Inquiries into the denial-of-service campaign sustained by sites catering to Hong Kong's pro-democracy dissidents increasingly (and unsurprisingly) unearth what seems a Chinese government operation. FireEye finds binaries that indicate either government sponsorship or attackers' reliance on some "common quartermaster" that also supplies the security organs.
BlackEnergy continues to evolve into more sophisticated and dangerous forms. Kaspersky finds the crimeware kit has extended its reach not only into Windows and Linux systems, but into Cisco routers as well. Infections have turned up in at least twenty countries, and BlackEnergy's capabilities now include spying (of course) and also sabotage (rendering systems unbootable). Most observers still link the Sandworm use of BlackEnergy to the Russian government.
Pay card security issues lead vendors to look for replacements of traditional magnetic strip cards, but new approaches are themselves showing some holes. Newcastle University researchers report flaws in Visa's contactless payment system. Criminals can bypass the PIN required for large transactions by simply changing the currency unit and applying some plausible geolocation tradecraft (hacking where a foreign currency transaction seems legitimate, like an international airport terminal).
More details emerge on the OS X "Rootpipe" vulnerability.
Syracuse University researchers warn that some HTML5 mobile apps are susceptible to code injection attacks.
Symantec sees a rise in Poweliks fileless Trojan infections.
SINET announces the SINET 16: its selection of the top emerging cyber security companies.
A McAfee-sponsored study finds many admins disable next-generation-firewall features to improve sluggish network performance.
The black market increasingly turns to Bitcoin alternative Darkcoin.
Today's issue includes events affecting Belgium, China, France, Germany, Libya, Nigeria, Philippines, Poland, Russia, Sweden, Thailand, Turkey, Ukraine, United Kingdom, United States, and Vietnam.
The CyberWire will cover the National Initiative for Cybersecurity Education Conference this week, offering special issues on November 5, 6, and 7.
BlackEnergy APT Has a Rich List of Plug-ins for Windows and Linux(Softpedia) Known for being used in cyber espionage operations as well as in financially driven campaigns, BlackEnergy advanced persistent threat (APT) has an entire infrastructure behind it and an adept group, known as Sandworm, customizing its functionality for a given mission
Fileless Trojan Poweliks Virus on the Rise(Computer Business Review) Backdoor enabler delivered through phoney postal service spam. A fileless trojan virus that hides inside a registry key is becoming increasingly prevalent according to the security company Symantec
Exposed Corporate Credentials on the Open Web, a Real Security Risk(Recorded Future) Last Friday, a New York Times article described how the recent online attack against JPMorgan was possibly connected to a data breach on a third-party website. The target mentioned in the article is Corporate Challenge, a company that organizes charitable races sponsored by JPMorgan
The psychology of Facebook scam victims(Help Net Security) A two-year study of over 850,000 Facebook scams by antivirus software provider Bitdefender has revealed that scammers have infected millions of users with the same repackaged tricks. The in-depth study was conducted on scams spreading across the UK, the US, Europe and beyond
Security Patches, Mitigations, and Software Updates
2015 Predictions: The Invisible Becomes Visible(TrendLabs Security Intelligence Blog) 2014 brought with it many significant additions to the technology landscape. These put new capabilities into the hands of users and companies that allowed them to do things that they would not have thought possible before. However, these same changes also aid threat actors: threats can now come from unexpected vectors, and augment the existing capabilities that attackers already possess
Prelert Aiming To Make Its Mark In Advanced Security Analytics(CRN) A new crop of emerging advanced security analytics vendors are promising to exceed security and information event management platforms and provide the visibility and context that incident responders need to investigate the riskiest threats to the network
Alcatel-Lucent adjusts cyber security strategy with Thales sale(Telecoms) Defence specialist Thales has confirmed the acquisition of Alcatel-Lucent's cyber security services and solutions division, as well as its communications security activities. In a strategic partnership, the two organisations claim the expertise of each will provide holistic, secure communications services
Company news: Big moves at Veracode, Malwarebytes and CipherCloud(SC Magazine) Prevendra, a Woodinville, Wash.-based security company, launched its Red Folder web application that allows users to put their important information behind a protected portal. This information can also be retrieved by a designated contact in case of emergency
Vintz Joins Executive Team to Help Tenable Scale for Next Phase of Growth(Tenable) Tenable Network Security®, Inc., the leader in continuous network monitoring, has appointed Steve Vintz as chief financial officer. An accomplished leader in financial, operational and strategic planning for high-growth companies in the technology industry, Vintz will have a critical role in leading Tenable to its next stage of growth. Vintz will have worldwide responsibility for finance, legal, human resources, corporate communications and information technology and will report to CEO Ron Gula
Spotting Malicious Injections in Otherwise Benign Code(Sucuri Blog) Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every day we scan through megabytes of HTML, JS and PHP. It's quite easy to miss something bad, especially when it doesn't visually stick out and follows patterns of a legitimate code
Using Relative Metrics to Measure Security Program Success(SecurityWeek) In my previous column, I discussed the "So What Factor", which reminds us that we must know our audience. Many of the people we interact with professionally will not be as enamored by the beauty or elegance of a technical solution as we are. Instead, they will be more concerned with consequences, effects, and results. As such, it's important to remember to communicate appropriately towards those ends
Making the Case for Application Security(Security Intelligence) Many of the most important assets organizations own are in the form of information. These include intellectual property, strategic plans and customer data. As we have seen in recent news reports, the cost of a data breach can be significant. Interestingly, one of the main areas of weakness in organizations' IT infrastructures occurs where people don't expect it — in the application layer
Cars, toasters, medical devices add to DHS' cyber headaches(Federal News Radio) Cars, medical devices and even toasters are among the facets of life that are quickly becoming Internet based. This is why the Homeland Security Department already is working on cybersecurity technologies for these and many other everyday devices
A New Kind of Atom Trap Chip for Quantum Computers(IEEE Spectrum) Ultracold atoms have long been on the list of potential parts for quantum computers. Early experiments were done with tabletop experimental gear, more recently, but researchers have also designed chips on which these atoms can be trapped and cooled to near absolute zero. (Some such chips even achieved the strange physical state known as a Bose Einstein condensates.) However, even the chip-based traps had to be surrounded by a complicated sets of coils to create the required magnetic field for trapping them
NSA director: US needs Silicon Valley's expertise(AP via the San Diego Union-Tribune) U.S. intelligence depends on Silicon Valley innovation for technologies that strengthen the Internet and staff to provide national cybersecurity, National Security Agency director Mike Rogers told Stanford University professors and students Monday
As cyber force grows, manpower details emerge(Defense News) The military will need to expand its force of cyber warriors beyond plans for 6,200 personnel, and the individual services are hammering out the manpower-related details of precisely how to build that force from the ground up, according to a new Pentagon report
Litigation, Investigation, and Law Enforcement
Security contractor breach not detected for months(AP via KLTV 7) A cyberattack similar to previous hacker intrusions from China penetrated computer networks for months at USIS, the government's leading security clearance contractor, before the company noticed, officials and others familiar with an FBI investigation and related official inquiries told The Associated Press
Online Drug Dealers Are Now Accepting Darkcoin, Bitcoin's Stealthier Cousin(Wired) When the cryptocurrency darkcoin launched earlier this year, it distinguished itself from dozens of bitcoin copycats by promising to keep users' transactions far more anonymous than its predecessor. Now that promise is being tested in the Internet's fastest-growing proving ground for privacy technologies: the online black market for drugs
In Klayman v. Obama, EFF Explains Why Metadata Matters and the Third-Party Doctrine Doesn't(EFF) How can the US government possibly claim that its collection of the phone records of millions of innocent Americans is legal? It relies mainly on two arguments: first, that no one can have a reasonable expectation of privacy in their metadata and second, that the outcome is controlled by the so-called "third party doctrine," which says that no one has an expectation of privacy in information they convey to a third party (such as telephone numbers dialed). We expect the government to press both of these arguments on November 4, before the D.C. Circuit Court of Appeals. We look forward to responding
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
FS-ISAC EU Summit 2014(London, England, UK, November 3 - 5, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
POC2014(Seoul, Republic of Korea, November 4 - 7, 2014) POC (Power of Community) started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates...
Bay Area SecureWorld(Santa Clara, California, November 5, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...
Open Source Digital Forensics Conference 2014(Herndon, Virginia, USA, November 5, 2014) This conference focuses on tools and techniques that are open source and (typically) free to use. It is a one day event with short talks packed with information. There are both tool developers and users...
Managing BYOD & Enterprise Mobility USA 2014(San Francisco, California, USA, November 5 - 6, 2014) The Managing BYOD & Mobility USA 2014 conference will provide a unique networking platform, bringing together top executives from USA and beyond. They come together not only to address mobility challenges...
NICE 2014 Conference and Expo(Columbia, Maryland, USA, November 5 - 6, 2014) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. An ecosystem of technology providers, policy makers, legal expertise, banking, insurance, devices,...
RiseCON 2014(Rosario, Santa Fe, Argentina, November 6 - 7, 2014) Rosario Information Security Conference: es el primer y mayor evento de seguridad informática y hacking realizado en la ciudad de Rosario, con nivel y trascendencia internacional
Israel HLS 2014(Tel Aviv, Israel, November 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience.
i-Society 2014(London, England, UK, November 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society,...
Seattle SecureWorld(Seattle, Washington, USA, November 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
THREADS Conference 2014(Brooklyn, New York, USA, November 13, 2014) A 2-day conference exploring state-of-the-art advances in security automation. We will present new research and innovations on integrating security into modern software development and operations, focusing...
ZeroNights 2014(Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest...
Cyber Security Awareness Week Conference(New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.