions of one sort or another," said GWU's Frank Cilluffo. "Whether this was just the first shoe and there are others to drop, I'm not sure, but it will make what is already a complex and vexing market even more so for U.S. and other companies doing business in China"
Huawei ready to take on Cisco in enterprise networking(Want China Times) The rivalry between Chinese telecommunications giant Huawei and US-based Cisco Systems, a world leader in supplying networking equipment, is heating up as Huawei continues to come up with new technologies and products in the enterprise networking field, reports Shanghai's China Business News
F5 Networks Buys Defense.Net(Zacks) In a bid to strengthen its security service, F5 Networks Inc. (FFIV - Snapshot Report) has recently acquired Defense.Net, Inc., privately-held cloud-based security solutions provider. The acquisition is expected to boost F5 Networks' cyber security offerings. Financial details of the deal were not disclosed
Why Splunk, Inc. Shares Could Fly 40%(Motley Fool) Shares of Splunk, Inc. (NASDAQ: SPLK) surged 7% today after Northland Capital Markets upgraded the data management software technologist from market perform to outperform
Web application penetration testing with ImmuniWeb(Help Net Security) Switzerland-based ethical hacking and penetration testing experts High-Tech Bridge recently released an interesting security product that uses a hybrid approach towards web application security testing
Digital Shadows inks reseller agreement with Nettitude(BusByway) Digital Shadows, a cyber intelligence company that protects organisations from data loss and targeted cyber attack, has today announced that Nettitude, a global leader in the delivery of cyber security testing, risk management, compliance and incident response services, has signed an agreement to become a reseller of Digital Shadows' core managed services, Data SearchLight™ and Threat SearchLight™
Panda fuses with the Cloud(Gadget) Panda Security has announced its new cloud offering, Panda Cloud Fusion, offering organisations of most sizes security, management and support in one solution
Technologies, Techniques, and Standards
Stop attackers hacking with Metasploit(TechTarget) Automated security tools have been one of the most significant advancements in information security. Automation has become a necessity given the increasing complexity of networks and software — and the threats targeting them
How IT security experts handle healthcare network access(Health IT Security) Healthcare network security has become more complicated over the years because of the explosion of mobile device connectivity. And because it's so difficult for healthcare organizations to have a firm grasp on where their perimeters begin and end, they must look for new ways to ensure networks are secure both internally and externally
Secure file sharing uncovered(Help Net Security) Ahmet Tuncay is the CEO of Soonr, a provider of secure file sharing and collaboration services. In this interview he talks about making security a priority, discusses what drives employees to routinely use personal online file sharing solutions for confidential data, outlines the critical features of secure file sharing solution, and more
Assessing SOAP APIs with Burp(Internet Storm Center) Something I've noticed recently is that most of the websites I've been asked to assess now seem to be "new, improved, and with an API". Often the API is based on SOAP, and it's been an interesting discussion on how best to scan these new Web Services based on WSDL for vulnerabilities
Cyber Cadets: West Point Graduates Hackers(Bloomberg BusinessWeek) For the first time, this year's graduates of the U.S. Military Academy at West Point are able to join America's Cyber Command straight out of college. For years the Department of Defense has ostracised hackers but now they are encouraging and recruiting them
Legislation, Policy, and Regulation
Cyber espionage and US-China relations: The world's biggest candy store(The Interpreter) Don't believe anything you read on the cyber espionage spat between US and China. Depending on who's talking, the US is a 'thief crying stop thief' and a 'mincing rascal'; or China's 'scale of commercial hacking is immense', perhaps the 'greatest transfer of wealth in history'
Probe alleged US spying in PH: lawmaker(ABS-CBN News) A lawmaker wants the House of Representatives to probe into the alleged US spying operations in the Philippines through the National Security Agency's MYSTIC program
NSA reform lite(Eugene Register-Guard) Senate should pass tougher surveillance bill
Kerry Tells Snowden to 'Man Up' and Come Home(AP via ABC News) Secretary of State John Kerry on Wednesday called National Security Agency leaker Edward Snowden a fugitive and challenged him to "man up and come back to the United States"
Kinsley, Greenwald and Government Secrets(New York Times) Michael Kinsley's review of Glenn Greenwald's new book, "No Place to Hide" hasn't even appeared in the printed Book Review yet — that won't happen until June 8 — but it's already infuriated a lot of people. After the review was published online last week, many commenters and readers (and Mr. Greenwald himself) attacked the review, which was not only negative about the book but also expressed a belief that many journalists find appalling: that news organizations should simply defer to the government when it comes to deciding what the public has a right to know about its secret activities
What does GCHQ know about our devices that we don't?(Privacy International) While the initial disclosures by Edward Snowden revealed how US authorities are conducting mass surveillance on the world's communications, further reporting by the Guardian newspaper uncovered that UK intelligence services were just as involved in this global spying apparatus. Faced with the prospect of further public scrutiny and accountability, the UK Government gave the Guardian newspaper an ultimatum: hand over the classified documents or destroy them
Do Personal Computers Come With NSA Surveillance Devices Built-In As Standard?(TechDirt) As Techdirt reported last year, one of the most bizarre episodes in the unfolding story of the Snowden leaks was when two experts from the UK's GCHQ oversaw the destruction of the Guardian's computers that held material provided by Snowden. As everyone -- including the Guardian's editor Alan Rusbridger — pointed out, this was a particularly pointless act since copies of the documents were held elsewhere, outside the UK. The only possible explanation seemed to be that the UK government was trying to put the frighteners on the Guardian, and engaged in this piece of theater to ram the point home. But a fascinating blog post from Privacy International raises the possibility that there is another far more disturbing explanation
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Maryland Cybersecurity Roundtable(Hanover, Maryland, USA, May 29, 2014) U.S. Senator Barbara A. Mikulski and Governor Martin O'Malley will launch the Maryland Cybersecurity Roundtable on Thursday, May 29, at 1:30 p.m., at The Hotel at Arundel Preserve, Hanover, Md. They'll...
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Area41(, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
NSA SIGINT Development Conference 2014(, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
AFCEA Presents: Insider Threat to Small Business(Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.