As Russia sleeps the sleep of repletion before further feedings on the near abroad, FireEye notes an interesting trend: a spike in malware callbacks to command-and-control servers as tension between Russia and Ukraine increased—probably worth adding to any list of indicators and warnings.
Iranian security services made effective use of both social media and front news organizations in recent espionage campaigns, but over-reached in their construction of fake identities: they impersonated former UN ambassador John Bolton, spent months cultivating trust with a (well-selected) US Baha'i advocate, connected through LinkedIn, but were blown by Google who warned the victim that someone from Tehran had tried to break into her Gmail account.
Investigators and researchers continue to work on two mysteries: how is the "Oleg Pliss" ransomware getting on iPhones, and what is actually up with TrueCrypt?
South- and Southwest-Asian hacktivists resume exploitation of targets-of-opportunity.
BitSight rates sectors on cyber security. From best to worst, they're finance, retail, energy utilities, and then healthcare and pharma.
Former US Defense Secretary and ex-DCI Gates says France is as big a cyber industrial espionage threat as China. Where there are advanced technological capabilities in a dirigiste political economy, there's also the likelihood of industrial espionage.
China continues to kick back at US indictment of PLA officers, suggesting evidence was fabricated.
NSA releases an email exchange between Snowden and its General Counsel. Snowden's email is so muted it hardly counts as whistleblowing. Perhaps IGs and OGCs should work on their ability to discern and read subtext?
Today's issue includes events affecting Australia, Belarus, China, European Union, France, India, Iran, Israel, Kazakhstan, Pakistan, Russia, Turkey, Ukraine, United Kingdom, United States..
Russia, Kazakhstan, Belarus form Eurasian Economic Union(Washington Post) Russian President Vladimir Putin moved Thursday to further bolster his nation's ties to former Soviet republics, as Russia's relationships with the United States and Europe continue to fray over the conflict in Ukraine
'Oleg Pliss' hack makes for a perfect teachable IT moment(Computerworld via CSO Salted Hash) Earlier this week, a number of iOS device owners woke up to discover that someone had locked them out of the iPhones, iPads, and iPod touches. The attack, primarily aimed at users in Australia and New Zealand (though there are now reports of users in North America and other countries being hit), demanded a ransom be paid to unlock each device. Ironically, the PayPal account referenced in the demand did not seem to even exist
TrueCrypt quits? Inexplicable(ZDNet) Nobody has a good explanation yet for what happened to the generally respected TrueCrypt project, which yesterday announced itself insecure and sent its users to Microsoft
With Heartbleed as a wake up, what is a Man-in-the-Middle (MITM) attack?(The Next Web) You grab your coffee, connect to the coffee shop's Wi-Fi and begin working. You've done this a hundred times before. Nothing seems out of the ordinary, but someone is watching you. They're monitoring your Web activity, logging your bank credentials, home address, personal email and contacts — and you won't know it until it's too late
Misconfiguration to blame for most mobile security breaches(Help Net Security) Nearly 2.2 billion smartphones and tablets will be sold to end users in 2014 according to Gartner, Inc. While security incidents originating from mobile devices are rare, Gartner said that by 2017, 75 percent of mobile security breaches will be the result of mobile application misconfiguration
Monsanto Suffers Data Breach at Precision Planting Unit(Threatpost) Monsanto, the massive international agricultural conglomerate, has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary. The breach included names, addresses, possibly Social Security numbers and some financial account information
Avast and Simple Machines Spat Ends in Collaboration(CBR) Dispute over cyber attack prompted questions over third-party software. Simple Machines is now working with Avast to analyse the recent cyber attack that compromised the details of 400,000 forum users, following a public dispute between the two companies over the nature of the breach
Fake Australian Electric Bill Leads to Cryptolocker(Internet Storm Center) Our reader Mark sent us a link he recovered from a Phishing e-mail. We don't have the e-mail right now, but the web site delivering the malware is kind of interesting in itself. The e-mail claims to come from "Energy Australia", an actual Australian utility company
Inside the malware war zone(Help Net Security) Adam Kujawa is the Head of Malware Intelligence for Malwarebytes. In this interview he talks about the evolution of malware in the past decade, illustrates the differences in global malware based on the point of origin, highlights the events that changed the threat landscape, offers insight about future threats, and more
Hacking for the greater good(Help Net Security) As long as people write code, they will write code with flaws, says Katie Moussouris, former Senior Security Strategist Lead at Microsoft Security Response Center and, as of today, Chief Policy Officer of HackerOne, the company that partially hosts the Internet Bug Bounty
The Cyberspace Landscape Of India Is Changing(Ground Report) The recent cyber security updates by Perry4Law and PTLB have indicated that there has been an extraordinary surge in the cyber attacks at a global level. Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc have been messing up with computer systems located in different parts of the world
Healthcare industry lags in security effectiveness(Help Net Security) BitSight analyzed Security Ratings for S&P 500 companies in four industries — finance, utilities, retail and healthcare and pharmaceuticals. The objective was to uncover quantifiable differences in security performance across industries from April 2013 through March 2014
Strategic security acquisitions: What makes sense?(Help Net Security) Thanks to a steady stream of high-profile data breaches, a rapidly shifting threat environment, and the recent indictment of 5 members of Chinese People's Liberation Army "Unit 61398" for state-sponsored espionage, security is top-of-mind, even in the boardroom
Proofpoint: Fundamentals Suggest Still More Downside(Seeking Alpha) Proofpoint Inc. (PFPT) a hot cloud-based network security play, is trading at a gravity-defying valuation on the back of strong adoption of the company's TAP (Targeted Attack Protection) solution, gaining share from legacy solutions and upselling in its existing customer base. Recently, the stock has corrected with the broader equity markets, but fundamentals suggest more downside from here
Cyber security fears drive Palo Alto(Financial Times) Shares of Palo Alto Networks, the cyber security software maker, surged after the company said fiscal third-quarter sales topped Wall Street expectations and it had settled an outstanding lawsuit with Juniper Networks
Business Buzz: Raytheon Benefits From the Government's Cyber Threats(InTheCapital) As lawmakers on Capitol Hill continue to struggle with an answer to the growing threats against America's cyber security, one of the largest government contractors is cashing in. Raytheon, the gigantic defense electronics and missile systems company, is expecting a surge in stock pricing
Products, Services, and Solutions
Lookout Mobile Security's 'Theftie' App Designed To Combat Smartphone Theft(Industry Leaders) With smartphone thefts becoming rampant, legislators and the telecommunications industry continue to wait for the implementation of a cell phone kill switch, as a possible solution. But a San Francisco-based mobile security firm Lookout is providing other ways to address the problem
Do Lookout's 'Theftie' Photo Alerts Violate Privacy?(Wall Street Journal) Mobile security firm Lookout on Wednesday unveiled a new tool for tracking down potential phone thieves: the "theftie," a covert snapshot of someone using your phone in a suspicious manner
CYREN Launches New Service to Combat Phishing Attacks(IT Business Net) CYREN (NASDAQ: CYRN), a leading provider of cloud-based security solutions, today launched its CYREN URL Phishing Feed, a powerful new service that allows its web and email security partners to block phishing sites before they reach unsuspecting end users
FireEye Announces General Availability of Network Threat Prevention Platform With IPS(MarketWatch) FireEye, Inc. FEYE -0.38%, the leader in stopping today's advanced cyber attacks, today announced that it will offer the FireEye Network Threat Prevention Platform with IPS to customers worldwide starting June 2, 2014. Available as an add-on license to the FireEye Network Threat Prevention Platform (NX series), the new offering is designed to give customers a holistic view of multi-vector attacks that go well beyond conventional intrusion prevention system (IPS) tools
Webfwlog Firewall Log Analyzer v1.0 Released(ToolsWatch) Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP®. Webfwlog also supports logs saved in a database using the ULOG or NFLOG targets of the linux netfilter project, or any other database logs mapped with a view to the ulogd schema. Versions 1 and 2 of ulogd database schemas are supported. Webfwlog is licensed under the GNU GPL
Biometric tool prevents fraud(Help Net Security) BioCatch launched its eCommerce fraud prevention solution. The new tool uses behavioral biometric analysis to detect suspicious behavior and authenticate repeat customers, while reducing customer friction associated with additional security verifications and checks
Banks: How to Improve Threat Detection(BankInfoSecurity) Banking institutions need to develop "day-to-day situational awareness" of the latest threats, says Vikram Bhat, a threat researcher at Deloitte and Touche, which just released a report about cybersecurity issues and awareness
How we patch: by the numbers(Talk Tech to Me) We all know how important it is to keep current with security updates, a.k.a. patches — but how many organizations are really following best practices? As attackers get more sophisticated and researchers become more diligent, vulnerabilities in popular software — from operating system to end-user applications and even including security software — are discovered every day. To their credit, software vendors are working overtime to stay on top of the problem and issue patches to fix these flaws as quickly as possible
Crypto won't save you(CSO) Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures and security usability. Having been part of the team that wrote the popular PGP encryption package, you'd expect that he'd put a lot of trust crypto
WordPress Security Checklist(Help Net Security) WordPress is not only easy to use, it also comes with many plugins and themes for you to choose from, making it extremely customizable. However, like all other popular platforms, it is also more prone to hacking
Operating in zero trust environments(ProSecurityZone) Dr Wieland Alge, Vice President and General Manager EMEA Barracuda Networks discusses zero trust environment infrastructures and the role of the CIO
NSA Keeping Watch On FAU(Boca News Now) The NSA is watching FAU and the agency likes what it sees. According to the school, Florida Atlantic University has been designated as a National Center of Academic Excellence in Information Assurance/Cyber Defense Research (CAE-R) for academic years 2014-19 by the National Security Agency (NSA) and the Department of Homeland Security (DHS)
China Hacking Is Deep and Diverse, Experts Say(Wall Street Journal) China's Internet espionage capabilities are deeper and more widely dispersed than the U.S. indictment of five army officers last week suggests, former top government officials say, extending to a sprawling hacking-industrial complex that shields the Chinese government but also sometimes backfires on Beijing. Some of the most sophisticated intruders observed by U.S. officials and private-sector security firms work as hackers for hire and at makeshift defense contractors, not the government, and aren't among those named in
Edward J. Snowden email inquiry to the NSA Office of General Counsel(IC on the Record) NSA has now explained that they have found one email inquiry by Edward Snowden to the Office of General Counsel asking for an explanation of some material that was in a training course he had just completed. The e-mail did not raise allegations or concerns about wrongdoing or abuse, but posed a legal question that the Office of General Counsel addressed
UPDATE 1-Snowden: "no relationship" with Russian government(Reuters) Former U.S. National Security Agency contractor Edward Snowden told a U.S. television interviewer on Wednesday he was not under the control of Russia's government and had given Moscow no intelligence documents after nearly a year of asylum there
Thieves Planted Malware to Hack ATMs(Krebs on Security) A recent ATM skimming attack in which thieves used a specialized device to physically insert malicious software into a cash machine may be a harbinger of more sophisticated scams to come
The legal tools for dealing with a cyber-attack(Lexology) Late last year, a group of information security experts gathered with government officials to hack into the deep intestinal computers of London's financial district. The purpose of the exercise, dubbed "Waking Shark II", was to test whether the UK's banks and stock exchanges — that is to say, the UK financial system — could withstand a major cyber-security attack
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security Startup Speed Lunch DC(Washington, DC, USA, July 22, 2014) Our goal is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology...
Cyber Security Summit 2014(, January 1, 1970) Cyber security breaches have a profound impact on all areas of society. Join the discussion at Cyber Security Summit 2014. For two days, leaders from the public and private sectors meet to identify cyber...
Area41(, January 1, 1970) Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks.
The Device Developers' Conference: Manchester(Manchester, England, UK, June 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
NSA SIGINT Development Conference 2014(, January 1, 1970) This classified conference will focus on the preeminent intelligence issues facing those who are tasked with SIGINT as part of their mission. Over 1500 participants from the US intelligence community and...
Cyber Security Summit(Huntsville, Alabama, USA, June 4 - 5, 2014) The North Alabama Chapter of the Information Systems Security Association and Cyber Huntsville Corporation are hosting the 6th annual Cyber Security Summit June 4-5 in the South Hall of the Von Braun Center.
AFCEA Presents: Insider Threat to Small Business(Fairfax, Virginia, USA, June 5, 2014) One of the biggest myths is that "I'm too small for cyber attackers to care about me." This common misperception leads to tremendous vulnerabilities as companies do not understand implications for their...
The Device Developers' Conference: Scotland(Uphall, Scotland, UK, June 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn...
The 2014 Cyber Security Summit (DC Metro)(Tysons Corner, Virginia, USA, June 5, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their inaugural DC Metro event. The event will connect C-Level & Senior Executives responsible...
MIT Technology Review Digital Summit(, January 1, 1970) The MIT Technology Review Digital Summit examines tomorrow's digital technologies and explains their global impact on both business and society. You'll get insider access to the innovative people and companies...
Cyber 5.0 Conference(Laurel, Maryland, USA, June 10, 2014) The mission of the Cyber Conference is to provide a forum for small and mid-sized businesses in Howard County and the region to access industry and government leaders with current information on cybersecurity...
Global Summit on Computer and Information Technology(, January 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer...
NRC Cyber Security Seminar/ISSO Security Workshop(Bethesda, Maryland, USA, June 16, 2014) NRC will be hosting its second NRC Semi-Annual All-Hands ISSO Workshop. This workshop will consist of computer security policy, standards, cybersecurity, guidance, FISMA compliance, and training updates.
2014 Spring National SBIR Conference(Washington, DC, USA, June 16 - 18, 2013) SBIR/STTR programs are the nation's largest source of early stage / high risk R&D funding for small business. At this conference you'll learn how to participate and compete for funding in these two programs...
MeriTalk's Cyber Security Brainstorm(Washington, DC, USA, June 18, 2014) This second annual event will take place on Wednesday, June 18 2014 at the Newseum in Washington D.C. The event will bring together Federal cyber security experts to share best practices, collaborate on...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
SANSFIRE(Baltimore, Maryland, USA, June 21 - 30, 2014) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2014 is not just another training event. It is our annual "ISC Powered" event.
26th Annual FIRST Conference(Boston, Massachusetts, USA, June 22 - 27, 2014) The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams...
Gartner Security & Risk Management Summit 2014(National Harbor, Maryland, US, June 23 - 26, 2014) The Gartner Security & Risk Management Summit is the only time when the entire Gartner analyst and security and risk management community come together in one location to bring the latest research, insights...
AFCEA International Cyber Symposium(Baltimore, Maryland, USA, June 24 - 25, 2014) National security is continuously being redefined as awareness of the cyberspace domain evolves. Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.