CSO advises companies to raise their vigilance against malware during periods of political crisis. Four crises at least currently warrant such increased vigilance: Russian appetite for Ukraine and Georgia (with Donets and Abkhazia on the menu, and a Russian-led trade union in the near abroad as dessert), Chinese assertion of territorial rights in the South China Sea (Vietnam is in the cyber crosshairs, the Philippines next), and Thailand's recent coup d'état (accompanied by ongoing information operations).
iSight reports on Iranian intelligence operations against the US. They involve traditional espionage tradecraft adapted to cyberspace.
The ransomware campaign exploiting the iLock feature on Apple devices (possibly enabled by compromised iCloud credentials) has spread from Australia and New Zealand to California.
Another new ransomware effort (and CryptoLocker competitor) CryptoDefense, recently investigated by Bromium, is causing concern, but there may be good news: flawed implementation of the malware has enabled some victims to recover their files.
Encryption darling TrueCrypt has apparently taken itself down. A warning against using it appeared on the TrueCrypt site yesterday along with a recommendation to switch to Bitlocker. Some observers think this may be a hack—the text on the relevant page had the short look of defacement—but the emerging consensus holds that TrueCrypt is indeed gone.
Researchers find vulnerabilities in NICE Systems' lawful intercept products.
Siemens patches Rugged OS.
Neither China nor the US is backing down from their mutual cyber recriminations. One consequence appears to be a pop in Chinese tech stocks.
Edward Snowden wants to come home.
Today's issue includes events affecting Australia, Belgium, Canada, China, Denmark, Finland, Georgia, Indonesia, Iran, Israel, Japan, New Zealand, Norway, Pakistan, Philippines, Romania, Russia, Slovenia, South Africa, Thailand, Ukraine, United Kingdom, United States, and Vietnam..
Presidential Building Is Stormed in Restless Georgian Region(New York Times) Hundreds of demonstrators occupied the presidential headquarters of Abkhazia, a breakaway enclave of Georgia, on Wednesday, demanding the resignation of the region's leader and the dismissal of the government in the latest tumult to grip a separatist area supported by Russia
CryptoLocker Ransomware Competitor May Have Fatal Flaw(Threatpost) CryptoLocker certainly changed the ransomware game last year when it threatened its victims with the loss of important files if a timely ransom payment was not made. Reportedly, criminal gangs utilizing this dangerous type of ransomware were earning hundreds of thousands of dollars per month
True Goodbye: 'Using TrueCrypt Is Not Secure'(Krebs on Security) The anonymous developers responsible for building and maintaining the free whole-disk encryption suite TrueCrypt apparently threw in the towel this week, shuttering the TrueCrypt site and warning users that the product is no longer secure now that Microsoft has ended support for Windows XP
True Crypt Compromised / Removed?(Internet Storm Center) Earlier today, the popular disk encryption tool Truecrypt was essentially removed from Sourceforge, and replaced with a warning that Truecrypt is no longer secure and people should switch to Bitlocker (with instructions as to how to do this). The source code was updated and essentially all functionality was removed but the installer will now just show a message similar to the one displayed on the homepage
Open Source Crypto TrueCrypt Disappears With Suspicious Cloud Of Mystery(Forbes) Encryption is a silent, unsung hero of our modern connected society . From protecting your sensitive details when you log on to Internet banking to protecting data on your laptop or mobile phone if it is lost or stolen, 'crypto' (the oft used shortened version of encryption) is a supporting pillar of the global economy and most of the digital world we all touch day to day. Establishing trust in crypto (and thus in technology as a whole), now more than ever with the revelations of the past 18 months, is difficult and the following news therefore potentially comes as a significant blow to online privacy and security. Or as some in the industry would put it, or is it?
HeartBleed Virus Removal Tool Actually Carries a Trojan(Softpedia) You can't blame anyone for not knowing malware from OpenSSL flaws in the same way you can't accuse Einstein of not figuring it all out before he expired. Case in point, a new spam campaign is trying to dupe Windows users into running a so-called HeartBleed Bug/Virus Removal Tool to clean their computers
Remotely Exploitable Flaws Haunt Lawful Intercept Surveillance Gear(Threatpost) The small, but growing, group of companies that supply so-called lawful intercept gear to intelligence agencies and law enforcement organizations around the world have operated mostly under the radar until very recently. Their products are used to record and scrutinize the communications of suspected criminals and terrorists, but now they're finding that their products are coming under scrutiny by the security research community
Scrape FAST, Find'em Cards EASY!(TrendLabs Security Intelligence Blog) While researching POS RAM scraper malware, I came across an interesting sample: a RAR archive that contained a development version of a POS RAM Scraper malware and a cracked copy of Ground Labs' Card Recon software. Card Recon is a commercial Data Leakage Prevention (DLP) product used by merchants for PCI compliance
eBay subdomains vulnerable to XSS attacks, researchers find(SC Magazine) While eBay responds to a major breach impacting its users, researchers warn that other security concerns should be on the company's list of issues to resolve — namely, cross-site scripting (XSS) flaws impacting its website
Data Thieves Not Satisfied With Just Payment Data Anymore(PYMNTS) Payment card data continues to be the prime target for data compromises, but increasingly thieves are starting to go after other types of personal and valuable data to steal, according to a new report from security firm Trustwave
Security Patches, Mitigations, and Software Updates
Siemens Fixes DOS Flaw in Rugged OS Devices(Threatpost) Siemens has patched a denial-of-service vulnerability that affected many versions of its Rugged Operating System, software that runs on some of the company's RuggedCom switches and serial-to-ethernet devices
Important Notice to Our Users(Spotify) We've become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps we're taking in response. As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify and that is why I'm posting today
Hackers are winning the cyber crime war, says new study(TechTimes) The cyber war is going well, at least if you are one of the hackers, states a new study published by the California business consulting firm PwC, the United States Secret Service, the CERT Division of Carnegie Mellon University's Software Engineering Institute and CSO security news magazine
The Half-Baked Security Of Our 'Internet of Things'(Forbes) It is a strange series of events that link two Armenian software engineers; a Shenzen, China-based webcam company; two sets of new parents in the U.S.; and an unknown creep who likes to hack baby monitors to yell obscenities at children. "Wake up, you little slut," the hacker screamed at the top of his digital lungs last summer when a two-year-old in Houston wouldn't stir; she happened to be deaf. A year later, a baby monitor hacker struck again yelling obscenities at a 10-month-old in Ohio
2013 Incident Summary(New Zealand National Cyber Security Centre) The incidents summarised in this report reinforce that cyber security is truly a global issue, and New Zealand organisations are just as vulnerable as organisations in any other part of the world
8 key cybersecurity deficiencies and how to combat them(Help Net Security) While the number of cybercrime incidents and the monetary losses associated with them continue to rise, most U.S. organization' cybersecurity capabilities do not rival the persistence and technological skills of their cyber adversaries
The Most Powerful Security Companies In The World(Silicon India) Oracle: Oracle was previously into software vending until recently it acquired the Sun Microsystems, its main competitor, making it the owner of both hardware and software parts. Sun Microsystems is known for creating Java programming language and Oracle is gaining control over it in order to operate all the patch updates and security advisories on it
Antivirus Software Might Be Dead, But Symantec Certainly Is Not(The Motley Fool) Symantec (NASDAQ: SYMC) is a consumer antivirus software manufacturer that is, perhaps, best known for its flagship Norton Antivirus. Sales of the company's Norton brand have stagnated in the last couple of years, a trend that prompted one of its executives to publicly declare that antivirus software is dead. But, make no mistake, the cyber-security industry is still valued at $70 billion per year
WidePoint — A Prime Acquisition Target Due To Triple; $6.50 Price Target(Seeking Alpha) WidePoint (WYY) has a low market cap of $112 million and recently won three government contracts worth a combined $670 million. Poised to benefit from outstanding growth within the cloud-mobility and security market, WYY is an attractive acquisition target because of its cheap valuation and strong growth outlook
Senate Defense Bill Unearths NSA 'Sharkseer' Program(Nextgov) Highlights from the Senate Armed Services Committee's new defense policy bill show lawmakers would like to drop $30 million on an obscure National Security Agency cybersecurity program called Sharkseer
Target gets serious about its digital transformation(FierceRetailIT) Target (NYSE:TGT) has formed a digital advisory group to assist as it tries to fight back from the very damaging data breach and mismanaged Canadian market entry. The Minneapolis-based retailer has enlisted technology executives from outside the traditional retail space to help chart a path along its digital transformation
FireHost Names Two New Execs(Texas Tech Pulse) Dallas-based secure cloud hosting provider FireHost reported this morning that it has added two new executives, as part of a leadership expansion. FireHost said it has named Jeff Schilling as Chief Security Officer (CSO) and Jim Hilbert as Senior Vice President of Global Sales
HackerOne Bug Bounty Platform Lands Top Microsoft Security Expert(Threatpost) With bug bounties being all the rage, the platforms that support them are emerging as important pieces of the security research, disclosure and reward ecosystem. One of those platforms, HackerOne, has scored a major coup in hiring Katie Moussouris, the driving force behind Microsoft's bounty program, to oversee its policy and disclosure philosophy and work with customers on the intricacies of vulnerability disclosure
Cyber-security expert Brian E Finch joins Pillsbury as a public practices partner(The Lawyer) Pillsbury has announced the appointment of Brian E Finch, a leading authority in cyber security, as a partner in the public practices section in Washington DC, where he will represent major corporations in their public policy and their global security strategy and compliance needs. Finch joins Pillsbury from Dickstein Shapiro, where he led the global security practice in the firm's government law and strategy group
Products, Services, and Solutions
Some Antivirus Tools Wildly Effective Against Zero-Day Malware(PC Magazine) A Trojan or other malicious program that's been analyzed by antivirus researchers is very easy to detect and block. Antivirus programs handle such threats using a kind of file fingerprint known as a signature. In many cases, a single well-crafted signature can match a whole family of related malware. The real problem involves detecting zero-day threats; malware or malware variants that have never been seen before. In a recent test by AV-Test Institute, several antivirus tools proved wildly effective against zero-day threats, while others failed miserably
SwishData Launches "Hacked: The Series", a Government Cyber Security Campaign(Digital Journal) SwishData, a woman-owned group of leading data performance architects for the federal marketplace, today announced the launch of a new online resource called "Cyber Attack Defenders," which shines a light on the real dangers and realities that federal agencies face when it comes to cyber security
Is FedRAMP the Final Answer?(FedTech) The cloud security program is a good first start, but adoption must extend beyond the government, experts say
Schwartz: Cybersecurity framework gaining foothold(FierceGovernmentIT) The federal cybersecurity framework released earlier this year is helping critical infrastructure sectors that previously lagged catch up to those with more expertise, said Ari Schwartz, a White House cybersecurity official
Mobile security: Is antimalware protection necessary?(TechTarget) There's been a fair amount of discussion about whether mobile devices need antimalware protection. With my employees using their own devices at work, for work, I want to make sure my company is adequately protected. Is the antimalware investment a necessary one? If not, is there a better product to use?
Stave off infection: Assessing the best antimalware protection(TechTarget) It seems every security vendor claims it has the unique capability to find and stop (or at least minimize the impact of) advanced malware, which can be loosely defined as "anything your existing antimalware product doesn't catch, but probably not including old viruses and worms that we don't really care about"
Army cyber chief wants more failure(FCW) Lt. Gen. Edward Cardon says a freer attitude toward experimentation would yield better results for Army Cyber Command.
It's a common refrain in the development world these days — developers need the freedom and space to fail faster. The agile way of thinking is reaching into the tradition-bound U.S. Army, at least at the level of its top cyber commander, Lt. Gen. Edward Cardon
Risk management issues, challenges and tips(Help Net Security) Gary Alterson, is the Senior Director, Risk and Advisory Services at Neohapsis. In this interview he discusses the most significant issues in risk management today, offers tips on how to develop a risk management plan, and more
Online gaming threats and protection tips(Help Net Security) In this podcast, recorded at Infosecurity Europe 2014, Christopher Boyd, Malware Intelligence Analyst at Malwarebytes, talks about online scams and phishing attacks, specifically those related to protected Steam accounts
Principles of compliance in the financial services industry(ComputerWeekly) The financial services sector is subject to multiple and complex legal and regulatory compliance requirements that span international boundaries — all of which have implications for storage, backup and the security and integrity of data
Cyber Threats: Net Psychology(iHLS) Artificial intelligence researchers are constantly trying to teach machines to think like humans. Despite all their efforts, though, there's a massive gap between human and machine psychology. An Israeli startup recently began using these differences to form a new, refreshing model of information security
Quantum Cryptography with Ordinary Equipment(IEEE Spectrum) Researchers in Japan have come up with a way of doing quantum cryptography that could overcome two of the technology's big problems. The new protocol is designed to work with off-the-shelf equipment and use less bandwidth than existing methods. It's just a mathematical proposal, but it could help make quantum key distribution more commercially viable
'Black Box' Software Could Be the Future of Cryptography(Motherboard) Imagine trying to throw a dart at a bullseye that's 200 feet away with only your bare hands. Now, add a blindfold to the equation. Theoretically, it might be possible. But practically, it's pretty much impossible—about the same odds as trying to break a new form of software protection called indistinguishability obfuscation
China tries to limit damage from cyber spying spat(Fort Mill Times) China tried Wednesday to cool a dispute with Washington over cyber spying, reminding the United States of its need for Chinese help over North Korea and appealing to it not to hurt cooperation in anti-terrorism and other areas
China Says U.S. Also Engages in Hacking(Wall Street Journal) A Chinese government report accused the U.S. of Internet surveillance into the highest levels of its leadership and key national institutions, in the latest response from Beijing to the Obama administration's efforts to punish alleged state-sponsored hacking from China. The report by the China Internet Media Research Center published Monday described China as "a main target" of U.S. secret surveillance and said Washington has eavesdropped on its state leaders, scientific institutes, universities
Senator urges parliamentary oversight of national security services(Ottawa Citizen) In the wake of revelations about the breadth of electronic spying by the U.S. National Security Agency, Sen. Hugh Segal says Canada needs a parliamentary intelligence oversight committee for Canada's security services, such as Communications Security Establishment Canada and the Canadian Security Intelligence Service. He, and others, argued the point at a public meeting of the Senate Liberal caucus Wednesday
Slovenia establishes anti-cyber-attack unit(Xinhua via Global Post) Slovenia's armed forces has established a special unit that will be responsible for the security of cyber system of the nation, Slovenian Press Agency reported on Wednesday
White House staff, Obama's top military adviser disagree on cyber strategy(Inside Cybersecurity) White House officials and President Obama's top military adviser disagree about whether the United States has a coherent national strategy to address cyber threats. The rift surfaced when Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, recently voiced concerns at the Atlantic Council about the nation's lack of preparedness for a cyber attack, cited strategic shortcomings and assigned blame to Congress
Data Brokers: A Call for Transparency and Accountability(US Federal Trade Commission) In today's economy, Big Data is big business. Data brokers—companies that collect consumers' personal information and resell or share that information with others—are important participants in this Big Data economy
Discontent in Defense Sector Over Export Controls(National Defense) Aerospace and defense firms have cheered the Obama administration's five-year effort to overhaul the U.S. export licensing system at a time when American manufacturers seek international growth
Germany drops NSA prosecution due to lack of evidence(PCWorld) Data protection officials are bewildered by the German federal prosecutor's decision not to start a criminal investigation into the alleged mass surveillance of German citizens by the U.S. National Security Agency
Jason Jordaan: Corruption fuels SA cyber crime(ITWeb) Rampant corruption in SA is fuelling the problem of cyber crime. So said Jason Jordaan, head of forensic laboratory at the Special Investigating Unit (SIU) in SA, who was delivering a keynote at the ITWeb Security Summit this morning
Watchdog puts UK gov IT on RED alert. Yes, that's a bad thing(Channel Register) The UK government's "G-Cloud" project is one of more than 20 IT-related government-run projects that have been given a "red" or "amber/red" status by the Major Projects Authority (MPA), a watchdog that oversees government projects
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CANSEC(, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display.
Maryland Cybersecurity Roundtable(Hanover, Maryland, USA, May 29, 2014) U.S. Senator Barbara A. Mikulski and Governor Martin O'Malley will launch the Maryland Cybersecurity Roundtable on Thursday, May 29, at 1:30 p.m., at The Hotel at Arundel Preserve, Hanover, Md. They'll...
Area41(, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
NSA SIGINT Development Conference 2014(, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
AFCEA Presents: Insider Threat to Small Business(Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.